Marcus Updateinfo to OVAL Converter5.52026-04-14T07:01:44Mesa-23.3.4-7.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the Mesa-23.3.4-7.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-5068 at SUSECVE-2019-5068 at NVDcpe:/o:suse:sl-micro:6.0NetworkManager-1.42.6-5.14 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the NetworkManager-1.42.6-5.14 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-7246 at SUSECVE-2006-7246 at NVDCVE-2015-2924 at SUSECVE-2015-2924 at NVDCVE-2016-0764 at SUSECVE-2016-0764 at NVDCVE-2018-1000135 at SUSECVE-2018-1000135 at NVDCVE-2018-15688 at SUSECVE-2018-15688 at NVDCVE-2020-10754 at SUSECVE-2020-10754 at NVDCVE-2020-13529 at SUSECVE-2020-13529 at NVDCVE-2021-20297 at SUSECVE-2021-20297 at NVDcpe:/o:suse:sl-micro:6.0aaa_base-84.87+git20230815.cab7b44-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the aaa_base-84.87+git20230815.cab7b44-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2011-0461 at SUSECVE-2011-0461 at NVDcpe:/o:suse:sl-micro:6.0accountsservice-22.08.8-1.13 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the accountsservice-22.08.8-1.13 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-2737 at SUSECVE-2012-2737 at NVDCVE-2018-14036 at SUSECVE-2018-14036 at NVDcpe:/o:suse:sl-micro:6.0afterburn-5.4.1-1.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the afterburn-5.4.1-1.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-35905 at SUSECVE-2020-35905 at NVDCVE-2020-36465 at SUSECVE-2020-36465 at NVDCVE-2021-27378 at SUSECVE-2021-27378 at NVDCVE-2021-32714 at SUSECVE-2021-32714 at NVDCVE-2021-32715 at SUSECVE-2021-32715 at NVDCVE-2021-38191 at SUSECVE-2021-38191 at NVDCVE-2021-45710 at SUSECVE-2021-45710 at NVDCVE-2022-24713 at SUSECVE-2022-24713 at NVDcpe:/o:suse:sl-micro:6.0aide-0.18.6-1.5 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the aide-0.18.6-1.5 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2021-45417 at SUSECVE-2021-45417 at NVDcpe:/o:suse:sl-micro:6.0avahi-0.8-4.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the avahi-0.8-4.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-5461 at SUSECVE-2006-5461 at NVDCVE-2006-6870 at SUSECVE-2006-6870 at NVDCVE-2007-3372 at SUSECVE-2007-3372 at NVDCVE-2008-5081 at SUSECVE-2008-5081 at NVDCVE-2009-0758 at SUSECVE-2009-0758 at NVDCVE-2010-2244 at SUSECVE-2010-2244 at NVDCVE-2011-1002 at SUSECVE-2011-1002 at NVDCVE-2017-6519 at SUSECVE-2017-6519 at NVDCVE-2018-1000845 at SUSECVE-2018-1000845 at NVDCVE-2021-26720 at SUSECVE-2021-26720 at NVDCVE-2021-3468 at SUSECVE-2021-3468 at NVDCVE-2021-3502 at SUSECVE-2021-3502 at NVDCVE-2023-1981 at SUSECVE-2023-1981 at NVDCVE-2023-38470 at SUSECVE-2023-38470 at NVDCVE-2023-38472 at SUSECVE-2023-38472 at NVDCVE-2023-38473 at SUSECVE-2023-38473 at NVDcpe:/o:suse:sl-micro:6.0aws-cli-1.31.11-1.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the aws-cli-1.31.11-1.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-15869 at SUSECVE-2018-15869 at NVDcpe:/o:suse:sl-micro:6.0bash-5.2.15-2.57 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the bash-5.2.15-2.57 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-2524 at SUSECVE-2014-2524 at NVDCVE-2014-6271 at SUSECVE-2014-6271 at NVDCVE-2014-6277 at SUSECVE-2014-6277 at NVDCVE-2014-6278 at SUSECVE-2014-6278 at NVDCVE-2014-7169 at SUSECVE-2014-7169 at NVDCVE-2014-7186 at SUSECVE-2014-7186 at NVDCVE-2014-7187 at SUSECVE-2014-7187 at NVDCVE-2016-9401 at SUSECVE-2016-9401 at NVDcpe:/o:suse:sl-micro:6.0bcm43xx-firmware-20180314-3.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the bcm43xx-firmware-20180314-3.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-10370 at SUSECVE-2020-10370 at NVDcpe:/o:suse:sl-micro:6.0boost-license1_84_0-1.84.0-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the boost-license1_84_0-1.84.0-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2008-0171 at SUSECVE-2008-0171 at NVDcpe:/o:suse:sl-micro:6.0btrfsmaintenance-0.5-2.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the btrfsmaintenance-0.5-2.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-14722 at SUSECVE-2018-14722 at NVDcpe:/o:suse:sl-micro:6.0busybox-1.36.1-2.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the busybox-1.36.1-2.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2011-5325 at SUSECVE-2011-5325 at NVDCVE-2014-9645 at SUSECVE-2014-9645 at NVDCVE-2015-9261 at SUSECVE-2015-9261 at NVDCVE-2016-2147 at SUSECVE-2016-2147 at NVDCVE-2016-2148 at SUSECVE-2016-2148 at NVDCVE-2016-6301 at SUSECVE-2016-6301 at NVDCVE-2017-15873 at SUSECVE-2017-15873 at NVDCVE-2017-15874 at SUSECVE-2017-15874 at NVDCVE-2017-16544 at SUSECVE-2017-16544 at NVDCVE-2018-1000500 at SUSECVE-2018-1000500 at NVDCVE-2018-1000517 at SUSECVE-2018-1000517 at NVDCVE-2018-20679 at SUSECVE-2018-20679 at NVDCVE-2019-5747 at SUSECVE-2019-5747 at NVDCVE-2021-28831 at SUSECVE-2021-28831 at NVDCVE-2021-42373 at SUSECVE-2021-42373 at NVDCVE-2021-42374 at SUSECVE-2021-42374 at NVDCVE-2021-42375 at SUSECVE-2021-42375 at NVDCVE-2021-42376 at SUSECVE-2021-42376 at NVDCVE-2021-42377 at SUSECVE-2021-42377 at NVDCVE-2021-42378 at SUSECVE-2021-42378 at NVDCVE-2021-42379 at SUSECVE-2021-42379 at NVDCVE-2021-42380 at SUSECVE-2021-42380 at NVDCVE-2021-42381 at SUSECVE-2021-42381 at NVDCVE-2021-42382 at SUSECVE-2021-42382 at NVDCVE-2021-42383 at SUSECVE-2021-42383 at NVDCVE-2021-42384 at SUSECVE-2021-42384 at NVDCVE-2021-42385 at SUSECVE-2021-42385 at NVDCVE-2021-42386 at SUSECVE-2021-42386 at NVDCVE-2022-30065 at SUSECVE-2022-30065 at NVDCVE-2022-48174 at SUSECVE-2022-48174 at NVDcpe:/o:suse:sl-micro:6.0chkstat-1600_20240206-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the chkstat-1600_20240206-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-3687 at SUSECVE-2019-3687 at NVDCVE-2019-3688 at SUSECVE-2019-3688 at NVDCVE-2019-3690 at SUSECVE-2019-3690 at NVDCVE-2020-8013 at SUSECVE-2020-8013 at NVDCVE-2022-31252 at SUSECVE-2022-31252 at NVDcpe:/o:suse:sl-micro:6.0chrony-4.4-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the chrony-4.4-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-4502 at SUSECVE-2012-4502 at NVDCVE-2012-4503 at SUSECVE-2012-4503 at NVDCVE-2014-0021 at SUSECVE-2014-0021 at NVDCVE-2016-1567 at SUSECVE-2016-1567 at NVDCVE-2020-14367 at SUSECVE-2020-14367 at NVDcpe:/o:suse:sl-micro:6.0cifs-utils-7.0-2.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the cifs-utils-7.0-2.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-1059 at SUSECVE-2006-1059 at NVDCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0728 at SUSECVE-2010-0728 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2012-1586 at SUSECVE-2012-1586 at NVDCVE-2020-14342 at SUSECVE-2020-14342 at NVDCVE-2021-20208 at SUSECVE-2021-20208 at NVDCVE-2022-27239 at SUSECVE-2022-27239 at NVDcpe:/o:suse:sl-micro:6.0cloud-init-23.3-6.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the cloud-init-23.3-6.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-0816 at SUSECVE-2019-0816 at NVDCVE-2020-8631 at SUSECVE-2020-8631 at NVDCVE-2020-8632 at SUSECVE-2020-8632 at NVDCVE-2021-3429 at SUSECVE-2021-3429 at NVDCVE-2022-2084 at SUSECVE-2022-2084 at NVDCVE-2023-1786 at SUSECVE-2023-1786 at NVDcpe:/o:suse:sl-micro:6.0cni-1.1.2-4.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the cni-1.1.2-4.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2021-20206 at SUSECVE-2021-20206 at NVDCVE-2021-38561 at SUSECVE-2021-38561 at NVDcpe:/o:suse:sl-micro:6.0cni-plugins-1.3.0-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the cni-plugins-1.3.0-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-10749 at SUSECVE-2020-10749 at NVDCVE-2021-20206 at SUSECVE-2021-20206 at NVDcpe:/o:suse:sl-micro:6.0conmon-2.1.10-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the conmon-2.1.10-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-1708 at SUSECVE-2022-1708 at NVDcpe:/o:suse:sl-micro:6.0conntrack-tools-1.4.8-1.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the conntrack-tools-1.4.8-1.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-6496 at SUSECVE-2015-6496 at NVDcpe:/o:suse:sl-micro:6.0containerd-1.7.10-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the containerd-1.7.10-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-9962 at SUSECVE-2016-9962 at NVDCVE-2018-16873 at SUSECVE-2018-16873 at NVDCVE-2018-16874 at SUSECVE-2018-16874 at NVDCVE-2018-16875 at SUSECVE-2018-16875 at NVDCVE-2019-5736 at SUSECVE-2019-5736 at NVDCVE-2020-15157 at SUSECVE-2020-15157 at NVDCVE-2020-15257 at SUSECVE-2020-15257 at NVDCVE-2021-21334 at SUSECVE-2021-21334 at NVDCVE-2021-32760 at SUSECVE-2021-32760 at NVDCVE-2021-41103 at SUSECVE-2021-41103 at NVDCVE-2021-41190 at SUSECVE-2021-41190 at NVDCVE-2022-23471 at SUSECVE-2022-23471 at NVDCVE-2022-23648 at SUSECVE-2022-23648 at NVDCVE-2022-24769 at SUSECVE-2022-24769 at NVDCVE-2022-27191 at SUSECVE-2022-27191 at NVDCVE-2022-31030 at SUSECVE-2022-31030 at NVDCVE-2023-25153 at SUSECVE-2023-25153 at NVDCVE-2023-25173 at SUSECVE-2023-25173 at NVDcpe:/o:suse:sl-micro:6.0coolkey-1.1.0-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the coolkey-1.1.0-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-4129 at SUSECVE-2007-4129 at NVDcpe:/o:suse:sl-micro:6.0coreutils-9.4-4.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the coreutils-9.4-4.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-0221 at SUSECVE-2013-0221 at NVDCVE-2013-0222 at SUSECVE-2013-0222 at NVDCVE-2013-0223 at SUSECVE-2013-0223 at NVDCVE-2015-4041 at SUSECVE-2015-4041 at NVDCVE-2015-4042 at SUSECVE-2015-4042 at NVDCVE-2017-7476 at SUSECVE-2017-7476 at NVDCVE-2024-0684 at SUSECVE-2024-0684 at NVDcpe:/o:suse:sl-micro:6.0cpio-2.15-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the cpio-2.15-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2010-0624 at SUSECVE-2010-0624 at NVDCVE-2014-9112 at SUSECVE-2014-9112 at NVDCVE-2015-1197 at SUSECVE-2015-1197 at NVDCVE-2016-2037 at SUSECVE-2016-2037 at NVDCVE-2019-14866 at SUSECVE-2019-14866 at NVDCVE-2021-38185 at SUSECVE-2021-38185 at NVDCVE-2023-7207 at SUSECVE-2023-7207 at NVDcpe:/o:suse:sl-micro:6.0cracklib-2.9.11-1.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the cracklib-2.9.11-1.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-6318 at SUSECVE-2016-6318 at NVDcpe:/o:suse:sl-micro:6.0crun-1.14-1.18 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the crun-1.14-1.18 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-27650 at SUSECVE-2022-27650 at NVDcpe:/o:suse:sl-micro:6.0cryptsetup-2.6.1-4.13 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the cryptsetup-2.6.1-4.13 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-14382 at SUSECVE-2020-14382 at NVDCVE-2021-4122 at SUSECVE-2021-4122 at NVDcpe:/o:suse:sl-micro:6.0cups-config-2.4.2-5.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the cups-config-2.4.2-5.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2005-3193 at SUSECVE-2005-3193 at NVDCVE-2005-3624 at SUSECVE-2005-3624 at NVDCVE-2005-3625 at SUSECVE-2005-3625 at NVDCVE-2005-3626 at SUSECVE-2005-3626 at NVDCVE-2005-3627 at SUSECVE-2005-3627 at NVDCVE-2005-3628 at SUSECVE-2005-3628 at NVDCVE-2007-0104 at SUSECVE-2007-0104 at NVDCVE-2007-3387 at SUSECVE-2007-3387 at NVDCVE-2007-4351 at SUSECVE-2007-4351 at NVDCVE-2007-4352 at SUSECVE-2007-4352 at NVDCVE-2007-5392 at SUSECVE-2007-5392 at NVDCVE-2007-5393 at SUSECVE-2007-5393 at NVDCVE-2008-0047 at SUSECVE-2008-0047 at NVDCVE-2008-1373 at SUSECVE-2008-1373 at NVDCVE-2008-1693 at SUSECVE-2008-1693 at NVDCVE-2008-1722 at SUSECVE-2008-1722 at NVDCVE-2008-3641 at SUSECVE-2008-3641 at NVDCVE-2009-0163 at SUSECVE-2009-0163 at NVDCVE-2009-2820 at SUSECVE-2009-2820 at NVDCVE-2009-3553 at SUSECVE-2009-3553 at NVDCVE-2010-0393 at SUSECVE-2010-0393 at NVDCVE-2010-0540 at SUSECVE-2010-0540 at NVDCVE-2010-0542 at SUSECVE-2010-0542 at NVDCVE-2010-1748 at SUSECVE-2010-1748 at NVDCVE-2010-2941 at SUSECVE-2010-2941 at NVDCVE-2012-5519 at SUSECVE-2012-5519 at NVDCVE-2012-6094 at SUSECVE-2012-6094 at NVDCVE-2014-2856 at SUSECVE-2014-2856 at NVDCVE-2014-3537 at SUSECVE-2014-3537 at NVDCVE-2014-5029 at SUSECVE-2014-5029 at NVDCVE-2014-5030 at SUSECVE-2014-5030 at NVDCVE-2014-5031 at SUSECVE-2014-5031 at NVDCVE-2015-1158 at SUSECVE-2015-1158 at NVDCVE-2015-1159 at SUSECVE-2015-1159 at NVDCVE-2017-18248 at SUSECVE-2017-18248 at NVDCVE-2018-4700 at SUSECVE-2018-4700 at NVDCVE-2019-2228 at SUSECVE-2019-2228 at NVDCVE-2019-8675 at SUSECVE-2019-8675 at NVDCVE-2019-8696 at SUSECVE-2019-8696 at NVDCVE-2019-8842 at SUSECVE-2019-8842 at NVDCVE-2020-10001 at SUSECVE-2020-10001 at NVDCVE-2020-3898 at SUSECVE-2020-3898 at NVDCVE-2021-25317 at SUSECVE-2021-25317 at NVDCVE-2022-26691 at SUSECVE-2022-26691 at NVDCVE-2023-32324 at SUSECVE-2023-32324 at NVDCVE-2023-32360 at SUSECVE-2023-32360 at NVDCVE-2023-34241 at SUSECVE-2023-34241 at NVDCVE-2023-4504 at SUSECVE-2023-4504 at NVDcpe:/o:suse:sl-micro:6.0curl-8.6.0-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the curl-8.6.0-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-1061 at SUSECVE-2006-1061 at NVDCVE-2009-0037 at SUSECVE-2009-0037 at NVDCVE-2009-2417 at SUSECVE-2009-2417 at NVDCVE-2013-0249 at SUSECVE-2013-0249 at NVDCVE-2013-1944 at SUSECVE-2013-1944 at NVDCVE-2013-2174 at SUSECVE-2013-2174 at NVDCVE-2013-4545 at SUSECVE-2013-4545 at NVDCVE-2014-0015 at SUSECVE-2014-0015 at NVDCVE-2014-0138 at SUSECVE-2014-0138 at NVDCVE-2014-0139 at SUSECVE-2014-0139 at NVDCVE-2014-3613 at SUSECVE-2014-3613 at NVDCVE-2014-3620 at SUSECVE-2014-3620 at NVDCVE-2014-8150 at SUSECVE-2014-8150 at NVDCVE-2015-3143 at SUSECVE-2015-3143 at NVDCVE-2015-3144 at SUSECVE-2015-3144 at NVDCVE-2015-3145 at SUSECVE-2015-3145 at NVDCVE-2015-3148 at SUSECVE-2015-3148 at NVDCVE-2015-3153 at SUSECVE-2015-3153 at NVDCVE-2015-3236 at SUSECVE-2015-3236 at NVDCVE-2015-3237 at SUSECVE-2015-3237 at NVDCVE-2016-0755 at SUSECVE-2016-0755 at NVDCVE-2016-7167 at SUSECVE-2016-7167 at NVDCVE-2016-8615 at SUSECVE-2016-8615 at NVDCVE-2016-8616 at SUSECVE-2016-8616 at NVDCVE-2016-8617 at SUSECVE-2016-8617 at NVDCVE-2016-8618 at SUSECVE-2016-8618 at NVDCVE-2016-8619 at SUSECVE-2016-8619 at NVDCVE-2016-8620 at SUSECVE-2016-8620 at NVDCVE-2016-8621 at SUSECVE-2016-8621 at NVDCVE-2016-8622 at SUSECVE-2016-8622 at NVDCVE-2016-8623 at SUSECVE-2016-8623 at NVDCVE-2016-8624 at SUSECVE-2016-8624 at NVDCVE-2016-8625 at SUSECVE-2016-8625 at NVDCVE-2016-9586 at SUSECVE-2016-9586 at NVDCVE-2016-9594 at SUSECVE-2016-9594 at NVDCVE-2017-1000099 at SUSECVE-2017-1000099 at NVDCVE-2017-1000100 at SUSECVE-2017-1000100 at NVDCVE-2017-1000101 at SUSECVE-2017-1000101 at NVDCVE-2017-1000254 at SUSECVE-2017-1000254 at NVDCVE-2017-1000257 at SUSECVE-2017-1000257 at NVDCVE-2017-2629 at SUSECVE-2017-2629 at NVDCVE-2017-7468 at SUSECVE-2017-7468 at NVDCVE-2017-8816 at SUSECVE-2017-8816 at NVDCVE-2017-8817 at SUSECVE-2017-8817 at NVDCVE-2017-8818 at SUSECVE-2017-8818 at NVDCVE-2017-9502 at SUSECVE-2017-9502 at NVDCVE-2018-0500 at SUSECVE-2018-0500 at NVDCVE-2018-1000005 at SUSECVE-2018-1000005 at NVDCVE-2018-1000007 at SUSECVE-2018-1000007 at NVDCVE-2018-1000120 at SUSECVE-2018-1000120 at NVDCVE-2018-1000121 at SUSECVE-2018-1000121 at NVDCVE-2018-1000122 at SUSECVE-2018-1000122 at NVDCVE-2018-1000300 at SUSECVE-2018-1000300 at NVDCVE-2018-1000301 at SUSECVE-2018-1000301 at NVDCVE-2018-14618 at SUSECVE-2018-14618 at NVDCVE-2018-16839 at SUSECVE-2018-16839 at NVDCVE-2018-16840 at SUSECVE-2018-16840 at NVDCVE-2018-16842 at SUSECVE-2018-16842 at NVDCVE-2018-16890 at SUSECVE-2018-16890 at NVDCVE-2019-15601 at SUSECVE-2019-15601 at NVDCVE-2019-3822 at SUSECVE-2019-3822 at NVDCVE-2019-3823 at SUSECVE-2019-3823 at NVDCVE-2019-5435 at SUSECVE-2019-5435 at NVDCVE-2019-5436 at SUSECVE-2019-5436 at NVDCVE-2019-5481 at SUSECVE-2019-5481 at NVDCVE-2019-5482 at SUSECVE-2019-5482 at NVDCVE-2020-8169 at SUSECVE-2020-8169 at NVDCVE-2020-8177 at SUSECVE-2020-8177 at NVDCVE-2020-8231 at SUSECVE-2020-8231 at NVDCVE-2020-8284 at SUSECVE-2020-8284 at NVDCVE-2020-8285 at SUSECVE-2020-8285 at NVDCVE-2020-8286 at SUSECVE-2020-8286 at NVDCVE-2021-22297 at SUSECVE-2021-22297 at NVDCVE-2021-22298 at SUSECVE-2021-22298 at NVDCVE-2021-22876 at SUSECVE-2021-22876 at NVDCVE-2021-22890 at SUSECVE-2021-22890 at NVDCVE-2021-22898 at SUSECVE-2021-22898 at NVDCVE-2021-22901 at SUSECVE-2021-22901 at NVDCVE-2021-22922 at SUSECVE-2021-22922 at NVDCVE-2021-22923 at SUSECVE-2021-22923 at NVDCVE-2021-22924 at SUSECVE-2021-22924 at NVDCVE-2021-22925 at SUSECVE-2021-22925 at NVDCVE-2021-22945 at SUSECVE-2021-22945 at NVDCVE-2021-22946 at SUSECVE-2021-22946 at NVDCVE-2021-22947 at SUSECVE-2021-22947 at NVDCVE-2022-22576 at SUSECVE-2022-22576 at NVDCVE-2022-27774 at SUSECVE-2022-27774 at NVDCVE-2022-27775 at SUSECVE-2022-27775 at NVDCVE-2022-27776 at SUSECVE-2022-27776 at NVDCVE-2022-27778 at SUSECVE-2022-27778 at NVDCVE-2022-27779 at SUSECVE-2022-27779 at NVDCVE-2022-27780 at SUSECVE-2022-27780 at NVDCVE-2022-27781 at SUSECVE-2022-27781 at NVDCVE-2022-27782 at SUSECVE-2022-27782 at NVDCVE-2022-30115 at SUSECVE-2022-30115 at NVDCVE-2022-32205 at SUSECVE-2022-32205 at NVDCVE-2022-32206 at SUSECVE-2022-32206 at NVDCVE-2022-32207 at SUSECVE-2022-32207 at NVDCVE-2022-32208 at SUSECVE-2022-32208 at NVDCVE-2022-32221 at SUSECVE-2022-32221 at NVDCVE-2022-35252 at SUSECVE-2022-35252 at NVDCVE-2022-35260 at SUSECVE-2022-35260 at NVDCVE-2022-42915 at SUSECVE-2022-42915 at NVDCVE-2022-42916 at SUSECVE-2022-42916 at NVDCVE-2022-43551 at SUSECVE-2022-43551 at NVDCVE-2022-43552 at SUSECVE-2022-43552 at NVDCVE-2023-23914 at SUSECVE-2023-23914 at NVDCVE-2023-23915 at SUSECVE-2023-23915 at NVDCVE-2023-23916 at SUSECVE-2023-23916 at NVDCVE-2023-27533 at SUSECVE-2023-27533 at NVDCVE-2023-27534 at SUSECVE-2023-27534 at NVDCVE-2023-27535 at SUSECVE-2023-27535 at NVDCVE-2023-27536 at SUSECVE-2023-27536 at NVDCVE-2023-27537 at SUSECVE-2023-27537 at NVDCVE-2023-27538 at SUSECVE-2023-27538 at NVDCVE-2023-28319 at SUSECVE-2023-28319 at NVDCVE-2023-28320 at SUSECVE-2023-28320 at NVDCVE-2023-28321 at SUSECVE-2023-28321 at NVDCVE-2023-28322 at SUSECVE-2023-28322 at NVDCVE-2023-32001 at SUSECVE-2023-32001 at NVDCVE-2023-38039 at SUSECVE-2023-38039 at NVDCVE-2023-38545 at SUSECVE-2023-38545 at NVDCVE-2023-38546 at SUSECVE-2023-38546 at NVDCVE-2023-46218 at SUSECVE-2023-46218 at NVDCVE-2023-46219 at SUSECVE-2023-46219 at NVDCVE-2024-0853 at SUSECVE-2024-0853 at NVDcpe:/o:suse:sl-micro:6.0cyrus-sasl-2.1.28-5.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the cyrus-sasl-2.1.28-5.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-0688 at SUSECVE-2009-0688 at NVDCVE-2019-19906 at SUSECVE-2019-19906 at NVDCVE-2020-8032 at SUSECVE-2020-8032 at NVDCVE-2022-24407 at SUSECVE-2022-24407 at NVDcpe:/o:suse:sl-micro:6.0dbus-1-1.14.10-1.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the dbus-1-1.14.10-1.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-6107 at SUSECVE-2006-6107 at NVDCVE-2008-0595 at SUSECVE-2008-0595 at NVDCVE-2008-3834 at SUSECVE-2008-3834 at NVDCVE-2008-4311 at SUSECVE-2008-4311 at NVDCVE-2010-4352 at SUSECVE-2010-4352 at NVDCVE-2012-3524 at SUSECVE-2012-3524 at NVDCVE-2013-2168 at SUSECVE-2013-2168 at NVDCVE-2014-3477 at SUSECVE-2014-3477 at NVDCVE-2014-3532 at SUSECVE-2014-3532 at NVDCVE-2014-3533 at SUSECVE-2014-3533 at NVDCVE-2014-3635 at SUSECVE-2014-3635 at NVDCVE-2014-3636 at SUSECVE-2014-3636 at NVDCVE-2014-3637 at SUSECVE-2014-3637 at NVDCVE-2014-3638 at SUSECVE-2014-3638 at NVDCVE-2014-3639 at SUSECVE-2014-3639 at NVDCVE-2014-7824 at SUSECVE-2014-7824 at NVDCVE-2014-8148 at SUSECVE-2014-8148 at NVDCVE-2015-0245 at SUSECVE-2015-0245 at NVDCVE-2019-12749 at SUSECVE-2019-12749 at NVDCVE-2020-12049 at SUSECVE-2020-12049 at NVDCVE-2022-42010 at SUSECVE-2022-42010 at NVDCVE-2022-42011 at SUSECVE-2022-42011 at NVDCVE-2022-42012 at SUSECVE-2022-42012 at NVDCVE-2023-34969 at SUSECVE-2023-34969 at NVDcpe:/o:suse:sl-micro:6.0dbus-1-x11-1.14.10-1.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the dbus-1-x11-1.14.10-1.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-6107 at SUSECVE-2006-6107 at NVDCVE-2008-0595 at SUSECVE-2008-0595 at NVDCVE-2008-3834 at SUSECVE-2008-3834 at NVDCVE-2008-4311 at SUSECVE-2008-4311 at NVDCVE-2010-4352 at SUSECVE-2010-4352 at NVDCVE-2012-3524 at SUSECVE-2012-3524 at NVDCVE-2013-2168 at SUSECVE-2013-2168 at NVDCVE-2014-3477 at SUSECVE-2014-3477 at NVDCVE-2014-3532 at SUSECVE-2014-3532 at NVDCVE-2014-3533 at SUSECVE-2014-3533 at NVDCVE-2014-3635 at SUSECVE-2014-3635 at NVDCVE-2014-3636 at SUSECVE-2014-3636 at NVDCVE-2014-3637 at SUSECVE-2014-3637 at NVDCVE-2014-3638 at SUSECVE-2014-3638 at NVDCVE-2014-3639 at SUSECVE-2014-3639 at NVDCVE-2014-7824 at SUSECVE-2014-7824 at NVDCVE-2014-8148 at SUSECVE-2014-8148 at NVDCVE-2015-0245 at SUSECVE-2015-0245 at NVDCVE-2019-12749 at SUSECVE-2019-12749 at NVDCVE-2020-12049 at SUSECVE-2020-12049 at NVDCVE-2022-42010 at SUSECVE-2022-42010 at NVDCVE-2022-42011 at SUSECVE-2022-42011 at NVDCVE-2022-42012 at SUSECVE-2022-42012 at NVDcpe:/o:suse:sl-micro:6.0dhcp-4.4.2.P1-1.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the dhcp-4.4.2.P1-1.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-1892 at SUSECVE-2009-1892 at NVDCVE-2010-2156 at SUSECVE-2010-2156 at NVDCVE-2010-3611 at SUSECVE-2010-3611 at NVDCVE-2010-3616 at SUSECVE-2010-3616 at NVDCVE-2011-0413 at SUSECVE-2011-0413 at NVDCVE-2011-0997 at SUSECVE-2011-0997 at NVDCVE-2011-2748 at SUSECVE-2011-2748 at NVDCVE-2011-2749 at SUSECVE-2011-2749 at NVDCVE-2011-4539 at SUSECVE-2011-4539 at NVDCVE-2011-4868 at SUSECVE-2011-4868 at NVDCVE-2012-3570 at SUSECVE-2012-3570 at NVDCVE-2012-3571 at SUSECVE-2012-3571 at NVDCVE-2012-3954 at SUSECVE-2012-3954 at NVDCVE-2012-3955 at SUSECVE-2012-3955 at NVDCVE-2013-2266 at SUSECVE-2013-2266 at NVDCVE-2015-8605 at SUSECVE-2015-8605 at NVDCVE-2017-3144 at SUSECVE-2017-3144 at NVDCVE-2018-5732 at SUSECVE-2018-5732 at NVDCVE-2018-5733 at SUSECVE-2018-5733 at NVDCVE-2019-6470 at SUSECVE-2019-6470 at NVDCVE-2021-25217 at SUSECVE-2021-25217 at NVDCVE-2022-2928 at SUSECVE-2022-2928 at NVDCVE-2022-2929 at SUSECVE-2022-2929 at NVDcpe:/o:suse:sl-micro:6.0dnsmasq-2.89-7.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the dnsmasq-2.89-7.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-3294 at SUSECVE-2015-3294 at NVDCVE-2015-8899 at SUSECVE-2015-8899 at NVDCVE-2017-14491 at SUSECVE-2017-14491 at NVDCVE-2017-14492 at SUSECVE-2017-14492 at NVDCVE-2017-14493 at SUSECVE-2017-14493 at NVDCVE-2017-14494 at SUSECVE-2017-14494 at NVDCVE-2017-14495 at SUSECVE-2017-14495 at NVDCVE-2017-14496 at SUSECVE-2017-14496 at NVDCVE-2017-15107 at SUSECVE-2017-15107 at NVDCVE-2019-14834 at SUSECVE-2019-14834 at NVDCVE-2020-14312 at SUSECVE-2020-14312 at NVDCVE-2020-25681 at SUSECVE-2020-25681 at NVDCVE-2020-25682 at SUSECVE-2020-25682 at NVDCVE-2020-25683 at SUSECVE-2020-25683 at NVDCVE-2020-25684 at SUSECVE-2020-25684 at NVDCVE-2020-25685 at SUSECVE-2020-25685 at NVDCVE-2020-25686 at SUSECVE-2020-25686 at NVDCVE-2020-25687 at SUSECVE-2020-25687 at NVDCVE-2021-3448 at SUSECVE-2021-3448 at NVDCVE-2022-0934 at SUSECVE-2022-0934 at NVDCVE-2023-28450 at SUSECVE-2023-28450 at NVDcpe:/o:suse:sl-micro:6.0docker-24.0.7_ce-2.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the docker-24.0.7_ce-2.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-3499 at SUSECVE-2014-3499 at NVDCVE-2014-5277 at SUSECVE-2014-5277 at NVDCVE-2014-6407 at SUSECVE-2014-6407 at NVDCVE-2014-6408 at SUSECVE-2014-6408 at NVDCVE-2014-8178 at SUSECVE-2014-8178 at NVDCVE-2014-8179 at SUSECVE-2014-8179 at NVDCVE-2014-9356 at SUSECVE-2014-9356 at NVDCVE-2014-9357 at SUSECVE-2014-9357 at NVDCVE-2014-9358 at SUSECVE-2014-9358 at NVDCVE-2015-3627 at SUSECVE-2015-3627 at NVDCVE-2015-3629 at SUSECVE-2015-3629 at NVDCVE-2015-3630 at SUSECVE-2015-3630 at NVDCVE-2015-3631 at SUSECVE-2015-3631 at NVDCVE-2016-3697 at SUSECVE-2016-3697 at NVDCVE-2016-8867 at SUSECVE-2016-8867 at NVDCVE-2016-9962 at SUSECVE-2016-9962 at NVDCVE-2017-14992 at SUSECVE-2017-14992 at NVDCVE-2017-16539 at SUSECVE-2017-16539 at NVDCVE-2018-10892 at SUSECVE-2018-10892 at NVDCVE-2018-15664 at SUSECVE-2018-15664 at NVDCVE-2018-16873 at SUSECVE-2018-16873 at NVDCVE-2018-16874 at SUSECVE-2018-16874 at NVDCVE-2018-16875 at SUSECVE-2018-16875 at NVDCVE-2018-20699 at SUSECVE-2018-20699 at NVDCVE-2019-13509 at SUSECVE-2019-13509 at NVDCVE-2019-14271 at SUSECVE-2019-14271 at NVDCVE-2020-12912 at SUSECVE-2020-12912 at NVDCVE-2020-13401 at SUSECVE-2020-13401 at NVDCVE-2020-15257 at SUSECVE-2020-15257 at NVDCVE-2020-8694 at SUSECVE-2020-8694 at NVDCVE-2020-8695 at SUSECVE-2020-8695 at NVDCVE-2021-21284 at SUSECVE-2021-21284 at NVDCVE-2021-21285 at SUSECVE-2021-21285 at NVDCVE-2021-41089 at SUSECVE-2021-41089 at NVDCVE-2021-41091 at SUSECVE-2021-41091 at NVDCVE-2021-41092 at SUSECVE-2021-41092 at NVDCVE-2021-41103 at SUSECVE-2021-41103 at NVDCVE-2021-41190 at SUSECVE-2021-41190 at NVDCVE-2021-43565 at SUSECVE-2021-43565 at NVDCVE-2022-24769 at SUSECVE-2022-24769 at NVDCVE-2022-27191 at SUSECVE-2022-27191 at NVDCVE-2022-36109 at SUSECVE-2022-36109 at NVDCVE-2023-28840 at SUSECVE-2023-28840 at NVDCVE-2023-28841 at SUSECVE-2023-28841 at NVDCVE-2023-28842 at SUSECVE-2023-28842 at NVDCVE-2024-23651 at SUSECVE-2024-23651 at NVDCVE-2024-23652 at SUSECVE-2024-23652 at NVDCVE-2024-23653 at SUSECVE-2024-23653 at NVDcpe:/o:suse:sl-micro:6.0docker-compose-2.24.5-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the docker-compose-2.24.5-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-27664 at SUSECVE-2022-27664 at NVDCVE-2022-2879 at SUSECVE-2022-2879 at NVDCVE-2022-2880 at SUSECVE-2022-2880 at NVDCVE-2022-32149 at SUSECVE-2022-32149 at NVDCVE-2022-39253 at SUSECVE-2022-39253 at NVDCVE-2022-41715 at SUSECVE-2022-41715 at NVDCVE-2022-41723 at SUSECVE-2022-41723 at NVDCVE-2023-28840 at SUSECVE-2023-28840 at NVDcpe:/o:suse:sl-micro:6.0dpdk-22.11.1-1.51 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the dpdk-22.11.1-1.51 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-1059 at SUSECVE-2018-1059 at NVDCVE-2019-14818 at SUSECVE-2019-14818 at NVDCVE-2020-10722 at SUSECVE-2020-10722 at NVDCVE-2020-10723 at SUSECVE-2020-10723 at NVDCVE-2020-10724 at SUSECVE-2020-10724 at NVDCVE-2020-10725 at SUSECVE-2020-10725 at NVDCVE-2020-10726 at SUSECVE-2020-10726 at NVDCVE-2020-14374 at SUSECVE-2020-14374 at NVDCVE-2020-14375 at SUSECVE-2020-14375 at NVDCVE-2020-14376 at SUSECVE-2020-14376 at NVDCVE-2020-14377 at SUSECVE-2020-14377 at NVDCVE-2020-14378 at SUSECVE-2020-14378 at NVDCVE-2021-3839 at SUSECVE-2021-3839 at NVDCVE-2022-0669 at SUSECVE-2022-0669 at NVDcpe:/o:suse:sl-micro:6.0dracut-059+suse.557.g8a62bf73-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the dracut-059+suse.557.g8a62bf73-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-4453 at SUSECVE-2012-4453 at NVDCVE-2016-8637 at SUSECVE-2016-8637 at NVDcpe:/o:suse:sl-micro:6.0e2fsprogs-1.47.0-2.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the e2fsprogs-1.47.0-2.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-5497 at SUSECVE-2007-5497 at NVDCVE-2019-5094 at SUSECVE-2019-5094 at NVDcpe:/o:suse:sl-micro:6.0elfutils-0.189-4.143 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the elfutils-0.189-4.143 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-0172 at SUSECVE-2014-0172 at NVDCVE-2014-9447 at SUSECVE-2014-9447 at NVDCVE-2018-18310 at SUSECVE-2018-18310 at NVDCVE-2018-18520 at SUSECVE-2018-18520 at NVDCVE-2018-18521 at SUSECVE-2018-18521 at NVDCVE-2019-7146 at SUSECVE-2019-7146 at NVDCVE-2019-7148 at SUSECVE-2019-7148 at NVDCVE-2019-7149 at SUSECVE-2019-7149 at NVDCVE-2019-7150 at SUSECVE-2019-7150 at NVDCVE-2019-7664 at SUSECVE-2019-7664 at NVDCVE-2019-7665 at SUSECVE-2019-7665 at NVDcpe:/o:suse:sl-micro:6.0file-5.44-4.151 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the file-5.44-4.151 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-1536 at SUSECVE-2007-1536 at NVDCVE-2007-2799 at SUSECVE-2007-2799 at NVDCVE-2012-1571 at SUSECVE-2012-1571 at NVDCVE-2014-3710 at SUSECVE-2014-3710 at NVDCVE-2014-8116 at SUSECVE-2014-8116 at NVDCVE-2014-8117 at SUSECVE-2014-8117 at NVDCVE-2017-1000249 at SUSECVE-2017-1000249 at NVDCVE-2018-10360 at SUSECVE-2018-10360 at NVDCVE-2019-18218 at SUSECVE-2019-18218 at NVDCVE-2019-8904 at SUSECVE-2019-8904 at NVDCVE-2019-8905 at SUSECVE-2019-8905 at NVDCVE-2019-8906 at SUSECVE-2019-8906 at NVDCVE-2019-8907 at SUSECVE-2019-8907 at NVDcpe:/o:suse:sl-micro:6.0findutils-4.9.0-2.181 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the findutils-4.9.0-2.181 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-2452 at SUSECVE-2007-2452 at NVDcpe:/o:suse:sl-micro:6.0firewalld-2.0.0-1.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the firewalld-2.0.0-1.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-5410 at SUSECVE-2016-5410 at NVDcpe:/o:suse:sl-micro:6.0fwupd-1.9.11-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the fwupd-1.9.11-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-10759 at SUSECVE-2020-10759 at NVDCVE-2022-3287 at SUSECVE-2022-3287 at NVDcpe:/o:suse:sl-micro:6.0gdk-pixbuf-loader-rsvg-2.56.3-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the gdk-pixbuf-loader-rsvg-2.56.3-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2011-3146 at SUSECVE-2011-3146 at NVDCVE-2013-1881 at SUSECVE-2013-1881 at NVDCVE-2017-11464 at SUSECVE-2017-11464 at NVDCVE-2019-20446 at SUSECVE-2019-20446 at NVDCVE-2021-25900 at SUSECVE-2021-25900 at NVDcpe:/o:suse:sl-micro:6.0gdk-pixbuf-query-loaders-2.42.10-2.12 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the gdk-pixbuf-query-loaders-2.42.10-2.12 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2011-2485 at SUSECVE-2011-2485 at NVDCVE-2015-4491 at SUSECVE-2015-4491 at NVDCVE-2015-7552 at SUSECVE-2015-7552 at NVDCVE-2015-7673 at SUSECVE-2015-7673 at NVDCVE-2015-7674 at SUSECVE-2015-7674 at NVDCVE-2016-6352 at SUSECVE-2016-6352 at NVDCVE-2017-2862 at SUSECVE-2017-2862 at NVDCVE-2017-2870 at SUSECVE-2017-2870 at NVDCVE-2017-6312 at SUSECVE-2017-6312 at NVDCVE-2017-6313 at SUSECVE-2017-6313 at NVDCVE-2020-29385 at SUSECVE-2020-29385 at NVDCVE-2021-44648 at SUSECVE-2021-44648 at NVDCVE-2021-46829 at SUSECVE-2021-46829 at NVDcpe:/o:suse:sl-micro:6.0git-2.42.1-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the git-2.42.1-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2005-4900 at SUSECVE-2005-4900 at NVDCVE-2011-2186 at SUSECVE-2011-2186 at NVDCVE-2014-9390 at SUSECVE-2014-9390 at NVDCVE-2016-2315 at SUSECVE-2016-2315 at NVDCVE-2016-2324 at SUSECVE-2016-2324 at NVDCVE-2017-1000117 at SUSECVE-2017-1000117 at NVDCVE-2017-14867 at SUSECVE-2017-14867 at NVDCVE-2017-15298 at SUSECVE-2017-15298 at NVDCVE-2017-8386 at SUSECVE-2017-8386 at NVDCVE-2018-11233 at SUSECVE-2018-11233 at NVDCVE-2018-11235 at SUSECVE-2018-11235 at NVDCVE-2018-17456 at SUSECVE-2018-17456 at NVDCVE-2018-19486 at SUSECVE-2018-19486 at NVDCVE-2019-1348 at SUSECVE-2019-1348 at NVDCVE-2019-1349 at SUSECVE-2019-1349 at NVDCVE-2019-1350 at SUSECVE-2019-1350 at NVDCVE-2019-1351 at SUSECVE-2019-1351 at NVDCVE-2019-1352 at SUSECVE-2019-1352 at NVDCVE-2019-1353 at SUSECVE-2019-1353 at NVDCVE-2019-1354 at SUSECVE-2019-1354 at NVDCVE-2019-1387 at SUSECVE-2019-1387 at NVDCVE-2019-19604 at SUSECVE-2019-19604 at NVDCVE-2020-11008 at SUSECVE-2020-11008 at NVDCVE-2020-5260 at SUSECVE-2020-5260 at NVDCVE-2021-21300 at SUSECVE-2021-21300 at NVDCVE-2022-23521 at SUSECVE-2022-23521 at NVDCVE-2022-24765 at SUSECVE-2022-24765 at NVDCVE-2022-29187 at SUSECVE-2022-29187 at NVDCVE-2022-39253 at SUSECVE-2022-39253 at NVDCVE-2022-39260 at SUSECVE-2022-39260 at NVDCVE-2022-41903 at SUSECVE-2022-41903 at NVDCVE-2023-22490 at SUSECVE-2023-22490 at NVDCVE-2023-23946 at SUSECVE-2023-23946 at NVDCVE-2023-25652 at SUSECVE-2023-25652 at NVDCVE-2023-25815 at SUSECVE-2023-25815 at NVDCVE-2023-29007 at SUSECVE-2023-29007 at NVDcpe:/o:suse:sl-micro:6.0glib-networking-2.76.0-2.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the glib-networking-2.76.0-2.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-13645 at SUSECVE-2020-13645 at NVDcpe:/o:suse:sl-micro:6.0glib2-tools-2.76.2-4.12 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the glib2-tools-2.76.2-4.12 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2008-2371 at SUSECVE-2008-2371 at NVDCVE-2008-4316 at SUSECVE-2008-4316 at NVDCVE-2012-3524 at SUSECVE-2012-3524 at NVDCVE-2018-16428 at SUSECVE-2018-16428 at NVDCVE-2018-16429 at SUSECVE-2018-16429 at NVDCVE-2019-12450 at SUSECVE-2019-12450 at NVDCVE-2020-6750 at SUSECVE-2020-6750 at NVDCVE-2021-27218 at SUSECVE-2021-27218 at NVDCVE-2021-27219 at SUSECVE-2021-27219 at NVDcpe:/o:suse:sl-micro:6.0glibc-2.38-6.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the glibc-2.38-6.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-5029 at SUSECVE-2009-5029 at NVDCVE-2009-5064 at SUSECVE-2009-5064 at NVDCVE-2009-5155 at SUSECVE-2009-5155 at NVDCVE-2010-3192 at SUSECVE-2010-3192 at NVDCVE-2012-3406 at SUSECVE-2012-3406 at NVDCVE-2012-4412 at SUSECVE-2012-4412 at NVDCVE-2013-0242 at SUSECVE-2013-0242 at NVDCVE-2013-1914 at SUSECVE-2013-1914 at NVDCVE-2013-2207 at SUSECVE-2013-2207 at NVDCVE-2013-4237 at SUSECVE-2013-4237 at NVDCVE-2013-4332 at SUSECVE-2013-4332 at NVDCVE-2013-4458 at SUSECVE-2013-4458 at NVDCVE-2013-7423 at SUSECVE-2013-7423 at NVDCVE-2014-0475 at SUSECVE-2014-0475 at NVDCVE-2014-4043 at SUSECVE-2014-4043 at NVDCVE-2014-5119 at SUSECVE-2014-5119 at NVDCVE-2014-6040 at SUSECVE-2014-6040 at NVDCVE-2014-7817 at SUSECVE-2014-7817 at NVDCVE-2014-8121 at SUSECVE-2014-8121 at NVDCVE-2014-9402 at SUSECVE-2014-9402 at NVDCVE-2014-9761 at SUSECVE-2014-9761 at NVDCVE-2015-1472 at SUSECVE-2015-1472 at NVDCVE-2015-1473 at SUSECVE-2015-1473 at NVDCVE-2015-1781 at SUSECVE-2015-1781 at NVDCVE-2015-5180 at SUSECVE-2015-5180 at NVDCVE-2015-7547 at SUSECVE-2015-7547 at NVDCVE-2015-8776 at SUSECVE-2015-8776 at NVDCVE-2015-8777 at SUSECVE-2015-8777 at NVDCVE-2015-8778 at SUSECVE-2015-8778 at NVDCVE-2015-8779 at SUSECVE-2015-8779 at NVDCVE-2015-8985 at SUSECVE-2015-8985 at NVDCVE-2016-10228 at SUSECVE-2016-10228 at NVDCVE-2016-10739 at SUSECVE-2016-10739 at NVDCVE-2016-1234 at SUSECVE-2016-1234 at NVDCVE-2016-3075 at SUSECVE-2016-3075 at NVDCVE-2016-3706 at SUSECVE-2016-3706 at NVDCVE-2016-4429 at SUSECVE-2016-4429 at NVDCVE-2016-5417 at SUSECVE-2016-5417 at NVDCVE-2016-6261 at SUSECVE-2016-6261 at NVDCVE-2016-6263 at SUSECVE-2016-6263 at NVDCVE-2016-6323 at SUSECVE-2016-6323 at NVDCVE-2017-1000366 at SUSECVE-2017-1000366 at NVDCVE-2017-1000408 at SUSECVE-2017-1000408 at NVDCVE-2017-1000409 at SUSECVE-2017-1000409 at NVDCVE-2017-12132 at SUSECVE-2017-12132 at NVDCVE-2017-12133 at SUSECVE-2017-12133 at NVDCVE-2017-14062 at SUSECVE-2017-14062 at NVDCVE-2017-15670 at SUSECVE-2017-15670 at NVDCVE-2017-15671 at SUSECVE-2017-15671 at NVDCVE-2017-15804 at SUSECVE-2017-15804 at NVDCVE-2017-16997 at SUSECVE-2017-16997 at NVDCVE-2017-17426 at SUSECVE-2017-17426 at NVDCVE-2017-18269 at SUSECVE-2017-18269 at NVDCVE-2018-1000001 at SUSECVE-2018-1000001 at NVDCVE-2018-11236 at SUSECVE-2018-11236 at NVDCVE-2018-11237 at SUSECVE-2018-11237 at NVDCVE-2018-19591 at SUSECVE-2018-19591 at NVDCVE-2018-6485 at SUSECVE-2018-6485 at NVDCVE-2018-6551 at SUSECVE-2018-6551 at NVDCVE-2019-19126 at SUSECVE-2019-19126 at NVDCVE-2019-25013 at SUSECVE-2019-25013 at NVDCVE-2019-7309 at SUSECVE-2019-7309 at NVDCVE-2019-9169 at SUSECVE-2019-9169 at NVDCVE-2020-10029 at SUSECVE-2020-10029 at NVDCVE-2020-1751 at SUSECVE-2020-1751 at NVDCVE-2020-1752 at SUSECVE-2020-1752 at NVDCVE-2020-27618 at SUSECVE-2020-27618 at NVDCVE-2020-29562 at SUSECVE-2020-29562 at NVDCVE-2020-29573 at SUSECVE-2020-29573 at NVDCVE-2020-6096 at SUSECVE-2020-6096 at NVDCVE-2021-27645 at SUSECVE-2021-27645 at NVDCVE-2021-3326 at SUSECVE-2021-3326 at NVDCVE-2021-33574 at SUSECVE-2021-33574 at NVDCVE-2021-35942 at SUSECVE-2021-35942 at NVDCVE-2021-3998 at SUSECVE-2021-3998 at NVDCVE-2021-3999 at SUSECVE-2021-3999 at NVDCVE-2022-23218 at SUSECVE-2022-23218 at NVDCVE-2022-23219 at SUSECVE-2022-23219 at NVDCVE-2022-39046 at SUSECVE-2022-39046 at NVDCVE-2023-25139 at SUSECVE-2023-25139 at NVDCVE-2023-4527 at SUSECVE-2023-4527 at NVDCVE-2023-4806 at SUSECVE-2023-4806 at NVDCVE-2023-4813 at SUSECVE-2023-4813 at NVDCVE-2023-4911 at SUSECVE-2023-4911 at NVDCVE-2023-5156 at SUSECVE-2023-5156 at NVDCVE-2023-6246 at SUSECVE-2023-6246 at NVDCVE-2023-6779 at SUSECVE-2023-6779 at NVDCVE-2023-6780 at SUSECVE-2023-6780 at NVDcpe:/o:suse:sl-micro:6.0gnutls-3.8.3-1.13 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the gnutls-3.8.3-1.13 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-4790 at SUSECVE-2006-4790 at NVDCVE-2008-1948 at SUSECVE-2008-1948 at NVDCVE-2008-1949 at SUSECVE-2008-1949 at NVDCVE-2008-1950 at SUSECVE-2008-1950 at NVDCVE-2008-4989 at SUSECVE-2008-4989 at NVDCVE-2011-4128 at SUSECVE-2011-4128 at NVDCVE-2012-0390 at SUSECVE-2012-0390 at NVDCVE-2012-1569 at SUSECVE-2012-1569 at NVDCVE-2012-1573 at SUSECVE-2012-1573 at NVDCVE-2014-0092 at SUSECVE-2014-0092 at NVDCVE-2014-1959 at SUSECVE-2014-1959 at NVDCVE-2014-3466 at SUSECVE-2014-3466 at NVDCVE-2014-8564 at SUSECVE-2014-8564 at NVDCVE-2015-6251 at SUSECVE-2015-6251 at NVDCVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2017-10790 at SUSECVE-2017-10790 at NVDCVE-2017-7869 at SUSECVE-2017-7869 at NVDCVE-2018-10844 at SUSECVE-2018-10844 at NVDCVE-2018-10845 at SUSECVE-2018-10845 at NVDCVE-2018-10846 at SUSECVE-2018-10846 at NVDCVE-2019-3829 at SUSECVE-2019-3829 at NVDCVE-2019-3836 at SUSECVE-2019-3836 at NVDCVE-2020-13777 at SUSECVE-2020-13777 at NVDCVE-2021-20231 at SUSECVE-2021-20231 at NVDCVE-2021-20232 at SUSECVE-2021-20232 at NVDCVE-2022-2509 at SUSECVE-2022-2509 at NVDCVE-2023-0361 at SUSECVE-2023-0361 at NVDCVE-2023-5981 at SUSECVE-2023-5981 at NVDCVE-2024-0553 at SUSECVE-2024-0553 at NVDCVE-2024-0567 at SUSECVE-2024-0567 at NVDcpe:/o:suse:sl-micro:6.0gpg2-2.4.4-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the gpg2-2.4.4-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-0455 at SUSECVE-2006-0455 at NVDCVE-2006-3746 at SUSECVE-2006-3746 at NVDCVE-2006-6169 at SUSECVE-2006-6169 at NVDCVE-2008-1530 at SUSECVE-2008-1530 at NVDCVE-2010-2547 at SUSECVE-2010-2547 at NVDCVE-2013-4351 at SUSECVE-2013-4351 at NVDCVE-2013-4402 at SUSECVE-2013-4402 at NVDCVE-2014-4617 at SUSECVE-2014-4617 at NVDCVE-2018-12020 at SUSECVE-2018-12020 at NVDCVE-2018-9234 at SUSECVE-2018-9234 at NVDCVE-2019-14855 at SUSECVE-2019-14855 at NVDCVE-2020-25125 at SUSECVE-2020-25125 at NVDCVE-2022-34903 at SUSECVE-2022-34903 at NVDcpe:/o:suse:sl-micro:6.0gptfdisk-1.0.9-3.5 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the gptfdisk-1.0.9-3.5 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-0256 at SUSECVE-2020-0256 at NVDCVE-2021-0308 at SUSECVE-2021-0308 at NVDcpe:/o:suse:sl-micro:6.0grep-3.11-4.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the grep-3.11-4.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-1345 at SUSECVE-2015-1345 at NVDcpe:/o:suse:sl-micro:6.0groff-1.23.0-1.43 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the groff-1.23.0-1.43 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-5044 at SUSECVE-2009-5044 at NVDCVE-2009-5080 at SUSECVE-2009-5080 at NVDCVE-2009-5081 at SUSECVE-2009-5081 at NVDcpe:/o:suse:sl-micro:6.0grub2-2.12~rc1-5.30 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the grub2-2.12~rc1-5.30 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-8370 at SUSECVE-2015-8370 at NVDCVE-2020-10713 at SUSECVE-2020-10713 at NVDCVE-2020-14308 at SUSECVE-2020-14308 at NVDCVE-2020-14309 at SUSECVE-2020-14309 at NVDCVE-2020-14310 at SUSECVE-2020-14310 at NVDCVE-2020-14311 at SUSECVE-2020-14311 at NVDCVE-2020-14372 at SUSECVE-2020-14372 at NVDCVE-2020-15705 at SUSECVE-2020-15705 at NVDCVE-2020-15706 at SUSECVE-2020-15706 at NVDCVE-2020-15707 at SUSECVE-2020-15707 at NVDCVE-2020-25632 at SUSECVE-2020-25632 at NVDCVE-2020-25647 at SUSECVE-2020-25647 at NVDCVE-2020-27749 at SUSECVE-2020-27749 at NVDCVE-2020-27779 at SUSECVE-2020-27779 at NVDCVE-2021-20225 at SUSECVE-2021-20225 at NVDCVE-2021-20233 at SUSECVE-2021-20233 at NVDCVE-2021-3695 at SUSECVE-2021-3695 at NVDCVE-2021-3696 at SUSECVE-2021-3696 at NVDCVE-2021-3697 at SUSECVE-2021-3697 at NVDCVE-2021-3981 at SUSECVE-2021-3981 at NVDCVE-2021-46705 at SUSECVE-2021-46705 at NVDCVE-2022-2601 at SUSECVE-2022-2601 at NVDCVE-2022-28733 at SUSECVE-2022-28733 at NVDCVE-2022-28734 at SUSECVE-2022-28734 at NVDCVE-2022-28735 at SUSECVE-2022-28735 at NVDCVE-2022-28736 at SUSECVE-2022-28736 at NVDCVE-2022-3775 at SUSECVE-2022-3775 at NVDCVE-2023-4692 at SUSECVE-2023-4692 at NVDCVE-2023-4693 at SUSECVE-2023-4693 at NVDcpe:/o:suse:sl-micro:6.0gstreamer-1.22.9-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the gstreamer-1.22.9-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-10198 at SUSECVE-2016-10198 at NVDCVE-2016-10199 at SUSECVE-2016-10199 at NVDCVE-2017-5837 at SUSECVE-2017-5837 at NVDCVE-2017-5838 at SUSECVE-2017-5838 at NVDCVE-2017-5839 at SUSECVE-2017-5839 at NVDCVE-2017-5840 at SUSECVE-2017-5840 at NVDCVE-2017-5841 at SUSECVE-2017-5841 at NVDCVE-2017-5842 at SUSECVE-2017-5842 at NVDCVE-2017-5843 at SUSECVE-2017-5843 at NVDCVE-2017-5844 at SUSECVE-2017-5844 at NVDCVE-2017-5845 at SUSECVE-2017-5845 at NVDCVE-2017-5846 at SUSECVE-2017-5846 at NVDCVE-2017-5847 at SUSECVE-2017-5847 at NVDCVE-2017-5848 at SUSECVE-2017-5848 at NVDCVE-2021-3185 at SUSECVE-2021-3185 at NVDcpe:/o:suse:sl-micro:6.0gstreamer-plugins-base-1.22.9-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the gstreamer-plugins-base-1.22.9-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-9928 at SUSECVE-2019-9928 at NVDCVE-2021-3185 at SUSECVE-2021-3185 at NVDCVE-2023-37327 at SUSECVE-2023-37327 at NVDCVE-2023-37328 at SUSECVE-2023-37328 at NVDcpe:/o:suse:sl-micro:6.0guestfs-tools-1.52.0-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the guestfs-tools-1.52.0-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-2211 at SUSECVE-2022-2211 at NVDcpe:/o:suse:sl-micro:6.0gzip-1.13-1.50 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the gzip-1.13-1.50 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-2624 at SUSECVE-2009-2624 at NVDCVE-2010-0001 at SUSECVE-2010-0001 at NVDCVE-2022-1271 at SUSECVE-2022-1271 at NVDcpe:/o:suse:sl-micro:6.0haproxy-2.8.3+git0.86e043add-1.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the haproxy-2.8.3+git0.86e043add-1.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-2391 at SUSECVE-2012-2391 at NVDCVE-2013-1912 at SUSECVE-2013-1912 at NVDCVE-2013-2175 at SUSECVE-2013-2175 at NVDCVE-2014-6269 at SUSECVE-2014-6269 at NVDCVE-2015-3281 at SUSECVE-2015-3281 at NVDCVE-2018-11469 at SUSECVE-2018-11469 at NVDCVE-2018-14645 at SUSECVE-2018-14645 at NVDCVE-2018-20102 at SUSECVE-2018-20102 at NVDCVE-2018-20103 at SUSECVE-2018-20103 at NVDCVE-2018-20615 at SUSECVE-2018-20615 at NVDCVE-2019-14241 at SUSECVE-2019-14241 at NVDCVE-2019-18277 at SUSECVE-2019-18277 at NVDCVE-2020-11100 at SUSECVE-2020-11100 at NVDCVE-2021-39240 at SUSECVE-2021-39240 at NVDCVE-2021-39241 at SUSECVE-2021-39241 at NVDCVE-2021-39242 at SUSECVE-2021-39242 at NVDCVE-2021-40346 at SUSECVE-2021-40346 at NVDCVE-2022-0711 at SUSECVE-2022-0711 at NVDCVE-2023-25725 at SUSECVE-2023-25725 at NVDCVE-2023-40225 at SUSECVE-2023-40225 at NVDcpe:/o:suse:sl-micro:6.0hyper-v-8-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the hyper-v-8-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-2669 at SUSECVE-2012-2669 at NVDCVE-2012-5532 at SUSECVE-2012-5532 at NVDcpe:/o:suse:sl-micro:6.0ipmitool-1.8.19.13.gbe11d94-1.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the ipmitool-1.8.19.13.gbe11d94-1.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-5208 at SUSECVE-2020-5208 at NVDcpe:/o:suse:sl-micro:6.0iputils-20221126-2.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the iputils-20221126-2.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2010-2529 at SUSECVE-2010-2529 at NVDcpe:/o:suse:sl-micro:6.0iscsiuio-0.7.8.8-3.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the iscsiuio-0.7.8.8-3.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-13987 at SUSECVE-2020-13987 at NVDCVE-2020-13988 at SUSECVE-2020-13988 at NVDCVE-2020-17437 at SUSECVE-2020-17437 at NVDCVE-2020-17438 at SUSECVE-2020-17438 at NVDcpe:/o:suse:sl-micro:6.0jq-1.6-2.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the jq-1.6-2.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-8863 at SUSECVE-2015-8863 at NVDCVE-2016-4074 at SUSECVE-2016-4074 at NVDcpe:/o:suse:sl-micro:6.0kbd-2.6.4-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the kbd-2.6.4-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2011-0460 at SUSECVE-2011-0460 at NVDcpe:/o:suse:sl-micro:6.0kdump-2.0.1-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the kdump-2.0.1-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-5759 at SUSECVE-2016-5759 at NVDcpe:/o:suse:sl-micro:6.0keepalived-2.2.8-1.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the keepalived-2.2.8-1.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-19044 at SUSECVE-2018-19044 at NVDCVE-2018-19045 at SUSECVE-2018-19045 at NVDCVE-2018-19046 at SUSECVE-2018-19046 at NVDCVE-2021-44225 at SUSECVE-2021-44225 at NVDcpe:/o:suse:sl-micro:6.0kernel-default-6.4.0-17.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the kernel-default-6.4.0-17.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-3695 at SUSECVE-2016-3695 at NVDCVE-2020-26555 at SUSECVE-2020-26555 at NVDCVE-2022-40982 at SUSECVE-2022-40982 at NVDCVE-2022-48628 at SUSECVE-2022-48628 at NVDCVE-2023-1192 at SUSECVE-2023-1192 at NVDCVE-2023-1206 at SUSECVE-2023-1206 at NVDCVE-2023-20569 at SUSECVE-2023-20569 at NVDCVE-2023-20593 at SUSECVE-2023-20593 at NVDCVE-2023-25775 at SUSECVE-2023-25775 at NVDCVE-2023-28746 at SUSECVE-2023-28746 at NVDCVE-2023-31085 at SUSECVE-2023-31085 at NVDCVE-2023-31248 at SUSECVE-2023-31248 at NVDCVE-2023-3269 at SUSECVE-2023-3269 at NVDCVE-2023-34319 at SUSECVE-2023-34319 at NVDCVE-2023-35001 at SUSECVE-2023-35001 at NVDCVE-2023-35827 at SUSECVE-2023-35827 at NVDCVE-2023-3611 at SUSECVE-2023-3611 at NVDCVE-2023-37453 at SUSECVE-2023-37453 at NVDCVE-2023-3772 at SUSECVE-2023-3772 at NVDCVE-2023-3773 at SUSECVE-2023-3773 at NVDCVE-2023-3776 at SUSECVE-2023-3776 at NVDCVE-2023-3863 at SUSECVE-2023-3863 at NVDCVE-2023-39189 at SUSECVE-2023-39189 at NVDCVE-2023-39192 at SUSECVE-2023-39192 at NVDCVE-2023-39193 at SUSECVE-2023-39193 at NVDCVE-2023-39197 at SUSECVE-2023-39197 at NVDCVE-2023-39198 at SUSECVE-2023-39198 at NVDCVE-2023-4004 at SUSECVE-2023-4004 at NVDCVE-2023-40283 at SUSECVE-2023-40283 at NVDCVE-2023-4128 at SUSECVE-2023-4128 at NVDCVE-2023-4134 at SUSECVE-2023-4134 at NVDCVE-2023-4147 at SUSECVE-2023-4147 at NVDCVE-2023-4155 at SUSECVE-2023-4155 at NVDCVE-2023-4194 at SUSECVE-2023-4194 at NVDCVE-2023-4244 at SUSECVE-2023-4244 at NVDCVE-2023-4273 at SUSECVE-2023-4273 at NVDCVE-2023-42752 at SUSECVE-2023-42752 at NVDCVE-2023-42753 at SUSECVE-2023-42753 at NVDCVE-2023-42754 at SUSECVE-2023-42754 at NVDCVE-2023-42756 at SUSECVE-2023-42756 at NVDCVE-2023-4563 at SUSECVE-2023-4563 at NVDCVE-2023-45871 at SUSECVE-2023-45871 at NVDCVE-2023-4611 at SUSECVE-2023-4611 at NVDCVE-2023-4622 at SUSECVE-2023-4622 at NVDCVE-2023-4623 at SUSECVE-2023-4623 at NVDCVE-2023-46813 at SUSECVE-2023-46813 at NVDCVE-2023-46838 at SUSECVE-2023-46838 at NVDCVE-2023-46862 at SUSECVE-2023-46862 at NVDCVE-2023-47233 at SUSECVE-2023-47233 at NVDCVE-2023-4881 at SUSECVE-2023-4881 at NVDCVE-2023-4921 at SUSECVE-2023-4921 at NVDCVE-2023-50431 at SUSECVE-2023-50431 at NVDCVE-2023-51042 at SUSECVE-2023-51042 at NVDCVE-2023-51043 at SUSECVE-2023-51043 at NVDCVE-2023-5158 at SUSECVE-2023-5158 at NVDCVE-2023-51779 at SUSECVE-2023-51779 at NVDCVE-2023-5178 at SUSECVE-2023-5178 at NVDCVE-2023-51782 at SUSECVE-2023-51782 at NVDCVE-2023-5197 at SUSECVE-2023-5197 at NVDCVE-2023-52429 at SUSECVE-2023-52429 at NVDCVE-2023-52433 at SUSECVE-2023-52433 at NVDCVE-2023-52437 at SUSECVE-2023-52437 at NVDCVE-2023-52439 at SUSECVE-2023-52439 at NVDCVE-2023-52440 at SUSECVE-2023-52440 at NVDCVE-2023-52443 at SUSECVE-2023-52443 at NVDCVE-2023-52445 at SUSECVE-2023-52445 at NVDCVE-2023-52446 at SUSECVE-2023-52446 at NVDCVE-2023-52447 at SUSECVE-2023-52447 at NVDCVE-2023-52448 at SUSECVE-2023-52448 at NVDCVE-2023-52449 at SUSECVE-2023-52449 at NVDCVE-2023-52450 at SUSECVE-2023-52450 at NVDCVE-2023-52451 at SUSECVE-2023-52451 at NVDCVE-2023-52452 at SUSECVE-2023-52452 at NVDCVE-2023-52453 at SUSECVE-2023-52453 at NVDCVE-2023-52454 at SUSECVE-2023-52454 at NVDCVE-2023-52455 at SUSECVE-2023-52455 at NVDCVE-2023-52456 at SUSECVE-2023-52456 at NVDCVE-2023-52457 at SUSECVE-2023-52457 at NVDCVE-2023-52460 at SUSECVE-2023-52460 at NVDCVE-2023-52461 at SUSECVE-2023-52461 at NVDCVE-2023-52462 at SUSECVE-2023-52462 at NVDCVE-2023-52463 at SUSECVE-2023-52463 at NVDCVE-2023-52464 at SUSECVE-2023-52464 at NVDCVE-2023-52467 at SUSECVE-2023-52467 at NVDCVE-2023-52468 at SUSECVE-2023-52468 at NVDCVE-2023-52469 at SUSECVE-2023-52469 at NVDCVE-2023-52470 at SUSECVE-2023-52470 at NVDCVE-2023-52471 at SUSECVE-2023-52471 at NVDCVE-2023-52473 at SUSECVE-2023-52473 at NVDCVE-2023-52475 at SUSECVE-2023-52475 at NVDCVE-2023-52476 at SUSECVE-2023-52476 at NVDCVE-2023-52477 at SUSECVE-2023-52477 at NVDCVE-2023-52478 at SUSECVE-2023-52478 at NVDCVE-2023-52481 at SUSECVE-2023-52481 at NVDCVE-2023-52482 at SUSECVE-2023-52482 at NVDCVE-2023-52484 at SUSECVE-2023-52484 at NVDCVE-2023-52485 at SUSECVE-2023-52485 at NVDCVE-2023-52486 at SUSECVE-2023-52486 at NVDCVE-2023-52487 at SUSECVE-2023-52487 at NVDCVE-2023-52488 at SUSECVE-2023-52488 at NVDCVE-2023-52490 at SUSECVE-2023-52490 at NVDCVE-2023-52491 at SUSECVE-2023-52491 at NVDCVE-2023-52492 at SUSECVE-2023-52492 at NVDCVE-2023-52493 at SUSECVE-2023-52493 at NVDCVE-2023-52494 at SUSECVE-2023-52494 at NVDCVE-2023-52495 at SUSECVE-2023-52495 at NVDCVE-2023-52497 at SUSECVE-2023-52497 at NVDCVE-2023-52498 at SUSECVE-2023-52498 at NVDCVE-2023-52500 at SUSECVE-2023-52500 at NVDCVE-2023-52501 at SUSECVE-2023-52501 at NVDCVE-2023-52502 at SUSECVE-2023-52502 at NVDCVE-2023-52504 at SUSECVE-2023-52504 at NVDCVE-2023-52505 at SUSECVE-2023-52505 at NVDCVE-2023-52507 at SUSECVE-2023-52507 at NVDCVE-2023-52508 at SUSECVE-2023-52508 at NVDCVE-2023-52509 at SUSECVE-2023-52509 at NVDCVE-2023-52510 at SUSECVE-2023-52510 at NVDCVE-2023-52511 at SUSECVE-2023-52511 at NVDCVE-2023-52512 at SUSECVE-2023-52512 at NVDCVE-2023-52513 at SUSECVE-2023-52513 at NVDCVE-2023-52515 at SUSECVE-2023-52515 at NVDCVE-2023-52517 at SUSECVE-2023-52517 at NVDCVE-2023-52518 at SUSECVE-2023-52518 at NVDCVE-2023-52519 at SUSECVE-2023-52519 at NVDCVE-2023-52520 at SUSECVE-2023-52520 at NVDCVE-2023-52522 at SUSECVE-2023-52522 at NVDCVE-2023-52523 at SUSECVE-2023-52523 at NVDCVE-2023-52524 at SUSECVE-2023-52524 at NVDCVE-2023-52525 at SUSECVE-2023-52525 at NVDCVE-2023-52526 at SUSECVE-2023-52526 at NVDCVE-2023-52527 at SUSECVE-2023-52527 at NVDCVE-2023-52528 at SUSECVE-2023-52528 at NVDCVE-2023-52529 at SUSECVE-2023-52529 at NVDCVE-2023-52530 at SUSECVE-2023-52530 at NVDCVE-2023-52531 at SUSECVE-2023-52531 at NVDCVE-2023-52532 at SUSECVE-2023-52532 at NVDCVE-2023-52559 at SUSECVE-2023-52559 at NVDCVE-2023-52561 at SUSECVE-2023-52561 at NVDCVE-2023-52562 at SUSECVE-2023-52562 at NVDCVE-2023-52563 at SUSECVE-2023-52563 at NVDCVE-2023-52564 at SUSECVE-2023-52564 at NVDCVE-2023-52565 at SUSECVE-2023-52565 at NVDCVE-2023-52566 at SUSECVE-2023-52566 at NVDCVE-2023-52567 at SUSECVE-2023-52567 at NVDCVE-2023-52568 at SUSECVE-2023-52568 at NVDCVE-2023-52569 at SUSECVE-2023-52569 at NVDCVE-2023-52570 at SUSECVE-2023-52570 at NVDCVE-2023-52571 at SUSECVE-2023-52571 at NVDCVE-2023-52572 at SUSECVE-2023-52572 at NVDCVE-2023-52573 at SUSECVE-2023-52573 at NVDCVE-2023-52574 at SUSECVE-2023-52574 at NVDCVE-2023-52575 at SUSECVE-2023-52575 at NVDCVE-2023-52576 at SUSECVE-2023-52576 at NVDCVE-2023-52577 at SUSECVE-2023-52577 at NVDCVE-2023-52578 at SUSECVE-2023-52578 at NVDCVE-2023-52580 at SUSECVE-2023-52580 at NVDCVE-2023-52582 at SUSECVE-2023-52582 at NVDCVE-2023-52583 at SUSECVE-2023-52583 at NVDCVE-2023-52584 at SUSECVE-2023-52584 at NVDCVE-2023-52585 at SUSECVE-2023-52585 at NVDCVE-2023-52586 at SUSECVE-2023-52586 at NVDCVE-2023-52587 at SUSECVE-2023-52587 at NVDCVE-2023-52589 at SUSECVE-2023-52589 at NVDCVE-2023-52590 at SUSECVE-2023-52590 at NVDCVE-2023-52591 at SUSECVE-2023-52591 at NVDCVE-2023-52593 at SUSECVE-2023-52593 at NVDCVE-2023-52594 at SUSECVE-2023-52594 at NVDCVE-2023-52595 at SUSECVE-2023-52595 at NVDCVE-2023-52597 at SUSECVE-2023-52597 at NVDCVE-2023-52598 at SUSECVE-2023-52598 at NVDCVE-2023-52599 at SUSECVE-2023-52599 at NVDCVE-2023-52600 at SUSECVE-2023-52600 at NVDCVE-2023-52601 at SUSECVE-2023-52601 at NVDCVE-2023-52602 at SUSECVE-2023-52602 at NVDCVE-2023-52603 at SUSECVE-2023-52603 at NVDCVE-2023-52604 at SUSECVE-2023-52604 at NVDCVE-2023-52606 at SUSECVE-2023-52606 at NVDCVE-2023-52607 at SUSECVE-2023-52607 at NVDCVE-2023-52608 at SUSECVE-2023-52608 at NVDCVE-2023-52611 at SUSECVE-2023-52611 at NVDCVE-2023-52612 at SUSECVE-2023-52612 at NVDCVE-2023-52614 at SUSECVE-2023-52614 at NVDCVE-2023-52615 at SUSECVE-2023-52615 at NVDCVE-2023-52617 at SUSECVE-2023-52617 at NVDCVE-2023-52619 at SUSECVE-2023-52619 at NVDCVE-2023-52621 at SUSECVE-2023-52621 at NVDCVE-2023-52623 at SUSECVE-2023-52623 at NVDCVE-2023-52624 at SUSECVE-2023-52624 at NVDCVE-2023-52625 at SUSECVE-2023-52625 at NVDCVE-2023-52626 at SUSECVE-2023-52626 at NVDCVE-2023-52627 at SUSECVE-2023-52627 at NVDCVE-2023-52628 at SUSECVE-2023-52628 at NVDCVE-2023-52632 at SUSECVE-2023-52632 at NVDCVE-2023-52634 at SUSECVE-2023-52634 at NVDCVE-2023-52636 at SUSECVE-2023-52636 at NVDCVE-2023-52637 at SUSECVE-2023-52637 at NVDCVE-2023-52638 at SUSECVE-2023-52638 at NVDCVE-2023-52639 at SUSECVE-2023-52639 at NVDCVE-2023-52642 at SUSECVE-2023-52642 at NVDCVE-2023-52643 at SUSECVE-2023-52643 at NVDCVE-2023-52644 at SUSECVE-2023-52644 at NVDCVE-2023-5345 at SUSECVE-2023-5345 at NVDCVE-2023-5633 at SUSECVE-2023-5633 at NVDCVE-2023-5717 at SUSECVE-2023-5717 at NVDCVE-2023-5972 at SUSECVE-2023-5972 at NVDCVE-2023-6039 at SUSECVE-2023-6039 at NVDCVE-2023-6121 at SUSECVE-2023-6121 at NVDCVE-2023-6356 at SUSECVE-2023-6356 at NVDCVE-2023-6531 at SUSECVE-2023-6531 at NVDCVE-2023-6535 at SUSECVE-2023-6535 at NVDCVE-2023-6536 at SUSECVE-2023-6536 at NVDCVE-2023-6546 at SUSECVE-2023-6546 at NVDCVE-2023-6606 at SUSECVE-2023-6606 at NVDCVE-2023-6610 at SUSECVE-2023-6610 at NVDCVE-2023-6622 at SUSECVE-2023-6622 at NVDCVE-2023-6679 at SUSECVE-2023-6679 at NVDCVE-2023-6817 at SUSECVE-2023-6817 at NVDCVE-2023-6915 at SUSECVE-2023-6915 at NVDCVE-2023-6931 at SUSECVE-2023-6931 at NVDCVE-2023-6932 at SUSECVE-2023-6932 at NVDCVE-2024-0193 at SUSECVE-2024-0193 at NVDCVE-2024-0565 at SUSECVE-2024-0565 at NVDCVE-2024-0607 at SUSECVE-2024-0607 at NVDCVE-2024-0641 at SUSECVE-2024-0641 at NVDCVE-2024-0646 at SUSECVE-2024-0646 at NVDCVE-2024-0841 at SUSECVE-2024-0841 at NVDCVE-2024-1085 at SUSECVE-2024-1085 at NVDCVE-2024-1086 at SUSECVE-2024-1086 at NVDCVE-2024-1151 at SUSECVE-2024-1151 at NVDCVE-2024-1312 at SUSECVE-2024-1312 at NVDCVE-2024-23307 at SUSECVE-2024-23307 at NVDCVE-2024-23849 at SUSECVE-2024-23849 at NVDCVE-2024-23850 at SUSECVE-2024-23850 at NVDCVE-2024-23851 at SUSECVE-2024-23851 at NVDCVE-2024-24860 at SUSECVE-2024-24860 at NVDCVE-2024-25744 at SUSECVE-2024-25744 at NVDCVE-2024-26581 at SUSECVE-2024-26581 at NVDCVE-2024-26582 at SUSECVE-2024-26582 at NVDCVE-2024-26583 at SUSECVE-2024-26583 at NVDCVE-2024-26584 at SUSECVE-2024-26584 at NVDCVE-2024-26585 at SUSECVE-2024-26585 at NVDCVE-2024-26586 at SUSECVE-2024-26586 at NVDCVE-2024-26589 at SUSECVE-2024-26589 at NVDCVE-2024-26591 at SUSECVE-2024-26591 at NVDCVE-2024-26593 at SUSECVE-2024-26593 at NVDCVE-2024-26595 at SUSECVE-2024-26595 at NVDCVE-2024-26597 at SUSECVE-2024-26597 at NVDCVE-2024-26598 at SUSECVE-2024-26598 at NVDCVE-2024-26599 at SUSECVE-2024-26599 at NVDCVE-2024-26600 at SUSECVE-2024-26600 at NVDCVE-2024-26602 at SUSECVE-2024-26602 at NVDCVE-2024-26603 at SUSECVE-2024-26603 at NVDCVE-2024-26605 at SUSECVE-2024-26605 at NVDCVE-2024-26607 at SUSECVE-2024-26607 at NVDCVE-2024-26610 at SUSECVE-2024-26610 at NVDCVE-2024-26612 at SUSECVE-2024-26612 at NVDCVE-2024-26616 at SUSECVE-2024-26616 at NVDCVE-2024-26618 at SUSECVE-2024-26618 at NVDCVE-2024-26620 at SUSECVE-2024-26620 at NVDCVE-2024-26622 at SUSECVE-2024-26622 at NVDCVE-2024-26627 at SUSECVE-2024-26627 at NVDCVE-2024-26629 at SUSECVE-2024-26629 at NVDCVE-2024-26644 at SUSECVE-2024-26644 at NVDCVE-2024-26645 at SUSECVE-2024-26645 at NVDCVE-2024-26646 at SUSECVE-2024-26646 at NVDCVE-2024-26647 at SUSECVE-2024-26647 at NVDCVE-2024-26648 at SUSECVE-2024-26648 at NVDCVE-2024-26649 at SUSECVE-2024-26649 at NVDCVE-2024-26651 at SUSECVE-2024-26651 at NVDCVE-2024-26652 at SUSECVE-2024-26652 at NVDCVE-2024-26659 at SUSECVE-2024-26659 at NVDCVE-2024-26660 at SUSECVE-2024-26660 at NVDCVE-2024-26661 at SUSECVE-2024-26661 at NVDCVE-2024-26662 at SUSECVE-2024-26662 at NVDCVE-2024-26664 at SUSECVE-2024-26664 at NVDCVE-2024-26666 at SUSECVE-2024-26666 at NVDCVE-2024-26667 at SUSECVE-2024-26667 at NVDCVE-2024-26670 at SUSECVE-2024-26670 at NVDCVE-2024-26672 at SUSECVE-2024-26672 at NVDCVE-2024-26675 at SUSECVE-2024-26675 at NVDCVE-2024-26680 at SUSECVE-2024-26680 at NVDCVE-2024-26681 at SUSECVE-2024-26681 at NVDCVE-2024-26687 at SUSECVE-2024-26687 at NVDCVE-2024-26688 at SUSECVE-2024-26688 at NVDCVE-2024-26689 at SUSECVE-2024-26689 at NVDCVE-2024-26693 at SUSECVE-2024-26693 at NVDCVE-2024-26694 at SUSECVE-2024-26694 at NVDCVE-2024-26695 at SUSECVE-2024-26695 at NVDCVE-2024-26696 at SUSECVE-2024-26696 at NVDCVE-2024-26697 at SUSECVE-2024-26697 at NVDCVE-2024-26698 at SUSECVE-2024-26698 at NVDCVE-2024-26699 at SUSECVE-2024-26699 at NVDCVE-2024-26700 at SUSECVE-2024-26700 at NVDCVE-2024-26702 at SUSECVE-2024-26702 at NVDCVE-2024-26709 at SUSECVE-2024-26709 at NVDCVE-2024-26710 at SUSECVE-2024-26710 at NVDCVE-2024-26711 at SUSECVE-2024-26711 at NVDCVE-2024-26715 at SUSECVE-2024-26715 at NVDCVE-2024-26716 at SUSECVE-2024-26716 at NVDCVE-2024-26717 at SUSECVE-2024-26717 at NVDCVE-2024-26718 at SUSECVE-2024-26718 at NVDCVE-2024-26720 at SUSECVE-2024-26720 at NVDCVE-2024-26721 at SUSECVE-2024-26721 at NVDCVE-2024-26722 at SUSECVE-2024-26722 at NVDCVE-2024-26723 at SUSECVE-2024-26723 at NVDCVE-2024-26724 at SUSECVE-2024-26724 at NVDCVE-2024-26725 at SUSECVE-2024-26725 at NVDCVE-2024-26727 at SUSECVE-2024-26727 at NVDCVE-2024-26728 at SUSECVE-2024-26728 at NVDCVE-2024-26729 at SUSECVE-2024-26729 at NVDCVE-2024-26736 at SUSECVE-2024-26736 at NVDCVE-2024-26738 at SUSECVE-2024-26738 at NVDCVE-2024-26743 at SUSECVE-2024-26743 at NVDCVE-2024-26744 at SUSECVE-2024-26744 at NVDCVE-2024-26745 at SUSECVE-2024-26745 at NVDCVE-2024-26746 at SUSECVE-2024-26746 at NVDCVE-2024-26747 at SUSECVE-2024-26747 at NVDCVE-2024-26748 at SUSECVE-2024-26748 at NVDCVE-2024-26749 at SUSECVE-2024-26749 at NVDCVE-2024-26751 at SUSECVE-2024-26751 at NVDCVE-2024-26752 at SUSECVE-2024-26752 at NVDCVE-2024-26753 at SUSECVE-2024-26753 at NVDCVE-2024-26754 at SUSECVE-2024-26754 at NVDCVE-2024-26755 at SUSECVE-2024-26755 at NVDCVE-2024-26756 at SUSECVE-2024-26756 at NVDCVE-2024-26757 at SUSECVE-2024-26757 at NVDCVE-2024-26763 at SUSECVE-2024-26763 at NVDCVE-2024-26766 at SUSECVE-2024-26766 at NVDCVE-2024-26771 at SUSECVE-2024-26771 at NVDCVE-2024-26776 at SUSECVE-2024-26776 at NVDCVE-2024-26777 at SUSECVE-2024-26777 at NVDCVE-2024-26778 at SUSECVE-2024-26778 at NVDCVE-2024-26779 at SUSECVE-2024-26779 at NVDCVE-2024-26787 at SUSECVE-2024-26787 at NVDCVE-2024-26788 at SUSECVE-2024-26788 at NVDCVE-2024-26789 at SUSECVE-2024-26789 at NVDCVE-2024-26790 at SUSECVE-2024-26790 at NVDCVE-2024-26792 at SUSECVE-2024-26792 at NVDCVE-2024-26797 at SUSECVE-2024-26797 at NVDCVE-2024-26798 at SUSECVE-2024-26798 at NVDCVE-2024-26799 at SUSECVE-2024-26799 at NVDCVE-2024-26800 at SUSECVE-2024-26800 at NVDCVE-2024-26801 at SUSECVE-2024-26801 at NVDCVE-2024-26803 at SUSECVE-2024-26803 at NVDCVE-2024-26820 at SUSECVE-2024-26820 at NVDCVE-2024-26824 at SUSECVE-2024-26824 at NVDCVE-2024-26825 at SUSECVE-2024-26825 at NVDCVE-2024-26829 at SUSECVE-2024-26829 at NVDCVE-2024-26830 at SUSECVE-2024-26830 at NVDCVE-2024-26833 at SUSECVE-2024-26833 at NVDCVE-2024-26838 at SUSECVE-2024-26838 at NVDCVE-2024-26839 at SUSECVE-2024-26839 at NVDCVE-2024-26840 at SUSECVE-2024-26840 at NVDCVE-2024-26843 at SUSECVE-2024-26843 at NVDCVE-2024-26847 at SUSECVE-2024-26847 at NVDCVE-2024-26848 at SUSECVE-2024-26848 at NVDCVE-2024-26852 at SUSECVE-2024-26852 at NVDCVE-2024-26859 at SUSECVE-2024-26859 at NVDCVE-2024-26872 at SUSECVE-2024-26872 at NVDCVE-2024-26874 at SUSECVE-2024-26874 at NVDCVE-2024-26875 at SUSECVE-2024-26875 at NVDCVE-2024-26876 at SUSECVE-2024-26876 at NVDCVE-2024-26877 at SUSECVE-2024-26877 at NVDCVE-2024-26879 at SUSECVE-2024-26879 at NVDCVE-2024-26880 at SUSECVE-2024-26880 at NVDCVE-2024-26886 at SUSECVE-2024-26886 at NVDCVE-2024-26890 at SUSECVE-2024-26890 at NVDCVE-2024-26891 at SUSECVE-2024-26891 at NVDCVE-2024-26892 at SUSECVE-2024-26892 at NVDCVE-2024-26893 at SUSECVE-2024-26893 at NVDCVE-2024-26894 at SUSECVE-2024-26894 at NVDCVE-2024-26895 at SUSECVE-2024-26895 at NVDCVE-2024-26896 at SUSECVE-2024-26896 at NVDCVE-2024-26897 at SUSECVE-2024-26897 at NVDCVE-2024-26907 at SUSECVE-2024-26907 at NVDCVE-2024-26911 at SUSECVE-2024-26911 at NVDCVE-2024-26912 at SUSECVE-2024-26912 at NVDCVE-2024-26913 at SUSECVE-2024-26913 at NVDCVE-2024-26914 at SUSECVE-2024-26914 at NVDCVE-2024-26915 at SUSECVE-2024-26915 at NVDCVE-2024-26916 at SUSECVE-2024-26916 at NVDCVE-2024-26917 at SUSECVE-2024-26917 at NVDCVE-2024-26927 at SUSECVE-2024-26927 at NVDcpe:/o:suse:sl-micro:6.0kernel-firmware-all-20240201-1.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the kernel-firmware-all-20240201-1.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-13080 at SUSECVE-2017-13080 at NVDCVE-2017-13081 at SUSECVE-2017-13081 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2019-9836 at SUSECVE-2019-9836 at NVDCVE-2021-26312 at SUSECVE-2021-26312 at NVDCVE-2021-26339 at SUSECVE-2021-26339 at NVDCVE-2021-26342 at SUSECVE-2021-26342 at NVDCVE-2021-26345 at SUSECVE-2021-26345 at NVDCVE-2021-26347 at SUSECVE-2021-26347 at NVDCVE-2021-26348 at SUSECVE-2021-26348 at NVDCVE-2021-26349 at SUSECVE-2021-26349 at NVDCVE-2021-26350 at SUSECVE-2021-26350 at NVDCVE-2021-26364 at SUSECVE-2021-26364 at NVDCVE-2021-26372 at SUSECVE-2021-26372 at NVDCVE-2021-26373 at SUSECVE-2021-26373 at NVDCVE-2021-26375 at SUSECVE-2021-26375 at NVDCVE-2021-26376 at SUSECVE-2021-26376 at NVDCVE-2021-26378 at SUSECVE-2021-26378 at NVDCVE-2021-26388 at SUSECVE-2021-26388 at NVDCVE-2021-33139 at SUSECVE-2021-33139 at NVDCVE-2021-33155 at SUSECVE-2021-33155 at NVDCVE-2021-46744 at SUSECVE-2021-46744 at NVDCVE-2021-46766 at SUSECVE-2021-46766 at NVDCVE-2021-46774 at SUSECVE-2021-46774 at NVDCVE-2022-23820 at SUSECVE-2022-23820 at NVDCVE-2022-23830 at SUSECVE-2022-23830 at NVDCVE-2023-20519 at SUSECVE-2023-20519 at NVDCVE-2023-20521 at SUSECVE-2023-20521 at NVDCVE-2023-20526 at SUSECVE-2023-20526 at NVDCVE-2023-20533 at SUSECVE-2023-20533 at NVDCVE-2023-20566 at SUSECVE-2023-20566 at NVDCVE-2023-20569 at SUSECVE-2023-20569 at NVDCVE-2023-20592 at SUSECVE-2023-20592 at NVDCVE-2023-20593 at SUSECVE-2023-20593 at NVDcpe:/o:suse:sl-micro:6.0kernel-rt-6.4.0-8.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the kernel-rt-6.4.0-8.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-3695 at SUSECVE-2016-3695 at NVDCVE-2020-26555 at SUSECVE-2020-26555 at NVDCVE-2022-40982 at SUSECVE-2022-40982 at NVDCVE-2022-48628 at SUSECVE-2022-48628 at NVDCVE-2023-1192 at SUSECVE-2023-1192 at NVDCVE-2023-1206 at SUSECVE-2023-1206 at NVDCVE-2023-20569 at SUSECVE-2023-20569 at NVDCVE-2023-20593 at SUSECVE-2023-20593 at NVDCVE-2023-25775 at SUSECVE-2023-25775 at NVDCVE-2023-28746 at SUSECVE-2023-28746 at NVDCVE-2023-31085 at SUSECVE-2023-31085 at NVDCVE-2023-31248 at SUSECVE-2023-31248 at NVDCVE-2023-3269 at SUSECVE-2023-3269 at NVDCVE-2023-34319 at SUSECVE-2023-34319 at NVDCVE-2023-35001 at SUSECVE-2023-35001 at NVDCVE-2023-35827 at SUSECVE-2023-35827 at NVDCVE-2023-3611 at SUSECVE-2023-3611 at NVDCVE-2023-37453 at SUSECVE-2023-37453 at NVDCVE-2023-3772 at SUSECVE-2023-3772 at NVDCVE-2023-3773 at SUSECVE-2023-3773 at NVDCVE-2023-3776 at SUSECVE-2023-3776 at NVDCVE-2023-3863 at SUSECVE-2023-3863 at NVDCVE-2023-39189 at SUSECVE-2023-39189 at NVDCVE-2023-39192 at SUSECVE-2023-39192 at NVDCVE-2023-39193 at SUSECVE-2023-39193 at NVDCVE-2023-39197 at SUSECVE-2023-39197 at NVDCVE-2023-39198 at SUSECVE-2023-39198 at NVDCVE-2023-4004 at SUSECVE-2023-4004 at NVDCVE-2023-40283 at SUSECVE-2023-40283 at NVDCVE-2023-4128 at SUSECVE-2023-4128 at NVDCVE-2023-4134 at SUSECVE-2023-4134 at NVDCVE-2023-4147 at SUSECVE-2023-4147 at NVDCVE-2023-4155 at SUSECVE-2023-4155 at NVDCVE-2023-4194 at SUSECVE-2023-4194 at NVDCVE-2023-4244 at SUSECVE-2023-4244 at NVDCVE-2023-4273 at SUSECVE-2023-4273 at NVDCVE-2023-42752 at SUSECVE-2023-42752 at NVDCVE-2023-42753 at SUSECVE-2023-42753 at NVDCVE-2023-42754 at SUSECVE-2023-42754 at NVDCVE-2023-42756 at SUSECVE-2023-42756 at NVDCVE-2023-4563 at SUSECVE-2023-4563 at NVDCVE-2023-45871 at SUSECVE-2023-45871 at NVDCVE-2023-4611 at SUSECVE-2023-4611 at NVDCVE-2023-4622 at SUSECVE-2023-4622 at NVDCVE-2023-4623 at SUSECVE-2023-4623 at NVDCVE-2023-46813 at SUSECVE-2023-46813 at NVDCVE-2023-46838 at SUSECVE-2023-46838 at NVDCVE-2023-46862 at SUSECVE-2023-46862 at NVDCVE-2023-47233 at SUSECVE-2023-47233 at NVDCVE-2023-4881 at SUSECVE-2023-4881 at NVDCVE-2023-4921 at SUSECVE-2023-4921 at NVDCVE-2023-50431 at SUSECVE-2023-50431 at NVDCVE-2023-51042 at SUSECVE-2023-51042 at NVDCVE-2023-51043 at SUSECVE-2023-51043 at NVDCVE-2023-5158 at SUSECVE-2023-5158 at NVDCVE-2023-51779 at SUSECVE-2023-51779 at NVDCVE-2023-5178 at SUSECVE-2023-5178 at NVDCVE-2023-51782 at SUSECVE-2023-51782 at NVDCVE-2023-5197 at SUSECVE-2023-5197 at NVDCVE-2023-52429 at SUSECVE-2023-52429 at NVDCVE-2023-52433 at SUSECVE-2023-52433 at NVDCVE-2023-52437 at SUSECVE-2023-52437 at NVDCVE-2023-52439 at SUSECVE-2023-52439 at NVDCVE-2023-52440 at SUSECVE-2023-52440 at NVDCVE-2023-52443 at SUSECVE-2023-52443 at NVDCVE-2023-52445 at SUSECVE-2023-52445 at NVDCVE-2023-52446 at SUSECVE-2023-52446 at NVDCVE-2023-52447 at SUSECVE-2023-52447 at NVDCVE-2023-52448 at SUSECVE-2023-52448 at NVDCVE-2023-52449 at SUSECVE-2023-52449 at NVDCVE-2023-52450 at SUSECVE-2023-52450 at NVDCVE-2023-52451 at SUSECVE-2023-52451 at NVDCVE-2023-52452 at SUSECVE-2023-52452 at NVDCVE-2023-52453 at SUSECVE-2023-52453 at NVDCVE-2023-52454 at SUSECVE-2023-52454 at NVDCVE-2023-52455 at SUSECVE-2023-52455 at NVDCVE-2023-52456 at SUSECVE-2023-52456 at NVDCVE-2023-52457 at SUSECVE-2023-52457 at NVDCVE-2023-52458 at SUSECVE-2023-52458 at NVDCVE-2023-52460 at SUSECVE-2023-52460 at NVDCVE-2023-52461 at SUSECVE-2023-52461 at NVDCVE-2023-52462 at SUSECVE-2023-52462 at NVDCVE-2023-52463 at SUSECVE-2023-52463 at NVDCVE-2023-52464 at SUSECVE-2023-52464 at NVDCVE-2023-52467 at SUSECVE-2023-52467 at NVDCVE-2023-52468 at SUSECVE-2023-52468 at NVDCVE-2023-52469 at SUSECVE-2023-52469 at NVDCVE-2023-52470 at SUSECVE-2023-52470 at NVDCVE-2023-52471 at SUSECVE-2023-52471 at NVDCVE-2023-52473 at SUSECVE-2023-52473 at NVDCVE-2023-52475 at SUSECVE-2023-52475 at NVDCVE-2023-52476 at SUSECVE-2023-52476 at NVDCVE-2023-52477 at SUSECVE-2023-52477 at NVDCVE-2023-52478 at SUSECVE-2023-52478 at NVDCVE-2023-52481 at SUSECVE-2023-52481 at NVDCVE-2023-52482 at SUSECVE-2023-52482 at NVDCVE-2023-52484 at SUSECVE-2023-52484 at NVDCVE-2023-52485 at SUSECVE-2023-52485 at NVDCVE-2023-52486 at SUSECVE-2023-52486 at NVDCVE-2023-52487 at SUSECVE-2023-52487 at NVDCVE-2023-52488 at SUSECVE-2023-52488 at NVDCVE-2023-52490 at SUSECVE-2023-52490 at NVDCVE-2023-52491 at SUSECVE-2023-52491 at NVDCVE-2023-52492 at SUSECVE-2023-52492 at NVDCVE-2023-52493 at SUSECVE-2023-52493 at NVDCVE-2023-52494 at SUSECVE-2023-52494 at NVDCVE-2023-52495 at SUSECVE-2023-52495 at NVDCVE-2023-52497 at SUSECVE-2023-52497 at NVDCVE-2023-52498 at SUSECVE-2023-52498 at NVDCVE-2023-52500 at SUSECVE-2023-52500 at NVDCVE-2023-52501 at SUSECVE-2023-52501 at NVDCVE-2023-52502 at SUSECVE-2023-52502 at NVDCVE-2023-52503 at SUSECVE-2023-52503 at NVDCVE-2023-52504 at SUSECVE-2023-52504 at NVDCVE-2023-52505 at SUSECVE-2023-52505 at NVDCVE-2023-52507 at SUSECVE-2023-52507 at NVDCVE-2023-52508 at SUSECVE-2023-52508 at NVDCVE-2023-52509 at SUSECVE-2023-52509 at NVDCVE-2023-52510 at SUSECVE-2023-52510 at NVDCVE-2023-52511 at SUSECVE-2023-52511 at NVDCVE-2023-52512 at SUSECVE-2023-52512 at NVDCVE-2023-52513 at SUSECVE-2023-52513 at NVDCVE-2023-52515 at SUSECVE-2023-52515 at NVDCVE-2023-52517 at SUSECVE-2023-52517 at NVDCVE-2023-52518 at SUSECVE-2023-52518 at NVDCVE-2023-52519 at SUSECVE-2023-52519 at NVDCVE-2023-52520 at SUSECVE-2023-52520 at NVDCVE-2023-52522 at SUSECVE-2023-52522 at NVDCVE-2023-52523 at SUSECVE-2023-52523 at NVDCVE-2023-52524 at SUSECVE-2023-52524 at NVDCVE-2023-52525 at SUSECVE-2023-52525 at NVDCVE-2023-52526 at SUSECVE-2023-52526 at NVDCVE-2023-52527 at SUSECVE-2023-52527 at NVDCVE-2023-52528 at SUSECVE-2023-52528 at NVDCVE-2023-52529 at SUSECVE-2023-52529 at NVDCVE-2023-52530 at SUSECVE-2023-52530 at NVDCVE-2023-52531 at SUSECVE-2023-52531 at NVDCVE-2023-52532 at SUSECVE-2023-52532 at NVDCVE-2023-52559 at SUSECVE-2023-52559 at NVDCVE-2023-52561 at SUSECVE-2023-52561 at NVDCVE-2023-52562 at SUSECVE-2023-52562 at NVDCVE-2023-52563 at SUSECVE-2023-52563 at NVDCVE-2023-52564 at SUSECVE-2023-52564 at NVDCVE-2023-52565 at SUSECVE-2023-52565 at NVDCVE-2023-52566 at SUSECVE-2023-52566 at NVDCVE-2023-52567 at SUSECVE-2023-52567 at NVDCVE-2023-52568 at SUSECVE-2023-52568 at NVDCVE-2023-52569 at SUSECVE-2023-52569 at NVDCVE-2023-52570 at SUSECVE-2023-52570 at NVDCVE-2023-52571 at SUSECVE-2023-52571 at NVDCVE-2023-52572 at SUSECVE-2023-52572 at NVDCVE-2023-52573 at SUSECVE-2023-52573 at NVDCVE-2023-52574 at SUSECVE-2023-52574 at NVDCVE-2023-52575 at SUSECVE-2023-52575 at NVDCVE-2023-52576 at SUSECVE-2023-52576 at NVDCVE-2023-52577 at SUSECVE-2023-52577 at NVDCVE-2023-52578 at SUSECVE-2023-52578 at NVDCVE-2023-52580 at SUSECVE-2023-52580 at NVDCVE-2023-52582 at SUSECVE-2023-52582 at NVDCVE-2023-52583 at SUSECVE-2023-52583 at NVDCVE-2023-52584 at SUSECVE-2023-52584 at NVDCVE-2023-52585 at SUSECVE-2023-52585 at NVDCVE-2023-52586 at SUSECVE-2023-52586 at NVDCVE-2023-52587 at SUSECVE-2023-52587 at NVDCVE-2023-52589 at SUSECVE-2023-52589 at NVDCVE-2023-52590 at SUSECVE-2023-52590 at NVDCVE-2023-52591 at SUSECVE-2023-52591 at NVDCVE-2023-52593 at SUSECVE-2023-52593 at NVDCVE-2023-52594 at SUSECVE-2023-52594 at NVDCVE-2023-52595 at SUSECVE-2023-52595 at NVDCVE-2023-52597 at SUSECVE-2023-52597 at NVDCVE-2023-52598 at SUSECVE-2023-52598 at NVDCVE-2023-52599 at SUSECVE-2023-52599 at NVDCVE-2023-52600 at SUSECVE-2023-52600 at NVDCVE-2023-52601 at SUSECVE-2023-52601 at NVDCVE-2023-52602 at SUSECVE-2023-52602 at NVDCVE-2023-52603 at SUSECVE-2023-52603 at NVDCVE-2023-52604 at SUSECVE-2023-52604 at NVDCVE-2023-52606 at SUSECVE-2023-52606 at NVDCVE-2023-52607 at SUSECVE-2023-52607 at NVDCVE-2023-52608 at SUSECVE-2023-52608 at NVDCVE-2023-52611 at SUSECVE-2023-52611 at NVDCVE-2023-52612 at SUSECVE-2023-52612 at NVDCVE-2023-52614 at SUSECVE-2023-52614 at NVDCVE-2023-52615 at SUSECVE-2023-52615 at NVDCVE-2023-52617 at SUSECVE-2023-52617 at NVDCVE-2023-52619 at SUSECVE-2023-52619 at NVDCVE-2023-52621 at SUSECVE-2023-52621 at NVDCVE-2023-52623 at SUSECVE-2023-52623 at NVDCVE-2023-52624 at SUSECVE-2023-52624 at NVDCVE-2023-52625 at SUSECVE-2023-52625 at NVDCVE-2023-52626 at SUSECVE-2023-52626 at NVDCVE-2023-52627 at SUSECVE-2023-52627 at NVDCVE-2023-52628 at SUSECVE-2023-52628 at NVDCVE-2023-52631 at SUSECVE-2023-52631 at NVDCVE-2023-52632 at SUSECVE-2023-52632 at NVDCVE-2023-52634 at SUSECVE-2023-52634 at NVDCVE-2023-52636 at SUSECVE-2023-52636 at NVDCVE-2023-52637 at SUSECVE-2023-52637 at NVDCVE-2023-52638 at SUSECVE-2023-52638 at NVDCVE-2023-52639 at SUSECVE-2023-52639 at NVDCVE-2023-52640 at SUSECVE-2023-52640 at NVDCVE-2023-52642 at SUSECVE-2023-52642 at NVDCVE-2023-52643 at SUSECVE-2023-52643 at NVDCVE-2023-52644 at SUSECVE-2023-52644 at NVDCVE-2023-52645 at SUSECVE-2023-52645 at NVDCVE-2023-5345 at SUSECVE-2023-5345 at NVDCVE-2023-5633 at SUSECVE-2023-5633 at NVDCVE-2023-5717 at SUSECVE-2023-5717 at NVDCVE-2023-5972 at SUSECVE-2023-5972 at NVDCVE-2023-6039 at SUSECVE-2023-6039 at NVDCVE-2023-6121 at SUSECVE-2023-6121 at NVDCVE-2023-6270 at SUSECVE-2023-6270 at NVDCVE-2023-6356 at SUSECVE-2023-6356 at NVDCVE-2023-6531 at SUSECVE-2023-6531 at NVDCVE-2023-6535 at SUSECVE-2023-6535 at NVDCVE-2023-6536 at SUSECVE-2023-6536 at NVDCVE-2023-6546 at SUSECVE-2023-6546 at NVDCVE-2023-6606 at SUSECVE-2023-6606 at NVDCVE-2023-6610 at SUSECVE-2023-6610 at NVDCVE-2023-6622 at SUSECVE-2023-6622 at NVDCVE-2023-6679 at SUSECVE-2023-6679 at NVDCVE-2023-6817 at SUSECVE-2023-6817 at NVDCVE-2023-6915 at SUSECVE-2023-6915 at NVDCVE-2023-6931 at SUSECVE-2023-6931 at NVDCVE-2023-6932 at SUSECVE-2023-6932 at NVDCVE-2023-7042 at SUSECVE-2023-7042 at NVDCVE-2024-0193 at SUSECVE-2024-0193 at NVDCVE-2024-0565 at SUSECVE-2024-0565 at NVDCVE-2024-0607 at SUSECVE-2024-0607 at NVDCVE-2024-0641 at SUSECVE-2024-0641 at NVDCVE-2024-0646 at SUSECVE-2024-0646 at NVDCVE-2024-0841 at SUSECVE-2024-0841 at NVDCVE-2024-1085 at SUSECVE-2024-1085 at NVDCVE-2024-1086 at SUSECVE-2024-1086 at NVDCVE-2024-1151 at SUSECVE-2024-1151 at NVDCVE-2024-1312 at SUSECVE-2024-1312 at NVDCVE-2024-22099 at SUSECVE-2024-22099 at NVDCVE-2024-23307 at SUSECVE-2024-23307 at NVDCVE-2024-23849 at SUSECVE-2024-23849 at NVDCVE-2024-23850 at SUSECVE-2024-23850 at NVDCVE-2024-23851 at SUSECVE-2024-23851 at NVDCVE-2024-24860 at SUSECVE-2024-24860 at NVDCVE-2024-24861 at SUSECVE-2024-24861 at NVDCVE-2024-25739 at SUSECVE-2024-25739 at NVDCVE-2024-25744 at SUSECVE-2024-25744 at NVDCVE-2024-26581 at SUSECVE-2024-26581 at NVDCVE-2024-26583 at SUSECVE-2024-26583 at NVDCVE-2024-26584 at SUSECVE-2024-26584 at NVDCVE-2024-26585 at SUSECVE-2024-26585 at NVDCVE-2024-26586 at SUSECVE-2024-26586 at NVDCVE-2024-26589 at SUSECVE-2024-26589 at NVDCVE-2024-26591 at SUSECVE-2024-26591 at NVDCVE-2024-26593 at SUSECVE-2024-26593 at NVDCVE-2024-26595 at SUSECVE-2024-26595 at NVDCVE-2024-26597 at SUSECVE-2024-26597 at NVDCVE-2024-26598 at SUSECVE-2024-26598 at NVDCVE-2024-26599 at SUSECVE-2024-26599 at NVDCVE-2024-26600 at SUSECVE-2024-26600 at NVDCVE-2024-26601 at SUSECVE-2024-26601 at NVDCVE-2024-26602 at SUSECVE-2024-26602 at NVDCVE-2024-26603 at SUSECVE-2024-26603 at NVDCVE-2024-26605 at SUSECVE-2024-26605 at NVDCVE-2024-26607 at SUSECVE-2024-26607 at NVDCVE-2024-26610 at SUSECVE-2024-26610 at NVDCVE-2024-26612 at SUSECVE-2024-26612 at NVDCVE-2024-26614 at SUSECVE-2024-26614 at NVDCVE-2024-26616 at SUSECVE-2024-26616 at NVDCVE-2024-26618 at SUSECVE-2024-26618 at NVDCVE-2024-26620 at SUSECVE-2024-26620 at NVDCVE-2024-26622 at SUSECVE-2024-26622 at NVDCVE-2024-26627 at SUSECVE-2024-26627 at NVDCVE-2024-26629 at SUSECVE-2024-26629 at NVDCVE-2024-26642 at SUSECVE-2024-26642 at NVDCVE-2024-26644 at SUSECVE-2024-26644 at NVDCVE-2024-26645 at SUSECVE-2024-26645 at NVDCVE-2024-26646 at SUSECVE-2024-26646 at NVDCVE-2024-26647 at SUSECVE-2024-26647 at NVDCVE-2024-26648 at SUSECVE-2024-26648 at NVDCVE-2024-26649 at SUSECVE-2024-26649 at NVDCVE-2024-26651 at SUSECVE-2024-26651 at NVDCVE-2024-26652 at SUSECVE-2024-26652 at NVDCVE-2024-26654 at SUSECVE-2024-26654 at NVDCVE-2024-26656 at SUSECVE-2024-26656 at NVDCVE-2024-26657 at SUSECVE-2024-26657 at NVDCVE-2024-26659 at SUSECVE-2024-26659 at NVDCVE-2024-26660 at SUSECVE-2024-26660 at NVDCVE-2024-26661 at SUSECVE-2024-26661 at NVDCVE-2024-26662 at SUSECVE-2024-26662 at NVDCVE-2024-26664 at SUSECVE-2024-26664 at NVDCVE-2024-26666 at SUSECVE-2024-26666 at NVDCVE-2024-26667 at SUSECVE-2024-26667 at NVDCVE-2024-26670 at SUSECVE-2024-26670 at NVDCVE-2024-26672 at SUSECVE-2024-26672 at NVDCVE-2024-26675 at SUSECVE-2024-26675 at NVDCVE-2024-26680 at SUSECVE-2024-26680 at NVDCVE-2024-26681 at SUSECVE-2024-26681 at NVDCVE-2024-26684 at SUSECVE-2024-26684 at NVDCVE-2024-26685 at SUSECVE-2024-26685 at NVDCVE-2024-26687 at SUSECVE-2024-26687 at NVDCVE-2024-26688 at SUSECVE-2024-26688 at NVDCVE-2024-26689 at SUSECVE-2024-26689 at NVDCVE-2024-26693 at SUSECVE-2024-26693 at NVDCVE-2024-26694 at SUSECVE-2024-26694 at NVDCVE-2024-26695 at SUSECVE-2024-26695 at NVDCVE-2024-26696 at SUSECVE-2024-26696 at NVDCVE-2024-26697 at SUSECVE-2024-26697 at NVDCVE-2024-26698 at SUSECVE-2024-26698 at NVDCVE-2024-26699 at SUSECVE-2024-26699 at NVDCVE-2024-26700 at SUSECVE-2024-26700 at NVDCVE-2024-26702 at SUSECVE-2024-26702 at NVDCVE-2024-26704 at SUSECVE-2024-26704 at NVDCVE-2024-26709 at SUSECVE-2024-26709 at NVDCVE-2024-26710 at SUSECVE-2024-26710 at NVDCVE-2024-26711 at SUSECVE-2024-26711 at NVDCVE-2024-26714 at SUSECVE-2024-26714 at NVDCVE-2024-26715 at SUSECVE-2024-26715 at NVDCVE-2024-26716 at SUSECVE-2024-26716 at NVDCVE-2024-26717 at SUSECVE-2024-26717 at NVDCVE-2024-26718 at SUSECVE-2024-26718 at NVDCVE-2024-26720 at SUSECVE-2024-26720 at NVDCVE-2024-26721 at SUSECVE-2024-26721 at NVDCVE-2024-26722 at SUSECVE-2024-26722 at NVDCVE-2024-26723 at SUSECVE-2024-26723 at NVDCVE-2024-26724 at SUSECVE-2024-26724 at NVDCVE-2024-26725 at SUSECVE-2024-26725 at NVDCVE-2024-26727 at SUSECVE-2024-26727 at NVDCVE-2024-26728 at SUSECVE-2024-26728 at NVDCVE-2024-26729 at SUSECVE-2024-26729 at NVDCVE-2024-26731 at SUSECVE-2024-26731 at NVDCVE-2024-26733 at SUSECVE-2024-26733 at NVDCVE-2024-26736 at SUSECVE-2024-26736 at NVDCVE-2024-26737 at SUSECVE-2024-26737 at NVDCVE-2024-26738 at SUSECVE-2024-26738 at NVDCVE-2024-26740 at SUSECVE-2024-26740 at NVDCVE-2024-26743 at SUSECVE-2024-26743 at NVDCVE-2024-26744 at SUSECVE-2024-26744 at NVDCVE-2024-26745 at SUSECVE-2024-26745 at NVDCVE-2024-26746 at SUSECVE-2024-26746 at NVDCVE-2024-26747 at SUSECVE-2024-26747 at NVDCVE-2024-26748 at SUSECVE-2024-26748 at NVDCVE-2024-26749 at SUSECVE-2024-26749 at NVDCVE-2024-26751 at SUSECVE-2024-26751 at NVDCVE-2024-26752 at SUSECVE-2024-26752 at NVDCVE-2024-26753 at SUSECVE-2024-26753 at NVDCVE-2024-26754 at SUSECVE-2024-26754 at NVDCVE-2024-26755 at SUSECVE-2024-26755 at NVDCVE-2024-26756 at SUSECVE-2024-26756 at NVDCVE-2024-26757 at SUSECVE-2024-26757 at NVDCVE-2024-26763 at SUSECVE-2024-26763 at NVDCVE-2024-26764 at SUSECVE-2024-26764 at NVDCVE-2024-26766 at SUSECVE-2024-26766 at NVDCVE-2024-26769 at SUSECVE-2024-26769 at NVDCVE-2024-26771 at SUSECVE-2024-26771 at NVDCVE-2024-26773 at SUSECVE-2024-26773 at NVDCVE-2024-26774 at SUSECVE-2024-26774 at NVDCVE-2024-26776 at SUSECVE-2024-26776 at NVDCVE-2024-26777 at SUSECVE-2024-26777 at NVDCVE-2024-26778 at SUSECVE-2024-26778 at NVDCVE-2024-26779 at SUSECVE-2024-26779 at NVDCVE-2024-26787 at SUSECVE-2024-26787 at NVDCVE-2024-26788 at SUSECVE-2024-26788 at NVDCVE-2024-26789 at SUSECVE-2024-26789 at NVDCVE-2024-26790 at SUSECVE-2024-26790 at NVDCVE-2024-26792 at SUSECVE-2024-26792 at NVDCVE-2024-26793 at SUSECVE-2024-26793 at NVDCVE-2024-26797 at SUSECVE-2024-26797 at NVDCVE-2024-26798 at SUSECVE-2024-26798 at NVDCVE-2024-26799 at SUSECVE-2024-26799 at NVDCVE-2024-26800 at SUSECVE-2024-26800 at NVDCVE-2024-26801 at SUSECVE-2024-26801 at NVDCVE-2024-26802 at SUSECVE-2024-26802 at NVDCVE-2024-26803 at SUSECVE-2024-26803 at NVDCVE-2024-26805 at SUSECVE-2024-26805 at NVDCVE-2024-26807 at SUSECVE-2024-26807 at NVDCVE-2024-26815 at SUSECVE-2024-26815 at NVDCVE-2024-26820 at SUSECVE-2024-26820 at NVDCVE-2024-26824 at SUSECVE-2024-26824 at NVDCVE-2024-26825 at SUSECVE-2024-26825 at NVDCVE-2024-26829 at SUSECVE-2024-26829 at NVDCVE-2024-26830 at SUSECVE-2024-26830 at NVDCVE-2024-26833 at SUSECVE-2024-26833 at NVDCVE-2024-26836 at SUSECVE-2024-26836 at NVDCVE-2024-26838 at SUSECVE-2024-26838 at NVDCVE-2024-26839 at SUSECVE-2024-26839 at NVDCVE-2024-26840 at SUSECVE-2024-26840 at NVDCVE-2024-26843 at SUSECVE-2024-26843 at NVDCVE-2024-26844 at SUSECVE-2024-26844 at NVDCVE-2024-26847 at SUSECVE-2024-26847 at NVDCVE-2024-26848 at SUSECVE-2024-26848 at NVDCVE-2024-26859 at SUSECVE-2024-26859 at NVDCVE-2024-26872 at SUSECVE-2024-26872 at NVDCVE-2024-26874 at SUSECVE-2024-26874 at NVDCVE-2024-26875 at SUSECVE-2024-26875 at NVDCVE-2024-26876 at SUSECVE-2024-26876 at NVDCVE-2024-26879 at SUSECVE-2024-26879 at NVDCVE-2024-26882 at SUSECVE-2024-26882 at NVDCVE-2024-26886 at SUSECVE-2024-26886 at NVDCVE-2024-26891 at SUSECVE-2024-26891 at NVDCVE-2024-26894 at SUSECVE-2024-26894 at NVDCVE-2024-26896 at SUSECVE-2024-26896 at NVDCVE-2024-26911 at SUSECVE-2024-26911 at NVDCVE-2024-26912 at SUSECVE-2024-26912 at NVDCVE-2024-26917 at SUSECVE-2024-26917 at NVDcpe:/o:suse:sl-micro:6.0kpartx-0.9.6+71+suse.f07325e-1.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the kpartx-0.9.6+71+suse.f07325e-1.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-41973 at SUSECVE-2022-41973 at NVDCVE-2022-41974 at SUSECVE-2022-41974 at NVDcpe:/o:suse:sl-micro:6.0krb5-1.20.1-4.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the krb5-1.20.1-4.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2002-2443 at SUSECVE-2002-2443 at NVDCVE-2006-6143 at SUSECVE-2006-6143 at NVDCVE-2006-6144 at SUSECVE-2006-6144 at NVDCVE-2007-0956 at SUSECVE-2007-0956 at NVDCVE-2007-0957 at SUSECVE-2007-0957 at NVDCVE-2007-1216 at SUSECVE-2007-1216 at NVDCVE-2007-2442 at SUSECVE-2007-2442 at NVDCVE-2007-2443 at SUSECVE-2007-2443 at NVDCVE-2007-2798 at SUSECVE-2007-2798 at NVDCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDCVE-2007-5894 at SUSECVE-2007-5894 at NVDCVE-2007-5902 at SUSECVE-2007-5902 at NVDCVE-2007-5971 at SUSECVE-2007-5971 at NVDCVE-2007-5972 at SUSECVE-2007-5972 at NVDCVE-2008-0062 at SUSECVE-2008-0062 at NVDCVE-2008-0063 at SUSECVE-2008-0063 at NVDCVE-2008-0947 at SUSECVE-2008-0947 at NVDCVE-2008-0948 at SUSECVE-2008-0948 at NVDCVE-2009-0844 at SUSECVE-2009-0844 at NVDCVE-2009-0845 at SUSECVE-2009-0845 at NVDCVE-2009-0846 at SUSECVE-2009-0846 at NVDCVE-2009-0847 at SUSECVE-2009-0847 at NVDCVE-2009-3295 at SUSECVE-2009-3295 at NVDCVE-2009-4212 at SUSECVE-2009-4212 at NVDCVE-2010-0283 at SUSECVE-2010-0283 at NVDCVE-2010-0628 at SUSECVE-2010-0628 at NVDCVE-2010-1320 at SUSECVE-2010-1320 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-1322 at SUSECVE-2010-1322 at NVDCVE-2010-1323 at SUSECVE-2010-1323 at NVDCVE-2010-1324 at SUSECVE-2010-1324 at NVDCVE-2010-4020 at SUSECVE-2010-4020 at NVDCVE-2010-4021 at SUSECVE-2010-4021 at NVDCVE-2010-4022 at SUSECVE-2010-4022 at NVDCVE-2011-0281 at SUSECVE-2011-0281 at NVDCVE-2011-0282 at SUSECVE-2011-0282 at NVDCVE-2011-0284 at SUSECVE-2011-0284 at NVDCVE-2011-0285 at SUSECVE-2011-0285 at NVDCVE-2011-1527 at SUSECVE-2011-1527 at NVDCVE-2011-1528 at SUSECVE-2011-1528 at NVDCVE-2011-1529 at SUSECVE-2011-1529 at NVDCVE-2011-1530 at SUSECVE-2011-1530 at NVDCVE-2012-1012 at SUSECVE-2012-1012 at NVDCVE-2012-1013 at SUSECVE-2012-1013 at NVDCVE-2012-1016 at SUSECVE-2012-1016 at NVDCVE-2013-1415 at SUSECVE-2013-1415 at NVDCVE-2013-1417 at SUSECVE-2013-1417 at NVDCVE-2013-1418 at SUSECVE-2013-1418 at NVDCVE-2014-4341 at SUSECVE-2014-4341 at NVDCVE-2014-4342 at SUSECVE-2014-4342 at NVDCVE-2014-4343 at SUSECVE-2014-4343 at NVDCVE-2014-4344 at SUSECVE-2014-4344 at NVDCVE-2014-4345 at SUSECVE-2014-4345 at NVDCVE-2014-5351 at SUSECVE-2014-5351 at NVDCVE-2014-5352 at SUSECVE-2014-5352 at NVDCVE-2014-5353 at SUSECVE-2014-5353 at NVDCVE-2014-5354 at SUSECVE-2014-5354 at NVDCVE-2014-5355 at SUSECVE-2014-5355 at NVDCVE-2014-9421 at SUSECVE-2014-9421 at NVDCVE-2014-9422 at SUSECVE-2014-9422 at NVDCVE-2014-9423 at SUSECVE-2014-9423 at NVDCVE-2015-2694 at SUSECVE-2015-2694 at NVDCVE-2015-2695 at SUSECVE-2015-2695 at NVDCVE-2015-2696 at SUSECVE-2015-2696 at NVDCVE-2015-2697 at SUSECVE-2015-2697 at NVDCVE-2015-2698 at SUSECVE-2015-2698 at NVDCVE-2015-8629 at SUSECVE-2015-8629 at NVDCVE-2015-8630 at SUSECVE-2015-8630 at NVDCVE-2015-8631 at SUSECVE-2015-8631 at NVDCVE-2016-3119 at SUSECVE-2016-3119 at NVDCVE-2016-3120 at SUSECVE-2016-3120 at NVDCVE-2017-11368 at SUSECVE-2017-11368 at NVDCVE-2017-11462 at SUSECVE-2017-11462 at NVDCVE-2018-20217 at SUSECVE-2018-20217 at NVDCVE-2018-5729 at SUSECVE-2018-5729 at NVDCVE-2018-5730 at SUSECVE-2018-5730 at NVDCVE-2020-28196 at SUSECVE-2020-28196 at NVDCVE-2021-36222 at SUSECVE-2021-36222 at NVDCVE-2021-37750 at SUSECVE-2021-37750 at NVDCVE-2022-42898 at SUSECVE-2022-42898 at NVDCVE-2023-36054 at SUSECVE-2023-36054 at NVDcpe:/o:suse:sl-micro:6.0kubevirt-manifests-1.1.1-2.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the kubevirt-manifests-1.1.1-2.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2021-43565 at SUSECVE-2021-43565 at NVDCVE-2023-26484 at SUSECVE-2023-26484 at NVDCVE-2023-44487 at SUSECVE-2023-44487 at NVDcpe:/o:suse:sl-micro:6.0less-633-2.72 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the less-633-2.72 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-9488 at SUSECVE-2014-9488 at NVDCVE-2022-46663 at SUSECVE-2022-46663 at NVDcpe:/o:suse:sl-micro:6.0libX11-6-1.8.7-2.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libX11-6-1.8.7-2.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-1981 at SUSECVE-2013-1981 at NVDCVE-2013-1997 at SUSECVE-2013-1997 at NVDCVE-2013-2004 at SUSECVE-2013-2004 at NVDCVE-2018-14598 at SUSECVE-2018-14598 at NVDCVE-2018-14599 at SUSECVE-2018-14599 at NVDCVE-2018-14600 at SUSECVE-2018-14600 at NVDCVE-2020-14344 at SUSECVE-2020-14344 at NVDCVE-2020-14363 at SUSECVE-2020-14363 at NVDCVE-2021-31535 at SUSECVE-2021-31535 at NVDCVE-2022-3554 at SUSECVE-2022-3554 at NVDCVE-2022-3555 at SUSECVE-2022-3555 at NVDCVE-2023-3138 at SUSECVE-2023-3138 at NVDCVE-2023-43785 at SUSECVE-2023-43785 at NVDCVE-2023-43786 at SUSECVE-2023-43786 at NVDCVE-2023-43787 at SUSECVE-2023-43787 at NVDcpe:/o:suse:sl-micro:6.0libXcursor1-1.2.1-2.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libXcursor1-1.2.1-2.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-2003 at SUSECVE-2013-2003 at NVDCVE-2017-16612 at SUSECVE-2017-16612 at NVDcpe:/o:suse:sl-micro:6.0libXext6-1.3.5-2.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libXext6-1.3.5-2.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-1982 at SUSECVE-2013-1982 at NVDcpe:/o:suse:sl-micro:6.0libXfixes3-6.0.1-2.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libXfixes3-6.0.1-2.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-1983 at SUSECVE-2013-1983 at NVDcpe:/o:suse:sl-micro:6.0libXi6-1.8.1-2.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libXi6-1.8.1-2.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-1984 at SUSECVE-2013-1984 at NVDCVE-2013-1995 at SUSECVE-2013-1995 at NVDCVE-2013-1998 at SUSECVE-2013-1998 at NVDcpe:/o:suse:sl-micro:6.0libXinerama1-1.1.5-2.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libXinerama1-1.1.5-2.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-1985 at SUSECVE-2013-1985 at NVDcpe:/o:suse:sl-micro:6.0libXrandr2-1.5.4-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libXrandr2-1.5.4-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-1986 at SUSECVE-2013-1986 at NVDCVE-2016-7947 at SUSECVE-2016-7947 at NVDCVE-2016-7948 at SUSECVE-2016-7948 at NVDcpe:/o:suse:sl-micro:6.0libXrender1-0.9.11-2.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libXrender1-0.9.11-2.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-1987 at SUSECVE-2013-1987 at NVDcpe:/o:suse:sl-micro:6.0libXv1-1.0.12-2.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libXv1-1.0.12-2.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-1989 at SUSECVE-2013-1989 at NVDCVE-2013-2066 at SUSECVE-2013-2066 at NVDCVE-2016-5407 at SUSECVE-2016-5407 at NVDcpe:/o:suse:sl-micro:6.0libXxf86vm1-1.1.5-2.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libXxf86vm1-1.1.5-2.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-2001 at SUSECVE-2013-2001 at NVDcpe:/o:suse:sl-micro:6.0libarchive13-3.6.2-2.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libarchive13-3.6.2-2.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-5680 at SUSECVE-2006-5680 at NVDCVE-2007-3641 at SUSECVE-2007-3641 at NVDCVE-2007-3644 at SUSECVE-2007-3644 at NVDCVE-2007-3645 at SUSECVE-2007-3645 at NVDCVE-2013-0211 at SUSECVE-2013-0211 at NVDCVE-2015-2304 at SUSECVE-2015-2304 at NVDCVE-2015-8917 at SUSECVE-2015-8917 at NVDCVE-2015-8928 at SUSECVE-2015-8928 at NVDCVE-2015-8933 at SUSECVE-2015-8933 at NVDCVE-2015-8934 at SUSECVE-2015-8934 at NVDCVE-2016-1541 at SUSECVE-2016-1541 at NVDCVE-2016-4300 at SUSECVE-2016-4300 at NVDCVE-2016-4301 at SUSECVE-2016-4301 at NVDCVE-2016-4809 at SUSECVE-2016-4809 at NVDCVE-2016-5418 at SUSECVE-2016-5418 at NVDCVE-2016-5844 at SUSECVE-2016-5844 at NVDCVE-2016-6250 at SUSECVE-2016-6250 at NVDCVE-2016-8687 at SUSECVE-2016-8687 at NVDCVE-2016-8688 at SUSECVE-2016-8688 at NVDCVE-2016-8689 at SUSECVE-2016-8689 at NVDCVE-2017-14166 at SUSECVE-2017-14166 at NVDCVE-2017-14501 at SUSECVE-2017-14501 at NVDCVE-2017-14502 at SUSECVE-2017-14502 at NVDCVE-2017-14503 at SUSECVE-2017-14503 at NVDCVE-2018-1000877 at SUSECVE-2018-1000877 at NVDCVE-2018-1000878 at SUSECVE-2018-1000878 at NVDCVE-2018-1000879 at SUSECVE-2018-1000879 at NVDCVE-2018-1000880 at SUSECVE-2018-1000880 at NVDCVE-2019-1000019 at SUSECVE-2019-1000019 at NVDCVE-2019-1000020 at SUSECVE-2019-1000020 at NVDCVE-2019-18408 at SUSECVE-2019-18408 at NVDCVE-2019-19221 at SUSECVE-2019-19221 at NVDCVE-2021-31566 at SUSECVE-2021-31566 at NVDCVE-2021-36976 at SUSECVE-2021-36976 at NVDCVE-2022-36227 at SUSECVE-2022-36227 at NVDcpe:/o:suse:sl-micro:6.0libasound2-1.2.10-2.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libasound2-1.2.10-2.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-0035 at SUSECVE-2009-0035 at NVDcpe:/o:suse:sl-micro:6.0libatomic1-13.2.1+git8285-1.15 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libatomic1-13.2.1+git8285-1.15 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2023-4039 at SUSECVE-2023-4039 at NVDcpe:/o:suse:sl-micro:6.0libaudit1-3.0.9-3.143 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libaudit1-3.0.9-3.143 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-5186 at SUSECVE-2015-5186 at NVDcpe:/o:suse:sl-micro:6.0libaugeas0-1.14.1-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libaugeas0-1.14.1-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-0786 at SUSECVE-2012-0786 at NVDCVE-2014-8119 at SUSECVE-2014-8119 at NVDCVE-2017-7555 at SUSECVE-2017-7555 at NVDcpe:/o:suse:sl-micro:6.0libblkid1-2.39.3-2.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libblkid1-2.39.3-2.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-0157 at SUSECVE-2013-0157 at NVDCVE-2014-9114 at SUSECVE-2014-9114 at NVDCVE-2015-5218 at SUSECVE-2015-5218 at NVDCVE-2016-2779 at SUSECVE-2016-2779 at NVDCVE-2016-5011 at SUSECVE-2016-5011 at NVDCVE-2017-2616 at SUSECVE-2017-2616 at NVDCVE-2021-3995 at SUSECVE-2021-3995 at NVDCVE-2021-3996 at SUSECVE-2021-3996 at NVDCVE-2022-0563 at SUSECVE-2022-0563 at NVDcpe:/o:suse:sl-micro:6.0libbluetooth3-5.70-1.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libbluetooth3-5.70-1.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-9797 at SUSECVE-2016-9797 at NVDCVE-2016-9798 at SUSECVE-2016-9798 at NVDCVE-2016-9800 at SUSECVE-2016-9800 at NVDCVE-2016-9801 at SUSECVE-2016-9801 at NVDCVE-2016-9802 at SUSECVE-2016-9802 at NVDCVE-2016-9804 at SUSECVE-2016-9804 at NVDCVE-2016-9917 at SUSECVE-2016-9917 at NVDCVE-2016-9918 at SUSECVE-2016-9918 at NVDCVE-2020-0556 at SUSECVE-2020-0556 at NVDCVE-2020-26558 at SUSECVE-2020-26558 at NVDCVE-2021-0129 at SUSECVE-2021-0129 at NVDCVE-2021-3588 at SUSECVE-2021-3588 at NVDCVE-2022-0204 at SUSECVE-2022-0204 at NVDCVE-2023-27349 at SUSECVE-2023-27349 at NVDcpe:/o:suse:sl-micro:6.0libbpf1-1.2.0-3.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libbpf1-1.2.0-3.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2021-45940 at SUSECVE-2021-45940 at NVDCVE-2021-45941 at SUSECVE-2021-45941 at NVDCVE-2022-3533 at SUSECVE-2022-3533 at NVDCVE-2022-3534 at SUSECVE-2022-3534 at NVDCVE-2022-3606 at SUSECVE-2022-3606 at NVDcpe:/o:suse:sl-micro:6.0libbz2-1-1.0.8-2.191 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libbz2-1-1.0.8-2.191 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2008-1372 at SUSECVE-2008-1372 at NVDCVE-2010-0405 at SUSECVE-2010-0405 at NVDCVE-2016-3189 at SUSECVE-2016-3189 at NVDCVE-2019-12900 at SUSECVE-2019-12900 at NVDcpe:/o:suse:sl-micro:6.0libcairo-gobject2-1.17.8-2.13 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libcairo-gobject2-1.17.8-2.13 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-0528 at SUSECVE-2006-0528 at NVDCVE-2016-9082 at SUSECVE-2016-9082 at NVDCVE-2017-7475 at SUSECVE-2017-7475 at NVDCVE-2017-9814 at SUSECVE-2017-9814 at NVDcpe:/o:suse:sl-micro:6.0libcap2-2.69-2.83 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libcap2-2.69-2.83 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2023-2602 at SUSECVE-2023-2602 at NVDCVE-2023-2603 at SUSECVE-2023-2603 at NVDcpe:/o:suse:sl-micro:6.0libcares2-1.27.0-1.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libcares2-1.27.0-1.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-5180 at SUSECVE-2016-5180 at NVDCVE-2017-1000381 at SUSECVE-2017-1000381 at NVDCVE-2020-8277 at SUSECVE-2020-8277 at NVDCVE-2021-3672 at SUSECVE-2021-3672 at NVDCVE-2022-4904 at SUSECVE-2022-4904 at NVDCVE-2023-31124 at SUSECVE-2023-31124 at NVDCVE-2023-31130 at SUSECVE-2023-31130 at NVDCVE-2023-31147 at SUSECVE-2023-31147 at NVDCVE-2023-32067 at SUSECVE-2023-32067 at NVDCVE-2024-25629 at SUSECVE-2024-25629 at NVDcpe:/o:suse:sl-micro:6.0libcdrdeflt1_0-3.02~a10-4.31 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libcdrdeflt1_0-3.02~a10-4.31 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-1000156 at SUSECVE-2018-1000156 at NVDcpe:/o:suse:sl-micro:6.0libcolord2-1.4.6-2.14 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libcolord2-1.4.6-2.14 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2011-4349 at SUSECVE-2011-4349 at NVDCVE-2021-42523 at SUSECVE-2021-42523 at NVDcpe:/o:suse:sl-micro:6.0libcontainers-common-20240408-2.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libcontainers-common-20240408-2.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-15664 at SUSECVE-2018-15664 at NVDCVE-2019-10152 at SUSECVE-2019-10152 at NVDCVE-2020-14370 at SUSECVE-2020-14370 at NVDCVE-2020-15157 at SUSECVE-2020-15157 at NVDCVE-2021-20199 at SUSECVE-2021-20199 at NVDCVE-2021-20291 at SUSECVE-2021-20291 at NVDCVE-2021-3602 at SUSECVE-2021-3602 at NVDcpe:/o:suse:sl-micro:6.0libdrm2-2.4.119-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libdrm2-2.4.119-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2008-3831 at SUSECVE-2008-3831 at NVDcpe:/o:suse:sl-micro:6.0libeconf0-0.6.1-1.13 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libeconf0-0.6.1-1.13 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2023-22652 at SUSECVE-2023-22652 at NVDCVE-2023-30078 at SUSECVE-2023-30078 at NVDCVE-2023-30079 at SUSECVE-2023-30079 at NVDCVE-2023-32181 at SUSECVE-2023-32181 at NVDcpe:/o:suse:sl-micro:6.0libekmfweb1-2.31.0-1.21 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libekmfweb1-2.31.0-1.21 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2021-25316 at SUSECVE-2021-25316 at NVDcpe:/o:suse:sl-micro:6.0libesmtp6_2_0-1.1.0-1.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libesmtp6_2_0-1.1.0-1.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-19977 at SUSECVE-2019-19977 at NVDcpe:/o:suse:sl-micro:6.0libevent-2_1-7-2.1.12-2.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libevent-2_1-7-2.1.12-2.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-6272 at SUSECVE-2014-6272 at NVDcpe:/o:suse:sl-micro:6.0libexpat1-2.5.0-2.188 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libexpat1-2.5.0-2.188 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-2625 at SUSECVE-2009-2625 at NVDCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDCVE-2012-0876 at SUSECVE-2012-0876 at NVDCVE-2012-1147 at SUSECVE-2012-1147 at NVDCVE-2012-1148 at SUSECVE-2012-1148 at NVDCVE-2012-6702 at SUSECVE-2012-6702 at NVDCVE-2013-0340 at SUSECVE-2013-0340 at NVDCVE-2015-1283 at SUSECVE-2015-1283 at NVDCVE-2016-0718 at SUSECVE-2016-0718 at NVDCVE-2016-4472 at SUSECVE-2016-4472 at NVDCVE-2016-5300 at SUSECVE-2016-5300 at NVDCVE-2016-9063 at SUSECVE-2016-9063 at NVDCVE-2017-9233 at SUSECVE-2017-9233 at NVDCVE-2018-20843 at SUSECVE-2018-20843 at NVDCVE-2019-15903 at SUSECVE-2019-15903 at NVDCVE-2021-45960 at SUSECVE-2021-45960 at NVDCVE-2021-46143 at SUSECVE-2021-46143 at NVDCVE-2022-22822 at SUSECVE-2022-22822 at NVDCVE-2022-22823 at SUSECVE-2022-22823 at NVDCVE-2022-22824 at SUSECVE-2022-22824 at NVDCVE-2022-22825 at SUSECVE-2022-22825 at NVDCVE-2022-22826 at SUSECVE-2022-22826 at NVDCVE-2022-22827 at SUSECVE-2022-22827 at NVDCVE-2022-23852 at SUSECVE-2022-23852 at NVDCVE-2022-23990 at SUSECVE-2022-23990 at NVDCVE-2022-25235 at SUSECVE-2022-25235 at NVDCVE-2022-25236 at SUSECVE-2022-25236 at NVDCVE-2022-25313 at SUSECVE-2022-25313 at NVDCVE-2022-25314 at SUSECVE-2022-25314 at NVDCVE-2022-25315 at SUSECVE-2022-25315 at NVDCVE-2022-40674 at SUSECVE-2022-40674 at NVDCVE-2022-43680 at SUSECVE-2022-43680 at NVDcpe:/o:suse:sl-micro:6.0libexslt0-1.1.38-2.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libexslt0-1.1.38-2.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2008-1767 at SUSECVE-2008-1767 at NVDCVE-2015-7995 at SUSECVE-2015-7995 at NVDCVE-2015-9019 at SUSECVE-2015-9019 at NVDCVE-2016-4738 at SUSECVE-2016-4738 at NVDCVE-2017-5029 at SUSECVE-2017-5029 at NVDCVE-2019-11068 at SUSECVE-2019-11068 at NVDCVE-2019-13117 at SUSECVE-2019-13117 at NVDCVE-2019-13118 at SUSECVE-2019-13118 at NVDCVE-2019-18197 at SUSECVE-2019-18197 at NVDCVE-2021-30560 at SUSECVE-2021-30560 at NVDcpe:/o:suse:sl-micro:6.0libfreebl3-3.90.2-1.5 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libfreebl3-3.90.2-1.5 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2011-3640 at SUSECVE-2011-3640 at NVDCVE-2013-0743 at SUSECVE-2013-0743 at NVDCVE-2013-0791 at SUSECVE-2013-0791 at NVDCVE-2013-1620 at SUSECVE-2013-1620 at NVDCVE-2013-1739 at SUSECVE-2013-1739 at NVDCVE-2013-1740 at SUSECVE-2013-1740 at NVDCVE-2013-5605 at SUSECVE-2013-5605 at NVDCVE-2014-1490 at SUSECVE-2014-1490 at NVDCVE-2014-1491 at SUSECVE-2014-1491 at NVDCVE-2014-1492 at SUSECVE-2014-1492 at NVDCVE-2014-1568 at SUSECVE-2014-1568 at NVDCVE-2014-1569 at SUSECVE-2014-1569 at NVDCVE-2015-2721 at SUSECVE-2015-2721 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-7181 at SUSECVE-2015-7181 at NVDCVE-2015-7182 at SUSECVE-2015-7182 at NVDCVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2016-1950 at SUSECVE-2016-1950 at NVDCVE-2016-1979 at SUSECVE-2016-1979 at NVDCVE-2016-2834 at SUSECVE-2016-2834 at NVDCVE-2018-0495 at SUSECVE-2018-0495 at NVDCVE-2018-12384 at SUSECVE-2018-12384 at NVDCVE-2018-12404 at SUSECVE-2018-12404 at NVDCVE-2018-18508 at SUSECVE-2018-18508 at NVDCVE-2019-11745 at SUSECVE-2019-11745 at NVDCVE-2019-17006 at SUSECVE-2019-17006 at NVDCVE-2020-12399 at SUSECVE-2020-12399 at NVDCVE-2020-12400 at SUSECVE-2020-12400 at NVDCVE-2020-12401 at SUSECVE-2020-12401 at NVDCVE-2020-12402 at SUSECVE-2020-12402 at NVDCVE-2020-12403 at SUSECVE-2020-12403 at NVDCVE-2020-25648 at SUSECVE-2020-25648 at NVDCVE-2020-6829 at SUSECVE-2020-6829 at NVDCVE-2021-43527 at SUSECVE-2021-43527 at NVDCVE-2022-1097 at SUSECVE-2022-1097 at NVDCVE-2022-23491 at SUSECVE-2022-23491 at NVDCVE-2022-3479 at SUSECVE-2022-3479 at NVDCVE-2023-0767 at SUSECVE-2023-0767 at NVDCVE-2023-5388 at SUSECVE-2023-5388 at NVDcpe:/o:suse:sl-micro:6.0libfreetype6-2.13.2-1.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libfreetype6-2.13.2-1.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-1351 at SUSECVE-2007-1351 at NVDCVE-2009-0946 at SUSECVE-2009-0946 at NVDCVE-2010-2497 at SUSECVE-2010-2497 at NVDCVE-2010-2805 at SUSECVE-2010-2805 at NVDCVE-2010-3053 at SUSECVE-2010-3053 at NVDCVE-2010-3054 at SUSECVE-2010-3054 at NVDCVE-2010-3311 at SUSECVE-2010-3311 at NVDCVE-2010-3814 at SUSECVE-2010-3814 at NVDCVE-2010-3855 at SUSECVE-2010-3855 at NVDCVE-2011-0226 at SUSECVE-2011-0226 at NVDCVE-2011-3256 at SUSECVE-2011-3256 at NVDCVE-2011-3439 at SUSECVE-2011-3439 at NVDCVE-2012-1126 at SUSECVE-2012-1126 at NVDCVE-2012-1127 at SUSECVE-2012-1127 at NVDCVE-2012-1128 at SUSECVE-2012-1128 at NVDCVE-2012-1129 at SUSECVE-2012-1129 at NVDCVE-2012-1130 at SUSECVE-2012-1130 at NVDCVE-2012-1131 at SUSECVE-2012-1131 at NVDCVE-2012-1132 at SUSECVE-2012-1132 at NVDCVE-2012-1133 at SUSECVE-2012-1133 at NVDCVE-2012-1134 at SUSECVE-2012-1134 at NVDCVE-2012-1135 at SUSECVE-2012-1135 at NVDCVE-2012-1136 at SUSECVE-2012-1136 at NVDCVE-2012-1137 at SUSECVE-2012-1137 at NVDCVE-2012-1138 at SUSECVE-2012-1138 at NVDCVE-2012-1139 at SUSECVE-2012-1139 at NVDCVE-2012-1140 at SUSECVE-2012-1140 at NVDCVE-2012-1141 at SUSECVE-2012-1141 at NVDCVE-2012-1142 at SUSECVE-2012-1142 at NVDCVE-2012-1143 at SUSECVE-2012-1143 at NVDCVE-2012-1144 at SUSECVE-2012-1144 at NVDCVE-2012-5668 at SUSECVE-2012-5668 at NVDCVE-2012-5669 at SUSECVE-2012-5669 at NVDCVE-2012-5670 at SUSECVE-2012-5670 at NVDCVE-2014-2240 at SUSECVE-2014-2240 at NVDCVE-2014-2241 at SUSECVE-2014-2241 at NVDCVE-2014-9656 at SUSECVE-2014-9656 at NVDCVE-2014-9657 at SUSECVE-2014-9657 at NVDCVE-2014-9658 at SUSECVE-2014-9658 at NVDCVE-2014-9659 at SUSECVE-2014-9659 at NVDCVE-2014-9660 at SUSECVE-2014-9660 at NVDCVE-2014-9661 at SUSECVE-2014-9661 at NVDCVE-2014-9662 at SUSECVE-2014-9662 at NVDCVE-2014-9663 at SUSECVE-2014-9663 at NVDCVE-2014-9664 at SUSECVE-2014-9664 at NVDCVE-2014-9665 at SUSECVE-2014-9665 at NVDCVE-2014-9666 at SUSECVE-2014-9666 at NVDCVE-2014-9667 at SUSECVE-2014-9667 at NVDCVE-2014-9668 at SUSECVE-2014-9668 at NVDCVE-2014-9669 at SUSECVE-2014-9669 at NVDCVE-2014-9670 at SUSECVE-2014-9670 at NVDCVE-2014-9671 at SUSECVE-2014-9671 at NVDCVE-2014-9672 at SUSECVE-2014-9672 at NVDCVE-2014-9673 at SUSECVE-2014-9673 at NVDCVE-2014-9674 at SUSECVE-2014-9674 at NVDCVE-2014-9675 at SUSECVE-2014-9675 at NVDCVE-2017-8105 at SUSECVE-2017-8105 at NVDCVE-2017-8287 at SUSECVE-2017-8287 at NVDCVE-2018-25032 at SUSECVE-2018-25032 at NVDCVE-2018-6942 at SUSECVE-2018-6942 at NVDCVE-2020-15999 at SUSECVE-2020-15999 at NVDCVE-2022-27404 at SUSECVE-2022-27404 at NVDCVE-2022-27405 at SUSECVE-2022-27405 at NVDCVE-2022-27406 at SUSECVE-2022-27406 at NVDcpe:/o:suse:sl-micro:6.0libfribidi0-1.0.13-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libfribidi0-1.0.13-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-18397 at SUSECVE-2019-18397 at NVDcpe:/o:suse:sl-micro:6.0libfuse2-2.9.9-2.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libfuse2-2.9.9-2.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-3297 at SUSECVE-2009-3297 at NVDCVE-2011-0541 at SUSECVE-2011-0541 at NVDCVE-2015-3202 at SUSECVE-2015-3202 at NVDcpe:/o:suse:sl-micro:6.0libgcrypt20-1.10.3-1.37 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libgcrypt20-1.10.3-1.37 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-4242 at SUSECVE-2013-4242 at NVDCVE-2014-3591 at SUSECVE-2014-3591 at NVDCVE-2015-0837 at SUSECVE-2015-0837 at NVDCVE-2015-5738 at SUSECVE-2015-5738 at NVDCVE-2015-7511 at SUSECVE-2015-7511 at NVDCVE-2016-6313 at SUSECVE-2016-6313 at NVDCVE-2017-0379 at SUSECVE-2017-0379 at NVDCVE-2017-7526 at SUSECVE-2017-7526 at NVDCVE-2018-0495 at SUSECVE-2018-0495 at NVDCVE-2019-12904 at SUSECVE-2019-12904 at NVDCVE-2019-13627 at SUSECVE-2019-13627 at NVDCVE-2021-3345 at SUSECVE-2021-3345 at NVDCVE-2021-33560 at SUSECVE-2021-33560 at NVDCVE-2021-40528 at SUSECVE-2021-40528 at NVDcpe:/o:suse:sl-micro:6.0libgmp10-6.3.0-1.119 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libgmp10-6.3.0-1.119 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2021-43618 at SUSECVE-2021-43618 at NVDcpe:/o:suse:sl-micro:6.0libgpgme11-1.23.0-1.37 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libgpgme11-1.23.0-1.37 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-3564 at SUSECVE-2014-3564 at NVDcpe:/o:suse:sl-micro:6.0libgraphite2-3-1.3.14-3.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libgraphite2-3-1.3.14-3.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-1521 at SUSECVE-2016-1521 at NVDCVE-2017-5436 at SUSECVE-2017-5436 at NVDCVE-2018-7999 at SUSECVE-2018-7999 at NVDcpe:/o:suse:sl-micro:6.0libguestfs0-1.52.0-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libguestfs0-1.52.0-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-2124 at SUSECVE-2013-2124 at NVDCVE-2013-4419 at SUSECVE-2013-4419 at NVDCVE-2022-2211 at SUSECVE-2022-2211 at NVDcpe:/o:suse:sl-micro:6.0libharfbuzz-gobject0-7.2.0-7.14 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libharfbuzz-gobject0-7.2.0-7.14 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-33068 at SUSECVE-2022-33068 at NVDCVE-2023-25193 at SUSECVE-2023-25193 at NVDcpe:/o:suse:sl-micro:6.0libhogweed6-3.9.1-3.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libhogweed6-3.9.1-3.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-8803 at SUSECVE-2015-8803 at NVDCVE-2015-8804 at SUSECVE-2015-8804 at NVDCVE-2015-8805 at SUSECVE-2015-8805 at NVDCVE-2016-6489 at SUSECVE-2016-6489 at NVDCVE-2018-16869 at SUSECVE-2018-16869 at NVDCVE-2021-20305 at SUSECVE-2021-20305 at NVDCVE-2021-3580 at SUSECVE-2021-3580 at NVDCVE-2023-36660 at SUSECVE-2023-36660 at NVDcpe:/o:suse:sl-micro:6.0libidn2-0-2.3.4-2.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libidn2-0-2.3.4-2.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-2059 at SUSECVE-2015-2059 at NVDCVE-2015-8948 at SUSECVE-2015-8948 at NVDCVE-2016-6261 at SUSECVE-2016-6261 at NVDCVE-2016-6262 at SUSECVE-2016-6262 at NVDCVE-2016-6263 at SUSECVE-2016-6263 at NVDCVE-2019-12290 at SUSECVE-2019-12290 at NVDCVE-2019-18224 at SUSECVE-2019-18224 at NVDcpe:/o:suse:sl-micro:6.0libjansson4-2.14-2.5 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libjansson4-2.14-2.5 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-6401 at SUSECVE-2013-6401 at NVDcpe:/o:suse:sl-micro:6.0libjbig2-2.1-2.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libjbig2-2.1-2.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-6369 at SUSECVE-2013-6369 at NVDcpe:/o:suse:sl-micro:6.0libjcat1-0.1.14-1.5 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libjcat1-0.1.14-1.5 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-10759 at SUSECVE-2020-10759 at NVDcpe:/o:suse:sl-micro:6.0libjpeg8-8.3.2-5.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libjpeg8-8.3.2-5.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-9092 at SUSECVE-2014-9092 at NVDCVE-2017-15232 at SUSECVE-2017-15232 at NVDCVE-2018-1152 at SUSECVE-2018-1152 at NVDCVE-2018-11813 at SUSECVE-2018-11813 at NVDCVE-2018-14498 at SUSECVE-2018-14498 at NVDCVE-2018-19644 at SUSECVE-2018-19644 at NVDCVE-2018-19664 at SUSECVE-2018-19664 at NVDCVE-2018-20330 at SUSECVE-2018-20330 at NVDCVE-2019-2201 at SUSECVE-2019-2201 at NVDCVE-2020-13790 at SUSECVE-2020-13790 at NVDCVE-2020-17541 at SUSECVE-2020-17541 at NVDCVE-2023-2804 at SUSECVE-2023-2804 at NVDcpe:/o:suse:sl-micro:6.0libjson-c5-0.16-2.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libjson-c5-0.16-2.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-6370 at SUSECVE-2013-6370 at NVDCVE-2013-6371 at SUSECVE-2013-6371 at NVDcpe:/o:suse:sl-micro:6.0libksba8-1.6.4-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libksba8-1.6.4-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-9087 at SUSECVE-2014-9087 at NVDCVE-2016-4574 at SUSECVE-2016-4574 at NVDCVE-2016-4579 at SUSECVE-2016-4579 at NVDCVE-2022-3515 at SUSECVE-2022-3515 at NVDCVE-2022-47629 at SUSECVE-2022-47629 at NVDcpe:/o:suse:sl-micro:6.0liblcms2-2-2.16-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the liblcms2-2-2.16-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-16435 at SUSECVE-2018-16435 at NVDcpe:/o:suse:sl-micro:6.0libldap2-2.6.4-4.12 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libldap2-2.6.4-4.12 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-1545 at SUSECVE-2015-1545 at NVDCVE-2015-1546 at SUSECVE-2015-1546 at NVDCVE-2015-6908 at SUSECVE-2015-6908 at NVDCVE-2017-17740 at SUSECVE-2017-17740 at NVDCVE-2019-13057 at SUSECVE-2019-13057 at NVDCVE-2019-13565 at SUSECVE-2019-13565 at NVDCVE-2020-8027 at SUSECVE-2020-8027 at NVDCVE-2022-31253 at SUSECVE-2022-31253 at NVDCVE-2023-2953 at SUSECVE-2023-2953 at NVDcpe:/o:suse:sl-micro:6.0libldb2-2.8.0-1.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libldb2-2.8.0-1.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-3223 at SUSECVE-2015-3223 at NVDCVE-2015-5330 at SUSECVE-2015-5330 at NVDCVE-2018-1140 at SUSECVE-2018-1140 at NVDCVE-2019-3824 at SUSECVE-2019-3824 at NVDCVE-2020-10700 at SUSECVE-2020-10700 at NVDCVE-2020-10730 at SUSECVE-2020-10730 at NVDCVE-2020-27840 at SUSECVE-2020-27840 at NVDCVE-2021-20277 at SUSECVE-2021-20277 at NVDCVE-2021-3670 at SUSECVE-2021-3670 at NVDCVE-2022-32746 at SUSECVE-2022-32746 at NVDCVE-2023-0614 at SUSECVE-2023-0614 at NVDcpe:/o:suse:sl-micro:6.0libltdl7-2.4.7-2.186 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libltdl7-2.4.7-2.186 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-3736 at SUSECVE-2009-3736 at NVDcpe:/o:suse:sl-micro:6.0liblua5_4-5-5.4.6-1.68 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the liblua5_4-5-5.4.6-1.68 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-15888 at SUSECVE-2020-15888 at NVDCVE-2020-15945 at SUSECVE-2020-15945 at NVDCVE-2020-24342 at SUSECVE-2020-24342 at NVDCVE-2020-24369 at SUSECVE-2020-24369 at NVDCVE-2020-24370 at SUSECVE-2020-24370 at NVDCVE-2020-24371 at SUSECVE-2020-24371 at NVDCVE-2021-43519 at SUSECVE-2021-43519 at NVDCVE-2021-44647 at SUSECVE-2021-44647 at NVDCVE-2022-33099 at SUSECVE-2022-33099 at NVDcpe:/o:suse:sl-micro:6.0liblz4-1-1.9.4-2.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the liblz4-1-1.9.4-2.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-17543 at SUSECVE-2019-17543 at NVDCVE-2021-3520 at SUSECVE-2021-3520 at NVDcpe:/o:suse:sl-micro:6.0liblzma5-5.4.3-4.166 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the liblzma5-5.4.3-4.166 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-1271 at SUSECVE-2022-1271 at NVDcpe:/o:suse:sl-micro:6.0liblzo2-2-2.10-2.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the liblzo2-2-2.10-2.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-4607 at SUSECVE-2014-4607 at NVDcpe:/o:suse:sl-micro:6.0libmicrohttpd12-0.9.77-1.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libmicrohttpd12-0.9.77-1.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-7038 at SUSECVE-2013-7038 at NVDCVE-2013-7039 at SUSECVE-2013-7039 at NVDCVE-2023-27371 at SUSECVE-2023-27371 at NVDcpe:/o:suse:sl-micro:6.0libmpfr6-4.2.1-1.117 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libmpfr6-4.2.1-1.117 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-9474 at SUSECVE-2014-9474 at NVDcpe:/o:suse:sl-micro:6.0libmspack0-0.11-4.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libmspack0-0.11-4.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2010-2800 at SUSECVE-2010-2800 at NVDCVE-2010-2801 at SUSECVE-2010-2801 at NVDCVE-2014-9556 at SUSECVE-2014-9556 at NVDCVE-2017-11423 at SUSECVE-2017-11423 at NVDCVE-2017-6419 at SUSECVE-2017-6419 at NVDCVE-2018-14679 at SUSECVE-2018-14679 at NVDCVE-2018-14680 at SUSECVE-2018-14680 at NVDCVE-2018-14681 at SUSECVE-2018-14681 at NVDCVE-2018-14682 at SUSECVE-2018-14682 at NVDcpe:/o:suse:sl-micro:6.0libncurses6-6.4.20240224-10.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libncurses6-6.4.20240224-10.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-29458 at SUSECVE-2022-29458 at NVDcpe:/o:suse:sl-micro:6.0libndp0-1.8-2.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libndp0-1.8-2.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-3698 at SUSECVE-2016-3698 at NVDcpe:/o:suse:sl-micro:6.0libnewt0_52-0.52.23-5.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libnewt0_52-0.52.23-5.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-2905 at SUSECVE-2009-2905 at NVDcpe:/o:suse:sl-micro:6.0libnfsidmap1-1.0-36.15 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libnfsidmap1-1.0-36.15 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-3689 at SUSECVE-2019-3689 at NVDcpe:/o:suse:sl-micro:6.0libnghttp2-14-1.52.0-4.12 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libnghttp2-14-1.52.0-4.12 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-1544 at SUSECVE-2016-1544 at NVDCVE-2018-1000168 at SUSECVE-2018-1000168 at NVDCVE-2019-9511 at SUSECVE-2019-9511 at NVDCVE-2019-9513 at SUSECVE-2019-9513 at NVDCVE-2020-11080 at SUSECVE-2020-11080 at NVDCVE-2023-35945 at SUSECVE-2023-35945 at NVDcpe:/o:suse:sl-micro:6.0libonig5-6.9.8-2.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libonig5-6.9.8-2.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-13224 at SUSECVE-2019-13224 at NVDCVE-2019-13225 at SUSECVE-2019-13225 at NVDCVE-2019-19012 at SUSECVE-2019-19012 at NVDCVE-2019-19203 at SUSECVE-2019-19203 at NVDCVE-2019-19204 at SUSECVE-2019-19204 at NVDCVE-2019-19246 at SUSECVE-2019-19246 at NVDCVE-2020-26159 at SUSECVE-2020-26159 at NVDcpe:/o:suse:sl-micro:6.0libopenssl-3-devel-3.1.4-5.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libopenssl-3-devel-3.1.4-5.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-1971 at SUSECVE-2020-1971 at NVDCVE-2021-4044 at SUSECVE-2021-4044 at NVDCVE-2022-0778 at SUSECVE-2022-0778 at NVDCVE-2022-1292 at SUSECVE-2022-1292 at NVDCVE-2022-1343 at SUSECVE-2022-1343 at NVDCVE-2022-1434 at SUSECVE-2022-1434 at NVDCVE-2022-1473 at SUSECVE-2022-1473 at NVDCVE-2022-2068 at SUSECVE-2022-2068 at NVDCVE-2022-2097 at SUSECVE-2022-2097 at NVDCVE-2022-2274 at SUSECVE-2022-2274 at NVDCVE-2022-3358 at SUSECVE-2022-3358 at NVDCVE-2022-3602 at SUSECVE-2022-3602 at NVDCVE-2022-3786 at SUSECVE-2022-3786 at NVDCVE-2022-3996 at SUSECVE-2022-3996 at NVDCVE-2022-4203 at SUSECVE-2022-4203 at NVDCVE-2022-4304 at SUSECVE-2022-4304 at NVDCVE-2022-4450 at SUSECVE-2022-4450 at NVDCVE-2023-0215 at SUSECVE-2023-0215 at NVDCVE-2023-0216 at SUSECVE-2023-0216 at NVDCVE-2023-0217 at SUSECVE-2023-0217 at NVDCVE-2023-0286 at SUSECVE-2023-0286 at NVDCVE-2023-0401 at SUSECVE-2023-0401 at NVDCVE-2023-0464 at SUSECVE-2023-0464 at NVDCVE-2023-0465 at SUSECVE-2023-0465 at NVDCVE-2023-0466 at SUSECVE-2023-0466 at NVDCVE-2023-1255 at SUSECVE-2023-1255 at NVDCVE-2023-2650 at SUSECVE-2023-2650 at NVDCVE-2023-2975 at SUSECVE-2023-2975 at NVDCVE-2023-3446 at SUSECVE-2023-3446 at NVDCVE-2023-3817 at SUSECVE-2023-3817 at NVDCVE-2023-4807 at SUSECVE-2023-4807 at NVDCVE-2023-5363 at SUSECVE-2023-5363 at NVDCVE-2023-5678 at SUSECVE-2023-5678 at NVDCVE-2023-6129 at SUSECVE-2023-6129 at NVDCVE-2023-6237 at SUSECVE-2023-6237 at NVDCVE-2024-0727 at SUSECVE-2024-0727 at NVDcpe:/o:suse:sl-micro:6.0libopenssl-devel-3.1.4-3.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libopenssl-devel-3.1.4-3.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-2937 at SUSECVE-2006-2937 at NVDCVE-2006-2940 at SUSECVE-2006-2940 at NVDCVE-2006-3738 at SUSECVE-2006-3738 at NVDCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2006-4343 at SUSECVE-2006-4343 at NVDCVE-2006-7250 at SUSECVE-2006-7250 at NVDCVE-2007-3108 at SUSECVE-2007-3108 at NVDCVE-2007-4995 at SUSECVE-2007-4995 at NVDCVE-2007-5135 at SUSECVE-2007-5135 at NVDCVE-2008-0891 at SUSECVE-2008-0891 at NVDCVE-2008-1672 at SUSECVE-2008-1672 at NVDCVE-2008-5077 at SUSECVE-2008-5077 at NVDCVE-2009-0590 at SUSECVE-2009-0590 at NVDCVE-2009-0591 at SUSECVE-2009-0591 at NVDCVE-2009-0789 at SUSECVE-2009-0789 at NVDCVE-2009-1377 at SUSECVE-2009-1377 at NVDCVE-2009-1378 at SUSECVE-2009-1378 at NVDCVE-2009-1379 at SUSECVE-2009-1379 at NVDCVE-2009-1386 at SUSECVE-2009-1386 at NVDCVE-2009-1387 at SUSECVE-2009-1387 at NVDCVE-2010-0740 at SUSECVE-2010-0740 at NVDCVE-2010-0742 at SUSECVE-2010-0742 at NVDCVE-2010-1633 at SUSECVE-2010-1633 at NVDCVE-2010-2939 at SUSECVE-2010-2939 at NVDCVE-2010-3864 at SUSECVE-2010-3864 at NVDCVE-2010-5298 at SUSECVE-2010-5298 at NVDCVE-2011-0014 at SUSECVE-2011-0014 at NVDCVE-2011-3207 at SUSECVE-2011-3207 at NVDCVE-2011-3210 at SUSECVE-2011-3210 at NVDCVE-2011-4108 at SUSECVE-2011-4108 at NVDCVE-2011-4576 at SUSECVE-2011-4576 at NVDCVE-2011-4577 at SUSECVE-2011-4577 at NVDCVE-2011-4619 at SUSECVE-2011-4619 at NVDCVE-2012-0027 at SUSECVE-2012-0027 at NVDCVE-2012-0050 at SUSECVE-2012-0050 at NVDCVE-2012-0884 at SUSECVE-2012-0884 at NVDCVE-2012-1165 at SUSECVE-2012-1165 at NVDCVE-2012-2110 at SUSECVE-2012-2110 at NVDCVE-2012-2686 at SUSECVE-2012-2686 at NVDCVE-2012-4929 at SUSECVE-2012-4929 at NVDCVE-2013-0166 at SUSECVE-2013-0166 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2013-4353 at SUSECVE-2013-4353 at NVDCVE-2013-6449 at SUSECVE-2013-6449 at NVDCVE-2013-6450 at SUSECVE-2013-6450 at NVDCVE-2014-0076 at SUSECVE-2014-0076 at NVDCVE-2014-0160 at SUSECVE-2014-0160 at NVDCVE-2014-0195 at SUSECVE-2014-0195 at NVDCVE-2014-0198 at SUSECVE-2014-0198 at NVDCVE-2014-0221 at SUSECVE-2014-0221 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2014-3470 at SUSECVE-2014-3470 at NVDCVE-2014-3505 at SUSECVE-2014-3505 at NVDCVE-2014-3506 at SUSECVE-2014-3506 at NVDCVE-2014-3507 at SUSECVE-2014-3507 at NVDCVE-2014-3508 at SUSECVE-2014-3508 at NVDCVE-2014-3509 at SUSECVE-2014-3509 at NVDCVE-2014-3510 at SUSECVE-2014-3510 at NVDCVE-2014-3511 at SUSECVE-2014-3511 at NVDCVE-2014-3512 at SUSECVE-2014-3512 at NVDCVE-2014-3513 at SUSECVE-2014-3513 at NVDCVE-2014-3567 at SUSECVE-2014-3567 at NVDCVE-2014-3568 at SUSECVE-2014-3568 at NVDCVE-2014-3569 at SUSECVE-2014-3569 at NVDCVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3571 at SUSECVE-2014-3571 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-5139 at SUSECVE-2014-5139 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0206 at SUSECVE-2015-0206 at NVDCVE-2015-0209 at SUSECVE-2015-0209 at NVDCVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0287 at SUSECVE-2015-0287 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-0289 at SUSECVE-2015-0289 at NVDCVE-2015-0293 at SUSECVE-2015-0293 at NVDCVE-2015-1788 at SUSECVE-2015-1788 at NVDCVE-2015-1789 at SUSECVE-2015-1789 at NVDCVE-2015-1790 at SUSECVE-2015-1790 at NVDCVE-2015-1791 at SUSECVE-2015-1791 at NVDCVE-2015-1792 at SUSECVE-2015-1792 at NVDCVE-2015-1793 at SUSECVE-2015-1793 at NVDCVE-2015-1794 at SUSECVE-2015-1794 at NVDCVE-2015-3193 at SUSECVE-2015-3193 at NVDCVE-2015-3194 at SUSECVE-2015-3194 at NVDCVE-2015-3195 at SUSECVE-2015-3195 at NVDCVE-2015-3196 at SUSECVE-2015-3196 at NVDCVE-2015-3197 at SUSECVE-2015-3197 at NVDCVE-2016-0701 at SUSECVE-2016-0701 at NVDCVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-0705 at SUSECVE-2016-0705 at NVDCVE-2016-0797 at SUSECVE-2016-0797 at NVDCVE-2016-0798 at SUSECVE-2016-0798 at NVDCVE-2016-0800 at SUSECVE-2016-0800 at NVDCVE-2016-2105 at SUSECVE-2016-2105 at NVDCVE-2016-2106 at SUSECVE-2016-2106 at NVDCVE-2016-2107 at SUSECVE-2016-2107 at NVDCVE-2016-2109 at SUSECVE-2016-2109 at NVDCVE-2016-2176 at SUSECVE-2016-2176 at NVDCVE-2016-2177 at SUSECVE-2016-2177 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2179 at SUSECVE-2016-2179 at NVDCVE-2016-2180 at SUSECVE-2016-2180 at NVDCVE-2016-2181 at SUSECVE-2016-2181 at NVDCVE-2016-2182 at SUSECVE-2016-2182 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-6302 at SUSECVE-2016-6302 at NVDCVE-2016-6303 at SUSECVE-2016-6303 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDCVE-2016-7052 at SUSECVE-2016-7052 at NVDCVE-2016-7055 at SUSECVE-2016-7055 at NVDCVE-2016-7056 at SUSECVE-2016-7056 at NVDCVE-2017-3731 at SUSECVE-2017-3731 at NVDCVE-2017-3732 at SUSECVE-2017-3732 at NVDcpe:/o:suse:sl-micro:6.0libopenvswitch-3_1-0-3.1.0-3.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libopenvswitch-3_1-0-3.1.0-3.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-3449 at SUSECVE-2012-3449 at NVDCVE-2020-27827 at SUSECVE-2020-27827 at NVDCVE-2020-35498 at SUSECVE-2020-35498 at NVDCVE-2021-36980 at SUSECVE-2021-36980 at NVDCVE-2022-4337 at SUSECVE-2022-4337 at NVDCVE-2022-4338 at SUSECVE-2022-4338 at NVDCVE-2023-1668 at SUSECVE-2023-1668 at NVDCVE-2023-3152 at SUSECVE-2023-3152 at NVDCVE-2023-3153 at SUSECVE-2023-3153 at NVDcpe:/o:suse:sl-micro:6.0libopus0-1.4-2.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libopus0-1.4-2.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-0381 at SUSECVE-2017-0381 at NVDcpe:/o:suse:sl-micro:6.0libosinfo-1.11.0-1.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libosinfo-1.11.0-1.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-13313 at SUSECVE-2019-13313 at NVDcpe:/o:suse:sl-micro:6.0libp11-kit0-0.25.3-1.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libp11-kit0-0.25.3-1.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-29361 at SUSECVE-2020-29361 at NVDCVE-2020-29362 at SUSECVE-2020-29362 at NVDCVE-2020-29363 at SUSECVE-2020-29363 at NVDcpe:/o:suse:sl-micro:6.0libpango-1_0-0-1.50.14-2.12 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libpango-1_0-0-1.50.14-2.12 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2011-0020 at SUSECVE-2011-0020 at NVDCVE-2011-0064 at SUSECVE-2011-0064 at NVDCVE-2018-15120 at SUSECVE-2018-15120 at NVDcpe:/o:suse:sl-micro:6.0libpcap1-1.10.4-2.14 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libpcap1-1.10.4-2.14 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-16301 at SUSECVE-2018-16301 at NVDCVE-2019-15161 at SUSECVE-2019-15161 at NVDCVE-2019-15162 at SUSECVE-2019-15162 at NVDCVE-2019-15163 at SUSECVE-2019-15163 at NVDCVE-2019-15164 at SUSECVE-2019-15164 at NVDCVE-2019-15165 at SUSECVE-2019-15165 at NVDcpe:/o:suse:sl-micro:6.0libpcp3-5.3.7-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libpcp3-5.3.7-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-3418 at SUSECVE-2012-3418 at NVDCVE-2012-3419 at SUSECVE-2012-3419 at NVDCVE-2012-3420 at SUSECVE-2012-3420 at NVDCVE-2012-3421 at SUSECVE-2012-3421 at NVDCVE-2012-5530 at SUSECVE-2012-5530 at NVDCVE-2019-3695 at SUSECVE-2019-3695 at NVDCVE-2019-3696 at SUSECVE-2019-3696 at NVDcpe:/o:suse:sl-micro:6.0libpcre2-8-0-10.42-2.179 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libpcre2-8-0-10.42-2.179 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-8964 at SUSECVE-2014-8964 at NVDCVE-2015-2325 at SUSECVE-2015-2325 at NVDCVE-2015-2326 at SUSECVE-2015-2326 at NVDCVE-2016-3191 at SUSECVE-2016-3191 at NVDCVE-2017-7186 at SUSECVE-2017-7186 at NVDCVE-2017-8786 at SUSECVE-2017-8786 at NVDcpe:/o:suse:sl-micro:6.0libpcsclite1-2.0.1-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libpcsclite1-2.0.1-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2010-0407 at SUSECVE-2010-0407 at NVDCVE-2010-4531 at SUSECVE-2010-4531 at NVDCVE-2016-10109 at SUSECVE-2016-10109 at NVDcpe:/o:suse:sl-micro:6.0libpixman-1-0-0.42.2-2.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libpixman-1-0-0.42.2-2.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-44638 at SUSECVE-2022-44638 at NVDcpe:/o:suse:sl-micro:6.0libpkgconf3-1.8.0-2.205 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libpkgconf3-1.8.0-2.205 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-1000221 at SUSECVE-2018-1000221 at NVDCVE-2023-24056 at SUSECVE-2023-24056 at NVDcpe:/o:suse:sl-micro:6.0libpng16-16-1.6.43-1.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libpng16-16-1.6.43-1.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-5793 at SUSECVE-2006-5793 at NVDCVE-2008-3964 at SUSECVE-2008-3964 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2011-2501 at SUSECVE-2011-2501 at NVDCVE-2011-2690 at SUSECVE-2011-2690 at NVDCVE-2011-2691 at SUSECVE-2011-2691 at NVDCVE-2011-2692 at SUSECVE-2011-2692 at NVDCVE-2011-3328 at SUSECVE-2011-3328 at NVDCVE-2013-6954 at SUSECVE-2013-6954 at NVDCVE-2014-0333 at SUSECVE-2014-0333 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDCVE-2016-10087 at SUSECVE-2016-10087 at NVDCVE-2016-5735 at SUSECVE-2016-5735 at NVDCVE-2017-12652 at SUSECVE-2017-12652 at NVDCVE-2018-13785 at SUSECVE-2018-13785 at NVDCVE-2018-14048 at SUSECVE-2018-14048 at NVDCVE-2018-14550 at SUSECVE-2018-14550 at NVDCVE-2019-6129 at SUSECVE-2019-6129 at NVDCVE-2019-7317 at SUSECVE-2019-7317 at NVDcpe:/o:suse:sl-micro:6.0libpolkit-agent-1-0-121-2.15 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libpolkit-agent-1-0-121-2.15 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2010-0750 at SUSECVE-2010-0750 at NVDCVE-2011-1485 at SUSECVE-2011-1485 at NVDCVE-2013-4288 at SUSECVE-2013-4288 at NVDCVE-2015-3218 at SUSECVE-2015-3218 at NVDCVE-2015-3255 at SUSECVE-2015-3255 at NVDCVE-2015-3256 at SUSECVE-2015-3256 at NVDCVE-2015-4625 at SUSECVE-2015-4625 at NVDCVE-2018-1116 at SUSECVE-2018-1116 at NVDCVE-2018-19788 at SUSECVE-2018-19788 at NVDCVE-2019-6133 at SUSECVE-2019-6133 at NVDCVE-2021-3560 at SUSECVE-2021-3560 at NVDCVE-2021-4034 at SUSECVE-2021-4034 at NVDCVE-2021-4115 at SUSECVE-2021-4115 at NVDcpe:/o:suse:sl-micro:6.0libprocps8-3.3.17-4.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libprocps8-3.3.17-4.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-1122 at SUSECVE-2018-1122 at NVDCVE-2018-1123 at SUSECVE-2018-1123 at NVDCVE-2018-1124 at SUSECVE-2018-1124 at NVDCVE-2018-1125 at SUSECVE-2018-1125 at NVDCVE-2018-1126 at SUSECVE-2018-1126 at NVDCVE-2023-4016 at SUSECVE-2023-4016 at NVDcpe:/o:suse:sl-micro:6.0libprotobuf-c1-1.5.0-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libprotobuf-c1-1.5.0-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-33070 at SUSECVE-2022-33070 at NVDCVE-2022-48468 at SUSECVE-2022-48468 at NVDcpe:/o:suse:sl-micro:6.0libproxy1-0.4.18-5.12 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libproxy1-0.4.18-5.12 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-4504 at SUSECVE-2012-4504 at NVDCVE-2020-25219 at SUSECVE-2020-25219 at NVDCVE-2020-26154 at SUSECVE-2020-26154 at NVDcpe:/o:suse:sl-micro:6.0libpython3_11-1_0-3.11.8-2.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libpython3_11-1_0-3.11.8-2.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-4559 at SUSECVE-2007-4559 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2011-4944 at SUSECVE-2011-4944 at NVDCVE-2012-0845 at SUSECVE-2012-0845 at NVDCVE-2012-1150 at SUSECVE-2012-1150 at NVDCVE-2013-1752 at SUSECVE-2013-1752 at NVDCVE-2013-4238 at SUSECVE-2013-4238 at NVDCVE-2014-2667 at SUSECVE-2014-2667 at NVDCVE-2014-4650 at SUSECVE-2014-4650 at NVDCVE-2019-20907 at SUSECVE-2019-20907 at NVDCVE-2019-5010 at SUSECVE-2019-5010 at NVDCVE-2019-9947 at SUSECVE-2019-9947 at NVDCVE-2020-10735 at SUSECVE-2020-10735 at NVDCVE-2020-15523 at SUSECVE-2020-15523 at NVDCVE-2020-15801 at SUSECVE-2020-15801 at NVDCVE-2020-8492 at SUSECVE-2020-8492 at NVDCVE-2021-23336 at SUSECVE-2021-23336 at NVDCVE-2021-3177 at SUSECVE-2021-3177 at NVDCVE-2021-3426 at SUSECVE-2021-3426 at NVDCVE-2022-25236 at SUSECVE-2022-25236 at NVDCVE-2022-42919 at SUSECVE-2022-42919 at NVDCVE-2022-4303 at SUSECVE-2022-4303 at NVDCVE-2022-45061 at SUSECVE-2022-45061 at NVDCVE-2023-0286 at SUSECVE-2023-0286 at NVDCVE-2023-0464 at SUSECVE-2023-0464 at NVDCVE-2023-0465 at SUSECVE-2023-0465 at NVDCVE-2023-0466 at SUSECVE-2023-0466 at NVDCVE-2023-24329 at SUSECVE-2023-24329 at NVDCVE-2023-2650 at SUSECVE-2023-2650 at NVDCVE-2023-27043 at SUSECVE-2023-27043 at NVDCVE-2023-40217 at SUSECVE-2023-40217 at NVDCVE-2023-41105 at SUSECVE-2023-41105 at NVDCVE-2023-6597 at SUSECVE-2023-6597 at NVDcpe:/o:suse:sl-micro:6.0librados2-16.2.14.66+g7aa6ce9419f-1.5 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the librados2-16.2.14.66+g7aa6ce9419f-1.5 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-16818 at SUSECVE-2017-16818 at NVDCVE-2018-10861 at SUSECVE-2018-10861 at NVDCVE-2018-1128 at SUSECVE-2018-1128 at NVDCVE-2018-1129 at SUSECVE-2018-1129 at NVDCVE-2018-16889 at SUSECVE-2018-16889 at NVDCVE-2019-10222 at SUSECVE-2019-10222 at NVDCVE-2019-3821 at SUSECVE-2019-3821 at NVDCVE-2020-10736 at SUSECVE-2020-10736 at NVDCVE-2020-1759 at SUSECVE-2020-1759 at NVDCVE-2020-1760 at SUSECVE-2020-1760 at NVDCVE-2020-25660 at SUSECVE-2020-25660 at NVDCVE-2020-25678 at SUSECVE-2020-25678 at NVDCVE-2020-27781 at SUSECVE-2020-27781 at NVDCVE-2020-27839 at SUSECVE-2020-27839 at NVDCVE-2021-20288 at SUSECVE-2021-20288 at NVDCVE-2021-3509 at SUSECVE-2021-3509 at NVDCVE-2021-3524 at SUSECVE-2021-3524 at NVDCVE-2021-3531 at SUSECVE-2021-3531 at NVDCVE-2021-3979 at SUSECVE-2021-3979 at NVDCVE-2022-0670 at SUSECVE-2022-0670 at NVDCVE-2022-3650 at SUSECVE-2022-3650 at NVDCVE-2022-3854 at SUSECVE-2022-3854 at NVDcpe:/o:suse:sl-micro:6.0librpmbuild9-4.18.0-6.133 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the librpmbuild9-4.18.0-6.133 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-7500 at SUSECVE-2017-7500 at NVDCVE-2021-20266 at SUSECVE-2021-20266 at NVDCVE-2021-20271 at SUSECVE-2021-20271 at NVDCVE-2021-3421 at SUSECVE-2021-3421 at NVDCVE-2021-3521 at SUSECVE-2021-3521 at NVDCVE-2021-35938 at SUSECVE-2021-35938 at NVDCVE-2021-35939 at SUSECVE-2021-35939 at NVDcpe:/o:suse:sl-micro:6.0libseccomp2-2.5.4-2.199 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libseccomp2-2.5.4-2.199 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-9893 at SUSECVE-2019-9893 at NVDcpe:/o:suse:sl-micro:6.0libsepol2-3.5-2.196 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libsepol2-3.5-2.196 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2021-36085 at SUSECVE-2021-36085 at NVDCVE-2021-36086 at SUSECVE-2021-36086 at NVDCVE-2021-36087 at SUSECVE-2021-36087 at NVDcpe:/o:suse:sl-micro:6.0libsha1detectcoll1-1.0.3-2.5 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libsha1detectcoll1-1.0.3-2.5 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2005-4900 at SUSECVE-2005-4900 at NVDcpe:/o:suse:sl-micro:6.0libslirp0-4.7.0+44-4.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libslirp0-4.7.0+44-4.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-10756 at SUSECVE-2020-10756 at NVDCVE-2020-1983 at SUSECVE-2020-1983 at NVDCVE-2021-3592 at SUSECVE-2021-3592 at NVDCVE-2021-3593 at SUSECVE-2021-3593 at NVDCVE-2021-3594 at SUSECVE-2021-3594 at NVDCVE-2021-3595 at SUSECVE-2021-3595 at NVDcpe:/o:suse:sl-micro:6.0libsnmp40-5.9.3-2.21 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libsnmp40-5.9.3-2.21 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2008-4309 at SUSECVE-2008-4309 at NVDCVE-2012-2141 at SUSECVE-2012-2141 at NVDCVE-2014-2284 at SUSECVE-2014-2284 at NVDCVE-2014-2285 at SUSECVE-2014-2285 at NVDCVE-2014-3565 at SUSECVE-2014-3565 at NVDCVE-2015-5621 at SUSECVE-2015-5621 at NVDCVE-2018-18065 at SUSECVE-2018-18065 at NVDCVE-2022-24805 at SUSECVE-2022-24805 at NVDCVE-2022-24806 at SUSECVE-2022-24806 at NVDCVE-2022-24807 at SUSECVE-2022-24807 at NVDCVE-2022-24808 at SUSECVE-2022-24808 at NVDCVE-2022-24809 at SUSECVE-2022-24809 at NVDCVE-2022-24810 at SUSECVE-2022-24810 at NVDCVE-2022-44792 at SUSECVE-2022-44792 at NVDCVE-2022-44793 at SUSECVE-2022-44793 at NVDcpe:/o:suse:sl-micro:6.0libsolv-tools-0.7.28-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libsolv-tools-0.7.28-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-20532 at SUSECVE-2018-20532 at NVDCVE-2018-20533 at SUSECVE-2018-20533 at NVDCVE-2018-20534 at SUSECVE-2018-20534 at NVDcpe:/o:suse:sl-micro:6.0libsoup-3_0-0-3.4.2-3.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libsoup-3_0-0-3.4.2-3.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-5876 at SUSECVE-2006-5876 at NVDCVE-2011-2054 at SUSECVE-2011-2054 at NVDCVE-2017-2885 at SUSECVE-2017-2885 at NVDCVE-2018-12910 at SUSECVE-2018-12910 at NVDcpe:/o:suse:sl-micro:6.0libspice-server1-0.15.1-4.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libspice-server1-0.15.1-4.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-4282 at SUSECVE-2013-4282 at NVDCVE-2015-3247 at SUSECVE-2015-3247 at NVDCVE-2015-5260 at SUSECVE-2015-5260 at NVDCVE-2015-5261 at SUSECVE-2015-5261 at NVDCVE-2016-0749 at SUSECVE-2016-0749 at NVDCVE-2016-2150 at SUSECVE-2016-2150 at NVDCVE-2016-9577 at SUSECVE-2016-9577 at NVDCVE-2016-9578 at SUSECVE-2016-9578 at NVDCVE-2018-10873 at SUSECVE-2018-10873 at NVDCVE-2018-10893 at SUSECVE-2018-10893 at NVDCVE-2019-3813 at SUSECVE-2019-3813 at NVDCVE-2020-14355 at SUSECVE-2020-14355 at NVDcpe:/o:suse:sl-micro:6.0libsqlite3-0-3.44.2-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libsqlite3-0-3.44.2-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-8740 at SUSECVE-2018-8740 at NVDCVE-2019-16168 at SUSECVE-2019-16168 at NVDCVE-2019-9936 at SUSECVE-2019-9936 at NVDCVE-2019-9937 at SUSECVE-2019-9937 at NVDCVE-2020-13434 at SUSECVE-2020-13434 at NVDCVE-2020-13435 at SUSECVE-2020-13435 at NVDCVE-2020-13630 at SUSECVE-2020-13630 at NVDCVE-2020-13631 at SUSECVE-2020-13631 at NVDCVE-2020-13632 at SUSECVE-2020-13632 at NVDCVE-2020-13871 at SUSECVE-2020-13871 at NVDCVE-2021-36690 at SUSECVE-2021-36690 at NVDCVE-2022-35737 at SUSECVE-2022-35737 at NVDCVE-2022-46908 at SUSECVE-2022-46908 at NVDcpe:/o:suse:sl-micro:6.0libssh-config-0.10.6-1.12 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libssh-config-0.10.6-1.12 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-4559 at SUSECVE-2012-4559 at NVDCVE-2012-4560 at SUSECVE-2012-4560 at NVDCVE-2012-4561 at SUSECVE-2012-4561 at NVDCVE-2013-0176 at SUSECVE-2013-0176 at NVDCVE-2014-0017 at SUSECVE-2014-0017 at NVDCVE-2014-8132 at SUSECVE-2014-8132 at NVDCVE-2015-3146 at SUSECVE-2015-3146 at NVDCVE-2018-10933 at SUSECVE-2018-10933 at NVDCVE-2019-14889 at SUSECVE-2019-14889 at NVDCVE-2020-16135 at SUSECVE-2020-16135 at NVDCVE-2020-1730 at SUSECVE-2020-1730 at NVDCVE-2021-3634 at SUSECVE-2021-3634 at NVDCVE-2023-1667 at SUSECVE-2023-1667 at NVDCVE-2023-2283 at SUSECVE-2023-2283 at NVDCVE-2023-48795 at SUSECVE-2023-48795 at NVDCVE-2023-6004 at SUSECVE-2023-6004 at NVDCVE-2023-6918 at SUSECVE-2023-6918 at NVDcpe:/o:suse:sl-micro:6.0libssh2-1-1.11.0-2.5 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libssh2-1-1.11.0-2.5 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-1782 at SUSECVE-2015-1782 at NVDCVE-2016-0787 at SUSECVE-2016-0787 at NVDCVE-2019-17498 at SUSECVE-2019-17498 at NVDCVE-2019-3855 at SUSECVE-2019-3855 at NVDCVE-2019-3856 at SUSECVE-2019-3856 at NVDCVE-2019-3857 at SUSECVE-2019-3857 at NVDCVE-2019-3858 at SUSECVE-2019-3858 at NVDCVE-2019-3859 at SUSECVE-2019-3859 at NVDCVE-2019-3860 at SUSECVE-2019-3860 at NVDCVE-2019-3861 at SUSECVE-2019-3861 at NVDCVE-2019-3862 at SUSECVE-2019-3862 at NVDCVE-2019-3863 at SUSECVE-2019-3863 at NVDCVE-2023-48795 at SUSECVE-2023-48795 at NVDcpe:/o:suse:sl-micro:6.0libsss_certmap0-2.8.2-5.13 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libsss_certmap0-2.8.2-5.13 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2010-4341 at SUSECVE-2010-4341 at NVDCVE-2011-1758 at SUSECVE-2011-1758 at NVDCVE-2013-0219 at SUSECVE-2013-0219 at NVDCVE-2013-0220 at SUSECVE-2013-0220 at NVDCVE-2013-0287 at SUSECVE-2013-0287 at NVDCVE-2014-0249 at SUSECVE-2014-0249 at NVDCVE-2017-12173 at SUSECVE-2017-12173 at NVDCVE-2018-10852 at SUSECVE-2018-10852 at NVDcpe:/o:suse:sl-micro:6.0libsubid4-4.15.1-1.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libsubid4-4.15.1-1.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-4235 at SUSECVE-2013-4235 at NVDCVE-2018-7169 at SUSECVE-2018-7169 at NVDCVE-2023-29383 at SUSECVE-2023-29383 at NVDcpe:/o:suse:sl-micro:6.0libsystemd0-254.9-1.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libsystemd0-254.9-1.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-1174 at SUSECVE-2012-1174 at NVDCVE-2013-4288 at SUSECVE-2013-4288 at NVDCVE-2015-7510 at SUSECVE-2015-7510 at NVDCVE-2016-10156 at SUSECVE-2016-10156 at NVDCVE-2017-15908 at SUSECVE-2017-15908 at NVDCVE-2017-18078 at SUSECVE-2017-18078 at NVDCVE-2017-9445 at SUSECVE-2017-9445 at NVDCVE-2018-15686 at SUSECVE-2018-15686 at NVDCVE-2018-15687 at SUSECVE-2018-15687 at NVDCVE-2018-15688 at SUSECVE-2018-15688 at NVDCVE-2018-16864 at SUSECVE-2018-16864 at NVDCVE-2018-16865 at SUSECVE-2018-16865 at NVDCVE-2018-21029 at SUSECVE-2018-21029 at NVDCVE-2018-6954 at SUSECVE-2018-6954 at NVDCVE-2019-20386 at SUSECVE-2019-20386 at NVDCVE-2019-3842 at SUSECVE-2019-3842 at NVDCVE-2019-3843 at SUSECVE-2019-3843 at NVDCVE-2019-3844 at SUSECVE-2019-3844 at NVDCVE-2019-6454 at SUSECVE-2019-6454 at NVDCVE-2020-13529 at SUSECVE-2020-13529 at NVDCVE-2020-1712 at SUSECVE-2020-1712 at NVDCVE-2021-33910 at SUSECVE-2021-33910 at NVDCVE-2021-3997 at SUSECVE-2021-3997 at NVDCVE-2022-3821 at SUSECVE-2022-3821 at NVDCVE-2022-4415 at SUSECVE-2022-4415 at NVDCVE-2023-7008 at SUSECVE-2023-7008 at NVDcpe:/o:suse:sl-micro:6.0libtasn1-6-4.19.0-2.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libtasn1-6-4.19.0-2.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-3467 at SUSECVE-2014-3467 at NVDCVE-2014-3468 at SUSECVE-2014-3468 at NVDCVE-2014-3469 at SUSECVE-2014-3469 at NVDCVE-2015-2806 at SUSECVE-2015-2806 at NVDCVE-2015-3622 at SUSECVE-2015-3622 at NVDCVE-2016-4008 at SUSECVE-2016-4008 at NVDCVE-2018-1000654 at SUSECVE-2018-1000654 at NVDCVE-2018-6003 at SUSECVE-2018-6003 at NVDcpe:/o:suse:sl-micro:6.0libthai-data-0.1.29-2.5 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libthai-data-0.1.29-2.5 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-4012 at SUSECVE-2009-4012 at NVDcpe:/o:suse:sl-micro:6.0libtiff6-4.6.0-3.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libtiff6-4.6.0-3.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-0405 at SUSECVE-2006-0405 at NVDCVE-2006-2656 at SUSECVE-2006-2656 at NVDCVE-2008-1586 at SUSECVE-2008-1586 at NVDCVE-2008-2327 at SUSECVE-2008-2327 at NVDCVE-2009-2285 at SUSECVE-2009-2285 at NVDCVE-2009-2347 at SUSECVE-2009-2347 at NVDCVE-2010-2065 at SUSECVE-2010-2065 at NVDCVE-2010-2067 at SUSECVE-2010-2067 at NVDCVE-2010-2233 at SUSECVE-2010-2233 at NVDCVE-2010-4665 at SUSECVE-2010-4665 at NVDCVE-2011-0192 at SUSECVE-2011-0192 at NVDCVE-2011-1167 at SUSECVE-2011-1167 at NVDCVE-2012-1173 at SUSECVE-2012-1173 at NVDCVE-2012-2113 at SUSECVE-2012-2113 at NVDCVE-2012-3401 at SUSECVE-2012-3401 at NVDCVE-2012-4564 at SUSECVE-2012-4564 at NVDCVE-2013-1960 at SUSECVE-2013-1960 at NVDCVE-2013-1961 at SUSECVE-2013-1961 at NVDCVE-2013-4231 at SUSECVE-2013-4231 at NVDCVE-2013-4232 at SUSECVE-2013-4232 at NVDCVE-2013-4243 at SUSECVE-2013-4243 at NVDCVE-2013-4244 at SUSECVE-2013-4244 at NVDCVE-2014-8127 at SUSECVE-2014-8127 at NVDCVE-2014-8128 at SUSECVE-2014-8128 at NVDCVE-2014-8129 at SUSECVE-2014-8129 at NVDCVE-2014-8130 at SUSECVE-2014-8130 at NVDCVE-2014-9655 at SUSECVE-2014-9655 at NVDCVE-2015-1547 at SUSECVE-2015-1547 at NVDCVE-2015-7554 at SUSECVE-2015-7554 at NVDCVE-2015-8665 at SUSECVE-2015-8665 at NVDCVE-2015-8683 at SUSECVE-2015-8683 at NVDCVE-2015-8781 at SUSECVE-2015-8781 at NVDCVE-2015-8782 at SUSECVE-2015-8782 at NVDCVE-2015-8783 at SUSECVE-2015-8783 at NVDCVE-2016-10092 at SUSECVE-2016-10092 at NVDCVE-2016-10093 at SUSECVE-2016-10093 at NVDCVE-2016-10094 at SUSECVE-2016-10094 at NVDCVE-2016-10095 at SUSECVE-2016-10095 at NVDCVE-2016-10266 at SUSECVE-2016-10266 at NVDCVE-2016-10267 at SUSECVE-2016-10267 at NVDCVE-2016-10268 at SUSECVE-2016-10268 at NVDCVE-2016-10269 at SUSECVE-2016-10269 at NVDCVE-2016-10270 at SUSECVE-2016-10270 at NVDCVE-2016-10271 at SUSECVE-2016-10271 at NVDCVE-2016-10272 at SUSECVE-2016-10272 at NVDCVE-2016-10371 at SUSECVE-2016-10371 at NVDCVE-2016-3186 at SUSECVE-2016-3186 at NVDCVE-2016-3622 at SUSECVE-2016-3622 at NVDCVE-2016-3623 at SUSECVE-2016-3623 at NVDCVE-2016-3658 at SUSECVE-2016-3658 at NVDCVE-2016-3945 at SUSECVE-2016-3945 at NVDCVE-2016-3990 at SUSECVE-2016-3990 at NVDCVE-2016-3991 at SUSECVE-2016-3991 at NVDCVE-2016-5314 at SUSECVE-2016-5314 at NVDCVE-2016-5316 at SUSECVE-2016-5316 at NVDCVE-2016-5317 at SUSECVE-2016-5317 at NVDCVE-2016-5318 at SUSECVE-2016-5318 at NVDCVE-2016-5320 at SUSECVE-2016-5320 at NVDCVE-2016-5321 at SUSECVE-2016-5321 at NVDCVE-2016-5323 at SUSECVE-2016-5323 at NVDCVE-2016-5652 at SUSECVE-2016-5652 at NVDCVE-2016-5875 at SUSECVE-2016-5875 at NVDCVE-2016-6223 at SUSECVE-2016-6223 at NVDCVE-2016-9273 at SUSECVE-2016-9273 at NVDCVE-2016-9297 at SUSECVE-2016-9297 at NVDCVE-2016-9448 at SUSECVE-2016-9448 at NVDCVE-2016-9453 at SUSECVE-2016-9453 at NVDCVE-2016-9538 at SUSECVE-2016-9538 at NVDCVE-2017-11613 at SUSECVE-2017-11613 at NVDCVE-2017-12944 at SUSECVE-2017-12944 at NVDCVE-2017-16232 at SUSECVE-2017-16232 at NVDCVE-2017-17095 at SUSECVE-2017-17095 at NVDCVE-2017-18013 at SUSECVE-2017-18013 at NVDCVE-2017-5225 at SUSECVE-2017-5225 at NVDCVE-2017-7592 at SUSECVE-2017-7592 at NVDCVE-2017-7593 at SUSECVE-2017-7593 at NVDCVE-2017-7594 at SUSECVE-2017-7594 at NVDCVE-2017-7595 at SUSECVE-2017-7595 at NVDCVE-2017-7596 at SUSECVE-2017-7596 at NVDCVE-2017-7597 at SUSECVE-2017-7597 at NVDCVE-2017-7598 at SUSECVE-2017-7598 at NVDCVE-2017-7599 at SUSECVE-2017-7599 at NVDCVE-2017-7600 at SUSECVE-2017-7600 at NVDCVE-2017-7601 at SUSECVE-2017-7601 at NVDCVE-2017-7602 at SUSECVE-2017-7602 at NVDCVE-2017-9403 at SUSECVE-2017-9403 at NVDCVE-2017-9404 at SUSECVE-2017-9404 at NVDCVE-2017-9935 at SUSECVE-2017-9935 at NVDCVE-2017-9936 at SUSECVE-2017-9936 at NVDCVE-2018-10779 at SUSECVE-2018-10779 at NVDCVE-2018-10963 at SUSECVE-2018-10963 at NVDCVE-2018-12900 at SUSECVE-2018-12900 at NVDCVE-2018-16335 at SUSECVE-2018-16335 at NVDCVE-2018-17000 at SUSECVE-2018-17000 at NVDCVE-2018-17100 at SUSECVE-2018-17100 at NVDCVE-2018-17101 at SUSECVE-2018-17101 at NVDCVE-2018-17795 at SUSECVE-2018-17795 at NVDCVE-2018-18557 at SUSECVE-2018-18557 at NVDCVE-2018-18661 at SUSECVE-2018-18661 at NVDCVE-2018-19210 at SUSECVE-2018-19210 at NVDCVE-2018-5784 at SUSECVE-2018-5784 at NVDCVE-2018-7456 at SUSECVE-2018-7456 at NVDCVE-2018-8905 at SUSECVE-2018-8905 at NVDCVE-2019-14973 at SUSECVE-2019-14973 at NVDCVE-2019-17546 at SUSECVE-2019-17546 at NVDCVE-2019-6128 at SUSECVE-2019-6128 at NVDCVE-2019-7663 at SUSECVE-2019-7663 at NVDCVE-2020-19131 at SUSECVE-2020-19131 at NVDCVE-2020-35521 at SUSECVE-2020-35521 at NVDCVE-2020-35522 at SUSECVE-2020-35522 at NVDCVE-2020-35523 at SUSECVE-2020-35523 at NVDCVE-2020-35524 at SUSECVE-2020-35524 at NVDCVE-2022-0561 at SUSECVE-2022-0561 at NVDCVE-2022-0562 at SUSECVE-2022-0562 at NVDCVE-2022-0865 at SUSECVE-2022-0865 at NVDCVE-2022-0891 at SUSECVE-2022-0891 at NVDCVE-2022-0907 at SUSECVE-2022-0907 at NVDCVE-2022-0908 at SUSECVE-2022-0908 at NVDCVE-2022-0909 at SUSECVE-2022-0909 at NVDCVE-2022-0924 at SUSECVE-2022-0924 at NVDCVE-2022-1056 at SUSECVE-2022-1056 at NVDCVE-2022-2056 at SUSECVE-2022-2056 at NVDCVE-2022-2057 at SUSECVE-2022-2057 at NVDCVE-2022-2058 at SUSECVE-2022-2058 at NVDCVE-2022-22844 at SUSECVE-2022-22844 at NVDCVE-2022-2519 at SUSECVE-2022-2519 at NVDCVE-2022-2520 at SUSECVE-2022-2520 at NVDCVE-2022-2521 at SUSECVE-2022-2521 at NVDCVE-2022-2867 at SUSECVE-2022-2867 at NVDCVE-2022-2868 at SUSECVE-2022-2868 at NVDCVE-2022-2869 at SUSECVE-2022-2869 at NVDCVE-2022-34266 at SUSECVE-2022-34266 at NVDCVE-2022-34526 at SUSECVE-2022-34526 at NVDCVE-2022-3570 at SUSECVE-2022-3570 at NVDCVE-2022-3597 at SUSECVE-2022-3597 at NVDCVE-2022-3598 at SUSECVE-2022-3598 at NVDCVE-2022-3599 at SUSECVE-2022-3599 at NVDCVE-2022-3626 at SUSECVE-2022-3626 at NVDCVE-2022-3627 at SUSECVE-2022-3627 at NVDCVE-2022-3970 at SUSECVE-2022-3970 at NVDCVE-2022-48281 at SUSECVE-2022-48281 at NVDCVE-2023-0795 at SUSECVE-2023-0795 at NVDCVE-2023-0796 at SUSECVE-2023-0796 at NVDCVE-2023-0797 at SUSECVE-2023-0797 at NVDCVE-2023-0798 at SUSECVE-2023-0798 at NVDCVE-2023-0799 at SUSECVE-2023-0799 at NVDCVE-2023-0800 at SUSECVE-2023-0800 at NVDCVE-2023-0801 at SUSECVE-2023-0801 at NVDCVE-2023-0802 at SUSECVE-2023-0802 at NVDCVE-2023-0803 at SUSECVE-2023-0803 at NVDCVE-2023-0804 at SUSECVE-2023-0804 at NVDCVE-2023-25435 at SUSECVE-2023-25435 at NVDCVE-2023-52356 at SUSECVE-2023-52356 at NVDcpe:/o:suse:sl-micro:6.0libtirpc-netconfig-1.3.4-1.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libtirpc-netconfig-1.3.4-1.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2016-4429 at SUSECVE-2016-4429 at NVDCVE-2021-46828 at SUSECVE-2021-46828 at NVDcpe:/o:suse:sl-micro:6.0libtpms0-0.9.6-1.13 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libtpms0-0.9.6-1.13 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2021-3446 at SUSECVE-2021-3446 at NVDCVE-2021-3505 at SUSECVE-2021-3505 at NVDCVE-2021-3623 at SUSECVE-2021-3623 at NVDCVE-2021-3746 at SUSECVE-2021-3746 at NVDCVE-2023-1017 at SUSECVE-2023-1017 at NVDCVE-2023-1018 at SUSECVE-2023-1018 at NVDcpe:/o:suse:sl-micro:6.0libtspi1-0.3.15-3.13 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libtspi1-0.3.15-3.13 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-18898 at SUSECVE-2019-18898 at NVDCVE-2020-24330 at SUSECVE-2020-24330 at NVDCVE-2020-24331 at SUSECVE-2020-24331 at NVDCVE-2020-24332 at SUSECVE-2020-24332 at NVDcpe:/o:suse:sl-micro:6.0libtss2-esys0-4.0.1-2.15 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libtss2-esys0-4.0.1-2.15 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-24455 at SUSECVE-2020-24455 at NVDCVE-2023-22745 at SUSECVE-2023-22745 at NVDcpe:/o:suse:sl-micro:6.0libudisks2-0-2.9.4-1.12 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libudisks2-0-2.9.4-1.12 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-0004 at SUSECVE-2014-0004 at NVDCVE-2018-17336 at SUSECVE-2018-17336 at NVDcpe:/o:suse:sl-micro:6.0libunbound8-1.17.1-2.15 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libunbound8-1.17.1-2.15 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-8602 at SUSECVE-2014-8602 at NVDCVE-2017-15105 at SUSECVE-2017-15105 at NVDCVE-2019-16866 at SUSECVE-2019-16866 at NVDCVE-2019-18934 at SUSECVE-2019-18934 at NVDCVE-2020-12662 at SUSECVE-2020-12662 at NVDCVE-2020-12663 at SUSECVE-2020-12663 at NVDCVE-2020-28935 at SUSECVE-2020-28935 at NVDCVE-2022-30698 at SUSECVE-2022-30698 at NVDCVE-2022-30699 at SUSECVE-2022-30699 at NVDCVE-2022-3204 at SUSECVE-2022-3204 at NVDcpe:/o:suse:sl-micro:6.0libunwind8-1.6.2-2.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libunwind8-1.6.2-2.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-3239 at SUSECVE-2015-3239 at NVDcpe:/o:suse:sl-micro:6.0libusbredirparser1-0.13.0-4.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libusbredirparser1-0.13.0-4.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2021-3700 at SUSECVE-2021-3700 at NVDcpe:/o:suse:sl-micro:6.0libvirglrenderer1-0.9.1-4.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libvirglrenderer1-0.9.1-4.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-10214 at SUSECVE-2016-10214 at NVDCVE-2017-5937 at SUSECVE-2017-5937 at NVDCVE-2017-5957 at SUSECVE-2017-5957 at NVDCVE-2017-5993 at SUSECVE-2017-5993 at NVDCVE-2017-5994 at SUSECVE-2017-5994 at NVDCVE-2017-6386 at SUSECVE-2017-6386 at NVDCVE-2019-18388 at SUSECVE-2019-18388 at NVDCVE-2019-18389 at SUSECVE-2019-18389 at NVDCVE-2019-18390 at SUSECVE-2019-18390 at NVDCVE-2019-18391 at SUSECVE-2019-18391 at NVDCVE-2019-18392 at SUSECVE-2019-18392 at NVDCVE-2020-8002 at SUSECVE-2020-8002 at NVDCVE-2020-8003 at SUSECVE-2020-8003 at NVDCVE-2022-0135 at SUSECVE-2022-0135 at NVDCVE-2022-0175 at SUSECVE-2022-0175 at NVDcpe:/o:suse:sl-micro:6.0libvirt-client-10.0.0-2.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libvirt-client-10.0.0-2.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2008-5086 at SUSECVE-2008-5086 at NVDCVE-2010-2242 at SUSECVE-2010-2242 at NVDCVE-2011-1146 at SUSECVE-2011-1146 at NVDCVE-2011-2511 at SUSECVE-2011-2511 at NVDCVE-2011-4600 at SUSECVE-2011-4600 at NVDCVE-2012-3445 at SUSECVE-2012-3445 at NVDCVE-2013-0170 at SUSECVE-2013-0170 at NVDCVE-2013-1962 at SUSECVE-2013-1962 at NVDCVE-2013-2218 at SUSECVE-2013-2218 at NVDCVE-2013-2230 at SUSECVE-2013-2230 at NVDCVE-2013-4153 at SUSECVE-2013-4153 at NVDCVE-2013-4154 at SUSECVE-2013-4154 at NVDCVE-2013-4239 at SUSECVE-2013-4239 at NVDCVE-2013-4296 at SUSECVE-2013-4296 at NVDCVE-2013-4297 at SUSECVE-2013-4297 at NVDCVE-2013-4311 at SUSECVE-2013-4311 at NVDCVE-2013-4399 at SUSECVE-2013-4399 at NVDCVE-2013-4400 at SUSECVE-2013-4400 at NVDCVE-2013-4401 at SUSECVE-2013-4401 at NVDCVE-2013-6436 at SUSECVE-2013-6436 at NVDCVE-2013-6456 at SUSECVE-2013-6456 at NVDCVE-2013-6457 at SUSECVE-2013-6457 at NVDCVE-2013-6458 at SUSECVE-2013-6458 at NVDCVE-2014-0028 at SUSECVE-2014-0028 at NVDCVE-2014-0179 at SUSECVE-2014-0179 at NVDCVE-2014-1447 at SUSECVE-2014-1447 at NVDCVE-2014-3633 at SUSECVE-2014-3633 at NVDCVE-2014-3657 at SUSECVE-2014-3657 at NVDCVE-2014-7823 at SUSECVE-2014-7823 at NVDCVE-2014-8131 at SUSECVE-2014-8131 at NVDCVE-2015-0236 at SUSECVE-2015-0236 at NVDCVE-2015-5247 at SUSECVE-2015-5247 at NVDCVE-2015-5313 at SUSECVE-2015-5313 at NVDCVE-2017-1000256 at SUSECVE-2017-1000256 at NVDCVE-2017-2635 at SUSECVE-2017-2635 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-1064 at SUSECVE-2018-1064 at NVDCVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-5748 at SUSECVE-2018-5748 at NVDCVE-2019-10132 at SUSECVE-2019-10132 at NVDCVE-2019-10161 at SUSECVE-2019-10161 at NVDCVE-2019-10166 at SUSECVE-2019-10166 at NVDCVE-2019-10167 at SUSECVE-2019-10167 at NVDCVE-2019-10168 at SUSECVE-2019-10168 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-3886 at SUSECVE-2019-3886 at NVDCVE-2020-10701 at SUSECVE-2020-10701 at NVDCVE-2020-12430 at SUSECVE-2020-12430 at NVDCVE-2020-14339 at SUSECVE-2020-14339 at NVDCVE-2020-15708 at SUSECVE-2020-15708 at NVDCVE-2020-25637 at SUSECVE-2020-25637 at NVDCVE-2021-3631 at SUSECVE-2021-3631 at NVDCVE-2021-3667 at SUSECVE-2021-3667 at NVDCVE-2021-4147 at SUSECVE-2021-4147 at NVDCVE-2022-0897 at SUSECVE-2022-0897 at NVDCVE-2023-2700 at SUSECVE-2023-2700 at NVDCVE-2023-3750 at SUSECVE-2023-3750 at NVDCVE-2024-1441 at SUSECVE-2024-1441 at NVDCVE-2024-2494 at SUSECVE-2024-2494 at NVDcpe:/o:suse:sl-micro:6.0libvmtools0-12.4.0-1.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libvmtools0-12.4.0-1.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-5191 at SUSECVE-2015-5191 at NVDCVE-2022-31676 at SUSECVE-2022-31676 at NVDCVE-2023-20867 at SUSECVE-2023-20867 at NVDCVE-2023-20900 at SUSECVE-2023-20900 at NVDCVE-2023-34058 at SUSECVE-2023-34058 at NVDCVE-2023-34059 at SUSECVE-2023-34059 at NVDcpe:/o:suse:sl-micro:6.0libvorbis0-1.3.7-3.12 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libvorbis0-1.3.7-3.12 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-3106 at SUSECVE-2007-3106 at NVDCVE-2008-1419 at SUSECVE-2008-1419 at NVDCVE-2008-1420 at SUSECVE-2008-1420 at NVDCVE-2008-1423 at SUSECVE-2008-1423 at NVDCVE-2009-3379 at SUSECVE-2009-3379 at NVDCVE-2012-0444 at SUSECVE-2012-0444 at NVDCVE-2017-14160 at SUSECVE-2017-14160 at NVDCVE-2017-14632 at SUSECVE-2017-14632 at NVDCVE-2017-14633 at SUSECVE-2017-14633 at NVDCVE-2018-10392 at SUSECVE-2018-10392 at NVDCVE-2018-10393 at SUSECVE-2018-10393 at NVDCVE-2018-5146 at SUSECVE-2018-5146 at NVDcpe:/o:suse:sl-micro:6.0libxcb-dri2-0-1.15-6.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libxcb-dri2-0-1.15-6.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-2064 at SUSECVE-2013-2064 at NVDcpe:/o:suse:sl-micro:6.0libxkbcommon0-1.5.0-2.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libxkbcommon0-1.5.0-2.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-15853 at SUSECVE-2018-15853 at NVDCVE-2018-15854 at SUSECVE-2018-15854 at NVDCVE-2018-15855 at SUSECVE-2018-15855 at NVDCVE-2018-15856 at SUSECVE-2018-15856 at NVDCVE-2018-15857 at SUSECVE-2018-15857 at NVDCVE-2018-15858 at SUSECVE-2018-15858 at NVDCVE-2018-15859 at SUSECVE-2018-15859 at NVDCVE-2018-15861 at SUSECVE-2018-15861 at NVDCVE-2018-15862 at SUSECVE-2018-15862 at NVDCVE-2018-15863 at SUSECVE-2018-15863 at NVDCVE-2018-15864 at SUSECVE-2018-15864 at NVDcpe:/o:suse:sl-micro:6.0libxml2-2-2.11.6-2.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libxml2-2-2.11.6-2.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-6284 at SUSECVE-2007-6284 at NVDCVE-2008-4225 at SUSECVE-2008-4225 at NVDCVE-2008-4226 at SUSECVE-2008-4226 at NVDCVE-2008-4409 at SUSECVE-2008-4409 at NVDCVE-2010-4494 at SUSECVE-2010-4494 at NVDCVE-2011-1944 at SUSECVE-2011-1944 at NVDCVE-2012-5134 at SUSECVE-2012-5134 at NVDCVE-2013-0338 at SUSECVE-2013-0338 at NVDCVE-2013-1969 at SUSECVE-2013-1969 at NVDCVE-2014-0191 at SUSECVE-2014-0191 at NVDCVE-2014-3660 at SUSECVE-2014-3660 at NVDCVE-2015-1819 at SUSECVE-2015-1819 at NVDCVE-2015-5312 at SUSECVE-2015-5312 at NVDCVE-2015-7497 at SUSECVE-2015-7497 at NVDCVE-2015-7498 at SUSECVE-2015-7498 at NVDCVE-2015-7499 at SUSECVE-2015-7499 at NVDCVE-2015-7500 at SUSECVE-2015-7500 at NVDCVE-2015-7941 at SUSECVE-2015-7941 at NVDCVE-2015-7942 at SUSECVE-2015-7942 at NVDCVE-2015-8035 at SUSECVE-2015-8035 at NVDCVE-2015-8242 at SUSECVE-2015-8242 at NVDCVE-2016-1762 at SUSECVE-2016-1762 at NVDCVE-2016-1833 at SUSECVE-2016-1833 at NVDCVE-2016-1834 at SUSECVE-2016-1834 at NVDCVE-2016-1835 at SUSECVE-2016-1835 at NVDCVE-2016-1836 at SUSECVE-2016-1836 at NVDCVE-2016-1837 at SUSECVE-2016-1837 at NVDCVE-2016-1838 at SUSECVE-2016-1838 at NVDCVE-2016-1839 at SUSECVE-2016-1839 at NVDCVE-2016-1840 at SUSECVE-2016-1840 at NVDCVE-2016-3627 at SUSECVE-2016-3627 at NVDCVE-2016-3705 at SUSECVE-2016-3705 at NVDCVE-2016-4483 at SUSECVE-2016-4483 at NVDCVE-2016-4658 at SUSECVE-2016-4658 at NVDCVE-2017-0663 at SUSECVE-2017-0663 at NVDCVE-2017-5969 at SUSECVE-2017-5969 at NVDCVE-2017-9047 at SUSECVE-2017-9047 at NVDCVE-2017-9048 at SUSECVE-2017-9048 at NVDCVE-2017-9049 at SUSECVE-2017-9049 at NVDCVE-2018-14404 at SUSECVE-2018-14404 at NVDCVE-2018-14567 at SUSECVE-2018-14567 at NVDCVE-2018-9251 at SUSECVE-2018-9251 at NVDCVE-2019-19956 at SUSECVE-2019-19956 at NVDCVE-2019-20388 at SUSECVE-2019-20388 at NVDCVE-2020-24977 at SUSECVE-2020-24977 at NVDCVE-2020-7595 at SUSECVE-2020-7595 at NVDCVE-2021-3516 at SUSECVE-2021-3516 at NVDCVE-2021-3517 at SUSECVE-2021-3517 at NVDCVE-2021-3518 at SUSECVE-2021-3518 at NVDCVE-2021-3537 at SUSECVE-2021-3537 at NVDCVE-2021-3541 at SUSECVE-2021-3541 at NVDCVE-2022-2309 at SUSECVE-2022-2309 at NVDCVE-2022-23308 at SUSECVE-2022-23308 at NVDCVE-2022-29824 at SUSECVE-2022-29824 at NVDCVE-2022-40303 at SUSECVE-2022-40303 at NVDCVE-2022-40304 at SUSECVE-2022-40304 at NVDCVE-2023-28484 at SUSECVE-2023-28484 at NVDCVE-2023-29469 at SUSECVE-2023-29469 at NVDCVE-2023-39615 at SUSECVE-2023-39615 at NVDCVE-2023-45322 at SUSECVE-2023-45322 at NVDCVE-2024-25062 at SUSECVE-2024-25062 at NVDcpe:/o:suse:sl-micro:6.0libyajl2-2.1.0-5.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libyajl2-2.1.0-5.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-24795 at SUSECVE-2022-24795 at NVDCVE-2023-33460 at SUSECVE-2023-33460 at NVDcpe:/o:suse:sl-micro:6.0libyaml-0-2-0.2.5-2.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libyaml-0-2-0.2.5-2.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-6393 at SUSECVE-2013-6393 at NVDCVE-2014-2525 at SUSECVE-2014-2525 at NVDCVE-2014-9130 at SUSECVE-2014-9130 at NVDcpe:/o:suse:sl-micro:6.0libyaml-cpp0_8-0.8.0-1.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libyaml-cpp0_8-0.8.0-1.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-5950 at SUSECVE-2017-5950 at NVDcpe:/o:suse:sl-micro:6.0libz1-1.2.13-6.138 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libz1-1.2.13-6.138 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-9843 at SUSECVE-2016-9843 at NVDCVE-2018-25032 at SUSECVE-2018-25032 at NVDCVE-2022-37434 at SUSECVE-2022-37434 at NVDcpe:/o:suse:sl-micro:6.0libzmq5-4.3.5-1.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libzmq5-4.3.5-1.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-7202 at SUSECVE-2014-7202 at NVDCVE-2014-7203 at SUSECVE-2014-7203 at NVDCVE-2014-9721 at SUSECVE-2014-9721 at NVDCVE-2019-13132 at SUSECVE-2019-13132 at NVDCVE-2019-6250 at SUSECVE-2019-6250 at NVDCVE-2020-15166 at SUSECVE-2020-15166 at NVDcpe:/o:suse:sl-micro:6.0libzstd1-1.5.5-8.142 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libzstd1-1.5.5-8.142 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-11922 at SUSECVE-2019-11922 at NVDcpe:/o:suse:sl-micro:6.0libzypp-17.31.31-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the libzypp-17.31.31-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-7435 at SUSECVE-2017-7435 at NVDCVE-2017-7436 at SUSECVE-2017-7436 at NVDCVE-2017-9269 at SUSECVE-2017-9269 at NVDCVE-2017-9271 at SUSECVE-2017-9271 at NVDCVE-2018-7685 at SUSECVE-2018-7685 at NVDCVE-2019-18900 at SUSECVE-2019-18900 at NVDcpe:/o:suse:sl-micro:6.0logrotate-3.21.0-2.12 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the logrotate-3.21.0-2.12 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2011-1098 at SUSECVE-2011-1098 at NVDCVE-2011-1154 at SUSECVE-2011-1154 at NVDCVE-2011-1155 at SUSECVE-2011-1155 at NVDCVE-2022-1348 at SUSECVE-2022-1348 at NVDcpe:/o:suse:sl-micro:6.0m4-1.4.18-5.178 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the m4-1.4.18-5.178 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2009-4029 at SUSECVE-2009-4029 at NVDcpe:/o:suse:sl-micro:6.0mailx-12.5-4.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the mailx-12.5-4.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2004-2771 at SUSECVE-2004-2771 at NVDCVE-2014-7844 at SUSECVE-2014-7844 at NVDcpe:/o:suse:sl-micro:6.0man-2.11.2-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the man-2.11.2-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-4250 at SUSECVE-2006-4250 at NVDcpe:/o:suse:sl-micro:6.0mozilla-nspr-4.35-3.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the mozilla-nspr-4.35-3.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-1545 at SUSECVE-2014-1545 at NVDCVE-2015-7183 at SUSECVE-2015-7183 at NVDcpe:/o:suse:sl-micro:6.0opensc-0.24.0-2.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the opensc-0.24.0-2.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2008-2235 at SUSECVE-2008-2235 at NVDCVE-2009-0368 at SUSECVE-2009-0368 at NVDCVE-2010-4523 at SUSECVE-2010-4523 at NVDCVE-2018-16391 at SUSECVE-2018-16391 at NVDCVE-2018-16392 at SUSECVE-2018-16392 at NVDCVE-2018-16393 at SUSECVE-2018-16393 at NVDCVE-2018-16418 at SUSECVE-2018-16418 at NVDCVE-2018-16419 at SUSECVE-2018-16419 at NVDCVE-2018-16420 at SUSECVE-2018-16420 at NVDCVE-2018-16421 at SUSECVE-2018-16421 at NVDCVE-2018-16422 at SUSECVE-2018-16422 at NVDCVE-2018-16423 at SUSECVE-2018-16423 at NVDCVE-2018-16424 at SUSECVE-2018-16424 at NVDCVE-2018-16425 at SUSECVE-2018-16425 at NVDCVE-2018-16426 at SUSECVE-2018-16426 at NVDCVE-2018-16427 at SUSECVE-2018-16427 at NVDCVE-2019-15945 at SUSECVE-2019-15945 at NVDCVE-2019-15946 at SUSECVE-2019-15946 at NVDCVE-2019-19479 at SUSECVE-2019-19479 at NVDCVE-2019-19480 at SUSECVE-2019-19480 at NVDCVE-2019-20792 at SUSECVE-2019-20792 at NVDCVE-2019-6502 at SUSECVE-2019-6502 at NVDCVE-2020-26570 at SUSECVE-2020-26570 at NVDCVE-2020-26571 at SUSECVE-2020-26571 at NVDCVE-2020-26572 at SUSECVE-2020-26572 at NVDCVE-2021-42779 at SUSECVE-2021-42779 at NVDCVE-2021-42780 at SUSECVE-2021-42780 at NVDCVE-2021-42781 at SUSECVE-2021-42781 at NVDCVE-2021-42782 at SUSECVE-2021-42782 at NVDCVE-2023-2977 at SUSECVE-2023-2977 at NVDCVE-2023-40660 at SUSECVE-2023-40660 at NVDCVE-2023-40661 at SUSECVE-2023-40661 at NVDCVE-2023-4535 at SUSECVE-2023-4535 at NVDCVE-2024-1454 at SUSECVE-2024-1454 at NVDcpe:/o:suse:sl-micro:6.0openssh-9.6p1-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the openssh-9.6p1-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-0225 at SUSECVE-2006-0225 at NVDCVE-2007-4752 at SUSECVE-2007-4752 at NVDCVE-2008-1483 at SUSECVE-2008-1483 at NVDCVE-2015-8325 at SUSECVE-2015-8325 at NVDCVE-2016-0777 at SUSECVE-2016-0777 at NVDCVE-2016-0778 at SUSECVE-2016-0778 at NVDCVE-2016-10009 at SUSECVE-2016-10009 at NVDCVE-2016-10010 at SUSECVE-2016-10010 at NVDCVE-2016-10011 at SUSECVE-2016-10011 at NVDCVE-2016-10012 at SUSECVE-2016-10012 at NVDCVE-2016-6210 at SUSECVE-2016-6210 at NVDCVE-2016-6515 at SUSECVE-2016-6515 at NVDCVE-2016-8858 at SUSECVE-2016-8858 at NVDCVE-2018-20685 at SUSECVE-2018-20685 at NVDCVE-2019-6109 at SUSECVE-2019-6109 at NVDCVE-2019-6110 at SUSECVE-2019-6110 at NVDCVE-2019-6111 at SUSECVE-2019-6111 at NVDCVE-2022-2274 at SUSECVE-2022-2274 at NVDCVE-2023-38408 at SUSECVE-2023-38408 at NVDCVE-2023-48795 at SUSECVE-2023-48795 at NVDcpe:/o:suse:sl-micro:6.0pam-1.6.0-2.22 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the pam-1.6.0-2.22 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2010-3430 at SUSECVE-2010-3430 at NVDCVE-2010-3431 at SUSECVE-2010-3431 at NVDCVE-2010-3853 at SUSECVE-2010-3853 at NVDCVE-2011-3148 at SUSECVE-2011-3148 at NVDCVE-2011-3149 at SUSECVE-2011-3149 at NVDCVE-2014-2583 at SUSECVE-2014-2583 at NVDCVE-2015-3238 at SUSECVE-2015-3238 at NVDCVE-2018-17953 at SUSECVE-2018-17953 at NVDCVE-2020-27780 at SUSECVE-2020-27780 at NVDCVE-2024-22365 at SUSECVE-2024-22365 at NVDcpe:/o:suse:sl-micro:6.0pam_u2f-1.3.0-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the pam_u2f-1.3.0-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-12209 at SUSECVE-2019-12209 at NVDCVE-2019-12210 at SUSECVE-2019-12210 at NVDCVE-2021-31924 at SUSECVE-2021-31924 at NVDcpe:/o:suse:sl-micro:6.0patch-2.7.6-2.202 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the patch-2.7.6-2.202 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2010-4651 at SUSECVE-2010-4651 at NVDCVE-2015-1196 at SUSECVE-2015-1196 at NVDCVE-2016-10713 at SUSECVE-2016-10713 at NVDCVE-2018-1000156 at SUSECVE-2018-1000156 at NVDCVE-2018-6951 at SUSECVE-2018-6951 at NVDCVE-2018-6952 at SUSECVE-2018-6952 at NVDCVE-2019-13636 at SUSECVE-2019-13636 at NVDcpe:/o:suse:sl-micro:6.0pcsc-ccid-1.5.4-1.6 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the pcsc-ccid-1.5.4-1.6 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2010-4530 at SUSECVE-2010-4530 at NVDcpe:/o:suse:sl-micro:6.0perl-5.38.2-1.52 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the perl-5.38.2-1.52 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2005-3962 at SUSECVE-2005-3962 at NVDCVE-2007-5116 at SUSECVE-2007-5116 at NVDCVE-2010-2761 at SUSECVE-2010-2761 at NVDCVE-2010-4410 at SUSECVE-2010-4410 at NVDCVE-2010-4411 at SUSECVE-2010-4411 at NVDCVE-2010-4777 at SUSECVE-2010-4777 at NVDCVE-2017-12814 at SUSECVE-2017-12814 at NVDCVE-2017-12837 at SUSECVE-2017-12837 at NVDCVE-2017-12883 at SUSECVE-2017-12883 at NVDCVE-2018-18311 at SUSECVE-2018-18311 at NVDCVE-2018-18312 at SUSECVE-2018-18312 at NVDCVE-2020-10543 at SUSECVE-2020-10543 at NVDCVE-2020-10878 at SUSECVE-2020-10878 at NVDCVE-2020-12723 at SUSECVE-2020-12723 at NVDCVE-2023-47038 at SUSECVE-2023-47038 at NVDCVE-2023-47039 at SUSECVE-2023-47039 at NVDcpe:/o:suse:sl-micro:6.0podman-4.9.3-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the podman-4.9.3-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-10856 at SUSECVE-2018-10856 at NVDCVE-2019-10152 at SUSECVE-2019-10152 at NVDCVE-2019-10214 at SUSECVE-2019-10214 at NVDCVE-2020-14370 at SUSECVE-2020-14370 at NVDCVE-2020-1726 at SUSECVE-2020-1726 at NVDCVE-2021-20199 at SUSECVE-2021-20199 at NVDCVE-2021-20206 at SUSECVE-2021-20206 at NVDCVE-2021-4024 at SUSECVE-2021-4024 at NVDCVE-2021-41190 at SUSECVE-2021-41190 at NVDCVE-2022-1227 at SUSECVE-2022-1227 at NVDCVE-2022-21698 at SUSECVE-2022-21698 at NVDCVE-2022-27191 at SUSECVE-2022-27191 at NVDCVE-2022-27649 at SUSECVE-2022-27649 at NVDCVE-2022-2989 at SUSECVE-2022-2989 at NVDCVE-2023-0778 at SUSECVE-2023-0778 at NVDcpe:/o:suse:sl-micro:6.0policycoreutils-3.5-6.40 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the policycoreutils-3.5-6.40 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-7545 at SUSECVE-2016-7545 at NVDCVE-2018-1063 at SUSECVE-2018-1063 at NVDcpe:/o:suse:sl-micro:6.0ppp-2.4.9-5.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the ppp-2.4.9-5.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-3158 at SUSECVE-2014-3158 at NVDCVE-2015-3310 at SUSECVE-2015-3310 at NVDCVE-2020-8597 at SUSECVE-2020-8597 at NVDcpe:/o:suse:sl-micro:6.0procmail-3.24-1.20 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the procmail-3.24-1.20 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-3618 at SUSECVE-2014-3618 at NVDCVE-2017-16844 at SUSECVE-2017-16844 at NVDcpe:/o:suse:sl-micro:6.0python3-salt-3006.0-6.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python3-salt-3006.0-6.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-1866 at SUSECVE-2016-1866 at NVDCVE-2016-9639 at SUSECVE-2016-9639 at NVDCVE-2017-12791 at SUSECVE-2017-12791 at NVDCVE-2017-14695 at SUSECVE-2017-14695 at NVDCVE-2017-14696 at SUSECVE-2017-14696 at NVDCVE-2018-15750 at SUSECVE-2018-15750 at NVDCVE-2018-15751 at SUSECVE-2018-15751 at NVDCVE-2019-17361 at SUSECVE-2019-17361 at NVDCVE-2019-18897 at SUSECVE-2019-18897 at NVDCVE-2020-11651 at SUSECVE-2020-11651 at NVDCVE-2020-11652 at SUSECVE-2020-11652 at NVDCVE-2020-16846 at SUSECVE-2020-16846 at NVDCVE-2020-17490 at SUSECVE-2020-17490 at NVDCVE-2020-25592 at SUSECVE-2020-25592 at NVDCVE-2020-28243 at SUSECVE-2020-28243 at NVDCVE-2020-28972 at SUSECVE-2020-28972 at NVDCVE-2020-35662 at SUSECVE-2020-35662 at NVDCVE-2021-21996 at SUSECVE-2021-21996 at NVDCVE-2021-25281 at SUSECVE-2021-25281 at NVDCVE-2021-25282 at SUSECVE-2021-25282 at NVDCVE-2021-25283 at SUSECVE-2021-25283 at NVDCVE-2021-25284 at SUSECVE-2021-25284 at NVDCVE-2021-25315 at SUSECVE-2021-25315 at NVDCVE-2021-3144 at SUSECVE-2021-3144 at NVDCVE-2021-3148 at SUSECVE-2021-3148 at NVDCVE-2021-31607 at SUSECVE-2021-31607 at NVDCVE-2021-3197 at SUSECVE-2021-3197 at NVDCVE-2022-22934 at SUSECVE-2022-22934 at NVDCVE-2022-22935 at SUSECVE-2022-22935 at NVDCVE-2022-22936 at SUSECVE-2022-22936 at NVDCVE-2022-22941 at SUSECVE-2022-22941 at NVDCVE-2022-22967 at SUSECVE-2022-22967 at NVDCVE-2023-20897 at SUSECVE-2023-20897 at NVDCVE-2023-20898 at SUSECVE-2023-20898 at NVDCVE-2023-28370 at SUSECVE-2023-28370 at NVDCVE-2023-34049 at SUSECVE-2023-34049 at NVDCVE-2024-22231 at SUSECVE-2024-22231 at NVDCVE-2024-22232 at SUSECVE-2024-22232 at NVDcpe:/o:suse:sl-micro:6.0python311-Jinja2-3.1.2-5.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-Jinja2-3.1.2-5.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-0012 at SUSECVE-2014-0012 at NVDCVE-2016-10745 at SUSECVE-2016-10745 at NVDCVE-2019-10906 at SUSECVE-2019-10906 at NVDCVE-2019-8341 at SUSECVE-2019-8341 at NVDCVE-2020-28493 at SUSECVE-2020-28493 at NVDcpe:/o:suse:sl-micro:6.0python311-M2Crypto-0.39.0-1.17 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-M2Crypto-0.39.0-1.17 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-25657 at SUSECVE-2020-25657 at NVDcpe:/o:suse:sl-micro:6.0python311-PyJWT-2.8.0-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-PyJWT-2.8.0-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-29217 at SUSECVE-2022-29217 at NVDcpe:/o:suse:sl-micro:6.0python311-PyYAML-6.0.1-1.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-PyYAML-6.0.1-1.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-18342 at SUSECVE-2017-18342 at NVDCVE-2020-14343 at SUSECVE-2020-14343 at NVDcpe:/o:suse:sl-micro:6.0python311-certifi-2023.7.22-1.38 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-certifi-2023.7.22-1.38 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-23491 at SUSECVE-2022-23491 at NVDcpe:/o:suse:sl-micro:6.0python311-configobj-5.0.8-2.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-configobj-5.0.8-2.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2023-26112 at SUSECVE-2023-26112 at NVDcpe:/o:suse:sl-micro:6.0python311-cryptography-42.0.4-1.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-cryptography-42.0.4-1.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-25659 at SUSECVE-2020-25659 at NVDCVE-2020-36242 at SUSECVE-2020-36242 at NVDCVE-2022-3602 at SUSECVE-2022-3602 at NVDCVE-2022-3786 at SUSECVE-2022-3786 at NVDCVE-2023-23931 at SUSECVE-2023-23931 at NVDCVE-2023-38325 at SUSECVE-2023-38325 at NVDCVE-2023-49083 at SUSECVE-2023-49083 at NVDCVE-2024-26130 at SUSECVE-2024-26130 at NVDcpe:/o:suse:sl-micro:6.0python311-httpx-0.24.0-5.82 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-httpx-0.24.0-5.82 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2021-41945 at SUSECVE-2021-41945 at NVDcpe:/o:suse:sl-micro:6.0python311-lxml-4.9.3-1.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-lxml-4.9.3-1.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-19787 at SUSECVE-2018-19787 at NVDCVE-2020-27783 at SUSECVE-2020-27783 at NVDCVE-2021-28957 at SUSECVE-2021-28957 at NVDCVE-2021-43818 at SUSECVE-2021-43818 at NVDCVE-2022-2309 at SUSECVE-2022-2309 at NVDcpe:/o:suse:sl-micro:6.0python311-oauthlib-3.2.2-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-oauthlib-3.2.2-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2022-36087 at SUSECVE-2022-36087 at NVDcpe:/o:suse:sl-micro:6.0python311-py-1.11.0-6.86 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-py-1.11.0-6.86 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-29651 at SUSECVE-2020-29651 at NVDCVE-2022-42969 at SUSECVE-2022-42969 at NVDcpe:/o:suse:sl-micro:6.0python311-pyOpenSSL-24.0.0-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-pyOpenSSL-24.0.0-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-4314 at SUSECVE-2013-4314 at NVDcpe:/o:suse:sl-micro:6.0python311-pyzmq-25.1.1-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-pyzmq-25.1.1-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-6250 at SUSECVE-2019-6250 at NVDcpe:/o:suse:sl-micro:6.0python311-requests-2.31.0-1.48 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-requests-2.31.0-1.48 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-1829 at SUSECVE-2014-1829 at NVDCVE-2014-1830 at SUSECVE-2014-1830 at NVDCVE-2015-2296 at SUSECVE-2015-2296 at NVDCVE-2018-18074 at SUSECVE-2018-18074 at NVDCVE-2023-32681 at SUSECVE-2023-32681 at NVDcpe:/o:suse:sl-micro:6.0python311-rsa-4.9-3.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-rsa-4.9-3.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-13757 at SUSECVE-2020-13757 at NVDCVE-2020-25658 at SUSECVE-2020-25658 at NVDcpe:/o:suse:sl-micro:6.0python311-setuptools-69.0.2-1.24 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-setuptools-69.0.2-1.24 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-20916 at SUSECVE-2019-20916 at NVDcpe:/o:suse:sl-micro:6.0python311-tornado6-6.4-1.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-tornado6-6.4-1.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2023-28370 at SUSECVE-2023-28370 at NVDcpe:/o:suse:sl-micro:6.0python311-urllib3-2.1.0-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the python311-urllib3-2.1.0-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-9015 at SUSECVE-2016-9015 at NVDCVE-2018-20060 at SUSECVE-2018-20060 at NVDCVE-2019-11236 at SUSECVE-2019-11236 at NVDCVE-2019-11324 at SUSECVE-2019-11324 at NVDCVE-2019-9740 at SUSECVE-2019-9740 at NVDCVE-2020-26137 at SUSECVE-2020-26137 at NVDCVE-2021-33503 at SUSECVE-2021-33503 at NVDCVE-2023-43804 at SUSECVE-2023-43804 at NVDCVE-2023-45803 at SUSECVE-2023-45803 at NVDcpe:/o:suse:sl-micro:6.0qemu-8.2.1-2.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the qemu-8.2.1-2.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2008-0928 at SUSECVE-2008-0928 at NVDCVE-2008-1945 at SUSECVE-2008-1945 at NVDCVE-2008-2382 at SUSECVE-2008-2382 at NVDCVE-2008-4539 at SUSECVE-2008-4539 at NVDCVE-2012-3515 at SUSECVE-2012-3515 at NVDCVE-2013-4148 at SUSECVE-2013-4148 at NVDCVE-2013-4149 at SUSECVE-2013-4149 at NVDCVE-2013-4150 at SUSECVE-2013-4150 at NVDCVE-2013-4151 at SUSECVE-2013-4151 at NVDCVE-2013-4526 at SUSECVE-2013-4526 at NVDCVE-2013-4527 at SUSECVE-2013-4527 at NVDCVE-2013-4529 at SUSECVE-2013-4529 at NVDCVE-2013-4530 at SUSECVE-2013-4530 at NVDCVE-2013-4531 at SUSECVE-2013-4531 at NVDCVE-2013-4533 at SUSECVE-2013-4533 at NVDCVE-2013-4534 at SUSECVE-2013-4534 at NVDCVE-2013-4535 at SUSECVE-2013-4535 at NVDCVE-2013-4536 at SUSECVE-2013-4536 at NVDCVE-2013-4537 at SUSECVE-2013-4537 at NVDCVE-2013-4538 at SUSECVE-2013-4538 at NVDCVE-2013-4539 at SUSECVE-2013-4539 at NVDCVE-2013-4540 at SUSECVE-2013-4540 at NVDCVE-2013-4541 at SUSECVE-2013-4541 at NVDCVE-2013-4542 at SUSECVE-2013-4542 at NVDCVE-2013-4544 at SUSECVE-2013-4544 at NVDCVE-2013-6399 at SUSECVE-2013-6399 at NVDCVE-2014-0142 at SUSECVE-2014-0142 at NVDCVE-2014-0143 at SUSECVE-2014-0143 at NVDCVE-2014-0144 at SUSECVE-2014-0144 at NVDCVE-2014-0145 at SUSECVE-2014-0145 at NVDCVE-2014-0146 at SUSECVE-2014-0146 at NVDCVE-2014-0147 at SUSECVE-2014-0147 at NVDCVE-2014-0150 at SUSECVE-2014-0150 at NVDCVE-2014-0182 at SUSECVE-2014-0182 at NVDCVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2014-0223 at SUSECVE-2014-0223 at NVDCVE-2014-3461 at SUSECVE-2014-3461 at NVDCVE-2014-3640 at SUSECVE-2014-3640 at NVDCVE-2014-7840 at SUSECVE-2014-7840 at NVDCVE-2014-8106 at SUSECVE-2014-8106 at NVDCVE-2015-1779 at SUSECVE-2015-1779 at NVDCVE-2015-3209 at SUSECVE-2015-3209 at NVDCVE-2015-3456 at SUSECVE-2015-3456 at NVDCVE-2015-4037 at SUSECVE-2015-4037 at NVDCVE-2015-5154 at SUSECVE-2015-5154 at NVDCVE-2015-5225 at SUSECVE-2015-5225 at NVDCVE-2015-5278 at SUSECVE-2015-5278 at NVDCVE-2015-5279 at SUSECVE-2015-5279 at NVDCVE-2015-5745 at SUSECVE-2015-5745 at NVDCVE-2015-6815 at SUSECVE-2015-6815 at NVDCVE-2015-6855 at SUSECVE-2015-6855 at NVDCVE-2015-7295 at SUSECVE-2015-7295 at NVDCVE-2015-7512 at SUSECVE-2015-7512 at NVDCVE-2015-7549 at SUSECVE-2015-7549 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDCVE-2015-8504 at SUSECVE-2015-8504 at NVDCVE-2015-8558 at SUSECVE-2015-8558 at NVDCVE-2015-8567 at SUSECVE-2015-8567 at NVDCVE-2015-8568 at SUSECVE-2015-8568 at NVDCVE-2015-8613 at SUSECVE-2015-8613 at NVDCVE-2015-8619 at SUSECVE-2015-8619 at NVDCVE-2015-8743 at SUSECVE-2015-8743 at NVDCVE-2015-8744 at SUSECVE-2015-8744 at NVDCVE-2015-8745 at SUSECVE-2015-8745 at NVDCVE-2016-10028 at SUSECVE-2016-10028 at NVDCVE-2016-10155 at SUSECVE-2016-10155 at NVDCVE-2016-1568 at SUSECVE-2016-1568 at NVDCVE-2016-1714 at SUSECVE-2016-1714 at NVDCVE-2016-1922 at SUSECVE-2016-1922 at NVDCVE-2016-1981 at SUSECVE-2016-1981 at NVDCVE-2016-2198 at SUSECVE-2016-2198 at NVDCVE-2016-3710 at SUSECVE-2016-3710 at NVDCVE-2016-3712 at SUSECVE-2016-3712 at NVDCVE-2016-4002 at SUSECVE-2016-4002 at NVDCVE-2016-4020 at SUSECVE-2016-4020 at NVDCVE-2016-4439 at SUSECVE-2016-4439 at NVDCVE-2016-4441 at SUSECVE-2016-4441 at NVDCVE-2016-4453 at SUSECVE-2016-4453 at NVDCVE-2016-4454 at SUSECVE-2016-4454 at NVDCVE-2016-4952 at SUSECVE-2016-4952 at NVDCVE-2016-4964 at SUSECVE-2016-4964 at NVDCVE-2016-5105 at SUSECVE-2016-5105 at NVDCVE-2016-5106 at SUSECVE-2016-5106 at NVDCVE-2016-5107 at SUSECVE-2016-5107 at NVDCVE-2016-5126 at SUSECVE-2016-5126 at NVDCVE-2016-5238 at SUSECVE-2016-5238 at NVDCVE-2016-5337 at SUSECVE-2016-5337 at NVDCVE-2016-5338 at SUSECVE-2016-5338 at NVDCVE-2016-5403 at SUSECVE-2016-5403 at NVDCVE-2016-6351 at SUSECVE-2016-6351 at NVDCVE-2016-6490 at SUSECVE-2016-6490 at NVDCVE-2016-6833 at SUSECVE-2016-6833 at NVDCVE-2016-6836 at SUSECVE-2016-6836 at NVDCVE-2016-6888 at SUSECVE-2016-6888 at NVDCVE-2016-7116 at SUSECVE-2016-7116 at NVDCVE-2016-7155 at SUSECVE-2016-7155 at NVDCVE-2016-7156 at SUSECVE-2016-7156 at NVDCVE-2016-7157 at SUSECVE-2016-7157 at NVDCVE-2016-7161 at SUSECVE-2016-7161 at NVDCVE-2016-7170 at SUSECVE-2016-7170 at NVDCVE-2016-7421 at SUSECVE-2016-7421 at NVDCVE-2016-7422 at SUSECVE-2016-7422 at NVDCVE-2016-7423 at SUSECVE-2016-7423 at NVDCVE-2016-7466 at SUSECVE-2016-7466 at NVDCVE-2016-7907 at SUSECVE-2016-7907 at NVDCVE-2016-7908 at SUSECVE-2016-7908 at NVDCVE-2016-7909 at SUSECVE-2016-7909 at NVDCVE-2016-7994 at SUSECVE-2016-7994 at NVDCVE-2016-7995 at SUSECVE-2016-7995 at NVDCVE-2016-8576 at SUSECVE-2016-8576 at NVDCVE-2016-8577 at SUSECVE-2016-8577 at NVDCVE-2016-8578 at SUSECVE-2016-8578 at NVDCVE-2016-8667 at SUSECVE-2016-8667 at NVDCVE-2016-8668 at SUSECVE-2016-8668 at NVDCVE-2016-8669 at SUSECVE-2016-8669 at NVDCVE-2016-8909 at SUSECVE-2016-8909 at NVDCVE-2016-8910 at SUSECVE-2016-8910 at NVDCVE-2016-9101 at SUSECVE-2016-9101 at NVDCVE-2016-9102 at SUSECVE-2016-9102 at NVDCVE-2016-9103 at SUSECVE-2016-9103 at NVDCVE-2016-9104 at SUSECVE-2016-9104 at NVDCVE-2016-9105 at SUSECVE-2016-9105 at NVDCVE-2016-9106 at SUSECVE-2016-9106 at NVDCVE-2016-9381 at SUSECVE-2016-9381 at NVDCVE-2016-9602 at SUSECVE-2016-9602 at NVDCVE-2016-9776 at SUSECVE-2016-9776 at NVDCVE-2016-9845 at SUSECVE-2016-9845 at NVDCVE-2016-9846 at SUSECVE-2016-9846 at NVDCVE-2016-9907 at SUSECVE-2016-9907 at NVDCVE-2016-9908 at SUSECVE-2016-9908 at NVDCVE-2016-9911 at SUSECVE-2016-9911 at NVDCVE-2016-9912 at SUSECVE-2016-9912 at NVDCVE-2016-9913 at SUSECVE-2016-9913 at NVDCVE-2016-9921 at SUSECVE-2016-9921 at NVDCVE-2016-9922 at SUSECVE-2016-9922 at NVDCVE-2016-9923 at SUSECVE-2016-9923 at NVDCVE-2017-10664 at SUSECVE-2017-10664 at NVDCVE-2017-10806 at SUSECVE-2017-10806 at NVDCVE-2017-11334 at SUSECVE-2017-11334 at NVDCVE-2017-11434 at SUSECVE-2017-11434 at NVDCVE-2017-13672 at SUSECVE-2017-13672 at NVDCVE-2017-13673 at SUSECVE-2017-13673 at NVDCVE-2017-13711 at SUSECVE-2017-13711 at NVDCVE-2017-14167 at SUSECVE-2017-14167 at NVDCVE-2017-15038 at SUSECVE-2017-15038 at NVDCVE-2017-15118 at SUSECVE-2017-15118 at NVDCVE-2017-15119 at SUSECVE-2017-15119 at NVDCVE-2017-15268 at SUSECVE-2017-15268 at NVDCVE-2017-15289 at SUSECVE-2017-15289 at NVDCVE-2017-2615 at SUSECVE-2017-2615 at NVDCVE-2017-2620 at SUSECVE-2017-2620 at NVDCVE-2017-2630 at SUSECVE-2017-2630 at NVDCVE-2017-2633 at SUSECVE-2017-2633 at NVDCVE-2017-5525 at SUSECVE-2017-5525 at NVDCVE-2017-5526 at SUSECVE-2017-5526 at NVDCVE-2017-5552 at SUSECVE-2017-5552 at NVDCVE-2017-5578 at SUSECVE-2017-5578 at NVDCVE-2017-5579 at SUSECVE-2017-5579 at NVDCVE-2017-5667 at SUSECVE-2017-5667 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5856 at SUSECVE-2017-5856 at NVDCVE-2017-5857 at SUSECVE-2017-5857 at NVDCVE-2017-5898 at SUSECVE-2017-5898 at NVDCVE-2017-5931 at SUSECVE-2017-5931 at NVDCVE-2017-5973 at SUSECVE-2017-5973 at NVDCVE-2017-5987 at SUSECVE-2017-5987 at NVDCVE-2017-6058 at SUSECVE-2017-6058 at NVDCVE-2017-6505 at SUSECVE-2017-6505 at NVDCVE-2017-7471 at SUSECVE-2017-7471 at NVDCVE-2017-7493 at SUSECVE-2017-7493 at NVDCVE-2017-8112 at SUSECVE-2017-8112 at NVDCVE-2017-8309 at SUSECVE-2017-8309 at NVDCVE-2017-8379 at SUSECVE-2017-8379 at NVDCVE-2017-8380 at SUSECVE-2017-8380 at NVDCVE-2017-9503 at SUSECVE-2017-9503 at NVDCVE-2017-9524 at SUSECVE-2017-9524 at NVDCVE-2018-10839 at SUSECVE-2018-10839 at NVDCVE-2018-11806 at SUSECVE-2018-11806 at NVDCVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-12207 at SUSECVE-2018-12207 at NVDCVE-2018-12617 at SUSECVE-2018-12617 at NVDCVE-2018-15746 at SUSECVE-2018-15746 at NVDCVE-2018-16847 at SUSECVE-2018-16847 at NVDCVE-2018-16872 at SUSECVE-2018-16872 at NVDCVE-2018-17958 at SUSECVE-2018-17958 at NVDCVE-2018-17962 at SUSECVE-2018-17962 at NVDCVE-2018-17963 at SUSECVE-2018-17963 at NVDCVE-2018-18849 at SUSECVE-2018-18849 at NVDCVE-2018-20123 at SUSECVE-2018-20123 at NVDCVE-2018-20124 at SUSECVE-2018-20124 at NVDCVE-2018-20125 at SUSECVE-2018-20125 at NVDCVE-2018-20126 at SUSECVE-2018-20126 at NVDCVE-2018-20191 at SUSECVE-2018-20191 at NVDCVE-2018-20216 at SUSECVE-2018-20216 at NVDCVE-2018-20815 at SUSECVE-2018-20815 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-7550 at SUSECVE-2018-7550 at NVDCVE-2018-7858 at SUSECVE-2018-7858 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-12068 at SUSECVE-2019-12068 at NVDCVE-2019-12155 at SUSECVE-2019-12155 at NVDCVE-2019-13164 at SUSECVE-2019-13164 at NVDCVE-2019-14378 at SUSECVE-2019-14378 at NVDCVE-2019-15890 at SUSECVE-2019-15890 at NVDCVE-2019-5008 at SUSECVE-2019-5008 at NVDCVE-2019-6778 at SUSECVE-2019-6778 at NVDCVE-2019-8934 at SUSECVE-2019-8934 at NVDCVE-2019-9824 at SUSECVE-2019-9824 at NVDCVE-2020-10702 at SUSECVE-2020-10702 at NVDCVE-2020-10717 at SUSECVE-2020-10717 at NVDCVE-2020-10761 at SUSECVE-2020-10761 at NVDCVE-2020-11102 at SUSECVE-2020-11102 at NVDCVE-2020-11869 at SUSECVE-2020-11869 at NVDCVE-2020-13361 at SUSECVE-2020-13361 at NVDCVE-2020-13362 at SUSECVE-2020-13362 at NVDCVE-2020-13659 at SUSECVE-2020-13659 at NVDCVE-2020-13800 at SUSECVE-2020-13800 at NVDCVE-2020-14364 at SUSECVE-2020-14364 at NVDCVE-2020-15863 at SUSECVE-2020-15863 at NVDCVE-2020-16092 at SUSECVE-2020-16092 at NVDCVE-2020-1711 at SUSECVE-2020-1711 at NVDCVE-2020-17380 at SUSECVE-2020-17380 at NVDCVE-2020-1983 at SUSECVE-2020-1983 at NVDCVE-2020-24352 at SUSECVE-2020-24352 at NVDCVE-2020-25085 at SUSECVE-2020-25085 at NVDCVE-2020-25707 at SUSECVE-2020-25707 at NVDCVE-2020-25723 at SUSECVE-2020-25723 at NVDCVE-2020-27821 at SUSECVE-2020-27821 at NVDCVE-2020-29129 at SUSECVE-2020-29129 at NVDCVE-2020-29130 at SUSECVE-2020-29130 at NVDCVE-2020-35503 at SUSECVE-2020-35503 at NVDCVE-2020-7039 at SUSECVE-2020-7039 at NVDCVE-2020-8608 at SUSECVE-2020-8608 at NVDCVE-2021-20181 at SUSECVE-2021-20181 at NVDCVE-2021-20203 at SUSECVE-2021-20203 at NVDCVE-2021-20221 at SUSECVE-2021-20221 at NVDCVE-2021-20257 at SUSECVE-2021-20257 at NVDCVE-2021-20263 at SUSECVE-2021-20263 at NVDCVE-2021-3409 at SUSECVE-2021-3409 at NVDCVE-2021-3416 at SUSECVE-2021-3416 at NVDCVE-2021-3419 at SUSECVE-2021-3419 at NVDCVE-2021-3527 at SUSECVE-2021-3527 at NVDCVE-2021-3544 at SUSECVE-2021-3544 at NVDCVE-2021-3545 at SUSECVE-2021-3545 at NVDCVE-2021-3546 at SUSECVE-2021-3546 at NVDCVE-2021-3582 at SUSECVE-2021-3582 at NVDCVE-2021-3607 at SUSECVE-2021-3607 at NVDCVE-2021-3608 at SUSECVE-2021-3608 at NVDCVE-2021-3682 at SUSECVE-2021-3682 at NVDCVE-2021-3713 at SUSECVE-2021-3713 at NVDCVE-2021-3748 at SUSECVE-2021-3748 at NVDCVE-2021-3929 at SUSECVE-2021-3929 at NVDCVE-2021-4158 at SUSECVE-2021-4158 at NVDCVE-2021-4206 at SUSECVE-2021-4206 at NVDCVE-2021-4207 at SUSECVE-2021-4207 at NVDCVE-2022-0216 at SUSECVE-2022-0216 at NVDCVE-2022-0358 at SUSECVE-2022-0358 at NVDCVE-2022-1050 at SUSECVE-2022-1050 at NVDCVE-2022-26353 at SUSECVE-2022-26353 at NVDCVE-2022-26354 at SUSECVE-2022-26354 at NVDCVE-2022-2962 at SUSECVE-2022-2962 at NVDCVE-2022-3165 at SUSECVE-2022-3165 at NVDCVE-2022-35414 at SUSECVE-2022-35414 at NVDCVE-2022-4144 at SUSECVE-2022-4144 at NVDCVE-2022-4172 at SUSECVE-2022-4172 at NVDCVE-2023-0330 at SUSECVE-2023-0330 at NVDCVE-2023-2861 at SUSECVE-2023-2861 at NVDCVE-2023-3180 at SUSECVE-2023-3180 at NVDCVE-2023-3255 at SUSECVE-2023-3255 at NVDCVE-2023-3301 at SUSECVE-2023-3301 at NVDCVE-2023-3354 at SUSECVE-2023-3354 at NVDCVE-2023-42467 at SUSECVE-2023-42467 at NVDCVE-2023-6693 at SUSECVE-2023-6693 at NVDcpe:/o:suse:sl-micro:6.0qemu-ovmf-x86_64-202305-1.52 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the qemu-ovmf-x86_64-202305-1.52 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-5731 at SUSECVE-2017-5731 at NVDCVE-2017-5732 at SUSECVE-2017-5732 at NVDCVE-2017-5733 at SUSECVE-2017-5733 at NVDCVE-2017-5734 at SUSECVE-2017-5734 at NVDCVE-2017-5735 at SUSECVE-2017-5735 at NVDCVE-2018-0739 at SUSECVE-2018-0739 at NVDCVE-2018-12178 at SUSECVE-2018-12178 at NVDCVE-2018-12180 at SUSECVE-2018-12180 at NVDCVE-2018-12181 at SUSECVE-2018-12181 at NVDCVE-2018-3613 at SUSECVE-2018-3613 at NVDCVE-2018-3630 at SUSECVE-2018-3630 at NVDCVE-2019-0160 at SUSECVE-2019-0160 at NVDCVE-2019-0161 at SUSECVE-2019-0161 at NVDCVE-2019-14553 at SUSECVE-2019-14553 at NVDCVE-2019-14558 at SUSECVE-2019-14558 at NVDCVE-2019-14559 at SUSECVE-2019-14559 at NVDCVE-2019-14562 at SUSECVE-2019-14562 at NVDCVE-2019-14563 at SUSECVE-2019-14563 at NVDCVE-2019-14575 at SUSECVE-2019-14575 at NVDCVE-2019-14584 at SUSECVE-2019-14584 at NVDCVE-2019-14586 at SUSECVE-2019-14586 at NVDCVE-2019-14587 at SUSECVE-2019-14587 at NVDCVE-2021-28210 at SUSECVE-2021-28210 at NVDCVE-2021-28211 at SUSECVE-2021-28211 at NVDCVE-2021-38578 at SUSECVE-2021-38578 at NVDcpe:/o:suse:sl-micro:6.0rpcbind-1.2.6-1.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the rpcbind-1.2.6-1.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-7236 at SUSECVE-2015-7236 at NVDCVE-2017-8779 at SUSECVE-2017-8779 at NVDcpe:/o:suse:sl-micro:6.0rsync-3.2.7-3.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the rsync-3.2.7-3.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-4091 at SUSECVE-2007-4091 at NVDCVE-2007-6199 at SUSECVE-2007-6199 at NVDCVE-2011-1097 at SUSECVE-2011-1097 at NVDCVE-2014-2855 at SUSECVE-2014-2855 at NVDCVE-2014-8242 at SUSECVE-2014-8242 at NVDCVE-2014-9512 at SUSECVE-2014-9512 at NVDCVE-2017-16548 at SUSECVE-2017-16548 at NVDCVE-2018-5764 at SUSECVE-2018-5764 at NVDCVE-2020-14387 at SUSECVE-2020-14387 at NVDCVE-2022-29154 at SUSECVE-2022-29154 at NVDCVE-2022-37434 at SUSECVE-2022-37434 at NVDcpe:/o:suse:sl-micro:6.0runc-1.1.12-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the runc-1.1.12-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2016-9962 at SUSECVE-2016-9962 at NVDCVE-2018-16873 at SUSECVE-2018-16873 at NVDCVE-2018-16874 at SUSECVE-2018-16874 at NVDCVE-2018-16875 at SUSECVE-2018-16875 at NVDCVE-2019-16884 at SUSECVE-2019-16884 at NVDCVE-2019-19921 at SUSECVE-2019-19921 at NVDCVE-2019-5736 at SUSECVE-2019-5736 at NVDCVE-2021-30465 at SUSECVE-2021-30465 at NVDCVE-2021-43784 at SUSECVE-2021-43784 at NVDCVE-2022-29162 at SUSECVE-2022-29162 at NVDCVE-2023-25809 at SUSECVE-2023-25809 at NVDCVE-2023-27561 at SUSECVE-2023-27561 at NVDCVE-2023-28642 at SUSECVE-2023-28642 at NVDCVE-2024-21626 at SUSECVE-2024-21626 at NVDcpe:/o:suse:sl-micro:6.0rust-keylime-0.2.1+git.1682587333.b497f1d-1.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the rust-keylime-0.2.1+git.1682587333.b497f1d-1.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2023-26964 at SUSECVE-2023-26964 at NVDcpe:/o:suse:sl-micro:6.0samba-client-libs-4.19.4+git.339.acf1ccaa02-1.22 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the samba-client-libs-4.19.4+git.339.acf1ccaa02-1.22 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-1059 at SUSECVE-2006-1059 at NVDCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4559 at SUSECVE-2007-4559 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0728 at SUSECVE-2010-0728 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2010-0926 at SUSECVE-2010-0926 at NVDCVE-2010-1635 at SUSECVE-2010-1635 at NVDCVE-2010-1642 at SUSECVE-2010-1642 at NVDCVE-2010-2063 at SUSECVE-2010-2063 at NVDCVE-2010-3069 at SUSECVE-2010-3069 at NVDCVE-2011-0719 at SUSECVE-2011-0719 at NVDCVE-2011-2522 at SUSECVE-2011-2522 at NVDCVE-2011-2694 at SUSECVE-2011-2694 at NVDCVE-2012-0817 at SUSECVE-2012-0817 at NVDCVE-2012-0870 at SUSECVE-2012-0870 at NVDCVE-2012-1182 at SUSECVE-2012-1182 at NVDCVE-2012-2111 at SUSECVE-2012-2111 at NVDCVE-2012-6150 at SUSECVE-2012-6150 at NVDCVE-2013-0172 at SUSECVE-2013-0172 at NVDCVE-2013-0213 at SUSECVE-2013-0213 at NVDCVE-2013-0214 at SUSECVE-2013-0214 at NVDCVE-2013-0454 at SUSECVE-2013-0454 at NVDCVE-2013-1863 at SUSECVE-2013-1863 at NVDCVE-2013-4124 at SUSECVE-2013-4124 at NVDCVE-2013-4408 at SUSECVE-2013-4408 at NVDCVE-2013-4475 at SUSECVE-2013-4475 at NVDCVE-2013-4476 at SUSECVE-2013-4476 at NVDCVE-2013-4496 at SUSECVE-2013-4496 at NVDCVE-2013-6442 at SUSECVE-2013-6442 at NVDCVE-2014-0178 at SUSECVE-2014-0178 at NVDCVE-2014-0239 at SUSECVE-2014-0239 at NVDCVE-2014-0244 at SUSECVE-2014-0244 at NVDCVE-2014-3493 at SUSECVE-2014-3493 at NVDCVE-2014-3560 at SUSECVE-2014-3560 at NVDCVE-2014-8143 at SUSECVE-2014-8143 at NVDCVE-2015-0240 at SUSECVE-2015-0240 at NVDCVE-2015-3223 at SUSECVE-2015-3223 at NVDCVE-2015-5252 at SUSECVE-2015-5252 at NVDCVE-2015-5296 at SUSECVE-2015-5296 at NVDCVE-2015-5299 at SUSECVE-2015-5299 at NVDCVE-2015-5330 at SUSECVE-2015-5330 at NVDCVE-2015-5370 at SUSECVE-2015-5370 at NVDCVE-2015-7560 at SUSECVE-2015-7560 at NVDCVE-2015-8467 at SUSECVE-2015-8467 at NVDCVE-2015-8543 at SUSECVE-2015-8543 at NVDCVE-2016-0771 at SUSECVE-2016-0771 at NVDCVE-2016-2110 at SUSECVE-2016-2110 at NVDCVE-2016-2111 at SUSECVE-2016-2111 at NVDCVE-2016-2112 at SUSECVE-2016-2112 at NVDCVE-2016-2113 at SUSECVE-2016-2113 at NVDCVE-2016-2115 at SUSECVE-2016-2115 at NVDCVE-2016-2118 at SUSECVE-2016-2118 at NVDCVE-2016-2119 at SUSECVE-2016-2119 at NVDCVE-2016-2123 at SUSECVE-2016-2123 at NVDCVE-2016-2124 at SUSECVE-2016-2124 at NVDCVE-2016-2125 at SUSECVE-2016-2125 at NVDCVE-2016-2126 at SUSECVE-2016-2126 at NVDCVE-2017-11103 at SUSECVE-2017-11103 at NVDCVE-2017-12150 at SUSECVE-2017-12150 at NVDCVE-2017-12151 at SUSECVE-2017-12151 at NVDCVE-2017-12163 at SUSECVE-2017-12163 at NVDCVE-2017-14746 at SUSECVE-2017-14746 at NVDCVE-2017-15275 at SUSECVE-2017-15275 at NVDCVE-2017-2619 at SUSECVE-2017-2619 at NVDCVE-2017-7494 at SUSECVE-2017-7494 at NVDCVE-2018-1050 at SUSECVE-2018-1050 at NVDCVE-2018-1057 at SUSECVE-2018-1057 at NVDCVE-2018-10858 at SUSECVE-2018-10858 at NVDCVE-2018-10918 at SUSECVE-2018-10918 at NVDCVE-2018-10919 at SUSECVE-2018-10919 at NVDCVE-2018-1139 at SUSECVE-2018-1139 at NVDCVE-2018-1140 at SUSECVE-2018-1140 at NVDCVE-2018-14628 at SUSECVE-2018-14628 at NVDCVE-2018-14629 at SUSECVE-2018-14629 at NVDCVE-2018-16841 at SUSECVE-2018-16841 at NVDCVE-2018-16851 at SUSECVE-2018-16851 at NVDCVE-2018-16852 at SUSECVE-2018-16852 at NVDCVE-2018-16853 at SUSECVE-2018-16853 at NVDCVE-2018-16857 at SUSECVE-2018-16857 at NVDCVE-2018-16860 at SUSECVE-2018-16860 at NVDCVE-2019-10197 at SUSECVE-2019-10197 at NVDCVE-2019-10218 at SUSECVE-2019-10218 at NVDCVE-2019-12435 at SUSECVE-2019-12435 at NVDCVE-2019-12436 at SUSECVE-2019-12436 at NVDCVE-2019-14833 at SUSECVE-2019-14833 at NVDCVE-2019-14847 at SUSECVE-2019-14847 at NVDCVE-2019-14861 at SUSECVE-2019-14861 at NVDCVE-2019-14870 at SUSECVE-2019-14870 at NVDCVE-2019-14902 at SUSECVE-2019-14902 at NVDCVE-2019-14907 at SUSECVE-2019-14907 at NVDCVE-2019-19344 at SUSECVE-2019-19344 at NVDCVE-2019-3824 at SUSECVE-2019-3824 at NVDCVE-2019-3870 at SUSECVE-2019-3870 at NVDCVE-2019-3880 at SUSECVE-2019-3880 at NVDCVE-2020-10700 at SUSECVE-2020-10700 at NVDCVE-2020-10704 at SUSECVE-2020-10704 at NVDCVE-2020-10730 at SUSECVE-2020-10730 at NVDCVE-2020-10745 at SUSECVE-2020-10745 at NVDCVE-2020-10760 at SUSECVE-2020-10760 at NVDCVE-2020-14303 at SUSECVE-2020-14303 at NVDCVE-2020-14318 at SUSECVE-2020-14318 at NVDCVE-2020-14323 at SUSECVE-2020-14323 at NVDCVE-2020-14383 at SUSECVE-2020-14383 at NVDCVE-2020-1472 at SUSECVE-2020-1472 at NVDCVE-2020-17049 at SUSECVE-2020-17049 at NVDCVE-2020-25717 at SUSECVE-2020-25717 at NVDCVE-2020-25718 at SUSECVE-2020-25718 at NVDCVE-2020-25719 at SUSECVE-2020-25719 at NVDCVE-2020-25721 at SUSECVE-2020-25721 at NVDCVE-2020-25722 at SUSECVE-2020-25722 at NVDCVE-2020-27840 at SUSECVE-2020-27840 at NVDCVE-2021-20251 at SUSECVE-2021-20251 at NVDCVE-2021-20254 at SUSECVE-2021-20254 at NVDCVE-2021-20277 at SUSECVE-2021-20277 at NVDCVE-2021-23192 at SUSECVE-2021-23192 at NVDCVE-2021-3738 at SUSECVE-2021-3738 at NVDCVE-2021-44141 at SUSECVE-2021-44141 at NVDCVE-2021-44142 at SUSECVE-2021-44142 at NVDCVE-2022-0336 at SUSECVE-2022-0336 at NVDCVE-2022-2031 at SUSECVE-2022-2031 at NVDCVE-2022-2127 at SUSECVE-2022-2127 at NVDCVE-2022-32742 at SUSECVE-2022-32742 at NVDCVE-2022-32744 at SUSECVE-2022-32744 at NVDCVE-2022-32745 at SUSECVE-2022-32745 at NVDCVE-2022-32746 at SUSECVE-2022-32746 at NVDCVE-2022-3437 at SUSECVE-2022-3437 at NVDCVE-2022-3592 at SUSECVE-2022-3592 at NVDCVE-2022-37966 at SUSECVE-2022-37966 at NVDCVE-2022-37967 at SUSECVE-2022-37967 at NVDCVE-2022-38023 at SUSECVE-2022-38023 at NVDCVE-2022-42898 at SUSECVE-2022-42898 at NVDCVE-2022-44640 at SUSECVE-2022-44640 at NVDCVE-2023-0225 at SUSECVE-2023-0225 at NVDCVE-2023-0614 at SUSECVE-2023-0614 at NVDCVE-2023-0922 at SUSECVE-2023-0922 at NVDCVE-2023-3347 at SUSECVE-2023-3347 at NVDCVE-2023-34966 at SUSECVE-2023-34966 at NVDCVE-2023-34967 at SUSECVE-2023-34967 at NVDCVE-2023-34968 at SUSECVE-2023-34968 at NVDCVE-2023-3961 at SUSECVE-2023-3961 at NVDCVE-2023-4091 at SUSECVE-2023-4091 at NVDCVE-2023-4154 at SUSECVE-2023-4154 at NVDCVE-2023-42669 at SUSECVE-2023-42669 at NVDCVE-2023-42670 at SUSECVE-2023-42670 at NVDCVE-2023-5568 at SUSECVE-2023-5568 at NVDcpe:/o:suse:sl-micro:6.0shim-15.7-11.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the shim-15.7-11.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-3675 at SUSECVE-2014-3675 at NVDCVE-2014-3676 at SUSECVE-2014-3676 at NVDCVE-2014-3677 at SUSECVE-2014-3677 at NVDCVE-2022-28737 at SUSECVE-2022-28737 at NVDcpe:/o:suse:sl-micro:6.0skopeo-1.14.0-1.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the skopeo-1.14.0-1.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-14992 at SUSECVE-2017-14992 at NVDCVE-2019-10214 at SUSECVE-2019-10214 at NVDcpe:/o:suse:sl-micro:6.0slirp4netns-1.2.2-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the slirp4netns-1.2.2-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-6778 at SUSECVE-2019-6778 at NVDcpe:/o:suse:sl-micro:6.0socat-1.7.4.3-2.9 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the socat-1.7.4.3-2.9 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2013-3571 at SUSECVE-2013-3571 at NVDCVE-2014-0019 at SUSECVE-2014-0019 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sl-micro:6.0squashfs-4.6.1-3.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the squashfs-4.6.1-3.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2012-4024 at SUSECVE-2012-4024 at NVDCVE-2012-4025 at SUSECVE-2012-4025 at NVDCVE-2015-4645 at SUSECVE-2015-4645 at NVDCVE-2015-4646 at SUSECVE-2015-4646 at NVDCVE-2021-40153 at SUSECVE-2021-40153 at NVDCVE-2021-41072 at SUSECVE-2021-41072 at NVDcpe:/o:suse:sl-micro:6.0sudo-1.9.15p5-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the sudo-1.9.15p5-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2005-4158 at SUSECVE-2005-4158 at NVDCVE-2010-1163 at SUSECVE-2010-1163 at NVDCVE-2010-1646 at SUSECVE-2010-1646 at NVDCVE-2011-0010 at SUSECVE-2011-0010 at NVDCVE-2012-2337 at SUSECVE-2012-2337 at NVDCVE-2013-1775 at SUSECVE-2013-1775 at NVDCVE-2013-1776 at SUSECVE-2013-1776 at NVDCVE-2014-9680 at SUSECVE-2014-9680 at NVDCVE-2016-7032 at SUSECVE-2016-7032 at NVDCVE-2016-7076 at SUSECVE-2016-7076 at NVDCVE-2017-1000367 at SUSECVE-2017-1000367 at NVDCVE-2017-1000368 at SUSECVE-2017-1000368 at NVDCVE-2019-14287 at SUSECVE-2019-14287 at NVDCVE-2019-18634 at SUSECVE-2019-18634 at NVDCVE-2021-23239 at SUSECVE-2021-23239 at NVDCVE-2021-23240 at SUSECVE-2021-23240 at NVDCVE-2021-3156 at SUSECVE-2021-3156 at NVDCVE-2022-43995 at SUSECVE-2022-43995 at NVDCVE-2023-22809 at SUSECVE-2023-22809 at NVDCVE-2023-27320 at SUSECVE-2023-27320 at NVDCVE-2023-42456 at SUSECVE-2023-42456 at NVDCVE-2023-42465 at SUSECVE-2023-42465 at NVDcpe:/o:suse:sl-micro:6.0supportutils-3.2.7-1.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the supportutils-3.2.7-1.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-19637 at SUSECVE-2018-19637 at NVDCVE-2018-19638 at SUSECVE-2018-19638 at NVDCVE-2018-19639 at SUSECVE-2018-19639 at NVDCVE-2018-19640 at SUSECVE-2018-19640 at NVDCVE-2022-45154 at SUSECVE-2022-45154 at NVDcpe:/o:suse:sl-micro:6.0suse-module-tools-16.0.43-1.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the suse-module-tools-16.0.43-1.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2023-1829 at SUSECVE-2023-1829 at NVDCVE-2023-23559 at SUSECVE-2023-23559 at NVDcpe:/o:suse:sl-micro:6.0swtpm-0.8.0-1.86 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the swtpm-0.8.0-1.86 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2020-28407 at SUSECVE-2020-28407 at NVDCVE-2022-23645 at SUSECVE-2022-23645 at NVDcpe:/o:suse:sl-micro:6.0sysstat-12.6.2-2.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the sysstat-12.6.2-2.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-3852 at SUSECVE-2007-3852 at NVDCVE-2018-19416 at SUSECVE-2018-19416 at NVDCVE-2018-19517 at SUSECVE-2018-19517 at NVDCVE-2019-16167 at SUSECVE-2019-16167 at NVDCVE-2019-19725 at SUSECVE-2019-19725 at NVDCVE-2022-39377 at SUSECVE-2022-39377 at NVDCVE-2023-33204 at SUSECVE-2023-33204 at NVDcpe:/o:suse:sl-micro:6.0system-user-velociraptor-1.0.0-1.17 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the system-user-velociraptor-1.0.0-1.17 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2023-0242 at SUSECVE-2023-0242 at NVDCVE-2023-0290 at SUSECVE-2023-0290 at NVDcpe:/o:suse:sl-micro:6.0sysvinit-tools-3.00-6.7 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the sysvinit-tools-3.00-6.7 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2011-2483 at SUSECVE-2011-2483 at NVDcpe:/o:suse:sl-micro:6.0tar-1.35-1.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the tar-1.35-1.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2001-1267 at SUSECVE-2001-1267 at NVDCVE-2002-0399 at SUSECVE-2002-0399 at NVDCVE-2005-1918 at SUSECVE-2005-1918 at NVDCVE-2006-0300 at SUSECVE-2006-0300 at NVDCVE-2006-6097 at SUSECVE-2006-6097 at NVDCVE-2010-0624 at SUSECVE-2010-0624 at NVDCVE-2016-6321 at SUSECVE-2016-6321 at NVDCVE-2018-20482 at SUSECVE-2018-20482 at NVDCVE-2019-9923 at SUSECVE-2019-9923 at NVDCVE-2021-20193 at SUSECVE-2021-20193 at NVDCVE-2022-48303 at SUSECVE-2022-48303 at NVDCVE-2023-39804 at SUSECVE-2023-39804 at NVDcpe:/o:suse:sl-micro:6.0tftp-5.2-1.5 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the tftp-5.2-1.5 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2011-2199 at SUSECVE-2011-2199 at NVDcpe:/o:suse:sl-micro:6.0tpm2.0-tools-5.5-1.10 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the tpm2.0-tools-5.5-1.10 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-7524 at SUSECVE-2017-7524 at NVDCVE-2021-3565 at SUSECVE-2021-3565 at NVDcpe:/o:suse:sl-micro:6.0traceroute-2.1.3-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the traceroute-2.1.3-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2023-46316 at SUSECVE-2023-46316 at NVDcpe:/o:suse:sl-micro:6.0u-boot-rpiarm64-2023.04-1.11 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the u-boot-rpiarm64-2023.04-1.11 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2018-18439 at SUSECVE-2018-18439 at NVDCVE-2018-18440 at SUSECVE-2018-18440 at NVDCVE-2020-10648 at SUSECVE-2020-10648 at NVDCVE-2020-8432 at SUSECVE-2020-8432 at NVDcpe:/o:suse:sl-micro:6.0ucode-intel-20231114-1.3 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the ucode-intel-20231114-1.3 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-3640 at SUSECVE-2018-3640 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-11139 at SUSECVE-2019-11139 at NVDCVE-2020-0543 at SUSECVE-2020-0543 at NVDCVE-2020-0548 at SUSECVE-2020-0548 at NVDCVE-2020-0549 at SUSECVE-2020-0549 at NVDCVE-2020-24489 at SUSECVE-2020-24489 at NVDCVE-2020-24511 at SUSECVE-2020-24511 at NVDCVE-2020-24512 at SUSECVE-2020-24512 at NVDCVE-2020-24513 at SUSECVE-2020-24513 at NVDCVE-2020-8695 at SUSECVE-2020-8695 at NVDCVE-2020-8696 at SUSECVE-2020-8696 at NVDCVE-2020-8698 at SUSECVE-2020-8698 at NVDCVE-2021-0127 at SUSECVE-2021-0127 at NVDCVE-2021-0145 at SUSECVE-2021-0145 at NVDCVE-2021-0146 at SUSECVE-2021-0146 at NVDCVE-2021-33120 at SUSECVE-2021-33120 at NVDCVE-2022-21151 at SUSECVE-2022-21151 at NVDCVE-2022-21216 at SUSECVE-2022-21216 at NVDCVE-2022-21233 at SUSECVE-2022-21233 at NVDCVE-2022-33196 at SUSECVE-2022-33196 at NVDCVE-2022-33972 at SUSECVE-2022-33972 at NVDCVE-2022-38090 at SUSECVE-2022-38090 at NVDCVE-2022-40982 at SUSECVE-2022-40982 at NVDCVE-2022-41804 at SUSECVE-2022-41804 at NVDCVE-2023-23583 at SUSECVE-2023-23583 at NVDCVE-2023-23908 at SUSECVE-2023-23908 at NVDcpe:/o:suse:sl-micro:6.0update-alternatives-1.22.0-1.53 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the update-alternatives-1.22.0-1.53 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2015-0840 at SUSECVE-2015-0840 at NVDCVE-2022-1664 at SUSECVE-2022-1664 at NVDcpe:/o:suse:sl-micro:6.0vim-data-common-9.1.0111-1.2 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the vim-data-common-9.1.0111-1.2 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2007-2438 at SUSECVE-2007-2438 at NVDCVE-2007-2953 at SUSECVE-2007-2953 at NVDCVE-2009-0316 at SUSECVE-2009-0316 at NVDCVE-2017-1000382 at SUSECVE-2017-1000382 at NVDCVE-2017-5953 at SUSECVE-2017-5953 at NVDCVE-2017-6349 at SUSECVE-2017-6349 at NVDCVE-2017-6350 at SUSECVE-2017-6350 at NVDCVE-2019-12735 at SUSECVE-2019-12735 at NVDCVE-2021-46059 at SUSECVE-2021-46059 at NVDCVE-2022-0156 at SUSECVE-2022-0156 at NVDCVE-2022-0213 at SUSECVE-2022-0213 at NVDCVE-2022-0261 at SUSECVE-2022-0261 at NVDCVE-2022-0318 at SUSECVE-2022-0318 at NVDCVE-2022-0319 at SUSECVE-2022-0319 at NVDCVE-2022-0351 at SUSECVE-2022-0351 at NVDCVE-2022-0359 at SUSECVE-2022-0359 at NVDCVE-2022-0361 at SUSECVE-2022-0361 at NVDCVE-2022-0368 at SUSECVE-2022-0368 at NVDCVE-2022-0392 at SUSECVE-2022-0392 at NVDCVE-2022-0393 at SUSECVE-2022-0393 at NVDCVE-2022-0407 at SUSECVE-2022-0407 at NVDCVE-2022-0408 at SUSECVE-2022-0408 at NVDCVE-2022-0413 at SUSECVE-2022-0413 at NVDCVE-2022-0417 at SUSECVE-2022-0417 at NVDCVE-2022-0443 at SUSECVE-2022-0443 at NVDCVE-2022-0554 at SUSECVE-2022-0554 at NVDCVE-2022-0572 at SUSECVE-2022-0572 at NVDCVE-2022-0629 at SUSECVE-2022-0629 at NVDCVE-2022-0685 at SUSECVE-2022-0685 at NVDCVE-2022-0696 at SUSECVE-2022-0696 at NVDCVE-2022-0714 at SUSECVE-2022-0714 at NVDCVE-2022-0729 at SUSECVE-2022-0729 at NVDCVE-2022-0943 at SUSECVE-2022-0943 at NVDCVE-2022-1154 at SUSECVE-2022-1154 at NVDCVE-2022-1160 at SUSECVE-2022-1160 at NVDCVE-2022-1381 at SUSECVE-2022-1381 at NVDCVE-2022-1420 at SUSECVE-2022-1420 at NVDCVE-2022-1616 at SUSECVE-2022-1616 at NVDCVE-2022-1619 at SUSECVE-2022-1619 at NVDCVE-2022-1620 at SUSECVE-2022-1620 at NVDCVE-2022-1621 at SUSECVE-2022-1621 at NVDCVE-2022-1629 at SUSECVE-2022-1629 at NVDCVE-2022-1674 at SUSECVE-2022-1674 at NVDCVE-2022-1720 at SUSECVE-2022-1720 at NVDCVE-2022-1733 at SUSECVE-2022-1733 at NVDCVE-2022-1735 at SUSECVE-2022-1735 at NVDCVE-2022-1769 at SUSECVE-2022-1769 at NVDCVE-2022-1771 at SUSECVE-2022-1771 at NVDCVE-2022-1785 at SUSECVE-2022-1785 at NVDCVE-2022-1796 at SUSECVE-2022-1796 at NVDCVE-2022-1851 at SUSECVE-2022-1851 at NVDCVE-2022-1886 at SUSECVE-2022-1886 at NVDCVE-2022-1897 at SUSECVE-2022-1897 at NVDCVE-2022-1898 at SUSECVE-2022-1898 at NVDCVE-2022-1927 at SUSECVE-2022-1927 at NVDCVE-2022-1942 at SUSECVE-2022-1942 at NVDCVE-2022-1968 at SUSECVE-2022-1968 at NVDCVE-2022-2000 at SUSECVE-2022-2000 at NVDCVE-2022-2042 at SUSECVE-2022-2042 at NVDCVE-2022-2124 at SUSECVE-2022-2124 at NVDCVE-2022-2125 at SUSECVE-2022-2125 at NVDCVE-2022-2126 at SUSECVE-2022-2126 at NVDCVE-2022-2129 at SUSECVE-2022-2129 at NVDCVE-2022-2175 at SUSECVE-2022-2175 at NVDCVE-2022-2182 at SUSECVE-2022-2182 at NVDCVE-2022-2183 at SUSECVE-2022-2183 at NVDCVE-2022-2206 at SUSECVE-2022-2206 at NVDCVE-2022-2207 at SUSECVE-2022-2207 at NVDCVE-2022-2208 at SUSECVE-2022-2208 at NVDCVE-2022-2210 at SUSECVE-2022-2210 at NVDCVE-2022-2231 at SUSECVE-2022-2231 at NVDCVE-2022-2257 at SUSECVE-2022-2257 at NVDCVE-2022-2264 at SUSECVE-2022-2264 at NVDCVE-2022-2284 at SUSECVE-2022-2284 at NVDCVE-2022-2285 at SUSECVE-2022-2285 at NVDCVE-2022-2286 at SUSECVE-2022-2286 at NVDCVE-2022-2287 at SUSECVE-2022-2287 at NVDCVE-2022-2288 at SUSECVE-2022-2288 at NVDCVE-2022-2289 at SUSECVE-2022-2289 at NVDCVE-2022-2304 at SUSECVE-2022-2304 at NVDCVE-2022-2343 at SUSECVE-2022-2343 at NVDCVE-2022-2344 at SUSECVE-2022-2344 at NVDCVE-2022-2345 at SUSECVE-2022-2345 at NVDCVE-2022-2522 at SUSECVE-2022-2522 at NVDCVE-2022-2571 at SUSECVE-2022-2571 at NVDCVE-2022-2580 at SUSECVE-2022-2580 at NVDCVE-2022-2581 at SUSECVE-2022-2581 at NVDCVE-2022-2598 at SUSECVE-2022-2598 at NVDCVE-2022-2816 at SUSECVE-2022-2816 at NVDCVE-2022-2817 at SUSECVE-2022-2817 at NVDCVE-2022-2819 at SUSECVE-2022-2819 at NVDCVE-2022-2845 at SUSECVE-2022-2845 at NVDCVE-2022-2849 at SUSECVE-2022-2849 at NVDCVE-2022-2862 at SUSECVE-2022-2862 at NVDCVE-2022-2874 at SUSECVE-2022-2874 at NVDCVE-2022-2889 at SUSECVE-2022-2889 at NVDCVE-2022-2923 at SUSECVE-2022-2923 at NVDCVE-2022-2946 at SUSECVE-2022-2946 at NVDCVE-2022-2980 at SUSECVE-2022-2980 at NVDCVE-2022-2982 at SUSECVE-2022-2982 at NVDCVE-2022-3016 at SUSECVE-2022-3016 at NVDCVE-2022-3037 at SUSECVE-2022-3037 at NVDCVE-2022-3099 at SUSECVE-2022-3099 at NVDCVE-2022-3134 at SUSECVE-2022-3134 at NVDCVE-2022-3153 at SUSECVE-2022-3153 at NVDCVE-2022-3234 at SUSECVE-2022-3234 at NVDCVE-2022-3235 at SUSECVE-2022-3235 at NVDCVE-2022-3352 at SUSECVE-2022-3352 at NVDCVE-2023-1127 at SUSECVE-2023-1127 at NVDCVE-2023-1170 at SUSECVE-2023-1170 at NVDCVE-2023-1175 at SUSECVE-2023-1175 at NVDCVE-2023-1264 at SUSECVE-2023-1264 at NVDCVE-2023-1355 at SUSECVE-2023-1355 at NVDCVE-2023-2426 at SUSECVE-2023-2426 at NVDCVE-2023-2609 at SUSECVE-2023-2609 at NVDCVE-2023-46246 at SUSECVE-2023-46246 at NVDCVE-2023-4733 at SUSECVE-2023-4733 at NVDCVE-2023-4734 at SUSECVE-2023-4734 at NVDCVE-2023-4735 at SUSECVE-2023-4735 at NVDCVE-2023-4738 at SUSECVE-2023-4738 at NVDCVE-2023-4750 at SUSECVE-2023-4750 at NVDCVE-2023-4751 at SUSECVE-2023-4751 at NVDCVE-2023-4752 at SUSECVE-2023-4752 at NVDCVE-2023-4781 at SUSECVE-2023-4781 at NVDCVE-2023-48231 at SUSECVE-2023-48231 at NVDCVE-2023-48232 at SUSECVE-2023-48232 at NVDCVE-2023-48233 at SUSECVE-2023-48233 at NVDCVE-2023-48234 at SUSECVE-2023-48234 at NVDCVE-2023-48235 at SUSECVE-2023-48235 at NVDCVE-2023-48236 at SUSECVE-2023-48236 at NVDCVE-2023-48237 at SUSECVE-2023-48237 at NVDCVE-2023-48706 at SUSECVE-2023-48706 at NVDCVE-2023-5344 at SUSECVE-2023-5344 at NVDCVE-2023-5441 at SUSECVE-2023-5441 at NVDCVE-2023-5535 at SUSECVE-2023-5535 at NVDCVE-2024-22667 at SUSECVE-2024-22667 at NVDcpe:/o:suse:sl-micro:6.0virt-install-4.1.0-4.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the virt-install-4.1.0-4.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2019-10183 at SUSECVE-2019-10183 at NVDcpe:/o:suse:sl-micro:6.0virtiofsd-1.10.1-1.1 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the virtiofsd-1.10.1-1.1 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2023-50711 at SUSECVE-2023-50711 at NVDcpe:/o:suse:sl-micro:6.0wget-1.21.4-1.12 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the wget-1.21.4-1.12 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2006-6719 at SUSECVE-2006-6719 at NVDCVE-2010-2252 at SUSECVE-2010-2252 at NVDCVE-2012-4929 at SUSECVE-2012-4929 at NVDCVE-2014-4877 at SUSECVE-2014-4877 at NVDCVE-2015-7665 at SUSECVE-2015-7665 at NVDCVE-2016-4971 at SUSECVE-2016-4971 at NVDCVE-2017-13089 at SUSECVE-2017-13089 at NVDCVE-2017-13090 at SUSECVE-2017-13090 at NVDCVE-2017-6508 at SUSECVE-2017-6508 at NVDCVE-2018-0494 at SUSECVE-2018-0494 at NVDCVE-2018-20483 at SUSECVE-2018-20483 at NVDCVE-2019-5953 at SUSECVE-2019-5953 at NVDcpe:/o:suse:sl-micro:6.0wpa_supplicant-2.10-4.18 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the wpa_supplicant-2.10-4.18 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2014-3686 at SUSECVE-2014-3686 at NVDCVE-2015-1863 at SUSECVE-2015-1863 at NVDCVE-2015-4141 at SUSECVE-2015-4141 at NVDCVE-2015-4142 at SUSECVE-2015-4142 at NVDCVE-2015-4143 at SUSECVE-2015-4143 at NVDCVE-2015-4144 at SUSECVE-2015-4144 at NVDCVE-2015-4145 at SUSECVE-2015-4145 at NVDCVE-2015-4146 at SUSECVE-2015-4146 at NVDCVE-2015-5310 at SUSECVE-2015-5310 at NVDCVE-2015-5315 at SUSECVE-2015-5315 at NVDCVE-2015-5316 at SUSECVE-2015-5316 at NVDCVE-2015-8041 at SUSECVE-2015-8041 at NVDCVE-2016-4476 at SUSECVE-2016-4476 at NVDCVE-2016-4477 at SUSECVE-2016-4477 at NVDCVE-2017-13077 at SUSECVE-2017-13077 at NVDCVE-2017-13078 at SUSECVE-2017-13078 at NVDCVE-2017-13079 at SUSECVE-2017-13079 at NVDCVE-2017-13080 at SUSECVE-2017-13080 at NVDCVE-2017-13081 at SUSECVE-2017-13081 at NVDCVE-2017-13082 at SUSECVE-2017-13082 at NVDCVE-2017-13086 at SUSECVE-2017-13086 at NVDCVE-2017-13087 at SUSECVE-2017-13087 at NVDCVE-2017-13088 at SUSECVE-2017-13088 at NVDCVE-2018-14526 at SUSECVE-2018-14526 at NVDCVE-2019-11555 at SUSECVE-2019-11555 at NVDCVE-2019-13377 at SUSECVE-2019-13377 at NVDCVE-2019-16275 at SUSECVE-2019-16275 at NVDCVE-2019-9494 at SUSECVE-2019-9494 at NVDCVE-2019-9495 at SUSECVE-2019-9495 at NVDCVE-2019-9497 at SUSECVE-2019-9497 at NVDCVE-2019-9498 at SUSECVE-2019-9498 at NVDCVE-2019-9499 at SUSECVE-2019-9499 at NVDCVE-2021-0326 at SUSECVE-2021-0326 at NVDCVE-2021-27803 at SUSECVE-2021-27803 at NVDCVE-2021-30004 at SUSECVE-2021-30004 at NVDcpe:/o:suse:sl-micro:6.0yast2-logs-4.6.2-4.4 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the yast2-logs-4.6.2-4.4 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2011-3177 at SUSECVE-2011-3177 at NVDcpe:/o:suse:sl-micro:6.0zypper-1.14.68-1.8 on GA media (Moderate)SUSE Linux Micro 6.0
These are all security issues fixed in the zypper-1.14.68-1.8 package on the GA media of SUSE Linux Micro 6.0. ModerateCVE-2017-7436 at SUSECVE-2017-7436 at NVDCVE-2017-9269 at SUSECVE-2017-9269 at NVDcpe:/o:suse:sl-micro:6.0Mesa-23.3.4-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the Mesa-23.3.4-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-5068 at SUSECVE-2019-5068 at NVDcpe:/o:suse:sl-micro:6.1NetworkManager-1.42.6-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the NetworkManager-1.42.6-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-7246 at SUSECVE-2006-7246 at NVDCVE-2015-2924 at SUSECVE-2015-2924 at NVDCVE-2016-0764 at SUSECVE-2016-0764 at NVDCVE-2018-1000135 at SUSECVE-2018-1000135 at NVDCVE-2018-15688 at SUSECVE-2018-15688 at NVDCVE-2020-10754 at SUSECVE-2020-10754 at NVDCVE-2020-13529 at SUSECVE-2020-13529 at NVDCVE-2021-20297 at SUSECVE-2021-20297 at NVDcpe:/o:suse:sl-micro:6.1aaa_base-84.87+git20240906.742565b-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the aaa_base-84.87+git20240906.742565b-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2011-0461 at SUSECVE-2011-0461 at NVDcpe:/o:suse:sl-micro:6.1accountsservice-22.08.8-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the accountsservice-22.08.8-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-2737 at SUSECVE-2012-2737 at NVDCVE-2018-14036 at SUSECVE-2018-14036 at NVDcpe:/o:suse:sl-micro:6.1afterburn-5.4.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the afterburn-5.4.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-35905 at SUSECVE-2020-35905 at NVDCVE-2020-36465 at SUSECVE-2020-36465 at NVDCVE-2021-27378 at SUSECVE-2021-27378 at NVDCVE-2021-32714 at SUSECVE-2021-32714 at NVDCVE-2021-32715 at SUSECVE-2021-32715 at NVDCVE-2021-38191 at SUSECVE-2021-38191 at NVDCVE-2021-45710 at SUSECVE-2021-45710 at NVDCVE-2022-24713 at SUSECVE-2022-24713 at NVDcpe:/o:suse:sl-micro:6.1aide-0.18.6-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the aide-0.18.6-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2021-45417 at SUSECVE-2021-45417 at NVDcpe:/o:suse:sl-micro:6.1augeas-1.14.1-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the augeas-1.14.1-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-0786 at SUSECVE-2012-0786 at NVDCVE-2014-8119 at SUSECVE-2014-8119 at NVDCVE-2017-7555 at SUSECVE-2017-7555 at NVDcpe:/o:suse:sl-micro:6.1avahi-0.8-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the avahi-0.8-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-5461 at SUSECVE-2006-5461 at NVDCVE-2006-6870 at SUSECVE-2006-6870 at NVDCVE-2007-3372 at SUSECVE-2007-3372 at NVDCVE-2008-5081 at SUSECVE-2008-5081 at NVDCVE-2009-0758 at SUSECVE-2009-0758 at NVDCVE-2010-2244 at SUSECVE-2010-2244 at NVDCVE-2011-1002 at SUSECVE-2011-1002 at NVDCVE-2017-6519 at SUSECVE-2017-6519 at NVDCVE-2018-1000845 at SUSECVE-2018-1000845 at NVDCVE-2021-26720 at SUSECVE-2021-26720 at NVDCVE-2021-3468 at SUSECVE-2021-3468 at NVDCVE-2021-3502 at SUSECVE-2021-3502 at NVDCVE-2023-1981 at SUSECVE-2023-1981 at NVDCVE-2023-38469 at SUSECVE-2023-38469 at NVDCVE-2023-38470 at SUSECVE-2023-38470 at NVDCVE-2023-38471 at SUSECVE-2023-38471 at NVDCVE-2023-38472 at SUSECVE-2023-38472 at NVDCVE-2023-38473 at SUSECVE-2023-38473 at NVDcpe:/o:suse:sl-micro:6.1aws-cli-1.31.11-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the aws-cli-1.31.11-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-15869 at SUSECVE-2018-15869 at NVDcpe:/o:suse:sl-micro:6.1bash-5.2.15-slfo.1.1_1.6 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the bash-5.2.15-slfo.1.1_1.6 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-2524 at SUSECVE-2014-2524 at NVDCVE-2014-6271 at SUSECVE-2014-6271 at NVDCVE-2014-6277 at SUSECVE-2014-6277 at NVDCVE-2014-6278 at SUSECVE-2014-6278 at NVDCVE-2014-7169 at SUSECVE-2014-7169 at NVDCVE-2014-7186 at SUSECVE-2014-7186 at NVDCVE-2014-7187 at SUSECVE-2014-7187 at NVDCVE-2016-9401 at SUSECVE-2016-9401 at NVDcpe:/o:suse:sl-micro:6.1bcm43xx-firmware-20180314-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the bcm43xx-firmware-20180314-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-10370 at SUSECVE-2020-10370 at NVDcpe:/o:suse:sl-micro:6.1boost-license1_84_0-1.84.0-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the boost-license1_84_0-1.84.0-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2008-0171 at SUSECVE-2008-0171 at NVDcpe:/o:suse:sl-micro:6.1btrfsmaintenance-0.5-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the btrfsmaintenance-0.5-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-14722 at SUSECVE-2018-14722 at NVDcpe:/o:suse:sl-micro:6.1buildkit-0.12.5-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the buildkit-0.12.5-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2024-23651 at SUSECVE-2024-23651 at NVDCVE-2024-23652 at SUSECVE-2024-23652 at NVDCVE-2024-23653 at SUSECVE-2024-23653 at NVDcpe:/o:suse:sl-micro:6.1bzip2-1.0.8-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the bzip2-1.0.8-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2008-1372 at SUSECVE-2008-1372 at NVDCVE-2010-0405 at SUSECVE-2010-0405 at NVDCVE-2016-3189 at SUSECVE-2016-3189 at NVDCVE-2019-12900 at SUSECVE-2019-12900 at NVDcpe:/o:suse:sl-micro:6.1chkstat-1600_20240206-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the chkstat-1600_20240206-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-3687 at SUSECVE-2019-3687 at NVDCVE-2019-3688 at SUSECVE-2019-3688 at NVDCVE-2019-3690 at SUSECVE-2019-3690 at NVDCVE-2020-8013 at SUSECVE-2020-8013 at NVDCVE-2022-31252 at SUSECVE-2022-31252 at NVDcpe:/o:suse:sl-micro:6.1chrony-4.5-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the chrony-4.5-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-4502 at SUSECVE-2012-4502 at NVDCVE-2012-4503 at SUSECVE-2012-4503 at NVDCVE-2014-0021 at SUSECVE-2014-0021 at NVDCVE-2016-1567 at SUSECVE-2016-1567 at NVDCVE-2020-14367 at SUSECVE-2020-14367 at NVDcpe:/o:suse:sl-micro:6.1cifs-utils-7.0-slfo.1.1_1.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the cifs-utils-7.0-slfo.1.1_1.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-1059 at SUSECVE-2006-1059 at NVDCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0728 at SUSECVE-2010-0728 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2012-1586 at SUSECVE-2012-1586 at NVDCVE-2020-14342 at SUSECVE-2020-14342 at NVDCVE-2021-20208 at SUSECVE-2021-20208 at NVDCVE-2022-27239 at SUSECVE-2022-27239 at NVDcpe:/o:suse:sl-micro:6.1cloud-init-23.3-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the cloud-init-23.3-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-0816 at SUSECVE-2019-0816 at NVDCVE-2020-8631 at SUSECVE-2020-8631 at NVDCVE-2020-8632 at SUSECVE-2020-8632 at NVDCVE-2021-3429 at SUSECVE-2021-3429 at NVDCVE-2022-2084 at SUSECVE-2022-2084 at NVDCVE-2023-1786 at SUSECVE-2023-1786 at NVDcpe:/o:suse:sl-micro:6.1cni-1.1.2-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the cni-1.1.2-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2021-20206 at SUSECVE-2021-20206 at NVDCVE-2021-38561 at SUSECVE-2021-38561 at NVDcpe:/o:suse:sl-micro:6.1cni-plugins-1.3.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the cni-plugins-1.3.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-10749 at SUSECVE-2020-10749 at NVDCVE-2021-20206 at SUSECVE-2021-20206 at NVDcpe:/o:suse:sl-micro:6.1cockpit-321-slfo.1.1_2.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the cockpit-321-slfo.1.1_2.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2024-6126 at SUSECVE-2024-6126 at NVDcpe:/o:suse:sl-micro:6.1conmon-2.1.10-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the conmon-2.1.10-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-1708 at SUSECVE-2022-1708 at NVDcpe:/o:suse:sl-micro:6.1conntrack-tools-1.4.8-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the conntrack-tools-1.4.8-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-6496 at SUSECVE-2015-6496 at NVDcpe:/o:suse:sl-micro:6.1containerd-1.7.21-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the containerd-1.7.21-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-9962 at SUSECVE-2016-9962 at NVDCVE-2018-16873 at SUSECVE-2018-16873 at NVDCVE-2018-16874 at SUSECVE-2018-16874 at NVDCVE-2018-16875 at SUSECVE-2018-16875 at NVDCVE-2019-5736 at SUSECVE-2019-5736 at NVDCVE-2020-15157 at SUSECVE-2020-15157 at NVDCVE-2020-15257 at SUSECVE-2020-15257 at NVDCVE-2021-21334 at SUSECVE-2021-21334 at NVDCVE-2021-32760 at SUSECVE-2021-32760 at NVDCVE-2021-41103 at SUSECVE-2021-41103 at NVDCVE-2021-41190 at SUSECVE-2021-41190 at NVDCVE-2022-1996 at SUSECVE-2022-1996 at NVDCVE-2022-23471 at SUSECVE-2022-23471 at NVDCVE-2022-23648 at SUSECVE-2022-23648 at NVDCVE-2022-24769 at SUSECVE-2022-24769 at NVDCVE-2022-27191 at SUSECVE-2022-27191 at NVDCVE-2022-31030 at SUSECVE-2022-31030 at NVDCVE-2023-25153 at SUSECVE-2023-25153 at NVDCVE-2023-25173 at SUSECVE-2023-25173 at NVDCVE-2023-45142 at SUSECVE-2023-45142 at NVDCVE-2023-45288 at SUSECVE-2023-45288 at NVDCVE-2023-47108 at SUSECVE-2023-47108 at NVDcpe:/o:suse:sl-micro:6.1containerized-data-importer-manifests-1.60.1-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the containerized-data-importer-manifests-1.60.1-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2024-3727 at SUSECVE-2024-3727 at NVDcpe:/o:suse:sl-micro:6.1coolkey-1.1.0-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the coolkey-1.1.0-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-4129 at SUSECVE-2007-4129 at NVDcpe:/o:suse:sl-micro:6.1coreutils-9.4-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the coreutils-9.4-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-0221 at SUSECVE-2013-0221 at NVDCVE-2013-0222 at SUSECVE-2013-0222 at NVDCVE-2013-0223 at SUSECVE-2013-0223 at NVDCVE-2015-4041 at SUSECVE-2015-4041 at NVDCVE-2015-4042 at SUSECVE-2015-4042 at NVDCVE-2017-7476 at SUSECVE-2017-7476 at NVDCVE-2024-0684 at SUSECVE-2024-0684 at NVDcpe:/o:suse:sl-micro:6.1cpio-2.15-slfo.1.1_2.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the cpio-2.15-slfo.1.1_2.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2010-0624 at SUSECVE-2010-0624 at NVDCVE-2014-9112 at SUSECVE-2014-9112 at NVDCVE-2015-1197 at SUSECVE-2015-1197 at NVDCVE-2016-2037 at SUSECVE-2016-2037 at NVDCVE-2019-14866 at SUSECVE-2019-14866 at NVDCVE-2021-38185 at SUSECVE-2021-38185 at NVDCVE-2023-7207 at SUSECVE-2023-7207 at NVDcpe:/o:suse:sl-micro:6.1cracklib-2.9.11-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the cracklib-2.9.11-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-6318 at SUSECVE-2016-6318 at NVDcpe:/o:suse:sl-micro:6.1crun-1.15-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the crun-1.15-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-27650 at SUSECVE-2022-27650 at NVDCVE-2024-21626 at SUSECVE-2024-21626 at NVDcpe:/o:suse:sl-micro:6.1cryptsetup-2.6.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the cryptsetup-2.6.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-14382 at SUSECVE-2020-14382 at NVDCVE-2021-4122 at SUSECVE-2021-4122 at NVDcpe:/o:suse:sl-micro:6.1cups-config-2.4.10-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the cups-config-2.4.10-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2005-3193 at SUSECVE-2005-3193 at NVDCVE-2005-3624 at SUSECVE-2005-3624 at NVDCVE-2005-3625 at SUSECVE-2005-3625 at NVDCVE-2005-3626 at SUSECVE-2005-3626 at NVDCVE-2005-3627 at SUSECVE-2005-3627 at NVDCVE-2005-3628 at SUSECVE-2005-3628 at NVDCVE-2007-0104 at SUSECVE-2007-0104 at NVDCVE-2007-3387 at SUSECVE-2007-3387 at NVDCVE-2007-4351 at SUSECVE-2007-4351 at NVDCVE-2007-4352 at SUSECVE-2007-4352 at NVDCVE-2007-5392 at SUSECVE-2007-5392 at NVDCVE-2007-5393 at SUSECVE-2007-5393 at NVDCVE-2008-0047 at SUSECVE-2008-0047 at NVDCVE-2008-1373 at SUSECVE-2008-1373 at NVDCVE-2008-1693 at SUSECVE-2008-1693 at NVDCVE-2008-1722 at SUSECVE-2008-1722 at NVDCVE-2008-3641 at SUSECVE-2008-3641 at NVDCVE-2009-0163 at SUSECVE-2009-0163 at NVDCVE-2009-2820 at SUSECVE-2009-2820 at NVDCVE-2009-3553 at SUSECVE-2009-3553 at NVDCVE-2010-0393 at SUSECVE-2010-0393 at NVDCVE-2010-0540 at SUSECVE-2010-0540 at NVDCVE-2010-0542 at SUSECVE-2010-0542 at NVDCVE-2010-1748 at SUSECVE-2010-1748 at NVDCVE-2010-2941 at SUSECVE-2010-2941 at NVDCVE-2012-5519 at SUSECVE-2012-5519 at NVDCVE-2012-6094 at SUSECVE-2012-6094 at NVDCVE-2014-2856 at SUSECVE-2014-2856 at NVDCVE-2014-3537 at SUSECVE-2014-3537 at NVDCVE-2014-5029 at SUSECVE-2014-5029 at NVDCVE-2014-5030 at SUSECVE-2014-5030 at NVDCVE-2014-5031 at SUSECVE-2014-5031 at NVDCVE-2015-1158 at SUSECVE-2015-1158 at NVDCVE-2015-1159 at SUSECVE-2015-1159 at NVDCVE-2017-18248 at SUSECVE-2017-18248 at NVDCVE-2018-4700 at SUSECVE-2018-4700 at NVDCVE-2019-2228 at SUSECVE-2019-2228 at NVDCVE-2019-8675 at SUSECVE-2019-8675 at NVDCVE-2019-8696 at SUSECVE-2019-8696 at NVDCVE-2019-8842 at SUSECVE-2019-8842 at NVDCVE-2020-10001 at SUSECVE-2020-10001 at NVDCVE-2020-3898 at SUSECVE-2020-3898 at NVDCVE-2021-25317 at SUSECVE-2021-25317 at NVDCVE-2022-26691 at SUSECVE-2022-26691 at NVDCVE-2023-32324 at SUSECVE-2023-32324 at NVDCVE-2023-32360 at SUSECVE-2023-32360 at NVDCVE-2023-34241 at SUSECVE-2023-34241 at NVDCVE-2023-4504 at SUSECVE-2023-4504 at NVDCVE-2024-35235 at SUSECVE-2024-35235 at NVDcpe:/o:suse:sl-micro:6.1curl-8.9.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the curl-8.9.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-1061 at SUSECVE-2006-1061 at NVDCVE-2009-0037 at SUSECVE-2009-0037 at NVDCVE-2009-2417 at SUSECVE-2009-2417 at NVDCVE-2013-0249 at SUSECVE-2013-0249 at NVDCVE-2013-1944 at SUSECVE-2013-1944 at NVDCVE-2013-2174 at SUSECVE-2013-2174 at NVDCVE-2013-4545 at SUSECVE-2013-4545 at NVDCVE-2014-0015 at SUSECVE-2014-0015 at NVDCVE-2014-0138 at SUSECVE-2014-0138 at NVDCVE-2014-0139 at SUSECVE-2014-0139 at NVDCVE-2014-3613 at SUSECVE-2014-3613 at NVDCVE-2014-3620 at SUSECVE-2014-3620 at NVDCVE-2014-8150 at SUSECVE-2014-8150 at NVDCVE-2015-3143 at SUSECVE-2015-3143 at NVDCVE-2015-3144 at SUSECVE-2015-3144 at NVDCVE-2015-3145 at SUSECVE-2015-3145 at NVDCVE-2015-3148 at SUSECVE-2015-3148 at NVDCVE-2015-3153 at SUSECVE-2015-3153 at NVDCVE-2015-3236 at SUSECVE-2015-3236 at NVDCVE-2015-3237 at SUSECVE-2015-3237 at NVDCVE-2016-0755 at SUSECVE-2016-0755 at NVDCVE-2016-7167 at SUSECVE-2016-7167 at NVDCVE-2016-8615 at SUSECVE-2016-8615 at NVDCVE-2016-8616 at SUSECVE-2016-8616 at NVDCVE-2016-8617 at SUSECVE-2016-8617 at NVDCVE-2016-8618 at SUSECVE-2016-8618 at NVDCVE-2016-8619 at SUSECVE-2016-8619 at NVDCVE-2016-8620 at SUSECVE-2016-8620 at NVDCVE-2016-8621 at SUSECVE-2016-8621 at NVDCVE-2016-8622 at SUSECVE-2016-8622 at NVDCVE-2016-8623 at SUSECVE-2016-8623 at NVDCVE-2016-8624 at SUSECVE-2016-8624 at NVDCVE-2016-8625 at SUSECVE-2016-8625 at NVDCVE-2016-9586 at SUSECVE-2016-9586 at NVDCVE-2016-9594 at SUSECVE-2016-9594 at NVDCVE-2017-1000099 at SUSECVE-2017-1000099 at NVDCVE-2017-1000100 at SUSECVE-2017-1000100 at NVDCVE-2017-1000101 at SUSECVE-2017-1000101 at NVDCVE-2017-1000254 at SUSECVE-2017-1000254 at NVDCVE-2017-1000257 at SUSECVE-2017-1000257 at NVDCVE-2017-2629 at SUSECVE-2017-2629 at NVDCVE-2017-7468 at SUSECVE-2017-7468 at NVDCVE-2017-8816 at SUSECVE-2017-8816 at NVDCVE-2017-8817 at SUSECVE-2017-8817 at NVDCVE-2017-8818 at SUSECVE-2017-8818 at NVDCVE-2017-9502 at SUSECVE-2017-9502 at NVDCVE-2018-0500 at SUSECVE-2018-0500 at NVDCVE-2018-1000005 at SUSECVE-2018-1000005 at NVDCVE-2018-1000007 at SUSECVE-2018-1000007 at NVDCVE-2018-1000120 at SUSECVE-2018-1000120 at NVDCVE-2018-1000121 at SUSECVE-2018-1000121 at NVDCVE-2018-1000122 at SUSECVE-2018-1000122 at NVDCVE-2018-1000300 at SUSECVE-2018-1000300 at NVDCVE-2018-1000301 at SUSECVE-2018-1000301 at NVDCVE-2018-14618 at SUSECVE-2018-14618 at NVDCVE-2018-16839 at SUSECVE-2018-16839 at NVDCVE-2018-16840 at SUSECVE-2018-16840 at NVDCVE-2018-16842 at SUSECVE-2018-16842 at NVDCVE-2018-16890 at SUSECVE-2018-16890 at NVDCVE-2019-15601 at SUSECVE-2019-15601 at NVDCVE-2019-3822 at SUSECVE-2019-3822 at NVDCVE-2019-3823 at SUSECVE-2019-3823 at NVDCVE-2019-5435 at SUSECVE-2019-5435 at NVDCVE-2019-5436 at SUSECVE-2019-5436 at NVDCVE-2019-5481 at SUSECVE-2019-5481 at NVDCVE-2019-5482 at SUSECVE-2019-5482 at NVDCVE-2020-8169 at SUSECVE-2020-8169 at NVDCVE-2020-8177 at SUSECVE-2020-8177 at NVDCVE-2020-8231 at SUSECVE-2020-8231 at NVDCVE-2020-8284 at SUSECVE-2020-8284 at NVDCVE-2020-8285 at SUSECVE-2020-8285 at NVDCVE-2020-8286 at SUSECVE-2020-8286 at NVDCVE-2021-22297 at SUSECVE-2021-22297 at NVDCVE-2021-22298 at SUSECVE-2021-22298 at NVDCVE-2021-22876 at SUSECVE-2021-22876 at NVDCVE-2021-22890 at SUSECVE-2021-22890 at NVDCVE-2021-22898 at SUSECVE-2021-22898 at NVDCVE-2021-22901 at SUSECVE-2021-22901 at NVDCVE-2021-22922 at SUSECVE-2021-22922 at NVDCVE-2021-22923 at SUSECVE-2021-22923 at NVDCVE-2021-22924 at SUSECVE-2021-22924 at NVDCVE-2021-22925 at SUSECVE-2021-22925 at NVDCVE-2021-22945 at SUSECVE-2021-22945 at NVDCVE-2021-22946 at SUSECVE-2021-22946 at NVDCVE-2021-22947 at SUSECVE-2021-22947 at NVDCVE-2022-22576 at SUSECVE-2022-22576 at NVDCVE-2022-27774 at SUSECVE-2022-27774 at NVDCVE-2022-27775 at SUSECVE-2022-27775 at NVDCVE-2022-27776 at SUSECVE-2022-27776 at NVDCVE-2022-27778 at SUSECVE-2022-27778 at NVDCVE-2022-27779 at SUSECVE-2022-27779 at NVDCVE-2022-27780 at SUSECVE-2022-27780 at NVDCVE-2022-27781 at SUSECVE-2022-27781 at NVDCVE-2022-27782 at SUSECVE-2022-27782 at NVDCVE-2022-30115 at SUSECVE-2022-30115 at NVDCVE-2022-32205 at SUSECVE-2022-32205 at NVDCVE-2022-32206 at SUSECVE-2022-32206 at NVDCVE-2022-32207 at SUSECVE-2022-32207 at NVDCVE-2022-32208 at SUSECVE-2022-32208 at NVDCVE-2022-32221 at SUSECVE-2022-32221 at NVDCVE-2022-35252 at SUSECVE-2022-35252 at NVDCVE-2022-35260 at SUSECVE-2022-35260 at NVDCVE-2022-42915 at SUSECVE-2022-42915 at NVDCVE-2022-42916 at SUSECVE-2022-42916 at NVDCVE-2022-43551 at SUSECVE-2022-43551 at NVDCVE-2022-43552 at SUSECVE-2022-43552 at NVDCVE-2023-23914 at SUSECVE-2023-23914 at NVDCVE-2023-23915 at SUSECVE-2023-23915 at NVDCVE-2023-23916 at SUSECVE-2023-23916 at NVDCVE-2023-27533 at SUSECVE-2023-27533 at NVDCVE-2023-27534 at SUSECVE-2023-27534 at NVDCVE-2023-27535 at SUSECVE-2023-27535 at NVDCVE-2023-27536 at SUSECVE-2023-27536 at NVDCVE-2023-27537 at SUSECVE-2023-27537 at NVDCVE-2023-27538 at SUSECVE-2023-27538 at NVDCVE-2023-28319 at SUSECVE-2023-28319 at NVDCVE-2023-28320 at SUSECVE-2023-28320 at NVDCVE-2023-28321 at SUSECVE-2023-28321 at NVDCVE-2023-28322 at SUSECVE-2023-28322 at NVDCVE-2023-32001 at SUSECVE-2023-32001 at NVDCVE-2023-38039 at SUSECVE-2023-38039 at NVDCVE-2023-38545 at SUSECVE-2023-38545 at NVDCVE-2023-38546 at SUSECVE-2023-38546 at NVDCVE-2023-46218 at SUSECVE-2023-46218 at NVDCVE-2023-46219 at SUSECVE-2023-46219 at NVDCVE-2024-0853 at SUSECVE-2024-0853 at NVDCVE-2024-2004 at SUSECVE-2024-2004 at NVDCVE-2024-2379 at SUSECVE-2024-2379 at NVDCVE-2024-2398 at SUSECVE-2024-2398 at NVDCVE-2024-2466 at SUSECVE-2024-2466 at NVDCVE-2024-6197 at SUSECVE-2024-6197 at NVDCVE-2024-6874 at SUSECVE-2024-6874 at NVDCVE-2024-7264 at SUSECVE-2024-7264 at NVDcpe:/o:suse:sl-micro:6.1cyrus-sasl-2.1.28-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the cyrus-sasl-2.1.28-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-0688 at SUSECVE-2009-0688 at NVDCVE-2019-19906 at SUSECVE-2019-19906 at NVDCVE-2020-8032 at SUSECVE-2020-8032 at NVDCVE-2022-24407 at SUSECVE-2022-24407 at NVDcpe:/o:suse:sl-micro:6.1dbus-1-1.14.10-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the dbus-1-1.14.10-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-6107 at SUSECVE-2006-6107 at NVDCVE-2008-0595 at SUSECVE-2008-0595 at NVDCVE-2008-3834 at SUSECVE-2008-3834 at NVDCVE-2008-4311 at SUSECVE-2008-4311 at NVDCVE-2010-4352 at SUSECVE-2010-4352 at NVDCVE-2012-3524 at SUSECVE-2012-3524 at NVDCVE-2013-2168 at SUSECVE-2013-2168 at NVDCVE-2014-3477 at SUSECVE-2014-3477 at NVDCVE-2014-3532 at SUSECVE-2014-3532 at NVDCVE-2014-3533 at SUSECVE-2014-3533 at NVDCVE-2014-3635 at SUSECVE-2014-3635 at NVDCVE-2014-3636 at SUSECVE-2014-3636 at NVDCVE-2014-3637 at SUSECVE-2014-3637 at NVDCVE-2014-3638 at SUSECVE-2014-3638 at NVDCVE-2014-3639 at SUSECVE-2014-3639 at NVDCVE-2014-7824 at SUSECVE-2014-7824 at NVDCVE-2014-8148 at SUSECVE-2014-8148 at NVDCVE-2015-0245 at SUSECVE-2015-0245 at NVDCVE-2019-12749 at SUSECVE-2019-12749 at NVDCVE-2020-12049 at SUSECVE-2020-12049 at NVDCVE-2022-42010 at SUSECVE-2022-42010 at NVDCVE-2022-42011 at SUSECVE-2022-42011 at NVDCVE-2022-42012 at SUSECVE-2022-42012 at NVDCVE-2023-34969 at SUSECVE-2023-34969 at NVDcpe:/o:suse:sl-micro:6.1dhcp-4.4.2.P1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the dhcp-4.4.2.P1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-1892 at SUSECVE-2009-1892 at NVDCVE-2010-2156 at SUSECVE-2010-2156 at NVDCVE-2010-3611 at SUSECVE-2010-3611 at NVDCVE-2010-3616 at SUSECVE-2010-3616 at NVDCVE-2011-0413 at SUSECVE-2011-0413 at NVDCVE-2011-0997 at SUSECVE-2011-0997 at NVDCVE-2011-2748 at SUSECVE-2011-2748 at NVDCVE-2011-2749 at SUSECVE-2011-2749 at NVDCVE-2011-4539 at SUSECVE-2011-4539 at NVDCVE-2011-4868 at SUSECVE-2011-4868 at NVDCVE-2012-3570 at SUSECVE-2012-3570 at NVDCVE-2012-3571 at SUSECVE-2012-3571 at NVDCVE-2012-3954 at SUSECVE-2012-3954 at NVDCVE-2012-3955 at SUSECVE-2012-3955 at NVDCVE-2013-2266 at SUSECVE-2013-2266 at NVDCVE-2015-8605 at SUSECVE-2015-8605 at NVDCVE-2017-3144 at SUSECVE-2017-3144 at NVDCVE-2018-5732 at SUSECVE-2018-5732 at NVDCVE-2018-5733 at SUSECVE-2018-5733 at NVDCVE-2019-6470 at SUSECVE-2019-6470 at NVDCVE-2021-25217 at SUSECVE-2021-25217 at NVDCVE-2022-2928 at SUSECVE-2022-2928 at NVDCVE-2022-2929 at SUSECVE-2022-2929 at NVDcpe:/o:suse:sl-micro:6.1dnsmasq-2.90-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the dnsmasq-2.90-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-3294 at SUSECVE-2015-3294 at NVDCVE-2015-8899 at SUSECVE-2015-8899 at NVDCVE-2017-14491 at SUSECVE-2017-14491 at NVDCVE-2017-14492 at SUSECVE-2017-14492 at NVDCVE-2017-14493 at SUSECVE-2017-14493 at NVDCVE-2017-14494 at SUSECVE-2017-14494 at NVDCVE-2017-14495 at SUSECVE-2017-14495 at NVDCVE-2017-14496 at SUSECVE-2017-14496 at NVDCVE-2017-15107 at SUSECVE-2017-15107 at NVDCVE-2019-14834 at SUSECVE-2019-14834 at NVDCVE-2020-14312 at SUSECVE-2020-14312 at NVDCVE-2020-25681 at SUSECVE-2020-25681 at NVDCVE-2020-25682 at SUSECVE-2020-25682 at NVDCVE-2020-25683 at SUSECVE-2020-25683 at NVDCVE-2020-25684 at SUSECVE-2020-25684 at NVDCVE-2020-25685 at SUSECVE-2020-25685 at NVDCVE-2020-25686 at SUSECVE-2020-25686 at NVDCVE-2020-25687 at SUSECVE-2020-25687 at NVDCVE-2021-3448 at SUSECVE-2021-3448 at NVDCVE-2022-0934 at SUSECVE-2022-0934 at NVDCVE-2023-28450 at SUSECVE-2023-28450 at NVDCVE-2023-49441 at SUSECVE-2023-49441 at NVDCVE-2023-50387 at SUSECVE-2023-50387 at NVDCVE-2023-50868 at SUSECVE-2023-50868 at NVDcpe:/o:suse:sl-micro:6.1docker-25.0.6_ce-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the docker-25.0.6_ce-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-3499 at SUSECVE-2014-3499 at NVDCVE-2014-5277 at SUSECVE-2014-5277 at NVDCVE-2014-6407 at SUSECVE-2014-6407 at NVDCVE-2014-6408 at SUSECVE-2014-6408 at NVDCVE-2014-8178 at SUSECVE-2014-8178 at NVDCVE-2014-8179 at SUSECVE-2014-8179 at NVDCVE-2014-9356 at SUSECVE-2014-9356 at NVDCVE-2014-9357 at SUSECVE-2014-9357 at NVDCVE-2014-9358 at SUSECVE-2014-9358 at NVDCVE-2015-3627 at SUSECVE-2015-3627 at NVDCVE-2015-3629 at SUSECVE-2015-3629 at NVDCVE-2015-3630 at SUSECVE-2015-3630 at NVDCVE-2015-3631 at SUSECVE-2015-3631 at NVDCVE-2016-3697 at SUSECVE-2016-3697 at NVDCVE-2016-8867 at SUSECVE-2016-8867 at NVDCVE-2016-9962 at SUSECVE-2016-9962 at NVDCVE-2017-14992 at SUSECVE-2017-14992 at NVDCVE-2017-16539 at SUSECVE-2017-16539 at NVDCVE-2018-10892 at SUSECVE-2018-10892 at NVDCVE-2018-15664 at SUSECVE-2018-15664 at NVDCVE-2018-16873 at SUSECVE-2018-16873 at NVDCVE-2018-16874 at SUSECVE-2018-16874 at NVDCVE-2018-16875 at SUSECVE-2018-16875 at NVDCVE-2018-20699 at SUSECVE-2018-20699 at NVDCVE-2019-13509 at SUSECVE-2019-13509 at NVDCVE-2019-14271 at SUSECVE-2019-14271 at NVDCVE-2020-12912 at SUSECVE-2020-12912 at NVDCVE-2020-13401 at SUSECVE-2020-13401 at NVDCVE-2020-15257 at SUSECVE-2020-15257 at NVDCVE-2020-8694 at SUSECVE-2020-8694 at NVDCVE-2020-8695 at SUSECVE-2020-8695 at NVDCVE-2021-21284 at SUSECVE-2021-21284 at NVDCVE-2021-21285 at SUSECVE-2021-21285 at NVDCVE-2021-41089 at SUSECVE-2021-41089 at NVDCVE-2021-41091 at SUSECVE-2021-41091 at NVDCVE-2021-41092 at SUSECVE-2021-41092 at NVDCVE-2021-41103 at SUSECVE-2021-41103 at NVDCVE-2021-41190 at SUSECVE-2021-41190 at NVDCVE-2021-43565 at SUSECVE-2021-43565 at NVDCVE-2022-24769 at SUSECVE-2022-24769 at NVDCVE-2022-27191 at SUSECVE-2022-27191 at NVDCVE-2022-36109 at SUSECVE-2022-36109 at NVDCVE-2023-28840 at SUSECVE-2023-28840 at NVDCVE-2023-28841 at SUSECVE-2023-28841 at NVDCVE-2023-28842 at SUSECVE-2023-28842 at NVDCVE-2024-23651 at SUSECVE-2024-23651 at NVDCVE-2024-23652 at SUSECVE-2024-23652 at NVDCVE-2024-23653 at SUSECVE-2024-23653 at NVDCVE-2024-41110 at SUSECVE-2024-41110 at NVDcpe:/o:suse:sl-micro:6.1docker-compose-2.24.5-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the docker-compose-2.24.5-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-27664 at SUSECVE-2022-27664 at NVDCVE-2022-2879 at SUSECVE-2022-2879 at NVDCVE-2022-2880 at SUSECVE-2022-2880 at NVDCVE-2022-32149 at SUSECVE-2022-32149 at NVDCVE-2022-39253 at SUSECVE-2022-39253 at NVDCVE-2022-41715 at SUSECVE-2022-41715 at NVDCVE-2022-41723 at SUSECVE-2022-41723 at NVDCVE-2023-28840 at SUSECVE-2023-28840 at NVDcpe:/o:suse:sl-micro:6.1dpdk-22.11.1-slfo.1.1_1.9 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the dpdk-22.11.1-slfo.1.1_1.9 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-1059 at SUSECVE-2018-1059 at NVDCVE-2019-14818 at SUSECVE-2019-14818 at NVDCVE-2020-10722 at SUSECVE-2020-10722 at NVDCVE-2020-10723 at SUSECVE-2020-10723 at NVDCVE-2020-10724 at SUSECVE-2020-10724 at NVDCVE-2020-10725 at SUSECVE-2020-10725 at NVDCVE-2020-10726 at SUSECVE-2020-10726 at NVDCVE-2020-14374 at SUSECVE-2020-14374 at NVDCVE-2020-14375 at SUSECVE-2020-14375 at NVDCVE-2020-14376 at SUSECVE-2020-14376 at NVDCVE-2020-14377 at SUSECVE-2020-14377 at NVDCVE-2020-14378 at SUSECVE-2020-14378 at NVDCVE-2021-3839 at SUSECVE-2021-3839 at NVDCVE-2022-0669 at SUSECVE-2022-0669 at NVDcpe:/o:suse:sl-micro:6.1dracut-059+suse.607.g2d95edb5-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the dracut-059+suse.607.g2d95edb5-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-4453 at SUSECVE-2012-4453 at NVDCVE-2016-8637 at SUSECVE-2016-8637 at NVDcpe:/o:suse:sl-micro:6.1e2fsprogs-1.47.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the e2fsprogs-1.47.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-5497 at SUSECVE-2007-5497 at NVDCVE-2019-5094 at SUSECVE-2019-5094 at NVDcpe:/o:suse:sl-micro:6.1elfutils-0.189-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the elfutils-0.189-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-0172 at SUSECVE-2014-0172 at NVDCVE-2014-9447 at SUSECVE-2014-9447 at NVDCVE-2018-18310 at SUSECVE-2018-18310 at NVDCVE-2018-18520 at SUSECVE-2018-18520 at NVDCVE-2018-18521 at SUSECVE-2018-18521 at NVDCVE-2019-7146 at SUSECVE-2019-7146 at NVDCVE-2019-7148 at SUSECVE-2019-7148 at NVDCVE-2019-7149 at SUSECVE-2019-7149 at NVDCVE-2019-7150 at SUSECVE-2019-7150 at NVDCVE-2019-7664 at SUSECVE-2019-7664 at NVDCVE-2019-7665 at SUSECVE-2019-7665 at NVDcpe:/o:suse:sl-micro:6.1file-5.44-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the file-5.44-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-1536 at SUSECVE-2007-1536 at NVDCVE-2007-2799 at SUSECVE-2007-2799 at NVDCVE-2012-1571 at SUSECVE-2012-1571 at NVDCVE-2014-3710 at SUSECVE-2014-3710 at NVDCVE-2014-8116 at SUSECVE-2014-8116 at NVDCVE-2014-8117 at SUSECVE-2014-8117 at NVDCVE-2017-1000249 at SUSECVE-2017-1000249 at NVDCVE-2018-10360 at SUSECVE-2018-10360 at NVDCVE-2019-18218 at SUSECVE-2019-18218 at NVDCVE-2019-8904 at SUSECVE-2019-8904 at NVDCVE-2019-8905 at SUSECVE-2019-8905 at NVDCVE-2019-8906 at SUSECVE-2019-8906 at NVDCVE-2019-8907 at SUSECVE-2019-8907 at NVDcpe:/o:suse:sl-micro:6.1findutils-4.9.0-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the findutils-4.9.0-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-2452 at SUSECVE-2007-2452 at NVDcpe:/o:suse:sl-micro:6.1firewalld-2.0.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the firewalld-2.0.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-5410 at SUSECVE-2016-5410 at NVDcpe:/o:suse:sl-micro:6.1fwupd-1.9.16-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the fwupd-1.9.16-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-10759 at SUSECVE-2020-10759 at NVDCVE-2022-3287 at SUSECVE-2022-3287 at NVDcpe:/o:suse:sl-micro:6.1gdk-pixbuf-loader-rsvg-2.56.3-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the gdk-pixbuf-loader-rsvg-2.56.3-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2011-3146 at SUSECVE-2011-3146 at NVDCVE-2013-1881 at SUSECVE-2013-1881 at NVDCVE-2017-11464 at SUSECVE-2017-11464 at NVDCVE-2019-20446 at SUSECVE-2019-20446 at NVDCVE-2021-25900 at SUSECVE-2021-25900 at NVDcpe:/o:suse:sl-micro:6.1gdk-pixbuf-query-loaders-2.42.12-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the gdk-pixbuf-query-loaders-2.42.12-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2011-2485 at SUSECVE-2011-2485 at NVDCVE-2015-4491 at SUSECVE-2015-4491 at NVDCVE-2015-7552 at SUSECVE-2015-7552 at NVDCVE-2015-7673 at SUSECVE-2015-7673 at NVDCVE-2015-7674 at SUSECVE-2015-7674 at NVDCVE-2016-6352 at SUSECVE-2016-6352 at NVDCVE-2017-2862 at SUSECVE-2017-2862 at NVDCVE-2017-2870 at SUSECVE-2017-2870 at NVDCVE-2017-6312 at SUSECVE-2017-6312 at NVDCVE-2017-6313 at SUSECVE-2017-6313 at NVDCVE-2020-29385 at SUSECVE-2020-29385 at NVDCVE-2021-44648 at SUSECVE-2021-44648 at NVDCVE-2021-46829 at SUSECVE-2021-46829 at NVDCVE-2022-48622 at SUSECVE-2022-48622 at NVDcpe:/o:suse:sl-micro:6.1git-2.46.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the git-2.46.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2005-4900 at SUSECVE-2005-4900 at NVDCVE-2011-2186 at SUSECVE-2011-2186 at NVDCVE-2014-9390 at SUSECVE-2014-9390 at NVDCVE-2016-2315 at SUSECVE-2016-2315 at NVDCVE-2016-2324 at SUSECVE-2016-2324 at NVDCVE-2017-1000117 at SUSECVE-2017-1000117 at NVDCVE-2017-14867 at SUSECVE-2017-14867 at NVDCVE-2017-15298 at SUSECVE-2017-15298 at NVDCVE-2017-8386 at SUSECVE-2017-8386 at NVDCVE-2018-11233 at SUSECVE-2018-11233 at NVDCVE-2018-11235 at SUSECVE-2018-11235 at NVDCVE-2018-17456 at SUSECVE-2018-17456 at NVDCVE-2018-19486 at SUSECVE-2018-19486 at NVDCVE-2019-1348 at SUSECVE-2019-1348 at NVDCVE-2019-1349 at SUSECVE-2019-1349 at NVDCVE-2019-1350 at SUSECVE-2019-1350 at NVDCVE-2019-1351 at SUSECVE-2019-1351 at NVDCVE-2019-1352 at SUSECVE-2019-1352 at NVDCVE-2019-1353 at SUSECVE-2019-1353 at NVDCVE-2019-1354 at SUSECVE-2019-1354 at NVDCVE-2019-1387 at SUSECVE-2019-1387 at NVDCVE-2019-19604 at SUSECVE-2019-19604 at NVDCVE-2020-11008 at SUSECVE-2020-11008 at NVDCVE-2020-5260 at SUSECVE-2020-5260 at NVDCVE-2021-21300 at SUSECVE-2021-21300 at NVDCVE-2022-23521 at SUSECVE-2022-23521 at NVDCVE-2022-24765 at SUSECVE-2022-24765 at NVDCVE-2022-29187 at SUSECVE-2022-29187 at NVDCVE-2022-39253 at SUSECVE-2022-39253 at NVDCVE-2022-39260 at SUSECVE-2022-39260 at NVDCVE-2022-41903 at SUSECVE-2022-41903 at NVDCVE-2023-22490 at SUSECVE-2023-22490 at NVDCVE-2023-23946 at SUSECVE-2023-23946 at NVDCVE-2023-25652 at SUSECVE-2023-25652 at NVDCVE-2023-25815 at SUSECVE-2023-25815 at NVDCVE-2023-29007 at SUSECVE-2023-29007 at NVDCVE-2024-24577 at SUSECVE-2024-24577 at NVDCVE-2024-32002 at SUSECVE-2024-32002 at NVDCVE-2024-32004 at SUSECVE-2024-32004 at NVDCVE-2024-32020 at SUSECVE-2024-32020 at NVDCVE-2024-32021 at SUSECVE-2024-32021 at NVDCVE-2024-32465 at SUSECVE-2024-32465 at NVDcpe:/o:suse:sl-micro:6.1glib-networking-2.78.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the glib-networking-2.78.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-13645 at SUSECVE-2020-13645 at NVDcpe:/o:suse:sl-micro:6.1glib2-tools-2.78.6-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the glib2-tools-2.78.6-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2008-2371 at SUSECVE-2008-2371 at NVDCVE-2008-4316 at SUSECVE-2008-4316 at NVDCVE-2012-3524 at SUSECVE-2012-3524 at NVDCVE-2018-16428 at SUSECVE-2018-16428 at NVDCVE-2018-16429 at SUSECVE-2018-16429 at NVDCVE-2019-12450 at SUSECVE-2019-12450 at NVDCVE-2020-6750 at SUSECVE-2020-6750 at NVDCVE-2021-27218 at SUSECVE-2021-27218 at NVDCVE-2021-27219 at SUSECVE-2021-27219 at NVDCVE-2023-24593 at SUSECVE-2023-24593 at NVDCVE-2023-25180 at SUSECVE-2023-25180 at NVDCVE-2024-34397 at SUSECVE-2024-34397 at NVDcpe:/o:suse:sl-micro:6.1glibc-2.38-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the glibc-2.38-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-5029 at SUSECVE-2009-5029 at NVDCVE-2009-5064 at SUSECVE-2009-5064 at NVDCVE-2009-5155 at SUSECVE-2009-5155 at NVDCVE-2010-3192 at SUSECVE-2010-3192 at NVDCVE-2012-3406 at SUSECVE-2012-3406 at NVDCVE-2012-4412 at SUSECVE-2012-4412 at NVDCVE-2013-0242 at SUSECVE-2013-0242 at NVDCVE-2013-1914 at SUSECVE-2013-1914 at NVDCVE-2013-2207 at SUSECVE-2013-2207 at NVDCVE-2013-4237 at SUSECVE-2013-4237 at NVDCVE-2013-4332 at SUSECVE-2013-4332 at NVDCVE-2013-4458 at SUSECVE-2013-4458 at NVDCVE-2013-7423 at SUSECVE-2013-7423 at NVDCVE-2014-0475 at SUSECVE-2014-0475 at NVDCVE-2014-4043 at SUSECVE-2014-4043 at NVDCVE-2014-5119 at SUSECVE-2014-5119 at NVDCVE-2014-6040 at SUSECVE-2014-6040 at NVDCVE-2014-7817 at SUSECVE-2014-7817 at NVDCVE-2014-8121 at SUSECVE-2014-8121 at NVDCVE-2014-9402 at SUSECVE-2014-9402 at NVDCVE-2014-9761 at SUSECVE-2014-9761 at NVDCVE-2015-1472 at SUSECVE-2015-1472 at NVDCVE-2015-1473 at SUSECVE-2015-1473 at NVDCVE-2015-1781 at SUSECVE-2015-1781 at NVDCVE-2015-5180 at SUSECVE-2015-5180 at NVDCVE-2015-7547 at SUSECVE-2015-7547 at NVDCVE-2015-8776 at SUSECVE-2015-8776 at NVDCVE-2015-8777 at SUSECVE-2015-8777 at NVDCVE-2015-8778 at SUSECVE-2015-8778 at NVDCVE-2015-8779 at SUSECVE-2015-8779 at NVDCVE-2015-8985 at SUSECVE-2015-8985 at NVDCVE-2016-10228 at SUSECVE-2016-10228 at NVDCVE-2016-10739 at SUSECVE-2016-10739 at NVDCVE-2016-1234 at SUSECVE-2016-1234 at NVDCVE-2016-3075 at SUSECVE-2016-3075 at NVDCVE-2016-3706 at SUSECVE-2016-3706 at NVDCVE-2016-4429 at SUSECVE-2016-4429 at NVDCVE-2016-5417 at SUSECVE-2016-5417 at NVDCVE-2016-6261 at SUSECVE-2016-6261 at NVDCVE-2016-6263 at SUSECVE-2016-6263 at NVDCVE-2016-6323 at SUSECVE-2016-6323 at NVDCVE-2017-1000366 at SUSECVE-2017-1000366 at NVDCVE-2017-1000408 at SUSECVE-2017-1000408 at NVDCVE-2017-1000409 at SUSECVE-2017-1000409 at NVDCVE-2017-12132 at SUSECVE-2017-12132 at NVDCVE-2017-12133 at SUSECVE-2017-12133 at NVDCVE-2017-14062 at SUSECVE-2017-14062 at NVDCVE-2017-15670 at SUSECVE-2017-15670 at NVDCVE-2017-15671 at SUSECVE-2017-15671 at NVDCVE-2017-15804 at SUSECVE-2017-15804 at NVDCVE-2017-16997 at SUSECVE-2017-16997 at NVDCVE-2017-17426 at SUSECVE-2017-17426 at NVDCVE-2017-18269 at SUSECVE-2017-18269 at NVDCVE-2018-1000001 at SUSECVE-2018-1000001 at NVDCVE-2018-11236 at SUSECVE-2018-11236 at NVDCVE-2018-11237 at SUSECVE-2018-11237 at NVDCVE-2018-19591 at SUSECVE-2018-19591 at NVDCVE-2018-6485 at SUSECVE-2018-6485 at NVDCVE-2018-6551 at SUSECVE-2018-6551 at NVDCVE-2019-19126 at SUSECVE-2019-19126 at NVDCVE-2019-25013 at SUSECVE-2019-25013 at NVDCVE-2019-7309 at SUSECVE-2019-7309 at NVDCVE-2019-9169 at SUSECVE-2019-9169 at NVDCVE-2020-10029 at SUSECVE-2020-10029 at NVDCVE-2020-1751 at SUSECVE-2020-1751 at NVDCVE-2020-1752 at SUSECVE-2020-1752 at NVDCVE-2020-27618 at SUSECVE-2020-27618 at NVDCVE-2020-29562 at SUSECVE-2020-29562 at NVDCVE-2020-29573 at SUSECVE-2020-29573 at NVDCVE-2020-6096 at SUSECVE-2020-6096 at NVDCVE-2021-27645 at SUSECVE-2021-27645 at NVDCVE-2021-3326 at SUSECVE-2021-3326 at NVDCVE-2021-33574 at SUSECVE-2021-33574 at NVDCVE-2021-35942 at SUSECVE-2021-35942 at NVDCVE-2021-3998 at SUSECVE-2021-3998 at NVDCVE-2021-3999 at SUSECVE-2021-3999 at NVDCVE-2022-23218 at SUSECVE-2022-23218 at NVDCVE-2022-23219 at SUSECVE-2022-23219 at NVDCVE-2022-39046 at SUSECVE-2022-39046 at NVDCVE-2023-25139 at SUSECVE-2023-25139 at NVDCVE-2023-4527 at SUSECVE-2023-4527 at NVDCVE-2023-4806 at SUSECVE-2023-4806 at NVDCVE-2023-4813 at SUSECVE-2023-4813 at NVDCVE-2023-4911 at SUSECVE-2023-4911 at NVDCVE-2023-5156 at SUSECVE-2023-5156 at NVDCVE-2023-6246 at SUSECVE-2023-6246 at NVDCVE-2023-6779 at SUSECVE-2023-6779 at NVDCVE-2023-6780 at SUSECVE-2023-6780 at NVDCVE-2024-2961 at SUSECVE-2024-2961 at NVDCVE-2024-33599 at SUSECVE-2024-33599 at NVDCVE-2024-33600 at SUSECVE-2024-33600 at NVDCVE-2024-33601 at SUSECVE-2024-33601 at NVDCVE-2024-33602 at SUSECVE-2024-33602 at NVDcpe:/o:suse:sl-micro:6.1gnutls-3.8.3-slfo.1.1_1.6 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the gnutls-3.8.3-slfo.1.1_1.6 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-4790 at SUSECVE-2006-4790 at NVDCVE-2008-1948 at SUSECVE-2008-1948 at NVDCVE-2008-1949 at SUSECVE-2008-1949 at NVDCVE-2008-1950 at SUSECVE-2008-1950 at NVDCVE-2008-4989 at SUSECVE-2008-4989 at NVDCVE-2011-4128 at SUSECVE-2011-4128 at NVDCVE-2012-0390 at SUSECVE-2012-0390 at NVDCVE-2012-1569 at SUSECVE-2012-1569 at NVDCVE-2012-1573 at SUSECVE-2012-1573 at NVDCVE-2014-0092 at SUSECVE-2014-0092 at NVDCVE-2014-1959 at SUSECVE-2014-1959 at NVDCVE-2014-3466 at SUSECVE-2014-3466 at NVDCVE-2014-8564 at SUSECVE-2014-8564 at NVDCVE-2015-6251 at SUSECVE-2015-6251 at NVDCVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2017-10790 at SUSECVE-2017-10790 at NVDCVE-2017-7869 at SUSECVE-2017-7869 at NVDCVE-2018-10844 at SUSECVE-2018-10844 at NVDCVE-2018-10845 at SUSECVE-2018-10845 at NVDCVE-2018-10846 at SUSECVE-2018-10846 at NVDCVE-2019-3829 at SUSECVE-2019-3829 at NVDCVE-2019-3836 at SUSECVE-2019-3836 at NVDCVE-2020-13777 at SUSECVE-2020-13777 at NVDCVE-2021-20231 at SUSECVE-2021-20231 at NVDCVE-2021-20232 at SUSECVE-2021-20232 at NVDCVE-2022-2509 at SUSECVE-2022-2509 at NVDCVE-2023-0361 at SUSECVE-2023-0361 at NVDCVE-2023-5981 at SUSECVE-2023-5981 at NVDCVE-2024-0553 at SUSECVE-2024-0553 at NVDCVE-2024-0567 at SUSECVE-2024-0567 at NVDCVE-2024-28834 at SUSECVE-2024-28834 at NVDCVE-2024-28835 at SUSECVE-2024-28835 at NVDcpe:/o:suse:sl-micro:6.1gpg2-2.4.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the gpg2-2.4.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-0455 at SUSECVE-2006-0455 at NVDCVE-2006-3746 at SUSECVE-2006-3746 at NVDCVE-2006-6169 at SUSECVE-2006-6169 at NVDCVE-2008-1530 at SUSECVE-2008-1530 at NVDCVE-2010-2547 at SUSECVE-2010-2547 at NVDCVE-2013-4351 at SUSECVE-2013-4351 at NVDCVE-2013-4402 at SUSECVE-2013-4402 at NVDCVE-2014-4617 at SUSECVE-2014-4617 at NVDCVE-2018-12020 at SUSECVE-2018-12020 at NVDCVE-2018-9234 at SUSECVE-2018-9234 at NVDCVE-2019-14855 at SUSECVE-2019-14855 at NVDCVE-2020-25125 at SUSECVE-2020-25125 at NVDCVE-2022-34903 at SUSECVE-2022-34903 at NVDcpe:/o:suse:sl-micro:6.1gptfdisk-1.0.9-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the gptfdisk-1.0.9-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-0256 at SUSECVE-2020-0256 at NVDCVE-2021-0308 at SUSECVE-2021-0308 at NVDcpe:/o:suse:sl-micro:6.1grep-3.11-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the grep-3.11-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-1345 at SUSECVE-2015-1345 at NVDcpe:/o:suse:sl-micro:6.1groff-1.23.0-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the groff-1.23.0-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-5044 at SUSECVE-2009-5044 at NVDCVE-2009-5080 at SUSECVE-2009-5080 at NVDCVE-2009-5081 at SUSECVE-2009-5081 at NVDcpe:/o:suse:sl-micro:6.1grub2-2.12-slfo.1.1_1.17 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the grub2-2.12-slfo.1.1_1.17 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-8370 at SUSECVE-2015-8370 at NVDCVE-2020-10713 at SUSECVE-2020-10713 at NVDCVE-2020-14308 at SUSECVE-2020-14308 at NVDCVE-2020-14309 at SUSECVE-2020-14309 at NVDCVE-2020-14310 at SUSECVE-2020-14310 at NVDCVE-2020-14311 at SUSECVE-2020-14311 at NVDCVE-2020-14372 at SUSECVE-2020-14372 at NVDCVE-2020-15705 at SUSECVE-2020-15705 at NVDCVE-2020-15706 at SUSECVE-2020-15706 at NVDCVE-2020-15707 at SUSECVE-2020-15707 at NVDCVE-2020-25632 at SUSECVE-2020-25632 at NVDCVE-2020-25647 at SUSECVE-2020-25647 at NVDCVE-2020-27749 at SUSECVE-2020-27749 at NVDCVE-2020-27779 at SUSECVE-2020-27779 at NVDCVE-2021-20225 at SUSECVE-2021-20225 at NVDCVE-2021-20233 at SUSECVE-2021-20233 at NVDCVE-2021-3695 at SUSECVE-2021-3695 at NVDCVE-2021-3696 at SUSECVE-2021-3696 at NVDCVE-2021-3697 at SUSECVE-2021-3697 at NVDCVE-2021-3981 at SUSECVE-2021-3981 at NVDCVE-2021-46705 at SUSECVE-2021-46705 at NVDCVE-2022-2601 at SUSECVE-2022-2601 at NVDCVE-2022-28733 at SUSECVE-2022-28733 at NVDCVE-2022-28734 at SUSECVE-2022-28734 at NVDCVE-2022-28735 at SUSECVE-2022-28735 at NVDCVE-2022-28736 at SUSECVE-2022-28736 at NVDCVE-2022-3775 at SUSECVE-2022-3775 at NVDCVE-2023-4692 at SUSECVE-2023-4692 at NVDCVE-2023-4693 at SUSECVE-2023-4693 at NVDcpe:/o:suse:sl-micro:6.1gstreamer-1.24.7-slfo.1.1_1.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the gstreamer-1.24.7-slfo.1.1_1.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-10198 at SUSECVE-2016-10198 at NVDCVE-2016-10199 at SUSECVE-2016-10199 at NVDCVE-2017-5837 at SUSECVE-2017-5837 at NVDCVE-2017-5838 at SUSECVE-2017-5838 at NVDCVE-2017-5839 at SUSECVE-2017-5839 at NVDCVE-2017-5840 at SUSECVE-2017-5840 at NVDCVE-2017-5841 at SUSECVE-2017-5841 at NVDCVE-2017-5842 at SUSECVE-2017-5842 at NVDCVE-2017-5843 at SUSECVE-2017-5843 at NVDCVE-2017-5844 at SUSECVE-2017-5844 at NVDCVE-2017-5845 at SUSECVE-2017-5845 at NVDCVE-2017-5846 at SUSECVE-2017-5846 at NVDCVE-2017-5847 at SUSECVE-2017-5847 at NVDCVE-2017-5848 at SUSECVE-2017-5848 at NVDCVE-2021-3185 at SUSECVE-2021-3185 at NVDcpe:/o:suse:sl-micro:6.1gstreamer-plugins-base-1.24.7-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the gstreamer-plugins-base-1.24.7-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-9928 at SUSECVE-2019-9928 at NVDCVE-2021-3185 at SUSECVE-2021-3185 at NVDCVE-2023-37327 at SUSECVE-2023-37327 at NVDCVE-2023-37328 at SUSECVE-2023-37328 at NVDCVE-2024-4453 at SUSECVE-2024-4453 at NVDcpe:/o:suse:sl-micro:6.1gtk3-data-3.24.43-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the gtk3-data-3.24.43-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2024-6655 at SUSECVE-2024-6655 at NVDcpe:/o:suse:sl-micro:6.1guestfs-tools-1.52.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the guestfs-tools-1.52.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-2211 at SUSECVE-2022-2211 at NVDcpe:/o:suse:sl-micro:6.1gzip-1.13-slfo.1.1_2.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the gzip-1.13-slfo.1.1_2.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-2624 at SUSECVE-2009-2624 at NVDCVE-2010-0001 at SUSECVE-2010-0001 at NVDCVE-2022-1271 at SUSECVE-2022-1271 at NVDcpe:/o:suse:sl-micro:6.1haproxy-2.8.3+git0.86e043add-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the haproxy-2.8.3+git0.86e043add-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-2391 at SUSECVE-2012-2391 at NVDCVE-2013-1912 at SUSECVE-2013-1912 at NVDCVE-2013-2175 at SUSECVE-2013-2175 at NVDCVE-2014-6269 at SUSECVE-2014-6269 at NVDCVE-2015-3281 at SUSECVE-2015-3281 at NVDCVE-2018-11469 at SUSECVE-2018-11469 at NVDCVE-2018-14645 at SUSECVE-2018-14645 at NVDCVE-2018-20102 at SUSECVE-2018-20102 at NVDCVE-2018-20103 at SUSECVE-2018-20103 at NVDCVE-2018-20615 at SUSECVE-2018-20615 at NVDCVE-2019-14241 at SUSECVE-2019-14241 at NVDCVE-2019-18277 at SUSECVE-2019-18277 at NVDCVE-2020-11100 at SUSECVE-2020-11100 at NVDCVE-2021-39240 at SUSECVE-2021-39240 at NVDCVE-2021-39241 at SUSECVE-2021-39241 at NVDCVE-2021-39242 at SUSECVE-2021-39242 at NVDCVE-2021-40346 at SUSECVE-2021-40346 at NVDCVE-2022-0711 at SUSECVE-2022-0711 at NVDCVE-2023-25725 at SUSECVE-2023-25725 at NVDCVE-2023-40225 at SUSECVE-2023-40225 at NVDcpe:/o:suse:sl-micro:6.1hyper-v-8-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the hyper-v-8-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-2669 at SUSECVE-2012-2669 at NVDCVE-2012-5532 at SUSECVE-2012-5532 at NVDcpe:/o:suse:sl-micro:6.1ipmitool-1.8.19.13.gbe11d94-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the ipmitool-1.8.19.13.gbe11d94-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-5208 at SUSECVE-2020-5208 at NVDcpe:/o:suse:sl-micro:6.1iputils-20221126-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the iputils-20221126-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2010-2529 at SUSECVE-2010-2529 at NVDcpe:/o:suse:sl-micro:6.1iscsiuio-0.7.8.8-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the iscsiuio-0.7.8.8-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-13987 at SUSECVE-2020-13987 at NVDCVE-2020-13988 at SUSECVE-2020-13988 at NVDCVE-2020-17437 at SUSECVE-2020-17437 at NVDCVE-2020-17438 at SUSECVE-2020-17438 at NVDcpe:/o:suse:sl-micro:6.1jq-1.7.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the jq-1.7.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-8863 at SUSECVE-2015-8863 at NVDCVE-2016-4074 at SUSECVE-2016-4074 at NVDCVE-2023-50246 at SUSECVE-2023-50246 at NVDCVE-2023-50268 at SUSECVE-2023-50268 at NVDcpe:/o:suse:sl-micro:6.1kbd-2.6.4-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the kbd-2.6.4-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2011-0460 at SUSECVE-2011-0460 at NVDcpe:/o:suse:sl-micro:6.1kdump-2.0.1-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the kdump-2.0.1-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-5759 at SUSECVE-2016-5759 at NVDcpe:/o:suse:sl-micro:6.1keepalived-2.2.8-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the keepalived-2.2.8-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-19044 at SUSECVE-2018-19044 at NVDCVE-2018-19045 at SUSECVE-2018-19045 at NVDCVE-2018-19046 at SUSECVE-2018-19046 at NVDCVE-2021-44225 at SUSECVE-2021-44225 at NVDCVE-2024-41184 at SUSECVE-2024-41184 at NVDcpe:/o:suse:sl-micro:6.1kernel-default-6.4.0-19.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the kernel-default-6.4.0-19.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-3695 at SUSECVE-2016-3695 at NVDCVE-2020-26555 at SUSECVE-2020-26555 at NVDCVE-2021-47432 at SUSECVE-2021-47432 at NVDCVE-2022-40982 at SUSECVE-2022-40982 at NVDCVE-2022-48628 at SUSECVE-2022-48628 at NVDCVE-2022-48669 at SUSECVE-2022-48669 at NVDCVE-2022-48772 at SUSECVE-2022-48772 at NVDCVE-2023-0160 at SUSECVE-2023-0160 at NVDCVE-2023-1192 at SUSECVE-2023-1192 at NVDCVE-2023-1206 at SUSECVE-2023-1206 at NVDCVE-2023-20569 at SUSECVE-2023-20569 at NVDCVE-2023-20593 at SUSECVE-2023-20593 at NVDCVE-2023-25775 at SUSECVE-2023-25775 at NVDCVE-2023-28746 at SUSECVE-2023-28746 at NVDCVE-2023-31085 at SUSECVE-2023-31085 at NVDCVE-2023-31248 at SUSECVE-2023-31248 at NVDCVE-2023-3269 at SUSECVE-2023-3269 at NVDCVE-2023-34319 at SUSECVE-2023-34319 at NVDCVE-2023-35001 at SUSECVE-2023-35001 at NVDCVE-2023-35827 at SUSECVE-2023-35827 at NVDCVE-2023-3611 at SUSECVE-2023-3611 at NVDCVE-2023-37453 at SUSECVE-2023-37453 at NVDCVE-2023-3772 at SUSECVE-2023-3772 at NVDCVE-2023-3773 at SUSECVE-2023-3773 at NVDCVE-2023-3776 at SUSECVE-2023-3776 at NVDCVE-2023-38417 at SUSECVE-2023-38417 at NVDCVE-2023-3863 at SUSECVE-2023-3863 at NVDCVE-2023-39189 at SUSECVE-2023-39189 at NVDCVE-2023-39192 at SUSECVE-2023-39192 at NVDCVE-2023-39193 at SUSECVE-2023-39193 at NVDCVE-2023-39197 at SUSECVE-2023-39197 at NVDCVE-2023-39198 at SUSECVE-2023-39198 at NVDCVE-2023-4004 at SUSECVE-2023-4004 at NVDCVE-2023-40283 at SUSECVE-2023-40283 at NVDCVE-2023-4128 at SUSECVE-2023-4128 at NVDCVE-2023-4134 at SUSECVE-2023-4134 at NVDCVE-2023-4147 at SUSECVE-2023-4147 at NVDCVE-2023-4155 at SUSECVE-2023-4155 at NVDCVE-2023-4194 at SUSECVE-2023-4194 at NVDCVE-2023-4244 at SUSECVE-2023-4244 at NVDCVE-2023-4273 at SUSECVE-2023-4273 at NVDCVE-2023-42752 at SUSECVE-2023-42752 at NVDCVE-2023-42753 at SUSECVE-2023-42753 at NVDCVE-2023-42754 at SUSECVE-2023-42754 at NVDCVE-2023-42756 at SUSECVE-2023-42756 at NVDCVE-2023-4563 at SUSECVE-2023-4563 at NVDCVE-2023-45871 at SUSECVE-2023-45871 at NVDCVE-2023-4611 at SUSECVE-2023-4611 at NVDCVE-2023-4622 at SUSECVE-2023-4622 at NVDCVE-2023-4623 at SUSECVE-2023-4623 at NVDCVE-2023-46813 at SUSECVE-2023-46813 at NVDCVE-2023-46838 at SUSECVE-2023-46838 at NVDCVE-2023-46862 at SUSECVE-2023-46862 at NVDCVE-2023-47210 at SUSECVE-2023-47210 at NVDCVE-2023-47233 at SUSECVE-2023-47233 at NVDCVE-2023-4881 at SUSECVE-2023-4881 at NVDCVE-2023-4921 at SUSECVE-2023-4921 at NVDCVE-2023-50431 at SUSECVE-2023-50431 at NVDCVE-2023-51042 at SUSECVE-2023-51042 at NVDCVE-2023-51043 at SUSECVE-2023-51043 at NVDCVE-2023-5158 at SUSECVE-2023-5158 at NVDCVE-2023-51779 at SUSECVE-2023-51779 at NVDCVE-2023-5178 at SUSECVE-2023-5178 at NVDCVE-2023-51780 at SUSECVE-2023-51780 at NVDCVE-2023-51782 at SUSECVE-2023-51782 at NVDCVE-2023-5197 at SUSECVE-2023-5197 at NVDCVE-2023-52429 at SUSECVE-2023-52429 at NVDCVE-2023-52433 at SUSECVE-2023-52433 at NVDCVE-2023-52434 at SUSECVE-2023-52434 at NVDCVE-2023-52435 at SUSECVE-2023-52435 at NVDCVE-2023-52437 at SUSECVE-2023-52437 at NVDCVE-2023-52439 at SUSECVE-2023-52439 at NVDCVE-2023-52440 at SUSECVE-2023-52440 at NVDCVE-2023-52443 at SUSECVE-2023-52443 at NVDCVE-2023-52445 at SUSECVE-2023-52445 at NVDCVE-2023-52446 at SUSECVE-2023-52446 at NVDCVE-2023-52447 at SUSECVE-2023-52447 at NVDCVE-2023-52448 at SUSECVE-2023-52448 at NVDCVE-2023-52449 at SUSECVE-2023-52449 at NVDCVE-2023-52450 at SUSECVE-2023-52450 at NVDCVE-2023-52451 at SUSECVE-2023-52451 at NVDCVE-2023-52452 at SUSECVE-2023-52452 at NVDCVE-2023-52453 at SUSECVE-2023-52453 at NVDCVE-2023-52454 at SUSECVE-2023-52454 at NVDCVE-2023-52455 at SUSECVE-2023-52455 at NVDCVE-2023-52456 at SUSECVE-2023-52456 at NVDCVE-2023-52457 at SUSECVE-2023-52457 at NVDCVE-2023-52458 at SUSECVE-2023-52458 at NVDCVE-2023-52460 at SUSECVE-2023-52460 at NVDCVE-2023-52461 at SUSECVE-2023-52461 at NVDCVE-2023-52462 at SUSECVE-2023-52462 at NVDCVE-2023-52463 at SUSECVE-2023-52463 at NVDCVE-2023-52464 at SUSECVE-2023-52464 at NVDCVE-2023-52467 at SUSECVE-2023-52467 at NVDCVE-2023-52468 at SUSECVE-2023-52468 at NVDCVE-2023-52469 at SUSECVE-2023-52469 at NVDCVE-2023-52470 at SUSECVE-2023-52470 at NVDCVE-2023-52471 at SUSECVE-2023-52471 at NVDCVE-2023-52472 at SUSECVE-2023-52472 at NVDCVE-2023-52473 at SUSECVE-2023-52473 at NVDCVE-2023-52475 at SUSECVE-2023-52475 at NVDCVE-2023-52476 at SUSECVE-2023-52476 at NVDCVE-2023-52477 at SUSECVE-2023-52477 at NVDCVE-2023-52478 at SUSECVE-2023-52478 at NVDCVE-2023-52481 at SUSECVE-2023-52481 at NVDCVE-2023-52482 at SUSECVE-2023-52482 at NVDCVE-2023-52483 at SUSECVE-2023-52483 at NVDCVE-2023-52484 at SUSECVE-2023-52484 at NVDCVE-2023-52485 at SUSECVE-2023-52485 at NVDCVE-2023-52486 at SUSECVE-2023-52486 at NVDCVE-2023-52487 at SUSECVE-2023-52487 at NVDCVE-2023-52488 at SUSECVE-2023-52488 at NVDCVE-2023-52489 at SUSECVE-2023-52489 at NVDCVE-2023-52490 at SUSECVE-2023-52490 at NVDCVE-2023-52491 at SUSECVE-2023-52491 at NVDCVE-2023-52492 at SUSECVE-2023-52492 at NVDCVE-2023-52493 at SUSECVE-2023-52493 at NVDCVE-2023-52494 at SUSECVE-2023-52494 at NVDCVE-2023-52495 at SUSECVE-2023-52495 at NVDCVE-2023-52497 at SUSECVE-2023-52497 at NVDCVE-2023-52498 at SUSECVE-2023-52498 at NVDCVE-2023-52500 at SUSECVE-2023-52500 at NVDCVE-2023-52501 at SUSECVE-2023-52501 at NVDCVE-2023-52502 at SUSECVE-2023-52502 at NVDCVE-2023-52503 at SUSECVE-2023-52503 at NVDCVE-2023-52504 at SUSECVE-2023-52504 at NVDCVE-2023-52505 at SUSECVE-2023-52505 at NVDCVE-2023-52507 at SUSECVE-2023-52507 at NVDCVE-2023-52508 at SUSECVE-2023-52508 at NVDCVE-2023-52509 at SUSECVE-2023-52509 at NVDCVE-2023-52510 at SUSECVE-2023-52510 at NVDCVE-2023-52511 at SUSECVE-2023-52511 at NVDCVE-2023-52512 at SUSECVE-2023-52512 at NVDCVE-2023-52513 at SUSECVE-2023-52513 at NVDCVE-2023-52515 at SUSECVE-2023-52515 at NVDCVE-2023-52517 at SUSECVE-2023-52517 at NVDCVE-2023-52518 at SUSECVE-2023-52518 at NVDCVE-2023-52519 at SUSECVE-2023-52519 at NVDCVE-2023-52520 at SUSECVE-2023-52520 at NVDCVE-2023-52522 at SUSECVE-2023-52522 at NVDCVE-2023-52523 at SUSECVE-2023-52523 at NVDCVE-2023-52524 at SUSECVE-2023-52524 at NVDCVE-2023-52525 at SUSECVE-2023-52525 at NVDCVE-2023-52526 at SUSECVE-2023-52526 at NVDCVE-2023-52527 at SUSECVE-2023-52527 at NVDCVE-2023-52528 at SUSECVE-2023-52528 at NVDCVE-2023-52529 at SUSECVE-2023-52529 at NVDCVE-2023-52530 at SUSECVE-2023-52530 at NVDCVE-2023-52531 at SUSECVE-2023-52531 at NVDCVE-2023-52532 at SUSECVE-2023-52532 at NVDCVE-2023-52559 at SUSECVE-2023-52559 at NVDCVE-2023-52561 at SUSECVE-2023-52561 at NVDCVE-2023-52562 at SUSECVE-2023-52562 at NVDCVE-2023-52563 at SUSECVE-2023-52563 at NVDCVE-2023-52564 at SUSECVE-2023-52564 at NVDCVE-2023-52565 at SUSECVE-2023-52565 at NVDCVE-2023-52566 at SUSECVE-2023-52566 at NVDCVE-2023-52567 at SUSECVE-2023-52567 at NVDCVE-2023-52568 at SUSECVE-2023-52568 at NVDCVE-2023-52569 at SUSECVE-2023-52569 at NVDCVE-2023-52570 at SUSECVE-2023-52570 at NVDCVE-2023-52571 at SUSECVE-2023-52571 at NVDCVE-2023-52572 at SUSECVE-2023-52572 at NVDCVE-2023-52573 at SUSECVE-2023-52573 at NVDCVE-2023-52574 at SUSECVE-2023-52574 at NVDCVE-2023-52575 at SUSECVE-2023-52575 at NVDCVE-2023-52576 at SUSECVE-2023-52576 at NVDCVE-2023-52577 at SUSECVE-2023-52577 at NVDCVE-2023-52578 at SUSECVE-2023-52578 at NVDCVE-2023-52580 at SUSECVE-2023-52580 at NVDCVE-2023-52581 at SUSECVE-2023-52581 at NVDCVE-2023-52582 at SUSECVE-2023-52582 at NVDCVE-2023-52583 at SUSECVE-2023-52583 at NVDCVE-2023-52584 at SUSECVE-2023-52584 at NVDCVE-2023-52585 at SUSECVE-2023-52585 at NVDCVE-2023-52586 at SUSECVE-2023-52586 at NVDCVE-2023-52587 at SUSECVE-2023-52587 at NVDCVE-2023-52589 at SUSECVE-2023-52589 at NVDCVE-2023-52590 at SUSECVE-2023-52590 at NVDCVE-2023-52591 at SUSECVE-2023-52591 at NVDCVE-2023-52593 at SUSECVE-2023-52593 at NVDCVE-2023-52594 at SUSECVE-2023-52594 at NVDCVE-2023-52595 at SUSECVE-2023-52595 at NVDCVE-2023-52597 at SUSECVE-2023-52597 at NVDCVE-2023-52598 at SUSECVE-2023-52598 at NVDCVE-2023-52599 at SUSECVE-2023-52599 at NVDCVE-2023-52600 at SUSECVE-2023-52600 at NVDCVE-2023-52601 at SUSECVE-2023-52601 at NVDCVE-2023-52602 at SUSECVE-2023-52602 at NVDCVE-2023-52603 at SUSECVE-2023-52603 at NVDCVE-2023-52604 at SUSECVE-2023-52604 at NVDCVE-2023-52606 at SUSECVE-2023-52606 at NVDCVE-2023-52607 at SUSECVE-2023-52607 at NVDCVE-2023-52608 at SUSECVE-2023-52608 at NVDCVE-2023-52611 at SUSECVE-2023-52611 at NVDCVE-2023-52612 at SUSECVE-2023-52612 at NVDCVE-2023-52614 at SUSECVE-2023-52614 at NVDCVE-2023-52615 at SUSECVE-2023-52615 at NVDCVE-2023-52616 at SUSECVE-2023-52616 at NVDCVE-2023-52617 at SUSECVE-2023-52617 at NVDCVE-2023-52618 at SUSECVE-2023-52618 at NVDCVE-2023-52619 at SUSECVE-2023-52619 at NVDCVE-2023-52621 at SUSECVE-2023-52621 at NVDCVE-2023-52622 at SUSECVE-2023-52622 at NVDCVE-2023-52623 at SUSECVE-2023-52623 at NVDCVE-2023-52624 at SUSECVE-2023-52624 at NVDCVE-2023-52625 at SUSECVE-2023-52625 at NVDCVE-2023-52626 at SUSECVE-2023-52626 at NVDCVE-2023-52627 at SUSECVE-2023-52627 at NVDCVE-2023-52628 at SUSECVE-2023-52628 at NVDCVE-2023-52631 at SUSECVE-2023-52631 at NVDCVE-2023-52632 at SUSECVE-2023-52632 at NVDCVE-2023-52634 at SUSECVE-2023-52634 at NVDCVE-2023-52635 at SUSECVE-2023-52635 at NVDCVE-2023-52636 at SUSECVE-2023-52636 at NVDCVE-2023-52637 at SUSECVE-2023-52637 at NVDCVE-2023-52638 at SUSECVE-2023-52638 at NVDCVE-2023-52639 at SUSECVE-2023-52639 at NVDCVE-2023-52640 at SUSECVE-2023-52640 at NVDCVE-2023-52641 at SUSECVE-2023-52641 at NVDCVE-2023-52642 at SUSECVE-2023-52642 at NVDCVE-2023-52643 at SUSECVE-2023-52643 at NVDCVE-2023-52644 at SUSECVE-2023-52644 at NVDCVE-2023-52645 at SUSECVE-2023-52645 at NVDCVE-2023-52647 at SUSECVE-2023-52647 at NVDCVE-2023-52648 at SUSECVE-2023-52648 at NVDCVE-2023-52649 at SUSECVE-2023-52649 at NVDCVE-2023-52650 at SUSECVE-2023-52650 at NVDCVE-2023-52652 at SUSECVE-2023-52652 at NVDCVE-2023-52653 at SUSECVE-2023-52653 at NVDCVE-2023-52654 at SUSECVE-2023-52654 at NVDCVE-2023-52655 at SUSECVE-2023-52655 at NVDCVE-2023-52656 at SUSECVE-2023-52656 at NVDCVE-2023-52657 at SUSECVE-2023-52657 at NVDCVE-2023-52658 at SUSECVE-2023-52658 at NVDCVE-2023-52659 at SUSECVE-2023-52659 at NVDCVE-2023-52660 at SUSECVE-2023-52660 at NVDCVE-2023-52661 at SUSECVE-2023-52661 at NVDCVE-2023-52662 at SUSECVE-2023-52662 at NVDCVE-2023-52663 at SUSECVE-2023-52663 at NVDCVE-2023-52664 at SUSECVE-2023-52664 at NVDCVE-2023-52667 at SUSECVE-2023-52667 at NVDCVE-2023-52668 at SUSECVE-2023-52668 at NVDCVE-2023-52669 at SUSECVE-2023-52669 at NVDCVE-2023-52670 at SUSECVE-2023-52670 at NVDCVE-2023-52671 at SUSECVE-2023-52671 at NVDCVE-2023-52672 at SUSECVE-2023-52672 at NVDCVE-2023-52673 at SUSECVE-2023-52673 at NVDCVE-2023-52674 at SUSECVE-2023-52674 at NVDCVE-2023-52675 at SUSECVE-2023-52675 at NVDCVE-2023-52676 at SUSECVE-2023-52676 at NVDCVE-2023-52678 at SUSECVE-2023-52678 at NVDCVE-2023-52679 at SUSECVE-2023-52679 at NVDCVE-2023-52680 at SUSECVE-2023-52680 at NVDCVE-2023-52681 at SUSECVE-2023-52681 at NVDCVE-2023-52683 at SUSECVE-2023-52683 at NVDCVE-2023-52685 at SUSECVE-2023-52685 at NVDCVE-2023-52686 at SUSECVE-2023-52686 at NVDCVE-2023-52687 at SUSECVE-2023-52687 at NVDCVE-2023-52688 at SUSECVE-2023-52688 at NVDCVE-2023-52690 at SUSECVE-2023-52690 at NVDCVE-2023-52691 at SUSECVE-2023-52691 at NVDCVE-2023-52692 at SUSECVE-2023-52692 at NVDCVE-2023-52693 at SUSECVE-2023-52693 at NVDCVE-2023-52694 at SUSECVE-2023-52694 at NVDCVE-2023-52695 at SUSECVE-2023-52695 at NVDCVE-2023-52696 at SUSECVE-2023-52696 at NVDCVE-2023-52697 at SUSECVE-2023-52697 at NVDCVE-2023-52698 at SUSECVE-2023-52698 at NVDCVE-2023-52699 at SUSECVE-2023-52699 at NVDCVE-2023-52735 at SUSECVE-2023-52735 at NVDCVE-2023-52749 at SUSECVE-2023-52749 at NVDCVE-2023-52750 at SUSECVE-2023-52750 at NVDCVE-2023-52751 at SUSECVE-2023-52751 at NVDCVE-2023-52753 at SUSECVE-2023-52753 at NVDCVE-2023-52754 at SUSECVE-2023-52754 at NVDCVE-2023-52757 at SUSECVE-2023-52757 at NVDCVE-2023-52759 at SUSECVE-2023-52759 at NVDCVE-2023-52762 at SUSECVE-2023-52762 at NVDCVE-2023-52763 at SUSECVE-2023-52763 at NVDCVE-2023-52764 at SUSECVE-2023-52764 at NVDCVE-2023-52765 at SUSECVE-2023-52765 at NVDCVE-2023-52766 at SUSECVE-2023-52766 at NVDCVE-2023-52767 at SUSECVE-2023-52767 at NVDCVE-2023-52768 at SUSECVE-2023-52768 at NVDCVE-2023-52769 at SUSECVE-2023-52769 at NVDCVE-2023-52771 at SUSECVE-2023-52771 at NVDCVE-2023-52772 at SUSECVE-2023-52772 at NVDCVE-2023-52773 at SUSECVE-2023-52773 at NVDCVE-2023-52774 at SUSECVE-2023-52774 at NVDCVE-2023-52775 at SUSECVE-2023-52775 at NVDCVE-2023-52776 at SUSECVE-2023-52776 at NVDCVE-2023-52777 at SUSECVE-2023-52777 at NVDCVE-2023-52780 at SUSECVE-2023-52780 at NVDCVE-2023-52781 at SUSECVE-2023-52781 at NVDCVE-2023-52782 at SUSECVE-2023-52782 at NVDCVE-2023-52783 at SUSECVE-2023-52783 at NVDCVE-2023-52784 at SUSECVE-2023-52784 at NVDCVE-2023-52786 at SUSECVE-2023-52786 at NVDCVE-2023-52787 at SUSECVE-2023-52787 at NVDCVE-2023-52788 at SUSECVE-2023-52788 at NVDCVE-2023-52789 at SUSECVE-2023-52789 at NVDCVE-2023-52791 at SUSECVE-2023-52791 at NVDCVE-2023-52792 at SUSECVE-2023-52792 at NVDCVE-2023-52794 at SUSECVE-2023-52794 at NVDCVE-2023-52795 at SUSECVE-2023-52795 at NVDCVE-2023-52796 at SUSECVE-2023-52796 at NVDCVE-2023-52798 at SUSECVE-2023-52798 at NVDCVE-2023-52799 at SUSECVE-2023-52799 at NVDCVE-2023-52800 at SUSECVE-2023-52800 at NVDCVE-2023-52801 at SUSECVE-2023-52801 at NVDCVE-2023-52803 at SUSECVE-2023-52803 at NVDCVE-2023-52804 at SUSECVE-2023-52804 at NVDCVE-2023-52805 at SUSECVE-2023-52805 at NVDCVE-2023-52806 at SUSECVE-2023-52806 at NVDCVE-2023-52807 at SUSECVE-2023-52807 at NVDCVE-2023-52808 at SUSECVE-2023-52808 at NVDCVE-2023-52809 at SUSECVE-2023-52809 at NVDCVE-2023-52810 at SUSECVE-2023-52810 at NVDCVE-2023-52811 at SUSECVE-2023-52811 at NVDCVE-2023-52812 at SUSECVE-2023-52812 at NVDCVE-2023-52813 at SUSECVE-2023-52813 at NVDCVE-2023-52814 at SUSECVE-2023-52814 at NVDCVE-2023-52815 at SUSECVE-2023-52815 at NVDCVE-2023-52816 at SUSECVE-2023-52816 at NVDCVE-2023-52817 at SUSECVE-2023-52817 at NVDCVE-2023-52818 at SUSECVE-2023-52818 at NVDCVE-2023-52819 at SUSECVE-2023-52819 at NVDCVE-2023-52821 at SUSECVE-2023-52821 at NVDCVE-2023-52825 at SUSECVE-2023-52825 at NVDCVE-2023-52826 at SUSECVE-2023-52826 at NVDCVE-2023-52827 at SUSECVE-2023-52827 at NVDCVE-2023-52829 at SUSECVE-2023-52829 at NVDCVE-2023-52832 at SUSECVE-2023-52832 at NVDCVE-2023-52833 at SUSECVE-2023-52833 at NVDCVE-2023-52834 at SUSECVE-2023-52834 at NVDCVE-2023-52835 at SUSECVE-2023-52835 at NVDCVE-2023-52836 at SUSECVE-2023-52836 at NVDCVE-2023-52837 at SUSECVE-2023-52837 at NVDCVE-2023-52838 at SUSECVE-2023-52838 at NVDCVE-2023-52840 at SUSECVE-2023-52840 at NVDCVE-2023-52841 at SUSECVE-2023-52841 at NVDCVE-2023-52842 at SUSECVE-2023-52842 at NVDCVE-2023-52843 at SUSECVE-2023-52843 at NVDCVE-2023-52844 at SUSECVE-2023-52844 at NVDCVE-2023-52845 at SUSECVE-2023-52845 at NVDCVE-2023-52846 at SUSECVE-2023-52846 at NVDCVE-2023-52847 at SUSECVE-2023-52847 at NVDCVE-2023-52849 at SUSECVE-2023-52849 at NVDCVE-2023-52850 at SUSECVE-2023-52850 at NVDCVE-2023-52851 at SUSECVE-2023-52851 at NVDCVE-2023-52853 at SUSECVE-2023-52853 at NVDCVE-2023-52854 at SUSECVE-2023-52854 at NVDCVE-2023-52855 at SUSECVE-2023-52855 at NVDCVE-2023-52856 at SUSECVE-2023-52856 at NVDCVE-2023-52857 at SUSECVE-2023-52857 at NVDCVE-2023-52858 at SUSECVE-2023-52858 at NVDCVE-2023-52859 at SUSECVE-2023-52859 at NVDCVE-2023-52860 at SUSECVE-2023-52860 at NVDCVE-2023-52861 at SUSECVE-2023-52861 at NVDCVE-2023-52862 at SUSECVE-2023-52862 at NVDCVE-2023-52863 at SUSECVE-2023-52863 at NVDCVE-2023-52864 at SUSECVE-2023-52864 at NVDCVE-2023-52865 at SUSECVE-2023-52865 at NVDCVE-2023-52866 at SUSECVE-2023-52866 at NVDCVE-2023-52867 at SUSECVE-2023-52867 at NVDCVE-2023-52868 at SUSECVE-2023-52868 at NVDCVE-2023-52869 at SUSECVE-2023-52869 at NVDCVE-2023-52870 at SUSECVE-2023-52870 at NVDCVE-2023-52871 at SUSECVE-2023-52871 at NVDCVE-2023-52872 at SUSECVE-2023-52872 at NVDCVE-2023-52873 at SUSECVE-2023-52873 at NVDCVE-2023-52874 at SUSECVE-2023-52874 at NVDCVE-2023-52875 at SUSECVE-2023-52875 at NVDCVE-2023-52876 at SUSECVE-2023-52876 at NVDCVE-2023-52877 at SUSECVE-2023-52877 at NVDCVE-2023-52878 at SUSECVE-2023-52878 at NVDCVE-2023-52879 at SUSECVE-2023-52879 at NVDCVE-2023-52880 at SUSECVE-2023-52880 at NVDCVE-2023-52881 at SUSECVE-2023-52881 at NVDCVE-2023-52882 at SUSECVE-2023-52882 at NVDCVE-2023-52883 at SUSECVE-2023-52883 at NVDCVE-2023-52884 at SUSECVE-2023-52884 at NVDCVE-2023-52885 at SUSECVE-2023-52885 at NVDCVE-2023-52886 at SUSECVE-2023-52886 at NVDCVE-2023-52887 at SUSECVE-2023-52887 at NVDCVE-2023-52889 at SUSECVE-2023-52889 at NVDCVE-2023-5345 at SUSECVE-2023-5345 at NVDCVE-2023-5633 at SUSECVE-2023-5633 at NVDCVE-2023-5717 at SUSECVE-2023-5717 at NVDCVE-2023-5972 at SUSECVE-2023-5972 at NVDCVE-2023-6039 at SUSECVE-2023-6039 at NVDCVE-2023-6121 at SUSECVE-2023-6121 at NVDCVE-2023-6238 at SUSECVE-2023-6238 at NVDCVE-2023-6270 at SUSECVE-2023-6270 at NVDCVE-2023-6356 at SUSECVE-2023-6356 at NVDCVE-2023-6531 at SUSECVE-2023-6531 at NVDCVE-2023-6535 at SUSECVE-2023-6535 at NVDCVE-2023-6536 at SUSECVE-2023-6536 at NVDCVE-2023-6546 at SUSECVE-2023-6546 at NVDCVE-2023-6606 at SUSECVE-2023-6606 at NVDCVE-2023-6610 at SUSECVE-2023-6610 at NVDCVE-2023-6622 at SUSECVE-2023-6622 at NVDCVE-2023-6679 at SUSECVE-2023-6679 at NVDCVE-2023-6817 at SUSECVE-2023-6817 at NVDCVE-2023-6915 at SUSECVE-2023-6915 at NVDCVE-2023-6931 at SUSECVE-2023-6931 at NVDCVE-2023-6932 at SUSECVE-2023-6932 at NVDCVE-2023-7042 at SUSECVE-2023-7042 at NVDCVE-2024-0193 at SUSECVE-2024-0193 at NVDCVE-2024-0565 at SUSECVE-2024-0565 at NVDCVE-2024-0607 at SUSECVE-2024-0607 at NVDCVE-2024-0639 at SUSECVE-2024-0639 at NVDCVE-2024-0641 at SUSECVE-2024-0641 at NVDCVE-2024-0646 at SUSECVE-2024-0646 at NVDCVE-2024-0841 at SUSECVE-2024-0841 at NVDCVE-2024-1085 at SUSECVE-2024-1085 at NVDCVE-2024-1086 at SUSECVE-2024-1086 at NVDCVE-2024-1151 at SUSECVE-2024-1151 at NVDCVE-2024-1312 at SUSECVE-2024-1312 at NVDCVE-2024-21823 at SUSECVE-2024-21823 at NVDCVE-2024-22099 at SUSECVE-2024-22099 at NVDCVE-2024-23307 at SUSECVE-2024-23307 at NVDCVE-2024-23848 at SUSECVE-2024-23848 at NVDCVE-2024-23849 at SUSECVE-2024-23849 at NVDCVE-2024-23850 at SUSECVE-2024-23850 at NVDCVE-2024-23851 at SUSECVE-2024-23851 at NVDCVE-2024-24860 at SUSECVE-2024-24860 at NVDCVE-2024-24861 at SUSECVE-2024-24861 at NVDCVE-2024-25739 at SUSECVE-2024-25739 at NVDCVE-2024-25741 at SUSECVE-2024-25741 at NVDCVE-2024-25744 at SUSECVE-2024-25744 at NVDCVE-2024-26482 at SUSECVE-2024-26482 at NVDCVE-2024-26581 at SUSECVE-2024-26581 at NVDCVE-2024-26582 at SUSECVE-2024-26582 at NVDCVE-2024-26583 at SUSECVE-2024-26583 at NVDCVE-2024-26584 at SUSECVE-2024-26584 at NVDCVE-2024-26585 at SUSECVE-2024-26585 at NVDCVE-2024-26586 at SUSECVE-2024-26586 at NVDCVE-2024-26589 at SUSECVE-2024-26589 at NVDCVE-2024-26590 at SUSECVE-2024-26590 at NVDCVE-2024-26591 at SUSECVE-2024-26591 at NVDCVE-2024-26593 at SUSECVE-2024-26593 at NVDCVE-2024-26595 at SUSECVE-2024-26595 at NVDCVE-2024-26597 at SUSECVE-2024-26597 at NVDCVE-2024-26598 at SUSECVE-2024-26598 at NVDCVE-2024-26599 at SUSECVE-2024-26599 at NVDCVE-2024-26600 at SUSECVE-2024-26600 at NVDCVE-2024-26601 at SUSECVE-2024-26601 at NVDCVE-2024-26602 at SUSECVE-2024-26602 at NVDCVE-2024-26603 at SUSECVE-2024-26603 at NVDCVE-2024-26605 at SUSECVE-2024-26605 at NVDCVE-2024-26607 at SUSECVE-2024-26607 at NVDCVE-2024-26610 at SUSECVE-2024-26610 at NVDCVE-2024-26611 at SUSECVE-2024-26611 at NVDCVE-2024-26612 at SUSECVE-2024-26612 at NVDCVE-2024-26614 at SUSECVE-2024-26614 at NVDCVE-2024-26615 at SUSECVE-2024-26615 at NVDCVE-2024-26616 at SUSECVE-2024-26616 at NVDCVE-2024-26618 at SUSECVE-2024-26618 at NVDCVE-2024-26620 at SUSECVE-2024-26620 at NVDCVE-2024-26622 at SUSECVE-2024-26622 at NVDCVE-2024-26623 at SUSECVE-2024-26623 at NVDCVE-2024-26625 at SUSECVE-2024-26625 at NVDCVE-2024-26627 at SUSECVE-2024-26627 at NVDCVE-2024-26629 at SUSECVE-2024-26629 at NVDCVE-2024-26631 at SUSECVE-2024-26631 at NVDCVE-2024-26632 at SUSECVE-2024-26632 at NVDCVE-2024-26633 at SUSECVE-2024-26633 at NVDCVE-2024-26635 at SUSECVE-2024-26635 at NVDCVE-2024-26636 at SUSECVE-2024-26636 at NVDCVE-2024-26637 at SUSECVE-2024-26637 at NVDCVE-2024-26638 at SUSECVE-2024-26638 at NVDCVE-2024-26641 at SUSECVE-2024-26641 at NVDCVE-2024-26642 at SUSECVE-2024-26642 at NVDCVE-2024-26643 at SUSECVE-2024-26643 at NVDCVE-2024-26644 at SUSECVE-2024-26644 at NVDCVE-2024-26645 at SUSECVE-2024-26645 at NVDCVE-2024-26646 at SUSECVE-2024-26646 at NVDCVE-2024-26647 at SUSECVE-2024-26647 at NVDCVE-2024-26648 at SUSECVE-2024-26648 at NVDCVE-2024-26649 at SUSECVE-2024-26649 at NVDCVE-2024-26650 at SUSECVE-2024-26650 at NVDCVE-2024-26651 at SUSECVE-2024-26651 at NVDCVE-2024-26652 at SUSECVE-2024-26652 at NVDCVE-2024-26654 at SUSECVE-2024-26654 at NVDCVE-2024-26656 at SUSECVE-2024-26656 at NVDCVE-2024-26657 at SUSECVE-2024-26657 at NVDCVE-2024-26659 at SUSECVE-2024-26659 at NVDCVE-2024-26660 at SUSECVE-2024-26660 at NVDCVE-2024-26661 at SUSECVE-2024-26661 at NVDCVE-2024-26662 at SUSECVE-2024-26662 at NVDCVE-2024-26663 at SUSECVE-2024-26663 at NVDCVE-2024-26664 at SUSECVE-2024-26664 at NVDCVE-2024-26665 at SUSECVE-2024-26665 at NVDCVE-2024-26666 at SUSECVE-2024-26666 at NVDCVE-2024-26667 at SUSECVE-2024-26667 at NVDCVE-2024-26668 at SUSECVE-2024-26668 at NVDCVE-2024-26669 at SUSECVE-2024-26669 at NVDCVE-2024-26670 at SUSECVE-2024-26670 at NVDCVE-2024-26671 at SUSECVE-2024-26671 at NVDCVE-2024-26672 at SUSECVE-2024-26672 at NVDCVE-2024-26673 at SUSECVE-2024-26673 at NVDCVE-2024-26674 at SUSECVE-2024-26674 at NVDCVE-2024-26675 at SUSECVE-2024-26675 at NVDCVE-2024-26676 at SUSECVE-2024-26676 at NVDCVE-2024-26677 at SUSECVE-2024-26677 at NVDCVE-2024-26679 at SUSECVE-2024-26679 at NVDCVE-2024-26680 at SUSECVE-2024-26680 at NVDCVE-2024-26681 at SUSECVE-2024-26681 at NVDCVE-2024-26682 at SUSECVE-2024-26682 at NVDCVE-2024-26683 at SUSECVE-2024-26683 at NVDCVE-2024-26684 at SUSECVE-2024-26684 at NVDCVE-2024-26685 at SUSECVE-2024-26685 at NVDCVE-2024-26687 at SUSECVE-2024-26687 at NVDCVE-2024-26688 at SUSECVE-2024-26688 at NVDCVE-2024-26689 at SUSECVE-2024-26689 at NVDCVE-2024-26691 at SUSECVE-2024-26691 at NVDCVE-2024-26692 at SUSECVE-2024-26692 at NVDCVE-2024-26693 at SUSECVE-2024-26693 at NVDCVE-2024-26694 at SUSECVE-2024-26694 at NVDCVE-2024-26695 at SUSECVE-2024-26695 at NVDCVE-2024-26696 at SUSECVE-2024-26696 at NVDCVE-2024-26697 at SUSECVE-2024-26697 at NVDCVE-2024-26698 at SUSECVE-2024-26698 at NVDCVE-2024-26699 at SUSECVE-2024-26699 at NVDCVE-2024-26700 at SUSECVE-2024-26700 at NVDCVE-2024-26702 at SUSECVE-2024-26702 at NVDCVE-2024-26704 at SUSECVE-2024-26704 at NVDCVE-2024-26709 at SUSECVE-2024-26709 at NVDCVE-2024-26710 at SUSECVE-2024-26710 at NVDCVE-2024-26711 at SUSECVE-2024-26711 at NVDCVE-2024-26714 at SUSECVE-2024-26714 at NVDCVE-2024-26715 at SUSECVE-2024-26715 at NVDCVE-2024-26716 at SUSECVE-2024-26716 at NVDCVE-2024-26717 at SUSECVE-2024-26717 at NVDCVE-2024-26718 at SUSECVE-2024-26718 at NVDCVE-2024-26720 at SUSECVE-2024-26720 at NVDCVE-2024-26721 at SUSECVE-2024-26721 at NVDCVE-2024-26722 at SUSECVE-2024-26722 at NVDCVE-2024-26723 at SUSECVE-2024-26723 at NVDCVE-2024-26724 at SUSECVE-2024-26724 at NVDCVE-2024-26725 at SUSECVE-2024-26725 at NVDCVE-2024-26726 at SUSECVE-2024-26726 at NVDCVE-2024-26727 at SUSECVE-2024-26727 at NVDCVE-2024-26728 at SUSECVE-2024-26728 at NVDCVE-2024-26729 at SUSECVE-2024-26729 at NVDCVE-2024-26731 at SUSECVE-2024-26731 at NVDCVE-2024-26733 at SUSECVE-2024-26733 at NVDCVE-2024-26734 at SUSECVE-2024-26734 at NVDCVE-2024-26735 at SUSECVE-2024-26735 at NVDCVE-2024-26736 at SUSECVE-2024-26736 at NVDCVE-2024-26737 at SUSECVE-2024-26737 at NVDCVE-2024-26738 at SUSECVE-2024-26738 at NVDCVE-2024-26739 at SUSECVE-2024-26739 at NVDCVE-2024-26740 at SUSECVE-2024-26740 at NVDCVE-2024-26742 at SUSECVE-2024-26742 at NVDCVE-2024-26743 at SUSECVE-2024-26743 at NVDCVE-2024-26744 at SUSECVE-2024-26744 at NVDCVE-2024-26745 at SUSECVE-2024-26745 at NVDCVE-2024-26746 at SUSECVE-2024-26746 at NVDCVE-2024-26747 at SUSECVE-2024-26747 at NVDCVE-2024-26748 at SUSECVE-2024-26748 at NVDCVE-2024-26749 at SUSECVE-2024-26749 at NVDCVE-2024-26750 at SUSECVE-2024-26750 at NVDCVE-2024-26751 at SUSECVE-2024-26751 at NVDCVE-2024-26752 at SUSECVE-2024-26752 at NVDCVE-2024-26753 at SUSECVE-2024-26753 at NVDCVE-2024-26754 at SUSECVE-2024-26754 at NVDCVE-2024-26755 at SUSECVE-2024-26755 at NVDCVE-2024-26756 at SUSECVE-2024-26756 at NVDCVE-2024-26757 at SUSECVE-2024-26757 at NVDCVE-2024-26758 at SUSECVE-2024-26758 at NVDCVE-2024-26761 at SUSECVE-2024-26761 at NVDCVE-2024-26763 at SUSECVE-2024-26763 at NVDCVE-2024-26764 at SUSECVE-2024-26764 at NVDCVE-2024-26766 at SUSECVE-2024-26766 at NVDCVE-2024-26767 at SUSECVE-2024-26767 at NVDCVE-2024-26769 at SUSECVE-2024-26769 at NVDCVE-2024-26771 at SUSECVE-2024-26771 at NVDCVE-2024-26772 at SUSECVE-2024-26772 at NVDCVE-2024-26773 at SUSECVE-2024-26773 at NVDCVE-2024-26774 at SUSECVE-2024-26774 at NVDCVE-2024-26775 at SUSECVE-2024-26775 at NVDCVE-2024-26776 at SUSECVE-2024-26776 at NVDCVE-2024-26777 at SUSECVE-2024-26777 at NVDCVE-2024-26778 at SUSECVE-2024-26778 at NVDCVE-2024-26779 at SUSECVE-2024-26779 at NVDCVE-2024-26780 at SUSECVE-2024-26780 at NVDCVE-2024-26783 at SUSECVE-2024-26783 at NVDCVE-2024-26785 at SUSECVE-2024-26785 at NVDCVE-2024-26786 at SUSECVE-2024-26786 at NVDCVE-2024-26787 at SUSECVE-2024-26787 at NVDCVE-2024-26788 at SUSECVE-2024-26788 at NVDCVE-2024-26789 at SUSECVE-2024-26789 at NVDCVE-2024-26790 at SUSECVE-2024-26790 at NVDCVE-2024-26791 at SUSECVE-2024-26791 at NVDCVE-2024-26792 at SUSECVE-2024-26792 at NVDCVE-2024-26793 at SUSECVE-2024-26793 at NVDCVE-2024-26794 at SUSECVE-2024-26794 at NVDCVE-2024-26797 at SUSECVE-2024-26797 at NVDCVE-2024-26798 at SUSECVE-2024-26798 at NVDCVE-2024-26799 at SUSECVE-2024-26799 at NVDCVE-2024-26800 at SUSECVE-2024-26800 at NVDCVE-2024-26801 at SUSECVE-2024-26801 at NVDCVE-2024-26802 at SUSECVE-2024-26802 at NVDCVE-2024-26803 at SUSECVE-2024-26803 at NVDCVE-2024-26805 at SUSECVE-2024-26805 at NVDCVE-2024-26807 at SUSECVE-2024-26807 at NVDCVE-2024-26808 at SUSECVE-2024-26808 at NVDCVE-2024-26809 at SUSECVE-2024-26809 at NVDCVE-2024-26812 at SUSECVE-2024-26812 at NVDCVE-2024-26813 at SUSECVE-2024-26813 at NVDCVE-2024-26814 at SUSECVE-2024-26814 at NVDCVE-2024-26815 at SUSECVE-2024-26815 at NVDCVE-2024-26816 at SUSECVE-2024-26816 at NVDCVE-2024-26820 at SUSECVE-2024-26820 at NVDCVE-2024-26822 at SUSECVE-2024-26822 at NVDCVE-2024-26824 at SUSECVE-2024-26824 at NVDCVE-2024-26825 at SUSECVE-2024-26825 at NVDCVE-2024-26826 at SUSECVE-2024-26826 at NVDCVE-2024-26828 at SUSECVE-2024-26828 at NVDCVE-2024-26829 at SUSECVE-2024-26829 at NVDCVE-2024-26830 at SUSECVE-2024-26830 at NVDCVE-2024-26832 at SUSECVE-2024-26832 at NVDCVE-2024-26833 at SUSECVE-2024-26833 at NVDCVE-2024-26835 at SUSECVE-2024-26835 at NVDCVE-2024-26836 at SUSECVE-2024-26836 at NVDCVE-2024-26837 at SUSECVE-2024-26837 at NVDCVE-2024-26838 at SUSECVE-2024-26838 at NVDCVE-2024-26839 at SUSECVE-2024-26839 at NVDCVE-2024-26840 at SUSECVE-2024-26840 at NVDCVE-2024-26843 at SUSECVE-2024-26843 at NVDCVE-2024-26844 at SUSECVE-2024-26844 at NVDCVE-2024-26845 at SUSECVE-2024-26845 at NVDCVE-2024-26846 at SUSECVE-2024-26846 at NVDCVE-2024-26847 at SUSECVE-2024-26847 at NVDCVE-2024-26848 at SUSECVE-2024-26848 at NVDCVE-2024-26849 at SUSECVE-2024-26849 at NVDCVE-2024-26851 at SUSECVE-2024-26851 at NVDCVE-2024-26852 at SUSECVE-2024-26852 at NVDCVE-2024-26853 at SUSECVE-2024-26853 at NVDCVE-2024-26854 at SUSECVE-2024-26854 at NVDCVE-2024-26855 at SUSECVE-2024-26855 at NVDCVE-2024-26856 at SUSECVE-2024-26856 at NVDCVE-2024-26857 at SUSECVE-2024-26857 at NVDCVE-2024-26858 at SUSECVE-2024-26858 at NVDCVE-2024-26859 at SUSECVE-2024-26859 at NVDCVE-2024-26860 at SUSECVE-2024-26860 at NVDCVE-2024-26861 at SUSECVE-2024-26861 at NVDCVE-2024-26862 at SUSECVE-2024-26862 at NVDCVE-2024-26863 at SUSECVE-2024-26863 at NVDCVE-2024-26865 at SUSECVE-2024-26865 at NVDCVE-2024-26866 at SUSECVE-2024-26866 at NVDCVE-2024-26868 at SUSECVE-2024-26868 at NVDCVE-2024-26870 at SUSECVE-2024-26870 at NVDCVE-2024-26872 at SUSECVE-2024-26872 at NVDCVE-2024-26874 at SUSECVE-2024-26874 at NVDCVE-2024-26875 at SUSECVE-2024-26875 at NVDCVE-2024-26876 at SUSECVE-2024-26876 at NVDCVE-2024-26877 at SUSECVE-2024-26877 at NVDCVE-2024-26878 at SUSECVE-2024-26878 at NVDCVE-2024-26879 at SUSECVE-2024-26879 at NVDCVE-2024-26880 at SUSECVE-2024-26880 at NVDCVE-2024-26881 at SUSECVE-2024-26881 at NVDCVE-2024-26882 at SUSECVE-2024-26882 at NVDCVE-2024-26883 at SUSECVE-2024-26883 at NVDCVE-2024-26884 at SUSECVE-2024-26884 at NVDCVE-2024-26885 at SUSECVE-2024-26885 at NVDCVE-2024-26886 at SUSECVE-2024-26886 at NVDCVE-2024-26889 at SUSECVE-2024-26889 at NVDCVE-2024-26890 at SUSECVE-2024-26890 at NVDCVE-2024-26891 at SUSECVE-2024-26891 at NVDCVE-2024-26892 at SUSECVE-2024-26892 at NVDCVE-2024-26893 at SUSECVE-2024-26893 at NVDCVE-2024-26894 at SUSECVE-2024-26894 at NVDCVE-2024-26895 at SUSECVE-2024-26895 at NVDCVE-2024-26896 at SUSECVE-2024-26896 at NVDCVE-2024-26897 at SUSECVE-2024-26897 at NVDCVE-2024-26898 at SUSECVE-2024-26898 at NVDCVE-2024-26899 at SUSECVE-2024-26899 at NVDCVE-2024-26900 at SUSECVE-2024-26900 at NVDCVE-2024-26901 at SUSECVE-2024-26901 at NVDCVE-2024-26903 at SUSECVE-2024-26903 at NVDCVE-2024-26906 at SUSECVE-2024-26906 at NVDCVE-2024-26907 at SUSECVE-2024-26907 at NVDCVE-2024-26909 at SUSECVE-2024-26909 at NVDCVE-2024-26911 at SUSECVE-2024-26911 at NVDCVE-2024-26912 at SUSECVE-2024-26912 at NVDCVE-2024-26913 at SUSECVE-2024-26913 at NVDCVE-2024-26914 at SUSECVE-2024-26914 at NVDCVE-2024-26915 at SUSECVE-2024-26915 at NVDCVE-2024-26916 at SUSECVE-2024-26916 at NVDCVE-2024-26917 at SUSECVE-2024-26917 at NVDCVE-2024-26919 at SUSECVE-2024-26919 at NVDCVE-2024-26920 at SUSECVE-2024-26920 at NVDCVE-2024-26921 at SUSECVE-2024-26921 at NVDCVE-2024-26922 at SUSECVE-2024-26922 at NVDCVE-2024-26923 at SUSECVE-2024-26923 at NVDCVE-2024-26925 at SUSECVE-2024-26925 at NVDCVE-2024-26927 at SUSECVE-2024-26927 at NVDCVE-2024-26928 at SUSECVE-2024-26928 at NVDCVE-2024-26929 at SUSECVE-2024-26929 at NVDCVE-2024-26930 at SUSECVE-2024-26930 at NVDCVE-2024-26931 at SUSECVE-2024-26931 at NVDCVE-2024-26932 at SUSECVE-2024-26932 at NVDCVE-2024-26933 at SUSECVE-2024-26933 at NVDCVE-2024-26934 at SUSECVE-2024-26934 at NVDCVE-2024-26935 at SUSECVE-2024-26935 at NVDCVE-2024-26937 at SUSECVE-2024-26937 at NVDCVE-2024-26938 at SUSECVE-2024-26938 at NVDCVE-2024-26939 at SUSECVE-2024-26939 at NVDCVE-2024-26940 at SUSECVE-2024-26940 at NVDCVE-2024-26943 at SUSECVE-2024-26943 at NVDCVE-2024-26944 at SUSECVE-2024-26944 at NVDCVE-2024-26945 at SUSECVE-2024-26945 at NVDCVE-2024-26946 at SUSECVE-2024-26946 at NVDCVE-2024-26948 at SUSECVE-2024-26948 at NVDCVE-2024-26949 at SUSECVE-2024-26949 at NVDCVE-2024-26950 at SUSECVE-2024-26950 at NVDCVE-2024-26951 at SUSECVE-2024-26951 at NVDCVE-2024-26955 at SUSECVE-2024-26955 at NVDCVE-2024-26956 at SUSECVE-2024-26956 at NVDCVE-2024-26957 at SUSECVE-2024-26957 at NVDCVE-2024-26958 at SUSECVE-2024-26958 at NVDCVE-2024-26959 at SUSECVE-2024-26959 at NVDCVE-2024-26960 at SUSECVE-2024-26960 at NVDCVE-2024-26961 at SUSECVE-2024-26961 at NVDCVE-2024-26962 at SUSECVE-2024-26962 at NVDCVE-2024-26963 at SUSECVE-2024-26963 at NVDCVE-2024-26964 at SUSECVE-2024-26964 at NVDCVE-2024-26965 at SUSECVE-2024-26965 at NVDCVE-2024-26966 at SUSECVE-2024-26966 at NVDCVE-2024-26968 at SUSECVE-2024-26968 at NVDCVE-2024-26969 at SUSECVE-2024-26969 at NVDCVE-2024-26970 at SUSECVE-2024-26970 at NVDCVE-2024-26972 at SUSECVE-2024-26972 at NVDCVE-2024-26973 at SUSECVE-2024-26973 at NVDCVE-2024-26974 at SUSECVE-2024-26974 at NVDCVE-2024-26975 at SUSECVE-2024-26975 at NVDCVE-2024-26976 at SUSECVE-2024-26976 at NVDCVE-2024-26977 at SUSECVE-2024-26977 at NVDCVE-2024-26978 at SUSECVE-2024-26978 at NVDCVE-2024-26979 at SUSECVE-2024-26979 at NVDCVE-2024-26981 at SUSECVE-2024-26981 at NVDCVE-2024-26982 at SUSECVE-2024-26982 at NVDCVE-2024-26983 at SUSECVE-2024-26983 at NVDCVE-2024-26984 at SUSECVE-2024-26984 at NVDCVE-2024-26986 at SUSECVE-2024-26986 at NVDCVE-2024-26988 at SUSECVE-2024-26988 at NVDCVE-2024-26989 at SUSECVE-2024-26989 at NVDCVE-2024-26990 at SUSECVE-2024-26990 at NVDCVE-2024-26991 at SUSECVE-2024-26991 at NVDCVE-2024-26992 at SUSECVE-2024-26992 at NVDCVE-2024-26993 at SUSECVE-2024-26993 at NVDCVE-2024-26994 at SUSECVE-2024-26994 at NVDCVE-2024-26995 at SUSECVE-2024-26995 at NVDCVE-2024-26996 at SUSECVE-2024-26996 at NVDCVE-2024-26997 at SUSECVE-2024-26997 at NVDCVE-2024-26999 at SUSECVE-2024-26999 at NVDCVE-2024-27000 at SUSECVE-2024-27000 at NVDCVE-2024-27001 at SUSECVE-2024-27001 at NVDCVE-2024-27002 at SUSECVE-2024-27002 at NVDCVE-2024-27003 at SUSECVE-2024-27003 at NVDCVE-2024-27004 at SUSECVE-2024-27004 at NVDCVE-2024-27008 at SUSECVE-2024-27008 at NVDCVE-2024-27009 at SUSECVE-2024-27009 at NVDCVE-2024-27010 at SUSECVE-2024-27010 at NVDCVE-2024-27011 at SUSECVE-2024-27011 at NVDCVE-2024-27012 at SUSECVE-2024-27012 at NVDCVE-2024-27013 at SUSECVE-2024-27013 at NVDCVE-2024-27014 at SUSECVE-2024-27014 at NVDCVE-2024-27015 at SUSECVE-2024-27015 at NVDCVE-2024-27016 at SUSECVE-2024-27016 at NVDCVE-2024-27019 at SUSECVE-2024-27019 at NVDCVE-2024-27020 at SUSECVE-2024-27020 at NVDCVE-2024-27022 at SUSECVE-2024-27022 at NVDCVE-2024-27023 at SUSECVE-2024-27023 at NVDCVE-2024-27024 at SUSECVE-2024-27024 at NVDCVE-2024-27025 at SUSECVE-2024-27025 at NVDCVE-2024-27027 at SUSECVE-2024-27027 at NVDCVE-2024-27028 at SUSECVE-2024-27028 at NVDCVE-2024-27029 at SUSECVE-2024-27029 at NVDCVE-2024-27030 at SUSECVE-2024-27030 at NVDCVE-2024-27031 at SUSECVE-2024-27031 at NVDCVE-2024-27036 at SUSECVE-2024-27036 at NVDCVE-2024-27037 at SUSECVE-2024-27037 at NVDCVE-2024-27038 at SUSECVE-2024-27038 at NVDCVE-2024-27039 at SUSECVE-2024-27039 at NVDCVE-2024-27040 at SUSECVE-2024-27040 at NVDCVE-2024-27041 at SUSECVE-2024-27041 at NVDCVE-2024-27042 at SUSECVE-2024-27042 at NVDCVE-2024-27043 at SUSECVE-2024-27043 at NVDCVE-2024-27044 at SUSECVE-2024-27044 at NVDCVE-2024-27045 at SUSECVE-2024-27045 at NVDCVE-2024-27046 at SUSECVE-2024-27046 at NVDCVE-2024-27047 at SUSECVE-2024-27047 at NVDCVE-2024-27048 at SUSECVE-2024-27048 at NVDCVE-2024-27049 at SUSECVE-2024-27049 at NVDCVE-2024-27050 at SUSECVE-2024-27050 at NVDCVE-2024-27051 at SUSECVE-2024-27051 at NVDCVE-2024-27052 at SUSECVE-2024-27052 at NVDCVE-2024-27053 at SUSECVE-2024-27053 at NVDCVE-2024-27054 at SUSECVE-2024-27054 at NVDCVE-2024-27056 at SUSECVE-2024-27056 at NVDCVE-2024-27057 at SUSECVE-2024-27057 at NVDCVE-2024-27059 at SUSECVE-2024-27059 at NVDCVE-2024-27060 at SUSECVE-2024-27060 at NVDCVE-2024-27062 at SUSECVE-2024-27062 at NVDCVE-2024-27064 at SUSECVE-2024-27064 at NVDCVE-2024-27065 at SUSECVE-2024-27065 at NVDCVE-2024-27067 at SUSECVE-2024-27067 at NVDCVE-2024-27068 at SUSECVE-2024-27068 at NVDCVE-2024-27071 at SUSECVE-2024-27071 at NVDCVE-2024-27072 at SUSECVE-2024-27072 at NVDCVE-2024-27073 at SUSECVE-2024-27073 at NVDCVE-2024-27074 at SUSECVE-2024-27074 at NVDCVE-2024-27075 at SUSECVE-2024-27075 at NVDCVE-2024-27076 at SUSECVE-2024-27076 at NVDCVE-2024-27077 at SUSECVE-2024-27077 at NVDCVE-2024-27078 at SUSECVE-2024-27078 at NVDCVE-2024-27079 at SUSECVE-2024-27079 at NVDCVE-2024-27080 at SUSECVE-2024-27080 at NVDCVE-2024-27388 at SUSECVE-2024-27388 at NVDCVE-2024-27389 at SUSECVE-2024-27389 at NVDCVE-2024-27391 at SUSECVE-2024-27391 at NVDCVE-2024-27393 at SUSECVE-2024-27393 at NVDCVE-2024-27395 at SUSECVE-2024-27395 at NVDCVE-2024-27396 at SUSECVE-2024-27396 at NVDCVE-2024-27398 at SUSECVE-2024-27398 at NVDCVE-2024-27399 at SUSECVE-2024-27399 at NVDCVE-2024-27400 at SUSECVE-2024-27400 at NVDCVE-2024-27401 at SUSECVE-2024-27401 at NVDCVE-2024-27402 at SUSECVE-2024-27402 at NVDCVE-2024-27403 at SUSECVE-2024-27403 at NVDCVE-2024-27404 at SUSECVE-2024-27404 at NVDCVE-2024-27405 at SUSECVE-2024-27405 at NVDCVE-2024-27408 at SUSECVE-2024-27408 at NVDCVE-2024-27410 at SUSECVE-2024-27410 at NVDCVE-2024-27411 at SUSECVE-2024-27411 at NVDCVE-2024-27412 at SUSECVE-2024-27412 at NVDCVE-2024-27413 at SUSECVE-2024-27413 at NVDCVE-2024-27414 at SUSECVE-2024-27414 at NVDCVE-2024-27416 at SUSECVE-2024-27416 at NVDCVE-2024-27417 at SUSECVE-2024-27417 at NVDCVE-2024-27418 at SUSECVE-2024-27418 at NVDCVE-2024-27419 at SUSECVE-2024-27419 at NVDCVE-2024-27431 at SUSECVE-2024-27431 at NVDCVE-2024-27432 at SUSECVE-2024-27432 at NVDCVE-2024-27433 at SUSECVE-2024-27433 at NVDCVE-2024-27434 at SUSECVE-2024-27434 at NVDCVE-2024-27435 at SUSECVE-2024-27435 at NVDCVE-2024-27436 at SUSECVE-2024-27436 at NVDCVE-2024-27437 at SUSECVE-2024-27437 at NVDCVE-2024-31076 at SUSECVE-2024-31076 at NVDCVE-2024-33619 at SUSECVE-2024-33619 at NVDCVE-2024-34777 at SUSECVE-2024-34777 at NVDCVE-2024-35247 at SUSECVE-2024-35247 at NVDCVE-2024-35784 at SUSECVE-2024-35784 at NVDCVE-2024-35786 at SUSECVE-2024-35786 at NVDCVE-2024-35788 at SUSECVE-2024-35788 at NVDCVE-2024-35789 at SUSECVE-2024-35789 at NVDCVE-2024-35790 at SUSECVE-2024-35790 at NVDCVE-2024-35791 at SUSECVE-2024-35791 at NVDCVE-2024-35794 at SUSECVE-2024-35794 at NVDCVE-2024-35795 at SUSECVE-2024-35795 at NVDCVE-2024-35796 at SUSECVE-2024-35796 at NVDCVE-2024-35799 at SUSECVE-2024-35799 at NVDCVE-2024-35800 at SUSECVE-2024-35800 at NVDCVE-2024-35801 at SUSECVE-2024-35801 at NVDCVE-2024-35803 at SUSECVE-2024-35803 at NVDCVE-2024-35804 at SUSECVE-2024-35804 at NVDCVE-2024-35805 at SUSECVE-2024-35805 at NVDCVE-2024-35806 at SUSECVE-2024-35806 at NVDCVE-2024-35807 at SUSECVE-2024-35807 at NVDCVE-2024-35808 at SUSECVE-2024-35808 at NVDCVE-2024-35809 at SUSECVE-2024-35809 at NVDCVE-2024-35810 at SUSECVE-2024-35810 at NVDCVE-2024-35811 at SUSECVE-2024-35811 at NVDCVE-2024-35812 at SUSECVE-2024-35812 at NVDCVE-2024-35813 at SUSECVE-2024-35813 at NVDCVE-2024-35814 at SUSECVE-2024-35814 at NVDCVE-2024-35815 at SUSECVE-2024-35815 at NVDCVE-2024-35817 at SUSECVE-2024-35817 at NVDCVE-2024-35819 at SUSECVE-2024-35819 at NVDCVE-2024-35821 at SUSECVE-2024-35821 at NVDCVE-2024-35822 at SUSECVE-2024-35822 at NVDCVE-2024-35823 at SUSECVE-2024-35823 at NVDCVE-2024-35824 at SUSECVE-2024-35824 at NVDCVE-2024-35825 at SUSECVE-2024-35825 at NVDCVE-2024-35827 at SUSECVE-2024-35827 at NVDCVE-2024-35828 at SUSECVE-2024-35828 at NVDCVE-2024-35829 at SUSECVE-2024-35829 at NVDCVE-2024-35830 at SUSECVE-2024-35830 at NVDCVE-2024-35831 at SUSECVE-2024-35831 at NVDCVE-2024-35833 at SUSECVE-2024-35833 at NVDCVE-2024-35834 at SUSECVE-2024-35834 at NVDCVE-2024-35835 at SUSECVE-2024-35835 at NVDCVE-2024-35836 at SUSECVE-2024-35836 at NVDCVE-2024-35837 at SUSECVE-2024-35837 at NVDCVE-2024-35838 at SUSECVE-2024-35838 at NVDCVE-2024-35841 at SUSECVE-2024-35841 at NVDCVE-2024-35842 at SUSECVE-2024-35842 at NVDCVE-2024-35843 at SUSECVE-2024-35843 at NVDCVE-2024-35845 at SUSECVE-2024-35845 at NVDCVE-2024-35847 at SUSECVE-2024-35847 at NVDCVE-2024-35848 at SUSECVE-2024-35848 at NVDCVE-2024-35849 at SUSECVE-2024-35849 at NVDCVE-2024-35850 at SUSECVE-2024-35850 at NVDCVE-2024-35851 at SUSECVE-2024-35851 at NVDCVE-2024-35852 at SUSECVE-2024-35852 at NVDCVE-2024-35853 at SUSECVE-2024-35853 at NVDCVE-2024-35854 at SUSECVE-2024-35854 at NVDCVE-2024-35855 at SUSECVE-2024-35855 at NVDCVE-2024-35857 at SUSECVE-2024-35857 at NVDCVE-2024-35860 at SUSECVE-2024-35860 at NVDCVE-2024-35861 at SUSECVE-2024-35861 at NVDCVE-2024-35862 at SUSECVE-2024-35862 at NVDCVE-2024-35863 at SUSECVE-2024-35863 at NVDCVE-2024-35864 at SUSECVE-2024-35864 at NVDCVE-2024-35865 at SUSECVE-2024-35865 at NVDCVE-2024-35866 at SUSECVE-2024-35866 at NVDCVE-2024-35867 at SUSECVE-2024-35867 at NVDCVE-2024-35868 at SUSECVE-2024-35868 at NVDCVE-2024-35869 at SUSECVE-2024-35869 at NVDCVE-2024-35870 at SUSECVE-2024-35870 at NVDCVE-2024-35872 at SUSECVE-2024-35872 at NVDCVE-2024-35875 at SUSECVE-2024-35875 at NVDCVE-2024-35877 at SUSECVE-2024-35877 at NVDCVE-2024-35878 at SUSECVE-2024-35878 at NVDCVE-2024-35879 at SUSECVE-2024-35879 at NVDCVE-2024-35880 at SUSECVE-2024-35880 at NVDCVE-2024-35883 at SUSECVE-2024-35883 at NVDCVE-2024-35884 at SUSECVE-2024-35884 at NVDCVE-2024-35885 at SUSECVE-2024-35885 at NVDCVE-2024-35886 at SUSECVE-2024-35886 at NVDCVE-2024-35887 at SUSECVE-2024-35887 at NVDCVE-2024-35889 at SUSECVE-2024-35889 at NVDCVE-2024-35890 at SUSECVE-2024-35890 at NVDCVE-2024-35891 at SUSECVE-2024-35891 at NVDCVE-2024-35892 at SUSECVE-2024-35892 at NVDCVE-2024-35893 at SUSECVE-2024-35893 at NVDCVE-2024-35895 at SUSECVE-2024-35895 at NVDCVE-2024-35896 at SUSECVE-2024-35896 at NVDCVE-2024-35897 at SUSECVE-2024-35897 at NVDCVE-2024-35898 at SUSECVE-2024-35898 at NVDCVE-2024-35899 at SUSECVE-2024-35899 at NVDCVE-2024-35900 at SUSECVE-2024-35900 at NVDCVE-2024-35901 at SUSECVE-2024-35901 at NVDCVE-2024-35902 at SUSECVE-2024-35902 at NVDCVE-2024-35903 at SUSECVE-2024-35903 at NVDCVE-2024-35904 at SUSECVE-2024-35904 at NVDCVE-2024-35905 at SUSECVE-2024-35905 at NVDCVE-2024-35907 at SUSECVE-2024-35907 at NVDCVE-2024-35908 at SUSECVE-2024-35908 at NVDCVE-2024-35909 at SUSECVE-2024-35909 at NVDCVE-2024-35911 at SUSECVE-2024-35911 at NVDCVE-2024-35912 at SUSECVE-2024-35912 at NVDCVE-2024-35913 at SUSECVE-2024-35913 at NVDCVE-2024-35914 at SUSECVE-2024-35914 at NVDCVE-2024-35915 at SUSECVE-2024-35915 at NVDCVE-2024-35916 at SUSECVE-2024-35916 at NVDCVE-2024-35917 at SUSECVE-2024-35917 at NVDCVE-2024-35921 at SUSECVE-2024-35921 at NVDCVE-2024-35922 at SUSECVE-2024-35922 at NVDCVE-2024-35924 at SUSECVE-2024-35924 at NVDCVE-2024-35925 at SUSECVE-2024-35925 at NVDCVE-2024-35926 at SUSECVE-2024-35926 at NVDCVE-2024-35927 at SUSECVE-2024-35927 at NVDCVE-2024-35928 at SUSECVE-2024-35928 at NVDCVE-2024-35930 at SUSECVE-2024-35930 at NVDCVE-2024-35931 at SUSECVE-2024-35931 at NVDCVE-2024-35932 at SUSECVE-2024-35932 at NVDCVE-2024-35933 at SUSECVE-2024-35933 at NVDCVE-2024-35934 at SUSECVE-2024-35934 at NVDCVE-2024-35935 at SUSECVE-2024-35935 at NVDCVE-2024-35936 at SUSECVE-2024-35936 at NVDCVE-2024-35937 at SUSECVE-2024-35937 at NVDCVE-2024-35938 at SUSECVE-2024-35938 at NVDCVE-2024-35939 at SUSECVE-2024-35939 at NVDCVE-2024-35940 at SUSECVE-2024-35940 at NVDCVE-2024-35942 at SUSECVE-2024-35942 at NVDCVE-2024-35943 at SUSECVE-2024-35943 at NVDCVE-2024-35944 at SUSECVE-2024-35944 at NVDCVE-2024-35945 at SUSECVE-2024-35945 at NVDCVE-2024-35946 at SUSECVE-2024-35946 at NVDCVE-2024-35947 at SUSECVE-2024-35947 at NVDCVE-2024-35949 at SUSECVE-2024-35949 at NVDCVE-2024-35950 at SUSECVE-2024-35950 at NVDCVE-2024-35951 at SUSECVE-2024-35951 at NVDCVE-2024-35952 at SUSECVE-2024-35952 at NVDCVE-2024-35953 at SUSECVE-2024-35953 at NVDCVE-2024-35954 at SUSECVE-2024-35954 at NVDCVE-2024-35955 at SUSECVE-2024-35955 at NVDCVE-2024-35956 at SUSECVE-2024-35956 at NVDCVE-2024-35957 at SUSECVE-2024-35957 at NVDCVE-2024-35958 at SUSECVE-2024-35958 at NVDCVE-2024-35959 at SUSECVE-2024-35959 at NVDCVE-2024-35960 at SUSECVE-2024-35960 at NVDCVE-2024-35961 at SUSECVE-2024-35961 at NVDCVE-2024-35962 at SUSECVE-2024-35962 at NVDCVE-2024-35963 at SUSECVE-2024-35963 at NVDCVE-2024-35964 at SUSECVE-2024-35964 at NVDCVE-2024-35965 at SUSECVE-2024-35965 at NVDCVE-2024-35966 at SUSECVE-2024-35966 at NVDCVE-2024-35967 at SUSECVE-2024-35967 at NVDCVE-2024-35969 at SUSECVE-2024-35969 at NVDCVE-2024-35970 at SUSECVE-2024-35970 at NVDCVE-2024-35971 at SUSECVE-2024-35971 at NVDCVE-2024-35972 at SUSECVE-2024-35972 at NVDCVE-2024-35973 at SUSECVE-2024-35973 at NVDCVE-2024-35974 at SUSECVE-2024-35974 at NVDCVE-2024-35975 at SUSECVE-2024-35975 at NVDCVE-2024-35976 at SUSECVE-2024-35976 at NVDCVE-2024-35977 at SUSECVE-2024-35977 at NVDCVE-2024-35978 at SUSECVE-2024-35978 at NVDCVE-2024-35979 at SUSECVE-2024-35979 at NVDCVE-2024-35981 at SUSECVE-2024-35981 at NVDCVE-2024-35982 at SUSECVE-2024-35982 at NVDCVE-2024-35984 at SUSECVE-2024-35984 at NVDCVE-2024-35986 at SUSECVE-2024-35986 at NVDCVE-2024-35989 at SUSECVE-2024-35989 at NVDCVE-2024-35990 at SUSECVE-2024-35990 at NVDCVE-2024-35991 at SUSECVE-2024-35991 at NVDCVE-2024-35992 at SUSECVE-2024-35992 at NVDCVE-2024-35995 at SUSECVE-2024-35995 at NVDCVE-2024-35997 at SUSECVE-2024-35997 at NVDCVE-2024-35998 at SUSECVE-2024-35998 at NVDCVE-2024-35999 at SUSECVE-2024-35999 at NVDCVE-2024-36002 at SUSECVE-2024-36002 at NVDCVE-2024-36003 at SUSECVE-2024-36003 at NVDCVE-2024-36004 at SUSECVE-2024-36004 at NVDCVE-2024-36005 at SUSECVE-2024-36005 at NVDCVE-2024-36006 at SUSECVE-2024-36006 at NVDCVE-2024-36007 at SUSECVE-2024-36007 at NVDCVE-2024-36008 at SUSECVE-2024-36008 at NVDCVE-2024-36009 at SUSECVE-2024-36009 at NVDCVE-2024-36010 at SUSECVE-2024-36010 at NVDCVE-2024-36011 at SUSECVE-2024-36011 at NVDCVE-2024-36012 at SUSECVE-2024-36012 at NVDCVE-2024-36013 at SUSECVE-2024-36013 at NVDCVE-2024-36014 at SUSECVE-2024-36014 at NVDCVE-2024-36015 at SUSECVE-2024-36015 at NVDCVE-2024-36016 at SUSECVE-2024-36016 at NVDCVE-2024-36017 at SUSECVE-2024-36017 at NVDCVE-2024-36018 at SUSECVE-2024-36018 at NVDCVE-2024-36019 at SUSECVE-2024-36019 at NVDCVE-2024-36020 at SUSECVE-2024-36020 at NVDCVE-2024-36021 at SUSECVE-2024-36021 at NVDCVE-2024-36024 at SUSECVE-2024-36024 at NVDCVE-2024-36025 at SUSECVE-2024-36025 at NVDCVE-2024-36026 at SUSECVE-2024-36026 at NVDCVE-2024-36029 at SUSECVE-2024-36029 at NVDCVE-2024-36030 at SUSECVE-2024-36030 at NVDCVE-2024-36032 at SUSECVE-2024-36032 at NVDCVE-2024-36270 at SUSECVE-2024-36270 at NVDCVE-2024-36281 at SUSECVE-2024-36281 at NVDCVE-2024-36286 at SUSECVE-2024-36286 at NVDCVE-2024-36288 at SUSECVE-2024-36288 at NVDCVE-2024-36477 at SUSECVE-2024-36477 at NVDCVE-2024-36478 at SUSECVE-2024-36478 at NVDCVE-2024-36479 at SUSECVE-2024-36479 at NVDCVE-2024-36489 at SUSECVE-2024-36489 at NVDCVE-2024-36880 at SUSECVE-2024-36880 at NVDCVE-2024-36881 at SUSECVE-2024-36881 at NVDCVE-2024-36882 at SUSECVE-2024-36882 at NVDCVE-2024-36885 at SUSECVE-2024-36885 at NVDCVE-2024-36887 at SUSECVE-2024-36887 at NVDCVE-2024-36889 at SUSECVE-2024-36889 at NVDCVE-2024-36890 at SUSECVE-2024-36890 at NVDCVE-2024-36891 at SUSECVE-2024-36891 at NVDCVE-2024-36893 at SUSECVE-2024-36893 at NVDCVE-2024-36894 at SUSECVE-2024-36894 at NVDCVE-2024-36895 at SUSECVE-2024-36895 at NVDCVE-2024-36896 at SUSECVE-2024-36896 at NVDCVE-2024-36897 at SUSECVE-2024-36897 at NVDCVE-2024-36898 at SUSECVE-2024-36898 at NVDCVE-2024-36899 at SUSECVE-2024-36899 at NVDCVE-2024-36900 at SUSECVE-2024-36900 at NVDCVE-2024-36901 at SUSECVE-2024-36901 at NVDCVE-2024-36902 at SUSECVE-2024-36902 at NVDCVE-2024-36903 at SUSECVE-2024-36903 at NVDCVE-2024-36904 at SUSECVE-2024-36904 at NVDCVE-2024-36906 at SUSECVE-2024-36906 at NVDCVE-2024-36907 at SUSECVE-2024-36907 at NVDCVE-2024-36909 at SUSECVE-2024-36909 at NVDCVE-2024-36910 at SUSECVE-2024-36910 at NVDCVE-2024-36911 at SUSECVE-2024-36911 at NVDCVE-2024-36912 at SUSECVE-2024-36912 at NVDCVE-2024-36913 at SUSECVE-2024-36913 at NVDCVE-2024-36914 at SUSECVE-2024-36914 at NVDCVE-2024-36915 at SUSECVE-2024-36915 at NVDCVE-2024-36916 at SUSECVE-2024-36916 at NVDCVE-2024-36917 at SUSECVE-2024-36917 at NVDCVE-2024-36918 at SUSECVE-2024-36918 at NVDCVE-2024-36919 at SUSECVE-2024-36919 at NVDCVE-2024-36921 at SUSECVE-2024-36921 at NVDCVE-2024-36922 at SUSECVE-2024-36922 at NVDCVE-2024-36923 at SUSECVE-2024-36923 at NVDCVE-2024-36924 at SUSECVE-2024-36924 at NVDCVE-2024-36926 at SUSECVE-2024-36926 at NVDCVE-2024-36928 at SUSECVE-2024-36928 at NVDCVE-2024-36929 at SUSECVE-2024-36929 at NVDCVE-2024-36930 at SUSECVE-2024-36930 at NVDCVE-2024-36931 at SUSECVE-2024-36931 at NVDCVE-2024-36933 at SUSECVE-2024-36933 at NVDCVE-2024-36934 at SUSECVE-2024-36934 at NVDCVE-2024-36935 at SUSECVE-2024-36935 at NVDCVE-2024-36936 at SUSECVE-2024-36936 at NVDCVE-2024-36937 at SUSECVE-2024-36937 at NVDCVE-2024-36938 at SUSECVE-2024-36938 at NVDCVE-2024-36939 at SUSECVE-2024-36939 at NVDCVE-2024-36940 at SUSECVE-2024-36940 at NVDCVE-2024-36941 at SUSECVE-2024-36941 at NVDCVE-2024-36942 at SUSECVE-2024-36942 at NVDCVE-2024-36944 at SUSECVE-2024-36944 at NVDCVE-2024-36945 at SUSECVE-2024-36945 at NVDCVE-2024-36946 at SUSECVE-2024-36946 at NVDCVE-2024-36947 at SUSECVE-2024-36947 at NVDCVE-2024-36949 at SUSECVE-2024-36949 at NVDCVE-2024-36950 at SUSECVE-2024-36950 at NVDCVE-2024-36951 at SUSECVE-2024-36951 at NVDCVE-2024-36952 at SUSECVE-2024-36952 at NVDCVE-2024-36955 at SUSECVE-2024-36955 at NVDCVE-2024-36957 at SUSECVE-2024-36957 at NVDCVE-2024-36959 at SUSECVE-2024-36959 at NVDCVE-2024-36960 at SUSECVE-2024-36960 at NVDCVE-2024-36962 at SUSECVE-2024-36962 at NVDCVE-2024-36964 at SUSECVE-2024-36964 at NVDCVE-2024-36965 at SUSECVE-2024-36965 at NVDCVE-2024-36967 at SUSECVE-2024-36967 at NVDCVE-2024-36969 at SUSECVE-2024-36969 at NVDCVE-2024-36970 at SUSECVE-2024-36970 at NVDCVE-2024-36971 at SUSECVE-2024-36971 at NVDCVE-2024-36972 at SUSECVE-2024-36972 at NVDCVE-2024-36973 at SUSECVE-2024-36973 at NVDCVE-2024-36974 at SUSECVE-2024-36974 at NVDCVE-2024-36975 at SUSECVE-2024-36975 at NVDCVE-2024-36977 at SUSECVE-2024-36977 at NVDCVE-2024-36978 at SUSECVE-2024-36978 at NVDCVE-2024-36979 at SUSECVE-2024-36979 at NVDCVE-2024-37021 at SUSECVE-2024-37021 at NVDCVE-2024-37078 at SUSECVE-2024-37078 at NVDCVE-2024-37353 at SUSECVE-2024-37353 at NVDCVE-2024-37354 at SUSECVE-2024-37354 at NVDCVE-2024-38381 at SUSECVE-2024-38381 at NVDCVE-2024-38384 at SUSECVE-2024-38384 at NVDCVE-2024-38385 at SUSECVE-2024-38385 at NVDCVE-2024-38388 at SUSECVE-2024-38388 at NVDCVE-2024-38390 at SUSECVE-2024-38390 at NVDCVE-2024-38391 at SUSECVE-2024-38391 at NVDCVE-2024-38539 at SUSECVE-2024-38539 at NVDCVE-2024-38540 at SUSECVE-2024-38540 at NVDCVE-2024-38541 at SUSECVE-2024-38541 at NVDCVE-2024-38543 at SUSECVE-2024-38543 at NVDCVE-2024-38544 at SUSECVE-2024-38544 at NVDCVE-2024-38545 at SUSECVE-2024-38545 at NVDCVE-2024-38546 at SUSECVE-2024-38546 at NVDCVE-2024-38547 at SUSECVE-2024-38547 at NVDCVE-2024-38548 at SUSECVE-2024-38548 at NVDCVE-2024-38549 at SUSECVE-2024-38549 at NVDCVE-2024-38550 at SUSECVE-2024-38550 at NVDCVE-2024-38551 at SUSECVE-2024-38551 at NVDCVE-2024-38552 at SUSECVE-2024-38552 at NVDCVE-2024-38553 at SUSECVE-2024-38553 at NVDCVE-2024-38554 at SUSECVE-2024-38554 at NVDCVE-2024-38555 at SUSECVE-2024-38555 at NVDCVE-2024-38556 at SUSECVE-2024-38556 at NVDCVE-2024-38557 at SUSECVE-2024-38557 at NVDCVE-2024-38558 at SUSECVE-2024-38558 at NVDCVE-2024-38559 at SUSECVE-2024-38559 at NVDCVE-2024-38560 at SUSECVE-2024-38560 at NVDCVE-2024-38562 at SUSECVE-2024-38562 at NVDCVE-2024-38563 at SUSECVE-2024-38563 at NVDCVE-2024-38564 at SUSECVE-2024-38564 at NVDCVE-2024-38565 at SUSECVE-2024-38565 at NVDCVE-2024-38566 at SUSECVE-2024-38566 at NVDCVE-2024-38567 at SUSECVE-2024-38567 at NVDCVE-2024-38568 at SUSECVE-2024-38568 at NVDCVE-2024-38569 at SUSECVE-2024-38569 at NVDCVE-2024-38570 at SUSECVE-2024-38570 at NVDCVE-2024-38571 at SUSECVE-2024-38571 at NVDCVE-2024-38572 at SUSECVE-2024-38572 at NVDCVE-2024-38573 at SUSECVE-2024-38573 at NVDCVE-2024-38575 at SUSECVE-2024-38575 at NVDCVE-2024-38578 at SUSECVE-2024-38578 at NVDCVE-2024-38579 at SUSECVE-2024-38579 at NVDCVE-2024-38580 at SUSECVE-2024-38580 at NVDCVE-2024-38581 at SUSECVE-2024-38581 at NVDCVE-2024-38582 at SUSECVE-2024-38582 at NVDCVE-2024-38583 at SUSECVE-2024-38583 at NVDCVE-2024-38586 at SUSECVE-2024-38586 at NVDCVE-2024-38587 at SUSECVE-2024-38587 at NVDCVE-2024-38588 at SUSECVE-2024-38588 at NVDCVE-2024-38590 at SUSECVE-2024-38590 at NVDCVE-2024-38591 at SUSECVE-2024-38591 at NVDCVE-2024-38592 at SUSECVE-2024-38592 at NVDCVE-2024-38594 at SUSECVE-2024-38594 at NVDCVE-2024-38595 at SUSECVE-2024-38595 at NVDCVE-2024-38597 at SUSECVE-2024-38597 at NVDCVE-2024-38598 at SUSECVE-2024-38598 at NVDCVE-2024-38599 at SUSECVE-2024-38599 at NVDCVE-2024-38600 at SUSECVE-2024-38600 at NVDCVE-2024-38601 at SUSECVE-2024-38601 at NVDCVE-2024-38602 at SUSECVE-2024-38602 at NVDCVE-2024-38603 at SUSECVE-2024-38603 at NVDCVE-2024-38604 at SUSECVE-2024-38604 at NVDCVE-2024-38605 at SUSECVE-2024-38605 at NVDCVE-2024-38608 at SUSECVE-2024-38608 at NVDCVE-2024-38609 at SUSECVE-2024-38609 at NVDCVE-2024-38610 at SUSECVE-2024-38610 at NVDCVE-2024-38611 at SUSECVE-2024-38611 at NVDCVE-2024-38615 at SUSECVE-2024-38615 at NVDCVE-2024-38616 at SUSECVE-2024-38616 at NVDCVE-2024-38617 at SUSECVE-2024-38617 at NVDCVE-2024-38618 at SUSECVE-2024-38618 at NVDCVE-2024-38619 at SUSECVE-2024-38619 at NVDCVE-2024-38621 at SUSECVE-2024-38621 at NVDCVE-2024-38622 at SUSECVE-2024-38622 at NVDCVE-2024-38627 at SUSECVE-2024-38627 at NVDCVE-2024-38628 at SUSECVE-2024-38628 at NVDCVE-2024-38629 at SUSECVE-2024-38629 at NVDCVE-2024-38630 at SUSECVE-2024-38630 at NVDCVE-2024-38633 at SUSECVE-2024-38633 at NVDCVE-2024-38634 at SUSECVE-2024-38634 at NVDCVE-2024-38635 at SUSECVE-2024-38635 at NVDCVE-2024-38636 at SUSECVE-2024-38636 at NVDCVE-2024-38659 at SUSECVE-2024-38659 at NVDCVE-2024-38661 at SUSECVE-2024-38661 at NVDCVE-2024-38662 at SUSECVE-2024-38662 at NVDCVE-2024-38663 at SUSECVE-2024-38663 at NVDCVE-2024-38664 at SUSECVE-2024-38664 at NVDCVE-2024-38780 at SUSECVE-2024-38780 at NVDCVE-2024-39276 at SUSECVE-2024-39276 at NVDCVE-2024-39277 at SUSECVE-2024-39277 at NVDCVE-2024-39291 at SUSECVE-2024-39291 at NVDCVE-2024-39296 at SUSECVE-2024-39296 at NVDCVE-2024-39301 at SUSECVE-2024-39301 at NVDCVE-2024-39362 at SUSECVE-2024-39362 at NVDCVE-2024-39371 at SUSECVE-2024-39371 at NVDCVE-2024-39463 at SUSECVE-2024-39463 at NVDCVE-2024-39466 at SUSECVE-2024-39466 at NVDCVE-2024-39468 at SUSECVE-2024-39468 at NVDCVE-2024-39469 at SUSECVE-2024-39469 at NVDCVE-2024-39471 at SUSECVE-2024-39471 at NVDCVE-2024-39472 at SUSECVE-2024-39472 at NVDCVE-2024-39473 at SUSECVE-2024-39473 at NVDCVE-2024-39474 at SUSECVE-2024-39474 at NVDCVE-2024-39475 at SUSECVE-2024-39475 at NVDCVE-2024-39476 at SUSECVE-2024-39476 at NVDCVE-2024-39479 at SUSECVE-2024-39479 at NVDCVE-2024-39481 at SUSECVE-2024-39481 at NVDCVE-2024-39482 at SUSECVE-2024-39482 at NVDCVE-2024-39483 at SUSECVE-2024-39483 at NVDCVE-2024-39484 at SUSECVE-2024-39484 at NVDCVE-2024-39486 at SUSECVE-2024-39486 at NVDCVE-2024-39487 at SUSECVE-2024-39487 at NVDCVE-2024-39488 at SUSECVE-2024-39488 at NVDCVE-2024-39489 at SUSECVE-2024-39489 at NVDCVE-2024-39490 at SUSECVE-2024-39490 at NVDCVE-2024-39491 at SUSECVE-2024-39491 at NVDCVE-2024-39493 at SUSECVE-2024-39493 at NVDCVE-2024-39494 at SUSECVE-2024-39494 at NVDCVE-2024-39496 at SUSECVE-2024-39496 at NVDCVE-2024-39497 at SUSECVE-2024-39497 at NVDCVE-2024-39498 at SUSECVE-2024-39498 at NVDCVE-2024-39499 at SUSECVE-2024-39499 at NVDCVE-2024-39500 at SUSECVE-2024-39500 at NVDCVE-2024-39501 at SUSECVE-2024-39501 at NVDCVE-2024-39502 at SUSECVE-2024-39502 at NVDCVE-2024-39504 at SUSECVE-2024-39504 at NVDCVE-2024-39505 at SUSECVE-2024-39505 at NVDCVE-2024-39506 at SUSECVE-2024-39506 at NVDCVE-2024-39507 at SUSECVE-2024-39507 at NVDCVE-2024-39508 at SUSECVE-2024-39508 at NVDCVE-2024-39509 at SUSECVE-2024-39509 at NVDCVE-2024-39510 at SUSECVE-2024-39510 at NVDCVE-2024-40899 at SUSECVE-2024-40899 at NVDCVE-2024-40900 at SUSECVE-2024-40900 at NVDCVE-2024-40901 at SUSECVE-2024-40901 at NVDCVE-2024-40902 at SUSECVE-2024-40902 at NVDCVE-2024-40903 at SUSECVE-2024-40903 at NVDCVE-2024-40904 at SUSECVE-2024-40904 at NVDCVE-2024-40905 at SUSECVE-2024-40905 at NVDCVE-2024-40906 at SUSECVE-2024-40906 at NVDCVE-2024-40908 at SUSECVE-2024-40908 at NVDCVE-2024-40909 at SUSECVE-2024-40909 at NVDCVE-2024-40910 at SUSECVE-2024-40910 at NVDCVE-2024-40911 at SUSECVE-2024-40911 at NVDCVE-2024-40912 at SUSECVE-2024-40912 at NVDCVE-2024-40913 at SUSECVE-2024-40913 at NVDCVE-2024-40916 at SUSECVE-2024-40916 at NVDCVE-2024-40919 at SUSECVE-2024-40919 at NVDCVE-2024-40920 at SUSECVE-2024-40920 at NVDCVE-2024-40921 at SUSECVE-2024-40921 at NVDCVE-2024-40922 at SUSECVE-2024-40922 at NVDCVE-2024-40923 at SUSECVE-2024-40923 at NVDCVE-2024-40924 at SUSECVE-2024-40924 at NVDCVE-2024-40925 at SUSECVE-2024-40925 at NVDCVE-2024-40926 at SUSECVE-2024-40926 at NVDCVE-2024-40927 at SUSECVE-2024-40927 at NVDCVE-2024-40928 at SUSECVE-2024-40928 at NVDCVE-2024-40929 at SUSECVE-2024-40929 at NVDCVE-2024-40930 at SUSECVE-2024-40930 at NVDCVE-2024-40931 at SUSECVE-2024-40931 at NVDCVE-2024-40932 at SUSECVE-2024-40932 at NVDCVE-2024-40934 at SUSECVE-2024-40934 at NVDCVE-2024-40935 at SUSECVE-2024-40935 at NVDCVE-2024-40936 at SUSECVE-2024-40936 at NVDCVE-2024-40937 at SUSECVE-2024-40937 at NVDCVE-2024-40938 at SUSECVE-2024-40938 at NVDCVE-2024-40939 at SUSECVE-2024-40939 at NVDCVE-2024-40940 at SUSECVE-2024-40940 at NVDCVE-2024-40941 at SUSECVE-2024-40941 at NVDCVE-2024-40942 at SUSECVE-2024-40942 at NVDCVE-2024-40943 at SUSECVE-2024-40943 at NVDCVE-2024-40944 at SUSECVE-2024-40944 at NVDCVE-2024-40945 at SUSECVE-2024-40945 at NVDCVE-2024-40947 at SUSECVE-2024-40947 at NVDCVE-2024-40948 at SUSECVE-2024-40948 at NVDCVE-2024-40953 at SUSECVE-2024-40953 at NVDCVE-2024-40954 at SUSECVE-2024-40954 at NVDCVE-2024-40956 at SUSECVE-2024-40956 at NVDCVE-2024-40957 at SUSECVE-2024-40957 at NVDCVE-2024-40958 at SUSECVE-2024-40958 at NVDCVE-2024-40959 at SUSECVE-2024-40959 at NVDCVE-2024-40960 at SUSECVE-2024-40960 at NVDCVE-2024-40961 at SUSECVE-2024-40961 at NVDCVE-2024-40962 at SUSECVE-2024-40962 at NVDCVE-2024-40964 at SUSECVE-2024-40964 at NVDCVE-2024-40966 at SUSECVE-2024-40966 at NVDCVE-2024-40967 at SUSECVE-2024-40967 at NVDCVE-2024-40970 at SUSECVE-2024-40970 at NVDCVE-2024-40972 at SUSECVE-2024-40972 at NVDCVE-2024-40975 at SUSECVE-2024-40975 at NVDCVE-2024-40976 at SUSECVE-2024-40976 at NVDCVE-2024-40977 at SUSECVE-2024-40977 at NVDCVE-2024-40978 at SUSECVE-2024-40978 at NVDCVE-2024-40979 at SUSECVE-2024-40979 at NVDCVE-2024-40981 at SUSECVE-2024-40981 at NVDCVE-2024-40982 at SUSECVE-2024-40982 at NVDCVE-2024-40984 at SUSECVE-2024-40984 at NVDCVE-2024-40987 at SUSECVE-2024-40987 at NVDCVE-2024-40988 at SUSECVE-2024-40988 at NVDCVE-2024-40989 at SUSECVE-2024-40989 at NVDCVE-2024-40990 at SUSECVE-2024-40990 at NVDCVE-2024-40992 at SUSECVE-2024-40992 at NVDCVE-2024-40994 at SUSECVE-2024-40994 at NVDCVE-2024-40995 at SUSECVE-2024-40995 at NVDCVE-2024-40997 at SUSECVE-2024-40997 at NVDCVE-2024-40998 at SUSECVE-2024-40998 at NVDCVE-2024-40999 at SUSECVE-2024-40999 at NVDCVE-2024-41000 at SUSECVE-2024-41000 at NVDCVE-2024-41001 at SUSECVE-2024-41001 at NVDCVE-2024-41002 at SUSECVE-2024-41002 at NVDCVE-2024-41004 at SUSECVE-2024-41004 at NVDCVE-2024-41006 at SUSECVE-2024-41006 at NVDCVE-2024-41007 at SUSECVE-2024-41007 at NVDCVE-2024-41009 at SUSECVE-2024-41009 at NVDCVE-2024-41010 at SUSECVE-2024-41010 at NVDCVE-2024-41011 at SUSECVE-2024-41011 at NVDCVE-2024-41012 at SUSECVE-2024-41012 at NVDCVE-2024-41013 at SUSECVE-2024-41013 at NVDCVE-2024-41014 at SUSECVE-2024-41014 at NVDCVE-2024-41015 at SUSECVE-2024-41015 at NVDCVE-2024-41016 at SUSECVE-2024-41016 at NVDCVE-2024-41017 at SUSECVE-2024-41017 at NVDCVE-2024-41020 at SUSECVE-2024-41020 at NVDCVE-2024-41022 at SUSECVE-2024-41022 at NVDCVE-2024-41024 at SUSECVE-2024-41024 at NVDCVE-2024-41025 at SUSECVE-2024-41025 at NVDCVE-2024-41028 at SUSECVE-2024-41028 at NVDCVE-2024-41032 at SUSECVE-2024-41032 at NVDCVE-2024-41035 at SUSECVE-2024-41035 at NVDCVE-2024-41036 at SUSECVE-2024-41036 at NVDCVE-2024-41037 at SUSECVE-2024-41037 at NVDCVE-2024-41038 at SUSECVE-2024-41038 at NVDCVE-2024-41039 at SUSECVE-2024-41039 at NVDCVE-2024-41040 at SUSECVE-2024-41040 at NVDCVE-2024-41041 at SUSECVE-2024-41041 at NVDCVE-2024-41044 at SUSECVE-2024-41044 at NVDCVE-2024-41045 at SUSECVE-2024-41045 at NVDCVE-2024-41048 at SUSECVE-2024-41048 at NVDCVE-2024-41049 at SUSECVE-2024-41049 at NVDCVE-2024-41050 at SUSECVE-2024-41050 at NVDCVE-2024-41051 at SUSECVE-2024-41051 at NVDCVE-2024-41056 at SUSECVE-2024-41056 at NVDCVE-2024-41057 at SUSECVE-2024-41057 at NVDCVE-2024-41058 at SUSECVE-2024-41058 at NVDCVE-2024-41059 at SUSECVE-2024-41059 at NVDCVE-2024-41060 at SUSECVE-2024-41060 at NVDCVE-2024-41061 at SUSECVE-2024-41061 at NVDCVE-2024-41062 at SUSECVE-2024-41062 at NVDCVE-2024-41063 at SUSECVE-2024-41063 at NVDCVE-2024-41064 at SUSECVE-2024-41064 at NVDCVE-2024-41065 at SUSECVE-2024-41065 at NVDCVE-2024-41066 at SUSECVE-2024-41066 at NVDCVE-2024-41068 at SUSECVE-2024-41068 at NVDCVE-2024-41069 at SUSECVE-2024-41069 at NVDCVE-2024-41070 at SUSECVE-2024-41070 at NVDCVE-2024-41071 at SUSECVE-2024-41071 at NVDCVE-2024-41072 at SUSECVE-2024-41072 at NVDCVE-2024-41073 at SUSECVE-2024-41073 at NVDCVE-2024-41074 at SUSECVE-2024-41074 at NVDCVE-2024-41075 at SUSECVE-2024-41075 at NVDCVE-2024-41076 at SUSECVE-2024-41076 at NVDCVE-2024-41078 at SUSECVE-2024-41078 at NVDCVE-2024-41079 at SUSECVE-2024-41079 at NVDCVE-2024-41080 at SUSECVE-2024-41080 at NVDCVE-2024-41081 at SUSECVE-2024-41081 at NVDCVE-2024-41084 at SUSECVE-2024-41084 at NVDCVE-2024-41087 at SUSECVE-2024-41087 at NVDCVE-2024-41088 at SUSECVE-2024-41088 at NVDCVE-2024-41089 at SUSECVE-2024-41089 at NVDCVE-2024-41090 at SUSECVE-2024-41090 at NVDCVE-2024-41091 at SUSECVE-2024-41091 at NVDCVE-2024-41092 at SUSECVE-2024-41092 at NVDCVE-2024-41093 at SUSECVE-2024-41093 at NVDCVE-2024-41094 at SUSECVE-2024-41094 at NVDCVE-2024-41095 at SUSECVE-2024-41095 at NVDCVE-2024-41096 at SUSECVE-2024-41096 at NVDCVE-2024-41097 at SUSECVE-2024-41097 at NVDCVE-2024-41098 at SUSECVE-2024-41098 at NVDCVE-2024-42064 at SUSECVE-2024-42064 at NVDCVE-2024-42069 at SUSECVE-2024-42069 at NVDCVE-2024-42070 at SUSECVE-2024-42070 at NVDCVE-2024-42073 at SUSECVE-2024-42073 at NVDCVE-2024-42074 at SUSECVE-2024-42074 at NVDCVE-2024-42076 at SUSECVE-2024-42076 at NVDCVE-2024-42077 at SUSECVE-2024-42077 at NVDCVE-2024-42079 at SUSECVE-2024-42079 at NVDCVE-2024-42080 at SUSECVE-2024-42080 at NVDCVE-2024-42082 at SUSECVE-2024-42082 at NVDCVE-2024-42085 at SUSECVE-2024-42085 at NVDCVE-2024-42086 at SUSECVE-2024-42086 at NVDCVE-2024-42087 at SUSECVE-2024-42087 at NVDCVE-2024-42089 at SUSECVE-2024-42089 at NVDCVE-2024-42090 at SUSECVE-2024-42090 at NVDCVE-2024-42092 at SUSECVE-2024-42092 at NVDCVE-2024-42093 at SUSECVE-2024-42093 at NVDCVE-2024-42095 at SUSECVE-2024-42095 at NVDCVE-2024-42096 at SUSECVE-2024-42096 at NVDCVE-2024-42097 at SUSECVE-2024-42097 at NVDCVE-2024-42098 at SUSECVE-2024-42098 at NVDCVE-2024-42101 at SUSECVE-2024-42101 at NVDCVE-2024-42104 at SUSECVE-2024-42104 at NVDCVE-2024-42105 at SUSECVE-2024-42105 at NVDCVE-2024-42106 at SUSECVE-2024-42106 at NVDCVE-2024-42107 at SUSECVE-2024-42107 at NVDCVE-2024-42109 at SUSECVE-2024-42109 at NVDCVE-2024-42110 at SUSECVE-2024-42110 at NVDCVE-2024-42113 at SUSECVE-2024-42113 at NVDCVE-2024-42114 at SUSECVE-2024-42114 at NVDCVE-2024-42115 at SUSECVE-2024-42115 at NVDCVE-2024-42117 at SUSECVE-2024-42117 at NVDCVE-2024-42119 at SUSECVE-2024-42119 at NVDCVE-2024-42120 at SUSECVE-2024-42120 at NVDCVE-2024-42121 at SUSECVE-2024-42121 at NVDCVE-2024-42122 at SUSECVE-2024-42122 at NVDCVE-2024-42124 at SUSECVE-2024-42124 at NVDCVE-2024-42125 at SUSECVE-2024-42125 at NVDCVE-2024-42126 at SUSECVE-2024-42126 at NVDCVE-2024-42127 at SUSECVE-2024-42127 at NVDCVE-2024-42130 at SUSECVE-2024-42130 at NVDCVE-2024-42131 at SUSECVE-2024-42131 at NVDCVE-2024-42132 at SUSECVE-2024-42132 at NVDCVE-2024-42133 at SUSECVE-2024-42133 at NVDCVE-2024-42136 at SUSECVE-2024-42136 at NVDCVE-2024-42137 at SUSECVE-2024-42137 at NVDCVE-2024-42138 at SUSECVE-2024-42138 at NVDCVE-2024-42139 at SUSECVE-2024-42139 at NVDCVE-2024-42141 at SUSECVE-2024-42141 at NVDCVE-2024-42142 at SUSECVE-2024-42142 at NVDCVE-2024-42143 at SUSECVE-2024-42143 at NVDCVE-2024-42144 at SUSECVE-2024-42144 at NVDCVE-2024-42145 at SUSECVE-2024-42145 at NVDCVE-2024-42147 at SUSECVE-2024-42147 at NVDCVE-2024-42148 at SUSECVE-2024-42148 at NVDCVE-2024-42152 at SUSECVE-2024-42152 at NVDCVE-2024-42153 at SUSECVE-2024-42153 at NVDCVE-2024-42155 at SUSECVE-2024-42155 at NVDCVE-2024-42156 at SUSECVE-2024-42156 at NVDCVE-2024-42157 at SUSECVE-2024-42157 at NVDCVE-2024-42158 at SUSECVE-2024-42158 at NVDCVE-2024-42159 at SUSECVE-2024-42159 at NVDCVE-2024-42161 at SUSECVE-2024-42161 at NVDCVE-2024-42162 at SUSECVE-2024-42162 at NVDCVE-2024-42223 at SUSECVE-2024-42223 at NVDCVE-2024-42224 at SUSECVE-2024-42224 at NVDCVE-2024-42225 at SUSECVE-2024-42225 at NVDCVE-2024-42226 at SUSECVE-2024-42226 at NVDCVE-2024-42227 at SUSECVE-2024-42227 at NVDCVE-2024-42228 at SUSECVE-2024-42228 at NVDCVE-2024-42229 at SUSECVE-2024-42229 at NVDCVE-2024-42230 at SUSECVE-2024-42230 at NVDCVE-2024-42232 at SUSECVE-2024-42232 at NVDCVE-2024-42236 at SUSECVE-2024-42236 at NVDCVE-2024-42237 at SUSECVE-2024-42237 at NVDCVE-2024-42238 at SUSECVE-2024-42238 at NVDCVE-2024-42239 at SUSECVE-2024-42239 at NVDCVE-2024-42240 at SUSECVE-2024-42240 at NVDCVE-2024-42241 at SUSECVE-2024-42241 at NVDCVE-2024-42244 at SUSECVE-2024-42244 at NVDCVE-2024-42245 at SUSECVE-2024-42245 at NVDCVE-2024-42246 at SUSECVE-2024-42246 at NVDCVE-2024-42247 at SUSECVE-2024-42247 at NVDCVE-2024-42250 at SUSECVE-2024-42250 at NVDCVE-2024-42253 at SUSECVE-2024-42253 at NVDCVE-2024-42259 at SUSECVE-2024-42259 at NVDCVE-2024-42268 at SUSECVE-2024-42268 at NVDCVE-2024-42269 at SUSECVE-2024-42269 at NVDCVE-2024-42270 at SUSECVE-2024-42270 at NVDCVE-2024-42271 at SUSECVE-2024-42271 at NVDCVE-2024-42274 at SUSECVE-2024-42274 at NVDCVE-2024-42276 at SUSECVE-2024-42276 at NVDCVE-2024-42277 at SUSECVE-2024-42277 at NVDCVE-2024-42278 at SUSECVE-2024-42278 at NVDCVE-2024-42279 at SUSECVE-2024-42279 at NVDCVE-2024-42280 at SUSECVE-2024-42280 at NVDCVE-2024-42281 at SUSECVE-2024-42281 at NVDCVE-2024-42283 at SUSECVE-2024-42283 at NVDCVE-2024-42284 at SUSECVE-2024-42284 at NVDCVE-2024-42285 at SUSECVE-2024-42285 at NVDCVE-2024-42286 at SUSECVE-2024-42286 at NVDCVE-2024-42287 at SUSECVE-2024-42287 at NVDCVE-2024-42288 at SUSECVE-2024-42288 at NVDCVE-2024-42289 at SUSECVE-2024-42289 at NVDCVE-2024-42290 at SUSECVE-2024-42290 at NVDCVE-2024-42291 at SUSECVE-2024-42291 at NVDCVE-2024-42292 at SUSECVE-2024-42292 at NVDCVE-2024-42295 at SUSECVE-2024-42295 at NVDCVE-2024-42298 at SUSECVE-2024-42298 at NVDCVE-2024-42301 at SUSECVE-2024-42301 at NVDCVE-2024-42302 at SUSECVE-2024-42302 at NVDCVE-2024-42303 at SUSECVE-2024-42303 at NVDCVE-2024-42308 at SUSECVE-2024-42308 at NVDCVE-2024-42309 at SUSECVE-2024-42309 at NVDCVE-2024-42310 at SUSECVE-2024-42310 at NVDCVE-2024-42311 at SUSECVE-2024-42311 at NVDCVE-2024-42312 at SUSECVE-2024-42312 at NVDCVE-2024-42313 at SUSECVE-2024-42313 at NVDCVE-2024-42314 at SUSECVE-2024-42314 at NVDCVE-2024-42315 at SUSECVE-2024-42315 at NVDCVE-2024-42316 at SUSECVE-2024-42316 at NVDCVE-2024-42318 at SUSECVE-2024-42318 at NVDCVE-2024-42319 at SUSECVE-2024-42319 at NVDCVE-2024-42320 at SUSECVE-2024-42320 at NVDCVE-2024-42322 at SUSECVE-2024-42322 at NVDCVE-2024-43816 at SUSECVE-2024-43816 at NVDCVE-2024-43817 at SUSECVE-2024-43817 at NVDCVE-2024-43818 at SUSECVE-2024-43818 at NVDCVE-2024-43819 at SUSECVE-2024-43819 at NVDCVE-2024-43821 at SUSECVE-2024-43821 at NVDCVE-2024-43823 at SUSECVE-2024-43823 at NVDCVE-2024-43824 at SUSECVE-2024-43824 at NVDCVE-2024-43825 at SUSECVE-2024-43825 at NVDCVE-2024-43826 at SUSECVE-2024-43826 at NVDCVE-2024-43829 at SUSECVE-2024-43829 at NVDCVE-2024-43830 at SUSECVE-2024-43830 at NVDCVE-2024-43831 at SUSECVE-2024-43831 at NVDCVE-2024-43833 at SUSECVE-2024-43833 at NVDCVE-2024-43834 at SUSECVE-2024-43834 at NVDCVE-2024-43837 at SUSECVE-2024-43837 at NVDCVE-2024-43839 at SUSECVE-2024-43839 at NVDCVE-2024-43840 at SUSECVE-2024-43840 at NVDCVE-2024-43841 at SUSECVE-2024-43841 at NVDCVE-2024-43842 at SUSECVE-2024-43842 at NVDCVE-2024-43846 at SUSECVE-2024-43846 at NVDCVE-2024-43847 at SUSECVE-2024-43847 at NVDCVE-2024-43849 at SUSECVE-2024-43849 at NVDCVE-2024-43850 at SUSECVE-2024-43850 at NVDCVE-2024-43851 at SUSECVE-2024-43851 at NVDCVE-2024-43853 at SUSECVE-2024-43853 at NVDCVE-2024-43854 at SUSECVE-2024-43854 at NVDCVE-2024-43855 at SUSECVE-2024-43855 at NVDCVE-2024-43856 at SUSECVE-2024-43856 at NVDCVE-2024-43858 at SUSECVE-2024-43858 at NVDCVE-2024-43860 at SUSECVE-2024-43860 at NVDCVE-2024-43861 at SUSECVE-2024-43861 at NVDCVE-2024-43863 at SUSECVE-2024-43863 at NVDCVE-2024-43864 at SUSECVE-2024-43864 at NVDCVE-2024-43866 at SUSECVE-2024-43866 at NVDCVE-2024-43867 at SUSECVE-2024-43867 at NVDCVE-2024-43871 at SUSECVE-2024-43871 at NVDCVE-2024-43872 at SUSECVE-2024-43872 at NVDCVE-2024-43873 at SUSECVE-2024-43873 at NVDCVE-2024-43874 at SUSECVE-2024-43874 at NVDCVE-2024-43875 at SUSECVE-2024-43875 at NVDCVE-2024-43876 at SUSECVE-2024-43876 at NVDCVE-2024-43877 at SUSECVE-2024-43877 at NVDCVE-2024-43879 at SUSECVE-2024-43879 at NVDCVE-2024-43880 at SUSECVE-2024-43880 at NVDCVE-2024-43881 at SUSECVE-2024-43881 at NVDCVE-2024-43882 at SUSECVE-2024-43882 at NVDCVE-2024-43883 at SUSECVE-2024-43883 at NVDCVE-2024-43884 at SUSECVE-2024-43884 at NVDCVE-2024-43885 at SUSECVE-2024-43885 at NVDCVE-2024-43889 at SUSECVE-2024-43889 at NVDCVE-2024-43892 at SUSECVE-2024-43892 at NVDCVE-2024-43893 at SUSECVE-2024-43893 at NVDCVE-2024-43894 at SUSECVE-2024-43894 at NVDCVE-2024-43895 at SUSECVE-2024-43895 at NVDCVE-2024-43897 at SUSECVE-2024-43897 at NVDCVE-2024-43899 at SUSECVE-2024-43899 at NVDCVE-2024-43900 at SUSECVE-2024-43900 at NVDCVE-2024-43902 at SUSECVE-2024-43902 at NVDCVE-2024-43903 at SUSECVE-2024-43903 at NVDCVE-2024-43905 at SUSECVE-2024-43905 at NVDCVE-2024-43906 at SUSECVE-2024-43906 at NVDCVE-2024-43907 at SUSECVE-2024-43907 at NVDCVE-2024-43908 at SUSECVE-2024-43908 at NVDCVE-2024-43909 at SUSECVE-2024-43909 at NVDCVE-2024-43911 at SUSECVE-2024-43911 at NVDCVE-2024-43912 at SUSECVE-2024-43912 at NVDCVE-2024-44931 at SUSECVE-2024-44931 at NVDCVE-2024-44938 at SUSECVE-2024-44938 at NVDCVE-2024-44939 at SUSECVE-2024-44939 at NVDcpe:/o:suse:sl-micro:6.1kernel-firmware-all-20240728-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the kernel-firmware-all-20240728-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-13080 at SUSECVE-2017-13080 at NVDCVE-2017-13081 at SUSECVE-2017-13081 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2019-9836 at SUSECVE-2019-9836 at NVDCVE-2021-26312 at SUSECVE-2021-26312 at NVDCVE-2021-26339 at SUSECVE-2021-26339 at NVDCVE-2021-26342 at SUSECVE-2021-26342 at NVDCVE-2021-26345 at SUSECVE-2021-26345 at NVDCVE-2021-26347 at SUSECVE-2021-26347 at NVDCVE-2021-26348 at SUSECVE-2021-26348 at NVDCVE-2021-26349 at SUSECVE-2021-26349 at NVDCVE-2021-26350 at SUSECVE-2021-26350 at NVDCVE-2021-26364 at SUSECVE-2021-26364 at NVDCVE-2021-26372 at SUSECVE-2021-26372 at NVDCVE-2021-26373 at SUSECVE-2021-26373 at NVDCVE-2021-26375 at SUSECVE-2021-26375 at NVDCVE-2021-26376 at SUSECVE-2021-26376 at NVDCVE-2021-26378 at SUSECVE-2021-26378 at NVDCVE-2021-26388 at SUSECVE-2021-26388 at NVDCVE-2021-33139 at SUSECVE-2021-33139 at NVDCVE-2021-33155 at SUSECVE-2021-33155 at NVDCVE-2021-46744 at SUSECVE-2021-46744 at NVDCVE-2021-46766 at SUSECVE-2021-46766 at NVDCVE-2021-46774 at SUSECVE-2021-46774 at NVDCVE-2022-23820 at SUSECVE-2022-23820 at NVDCVE-2022-23830 at SUSECVE-2022-23830 at NVDCVE-2023-20519 at SUSECVE-2023-20519 at NVDCVE-2023-20521 at SUSECVE-2023-20521 at NVDCVE-2023-20526 at SUSECVE-2023-20526 at NVDCVE-2023-20533 at SUSECVE-2023-20533 at NVDCVE-2023-20566 at SUSECVE-2023-20566 at NVDCVE-2023-20569 at SUSECVE-2023-20569 at NVDCVE-2023-20592 at SUSECVE-2023-20592 at NVDCVE-2023-20593 at SUSECVE-2023-20593 at NVDCVE-2023-38417 at SUSECVE-2023-38417 at NVDCVE-2023-47210 at SUSECVE-2023-47210 at NVDcpe:/o:suse:sl-micro:6.1kernel-firmware-nvidia-gspx-G06-550.100-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the kernel-firmware-nvidia-gspx-G06-550.100-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2024-0090 at SUSECVE-2024-0090 at NVDCVE-2024-0091 at SUSECVE-2024-0091 at NVDCVE-2024-0092 at SUSECVE-2024-0092 at NVDcpe:/o:suse:sl-micro:6.1kpartx-0.10.0+103+suse.0fc97cd-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the kpartx-0.10.0+103+suse.0fc97cd-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-41973 at SUSECVE-2022-41973 at NVDCVE-2022-41974 at SUSECVE-2022-41974 at NVDcpe:/o:suse:sl-micro:6.1krb5-1.21.3-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the krb5-1.21.3-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2002-2443 at SUSECVE-2002-2443 at NVDCVE-2006-6143 at SUSECVE-2006-6143 at NVDCVE-2006-6144 at SUSECVE-2006-6144 at NVDCVE-2007-0956 at SUSECVE-2007-0956 at NVDCVE-2007-0957 at SUSECVE-2007-0957 at NVDCVE-2007-1216 at SUSECVE-2007-1216 at NVDCVE-2007-2442 at SUSECVE-2007-2442 at NVDCVE-2007-2443 at SUSECVE-2007-2443 at NVDCVE-2007-2798 at SUSECVE-2007-2798 at NVDCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDCVE-2007-5894 at SUSECVE-2007-5894 at NVDCVE-2007-5902 at SUSECVE-2007-5902 at NVDCVE-2007-5971 at SUSECVE-2007-5971 at NVDCVE-2007-5972 at SUSECVE-2007-5972 at NVDCVE-2008-0062 at SUSECVE-2008-0062 at NVDCVE-2008-0063 at SUSECVE-2008-0063 at NVDCVE-2008-0947 at SUSECVE-2008-0947 at NVDCVE-2008-0948 at SUSECVE-2008-0948 at NVDCVE-2009-0844 at SUSECVE-2009-0844 at NVDCVE-2009-0845 at SUSECVE-2009-0845 at NVDCVE-2009-0846 at SUSECVE-2009-0846 at NVDCVE-2009-0847 at SUSECVE-2009-0847 at NVDCVE-2009-3295 at SUSECVE-2009-3295 at NVDCVE-2009-4212 at SUSECVE-2009-4212 at NVDCVE-2010-0283 at SUSECVE-2010-0283 at NVDCVE-2010-0628 at SUSECVE-2010-0628 at NVDCVE-2010-1320 at SUSECVE-2010-1320 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-1322 at SUSECVE-2010-1322 at NVDCVE-2010-1323 at SUSECVE-2010-1323 at NVDCVE-2010-1324 at SUSECVE-2010-1324 at NVDCVE-2010-4020 at SUSECVE-2010-4020 at NVDCVE-2010-4021 at SUSECVE-2010-4021 at NVDCVE-2010-4022 at SUSECVE-2010-4022 at NVDCVE-2011-0281 at SUSECVE-2011-0281 at NVDCVE-2011-0282 at SUSECVE-2011-0282 at NVDCVE-2011-0284 at SUSECVE-2011-0284 at NVDCVE-2011-0285 at SUSECVE-2011-0285 at NVDCVE-2011-1527 at SUSECVE-2011-1527 at NVDCVE-2011-1528 at SUSECVE-2011-1528 at NVDCVE-2011-1529 at SUSECVE-2011-1529 at NVDCVE-2011-1530 at SUSECVE-2011-1530 at NVDCVE-2012-1012 at SUSECVE-2012-1012 at NVDCVE-2012-1013 at SUSECVE-2012-1013 at NVDCVE-2012-1016 at SUSECVE-2012-1016 at NVDCVE-2013-1415 at SUSECVE-2013-1415 at NVDCVE-2013-1417 at SUSECVE-2013-1417 at NVDCVE-2013-1418 at SUSECVE-2013-1418 at NVDCVE-2014-4341 at SUSECVE-2014-4341 at NVDCVE-2014-4342 at SUSECVE-2014-4342 at NVDCVE-2014-4343 at SUSECVE-2014-4343 at NVDCVE-2014-4344 at SUSECVE-2014-4344 at NVDCVE-2014-4345 at SUSECVE-2014-4345 at NVDCVE-2014-5351 at SUSECVE-2014-5351 at NVDCVE-2014-5352 at SUSECVE-2014-5352 at NVDCVE-2014-5353 at SUSECVE-2014-5353 at NVDCVE-2014-5354 at SUSECVE-2014-5354 at NVDCVE-2014-5355 at SUSECVE-2014-5355 at NVDCVE-2014-9421 at SUSECVE-2014-9421 at NVDCVE-2014-9422 at SUSECVE-2014-9422 at NVDCVE-2014-9423 at SUSECVE-2014-9423 at NVDCVE-2015-2694 at SUSECVE-2015-2694 at NVDCVE-2015-2695 at SUSECVE-2015-2695 at NVDCVE-2015-2696 at SUSECVE-2015-2696 at NVDCVE-2015-2697 at SUSECVE-2015-2697 at NVDCVE-2015-2698 at SUSECVE-2015-2698 at NVDCVE-2015-8629 at SUSECVE-2015-8629 at NVDCVE-2015-8630 at SUSECVE-2015-8630 at NVDCVE-2015-8631 at SUSECVE-2015-8631 at NVDCVE-2016-3119 at SUSECVE-2016-3119 at NVDCVE-2016-3120 at SUSECVE-2016-3120 at NVDCVE-2017-11368 at SUSECVE-2017-11368 at NVDCVE-2017-11462 at SUSECVE-2017-11462 at NVDCVE-2018-20217 at SUSECVE-2018-20217 at NVDCVE-2018-5729 at SUSECVE-2018-5729 at NVDCVE-2018-5730 at SUSECVE-2018-5730 at NVDCVE-2020-28196 at SUSECVE-2020-28196 at NVDCVE-2021-36222 at SUSECVE-2021-36222 at NVDCVE-2021-37750 at SUSECVE-2021-37750 at NVDCVE-2022-42898 at SUSECVE-2022-42898 at NVDCVE-2023-36054 at SUSECVE-2023-36054 at NVDCVE-2023-39975 at SUSECVE-2023-39975 at NVDCVE-2024-26458 at SUSECVE-2024-26458 at NVDCVE-2024-26461 at SUSECVE-2024-26461 at NVDCVE-2024-26462 at SUSECVE-2024-26462 at NVDCVE-2024-37370 at SUSECVE-2024-37370 at NVDCVE-2024-37371 at SUSECVE-2024-37371 at NVDcpe:/o:suse:sl-micro:6.1kubevirt-manifests-1.3.1-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the kubevirt-manifests-1.3.1-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2021-43565 at SUSECVE-2021-43565 at NVDCVE-2023-26484 at SUSECVE-2023-26484 at NVDCVE-2023-44487 at SUSECVE-2023-44487 at NVDCVE-2024-33394 at SUSECVE-2024-33394 at NVDcpe:/o:suse:sl-micro:6.1lastlog2-2.40.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the lastlog2-2.40.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-0157 at SUSECVE-2013-0157 at NVDCVE-2014-9114 at SUSECVE-2014-9114 at NVDCVE-2015-5218 at SUSECVE-2015-5218 at NVDCVE-2016-2779 at SUSECVE-2016-2779 at NVDCVE-2016-5011 at SUSECVE-2016-5011 at NVDCVE-2017-2616 at SUSECVE-2017-2616 at NVDCVE-2021-3995 at SUSECVE-2021-3995 at NVDCVE-2021-3996 at SUSECVE-2021-3996 at NVDCVE-2022-0563 at SUSECVE-2022-0563 at NVDcpe:/o:suse:sl-micro:6.1less-633-slfo.1.1_1.6 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the less-633-slfo.1.1_1.6 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-9488 at SUSECVE-2014-9488 at NVDCVE-2022-46663 at SUSECVE-2022-46663 at NVDCVE-2024-32487 at SUSECVE-2024-32487 at NVDcpe:/o:suse:sl-micro:6.1libX11-6-1.8.7-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libX11-6-1.8.7-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-1981 at SUSECVE-2013-1981 at NVDCVE-2013-1997 at SUSECVE-2013-1997 at NVDCVE-2013-2004 at SUSECVE-2013-2004 at NVDCVE-2018-14598 at SUSECVE-2018-14598 at NVDCVE-2018-14599 at SUSECVE-2018-14599 at NVDCVE-2018-14600 at SUSECVE-2018-14600 at NVDCVE-2020-14344 at SUSECVE-2020-14344 at NVDCVE-2020-14363 at SUSECVE-2020-14363 at NVDCVE-2021-31535 at SUSECVE-2021-31535 at NVDCVE-2022-3554 at SUSECVE-2022-3554 at NVDCVE-2022-3555 at SUSECVE-2022-3555 at NVDCVE-2023-3138 at SUSECVE-2023-3138 at NVDCVE-2023-43785 at SUSECVE-2023-43785 at NVDCVE-2023-43786 at SUSECVE-2023-43786 at NVDCVE-2023-43787 at SUSECVE-2023-43787 at NVDcpe:/o:suse:sl-micro:6.1libXcursor1-1.2.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libXcursor1-1.2.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-2003 at SUSECVE-2013-2003 at NVDCVE-2017-16612 at SUSECVE-2017-16612 at NVDcpe:/o:suse:sl-micro:6.1libXext6-1.3.5-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libXext6-1.3.5-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-1982 at SUSECVE-2013-1982 at NVDcpe:/o:suse:sl-micro:6.1libXfixes3-6.0.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libXfixes3-6.0.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-1983 at SUSECVE-2013-1983 at NVDcpe:/o:suse:sl-micro:6.1libXi6-1.8.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libXi6-1.8.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-1984 at SUSECVE-2013-1984 at NVDCVE-2013-1995 at SUSECVE-2013-1995 at NVDCVE-2013-1998 at SUSECVE-2013-1998 at NVDcpe:/o:suse:sl-micro:6.1libXinerama1-1.1.5-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libXinerama1-1.1.5-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-1985 at SUSECVE-2013-1985 at NVDcpe:/o:suse:sl-micro:6.1libXrandr2-1.5.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libXrandr2-1.5.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-1986 at SUSECVE-2013-1986 at NVDCVE-2016-7947 at SUSECVE-2016-7947 at NVDCVE-2016-7948 at SUSECVE-2016-7948 at NVDcpe:/o:suse:sl-micro:6.1libXrender1-0.9.11-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libXrender1-0.9.11-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-1987 at SUSECVE-2013-1987 at NVDcpe:/o:suse:sl-micro:6.1libXv1-1.0.12-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libXv1-1.0.12-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-1989 at SUSECVE-2013-1989 at NVDCVE-2013-2066 at SUSECVE-2013-2066 at NVDCVE-2016-5407 at SUSECVE-2016-5407 at NVDcpe:/o:suse:sl-micro:6.1libXxf86vm1-1.1.5-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libXxf86vm1-1.1.5-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-2001 at SUSECVE-2013-2001 at NVDcpe:/o:suse:sl-micro:6.1libarchive13-3.7.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libarchive13-3.7.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-5680 at SUSECVE-2006-5680 at NVDCVE-2007-3641 at SUSECVE-2007-3641 at NVDCVE-2007-3644 at SUSECVE-2007-3644 at NVDCVE-2007-3645 at SUSECVE-2007-3645 at NVDCVE-2013-0211 at SUSECVE-2013-0211 at NVDCVE-2015-2304 at SUSECVE-2015-2304 at NVDCVE-2015-8917 at SUSECVE-2015-8917 at NVDCVE-2015-8928 at SUSECVE-2015-8928 at NVDCVE-2015-8933 at SUSECVE-2015-8933 at NVDCVE-2015-8934 at SUSECVE-2015-8934 at NVDCVE-2016-1541 at SUSECVE-2016-1541 at NVDCVE-2016-4300 at SUSECVE-2016-4300 at NVDCVE-2016-4301 at SUSECVE-2016-4301 at NVDCVE-2016-4809 at SUSECVE-2016-4809 at NVDCVE-2016-5418 at SUSECVE-2016-5418 at NVDCVE-2016-5844 at SUSECVE-2016-5844 at NVDCVE-2016-6250 at SUSECVE-2016-6250 at NVDCVE-2016-8687 at SUSECVE-2016-8687 at NVDCVE-2016-8688 at SUSECVE-2016-8688 at NVDCVE-2016-8689 at SUSECVE-2016-8689 at NVDCVE-2017-14166 at SUSECVE-2017-14166 at NVDCVE-2017-14501 at SUSECVE-2017-14501 at NVDCVE-2017-14502 at SUSECVE-2017-14502 at NVDCVE-2017-14503 at SUSECVE-2017-14503 at NVDCVE-2017-5601 at SUSECVE-2017-5601 at NVDCVE-2018-1000877 at SUSECVE-2018-1000877 at NVDCVE-2018-1000878 at SUSECVE-2018-1000878 at NVDCVE-2018-1000879 at SUSECVE-2018-1000879 at NVDCVE-2018-1000880 at SUSECVE-2018-1000880 at NVDCVE-2019-1000019 at SUSECVE-2019-1000019 at NVDCVE-2019-1000020 at SUSECVE-2019-1000020 at NVDCVE-2019-18408 at SUSECVE-2019-18408 at NVDCVE-2019-19221 at SUSECVE-2019-19221 at NVDCVE-2021-23177 at SUSECVE-2021-23177 at NVDCVE-2021-31566 at SUSECVE-2021-31566 at NVDCVE-2021-36976 at SUSECVE-2021-36976 at NVDCVE-2022-26280 at SUSECVE-2022-26280 at NVDCVE-2022-36227 at SUSECVE-2022-36227 at NVDCVE-2024-26256 at SUSECVE-2024-26256 at NVDcpe:/o:suse:sl-micro:6.1libasound2-1.2.10-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libasound2-1.2.10-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-0035 at SUSECVE-2009-0035 at NVDcpe:/o:suse:sl-micro:6.1libaudit1-3.1.1-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libaudit1-3.1.1-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-5186 at SUSECVE-2015-5186 at NVDcpe:/o:suse:sl-micro:6.1libbluetooth3-5.70-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libbluetooth3-5.70-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-9797 at SUSECVE-2016-9797 at NVDCVE-2016-9798 at SUSECVE-2016-9798 at NVDCVE-2016-9800 at SUSECVE-2016-9800 at NVDCVE-2016-9801 at SUSECVE-2016-9801 at NVDCVE-2016-9802 at SUSECVE-2016-9802 at NVDCVE-2016-9804 at SUSECVE-2016-9804 at NVDCVE-2016-9917 at SUSECVE-2016-9917 at NVDCVE-2016-9918 at SUSECVE-2016-9918 at NVDCVE-2020-0556 at SUSECVE-2020-0556 at NVDCVE-2020-26558 at SUSECVE-2020-26558 at NVDCVE-2021-0129 at SUSECVE-2021-0129 at NVDCVE-2021-3588 at SUSECVE-2021-3588 at NVDCVE-2022-0204 at SUSECVE-2022-0204 at NVDCVE-2023-27349 at SUSECVE-2023-27349 at NVDcpe:/o:suse:sl-micro:6.1libbpf1-1.3.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libbpf1-1.3.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2021-45940 at SUSECVE-2021-45940 at NVDCVE-2021-45941 at SUSECVE-2021-45941 at NVDCVE-2022-3533 at SUSECVE-2022-3533 at NVDCVE-2022-3534 at SUSECVE-2022-3534 at NVDCVE-2022-3606 at SUSECVE-2022-3606 at NVDcpe:/o:suse:sl-micro:6.1libcairo-gobject2-1.17.8-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libcairo-gobject2-1.17.8-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-0528 at SUSECVE-2006-0528 at NVDCVE-2016-9082 at SUSECVE-2016-9082 at NVDCVE-2017-7475 at SUSECVE-2017-7475 at NVDCVE-2017-9814 at SUSECVE-2017-9814 at NVDcpe:/o:suse:sl-micro:6.1libcap2-2.69-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libcap2-2.69-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2023-2602 at SUSECVE-2023-2602 at NVDCVE-2023-2603 at SUSECVE-2023-2603 at NVDcpe:/o:suse:sl-micro:6.1libcares2-1.27.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libcares2-1.27.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-5180 at SUSECVE-2016-5180 at NVDCVE-2017-1000381 at SUSECVE-2017-1000381 at NVDCVE-2020-8277 at SUSECVE-2020-8277 at NVDCVE-2021-3672 at SUSECVE-2021-3672 at NVDCVE-2022-4904 at SUSECVE-2022-4904 at NVDCVE-2023-31124 at SUSECVE-2023-31124 at NVDCVE-2023-31130 at SUSECVE-2023-31130 at NVDCVE-2023-31147 at SUSECVE-2023-31147 at NVDCVE-2023-32067 at SUSECVE-2023-32067 at NVDCVE-2024-25629 at SUSECVE-2024-25629 at NVDcpe:/o:suse:sl-micro:6.1libcdrdeflt1_0-3.02~a10-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libcdrdeflt1_0-3.02~a10-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-1000156 at SUSECVE-2018-1000156 at NVDcpe:/o:suse:sl-micro:6.1libcolord2-1.4.6-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libcolord2-1.4.6-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2011-4349 at SUSECVE-2011-4349 at NVDCVE-2021-42523 at SUSECVE-2021-42523 at NVDcpe:/o:suse:sl-micro:6.1libcontainers-common-20240408-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libcontainers-common-20240408-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-15664 at SUSECVE-2018-15664 at NVDCVE-2019-10152 at SUSECVE-2019-10152 at NVDCVE-2020-14370 at SUSECVE-2020-14370 at NVDCVE-2020-15157 at SUSECVE-2020-15157 at NVDCVE-2021-20199 at SUSECVE-2021-20199 at NVDCVE-2021-20291 at SUSECVE-2021-20291 at NVDCVE-2021-3602 at SUSECVE-2021-3602 at NVDcpe:/o:suse:sl-micro:6.1libdrm2-2.4.119-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libdrm2-2.4.119-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2008-3831 at SUSECVE-2008-3831 at NVDcpe:/o:suse:sl-micro:6.1libeconf0-0.7.2-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libeconf0-0.7.2-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2023-22652 at SUSECVE-2023-22652 at NVDCVE-2023-30078 at SUSECVE-2023-30078 at NVDCVE-2023-30079 at SUSECVE-2023-30079 at NVDCVE-2023-32181 at SUSECVE-2023-32181 at NVDcpe:/o:suse:sl-micro:6.1libekmfweb1-2.31.0-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libekmfweb1-2.31.0-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2021-25316 at SUSECVE-2021-25316 at NVDcpe:/o:suse:sl-micro:6.1libesmtp6_2_0-1.1.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libesmtp6_2_0-1.1.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-19977 at SUSECVE-2019-19977 at NVDcpe:/o:suse:sl-micro:6.1libevent-2_1-7-2.1.12-slfo.1.1_2.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libevent-2_1-7-2.1.12-slfo.1.1_2.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-6272 at SUSECVE-2014-6272 at NVDcpe:/o:suse:sl-micro:6.1libexpat1-2.5.0-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libexpat1-2.5.0-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-2625 at SUSECVE-2009-2625 at NVDCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDCVE-2012-0876 at SUSECVE-2012-0876 at NVDCVE-2012-1147 at SUSECVE-2012-1147 at NVDCVE-2012-1148 at SUSECVE-2012-1148 at NVDCVE-2012-6702 at SUSECVE-2012-6702 at NVDCVE-2013-0340 at SUSECVE-2013-0340 at NVDCVE-2015-1283 at SUSECVE-2015-1283 at NVDCVE-2016-0718 at SUSECVE-2016-0718 at NVDCVE-2016-4472 at SUSECVE-2016-4472 at NVDCVE-2016-5300 at SUSECVE-2016-5300 at NVDCVE-2016-9063 at SUSECVE-2016-9063 at NVDCVE-2017-9233 at SUSECVE-2017-9233 at NVDCVE-2018-20843 at SUSECVE-2018-20843 at NVDCVE-2019-15903 at SUSECVE-2019-15903 at NVDCVE-2021-45960 at SUSECVE-2021-45960 at NVDCVE-2021-46143 at SUSECVE-2021-46143 at NVDCVE-2022-22822 at SUSECVE-2022-22822 at NVDCVE-2022-22823 at SUSECVE-2022-22823 at NVDCVE-2022-22824 at SUSECVE-2022-22824 at NVDCVE-2022-22825 at SUSECVE-2022-22825 at NVDCVE-2022-22826 at SUSECVE-2022-22826 at NVDCVE-2022-22827 at SUSECVE-2022-22827 at NVDCVE-2022-23852 at SUSECVE-2022-23852 at NVDCVE-2022-23990 at SUSECVE-2022-23990 at NVDCVE-2022-25235 at SUSECVE-2022-25235 at NVDCVE-2022-25236 at SUSECVE-2022-25236 at NVDCVE-2022-25313 at SUSECVE-2022-25313 at NVDCVE-2022-25314 at SUSECVE-2022-25314 at NVDCVE-2022-25315 at SUSECVE-2022-25315 at NVDCVE-2022-40674 at SUSECVE-2022-40674 at NVDCVE-2022-43680 at SUSECVE-2022-43680 at NVDCVE-2024-28757 at SUSECVE-2024-28757 at NVDcpe:/o:suse:sl-micro:6.1libexslt0-1.1.38-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libexslt0-1.1.38-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2008-1767 at SUSECVE-2008-1767 at NVDCVE-2015-7995 at SUSECVE-2015-7995 at NVDCVE-2015-9019 at SUSECVE-2015-9019 at NVDCVE-2016-4738 at SUSECVE-2016-4738 at NVDCVE-2017-5029 at SUSECVE-2017-5029 at NVDCVE-2019-11068 at SUSECVE-2019-11068 at NVDCVE-2019-13117 at SUSECVE-2019-13117 at NVDCVE-2019-13118 at SUSECVE-2019-13118 at NVDCVE-2019-18197 at SUSECVE-2019-18197 at NVDCVE-2021-30560 at SUSECVE-2021-30560 at NVDcpe:/o:suse:sl-micro:6.1libfreebl3-3.101.2-slfo.1.1_1.6 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libfreebl3-3.101.2-slfo.1.1_1.6 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2011-3640 at SUSECVE-2011-3640 at NVDCVE-2013-0743 at SUSECVE-2013-0743 at NVDCVE-2013-0791 at SUSECVE-2013-0791 at NVDCVE-2013-1620 at SUSECVE-2013-1620 at NVDCVE-2013-1739 at SUSECVE-2013-1739 at NVDCVE-2013-1740 at SUSECVE-2013-1740 at NVDCVE-2013-5605 at SUSECVE-2013-5605 at NVDCVE-2014-1490 at SUSECVE-2014-1490 at NVDCVE-2014-1491 at SUSECVE-2014-1491 at NVDCVE-2014-1492 at SUSECVE-2014-1492 at NVDCVE-2014-1568 at SUSECVE-2014-1568 at NVDCVE-2014-1569 at SUSECVE-2014-1569 at NVDCVE-2015-2721 at SUSECVE-2015-2721 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-7181 at SUSECVE-2015-7181 at NVDCVE-2015-7182 at SUSECVE-2015-7182 at NVDCVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2016-1950 at SUSECVE-2016-1950 at NVDCVE-2016-1979 at SUSECVE-2016-1979 at NVDCVE-2016-2834 at SUSECVE-2016-2834 at NVDCVE-2018-0495 at SUSECVE-2018-0495 at NVDCVE-2018-12384 at SUSECVE-2018-12384 at NVDCVE-2018-12404 at SUSECVE-2018-12404 at NVDCVE-2018-18508 at SUSECVE-2018-18508 at NVDCVE-2019-11745 at SUSECVE-2019-11745 at NVDCVE-2019-17006 at SUSECVE-2019-17006 at NVDCVE-2020-12399 at SUSECVE-2020-12399 at NVDCVE-2020-12400 at SUSECVE-2020-12400 at NVDCVE-2020-12401 at SUSECVE-2020-12401 at NVDCVE-2020-12402 at SUSECVE-2020-12402 at NVDCVE-2020-12403 at SUSECVE-2020-12403 at NVDCVE-2020-25648 at SUSECVE-2020-25648 at NVDCVE-2020-6829 at SUSECVE-2020-6829 at NVDCVE-2021-43527 at SUSECVE-2021-43527 at NVDCVE-2022-1097 at SUSECVE-2022-1097 at NVDCVE-2022-23491 at SUSECVE-2022-23491 at NVDCVE-2022-3479 at SUSECVE-2022-3479 at NVDCVE-2023-0767 at SUSECVE-2023-0767 at NVDCVE-2023-5388 at SUSECVE-2023-5388 at NVDcpe:/o:suse:sl-micro:6.1libfreetype6-2.13.2-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libfreetype6-2.13.2-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-1351 at SUSECVE-2007-1351 at NVDCVE-2009-0946 at SUSECVE-2009-0946 at NVDCVE-2010-2497 at SUSECVE-2010-2497 at NVDCVE-2010-2805 at SUSECVE-2010-2805 at NVDCVE-2010-3053 at SUSECVE-2010-3053 at NVDCVE-2010-3054 at SUSECVE-2010-3054 at NVDCVE-2010-3311 at SUSECVE-2010-3311 at NVDCVE-2010-3814 at SUSECVE-2010-3814 at NVDCVE-2010-3855 at SUSECVE-2010-3855 at NVDCVE-2011-0226 at SUSECVE-2011-0226 at NVDCVE-2011-3256 at SUSECVE-2011-3256 at NVDCVE-2011-3439 at SUSECVE-2011-3439 at NVDCVE-2012-1126 at SUSECVE-2012-1126 at NVDCVE-2012-1127 at SUSECVE-2012-1127 at NVDCVE-2012-1128 at SUSECVE-2012-1128 at NVDCVE-2012-1129 at SUSECVE-2012-1129 at NVDCVE-2012-1130 at SUSECVE-2012-1130 at NVDCVE-2012-1131 at SUSECVE-2012-1131 at NVDCVE-2012-1132 at SUSECVE-2012-1132 at NVDCVE-2012-1133 at SUSECVE-2012-1133 at NVDCVE-2012-1134 at SUSECVE-2012-1134 at NVDCVE-2012-1135 at SUSECVE-2012-1135 at NVDCVE-2012-1136 at SUSECVE-2012-1136 at NVDCVE-2012-1137 at SUSECVE-2012-1137 at NVDCVE-2012-1138 at SUSECVE-2012-1138 at NVDCVE-2012-1139 at SUSECVE-2012-1139 at NVDCVE-2012-1140 at SUSECVE-2012-1140 at NVDCVE-2012-1141 at SUSECVE-2012-1141 at NVDCVE-2012-1142 at SUSECVE-2012-1142 at NVDCVE-2012-1143 at SUSECVE-2012-1143 at NVDCVE-2012-1144 at SUSECVE-2012-1144 at NVDCVE-2012-5668 at SUSECVE-2012-5668 at NVDCVE-2012-5669 at SUSECVE-2012-5669 at NVDCVE-2012-5670 at SUSECVE-2012-5670 at NVDCVE-2014-2240 at SUSECVE-2014-2240 at NVDCVE-2014-2241 at SUSECVE-2014-2241 at NVDCVE-2014-9656 at SUSECVE-2014-9656 at NVDCVE-2014-9657 at SUSECVE-2014-9657 at NVDCVE-2014-9658 at SUSECVE-2014-9658 at NVDCVE-2014-9659 at SUSECVE-2014-9659 at NVDCVE-2014-9660 at SUSECVE-2014-9660 at NVDCVE-2014-9661 at SUSECVE-2014-9661 at NVDCVE-2014-9662 at SUSECVE-2014-9662 at NVDCVE-2014-9663 at SUSECVE-2014-9663 at NVDCVE-2014-9664 at SUSECVE-2014-9664 at NVDCVE-2014-9665 at SUSECVE-2014-9665 at NVDCVE-2014-9666 at SUSECVE-2014-9666 at NVDCVE-2014-9667 at SUSECVE-2014-9667 at NVDCVE-2014-9668 at SUSECVE-2014-9668 at NVDCVE-2014-9669 at SUSECVE-2014-9669 at NVDCVE-2014-9670 at SUSECVE-2014-9670 at NVDCVE-2014-9671 at SUSECVE-2014-9671 at NVDCVE-2014-9672 at SUSECVE-2014-9672 at NVDCVE-2014-9673 at SUSECVE-2014-9673 at NVDCVE-2014-9674 at SUSECVE-2014-9674 at NVDCVE-2014-9675 at SUSECVE-2014-9675 at NVDCVE-2017-8105 at SUSECVE-2017-8105 at NVDCVE-2017-8287 at SUSECVE-2017-8287 at NVDCVE-2018-25032 at SUSECVE-2018-25032 at NVDCVE-2018-6942 at SUSECVE-2018-6942 at NVDCVE-2020-15999 at SUSECVE-2020-15999 at NVDCVE-2022-27404 at SUSECVE-2022-27404 at NVDCVE-2022-27405 at SUSECVE-2022-27405 at NVDCVE-2022-27406 at SUSECVE-2022-27406 at NVDcpe:/o:suse:sl-micro:6.1libfribidi0-1.0.13-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libfribidi0-1.0.13-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-18397 at SUSECVE-2019-18397 at NVDcpe:/o:suse:sl-micro:6.1libfuse2-2.9.9-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libfuse2-2.9.9-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-3297 at SUSECVE-2009-3297 at NVDCVE-2011-0541 at SUSECVE-2011-0541 at NVDCVE-2015-3202 at SUSECVE-2015-3202 at NVDcpe:/o:suse:sl-micro:6.1libgcrypt20-1.10.3-slfo.1.1_1.10 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libgcrypt20-1.10.3-slfo.1.1_1.10 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-4242 at SUSECVE-2013-4242 at NVDCVE-2014-3591 at SUSECVE-2014-3591 at NVDCVE-2015-0837 at SUSECVE-2015-0837 at NVDCVE-2015-5738 at SUSECVE-2015-5738 at NVDCVE-2015-7511 at SUSECVE-2015-7511 at NVDCVE-2016-6313 at SUSECVE-2016-6313 at NVDCVE-2017-0379 at SUSECVE-2017-0379 at NVDCVE-2017-7526 at SUSECVE-2017-7526 at NVDCVE-2018-0495 at SUSECVE-2018-0495 at NVDCVE-2019-12904 at SUSECVE-2019-12904 at NVDCVE-2019-13627 at SUSECVE-2019-13627 at NVDCVE-2021-3345 at SUSECVE-2021-3345 at NVDCVE-2021-33560 at SUSECVE-2021-33560 at NVDCVE-2021-40528 at SUSECVE-2021-40528 at NVDcpe:/o:suse:sl-micro:6.1libgmp10-6.3.0-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libgmp10-6.3.0-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2021-43618 at SUSECVE-2021-43618 at NVDcpe:/o:suse:sl-micro:6.1libgpgme11-1.23.0-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libgpgme11-1.23.0-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-3564 at SUSECVE-2014-3564 at NVDcpe:/o:suse:sl-micro:6.1libgraphite2-3-1.3.14-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libgraphite2-3-1.3.14-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-1521 at SUSECVE-2016-1521 at NVDCVE-2017-5436 at SUSECVE-2017-5436 at NVDCVE-2018-7999 at SUSECVE-2018-7999 at NVDcpe:/o:suse:sl-micro:6.1libguestfs-1.52.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libguestfs-1.52.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-2124 at SUSECVE-2013-2124 at NVDCVE-2013-4419 at SUSECVE-2013-4419 at NVDCVE-2022-2211 at SUSECVE-2022-2211 at NVDcpe:/o:suse:sl-micro:6.1libharfbuzz-gobject0-7.2.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libharfbuzz-gobject0-7.2.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-33068 at SUSECVE-2022-33068 at NVDCVE-2023-25193 at SUSECVE-2023-25193 at NVDcpe:/o:suse:sl-micro:6.1libhivex0-1.3.23-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libhivex0-1.3.23-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2021-3504 at SUSECVE-2021-3504 at NVDCVE-2021-3622 at SUSECVE-2021-3622 at NVDcpe:/o:suse:sl-micro:6.1libhogweed6-3.9.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libhogweed6-3.9.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-8803 at SUSECVE-2015-8803 at NVDCVE-2015-8804 at SUSECVE-2015-8804 at NVDCVE-2015-8805 at SUSECVE-2015-8805 at NVDCVE-2016-6489 at SUSECVE-2016-6489 at NVDCVE-2018-16869 at SUSECVE-2018-16869 at NVDCVE-2021-20305 at SUSECVE-2021-20305 at NVDCVE-2021-3580 at SUSECVE-2021-3580 at NVDCVE-2023-36660 at SUSECVE-2023-36660 at NVDcpe:/o:suse:sl-micro:6.1libidn2-0-2.3.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libidn2-0-2.3.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-2059 at SUSECVE-2015-2059 at NVDCVE-2015-8948 at SUSECVE-2015-8948 at NVDCVE-2016-6261 at SUSECVE-2016-6261 at NVDCVE-2016-6262 at SUSECVE-2016-6262 at NVDCVE-2016-6263 at SUSECVE-2016-6263 at NVDCVE-2019-12290 at SUSECVE-2019-12290 at NVDCVE-2019-18224 at SUSECVE-2019-18224 at NVDcpe:/o:suse:sl-micro:6.1libjansson4-2.14-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libjansson4-2.14-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-6401 at SUSECVE-2013-6401 at NVDcpe:/o:suse:sl-micro:6.1libjbig2-2.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libjbig2-2.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-6369 at SUSECVE-2013-6369 at NVDcpe:/o:suse:sl-micro:6.1libjcat1-0.1.14-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libjcat1-0.1.14-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-10759 at SUSECVE-2020-10759 at NVDcpe:/o:suse:sl-micro:6.1libjpeg8-8.3.2-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libjpeg8-8.3.2-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-9092 at SUSECVE-2014-9092 at NVDCVE-2017-15232 at SUSECVE-2017-15232 at NVDCVE-2018-1152 at SUSECVE-2018-1152 at NVDCVE-2018-11813 at SUSECVE-2018-11813 at NVDCVE-2018-14498 at SUSECVE-2018-14498 at NVDCVE-2018-19644 at SUSECVE-2018-19644 at NVDCVE-2018-19664 at SUSECVE-2018-19664 at NVDCVE-2018-20330 at SUSECVE-2018-20330 at NVDCVE-2019-2201 at SUSECVE-2019-2201 at NVDCVE-2020-13790 at SUSECVE-2020-13790 at NVDCVE-2020-17541 at SUSECVE-2020-17541 at NVDCVE-2023-2804 at SUSECVE-2023-2804 at NVDcpe:/o:suse:sl-micro:6.1libjson-c5-0.16-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libjson-c5-0.16-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-6370 at SUSECVE-2013-6370 at NVDCVE-2013-6371 at SUSECVE-2013-6371 at NVDcpe:/o:suse:sl-micro:6.1libksba8-1.6.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libksba8-1.6.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-9087 at SUSECVE-2014-9087 at NVDCVE-2016-4574 at SUSECVE-2016-4574 at NVDCVE-2016-4579 at SUSECVE-2016-4579 at NVDCVE-2022-3515 at SUSECVE-2022-3515 at NVDCVE-2022-47629 at SUSECVE-2022-47629 at NVDcpe:/o:suse:sl-micro:6.1liblcms2-2-2.16-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the liblcms2-2-2.16-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-16435 at SUSECVE-2018-16435 at NVDcpe:/o:suse:sl-micro:6.1libldap2-2.6.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libldap2-2.6.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-1545 at SUSECVE-2015-1545 at NVDCVE-2015-1546 at SUSECVE-2015-1546 at NVDCVE-2015-6908 at SUSECVE-2015-6908 at NVDCVE-2017-17740 at SUSECVE-2017-17740 at NVDCVE-2019-13057 at SUSECVE-2019-13057 at NVDCVE-2019-13565 at SUSECVE-2019-13565 at NVDCVE-2020-8027 at SUSECVE-2020-8027 at NVDCVE-2022-31253 at SUSECVE-2022-31253 at NVDCVE-2023-2953 at SUSECVE-2023-2953 at NVDcpe:/o:suse:sl-micro:6.1libldb2-2.9.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libldb2-2.9.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-3223 at SUSECVE-2015-3223 at NVDCVE-2015-5330 at SUSECVE-2015-5330 at NVDCVE-2018-1140 at SUSECVE-2018-1140 at NVDCVE-2019-3824 at SUSECVE-2019-3824 at NVDCVE-2020-10700 at SUSECVE-2020-10700 at NVDCVE-2020-10730 at SUSECVE-2020-10730 at NVDCVE-2020-27840 at SUSECVE-2020-27840 at NVDCVE-2021-20277 at SUSECVE-2021-20277 at NVDCVE-2021-3670 at SUSECVE-2021-3670 at NVDCVE-2022-32746 at SUSECVE-2022-32746 at NVDCVE-2023-0614 at SUSECVE-2023-0614 at NVDcpe:/o:suse:sl-micro:6.1libltdl7-2.4.7-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libltdl7-2.4.7-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-3736 at SUSECVE-2009-3736 at NVDcpe:/o:suse:sl-micro:6.1liblua5_4-5-5.4.6-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the liblua5_4-5-5.4.6-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-15888 at SUSECVE-2020-15888 at NVDCVE-2020-15945 at SUSECVE-2020-15945 at NVDCVE-2020-24342 at SUSECVE-2020-24342 at NVDCVE-2020-24369 at SUSECVE-2020-24369 at NVDCVE-2020-24370 at SUSECVE-2020-24370 at NVDCVE-2020-24371 at SUSECVE-2020-24371 at NVDCVE-2021-43519 at SUSECVE-2021-43519 at NVDCVE-2021-44647 at SUSECVE-2021-44647 at NVDCVE-2022-33099 at SUSECVE-2022-33099 at NVDcpe:/o:suse:sl-micro:6.1liblz4-1-1.9.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the liblz4-1-1.9.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-17543 at SUSECVE-2019-17543 at NVDCVE-2021-3520 at SUSECVE-2021-3520 at NVDcpe:/o:suse:sl-micro:6.1liblzma5-5.4.3-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the liblzma5-5.4.3-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-1271 at SUSECVE-2022-1271 at NVDcpe:/o:suse:sl-micro:6.1liblzo2-2-2.10-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the liblzo2-2-2.10-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-4607 at SUSECVE-2014-4607 at NVDcpe:/o:suse:sl-micro:6.1libmicrohttpd12-0.9.77-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libmicrohttpd12-0.9.77-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-7038 at SUSECVE-2013-7038 at NVDCVE-2013-7039 at SUSECVE-2013-7039 at NVDCVE-2023-27371 at SUSECVE-2023-27371 at NVDcpe:/o:suse:sl-micro:6.1libmpfr6-4.2.1-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libmpfr6-4.2.1-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-9474 at SUSECVE-2014-9474 at NVDcpe:/o:suse:sl-micro:6.1libmspack0-0.11-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libmspack0-0.11-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2010-2800 at SUSECVE-2010-2800 at NVDCVE-2010-2801 at SUSECVE-2010-2801 at NVDCVE-2014-9556 at SUSECVE-2014-9556 at NVDCVE-2017-11423 at SUSECVE-2017-11423 at NVDCVE-2017-6419 at SUSECVE-2017-6419 at NVDCVE-2018-14679 at SUSECVE-2018-14679 at NVDCVE-2018-14680 at SUSECVE-2018-14680 at NVDCVE-2018-14681 at SUSECVE-2018-14681 at NVDCVE-2018-14682 at SUSECVE-2018-14682 at NVDcpe:/o:suse:sl-micro:6.1libncurses6-6.4.20240224-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libncurses6-6.4.20240224-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-29458 at SUSECVE-2022-29458 at NVDcpe:/o:suse:sl-micro:6.1libndp0-1.8-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libndp0-1.8-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-3698 at SUSECVE-2016-3698 at NVDCVE-2024-5564 at SUSECVE-2024-5564 at NVDcpe:/o:suse:sl-micro:6.1libnewt0_52-0.52.23-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libnewt0_52-0.52.23-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-2905 at SUSECVE-2009-2905 at NVDcpe:/o:suse:sl-micro:6.1libnfsidmap1-1.0-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libnfsidmap1-1.0-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-3689 at SUSECVE-2019-3689 at NVDcpe:/o:suse:sl-micro:6.1libnghttp2-14-1.52.0-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libnghttp2-14-1.52.0-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-1544 at SUSECVE-2016-1544 at NVDCVE-2018-1000168 at SUSECVE-2018-1000168 at NVDCVE-2019-9511 at SUSECVE-2019-9511 at NVDCVE-2019-9513 at SUSECVE-2019-9513 at NVDCVE-2020-11080 at SUSECVE-2020-11080 at NVDCVE-2023-35945 at SUSECVE-2023-35945 at NVDCVE-2024-28182 at SUSECVE-2024-28182 at NVDcpe:/o:suse:sl-micro:6.1liboath0-2.6.11.12-slfo.1.1_2.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the liboath0-2.6.11.12-slfo.1.1_2.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-7322 at SUSECVE-2013-7322 at NVDCVE-2024-47191 at SUSECVE-2024-47191 at NVDcpe:/o:suse:sl-micro:6.1libonig5-6.9.8-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libonig5-6.9.8-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-13224 at SUSECVE-2019-13224 at NVDCVE-2019-13225 at SUSECVE-2019-13225 at NVDCVE-2019-19012 at SUSECVE-2019-19012 at NVDCVE-2019-19203 at SUSECVE-2019-19203 at NVDCVE-2019-19204 at SUSECVE-2019-19204 at NVDCVE-2019-19246 at SUSECVE-2019-19246 at NVDCVE-2020-26159 at SUSECVE-2020-26159 at NVDcpe:/o:suse:sl-micro:6.1libopenssl-3-devel-3.1.4-slfo.1.1_3.10 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libopenssl-3-devel-3.1.4-slfo.1.1_3.10 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-1971 at SUSECVE-2020-1971 at NVDCVE-2021-4044 at SUSECVE-2021-4044 at NVDCVE-2022-0778 at SUSECVE-2022-0778 at NVDCVE-2022-1292 at SUSECVE-2022-1292 at NVDCVE-2022-1343 at SUSECVE-2022-1343 at NVDCVE-2022-1434 at SUSECVE-2022-1434 at NVDCVE-2022-1473 at SUSECVE-2022-1473 at NVDCVE-2022-2068 at SUSECVE-2022-2068 at NVDCVE-2022-2097 at SUSECVE-2022-2097 at NVDCVE-2022-2274 at SUSECVE-2022-2274 at NVDCVE-2022-3358 at SUSECVE-2022-3358 at NVDCVE-2022-3602 at SUSECVE-2022-3602 at NVDCVE-2022-3786 at SUSECVE-2022-3786 at NVDCVE-2022-3996 at SUSECVE-2022-3996 at NVDCVE-2022-4203 at SUSECVE-2022-4203 at NVDCVE-2022-4304 at SUSECVE-2022-4304 at NVDCVE-2022-4450 at SUSECVE-2022-4450 at NVDCVE-2023-0215 at SUSECVE-2023-0215 at NVDCVE-2023-0216 at SUSECVE-2023-0216 at NVDCVE-2023-0217 at SUSECVE-2023-0217 at NVDCVE-2023-0286 at SUSECVE-2023-0286 at NVDCVE-2023-0401 at SUSECVE-2023-0401 at NVDCVE-2023-0464 at SUSECVE-2023-0464 at NVDCVE-2023-0465 at SUSECVE-2023-0465 at NVDCVE-2023-0466 at SUSECVE-2023-0466 at NVDCVE-2023-1255 at SUSECVE-2023-1255 at NVDCVE-2023-2650 at SUSECVE-2023-2650 at NVDCVE-2023-2975 at SUSECVE-2023-2975 at NVDCVE-2023-3446 at SUSECVE-2023-3446 at NVDCVE-2023-3817 at SUSECVE-2023-3817 at NVDCVE-2023-4807 at SUSECVE-2023-4807 at NVDCVE-2023-5363 at SUSECVE-2023-5363 at NVDCVE-2023-5678 at SUSECVE-2023-5678 at NVDCVE-2023-6129 at SUSECVE-2023-6129 at NVDCVE-2023-6237 at SUSECVE-2023-6237 at NVDCVE-2024-0727 at SUSECVE-2024-0727 at NVDCVE-2024-2511 at SUSECVE-2024-2511 at NVDCVE-2024-41996 at SUSECVE-2024-41996 at NVDCVE-2024-4603 at SUSECVE-2024-4603 at NVDCVE-2024-4741 at SUSECVE-2024-4741 at NVDCVE-2024-5535 at SUSECVE-2024-5535 at NVDCVE-2024-6119 at SUSECVE-2024-6119 at NVDcpe:/o:suse:sl-micro:6.1libopenssl-devel-3.1.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libopenssl-devel-3.1.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-2937 at SUSECVE-2006-2937 at NVDCVE-2006-2940 at SUSECVE-2006-2940 at NVDCVE-2006-3738 at SUSECVE-2006-3738 at NVDCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2006-4343 at SUSECVE-2006-4343 at NVDCVE-2006-7250 at SUSECVE-2006-7250 at NVDCVE-2007-3108 at SUSECVE-2007-3108 at NVDCVE-2007-4995 at SUSECVE-2007-4995 at NVDCVE-2007-5135 at SUSECVE-2007-5135 at NVDCVE-2008-0891 at SUSECVE-2008-0891 at NVDCVE-2008-1672 at SUSECVE-2008-1672 at NVDCVE-2008-5077 at SUSECVE-2008-5077 at NVDCVE-2009-0590 at SUSECVE-2009-0590 at NVDCVE-2009-0591 at SUSECVE-2009-0591 at NVDCVE-2009-0789 at SUSECVE-2009-0789 at NVDCVE-2009-1377 at SUSECVE-2009-1377 at NVDCVE-2009-1378 at SUSECVE-2009-1378 at NVDCVE-2009-1379 at SUSECVE-2009-1379 at NVDCVE-2009-1386 at SUSECVE-2009-1386 at NVDCVE-2009-1387 at SUSECVE-2009-1387 at NVDCVE-2010-0740 at SUSECVE-2010-0740 at NVDCVE-2010-0742 at SUSECVE-2010-0742 at NVDCVE-2010-1633 at SUSECVE-2010-1633 at NVDCVE-2010-2939 at SUSECVE-2010-2939 at NVDCVE-2010-3864 at SUSECVE-2010-3864 at NVDCVE-2010-5298 at SUSECVE-2010-5298 at NVDCVE-2011-0014 at SUSECVE-2011-0014 at NVDCVE-2011-3207 at SUSECVE-2011-3207 at NVDCVE-2011-3210 at SUSECVE-2011-3210 at NVDCVE-2011-4108 at SUSECVE-2011-4108 at NVDCVE-2011-4576 at SUSECVE-2011-4576 at NVDCVE-2011-4577 at SUSECVE-2011-4577 at NVDCVE-2011-4619 at SUSECVE-2011-4619 at NVDCVE-2012-0027 at SUSECVE-2012-0027 at NVDCVE-2012-0050 at SUSECVE-2012-0050 at NVDCVE-2012-0884 at SUSECVE-2012-0884 at NVDCVE-2012-1165 at SUSECVE-2012-1165 at NVDCVE-2012-2110 at SUSECVE-2012-2110 at NVDCVE-2012-2686 at SUSECVE-2012-2686 at NVDCVE-2012-4929 at SUSECVE-2012-4929 at NVDCVE-2013-0166 at SUSECVE-2013-0166 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2013-4353 at SUSECVE-2013-4353 at NVDCVE-2013-6449 at SUSECVE-2013-6449 at NVDCVE-2013-6450 at SUSECVE-2013-6450 at NVDCVE-2014-0076 at SUSECVE-2014-0076 at NVDCVE-2014-0160 at SUSECVE-2014-0160 at NVDCVE-2014-0195 at SUSECVE-2014-0195 at NVDCVE-2014-0198 at SUSECVE-2014-0198 at NVDCVE-2014-0221 at SUSECVE-2014-0221 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2014-3470 at SUSECVE-2014-3470 at NVDCVE-2014-3505 at SUSECVE-2014-3505 at NVDCVE-2014-3506 at SUSECVE-2014-3506 at NVDCVE-2014-3507 at SUSECVE-2014-3507 at NVDCVE-2014-3508 at SUSECVE-2014-3508 at NVDCVE-2014-3509 at SUSECVE-2014-3509 at NVDCVE-2014-3510 at SUSECVE-2014-3510 at NVDCVE-2014-3511 at SUSECVE-2014-3511 at NVDCVE-2014-3512 at SUSECVE-2014-3512 at NVDCVE-2014-3513 at SUSECVE-2014-3513 at NVDCVE-2014-3567 at SUSECVE-2014-3567 at NVDCVE-2014-3568 at SUSECVE-2014-3568 at NVDCVE-2014-3569 at SUSECVE-2014-3569 at NVDCVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3571 at SUSECVE-2014-3571 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-5139 at SUSECVE-2014-5139 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0206 at SUSECVE-2015-0206 at NVDCVE-2015-0209 at SUSECVE-2015-0209 at NVDCVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0287 at SUSECVE-2015-0287 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-0289 at SUSECVE-2015-0289 at NVDCVE-2015-0293 at SUSECVE-2015-0293 at NVDCVE-2015-1788 at SUSECVE-2015-1788 at NVDCVE-2015-1789 at SUSECVE-2015-1789 at NVDCVE-2015-1790 at SUSECVE-2015-1790 at NVDCVE-2015-1791 at SUSECVE-2015-1791 at NVDCVE-2015-1792 at SUSECVE-2015-1792 at NVDCVE-2015-1793 at SUSECVE-2015-1793 at NVDCVE-2015-1794 at SUSECVE-2015-1794 at NVDCVE-2015-3193 at SUSECVE-2015-3193 at NVDCVE-2015-3194 at SUSECVE-2015-3194 at NVDCVE-2015-3195 at SUSECVE-2015-3195 at NVDCVE-2015-3196 at SUSECVE-2015-3196 at NVDCVE-2015-3197 at SUSECVE-2015-3197 at NVDCVE-2016-0701 at SUSECVE-2016-0701 at NVDCVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-0705 at SUSECVE-2016-0705 at NVDCVE-2016-0797 at SUSECVE-2016-0797 at NVDCVE-2016-0798 at SUSECVE-2016-0798 at NVDCVE-2016-0800 at SUSECVE-2016-0800 at NVDCVE-2016-2105 at SUSECVE-2016-2105 at NVDCVE-2016-2106 at SUSECVE-2016-2106 at NVDCVE-2016-2107 at SUSECVE-2016-2107 at NVDCVE-2016-2109 at SUSECVE-2016-2109 at NVDCVE-2016-2176 at SUSECVE-2016-2176 at NVDCVE-2016-2177 at SUSECVE-2016-2177 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2179 at SUSECVE-2016-2179 at NVDCVE-2016-2180 at SUSECVE-2016-2180 at NVDCVE-2016-2181 at SUSECVE-2016-2181 at NVDCVE-2016-2182 at SUSECVE-2016-2182 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-6302 at SUSECVE-2016-6302 at NVDCVE-2016-6303 at SUSECVE-2016-6303 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDCVE-2016-7052 at SUSECVE-2016-7052 at NVDCVE-2016-7055 at SUSECVE-2016-7055 at NVDCVE-2016-7056 at SUSECVE-2016-7056 at NVDCVE-2017-3731 at SUSECVE-2017-3731 at NVDCVE-2017-3732 at SUSECVE-2017-3732 at NVDcpe:/o:suse:sl-micro:6.1libopenvswitch-3_1-0-3.1.0-slfo.1.1_1.6 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libopenvswitch-3_1-0-3.1.0-slfo.1.1_1.6 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-3449 at SUSECVE-2012-3449 at NVDCVE-2020-27827 at SUSECVE-2020-27827 at NVDCVE-2020-35498 at SUSECVE-2020-35498 at NVDCVE-2021-36980 at SUSECVE-2021-36980 at NVDCVE-2022-4337 at SUSECVE-2022-4337 at NVDCVE-2022-4338 at SUSECVE-2022-4338 at NVDCVE-2023-1668 at SUSECVE-2023-1668 at NVDCVE-2023-3152 at SUSECVE-2023-3152 at NVDCVE-2023-3153 at SUSECVE-2023-3153 at NVDcpe:/o:suse:sl-micro:6.1libopus0-1.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libopus0-1.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-0381 at SUSECVE-2017-0381 at NVDcpe:/o:suse:sl-micro:6.1liborc-0_4-0-0.4.34-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the liborc-0_4-0-0.4.34-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2024-40897 at SUSECVE-2024-40897 at NVDcpe:/o:suse:sl-micro:6.1libosinfo-1.11.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libosinfo-1.11.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-13313 at SUSECVE-2019-13313 at NVDcpe:/o:suse:sl-micro:6.1libp11-kit0-0.25.3-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libp11-kit0-0.25.3-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-29361 at SUSECVE-2020-29361 at NVDCVE-2020-29362 at SUSECVE-2020-29362 at NVDCVE-2020-29363 at SUSECVE-2020-29363 at NVDcpe:/o:suse:sl-micro:6.1libpango-1_0-0-1.50.14-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libpango-1_0-0-1.50.14-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2011-0020 at SUSECVE-2011-0020 at NVDCVE-2011-0064 at SUSECVE-2011-0064 at NVDCVE-2018-15120 at SUSECVE-2018-15120 at NVDcpe:/o:suse:sl-micro:6.1libpcap1-1.10.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libpcap1-1.10.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-16301 at SUSECVE-2018-16301 at NVDCVE-2019-15161 at SUSECVE-2019-15161 at NVDCVE-2019-15162 at SUSECVE-2019-15162 at NVDCVE-2019-15163 at SUSECVE-2019-15163 at NVDCVE-2019-15164 at SUSECVE-2019-15164 at NVDCVE-2019-15165 at SUSECVE-2019-15165 at NVDcpe:/o:suse:sl-micro:6.1libpcp3-6.2.0-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libpcp3-6.2.0-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-3418 at SUSECVE-2012-3418 at NVDCVE-2012-3419 at SUSECVE-2012-3419 at NVDCVE-2012-3420 at SUSECVE-2012-3420 at NVDCVE-2012-3421 at SUSECVE-2012-3421 at NVDCVE-2012-5530 at SUSECVE-2012-5530 at NVDCVE-2019-3695 at SUSECVE-2019-3695 at NVDCVE-2019-3696 at SUSECVE-2019-3696 at NVDcpe:/o:suse:sl-micro:6.1libpcre1-8.45-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libpcre1-8.45-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-8964 at SUSECVE-2014-8964 at NVDCVE-2015-2325 at SUSECVE-2015-2325 at NVDCVE-2015-2326 at SUSECVE-2015-2326 at NVDCVE-2015-3217 at SUSECVE-2015-3217 at NVDCVE-2016-1283 at SUSECVE-2016-1283 at NVDCVE-2016-3191 at SUSECVE-2016-3191 at NVDCVE-2017-6004 at SUSECVE-2017-6004 at NVDCVE-2017-7186 at SUSECVE-2017-7186 at NVDCVE-2017-7244 at SUSECVE-2017-7244 at NVDCVE-2017-7245 at SUSECVE-2017-7245 at NVDCVE-2017-7246 at SUSECVE-2017-7246 at NVDcpe:/o:suse:sl-micro:6.1libpcre2-8-0-10.42-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libpcre2-8-0-10.42-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-8964 at SUSECVE-2014-8964 at NVDCVE-2015-2325 at SUSECVE-2015-2325 at NVDCVE-2015-2326 at SUSECVE-2015-2326 at NVDCVE-2016-3191 at SUSECVE-2016-3191 at NVDCVE-2017-7186 at SUSECVE-2017-7186 at NVDCVE-2017-8786 at SUSECVE-2017-8786 at NVDcpe:/o:suse:sl-micro:6.1libpcsclite1-2.0.1-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libpcsclite1-2.0.1-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2010-0407 at SUSECVE-2010-0407 at NVDCVE-2010-4531 at SUSECVE-2010-4531 at NVDCVE-2016-10109 at SUSECVE-2016-10109 at NVDcpe:/o:suse:sl-micro:6.1libpixman-1-0-0.42.2-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libpixman-1-0-0.42.2-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-44638 at SUSECVE-2022-44638 at NVDcpe:/o:suse:sl-micro:6.1libpkgconf3-1.8.0-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libpkgconf3-1.8.0-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-1000221 at SUSECVE-2018-1000221 at NVDCVE-2023-24056 at SUSECVE-2023-24056 at NVDcpe:/o:suse:sl-micro:6.1libpng16-16-1.6.43-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libpng16-16-1.6.43-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-5793 at SUSECVE-2006-5793 at NVDCVE-2008-3964 at SUSECVE-2008-3964 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2011-2501 at SUSECVE-2011-2501 at NVDCVE-2011-2690 at SUSECVE-2011-2690 at NVDCVE-2011-2691 at SUSECVE-2011-2691 at NVDCVE-2011-2692 at SUSECVE-2011-2692 at NVDCVE-2011-3328 at SUSECVE-2011-3328 at NVDCVE-2013-6954 at SUSECVE-2013-6954 at NVDCVE-2014-0333 at SUSECVE-2014-0333 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDCVE-2016-10087 at SUSECVE-2016-10087 at NVDCVE-2016-5735 at SUSECVE-2016-5735 at NVDCVE-2017-12652 at SUSECVE-2017-12652 at NVDCVE-2018-13785 at SUSECVE-2018-13785 at NVDCVE-2018-14048 at SUSECVE-2018-14048 at NVDCVE-2018-14550 at SUSECVE-2018-14550 at NVDCVE-2019-6129 at SUSECVE-2019-6129 at NVDCVE-2019-7317 at SUSECVE-2019-7317 at NVDcpe:/o:suse:sl-micro:6.1libpolkit-agent-1-0-121-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libpolkit-agent-1-0-121-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2010-0750 at SUSECVE-2010-0750 at NVDCVE-2011-1485 at SUSECVE-2011-1485 at NVDCVE-2013-4288 at SUSECVE-2013-4288 at NVDCVE-2015-3218 at SUSECVE-2015-3218 at NVDCVE-2015-3255 at SUSECVE-2015-3255 at NVDCVE-2015-3256 at SUSECVE-2015-3256 at NVDCVE-2015-4625 at SUSECVE-2015-4625 at NVDCVE-2018-1116 at SUSECVE-2018-1116 at NVDCVE-2018-19788 at SUSECVE-2018-19788 at NVDCVE-2019-6133 at SUSECVE-2019-6133 at NVDCVE-2021-3560 at SUSECVE-2021-3560 at NVDCVE-2021-4034 at SUSECVE-2021-4034 at NVDCVE-2021-4115 at SUSECVE-2021-4115 at NVDcpe:/o:suse:sl-micro:6.1libprocps8-3.3.17-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libprocps8-3.3.17-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-1122 at SUSECVE-2018-1122 at NVDCVE-2018-1123 at SUSECVE-2018-1123 at NVDCVE-2018-1124 at SUSECVE-2018-1124 at NVDCVE-2018-1125 at SUSECVE-2018-1125 at NVDCVE-2018-1126 at SUSECVE-2018-1126 at NVDCVE-2023-4016 at SUSECVE-2023-4016 at NVDcpe:/o:suse:sl-micro:6.1libprotobuf-c1-1.5.0-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libprotobuf-c1-1.5.0-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-33070 at SUSECVE-2022-33070 at NVDCVE-2022-48468 at SUSECVE-2022-48468 at NVDcpe:/o:suse:sl-micro:6.1libproxy1-0.4.18-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libproxy1-0.4.18-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-4504 at SUSECVE-2012-4504 at NVDCVE-2020-25219 at SUSECVE-2020-25219 at NVDCVE-2020-26154 at SUSECVE-2020-26154 at NVDcpe:/o:suse:sl-micro:6.1libpython3_11-1_0-3.11.8-slfo.1.1_3.12 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libpython3_11-1_0-3.11.8-slfo.1.1_3.12 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-4559 at SUSECVE-2007-4559 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2011-4944 at SUSECVE-2011-4944 at NVDCVE-2012-0845 at SUSECVE-2012-0845 at NVDCVE-2012-1150 at SUSECVE-2012-1150 at NVDCVE-2013-1752 at SUSECVE-2013-1752 at NVDCVE-2013-4238 at SUSECVE-2013-4238 at NVDCVE-2014-2667 at SUSECVE-2014-2667 at NVDCVE-2014-4650 at SUSECVE-2014-4650 at NVDCVE-2019-20907 at SUSECVE-2019-20907 at NVDCVE-2019-5010 at SUSECVE-2019-5010 at NVDCVE-2019-9947 at SUSECVE-2019-9947 at NVDCVE-2020-10735 at SUSECVE-2020-10735 at NVDCVE-2020-15523 at SUSECVE-2020-15523 at NVDCVE-2020-15801 at SUSECVE-2020-15801 at NVDCVE-2020-8492 at SUSECVE-2020-8492 at NVDCVE-2021-23336 at SUSECVE-2021-23336 at NVDCVE-2021-3177 at SUSECVE-2021-3177 at NVDCVE-2021-3426 at SUSECVE-2021-3426 at NVDCVE-2022-25236 at SUSECVE-2022-25236 at NVDCVE-2022-42919 at SUSECVE-2022-42919 at NVDCVE-2022-4303 at SUSECVE-2022-4303 at NVDCVE-2022-45061 at SUSECVE-2022-45061 at NVDCVE-2023-0286 at SUSECVE-2023-0286 at NVDCVE-2023-0464 at SUSECVE-2023-0464 at NVDCVE-2023-0465 at SUSECVE-2023-0465 at NVDCVE-2023-0466 at SUSECVE-2023-0466 at NVDCVE-2023-24329 at SUSECVE-2023-24329 at NVDCVE-2023-2650 at SUSECVE-2023-2650 at NVDCVE-2023-27043 at SUSECVE-2023-27043 at NVDCVE-2023-40217 at SUSECVE-2023-40217 at NVDCVE-2023-41105 at SUSECVE-2023-41105 at NVDCVE-2023-52425 at SUSECVE-2023-52425 at NVDCVE-2023-6597 at SUSECVE-2023-6597 at NVDCVE-2024-0397 at SUSECVE-2024-0397 at NVDCVE-2024-0450 at SUSECVE-2024-0450 at NVDCVE-2024-4032 at SUSECVE-2024-4032 at NVDCVE-2024-6232 at SUSECVE-2024-6232 at NVDCVE-2024-6923 at SUSECVE-2024-6923 at NVDCVE-2024-7592 at SUSECVE-2024-7592 at NVDCVE-2024-8088 at SUSECVE-2024-8088 at NVDcpe:/o:suse:sl-micro:6.1libqb100-2.0.8+20230721.002171b-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libqb100-2.0.8+20230721.002171b-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-12779 at SUSECVE-2019-12779 at NVDCVE-2023-39976 at SUSECVE-2023-39976 at NVDcpe:/o:suse:sl-micro:6.1librados2-16.2.14.66+g7aa6ce9419f-slfo.1.1_1.6 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the librados2-16.2.14.66+g7aa6ce9419f-slfo.1.1_1.6 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-16818 at SUSECVE-2017-16818 at NVDCVE-2018-10861 at SUSECVE-2018-10861 at NVDCVE-2018-1128 at SUSECVE-2018-1128 at NVDCVE-2018-1129 at SUSECVE-2018-1129 at NVDCVE-2018-16889 at SUSECVE-2018-16889 at NVDCVE-2019-10222 at SUSECVE-2019-10222 at NVDCVE-2019-3821 at SUSECVE-2019-3821 at NVDCVE-2020-10736 at SUSECVE-2020-10736 at NVDCVE-2020-1759 at SUSECVE-2020-1759 at NVDCVE-2020-1760 at SUSECVE-2020-1760 at NVDCVE-2020-25660 at SUSECVE-2020-25660 at NVDCVE-2020-25678 at SUSECVE-2020-25678 at NVDCVE-2020-27781 at SUSECVE-2020-27781 at NVDCVE-2020-27839 at SUSECVE-2020-27839 at NVDCVE-2021-20288 at SUSECVE-2021-20288 at NVDCVE-2021-3509 at SUSECVE-2021-3509 at NVDCVE-2021-3524 at SUSECVE-2021-3524 at NVDCVE-2021-3531 at SUSECVE-2021-3531 at NVDCVE-2021-3979 at SUSECVE-2021-3979 at NVDCVE-2022-0670 at SUSECVE-2022-0670 at NVDCVE-2022-3650 at SUSECVE-2022-3650 at NVDCVE-2022-3854 at SUSECVE-2022-3854 at NVDcpe:/o:suse:sl-micro:6.1librpmbuild9-4.18.0-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the librpmbuild9-4.18.0-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-7500 at SUSECVE-2017-7500 at NVDCVE-2021-20266 at SUSECVE-2021-20266 at NVDCVE-2021-20271 at SUSECVE-2021-20271 at NVDCVE-2021-3421 at SUSECVE-2021-3421 at NVDCVE-2021-3521 at SUSECVE-2021-3521 at NVDCVE-2021-35938 at SUSECVE-2021-35938 at NVDCVE-2021-35939 at SUSECVE-2021-35939 at NVDcpe:/o:suse:sl-micro:6.1libseccomp2-2.5.4-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libseccomp2-2.5.4-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-9893 at SUSECVE-2019-9893 at NVDcpe:/o:suse:sl-micro:6.1libsepol2-3.5-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libsepol2-3.5-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2021-36085 at SUSECVE-2021-36085 at NVDCVE-2021-36086 at SUSECVE-2021-36086 at NVDCVE-2021-36087 at SUSECVE-2021-36087 at NVDcpe:/o:suse:sl-micro:6.1libsha1detectcoll1-1.0.3-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libsha1detectcoll1-1.0.3-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2005-4900 at SUSECVE-2005-4900 at NVDcpe:/o:suse:sl-micro:6.1libslirp0-4.8.0+2-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libslirp0-4.8.0+2-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-10756 at SUSECVE-2020-10756 at NVDCVE-2020-1983 at SUSECVE-2020-1983 at NVDCVE-2021-3592 at SUSECVE-2021-3592 at NVDCVE-2021-3593 at SUSECVE-2021-3593 at NVDCVE-2021-3594 at SUSECVE-2021-3594 at NVDCVE-2021-3595 at SUSECVE-2021-3595 at NVDcpe:/o:suse:sl-micro:6.1libsnmp40-5.9.3-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libsnmp40-5.9.3-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2008-4309 at SUSECVE-2008-4309 at NVDCVE-2012-2141 at SUSECVE-2012-2141 at NVDCVE-2014-2284 at SUSECVE-2014-2284 at NVDCVE-2014-2285 at SUSECVE-2014-2285 at NVDCVE-2014-3565 at SUSECVE-2014-3565 at NVDCVE-2015-5621 at SUSECVE-2015-5621 at NVDCVE-2018-18065 at SUSECVE-2018-18065 at NVDCVE-2022-24805 at SUSECVE-2022-24805 at NVDCVE-2022-24806 at SUSECVE-2022-24806 at NVDCVE-2022-24807 at SUSECVE-2022-24807 at NVDCVE-2022-24808 at SUSECVE-2022-24808 at NVDCVE-2022-24809 at SUSECVE-2022-24809 at NVDCVE-2022-24810 at SUSECVE-2022-24810 at NVDCVE-2022-44792 at SUSECVE-2022-44792 at NVDCVE-2022-44793 at SUSECVE-2022-44793 at NVDcpe:/o:suse:sl-micro:6.1libsolv-tools-base-0.7.30-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libsolv-tools-base-0.7.30-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-20532 at SUSECVE-2018-20532 at NVDCVE-2018-20533 at SUSECVE-2018-20533 at NVDCVE-2018-20534 at SUSECVE-2018-20534 at NVDcpe:/o:suse:sl-micro:6.1libsoup-3_0-0-3.4.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libsoup-3_0-0-3.4.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-5876 at SUSECVE-2006-5876 at NVDCVE-2011-2054 at SUSECVE-2011-2054 at NVDCVE-2017-2885 at SUSECVE-2017-2885 at NVDCVE-2018-12910 at SUSECVE-2018-12910 at NVDcpe:/o:suse:sl-micro:6.1libspice-server1-0.15.1-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libspice-server1-0.15.1-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-4282 at SUSECVE-2013-4282 at NVDCVE-2015-3247 at SUSECVE-2015-3247 at NVDCVE-2015-5260 at SUSECVE-2015-5260 at NVDCVE-2015-5261 at SUSECVE-2015-5261 at NVDCVE-2016-0749 at SUSECVE-2016-0749 at NVDCVE-2016-2150 at SUSECVE-2016-2150 at NVDCVE-2016-9577 at SUSECVE-2016-9577 at NVDCVE-2016-9578 at SUSECVE-2016-9578 at NVDCVE-2018-10873 at SUSECVE-2018-10873 at NVDCVE-2018-10893 at SUSECVE-2018-10893 at NVDCVE-2019-3813 at SUSECVE-2019-3813 at NVDCVE-2020-14355 at SUSECVE-2020-14355 at NVDcpe:/o:suse:sl-micro:6.1libsqlite3-0-3.44.2-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libsqlite3-0-3.44.2-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-8740 at SUSECVE-2018-8740 at NVDCVE-2019-16168 at SUSECVE-2019-16168 at NVDCVE-2019-9936 at SUSECVE-2019-9936 at NVDCVE-2019-9937 at SUSECVE-2019-9937 at NVDCVE-2020-13434 at SUSECVE-2020-13434 at NVDCVE-2020-13435 at SUSECVE-2020-13435 at NVDCVE-2020-13630 at SUSECVE-2020-13630 at NVDCVE-2020-13631 at SUSECVE-2020-13631 at NVDCVE-2020-13632 at SUSECVE-2020-13632 at NVDCVE-2020-13871 at SUSECVE-2020-13871 at NVDCVE-2021-36690 at SUSECVE-2021-36690 at NVDCVE-2022-35737 at SUSECVE-2022-35737 at NVDCVE-2022-46908 at SUSECVE-2022-46908 at NVDcpe:/o:suse:sl-micro:6.1libssh-config-0.10.6-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libssh-config-0.10.6-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-4559 at SUSECVE-2012-4559 at NVDCVE-2012-4560 at SUSECVE-2012-4560 at NVDCVE-2012-4561 at SUSECVE-2012-4561 at NVDCVE-2013-0176 at SUSECVE-2013-0176 at NVDCVE-2014-0017 at SUSECVE-2014-0017 at NVDCVE-2014-8132 at SUSECVE-2014-8132 at NVDCVE-2015-3146 at SUSECVE-2015-3146 at NVDCVE-2018-10933 at SUSECVE-2018-10933 at NVDCVE-2019-14889 at SUSECVE-2019-14889 at NVDCVE-2020-16135 at SUSECVE-2020-16135 at NVDCVE-2020-1730 at SUSECVE-2020-1730 at NVDCVE-2021-3634 at SUSECVE-2021-3634 at NVDCVE-2023-1667 at SUSECVE-2023-1667 at NVDCVE-2023-2283 at SUSECVE-2023-2283 at NVDCVE-2023-48795 at SUSECVE-2023-48795 at NVDCVE-2023-6004 at SUSECVE-2023-6004 at NVDCVE-2023-6918 at SUSECVE-2023-6918 at NVDcpe:/o:suse:sl-micro:6.1libssh2-1-1.11.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libssh2-1-1.11.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-1782 at SUSECVE-2015-1782 at NVDCVE-2016-0787 at SUSECVE-2016-0787 at NVDCVE-2019-17498 at SUSECVE-2019-17498 at NVDCVE-2019-3855 at SUSECVE-2019-3855 at NVDCVE-2019-3856 at SUSECVE-2019-3856 at NVDCVE-2019-3857 at SUSECVE-2019-3857 at NVDCVE-2019-3858 at SUSECVE-2019-3858 at NVDCVE-2019-3859 at SUSECVE-2019-3859 at NVDCVE-2019-3860 at SUSECVE-2019-3860 at NVDCVE-2019-3861 at SUSECVE-2019-3861 at NVDCVE-2019-3862 at SUSECVE-2019-3862 at NVDCVE-2019-3863 at SUSECVE-2019-3863 at NVDCVE-2023-48795 at SUSECVE-2023-48795 at NVDcpe:/o:suse:sl-micro:6.1libsss_certmap0-2.9.5-slfo.1.1_1.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libsss_certmap0-2.9.5-slfo.1.1_1.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2010-4341 at SUSECVE-2010-4341 at NVDCVE-2011-1758 at SUSECVE-2011-1758 at NVDCVE-2013-0219 at SUSECVE-2013-0219 at NVDCVE-2013-0220 at SUSECVE-2013-0220 at NVDCVE-2013-0287 at SUSECVE-2013-0287 at NVDCVE-2014-0249 at SUSECVE-2014-0249 at NVDCVE-2017-12173 at SUSECVE-2017-12173 at NVDCVE-2018-10852 at SUSECVE-2018-10852 at NVDCVE-2018-16838 at SUSECVE-2018-16838 at NVDCVE-2019-3811 at SUSECVE-2019-3811 at NVDCVE-2021-3621 at SUSECVE-2021-3621 at NVDcpe:/o:suse:sl-micro:6.1libsubid4-4.15.1-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libsubid4-4.15.1-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-4235 at SUSECVE-2013-4235 at NVDCVE-2018-7169 at SUSECVE-2018-7169 at NVDCVE-2023-29383 at SUSECVE-2023-29383 at NVDcpe:/o:suse:sl-micro:6.1libsystemd0-254.19-slfo.1.1_1.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libsystemd0-254.19-slfo.1.1_1.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-1174 at SUSECVE-2012-1174 at NVDCVE-2013-4288 at SUSECVE-2013-4288 at NVDCVE-2015-7510 at SUSECVE-2015-7510 at NVDCVE-2016-10156 at SUSECVE-2016-10156 at NVDCVE-2017-15908 at SUSECVE-2017-15908 at NVDCVE-2017-18078 at SUSECVE-2017-18078 at NVDCVE-2017-9445 at SUSECVE-2017-9445 at NVDCVE-2018-15686 at SUSECVE-2018-15686 at NVDCVE-2018-15687 at SUSECVE-2018-15687 at NVDCVE-2018-15688 at SUSECVE-2018-15688 at NVDCVE-2018-16864 at SUSECVE-2018-16864 at NVDCVE-2018-16865 at SUSECVE-2018-16865 at NVDCVE-2018-21029 at SUSECVE-2018-21029 at NVDCVE-2018-6954 at SUSECVE-2018-6954 at NVDCVE-2019-20386 at SUSECVE-2019-20386 at NVDCVE-2019-3842 at SUSECVE-2019-3842 at NVDCVE-2019-3843 at SUSECVE-2019-3843 at NVDCVE-2019-3844 at SUSECVE-2019-3844 at NVDCVE-2019-6454 at SUSECVE-2019-6454 at NVDCVE-2020-13529 at SUSECVE-2020-13529 at NVDCVE-2020-1712 at SUSECVE-2020-1712 at NVDCVE-2021-33910 at SUSECVE-2021-33910 at NVDCVE-2021-3997 at SUSECVE-2021-3997 at NVDCVE-2022-3821 at SUSECVE-2022-3821 at NVDCVE-2022-4415 at SUSECVE-2022-4415 at NVDCVE-2023-7008 at SUSECVE-2023-7008 at NVDcpe:/o:suse:sl-micro:6.1libtasn1-6-4.19.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libtasn1-6-4.19.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-3467 at SUSECVE-2014-3467 at NVDCVE-2014-3468 at SUSECVE-2014-3468 at NVDCVE-2014-3469 at SUSECVE-2014-3469 at NVDCVE-2015-2806 at SUSECVE-2015-2806 at NVDCVE-2015-3622 at SUSECVE-2015-3622 at NVDCVE-2016-4008 at SUSECVE-2016-4008 at NVDCVE-2018-1000654 at SUSECVE-2018-1000654 at NVDCVE-2018-6003 at SUSECVE-2018-6003 at NVDcpe:/o:suse:sl-micro:6.1libthai-data-0.1.29-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libthai-data-0.1.29-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-4012 at SUSECVE-2009-4012 at NVDcpe:/o:suse:sl-micro:6.1libtiff6-4.6.0-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libtiff6-4.6.0-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-0405 at SUSECVE-2006-0405 at NVDCVE-2006-2656 at SUSECVE-2006-2656 at NVDCVE-2008-1586 at SUSECVE-2008-1586 at NVDCVE-2008-2327 at SUSECVE-2008-2327 at NVDCVE-2009-2285 at SUSECVE-2009-2285 at NVDCVE-2009-2347 at SUSECVE-2009-2347 at NVDCVE-2010-2065 at SUSECVE-2010-2065 at NVDCVE-2010-2067 at SUSECVE-2010-2067 at NVDCVE-2010-2233 at SUSECVE-2010-2233 at NVDCVE-2010-4665 at SUSECVE-2010-4665 at NVDCVE-2011-0192 at SUSECVE-2011-0192 at NVDCVE-2011-1167 at SUSECVE-2011-1167 at NVDCVE-2012-1173 at SUSECVE-2012-1173 at NVDCVE-2012-2113 at SUSECVE-2012-2113 at NVDCVE-2012-3401 at SUSECVE-2012-3401 at NVDCVE-2012-4564 at SUSECVE-2012-4564 at NVDCVE-2013-1960 at SUSECVE-2013-1960 at NVDCVE-2013-1961 at SUSECVE-2013-1961 at NVDCVE-2013-4231 at SUSECVE-2013-4231 at NVDCVE-2013-4232 at SUSECVE-2013-4232 at NVDCVE-2013-4243 at SUSECVE-2013-4243 at NVDCVE-2013-4244 at SUSECVE-2013-4244 at NVDCVE-2014-8127 at SUSECVE-2014-8127 at NVDCVE-2014-8128 at SUSECVE-2014-8128 at NVDCVE-2014-8129 at SUSECVE-2014-8129 at NVDCVE-2014-8130 at SUSECVE-2014-8130 at NVDCVE-2014-9655 at SUSECVE-2014-9655 at NVDCVE-2015-1547 at SUSECVE-2015-1547 at NVDCVE-2015-7554 at SUSECVE-2015-7554 at NVDCVE-2015-8665 at SUSECVE-2015-8665 at NVDCVE-2015-8683 at SUSECVE-2015-8683 at NVDCVE-2015-8781 at SUSECVE-2015-8781 at NVDCVE-2015-8782 at SUSECVE-2015-8782 at NVDCVE-2015-8783 at SUSECVE-2015-8783 at NVDCVE-2016-10092 at SUSECVE-2016-10092 at NVDCVE-2016-10093 at SUSECVE-2016-10093 at NVDCVE-2016-10094 at SUSECVE-2016-10094 at NVDCVE-2016-10095 at SUSECVE-2016-10095 at NVDCVE-2016-10266 at SUSECVE-2016-10266 at NVDCVE-2016-10267 at SUSECVE-2016-10267 at NVDCVE-2016-10268 at SUSECVE-2016-10268 at NVDCVE-2016-10269 at SUSECVE-2016-10269 at NVDCVE-2016-10270 at SUSECVE-2016-10270 at NVDCVE-2016-10271 at SUSECVE-2016-10271 at NVDCVE-2016-10272 at SUSECVE-2016-10272 at NVDCVE-2016-10371 at SUSECVE-2016-10371 at NVDCVE-2016-3186 at SUSECVE-2016-3186 at NVDCVE-2016-3622 at SUSECVE-2016-3622 at NVDCVE-2016-3623 at SUSECVE-2016-3623 at NVDCVE-2016-3658 at SUSECVE-2016-3658 at NVDCVE-2016-3945 at SUSECVE-2016-3945 at NVDCVE-2016-3990 at SUSECVE-2016-3990 at NVDCVE-2016-3991 at SUSECVE-2016-3991 at NVDCVE-2016-5314 at SUSECVE-2016-5314 at NVDCVE-2016-5316 at SUSECVE-2016-5316 at NVDCVE-2016-5317 at SUSECVE-2016-5317 at NVDCVE-2016-5318 at SUSECVE-2016-5318 at NVDCVE-2016-5320 at SUSECVE-2016-5320 at NVDCVE-2016-5321 at SUSECVE-2016-5321 at NVDCVE-2016-5323 at SUSECVE-2016-5323 at NVDCVE-2016-5652 at SUSECVE-2016-5652 at NVDCVE-2016-5875 at SUSECVE-2016-5875 at NVDCVE-2016-6223 at SUSECVE-2016-6223 at NVDCVE-2016-9273 at SUSECVE-2016-9273 at NVDCVE-2016-9297 at SUSECVE-2016-9297 at NVDCVE-2016-9448 at SUSECVE-2016-9448 at NVDCVE-2016-9453 at SUSECVE-2016-9453 at NVDCVE-2016-9538 at SUSECVE-2016-9538 at NVDCVE-2017-11613 at SUSECVE-2017-11613 at NVDCVE-2017-12944 at SUSECVE-2017-12944 at NVDCVE-2017-16232 at SUSECVE-2017-16232 at NVDCVE-2017-17095 at SUSECVE-2017-17095 at NVDCVE-2017-18013 at SUSECVE-2017-18013 at NVDCVE-2017-5225 at SUSECVE-2017-5225 at NVDCVE-2017-7592 at SUSECVE-2017-7592 at NVDCVE-2017-7593 at SUSECVE-2017-7593 at NVDCVE-2017-7594 at SUSECVE-2017-7594 at NVDCVE-2017-7595 at SUSECVE-2017-7595 at NVDCVE-2017-7596 at SUSECVE-2017-7596 at NVDCVE-2017-7597 at SUSECVE-2017-7597 at NVDCVE-2017-7598 at SUSECVE-2017-7598 at NVDCVE-2017-7599 at SUSECVE-2017-7599 at NVDCVE-2017-7600 at SUSECVE-2017-7600 at NVDCVE-2017-7601 at SUSECVE-2017-7601 at NVDCVE-2017-7602 at SUSECVE-2017-7602 at NVDCVE-2017-9403 at SUSECVE-2017-9403 at NVDCVE-2017-9404 at SUSECVE-2017-9404 at NVDCVE-2017-9935 at SUSECVE-2017-9935 at NVDCVE-2017-9936 at SUSECVE-2017-9936 at NVDCVE-2018-10779 at SUSECVE-2018-10779 at NVDCVE-2018-10963 at SUSECVE-2018-10963 at NVDCVE-2018-12900 at SUSECVE-2018-12900 at NVDCVE-2018-16335 at SUSECVE-2018-16335 at NVDCVE-2018-17000 at SUSECVE-2018-17000 at NVDCVE-2018-17100 at SUSECVE-2018-17100 at NVDCVE-2018-17101 at SUSECVE-2018-17101 at NVDCVE-2018-17795 at SUSECVE-2018-17795 at NVDCVE-2018-18557 at SUSECVE-2018-18557 at NVDCVE-2018-18661 at SUSECVE-2018-18661 at NVDCVE-2018-19210 at SUSECVE-2018-19210 at NVDCVE-2018-5784 at SUSECVE-2018-5784 at NVDCVE-2018-7456 at SUSECVE-2018-7456 at NVDCVE-2018-8905 at SUSECVE-2018-8905 at NVDCVE-2019-14973 at SUSECVE-2019-14973 at NVDCVE-2019-17546 at SUSECVE-2019-17546 at NVDCVE-2019-6128 at SUSECVE-2019-6128 at NVDCVE-2019-7663 at SUSECVE-2019-7663 at NVDCVE-2020-19131 at SUSECVE-2020-19131 at NVDCVE-2020-35521 at SUSECVE-2020-35521 at NVDCVE-2020-35522 at SUSECVE-2020-35522 at NVDCVE-2020-35523 at SUSECVE-2020-35523 at NVDCVE-2020-35524 at SUSECVE-2020-35524 at NVDCVE-2022-0561 at SUSECVE-2022-0561 at NVDCVE-2022-0562 at SUSECVE-2022-0562 at NVDCVE-2022-0865 at SUSECVE-2022-0865 at NVDCVE-2022-0891 at SUSECVE-2022-0891 at NVDCVE-2022-0907 at SUSECVE-2022-0907 at NVDCVE-2022-0908 at SUSECVE-2022-0908 at NVDCVE-2022-0909 at SUSECVE-2022-0909 at NVDCVE-2022-0924 at SUSECVE-2022-0924 at NVDCVE-2022-1056 at SUSECVE-2022-1056 at NVDCVE-2022-2056 at SUSECVE-2022-2056 at NVDCVE-2022-2057 at SUSECVE-2022-2057 at NVDCVE-2022-2058 at SUSECVE-2022-2058 at NVDCVE-2022-22844 at SUSECVE-2022-22844 at NVDCVE-2022-2519 at SUSECVE-2022-2519 at NVDCVE-2022-2520 at SUSECVE-2022-2520 at NVDCVE-2022-2521 at SUSECVE-2022-2521 at NVDCVE-2022-2867 at SUSECVE-2022-2867 at NVDCVE-2022-2868 at SUSECVE-2022-2868 at NVDCVE-2022-2869 at SUSECVE-2022-2869 at NVDCVE-2022-34266 at SUSECVE-2022-34266 at NVDCVE-2022-34526 at SUSECVE-2022-34526 at NVDCVE-2022-3570 at SUSECVE-2022-3570 at NVDCVE-2022-3597 at SUSECVE-2022-3597 at NVDCVE-2022-3598 at SUSECVE-2022-3598 at NVDCVE-2022-3599 at SUSECVE-2022-3599 at NVDCVE-2022-3626 at SUSECVE-2022-3626 at NVDCVE-2022-3627 at SUSECVE-2022-3627 at NVDCVE-2022-3970 at SUSECVE-2022-3970 at NVDCVE-2022-48281 at SUSECVE-2022-48281 at NVDCVE-2023-0795 at SUSECVE-2023-0795 at NVDCVE-2023-0796 at SUSECVE-2023-0796 at NVDCVE-2023-0797 at SUSECVE-2023-0797 at NVDCVE-2023-0798 at SUSECVE-2023-0798 at NVDCVE-2023-0799 at SUSECVE-2023-0799 at NVDCVE-2023-0800 at SUSECVE-2023-0800 at NVDCVE-2023-0801 at SUSECVE-2023-0801 at NVDCVE-2023-0802 at SUSECVE-2023-0802 at NVDCVE-2023-0803 at SUSECVE-2023-0803 at NVDCVE-2023-0804 at SUSECVE-2023-0804 at NVDCVE-2023-25435 at SUSECVE-2023-25435 at NVDCVE-2023-52356 at SUSECVE-2023-52356 at NVDCVE-2024-7006 at SUSECVE-2024-7006 at NVDcpe:/o:suse:sl-micro:6.1libtirpc-netconfig-1.3.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libtirpc-netconfig-1.3.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2016-4429 at SUSECVE-2016-4429 at NVDCVE-2021-46828 at SUSECVE-2021-46828 at NVDcpe:/o:suse:sl-micro:6.1libtpms0-0.9.6-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libtpms0-0.9.6-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2021-3446 at SUSECVE-2021-3446 at NVDCVE-2021-3505 at SUSECVE-2021-3505 at NVDCVE-2021-3623 at SUSECVE-2021-3623 at NVDCVE-2021-3746 at SUSECVE-2021-3746 at NVDCVE-2023-1017 at SUSECVE-2023-1017 at NVDCVE-2023-1018 at SUSECVE-2023-1018 at NVDcpe:/o:suse:sl-micro:6.1libtspi1-0.3.15-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libtspi1-0.3.15-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-18898 at SUSECVE-2019-18898 at NVDCVE-2020-24330 at SUSECVE-2020-24330 at NVDCVE-2020-24331 at SUSECVE-2020-24331 at NVDCVE-2020-24332 at SUSECVE-2020-24332 at NVDcpe:/o:suse:sl-micro:6.1libtss2-esys0-4.1.0-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libtss2-esys0-4.1.0-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-24455 at SUSECVE-2020-24455 at NVDCVE-2023-22745 at SUSECVE-2023-22745 at NVDCVE-2024-29040 at SUSECVE-2024-29040 at NVDcpe:/o:suse:sl-micro:6.1libudisks2-0-2.9.4-slfo.1.1_1.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libudisks2-0-2.9.4-slfo.1.1_1.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-0004 at SUSECVE-2014-0004 at NVDCVE-2018-17336 at SUSECVE-2018-17336 at NVDcpe:/o:suse:sl-micro:6.1libunbound8-1.21.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libunbound8-1.21.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-8602 at SUSECVE-2014-8602 at NVDCVE-2017-15105 at SUSECVE-2017-15105 at NVDCVE-2019-16866 at SUSECVE-2019-16866 at NVDCVE-2019-18934 at SUSECVE-2019-18934 at NVDCVE-2020-12662 at SUSECVE-2020-12662 at NVDCVE-2020-12663 at SUSECVE-2020-12663 at NVDCVE-2020-28935 at SUSECVE-2020-28935 at NVDCVE-2022-30698 at SUSECVE-2022-30698 at NVDCVE-2022-30699 at SUSECVE-2022-30699 at NVDCVE-2022-3204 at SUSECVE-2022-3204 at NVDCVE-2023-50387 at SUSECVE-2023-50387 at NVDCVE-2023-50868 at SUSECVE-2023-50868 at NVDCVE-2024-1931 at SUSECVE-2024-1931 at NVDCVE-2024-33655 at SUSECVE-2024-33655 at NVDCVE-2024-43167 at SUSECVE-2024-43167 at NVDcpe:/o:suse:sl-micro:6.1libunwind8-1.6.2-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libunwind8-1.6.2-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-3239 at SUSECVE-2015-3239 at NVDcpe:/o:suse:sl-micro:6.1libusbguard1-1.1.3-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libusbguard1-1.1.3-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-25058 at SUSECVE-2019-25058 at NVDcpe:/o:suse:sl-micro:6.1libusbredirparser1-0.13.0-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libusbredirparser1-0.13.0-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2021-3700 at SUSECVE-2021-3700 at NVDcpe:/o:suse:sl-micro:6.1libvirglrenderer1-0.9.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libvirglrenderer1-0.9.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-10214 at SUSECVE-2016-10214 at NVDCVE-2017-5937 at SUSECVE-2017-5937 at NVDCVE-2017-5957 at SUSECVE-2017-5957 at NVDCVE-2017-5993 at SUSECVE-2017-5993 at NVDCVE-2017-5994 at SUSECVE-2017-5994 at NVDCVE-2017-6386 at SUSECVE-2017-6386 at NVDCVE-2019-18388 at SUSECVE-2019-18388 at NVDCVE-2019-18389 at SUSECVE-2019-18389 at NVDCVE-2019-18390 at SUSECVE-2019-18390 at NVDCVE-2019-18391 at SUSECVE-2019-18391 at NVDCVE-2019-18392 at SUSECVE-2019-18392 at NVDCVE-2020-8002 at SUSECVE-2020-8002 at NVDCVE-2020-8003 at SUSECVE-2020-8003 at NVDCVE-2022-0135 at SUSECVE-2022-0135 at NVDCVE-2022-0175 at SUSECVE-2022-0175 at NVDcpe:/o:suse:sl-micro:6.1libvirt-client-10.0.0-slfo.1.1_1.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libvirt-client-10.0.0-slfo.1.1_1.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2008-5086 at SUSECVE-2008-5086 at NVDCVE-2010-2242 at SUSECVE-2010-2242 at NVDCVE-2011-1146 at SUSECVE-2011-1146 at NVDCVE-2011-2511 at SUSECVE-2011-2511 at NVDCVE-2011-4600 at SUSECVE-2011-4600 at NVDCVE-2012-3445 at SUSECVE-2012-3445 at NVDCVE-2013-0170 at SUSECVE-2013-0170 at NVDCVE-2013-1962 at SUSECVE-2013-1962 at NVDCVE-2013-2218 at SUSECVE-2013-2218 at NVDCVE-2013-2230 at SUSECVE-2013-2230 at NVDCVE-2013-4153 at SUSECVE-2013-4153 at NVDCVE-2013-4154 at SUSECVE-2013-4154 at NVDCVE-2013-4239 at SUSECVE-2013-4239 at NVDCVE-2013-4296 at SUSECVE-2013-4296 at NVDCVE-2013-4297 at SUSECVE-2013-4297 at NVDCVE-2013-4311 at SUSECVE-2013-4311 at NVDCVE-2013-4399 at SUSECVE-2013-4399 at NVDCVE-2013-4400 at SUSECVE-2013-4400 at NVDCVE-2013-4401 at SUSECVE-2013-4401 at NVDCVE-2013-6436 at SUSECVE-2013-6436 at NVDCVE-2013-6456 at SUSECVE-2013-6456 at NVDCVE-2013-6457 at SUSECVE-2013-6457 at NVDCVE-2013-6458 at SUSECVE-2013-6458 at NVDCVE-2014-0028 at SUSECVE-2014-0028 at NVDCVE-2014-0179 at SUSECVE-2014-0179 at NVDCVE-2014-1447 at SUSECVE-2014-1447 at NVDCVE-2014-3633 at SUSECVE-2014-3633 at NVDCVE-2014-3657 at SUSECVE-2014-3657 at NVDCVE-2014-7823 at SUSECVE-2014-7823 at NVDCVE-2014-8131 at SUSECVE-2014-8131 at NVDCVE-2015-0236 at SUSECVE-2015-0236 at NVDCVE-2015-5247 at SUSECVE-2015-5247 at NVDCVE-2015-5313 at SUSECVE-2015-5313 at NVDCVE-2017-1000256 at SUSECVE-2017-1000256 at NVDCVE-2017-2635 at SUSECVE-2017-2635 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-1064 at SUSECVE-2018-1064 at NVDCVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-5748 at SUSECVE-2018-5748 at NVDCVE-2019-10132 at SUSECVE-2019-10132 at NVDCVE-2019-10161 at SUSECVE-2019-10161 at NVDCVE-2019-10166 at SUSECVE-2019-10166 at NVDCVE-2019-10167 at SUSECVE-2019-10167 at NVDCVE-2019-10168 at SUSECVE-2019-10168 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-3886 at SUSECVE-2019-3886 at NVDCVE-2020-10701 at SUSECVE-2020-10701 at NVDCVE-2020-12430 at SUSECVE-2020-12430 at NVDCVE-2020-14339 at SUSECVE-2020-14339 at NVDCVE-2020-15708 at SUSECVE-2020-15708 at NVDCVE-2020-25637 at SUSECVE-2020-25637 at NVDCVE-2021-3631 at SUSECVE-2021-3631 at NVDCVE-2021-3667 at SUSECVE-2021-3667 at NVDCVE-2021-4147 at SUSECVE-2021-4147 at NVDCVE-2022-0897 at SUSECVE-2022-0897 at NVDCVE-2023-2700 at SUSECVE-2023-2700 at NVDCVE-2023-3750 at SUSECVE-2023-3750 at NVDCVE-2024-1441 at SUSECVE-2024-1441 at NVDCVE-2024-2494 at SUSECVE-2024-2494 at NVDCVE-2024-4418 at SUSECVE-2024-4418 at NVDcpe:/o:suse:sl-micro:6.1libvmtools0-12.5.0-slfo.1.1_1.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libvmtools0-12.5.0-slfo.1.1_1.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-5191 at SUSECVE-2015-5191 at NVDCVE-2022-31676 at SUSECVE-2022-31676 at NVDCVE-2023-20867 at SUSECVE-2023-20867 at NVDCVE-2023-20900 at SUSECVE-2023-20900 at NVDCVE-2023-34058 at SUSECVE-2023-34058 at NVDCVE-2023-34059 at SUSECVE-2023-34059 at NVDcpe:/o:suse:sl-micro:6.1libvorbis0-1.3.7-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libvorbis0-1.3.7-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-3106 at SUSECVE-2007-3106 at NVDCVE-2008-1419 at SUSECVE-2008-1419 at NVDCVE-2008-1420 at SUSECVE-2008-1420 at NVDCVE-2008-1423 at SUSECVE-2008-1423 at NVDCVE-2009-3379 at SUSECVE-2009-3379 at NVDCVE-2012-0444 at SUSECVE-2012-0444 at NVDCVE-2017-14160 at SUSECVE-2017-14160 at NVDCVE-2017-14632 at SUSECVE-2017-14632 at NVDCVE-2017-14633 at SUSECVE-2017-14633 at NVDCVE-2018-10392 at SUSECVE-2018-10392 at NVDCVE-2018-10393 at SUSECVE-2018-10393 at NVDCVE-2018-5146 at SUSECVE-2018-5146 at NVDcpe:/o:suse:sl-micro:6.1libxcb-dri2-0-1.15-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libxcb-dri2-0-1.15-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-2064 at SUSECVE-2013-2064 at NVDcpe:/o:suse:sl-micro:6.1libxkbcommon0-1.5.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libxkbcommon0-1.5.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-15853 at SUSECVE-2018-15853 at NVDCVE-2018-15854 at SUSECVE-2018-15854 at NVDCVE-2018-15855 at SUSECVE-2018-15855 at NVDCVE-2018-15856 at SUSECVE-2018-15856 at NVDCVE-2018-15857 at SUSECVE-2018-15857 at NVDCVE-2018-15858 at SUSECVE-2018-15858 at NVDCVE-2018-15859 at SUSECVE-2018-15859 at NVDCVE-2018-15861 at SUSECVE-2018-15861 at NVDCVE-2018-15862 at SUSECVE-2018-15862 at NVDCVE-2018-15863 at SUSECVE-2018-15863 at NVDCVE-2018-15864 at SUSECVE-2018-15864 at NVDcpe:/o:suse:sl-micro:6.1libxml2-2-2.11.6-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libxml2-2-2.11.6-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-6284 at SUSECVE-2007-6284 at NVDCVE-2008-4225 at SUSECVE-2008-4225 at NVDCVE-2008-4226 at SUSECVE-2008-4226 at NVDCVE-2008-4409 at SUSECVE-2008-4409 at NVDCVE-2010-4494 at SUSECVE-2010-4494 at NVDCVE-2011-1944 at SUSECVE-2011-1944 at NVDCVE-2012-5134 at SUSECVE-2012-5134 at NVDCVE-2013-0338 at SUSECVE-2013-0338 at NVDCVE-2013-1969 at SUSECVE-2013-1969 at NVDCVE-2014-0191 at SUSECVE-2014-0191 at NVDCVE-2014-3660 at SUSECVE-2014-3660 at NVDCVE-2015-1819 at SUSECVE-2015-1819 at NVDCVE-2015-5312 at SUSECVE-2015-5312 at NVDCVE-2015-7497 at SUSECVE-2015-7497 at NVDCVE-2015-7498 at SUSECVE-2015-7498 at NVDCVE-2015-7499 at SUSECVE-2015-7499 at NVDCVE-2015-7500 at SUSECVE-2015-7500 at NVDCVE-2015-7941 at SUSECVE-2015-7941 at NVDCVE-2015-7942 at SUSECVE-2015-7942 at NVDCVE-2015-8035 at SUSECVE-2015-8035 at NVDCVE-2015-8242 at SUSECVE-2015-8242 at NVDCVE-2016-1762 at SUSECVE-2016-1762 at NVDCVE-2016-1833 at SUSECVE-2016-1833 at NVDCVE-2016-1834 at SUSECVE-2016-1834 at NVDCVE-2016-1835 at SUSECVE-2016-1835 at NVDCVE-2016-1836 at SUSECVE-2016-1836 at NVDCVE-2016-1837 at SUSECVE-2016-1837 at NVDCVE-2016-1838 at SUSECVE-2016-1838 at NVDCVE-2016-1839 at SUSECVE-2016-1839 at NVDCVE-2016-1840 at SUSECVE-2016-1840 at NVDCVE-2016-3627 at SUSECVE-2016-3627 at NVDCVE-2016-3705 at SUSECVE-2016-3705 at NVDCVE-2016-4483 at SUSECVE-2016-4483 at NVDCVE-2016-4658 at SUSECVE-2016-4658 at NVDCVE-2017-0663 at SUSECVE-2017-0663 at NVDCVE-2017-5969 at SUSECVE-2017-5969 at NVDCVE-2017-9047 at SUSECVE-2017-9047 at NVDCVE-2017-9048 at SUSECVE-2017-9048 at NVDCVE-2017-9049 at SUSECVE-2017-9049 at NVDCVE-2018-14404 at SUSECVE-2018-14404 at NVDCVE-2018-14567 at SUSECVE-2018-14567 at NVDCVE-2018-9251 at SUSECVE-2018-9251 at NVDCVE-2019-19956 at SUSECVE-2019-19956 at NVDCVE-2019-20388 at SUSECVE-2019-20388 at NVDCVE-2020-24977 at SUSECVE-2020-24977 at NVDCVE-2020-7595 at SUSECVE-2020-7595 at NVDCVE-2021-3516 at SUSECVE-2021-3516 at NVDCVE-2021-3517 at SUSECVE-2021-3517 at NVDCVE-2021-3518 at SUSECVE-2021-3518 at NVDCVE-2021-3537 at SUSECVE-2021-3537 at NVDCVE-2021-3541 at SUSECVE-2021-3541 at NVDCVE-2022-2309 at SUSECVE-2022-2309 at NVDCVE-2022-23308 at SUSECVE-2022-23308 at NVDCVE-2022-29824 at SUSECVE-2022-29824 at NVDCVE-2022-40303 at SUSECVE-2022-40303 at NVDCVE-2022-40304 at SUSECVE-2022-40304 at NVDCVE-2023-28484 at SUSECVE-2023-28484 at NVDCVE-2023-29469 at SUSECVE-2023-29469 at NVDCVE-2023-39615 at SUSECVE-2023-39615 at NVDCVE-2023-45322 at SUSECVE-2023-45322 at NVDCVE-2024-25062 at SUSECVE-2024-25062 at NVDCVE-2024-34459 at SUSECVE-2024-34459 at NVDcpe:/o:suse:sl-micro:6.1libyajl2-2.1.0-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libyajl2-2.1.0-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-24795 at SUSECVE-2022-24795 at NVDCVE-2023-33460 at SUSECVE-2023-33460 at NVDcpe:/o:suse:sl-micro:6.1libyaml-0-2-0.2.5-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libyaml-0-2-0.2.5-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-6393 at SUSECVE-2013-6393 at NVDCVE-2014-2525 at SUSECVE-2014-2525 at NVDCVE-2014-9130 at SUSECVE-2014-9130 at NVDcpe:/o:suse:sl-micro:6.1libyaml-cpp0_8-0.8.0-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libyaml-cpp0_8-0.8.0-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-5950 at SUSECVE-2017-5950 at NVDcpe:/o:suse:sl-micro:6.1libz1-1.2.13-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libz1-1.2.13-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-9843 at SUSECVE-2016-9843 at NVDCVE-2018-25032 at SUSECVE-2018-25032 at NVDCVE-2022-37434 at SUSECVE-2022-37434 at NVDcpe:/o:suse:sl-micro:6.1libzmq5-4.3.5-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libzmq5-4.3.5-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-7202 at SUSECVE-2014-7202 at NVDCVE-2014-7203 at SUSECVE-2014-7203 at NVDCVE-2014-9721 at SUSECVE-2014-9721 at NVDCVE-2019-13132 at SUSECVE-2019-13132 at NVDCVE-2019-6250 at SUSECVE-2019-6250 at NVDCVE-2020-15166 at SUSECVE-2020-15166 at NVDcpe:/o:suse:sl-micro:6.1libzstd-devel-1.5.5-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libzstd-devel-1.5.5-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-11922 at SUSECVE-2019-11922 at NVDcpe:/o:suse:sl-micro:6.1libzypp-17.35.12-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the libzypp-17.35.12-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-7435 at SUSECVE-2017-7435 at NVDCVE-2017-7436 at SUSECVE-2017-7436 at NVDCVE-2017-9269 at SUSECVE-2017-9269 at NVDCVE-2017-9271 at SUSECVE-2017-9271 at NVDCVE-2018-7685 at SUSECVE-2018-7685 at NVDCVE-2019-18900 at SUSECVE-2019-18900 at NVDcpe:/o:suse:sl-micro:6.1logrotate-3.21.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the logrotate-3.21.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2011-1098 at SUSECVE-2011-1098 at NVDCVE-2011-1154 at SUSECVE-2011-1154 at NVDCVE-2011-1155 at SUSECVE-2011-1155 at NVDCVE-2022-1348 at SUSECVE-2022-1348 at NVDcpe:/o:suse:sl-micro:6.1m4-1.4.18-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the m4-1.4.18-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2009-4029 at SUSECVE-2009-4029 at NVDcpe:/o:suse:sl-micro:6.1mailx-12.5-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the mailx-12.5-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2004-2771 at SUSECVE-2004-2771 at NVDCVE-2014-7844 at SUSECVE-2014-7844 at NVDcpe:/o:suse:sl-micro:6.1man-2.11.2-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the man-2.11.2-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-4250 at SUSECVE-2006-4250 at NVDcpe:/o:suse:sl-micro:6.1mozilla-nspr-4.35-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the mozilla-nspr-4.35-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-1545 at SUSECVE-2014-1545 at NVDCVE-2015-7183 at SUSECVE-2015-7183 at NVDcpe:/o:suse:sl-micro:6.1openCryptoki-3.23.0-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the openCryptoki-3.23.0-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2024-0914 at SUSECVE-2024-0914 at NVDcpe:/o:suse:sl-micro:6.1opensc-0.24.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the opensc-0.24.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2008-2235 at SUSECVE-2008-2235 at NVDCVE-2009-0368 at SUSECVE-2009-0368 at NVDCVE-2010-4523 at SUSECVE-2010-4523 at NVDCVE-2018-16391 at SUSECVE-2018-16391 at NVDCVE-2018-16392 at SUSECVE-2018-16392 at NVDCVE-2018-16393 at SUSECVE-2018-16393 at NVDCVE-2018-16418 at SUSECVE-2018-16418 at NVDCVE-2018-16419 at SUSECVE-2018-16419 at NVDCVE-2018-16420 at SUSECVE-2018-16420 at NVDCVE-2018-16421 at SUSECVE-2018-16421 at NVDCVE-2018-16422 at SUSECVE-2018-16422 at NVDCVE-2018-16423 at SUSECVE-2018-16423 at NVDCVE-2018-16424 at SUSECVE-2018-16424 at NVDCVE-2018-16425 at SUSECVE-2018-16425 at NVDCVE-2018-16426 at SUSECVE-2018-16426 at NVDCVE-2018-16427 at SUSECVE-2018-16427 at NVDCVE-2019-15945 at SUSECVE-2019-15945 at NVDCVE-2019-15946 at SUSECVE-2019-15946 at NVDCVE-2019-19479 at SUSECVE-2019-19479 at NVDCVE-2019-19480 at SUSECVE-2019-19480 at NVDCVE-2019-20792 at SUSECVE-2019-20792 at NVDCVE-2019-6502 at SUSECVE-2019-6502 at NVDCVE-2020-26570 at SUSECVE-2020-26570 at NVDCVE-2020-26571 at SUSECVE-2020-26571 at NVDCVE-2020-26572 at SUSECVE-2020-26572 at NVDCVE-2021-42779 at SUSECVE-2021-42779 at NVDCVE-2021-42780 at SUSECVE-2021-42780 at NVDCVE-2021-42781 at SUSECVE-2021-42781 at NVDCVE-2021-42782 at SUSECVE-2021-42782 at NVDCVE-2023-2977 at SUSECVE-2023-2977 at NVDCVE-2023-40660 at SUSECVE-2023-40660 at NVDCVE-2023-40661 at SUSECVE-2023-40661 at NVDCVE-2023-4535 at SUSECVE-2023-4535 at NVDCVE-2024-1454 at SUSECVE-2024-1454 at NVDcpe:/o:suse:sl-micro:6.1openssh-9.6p1-slfo.1.1_1.6 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the openssh-9.6p1-slfo.1.1_1.6 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-0225 at SUSECVE-2006-0225 at NVDCVE-2007-4752 at SUSECVE-2007-4752 at NVDCVE-2008-1483 at SUSECVE-2008-1483 at NVDCVE-2015-8325 at SUSECVE-2015-8325 at NVDCVE-2016-0777 at SUSECVE-2016-0777 at NVDCVE-2016-0778 at SUSECVE-2016-0778 at NVDCVE-2016-10009 at SUSECVE-2016-10009 at NVDCVE-2016-10010 at SUSECVE-2016-10010 at NVDCVE-2016-10011 at SUSECVE-2016-10011 at NVDCVE-2016-10012 at SUSECVE-2016-10012 at NVDCVE-2016-6210 at SUSECVE-2016-6210 at NVDCVE-2016-6515 at SUSECVE-2016-6515 at NVDCVE-2016-8858 at SUSECVE-2016-8858 at NVDCVE-2018-20685 at SUSECVE-2018-20685 at NVDCVE-2019-6109 at SUSECVE-2019-6109 at NVDCVE-2019-6110 at SUSECVE-2019-6110 at NVDCVE-2019-6111 at SUSECVE-2019-6111 at NVDCVE-2021-28041 at SUSECVE-2021-28041 at NVDCVE-2021-41617 at SUSECVE-2021-41617 at NVDCVE-2022-2274 at SUSECVE-2022-2274 at NVDCVE-2023-38408 at SUSECVE-2023-38408 at NVDCVE-2023-48795 at SUSECVE-2023-48795 at NVDCVE-2023-51385 at SUSECVE-2023-51385 at NVDCVE-2024-39894 at SUSECVE-2024-39894 at NVDCVE-2024-6387 at SUSECVE-2024-6387 at NVDcpe:/o:suse:sl-micro:6.1pam-1.6.1-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the pam-1.6.1-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2010-3430 at SUSECVE-2010-3430 at NVDCVE-2010-3431 at SUSECVE-2010-3431 at NVDCVE-2010-3853 at SUSECVE-2010-3853 at NVDCVE-2011-3148 at SUSECVE-2011-3148 at NVDCVE-2011-3149 at SUSECVE-2011-3149 at NVDCVE-2014-2583 at SUSECVE-2014-2583 at NVDCVE-2015-3238 at SUSECVE-2015-3238 at NVDCVE-2018-17953 at SUSECVE-2018-17953 at NVDCVE-2020-27780 at SUSECVE-2020-27780 at NVDCVE-2024-22365 at SUSECVE-2024-22365 at NVDcpe:/o:suse:sl-micro:6.1pam_u2f-1.3.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the pam_u2f-1.3.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-12209 at SUSECVE-2019-12209 at NVDCVE-2019-12210 at SUSECVE-2019-12210 at NVDCVE-2021-31924 at SUSECVE-2021-31924 at NVDcpe:/o:suse:sl-micro:6.1patch-2.7.6-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the patch-2.7.6-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2010-4651 at SUSECVE-2010-4651 at NVDCVE-2015-1196 at SUSECVE-2015-1196 at NVDCVE-2016-10713 at SUSECVE-2016-10713 at NVDCVE-2018-1000156 at SUSECVE-2018-1000156 at NVDCVE-2018-6951 at SUSECVE-2018-6951 at NVDCVE-2018-6952 at SUSECVE-2018-6952 at NVDCVE-2019-13636 at SUSECVE-2019-13636 at NVDCVE-2019-20633 at SUSECVE-2019-20633 at NVDcpe:/o:suse:sl-micro:6.1pcsc-ccid-1.5.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the pcsc-ccid-1.5.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2010-4530 at SUSECVE-2010-4530 at NVDcpe:/o:suse:sl-micro:6.1perl-5.38.2-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the perl-5.38.2-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2005-3962 at SUSECVE-2005-3962 at NVDCVE-2007-5116 at SUSECVE-2007-5116 at NVDCVE-2010-2761 at SUSECVE-2010-2761 at NVDCVE-2010-4410 at SUSECVE-2010-4410 at NVDCVE-2010-4411 at SUSECVE-2010-4411 at NVDCVE-2010-4777 at SUSECVE-2010-4777 at NVDCVE-2017-12814 at SUSECVE-2017-12814 at NVDCVE-2017-12837 at SUSECVE-2017-12837 at NVDCVE-2017-12883 at SUSECVE-2017-12883 at NVDCVE-2018-18311 at SUSECVE-2018-18311 at NVDCVE-2018-18312 at SUSECVE-2018-18312 at NVDCVE-2020-10543 at SUSECVE-2020-10543 at NVDCVE-2020-10878 at SUSECVE-2020-10878 at NVDCVE-2020-12723 at SUSECVE-2020-12723 at NVDCVE-2023-47038 at SUSECVE-2023-47038 at NVDCVE-2023-47039 at SUSECVE-2023-47039 at NVDcpe:/o:suse:sl-micro:6.1podman-5.0.3-slfo.1.1_3.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the podman-5.0.3-slfo.1.1_3.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-10856 at SUSECVE-2018-10856 at NVDCVE-2019-10152 at SUSECVE-2019-10152 at NVDCVE-2019-10214 at SUSECVE-2019-10214 at NVDCVE-2020-14370 at SUSECVE-2020-14370 at NVDCVE-2020-1726 at SUSECVE-2020-1726 at NVDCVE-2021-20199 at SUSECVE-2021-20199 at NVDCVE-2021-20206 at SUSECVE-2021-20206 at NVDCVE-2021-4024 at SUSECVE-2021-4024 at NVDCVE-2021-41190 at SUSECVE-2021-41190 at NVDCVE-2022-1227 at SUSECVE-2022-1227 at NVDCVE-2022-21698 at SUSECVE-2022-21698 at NVDCVE-2022-27191 at SUSECVE-2022-27191 at NVDCVE-2022-27649 at SUSECVE-2022-27649 at NVDCVE-2022-2989 at SUSECVE-2022-2989 at NVDCVE-2023-0778 at SUSECVE-2023-0778 at NVDCVE-2024-1753 at SUSECVE-2024-1753 at NVDCVE-2024-3727 at SUSECVE-2024-3727 at NVDCVE-2024-9341 at SUSECVE-2024-9341 at NVDCVE-2024-9407 at SUSECVE-2024-9407 at NVDCVE-2024-9675 at SUSECVE-2024-9675 at NVDCVE-2024-9676 at SUSECVE-2024-9676 at NVDcpe:/o:suse:sl-micro:6.1policycoreutils-3.5-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the policycoreutils-3.5-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-7545 at SUSECVE-2016-7545 at NVDCVE-2018-1063 at SUSECVE-2018-1063 at NVDcpe:/o:suse:sl-micro:6.1powerpc-utils-1.3.12-slfo.1.1_2.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the powerpc-utils-1.3.12-slfo.1.1_2.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-4040 at SUSECVE-2014-4040 at NVDcpe:/o:suse:sl-micro:6.1ppc64-diag-2.7.10-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the ppc64-diag-2.7.10-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-4038 at SUSECVE-2014-4038 at NVDCVE-2014-4039 at SUSECVE-2014-4039 at NVDcpe:/o:suse:sl-micro:6.1ppp-2.4.9-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the ppp-2.4.9-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-3158 at SUSECVE-2014-3158 at NVDCVE-2015-3310 at SUSECVE-2015-3310 at NVDCVE-2020-8597 at SUSECVE-2020-8597 at NVDcpe:/o:suse:sl-micro:6.1procmail-3.24-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the procmail-3.24-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-3618 at SUSECVE-2014-3618 at NVDCVE-2017-16844 at SUSECVE-2017-16844 at NVDcpe:/o:suse:sl-micro:6.1python3-salt-3006.0-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python3-salt-3006.0-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-1866 at SUSECVE-2016-1866 at NVDCVE-2016-9639 at SUSECVE-2016-9639 at NVDCVE-2017-12791 at SUSECVE-2017-12791 at NVDCVE-2017-14695 at SUSECVE-2017-14695 at NVDCVE-2017-14696 at SUSECVE-2017-14696 at NVDCVE-2018-15750 at SUSECVE-2018-15750 at NVDCVE-2018-15751 at SUSECVE-2018-15751 at NVDCVE-2019-17361 at SUSECVE-2019-17361 at NVDCVE-2019-18897 at SUSECVE-2019-18897 at NVDCVE-2020-11651 at SUSECVE-2020-11651 at NVDCVE-2020-11652 at SUSECVE-2020-11652 at NVDCVE-2020-16846 at SUSECVE-2020-16846 at NVDCVE-2020-17490 at SUSECVE-2020-17490 at NVDCVE-2020-25592 at SUSECVE-2020-25592 at NVDCVE-2020-28243 at SUSECVE-2020-28243 at NVDCVE-2020-28972 at SUSECVE-2020-28972 at NVDCVE-2020-35662 at SUSECVE-2020-35662 at NVDCVE-2021-21996 at SUSECVE-2021-21996 at NVDCVE-2021-25281 at SUSECVE-2021-25281 at NVDCVE-2021-25282 at SUSECVE-2021-25282 at NVDCVE-2021-25283 at SUSECVE-2021-25283 at NVDCVE-2021-25284 at SUSECVE-2021-25284 at NVDCVE-2021-25315 at SUSECVE-2021-25315 at NVDCVE-2021-3144 at SUSECVE-2021-3144 at NVDCVE-2021-3148 at SUSECVE-2021-3148 at NVDCVE-2021-31607 at SUSECVE-2021-31607 at NVDCVE-2021-3197 at SUSECVE-2021-3197 at NVDCVE-2022-22934 at SUSECVE-2022-22934 at NVDCVE-2022-22935 at SUSECVE-2022-22935 at NVDCVE-2022-22936 at SUSECVE-2022-22936 at NVDCVE-2022-22941 at SUSECVE-2022-22941 at NVDCVE-2022-22967 at SUSECVE-2022-22967 at NVDCVE-2023-20897 at SUSECVE-2023-20897 at NVDCVE-2023-20898 at SUSECVE-2023-20898 at NVDCVE-2023-28370 at SUSECVE-2023-28370 at NVDCVE-2023-34049 at SUSECVE-2023-34049 at NVDCVE-2024-22231 at SUSECVE-2024-22231 at NVDCVE-2024-22232 at SUSECVE-2024-22232 at NVDcpe:/o:suse:sl-micro:6.1python311-Jinja2-3.1.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-Jinja2-3.1.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-0012 at SUSECVE-2014-0012 at NVDCVE-2016-10745 at SUSECVE-2016-10745 at NVDCVE-2019-10906 at SUSECVE-2019-10906 at NVDCVE-2019-8341 at SUSECVE-2019-8341 at NVDCVE-2020-28493 at SUSECVE-2020-28493 at NVDCVE-2024-22195 at SUSECVE-2024-22195 at NVDCVE-2024-34064 at SUSECVE-2024-34064 at NVDcpe:/o:suse:sl-micro:6.1python311-M2Crypto-0.39.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-M2Crypto-0.39.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-25657 at SUSECVE-2020-25657 at NVDcpe:/o:suse:sl-micro:6.1python311-PyJWT-2.9.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-PyJWT-2.9.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-29217 at SUSECVE-2022-29217 at NVDcpe:/o:suse:sl-micro:6.1python311-PyYAML-6.0.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-PyYAML-6.0.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-18342 at SUSECVE-2017-18342 at NVDCVE-2020-14343 at SUSECVE-2020-14343 at NVDcpe:/o:suse:sl-micro:6.1python311-certifi-2024.7.4-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-certifi-2024.7.4-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-23491 at SUSECVE-2022-23491 at NVDCVE-2024-39689 at SUSECVE-2024-39689 at NVDcpe:/o:suse:sl-micro:6.1python311-configobj-5.0.8-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-configobj-5.0.8-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2023-26112 at SUSECVE-2023-26112 at NVDcpe:/o:suse:sl-micro:6.1python311-cryptography-42.0.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-cryptography-42.0.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-25659 at SUSECVE-2020-25659 at NVDCVE-2020-36242 at SUSECVE-2020-36242 at NVDCVE-2022-3602 at SUSECVE-2022-3602 at NVDCVE-2022-3786 at SUSECVE-2022-3786 at NVDCVE-2023-23931 at SUSECVE-2023-23931 at NVDCVE-2023-38325 at SUSECVE-2023-38325 at NVDCVE-2023-49083 at SUSECVE-2023-49083 at NVDCVE-2024-26130 at SUSECVE-2024-26130 at NVDcpe:/o:suse:sl-micro:6.1python311-dnspython-2.6.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-dnspython-2.6.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2023-29483 at SUSECVE-2023-29483 at NVDcpe:/o:suse:sl-micro:6.1python311-httpx-0.24.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-httpx-0.24.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2021-41945 at SUSECVE-2021-41945 at NVDcpe:/o:suse:sl-micro:6.1python311-idna-3.7-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-idna-3.7-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2024-3651 at SUSECVE-2024-3651 at NVDcpe:/o:suse:sl-micro:6.1python311-lxml-4.9.3-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-lxml-4.9.3-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-19787 at SUSECVE-2018-19787 at NVDCVE-2020-27783 at SUSECVE-2020-27783 at NVDCVE-2021-28957 at SUSECVE-2021-28957 at NVDCVE-2021-43818 at SUSECVE-2021-43818 at NVDCVE-2022-2309 at SUSECVE-2022-2309 at NVDcpe:/o:suse:sl-micro:6.1python311-oauthlib-3.2.2-slfo.1.1_2.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-oauthlib-3.2.2-slfo.1.1_2.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2022-36087 at SUSECVE-2022-36087 at NVDcpe:/o:suse:sl-micro:6.1python311-py-1.11.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-py-1.11.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-29651 at SUSECVE-2020-29651 at NVDCVE-2022-42969 at SUSECVE-2022-42969 at NVDcpe:/o:suse:sl-micro:6.1python311-pyOpenSSL-24.0.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-pyOpenSSL-24.0.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-4314 at SUSECVE-2013-4314 at NVDcpe:/o:suse:sl-micro:6.1python311-pyzmq-25.1.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-pyzmq-25.1.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-6250 at SUSECVE-2019-6250 at NVDcpe:/o:suse:sl-micro:6.1python311-requests-2.32.2-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-requests-2.32.2-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-1829 at SUSECVE-2014-1829 at NVDCVE-2014-1830 at SUSECVE-2014-1830 at NVDCVE-2015-2296 at SUSECVE-2015-2296 at NVDCVE-2018-18074 at SUSECVE-2018-18074 at NVDCVE-2023-32681 at SUSECVE-2023-32681 at NVDCVE-2024-35195 at SUSECVE-2024-35195 at NVDcpe:/o:suse:sl-micro:6.1python311-rsa-4.9-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-rsa-4.9-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-13757 at SUSECVE-2020-13757 at NVDCVE-2020-25658 at SUSECVE-2020-25658 at NVDcpe:/o:suse:sl-micro:6.1python311-setuptools-70.0.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-setuptools-70.0.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-20916 at SUSECVE-2019-20916 at NVDCVE-2024-6345 at SUSECVE-2024-6345 at NVDcpe:/o:suse:sl-micro:6.1python311-tornado6-6.4-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-tornado6-6.4-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2023-28370 at SUSECVE-2023-28370 at NVDcpe:/o:suse:sl-micro:6.1python311-urllib3-2.1.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the python311-urllib3-2.1.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-9015 at SUSECVE-2016-9015 at NVDCVE-2018-20060 at SUSECVE-2018-20060 at NVDCVE-2019-11236 at SUSECVE-2019-11236 at NVDCVE-2019-11324 at SUSECVE-2019-11324 at NVDCVE-2019-9740 at SUSECVE-2019-9740 at NVDCVE-2020-26137 at SUSECVE-2020-26137 at NVDCVE-2021-33503 at SUSECVE-2021-33503 at NVDCVE-2023-43804 at SUSECVE-2023-43804 at NVDCVE-2023-45803 at SUSECVE-2023-45803 at NVDCVE-2024-37891 at SUSECVE-2024-37891 at NVDcpe:/o:suse:sl-micro:6.1qemu-8.2.7-slfo.1.1_1.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the qemu-8.2.7-slfo.1.1_1.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2008-0928 at SUSECVE-2008-0928 at NVDCVE-2008-1945 at SUSECVE-2008-1945 at NVDCVE-2008-2382 at SUSECVE-2008-2382 at NVDCVE-2008-4539 at SUSECVE-2008-4539 at NVDCVE-2012-3515 at SUSECVE-2012-3515 at NVDCVE-2013-4148 at SUSECVE-2013-4148 at NVDCVE-2013-4149 at SUSECVE-2013-4149 at NVDCVE-2013-4150 at SUSECVE-2013-4150 at NVDCVE-2013-4151 at SUSECVE-2013-4151 at NVDCVE-2013-4526 at SUSECVE-2013-4526 at NVDCVE-2013-4527 at SUSECVE-2013-4527 at NVDCVE-2013-4529 at SUSECVE-2013-4529 at NVDCVE-2013-4530 at SUSECVE-2013-4530 at NVDCVE-2013-4531 at SUSECVE-2013-4531 at NVDCVE-2013-4533 at SUSECVE-2013-4533 at NVDCVE-2013-4534 at SUSECVE-2013-4534 at NVDCVE-2013-4535 at SUSECVE-2013-4535 at NVDCVE-2013-4536 at SUSECVE-2013-4536 at NVDCVE-2013-4537 at SUSECVE-2013-4537 at NVDCVE-2013-4538 at SUSECVE-2013-4538 at NVDCVE-2013-4539 at SUSECVE-2013-4539 at NVDCVE-2013-4540 at SUSECVE-2013-4540 at NVDCVE-2013-4541 at SUSECVE-2013-4541 at NVDCVE-2013-4542 at SUSECVE-2013-4542 at NVDCVE-2013-4544 at SUSECVE-2013-4544 at NVDCVE-2013-6399 at SUSECVE-2013-6399 at NVDCVE-2014-0142 at SUSECVE-2014-0142 at NVDCVE-2014-0143 at SUSECVE-2014-0143 at NVDCVE-2014-0144 at SUSECVE-2014-0144 at NVDCVE-2014-0145 at SUSECVE-2014-0145 at NVDCVE-2014-0146 at SUSECVE-2014-0146 at NVDCVE-2014-0147 at SUSECVE-2014-0147 at NVDCVE-2014-0150 at SUSECVE-2014-0150 at NVDCVE-2014-0182 at SUSECVE-2014-0182 at NVDCVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2014-0223 at SUSECVE-2014-0223 at NVDCVE-2014-3461 at SUSECVE-2014-3461 at NVDCVE-2014-3640 at SUSECVE-2014-3640 at NVDCVE-2014-7840 at SUSECVE-2014-7840 at NVDCVE-2014-8106 at SUSECVE-2014-8106 at NVDCVE-2015-1779 at SUSECVE-2015-1779 at NVDCVE-2015-3209 at SUSECVE-2015-3209 at NVDCVE-2015-3456 at SUSECVE-2015-3456 at NVDCVE-2015-4037 at SUSECVE-2015-4037 at NVDCVE-2015-5154 at SUSECVE-2015-5154 at NVDCVE-2015-5225 at SUSECVE-2015-5225 at NVDCVE-2015-5278 at SUSECVE-2015-5278 at NVDCVE-2015-5279 at SUSECVE-2015-5279 at NVDCVE-2015-5745 at SUSECVE-2015-5745 at NVDCVE-2015-6815 at SUSECVE-2015-6815 at NVDCVE-2015-6855 at SUSECVE-2015-6855 at NVDCVE-2015-7295 at SUSECVE-2015-7295 at NVDCVE-2015-7512 at SUSECVE-2015-7512 at NVDCVE-2015-7549 at SUSECVE-2015-7549 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDCVE-2015-8504 at SUSECVE-2015-8504 at NVDCVE-2015-8558 at SUSECVE-2015-8558 at NVDCVE-2015-8567 at SUSECVE-2015-8567 at NVDCVE-2015-8568 at SUSECVE-2015-8568 at NVDCVE-2015-8613 at SUSECVE-2015-8613 at NVDCVE-2015-8619 at SUSECVE-2015-8619 at NVDCVE-2015-8743 at SUSECVE-2015-8743 at NVDCVE-2015-8744 at SUSECVE-2015-8744 at NVDCVE-2015-8745 at SUSECVE-2015-8745 at NVDCVE-2016-10028 at SUSECVE-2016-10028 at NVDCVE-2016-10155 at SUSECVE-2016-10155 at NVDCVE-2016-1568 at SUSECVE-2016-1568 at NVDCVE-2016-1714 at SUSECVE-2016-1714 at NVDCVE-2016-1922 at SUSECVE-2016-1922 at NVDCVE-2016-1981 at SUSECVE-2016-1981 at NVDCVE-2016-2198 at SUSECVE-2016-2198 at NVDCVE-2016-3710 at SUSECVE-2016-3710 at NVDCVE-2016-3712 at SUSECVE-2016-3712 at NVDCVE-2016-4002 at SUSECVE-2016-4002 at NVDCVE-2016-4020 at SUSECVE-2016-4020 at NVDCVE-2016-4439 at SUSECVE-2016-4439 at NVDCVE-2016-4441 at SUSECVE-2016-4441 at NVDCVE-2016-4453 at SUSECVE-2016-4453 at NVDCVE-2016-4454 at SUSECVE-2016-4454 at NVDCVE-2016-4952 at SUSECVE-2016-4952 at NVDCVE-2016-4964 at SUSECVE-2016-4964 at NVDCVE-2016-5105 at SUSECVE-2016-5105 at NVDCVE-2016-5106 at SUSECVE-2016-5106 at NVDCVE-2016-5107 at SUSECVE-2016-5107 at NVDCVE-2016-5126 at SUSECVE-2016-5126 at NVDCVE-2016-5238 at SUSECVE-2016-5238 at NVDCVE-2016-5337 at SUSECVE-2016-5337 at NVDCVE-2016-5338 at SUSECVE-2016-5338 at NVDCVE-2016-5403 at SUSECVE-2016-5403 at NVDCVE-2016-6351 at SUSECVE-2016-6351 at NVDCVE-2016-6490 at SUSECVE-2016-6490 at NVDCVE-2016-6833 at SUSECVE-2016-6833 at NVDCVE-2016-6836 at SUSECVE-2016-6836 at NVDCVE-2016-6888 at SUSECVE-2016-6888 at NVDCVE-2016-7116 at SUSECVE-2016-7116 at NVDCVE-2016-7155 at SUSECVE-2016-7155 at NVDCVE-2016-7156 at SUSECVE-2016-7156 at NVDCVE-2016-7157 at SUSECVE-2016-7157 at NVDCVE-2016-7161 at SUSECVE-2016-7161 at NVDCVE-2016-7170 at SUSECVE-2016-7170 at NVDCVE-2016-7421 at SUSECVE-2016-7421 at NVDCVE-2016-7422 at SUSECVE-2016-7422 at NVDCVE-2016-7423 at SUSECVE-2016-7423 at NVDCVE-2016-7466 at SUSECVE-2016-7466 at NVDCVE-2016-7907 at SUSECVE-2016-7907 at NVDCVE-2016-7908 at SUSECVE-2016-7908 at NVDCVE-2016-7909 at SUSECVE-2016-7909 at NVDCVE-2016-7994 at SUSECVE-2016-7994 at NVDCVE-2016-7995 at SUSECVE-2016-7995 at NVDCVE-2016-8576 at SUSECVE-2016-8576 at NVDCVE-2016-8577 at SUSECVE-2016-8577 at NVDCVE-2016-8578 at SUSECVE-2016-8578 at NVDCVE-2016-8667 at SUSECVE-2016-8667 at NVDCVE-2016-8668 at SUSECVE-2016-8668 at NVDCVE-2016-8669 at SUSECVE-2016-8669 at NVDCVE-2016-8909 at SUSECVE-2016-8909 at NVDCVE-2016-8910 at SUSECVE-2016-8910 at NVDCVE-2016-9101 at SUSECVE-2016-9101 at NVDCVE-2016-9102 at SUSECVE-2016-9102 at NVDCVE-2016-9103 at SUSECVE-2016-9103 at NVDCVE-2016-9104 at SUSECVE-2016-9104 at NVDCVE-2016-9105 at SUSECVE-2016-9105 at NVDCVE-2016-9106 at SUSECVE-2016-9106 at NVDCVE-2016-9381 at SUSECVE-2016-9381 at NVDCVE-2016-9602 at SUSECVE-2016-9602 at NVDCVE-2016-9776 at SUSECVE-2016-9776 at NVDCVE-2016-9845 at SUSECVE-2016-9845 at NVDCVE-2016-9846 at SUSECVE-2016-9846 at NVDCVE-2016-9907 at SUSECVE-2016-9907 at NVDCVE-2016-9908 at SUSECVE-2016-9908 at NVDCVE-2016-9911 at SUSECVE-2016-9911 at NVDCVE-2016-9912 at SUSECVE-2016-9912 at NVDCVE-2016-9913 at SUSECVE-2016-9913 at NVDCVE-2016-9921 at SUSECVE-2016-9921 at NVDCVE-2016-9922 at SUSECVE-2016-9922 at NVDCVE-2016-9923 at SUSECVE-2016-9923 at NVDCVE-2017-10664 at SUSECVE-2017-10664 at NVDCVE-2017-10806 at SUSECVE-2017-10806 at NVDCVE-2017-11334 at SUSECVE-2017-11334 at NVDCVE-2017-11434 at SUSECVE-2017-11434 at NVDCVE-2017-13672 at SUSECVE-2017-13672 at NVDCVE-2017-13673 at SUSECVE-2017-13673 at NVDCVE-2017-13711 at SUSECVE-2017-13711 at NVDCVE-2017-14167 at SUSECVE-2017-14167 at NVDCVE-2017-15038 at SUSECVE-2017-15038 at NVDCVE-2017-15118 at SUSECVE-2017-15118 at NVDCVE-2017-15119 at SUSECVE-2017-15119 at NVDCVE-2017-15268 at SUSECVE-2017-15268 at NVDCVE-2017-15289 at SUSECVE-2017-15289 at NVDCVE-2017-2615 at SUSECVE-2017-2615 at NVDCVE-2017-2620 at SUSECVE-2017-2620 at NVDCVE-2017-2630 at SUSECVE-2017-2630 at NVDCVE-2017-2633 at SUSECVE-2017-2633 at NVDCVE-2017-5525 at SUSECVE-2017-5525 at NVDCVE-2017-5526 at SUSECVE-2017-5526 at NVDCVE-2017-5552 at SUSECVE-2017-5552 at NVDCVE-2017-5578 at SUSECVE-2017-5578 at NVDCVE-2017-5579 at SUSECVE-2017-5579 at NVDCVE-2017-5667 at SUSECVE-2017-5667 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5856 at SUSECVE-2017-5856 at NVDCVE-2017-5857 at SUSECVE-2017-5857 at NVDCVE-2017-5898 at SUSECVE-2017-5898 at NVDCVE-2017-5931 at SUSECVE-2017-5931 at NVDCVE-2017-5973 at SUSECVE-2017-5973 at NVDCVE-2017-5987 at SUSECVE-2017-5987 at NVDCVE-2017-6058 at SUSECVE-2017-6058 at NVDCVE-2017-6505 at SUSECVE-2017-6505 at NVDCVE-2017-7471 at SUSECVE-2017-7471 at NVDCVE-2017-7493 at SUSECVE-2017-7493 at NVDCVE-2017-8112 at SUSECVE-2017-8112 at NVDCVE-2017-8309 at SUSECVE-2017-8309 at NVDCVE-2017-8379 at SUSECVE-2017-8379 at NVDCVE-2017-8380 at SUSECVE-2017-8380 at NVDCVE-2017-9503 at SUSECVE-2017-9503 at NVDCVE-2017-9524 at SUSECVE-2017-9524 at NVDCVE-2018-10839 at SUSECVE-2018-10839 at NVDCVE-2018-11806 at SUSECVE-2018-11806 at NVDCVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-12207 at SUSECVE-2018-12207 at NVDCVE-2018-12617 at SUSECVE-2018-12617 at NVDCVE-2018-15746 at SUSECVE-2018-15746 at NVDCVE-2018-16847 at SUSECVE-2018-16847 at NVDCVE-2018-16872 at SUSECVE-2018-16872 at NVDCVE-2018-17958 at SUSECVE-2018-17958 at NVDCVE-2018-17962 at SUSECVE-2018-17962 at NVDCVE-2018-17963 at SUSECVE-2018-17963 at NVDCVE-2018-18849 at SUSECVE-2018-18849 at NVDCVE-2018-20123 at SUSECVE-2018-20123 at NVDCVE-2018-20124 at SUSECVE-2018-20124 at NVDCVE-2018-20125 at SUSECVE-2018-20125 at NVDCVE-2018-20126 at SUSECVE-2018-20126 at NVDCVE-2018-20191 at SUSECVE-2018-20191 at NVDCVE-2018-20216 at SUSECVE-2018-20216 at NVDCVE-2018-20815 at SUSECVE-2018-20815 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-7550 at SUSECVE-2018-7550 at NVDCVE-2018-7858 at SUSECVE-2018-7858 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-12068 at SUSECVE-2019-12068 at NVDCVE-2019-12155 at SUSECVE-2019-12155 at NVDCVE-2019-13164 at SUSECVE-2019-13164 at NVDCVE-2019-14378 at SUSECVE-2019-14378 at NVDCVE-2019-15890 at SUSECVE-2019-15890 at NVDCVE-2019-5008 at SUSECVE-2019-5008 at NVDCVE-2019-6778 at SUSECVE-2019-6778 at NVDCVE-2019-8934 at SUSECVE-2019-8934 at NVDCVE-2019-9824 at SUSECVE-2019-9824 at NVDCVE-2020-10702 at SUSECVE-2020-10702 at NVDCVE-2020-10717 at SUSECVE-2020-10717 at NVDCVE-2020-10761 at SUSECVE-2020-10761 at NVDCVE-2020-11102 at SUSECVE-2020-11102 at NVDCVE-2020-11869 at SUSECVE-2020-11869 at NVDCVE-2020-13361 at SUSECVE-2020-13361 at NVDCVE-2020-13362 at SUSECVE-2020-13362 at NVDCVE-2020-13659 at SUSECVE-2020-13659 at NVDCVE-2020-13800 at SUSECVE-2020-13800 at NVDCVE-2020-14364 at SUSECVE-2020-14364 at NVDCVE-2020-15863 at SUSECVE-2020-15863 at NVDCVE-2020-16092 at SUSECVE-2020-16092 at NVDCVE-2020-1711 at SUSECVE-2020-1711 at NVDCVE-2020-17380 at SUSECVE-2020-17380 at NVDCVE-2020-1983 at SUSECVE-2020-1983 at NVDCVE-2020-24352 at SUSECVE-2020-24352 at NVDCVE-2020-25085 at SUSECVE-2020-25085 at NVDCVE-2020-25707 at SUSECVE-2020-25707 at NVDCVE-2020-25723 at SUSECVE-2020-25723 at NVDCVE-2020-27821 at SUSECVE-2020-27821 at NVDCVE-2020-29129 at SUSECVE-2020-29129 at NVDCVE-2020-29130 at SUSECVE-2020-29130 at NVDCVE-2020-35503 at SUSECVE-2020-35503 at NVDCVE-2020-7039 at SUSECVE-2020-7039 at NVDCVE-2020-8608 at SUSECVE-2020-8608 at NVDCVE-2021-20181 at SUSECVE-2021-20181 at NVDCVE-2021-20203 at SUSECVE-2021-20203 at NVDCVE-2021-20221 at SUSECVE-2021-20221 at NVDCVE-2021-20257 at SUSECVE-2021-20257 at NVDCVE-2021-20263 at SUSECVE-2021-20263 at NVDCVE-2021-3409 at SUSECVE-2021-3409 at NVDCVE-2021-3416 at SUSECVE-2021-3416 at NVDCVE-2021-3419 at SUSECVE-2021-3419 at NVDCVE-2021-3527 at SUSECVE-2021-3527 at NVDCVE-2021-3544 at SUSECVE-2021-3544 at NVDCVE-2021-3545 at SUSECVE-2021-3545 at NVDCVE-2021-3546 at SUSECVE-2021-3546 at NVDCVE-2021-3582 at SUSECVE-2021-3582 at NVDCVE-2021-3607 at SUSECVE-2021-3607 at NVDCVE-2021-3608 at SUSECVE-2021-3608 at NVDCVE-2021-3682 at SUSECVE-2021-3682 at NVDCVE-2021-3713 at SUSECVE-2021-3713 at NVDCVE-2021-3748 at SUSECVE-2021-3748 at NVDCVE-2021-3929 at SUSECVE-2021-3929 at NVDCVE-2021-4158 at SUSECVE-2021-4158 at NVDCVE-2021-4206 at SUSECVE-2021-4206 at NVDCVE-2021-4207 at SUSECVE-2021-4207 at NVDCVE-2022-0216 at SUSECVE-2022-0216 at NVDCVE-2022-0358 at SUSECVE-2022-0358 at NVDCVE-2022-1050 at SUSECVE-2022-1050 at NVDCVE-2022-26353 at SUSECVE-2022-26353 at NVDCVE-2022-26354 at SUSECVE-2022-26354 at NVDCVE-2022-2962 at SUSECVE-2022-2962 at NVDCVE-2022-3165 at SUSECVE-2022-3165 at NVDCVE-2022-35414 at SUSECVE-2022-35414 at NVDCVE-2022-4144 at SUSECVE-2022-4144 at NVDCVE-2022-4172 at SUSECVE-2022-4172 at NVDCVE-2023-0330 at SUSECVE-2023-0330 at NVDCVE-2023-2861 at SUSECVE-2023-2861 at NVDCVE-2023-3180 at SUSECVE-2023-3180 at NVDCVE-2023-3255 at SUSECVE-2023-3255 at NVDCVE-2023-3301 at SUSECVE-2023-3301 at NVDCVE-2023-3354 at SUSECVE-2023-3354 at NVDCVE-2023-42467 at SUSECVE-2023-42467 at NVDCVE-2023-6693 at SUSECVE-2023-6693 at NVDCVE-2024-26328 at SUSECVE-2024-26328 at NVDCVE-2024-3446 at SUSECVE-2024-3446 at NVDCVE-2024-3447 at SUSECVE-2024-3447 at NVDCVE-2024-3567 at SUSECVE-2024-3567 at NVDCVE-2024-4467 at SUSECVE-2024-4467 at NVDCVE-2024-4693 at SUSECVE-2024-4693 at NVDCVE-2024-7409 at SUSECVE-2024-7409 at NVDCVE-2024-8354 at SUSECVE-2024-8354 at NVDCVE-2024-8612 at SUSECVE-2024-8612 at NVDcpe:/o:suse:sl-micro:6.1qemu-ovmf-x86_64-202402-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the qemu-ovmf-x86_64-202402-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-5731 at SUSECVE-2017-5731 at NVDCVE-2017-5732 at SUSECVE-2017-5732 at NVDCVE-2017-5733 at SUSECVE-2017-5733 at NVDCVE-2017-5734 at SUSECVE-2017-5734 at NVDCVE-2017-5735 at SUSECVE-2017-5735 at NVDCVE-2018-0739 at SUSECVE-2018-0739 at NVDCVE-2018-12178 at SUSECVE-2018-12178 at NVDCVE-2018-12180 at SUSECVE-2018-12180 at NVDCVE-2018-12181 at SUSECVE-2018-12181 at NVDCVE-2018-3613 at SUSECVE-2018-3613 at NVDCVE-2018-3630 at SUSECVE-2018-3630 at NVDCVE-2019-0160 at SUSECVE-2019-0160 at NVDCVE-2019-0161 at SUSECVE-2019-0161 at NVDCVE-2019-14553 at SUSECVE-2019-14553 at NVDCVE-2019-14558 at SUSECVE-2019-14558 at NVDCVE-2019-14559 at SUSECVE-2019-14559 at NVDCVE-2019-14560 at SUSECVE-2019-14560 at NVDCVE-2019-14562 at SUSECVE-2019-14562 at NVDCVE-2019-14563 at SUSECVE-2019-14563 at NVDCVE-2019-14575 at SUSECVE-2019-14575 at NVDCVE-2019-14584 at SUSECVE-2019-14584 at NVDCVE-2019-14586 at SUSECVE-2019-14586 at NVDCVE-2019-14587 at SUSECVE-2019-14587 at NVDCVE-2021-28210 at SUSECVE-2021-28210 at NVDCVE-2021-28211 at SUSECVE-2021-28211 at NVDCVE-2021-38578 at SUSECVE-2021-38578 at NVDCVE-2022-36763 at SUSECVE-2022-36763 at NVDCVE-2022-36764 at SUSECVE-2022-36764 at NVDCVE-2023-45229 at SUSECVE-2023-45229 at NVDCVE-2023-45230 at SUSECVE-2023-45230 at NVDCVE-2023-45231 at SUSECVE-2023-45231 at NVDCVE-2023-45232 at SUSECVE-2023-45232 at NVDCVE-2023-45234 at SUSECVE-2023-45234 at NVDCVE-2023-45235 at SUSECVE-2023-45235 at NVDCVE-2023-48733 at SUSECVE-2023-48733 at NVDcpe:/o:suse:sl-micro:6.1rpcbind-1.2.6-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the rpcbind-1.2.6-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-7236 at SUSECVE-2015-7236 at NVDCVE-2017-8779 at SUSECVE-2017-8779 at NVDcpe:/o:suse:sl-micro:6.1rsync-3.3.0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the rsync-3.3.0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-4091 at SUSECVE-2007-4091 at NVDCVE-2007-6199 at SUSECVE-2007-6199 at NVDCVE-2011-1097 at SUSECVE-2011-1097 at NVDCVE-2014-2855 at SUSECVE-2014-2855 at NVDCVE-2014-8242 at SUSECVE-2014-8242 at NVDCVE-2014-9512 at SUSECVE-2014-9512 at NVDCVE-2017-16548 at SUSECVE-2017-16548 at NVDCVE-2018-5764 at SUSECVE-2018-5764 at NVDCVE-2020-14387 at SUSECVE-2020-14387 at NVDCVE-2022-29154 at SUSECVE-2022-29154 at NVDCVE-2022-37434 at SUSECVE-2022-37434 at NVDcpe:/o:suse:sl-micro:6.1runc-1.1.14-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the runc-1.1.14-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2016-9962 at SUSECVE-2016-9962 at NVDCVE-2018-16873 at SUSECVE-2018-16873 at NVDCVE-2018-16874 at SUSECVE-2018-16874 at NVDCVE-2018-16875 at SUSECVE-2018-16875 at NVDCVE-2019-16884 at SUSECVE-2019-16884 at NVDCVE-2019-19921 at SUSECVE-2019-19921 at NVDCVE-2019-5736 at SUSECVE-2019-5736 at NVDCVE-2021-30465 at SUSECVE-2021-30465 at NVDCVE-2021-43784 at SUSECVE-2021-43784 at NVDCVE-2022-29162 at SUSECVE-2022-29162 at NVDCVE-2023-25809 at SUSECVE-2023-25809 at NVDCVE-2023-27561 at SUSECVE-2023-27561 at NVDCVE-2023-28642 at SUSECVE-2023-28642 at NVDCVE-2024-21626 at SUSECVE-2024-21626 at NVDCVE-2024-45310 at SUSECVE-2024-45310 at NVDcpe:/o:suse:sl-micro:6.1rust-keylime-0.2.6~0-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the rust-keylime-0.2.6~0-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2023-26964 at SUSECVE-2023-26964 at NVDCVE-2024-32650 at SUSECVE-2024-32650 at NVDcpe:/o:suse:sl-micro:6.1samba-client-libs-4.20.2+git.348.4fb6af61307-slfo.1.1_1.8 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the samba-client-libs-4.20.2+git.348.4fb6af61307-slfo.1.1_1.8 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-1059 at SUSECVE-2006-1059 at NVDCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4559 at SUSECVE-2007-4559 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0728 at SUSECVE-2010-0728 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2010-0926 at SUSECVE-2010-0926 at NVDCVE-2010-1635 at SUSECVE-2010-1635 at NVDCVE-2010-1642 at SUSECVE-2010-1642 at NVDCVE-2010-2063 at SUSECVE-2010-2063 at NVDCVE-2010-3069 at SUSECVE-2010-3069 at NVDCVE-2011-0719 at SUSECVE-2011-0719 at NVDCVE-2011-2522 at SUSECVE-2011-2522 at NVDCVE-2011-2694 at SUSECVE-2011-2694 at NVDCVE-2012-0817 at SUSECVE-2012-0817 at NVDCVE-2012-0870 at SUSECVE-2012-0870 at NVDCVE-2012-1182 at SUSECVE-2012-1182 at NVDCVE-2012-2111 at SUSECVE-2012-2111 at NVDCVE-2012-6150 at SUSECVE-2012-6150 at NVDCVE-2013-0172 at SUSECVE-2013-0172 at NVDCVE-2013-0213 at SUSECVE-2013-0213 at NVDCVE-2013-0214 at SUSECVE-2013-0214 at NVDCVE-2013-0454 at SUSECVE-2013-0454 at NVDCVE-2013-1863 at SUSECVE-2013-1863 at NVDCVE-2013-4124 at SUSECVE-2013-4124 at NVDCVE-2013-4408 at SUSECVE-2013-4408 at NVDCVE-2013-4475 at SUSECVE-2013-4475 at NVDCVE-2013-4476 at SUSECVE-2013-4476 at NVDCVE-2013-4496 at SUSECVE-2013-4496 at NVDCVE-2013-6442 at SUSECVE-2013-6442 at NVDCVE-2014-0178 at SUSECVE-2014-0178 at NVDCVE-2014-0239 at SUSECVE-2014-0239 at NVDCVE-2014-0244 at SUSECVE-2014-0244 at NVDCVE-2014-3493 at SUSECVE-2014-3493 at NVDCVE-2014-3560 at SUSECVE-2014-3560 at NVDCVE-2014-8143 at SUSECVE-2014-8143 at NVDCVE-2015-0240 at SUSECVE-2015-0240 at NVDCVE-2015-3223 at SUSECVE-2015-3223 at NVDCVE-2015-5252 at SUSECVE-2015-5252 at NVDCVE-2015-5296 at SUSECVE-2015-5296 at NVDCVE-2015-5299 at SUSECVE-2015-5299 at NVDCVE-2015-5330 at SUSECVE-2015-5330 at NVDCVE-2015-5370 at SUSECVE-2015-5370 at NVDCVE-2015-7560 at SUSECVE-2015-7560 at NVDCVE-2015-8467 at SUSECVE-2015-8467 at NVDCVE-2015-8543 at SUSECVE-2015-8543 at NVDCVE-2016-0771 at SUSECVE-2016-0771 at NVDCVE-2016-2110 at SUSECVE-2016-2110 at NVDCVE-2016-2111 at SUSECVE-2016-2111 at NVDCVE-2016-2112 at SUSECVE-2016-2112 at NVDCVE-2016-2113 at SUSECVE-2016-2113 at NVDCVE-2016-2115 at SUSECVE-2016-2115 at NVDCVE-2016-2118 at SUSECVE-2016-2118 at NVDCVE-2016-2119 at SUSECVE-2016-2119 at NVDCVE-2016-2123 at SUSECVE-2016-2123 at NVDCVE-2016-2124 at SUSECVE-2016-2124 at NVDCVE-2016-2125 at SUSECVE-2016-2125 at NVDCVE-2016-2126 at SUSECVE-2016-2126 at NVDCVE-2017-11103 at SUSECVE-2017-11103 at NVDCVE-2017-12150 at SUSECVE-2017-12150 at NVDCVE-2017-12151 at SUSECVE-2017-12151 at NVDCVE-2017-12163 at SUSECVE-2017-12163 at NVDCVE-2017-14746 at SUSECVE-2017-14746 at NVDCVE-2017-15275 at SUSECVE-2017-15275 at NVDCVE-2017-2619 at SUSECVE-2017-2619 at NVDCVE-2017-7494 at SUSECVE-2017-7494 at NVDCVE-2018-1050 at SUSECVE-2018-1050 at NVDCVE-2018-1057 at SUSECVE-2018-1057 at NVDCVE-2018-10858 at SUSECVE-2018-10858 at NVDCVE-2018-10918 at SUSECVE-2018-10918 at NVDCVE-2018-10919 at SUSECVE-2018-10919 at NVDCVE-2018-1139 at SUSECVE-2018-1139 at NVDCVE-2018-1140 at SUSECVE-2018-1140 at NVDCVE-2018-14628 at SUSECVE-2018-14628 at NVDCVE-2018-14629 at SUSECVE-2018-14629 at NVDCVE-2018-16841 at SUSECVE-2018-16841 at NVDCVE-2018-16851 at SUSECVE-2018-16851 at NVDCVE-2018-16852 at SUSECVE-2018-16852 at NVDCVE-2018-16853 at SUSECVE-2018-16853 at NVDCVE-2018-16857 at SUSECVE-2018-16857 at NVDCVE-2018-16860 at SUSECVE-2018-16860 at NVDCVE-2019-10197 at SUSECVE-2019-10197 at NVDCVE-2019-10218 at SUSECVE-2019-10218 at NVDCVE-2019-12435 at SUSECVE-2019-12435 at NVDCVE-2019-12436 at SUSECVE-2019-12436 at NVDCVE-2019-14833 at SUSECVE-2019-14833 at NVDCVE-2019-14847 at SUSECVE-2019-14847 at NVDCVE-2019-14861 at SUSECVE-2019-14861 at NVDCVE-2019-14870 at SUSECVE-2019-14870 at NVDCVE-2019-14902 at SUSECVE-2019-14902 at NVDCVE-2019-14907 at SUSECVE-2019-14907 at NVDCVE-2019-19344 at SUSECVE-2019-19344 at NVDCVE-2019-3824 at SUSECVE-2019-3824 at NVDCVE-2019-3870 at SUSECVE-2019-3870 at NVDCVE-2019-3880 at SUSECVE-2019-3880 at NVDCVE-2020-10700 at SUSECVE-2020-10700 at NVDCVE-2020-10704 at SUSECVE-2020-10704 at NVDCVE-2020-10730 at SUSECVE-2020-10730 at NVDCVE-2020-10745 at SUSECVE-2020-10745 at NVDCVE-2020-10760 at SUSECVE-2020-10760 at NVDCVE-2020-14303 at SUSECVE-2020-14303 at NVDCVE-2020-14318 at SUSECVE-2020-14318 at NVDCVE-2020-14323 at SUSECVE-2020-14323 at NVDCVE-2020-14383 at SUSECVE-2020-14383 at NVDCVE-2020-1472 at SUSECVE-2020-1472 at NVDCVE-2020-17049 at SUSECVE-2020-17049 at NVDCVE-2020-25717 at SUSECVE-2020-25717 at NVDCVE-2020-25718 at SUSECVE-2020-25718 at NVDCVE-2020-25719 at SUSECVE-2020-25719 at NVDCVE-2020-25721 at SUSECVE-2020-25721 at NVDCVE-2020-25722 at SUSECVE-2020-25722 at NVDCVE-2020-27840 at SUSECVE-2020-27840 at NVDCVE-2021-20251 at SUSECVE-2021-20251 at NVDCVE-2021-20254 at SUSECVE-2021-20254 at NVDCVE-2021-20277 at SUSECVE-2021-20277 at NVDCVE-2021-23192 at SUSECVE-2021-23192 at NVDCVE-2021-3738 at SUSECVE-2021-3738 at NVDCVE-2021-44141 at SUSECVE-2021-44141 at NVDCVE-2021-44142 at SUSECVE-2021-44142 at NVDCVE-2022-0336 at SUSECVE-2022-0336 at NVDCVE-2022-2031 at SUSECVE-2022-2031 at NVDCVE-2022-2127 at SUSECVE-2022-2127 at NVDCVE-2022-32742 at SUSECVE-2022-32742 at NVDCVE-2022-32744 at SUSECVE-2022-32744 at NVDCVE-2022-32745 at SUSECVE-2022-32745 at NVDCVE-2022-32746 at SUSECVE-2022-32746 at NVDCVE-2022-3437 at SUSECVE-2022-3437 at NVDCVE-2022-3592 at SUSECVE-2022-3592 at NVDCVE-2022-37966 at SUSECVE-2022-37966 at NVDCVE-2022-37967 at SUSECVE-2022-37967 at NVDCVE-2022-38023 at SUSECVE-2022-38023 at NVDCVE-2022-42898 at SUSECVE-2022-42898 at NVDCVE-2022-44640 at SUSECVE-2022-44640 at NVDCVE-2023-0225 at SUSECVE-2023-0225 at NVDCVE-2023-0614 at SUSECVE-2023-0614 at NVDCVE-2023-0922 at SUSECVE-2023-0922 at NVDCVE-2023-3347 at SUSECVE-2023-3347 at NVDCVE-2023-34966 at SUSECVE-2023-34966 at NVDCVE-2023-34967 at SUSECVE-2023-34967 at NVDCVE-2023-34968 at SUSECVE-2023-34968 at NVDCVE-2023-3961 at SUSECVE-2023-3961 at NVDCVE-2023-4091 at SUSECVE-2023-4091 at NVDCVE-2023-4154 at SUSECVE-2023-4154 at NVDCVE-2023-42669 at SUSECVE-2023-42669 at NVDCVE-2023-42670 at SUSECVE-2023-42670 at NVDCVE-2023-5568 at SUSECVE-2023-5568 at NVDcpe:/o:suse:sl-micro:6.1sevctl-0.4.3-slfo.1.1_2.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the sevctl-0.4.3-slfo.1.1_2.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2023-50711 at SUSECVE-2023-50711 at NVDcpe:/o:suse:sl-micro:6.1shim-15.8-slfo.1.1_3.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the shim-15.8-slfo.1.1_3.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-3675 at SUSECVE-2014-3675 at NVDCVE-2014-3676 at SUSECVE-2014-3676 at NVDCVE-2014-3677 at SUSECVE-2014-3677 at NVDCVE-2022-28737 at SUSECVE-2022-28737 at NVDCVE-2023-40546 at SUSECVE-2023-40546 at NVDCVE-2023-40547 at SUSECVE-2023-40547 at NVDCVE-2023-40548 at SUSECVE-2023-40548 at NVDCVE-2023-40549 at SUSECVE-2023-40549 at NVDCVE-2023-40550 at SUSECVE-2023-40550 at NVDCVE-2023-40551 at SUSECVE-2023-40551 at NVDcpe:/o:suse:sl-micro:6.1skopeo-1.15.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the skopeo-1.15.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-14992 at SUSECVE-2017-14992 at NVDCVE-2019-10214 at SUSECVE-2019-10214 at NVDCVE-2024-3727 at SUSECVE-2024-3727 at NVDcpe:/o:suse:sl-micro:6.1slirp4netns-1.3.1-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the slirp4netns-1.3.1-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-6778 at SUSECVE-2019-6778 at NVDcpe:/o:suse:sl-micro:6.1socat-1.7.4.3-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the socat-1.7.4.3-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2013-3571 at SUSECVE-2013-3571 at NVDCVE-2014-0019 at SUSECVE-2014-0019 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sl-micro:6.1squashfs-4.6.1-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the squashfs-4.6.1-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2012-4024 at SUSECVE-2012-4024 at NVDCVE-2012-4025 at SUSECVE-2012-4025 at NVDCVE-2015-4645 at SUSECVE-2015-4645 at NVDCVE-2015-4646 at SUSECVE-2015-4646 at NVDCVE-2021-40153 at SUSECVE-2021-40153 at NVDCVE-2021-41072 at SUSECVE-2021-41072 at NVDcpe:/o:suse:sl-micro:6.1sudo-1.9.15p5-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the sudo-1.9.15p5-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2005-4158 at SUSECVE-2005-4158 at NVDCVE-2010-1163 at SUSECVE-2010-1163 at NVDCVE-2010-1646 at SUSECVE-2010-1646 at NVDCVE-2011-0010 at SUSECVE-2011-0010 at NVDCVE-2012-2337 at SUSECVE-2012-2337 at NVDCVE-2013-1775 at SUSECVE-2013-1775 at NVDCVE-2013-1776 at SUSECVE-2013-1776 at NVDCVE-2014-9680 at SUSECVE-2014-9680 at NVDCVE-2016-7032 at SUSECVE-2016-7032 at NVDCVE-2016-7076 at SUSECVE-2016-7076 at NVDCVE-2017-1000367 at SUSECVE-2017-1000367 at NVDCVE-2017-1000368 at SUSECVE-2017-1000368 at NVDCVE-2019-14287 at SUSECVE-2019-14287 at NVDCVE-2019-18634 at SUSECVE-2019-18634 at NVDCVE-2021-23239 at SUSECVE-2021-23239 at NVDCVE-2021-23240 at SUSECVE-2021-23240 at NVDCVE-2021-3156 at SUSECVE-2021-3156 at NVDCVE-2022-43995 at SUSECVE-2022-43995 at NVDCVE-2023-22809 at SUSECVE-2023-22809 at NVDCVE-2023-27320 at SUSECVE-2023-27320 at NVDCVE-2023-42456 at SUSECVE-2023-42456 at NVDCVE-2023-42465 at SUSECVE-2023-42465 at NVDcpe:/o:suse:sl-micro:6.1supportutils-3.2.7-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the supportutils-3.2.7-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-19637 at SUSECVE-2018-19637 at NVDCVE-2018-19638 at SUSECVE-2018-19638 at NVDCVE-2018-19639 at SUSECVE-2018-19639 at NVDCVE-2018-19640 at SUSECVE-2018-19640 at NVDCVE-2022-45154 at SUSECVE-2022-45154 at NVDcpe:/o:suse:sl-micro:6.1suse-module-tools-16.0.43-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the suse-module-tools-16.0.43-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2023-1829 at SUSECVE-2023-1829 at NVDCVE-2023-23559 at SUSECVE-2023-23559 at NVDcpe:/o:suse:sl-micro:6.1swtpm-0.9.0-slfo.1.1_2.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the swtpm-0.9.0-slfo.1.1_2.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2020-28407 at SUSECVE-2020-28407 at NVDCVE-2022-23645 at SUSECVE-2022-23645 at NVDcpe:/o:suse:sl-micro:6.1sysstat-12.6.2-slfo.1.1_1.5 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the sysstat-12.6.2-slfo.1.1_1.5 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-3852 at SUSECVE-2007-3852 at NVDCVE-2018-19416 at SUSECVE-2018-19416 at NVDCVE-2018-19517 at SUSECVE-2018-19517 at NVDCVE-2019-16167 at SUSECVE-2019-16167 at NVDCVE-2019-19725 at SUSECVE-2019-19725 at NVDCVE-2022-39377 at SUSECVE-2022-39377 at NVDCVE-2023-33204 at SUSECVE-2023-33204 at NVDcpe:/o:suse:sl-micro:6.1sysvinit-tools-3.00-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the sysvinit-tools-3.00-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2011-2483 at SUSECVE-2011-2483 at NVDcpe:/o:suse:sl-micro:6.1tar-1.35-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the tar-1.35-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2001-1267 at SUSECVE-2001-1267 at NVDCVE-2002-0399 at SUSECVE-2002-0399 at NVDCVE-2005-1918 at SUSECVE-2005-1918 at NVDCVE-2006-0300 at SUSECVE-2006-0300 at NVDCVE-2006-6097 at SUSECVE-2006-6097 at NVDCVE-2010-0624 at SUSECVE-2010-0624 at NVDCVE-2016-6321 at SUSECVE-2016-6321 at NVDCVE-2018-20482 at SUSECVE-2018-20482 at NVDCVE-2019-9923 at SUSECVE-2019-9923 at NVDCVE-2021-20193 at SUSECVE-2021-20193 at NVDCVE-2022-48303 at SUSECVE-2022-48303 at NVDCVE-2023-39804 at SUSECVE-2023-39804 at NVDcpe:/o:suse:sl-micro:6.1tftp-5.2-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the tftp-5.2-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2011-2199 at SUSECVE-2011-2199 at NVDcpe:/o:suse:sl-micro:6.1tpm2.0-tools-5.7-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the tpm2.0-tools-5.7-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-7524 at SUSECVE-2017-7524 at NVDCVE-2021-3565 at SUSECVE-2021-3565 at NVDCVE-2024-29038 at SUSECVE-2024-29038 at NVDCVE-2024-29039 at SUSECVE-2024-29039 at NVDcpe:/o:suse:sl-micro:6.1traceroute-2.1.3-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the traceroute-2.1.3-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2023-46316 at SUSECVE-2023-46316 at NVDcpe:/o:suse:sl-micro:6.1u-boot-rpiarm64-2023.04-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the u-boot-rpiarm64-2023.04-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-18439 at SUSECVE-2018-18439 at NVDCVE-2018-18440 at SUSECVE-2018-18440 at NVDCVE-2020-10648 at SUSECVE-2020-10648 at NVDCVE-2020-8432 at SUSECVE-2020-8432 at NVDcpe:/o:suse:sl-micro:6.1ucode-intel-20240910-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the ucode-intel-20240910-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-3640 at SUSECVE-2018-3640 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-11139 at SUSECVE-2019-11139 at NVDCVE-2020-0543 at SUSECVE-2020-0543 at NVDCVE-2020-0548 at SUSECVE-2020-0548 at NVDCVE-2020-0549 at SUSECVE-2020-0549 at NVDCVE-2020-24489 at SUSECVE-2020-24489 at NVDCVE-2020-24511 at SUSECVE-2020-24511 at NVDCVE-2020-24512 at SUSECVE-2020-24512 at NVDCVE-2020-24513 at SUSECVE-2020-24513 at NVDCVE-2020-8695 at SUSECVE-2020-8695 at NVDCVE-2020-8696 at SUSECVE-2020-8696 at NVDCVE-2020-8698 at SUSECVE-2020-8698 at NVDCVE-2021-0127 at SUSECVE-2021-0127 at NVDCVE-2021-0145 at SUSECVE-2021-0145 at NVDCVE-2021-0146 at SUSECVE-2021-0146 at NVDCVE-2021-33120 at SUSECVE-2021-33120 at NVDCVE-2022-21151 at SUSECVE-2022-21151 at NVDCVE-2022-21216 at SUSECVE-2022-21216 at NVDCVE-2022-21233 at SUSECVE-2022-21233 at NVDCVE-2022-33196 at SUSECVE-2022-33196 at NVDCVE-2022-33972 at SUSECVE-2022-33972 at NVDCVE-2022-38090 at SUSECVE-2022-38090 at NVDCVE-2022-40982 at SUSECVE-2022-40982 at NVDCVE-2022-41804 at SUSECVE-2022-41804 at NVDCVE-2023-22655 at SUSECVE-2023-22655 at NVDCVE-2023-23583 at SUSECVE-2023-23583 at NVDCVE-2023-23908 at SUSECVE-2023-23908 at NVDCVE-2023-28746 at SUSECVE-2023-28746 at NVDCVE-2023-38575 at SUSECVE-2023-38575 at NVDCVE-2023-39368 at SUSECVE-2023-39368 at NVDCVE-2023-42667 at SUSECVE-2023-42667 at NVDCVE-2023-43490 at SUSECVE-2023-43490 at NVDCVE-2023-45733 at SUSECVE-2023-45733 at NVDCVE-2023-45745 at SUSECVE-2023-45745 at NVDCVE-2023-46103 at SUSECVE-2023-46103 at NVDCVE-2023-47855 at SUSECVE-2023-47855 at NVDCVE-2023-49141 at SUSECVE-2023-49141 at NVDCVE-2024-23984 at SUSECVE-2024-23984 at NVDCVE-2024-24853 at SUSECVE-2024-24853 at NVDCVE-2024-24968 at SUSECVE-2024-24968 at NVDCVE-2024-24980 at SUSECVE-2024-24980 at NVDCVE-2024-25939 at SUSECVE-2024-25939 at NVDcpe:/o:suse:sl-micro:6.1update-alternatives-1.22.0-slfo.1.1_1.4 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the update-alternatives-1.22.0-slfo.1.1_1.4 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2015-0840 at SUSECVE-2015-0840 at NVDCVE-2022-1664 at SUSECVE-2022-1664 at NVDcpe:/o:suse:sl-micro:6.1vim-data-common-9.1.0330-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the vim-data-common-9.1.0330-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2007-2438 at SUSECVE-2007-2438 at NVDCVE-2007-2953 at SUSECVE-2007-2953 at NVDCVE-2009-0316 at SUSECVE-2009-0316 at NVDCVE-2017-1000382 at SUSECVE-2017-1000382 at NVDCVE-2017-5953 at SUSECVE-2017-5953 at NVDCVE-2017-6349 at SUSECVE-2017-6349 at NVDCVE-2017-6350 at SUSECVE-2017-6350 at NVDCVE-2019-12735 at SUSECVE-2019-12735 at NVDCVE-2021-46059 at SUSECVE-2021-46059 at NVDCVE-2022-0156 at SUSECVE-2022-0156 at NVDCVE-2022-0213 at SUSECVE-2022-0213 at NVDCVE-2022-0261 at SUSECVE-2022-0261 at NVDCVE-2022-0318 at SUSECVE-2022-0318 at NVDCVE-2022-0319 at SUSECVE-2022-0319 at NVDCVE-2022-0351 at SUSECVE-2022-0351 at NVDCVE-2022-0359 at SUSECVE-2022-0359 at NVDCVE-2022-0361 at SUSECVE-2022-0361 at NVDCVE-2022-0368 at SUSECVE-2022-0368 at NVDCVE-2022-0392 at SUSECVE-2022-0392 at NVDCVE-2022-0393 at SUSECVE-2022-0393 at NVDCVE-2022-0407 at SUSECVE-2022-0407 at NVDCVE-2022-0408 at SUSECVE-2022-0408 at NVDCVE-2022-0413 at SUSECVE-2022-0413 at NVDCVE-2022-0417 at SUSECVE-2022-0417 at NVDCVE-2022-0443 at SUSECVE-2022-0443 at NVDCVE-2022-0554 at SUSECVE-2022-0554 at NVDCVE-2022-0572 at SUSECVE-2022-0572 at NVDCVE-2022-0629 at SUSECVE-2022-0629 at NVDCVE-2022-0685 at SUSECVE-2022-0685 at NVDCVE-2022-0696 at SUSECVE-2022-0696 at NVDCVE-2022-0714 at SUSECVE-2022-0714 at NVDCVE-2022-0729 at SUSECVE-2022-0729 at NVDCVE-2022-0943 at SUSECVE-2022-0943 at NVDCVE-2022-1154 at SUSECVE-2022-1154 at NVDCVE-2022-1160 at SUSECVE-2022-1160 at NVDCVE-2022-1381 at SUSECVE-2022-1381 at NVDCVE-2022-1420 at SUSECVE-2022-1420 at NVDCVE-2022-1616 at SUSECVE-2022-1616 at NVDCVE-2022-1619 at SUSECVE-2022-1619 at NVDCVE-2022-1620 at SUSECVE-2022-1620 at NVDCVE-2022-1621 at SUSECVE-2022-1621 at NVDCVE-2022-1629 at SUSECVE-2022-1629 at NVDCVE-2022-1674 at SUSECVE-2022-1674 at NVDCVE-2022-1720 at SUSECVE-2022-1720 at NVDCVE-2022-1733 at SUSECVE-2022-1733 at NVDCVE-2022-1735 at SUSECVE-2022-1735 at NVDCVE-2022-1769 at SUSECVE-2022-1769 at NVDCVE-2022-1771 at SUSECVE-2022-1771 at NVDCVE-2022-1785 at SUSECVE-2022-1785 at NVDCVE-2022-1796 at SUSECVE-2022-1796 at NVDCVE-2022-1851 at SUSECVE-2022-1851 at NVDCVE-2022-1886 at SUSECVE-2022-1886 at NVDCVE-2022-1897 at SUSECVE-2022-1897 at NVDCVE-2022-1898 at SUSECVE-2022-1898 at NVDCVE-2022-1927 at SUSECVE-2022-1927 at NVDCVE-2022-1942 at SUSECVE-2022-1942 at NVDCVE-2022-1968 at SUSECVE-2022-1968 at NVDCVE-2022-2000 at SUSECVE-2022-2000 at NVDCVE-2022-2042 at SUSECVE-2022-2042 at NVDCVE-2022-2124 at SUSECVE-2022-2124 at NVDCVE-2022-2125 at SUSECVE-2022-2125 at NVDCVE-2022-2126 at SUSECVE-2022-2126 at NVDCVE-2022-2129 at SUSECVE-2022-2129 at NVDCVE-2022-2175 at SUSECVE-2022-2175 at NVDCVE-2022-2182 at SUSECVE-2022-2182 at NVDCVE-2022-2183 at SUSECVE-2022-2183 at NVDCVE-2022-2206 at SUSECVE-2022-2206 at NVDCVE-2022-2207 at SUSECVE-2022-2207 at NVDCVE-2022-2208 at SUSECVE-2022-2208 at NVDCVE-2022-2210 at SUSECVE-2022-2210 at NVDCVE-2022-2231 at SUSECVE-2022-2231 at NVDCVE-2022-2257 at SUSECVE-2022-2257 at NVDCVE-2022-2264 at SUSECVE-2022-2264 at NVDCVE-2022-2284 at SUSECVE-2022-2284 at NVDCVE-2022-2285 at SUSECVE-2022-2285 at NVDCVE-2022-2286 at SUSECVE-2022-2286 at NVDCVE-2022-2287 at SUSECVE-2022-2287 at NVDCVE-2022-2288 at SUSECVE-2022-2288 at NVDCVE-2022-2289 at SUSECVE-2022-2289 at NVDCVE-2022-2304 at SUSECVE-2022-2304 at NVDCVE-2022-2343 at SUSECVE-2022-2343 at NVDCVE-2022-2344 at SUSECVE-2022-2344 at NVDCVE-2022-2345 at SUSECVE-2022-2345 at NVDCVE-2022-2522 at SUSECVE-2022-2522 at NVDCVE-2022-2571 at SUSECVE-2022-2571 at NVDCVE-2022-2580 at SUSECVE-2022-2580 at NVDCVE-2022-2581 at SUSECVE-2022-2581 at NVDCVE-2022-2598 at SUSECVE-2022-2598 at NVDCVE-2022-2816 at SUSECVE-2022-2816 at NVDCVE-2022-2817 at SUSECVE-2022-2817 at NVDCVE-2022-2819 at SUSECVE-2022-2819 at NVDCVE-2022-2845 at SUSECVE-2022-2845 at NVDCVE-2022-2849 at SUSECVE-2022-2849 at NVDCVE-2022-2862 at SUSECVE-2022-2862 at NVDCVE-2022-2874 at SUSECVE-2022-2874 at NVDCVE-2022-2889 at SUSECVE-2022-2889 at NVDCVE-2022-2923 at SUSECVE-2022-2923 at NVDCVE-2022-2946 at SUSECVE-2022-2946 at NVDCVE-2022-2980 at SUSECVE-2022-2980 at NVDCVE-2022-2982 at SUSECVE-2022-2982 at NVDCVE-2022-3016 at SUSECVE-2022-3016 at NVDCVE-2022-3037 at SUSECVE-2022-3037 at NVDCVE-2022-3099 at SUSECVE-2022-3099 at NVDCVE-2022-3134 at SUSECVE-2022-3134 at NVDCVE-2022-3153 at SUSECVE-2022-3153 at NVDCVE-2022-3234 at SUSECVE-2022-3234 at NVDCVE-2022-3235 at SUSECVE-2022-3235 at NVDCVE-2022-3352 at SUSECVE-2022-3352 at NVDCVE-2023-1127 at SUSECVE-2023-1127 at NVDCVE-2023-1170 at SUSECVE-2023-1170 at NVDCVE-2023-1175 at SUSECVE-2023-1175 at NVDCVE-2023-1264 at SUSECVE-2023-1264 at NVDCVE-2023-1355 at SUSECVE-2023-1355 at NVDCVE-2023-2426 at SUSECVE-2023-2426 at NVDCVE-2023-2609 at SUSECVE-2023-2609 at NVDCVE-2023-46246 at SUSECVE-2023-46246 at NVDCVE-2023-4733 at SUSECVE-2023-4733 at NVDCVE-2023-4734 at SUSECVE-2023-4734 at NVDCVE-2023-4735 at SUSECVE-2023-4735 at NVDCVE-2023-4738 at SUSECVE-2023-4738 at NVDCVE-2023-4750 at SUSECVE-2023-4750 at NVDCVE-2023-4751 at SUSECVE-2023-4751 at NVDCVE-2023-4752 at SUSECVE-2023-4752 at NVDCVE-2023-4781 at SUSECVE-2023-4781 at NVDCVE-2023-48231 at SUSECVE-2023-48231 at NVDCVE-2023-48232 at SUSECVE-2023-48232 at NVDCVE-2023-48233 at SUSECVE-2023-48233 at NVDCVE-2023-48234 at SUSECVE-2023-48234 at NVDCVE-2023-48235 at SUSECVE-2023-48235 at NVDCVE-2023-48236 at SUSECVE-2023-48236 at NVDCVE-2023-48237 at SUSECVE-2023-48237 at NVDCVE-2023-48706 at SUSECVE-2023-48706 at NVDCVE-2023-5344 at SUSECVE-2023-5344 at NVDCVE-2023-5441 at SUSECVE-2023-5441 at NVDCVE-2023-5535 at SUSECVE-2023-5535 at NVDCVE-2024-22667 at SUSECVE-2024-22667 at NVDcpe:/o:suse:sl-micro:6.1virt-install-4.1.0-slfo.1.1_1.3 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the virt-install-4.1.0-slfo.1.1_1.3 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2019-10183 at SUSECVE-2019-10183 at NVDcpe:/o:suse:sl-micro:6.1wget-1.24.5-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the wget-1.24.5-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2006-6719 at SUSECVE-2006-6719 at NVDCVE-2010-2252 at SUSECVE-2010-2252 at NVDCVE-2012-4929 at SUSECVE-2012-4929 at NVDCVE-2014-4877 at SUSECVE-2014-4877 at NVDCVE-2015-7665 at SUSECVE-2015-7665 at NVDCVE-2016-4971 at SUSECVE-2016-4971 at NVDCVE-2017-13089 at SUSECVE-2017-13089 at NVDCVE-2017-13090 at SUSECVE-2017-13090 at NVDCVE-2017-6508 at SUSECVE-2017-6508 at NVDCVE-2018-0494 at SUSECVE-2018-0494 at NVDCVE-2018-20483 at SUSECVE-2018-20483 at NVDCVE-2019-5953 at SUSECVE-2019-5953 at NVDCVE-2024-38428 at SUSECVE-2024-38428 at NVDcpe:/o:suse:sl-micro:6.1wpa_supplicant-2.11-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the wpa_supplicant-2.11-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2014-3686 at SUSECVE-2014-3686 at NVDCVE-2015-1863 at SUSECVE-2015-1863 at NVDCVE-2015-4141 at SUSECVE-2015-4141 at NVDCVE-2015-4142 at SUSECVE-2015-4142 at NVDCVE-2015-4143 at SUSECVE-2015-4143 at NVDCVE-2015-4144 at SUSECVE-2015-4144 at NVDCVE-2015-4145 at SUSECVE-2015-4145 at NVDCVE-2015-4146 at SUSECVE-2015-4146 at NVDCVE-2015-5310 at SUSECVE-2015-5310 at NVDCVE-2015-5315 at SUSECVE-2015-5315 at NVDCVE-2015-5316 at SUSECVE-2015-5316 at NVDCVE-2015-8041 at SUSECVE-2015-8041 at NVDCVE-2016-4476 at SUSECVE-2016-4476 at NVDCVE-2016-4477 at SUSECVE-2016-4477 at NVDCVE-2017-13077 at SUSECVE-2017-13077 at NVDCVE-2017-13078 at SUSECVE-2017-13078 at NVDCVE-2017-13079 at SUSECVE-2017-13079 at NVDCVE-2017-13080 at SUSECVE-2017-13080 at NVDCVE-2017-13081 at SUSECVE-2017-13081 at NVDCVE-2017-13082 at SUSECVE-2017-13082 at NVDCVE-2017-13086 at SUSECVE-2017-13086 at NVDCVE-2017-13087 at SUSECVE-2017-13087 at NVDCVE-2017-13088 at SUSECVE-2017-13088 at NVDCVE-2018-14526 at SUSECVE-2018-14526 at NVDCVE-2019-11555 at SUSECVE-2019-11555 at NVDCVE-2019-13377 at SUSECVE-2019-13377 at NVDCVE-2019-16275 at SUSECVE-2019-16275 at NVDCVE-2019-9494 at SUSECVE-2019-9494 at NVDCVE-2019-9495 at SUSECVE-2019-9495 at NVDCVE-2019-9497 at SUSECVE-2019-9497 at NVDCVE-2019-9498 at SUSECVE-2019-9498 at NVDCVE-2019-9499 at SUSECVE-2019-9499 at NVDCVE-2021-0326 at SUSECVE-2021-0326 at NVDCVE-2021-27803 at SUSECVE-2021-27803 at NVDCVE-2021-30004 at SUSECVE-2021-30004 at NVDCVE-2023-52160 at SUSECVE-2023-52160 at NVDCVE-2023-52424 at SUSECVE-2023-52424 at NVDcpe:/o:suse:sl-micro:6.1yast2-logs-4.6.2-slfo.1.1_1.1 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the yast2-logs-4.6.2-slfo.1.1_1.1 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2011-3177 at SUSECVE-2011-3177 at NVDcpe:/o:suse:sl-micro:6.1zram-generator-1.1.2-slfo.1.1_1.2 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the zram-generator-1.1.2-slfo.1.1_1.2 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2018-25023 at SUSECVE-2018-25023 at NVDCVE-2021-45710 at SUSECVE-2021-45710 at NVDcpe:/o:suse:sl-micro:6.1zypper-1.14.77-slfo.1.1_1.7 on GA media (Moderate)SUSE Linux Micro 6.1
These are all security issues fixed in the zypper-1.14.77-slfo.1.1_1.7 package on the GA media of SUSE Linux Micro 6.1. ModerateCVE-2017-7436 at SUSECVE-2017-7436 at NVDCVE-2017-9269 at SUSECVE-2017-9269 at NVDcpe:/o:suse:sl-micro:6.1Security update for grub2 (Important)SUSE Linux Micro 6.2
This update for grub2 fixes the following issues:
Changes in grub2:
- CVE-2025-54771: Fixed grub_file_close() does not properly controls the fs refcount (bsc#1252931)
- CVE-2025-54770: Fixed missing unregister call for net_set_vlan command may lead to use-after-free (bsc#1252930)
- CVE-2025-61662: Fixed missing unregister call for gettext command may lead to use-after-free (bsc#1252933)
- CVE-2025-61663: Fixed missing unregister call for normal commands may lead to use-after-free (bsc#1252934)
- CVE-2025-61664: Fixed missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935)
- CVE-2025-61661: Fixed out-of-bounds write in grub_usb_get_string() function (bsc#1252932)
- Bump upstream SBAT generation to 6
- Fix "sparse file not allowed" error after grub2-reboot (bsc#1245738)
- Fix PowerPC network boot prefix to correctly locate grub.cfg (bsc#1249385)
- turn off page flipping for i386-pc using VBE video backend (bsc#1245636)
- Fix boot hangs in setting up serial console when ACPI SPCR table is present
and redirection is disabled (bsc#1249088)
- Fix timeout when loading initrd via http after PPC CAS reboot (bsc#1245953)
- Skip mount point in grub_find_device function (bsc#1246231)
- CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959)
ImportantSUSE bug 1234959SUSE bug 1245636SUSE bug 1245738SUSE bug 1245953SUSE bug 1246231SUSE bug 1247242SUSE bug 1249088SUSE bug 1249385SUSE bug 1252930SUSE bug 1252931SUSE bug 1252932SUSE bug 1252933SUSE bug 1252934SUSE bug 1252935CVE-2024-56738 at SUSECVE-2024-56738 at NVDCVE-2025-54770 at SUSECVE-2025-54770 at NVDCVE-2025-54771 at SUSECVE-2025-54771 at NVDCVE-2025-61661 at SUSECVE-2025-61661 at NVDCVE-2025-61662 at SUSECVE-2025-61662 at NVDCVE-2025-61663 at SUSECVE-2025-61663 at NVDCVE-2025-61664 at SUSECVE-2025-61664 at NVDcpe:/o:suse:sl-micro:6.2Security update for openssl-3 (Important)SUSE Linux Micro 6.2
This update for openssl-3 fixes the following issues:
- CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap (bsc#1250232)
- CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm on 64 bit ARM (bsc#1250233)
- CVE-2025-9232: Fixed out-of-bounds read in HTTP client no_proxy handling (bsc#1250234)
ImportantSUSE bug 1250232SUSE bug 1250233SUSE bug 1250234CVE-2025-9230 at SUSECVE-2025-9230 at NVDCVE-2025-9231 at SUSECVE-2025-9231 at NVDCVE-2025-9232 at SUSECVE-2025-9232 at NVDcpe:/o:suse:sl-micro:6.2Security update for qemu (Important)SUSE Linux Micro 6.2
This update for qemu fixes the following issues:
Update to version 10.0.7.
Security issues fixed:
- CVE-2025-12464: stack-based buffer overflow in the e1000 network device operations can be exploited by a malicious
guest user to crash the QEMU process on the host (bsc#1253002).
- CVE-2025-11234: use-after-free in WebSocket handshake operations can be exploited by a malicious client with network
access to the VNC WebSocket port to cause a denial-of-service (bsc#1250984).
Other updates and bugfixes:
- Version 10.0.7:
* kvm: Fix kvm_vm_ioctl() and kvm_device_ioctl() return value
* docs/devel: Update URL for make-pullreq script
* target/arm: Fix assert on BRA.
* hw/aspeed/{xdma, rtc, sdhci}: Fix endianness to DEVICE_LITTLE_ENDIAN
* hw/core/machine: Provide a description for aux-ram-share property
* hw/pci: Make msix_init take a uint32_t for nentries
* block/io_uring: avoid potentially getting stuck after resubmit at the end of ioq_submit()
* block-backend: Fix race when resuming queued requests
* ui/vnc: Fix qemu abort when query vnc info
* chardev/char-pty: Do not ignore chr_write() failures
* hw/display/exynos4210_fimd: Account for zero length in fimd_update_memory_section()
* hw/arm/armv7m: Disable reentrancy guard for v7m_sysreg_ns_ops MRs
* hw/arm/aspeed: Fix missing SPI IRQ connection causing DMA interrupt failure
* migration: Fix transition to COLO state from precopy
* Full backport list: https://lore.kernel.org/qemu-devel/1765037524.347582.2700543.nullmailer@tls.msk.ru/
- Version 10.0.6:
* linux-user/microblaze: Fix little-endianness binary
* target/hppa: correct size bit parity for fmpyadd
* target/i386: user: do not set up a valid LDT on reset
* async: access bottom half flags with qatomic_read
* target/i386: fix x86_64 pushw op
* i386/tcg/smm_helper: Properly apply DR values on SMM entry / exit
* i386/cpu: Prevent delivering SIPI during SMM in TCG mode
* i386/kvm: Expose ARCH_CAP_FB_CLEAR when invulnerable to MDS
* target/i386: Fix CR2 handling for non-canonical addresses
* block/curl.c: Use explicit long constants in curl_easy_setopt calls
* pcie_sriov: Fix broken MMIO accesses from SR-IOV VFs
* target/riscv: rvv: Fix vslide1[up|down].vx unexpected result when XLEN2 and SEWd
* target/riscv: Fix ssamoswap error handling
* Full backport list: https://lore.kernel.org/qemu-devel/1761022287.744330.6357.nullmailer@tls.msk.ru/
- Version 10.0.5:
* tests/functional/test_aarch64_sbsaref_freebsd: Fix the URL of the ISO image
* tests/functional/test_ppc_bamboo: Replace broken link with working assets
* physmem: Destroy all CPU AddressSpaces on unrealize
* memory: New AS helper to serialize destroy+free
* include/system/memory.h: Clarify address_space_destroy() behaviour
* migration: Fix state transition in postcopy_start() error handling
* target/riscv: rvv: Modify minimum VLEN according to enabled vector extensions
* target/riscv: rvv: Replace checking V by checking Zve32x
* target/riscv: Fix endianness swap on compressed instructions
* hw/riscv/riscv-iommu: Fixup PDT Nested Walk
* Full backport list: https://lore.kernel.org/qemu-devel/1759986125.676506.643525.nullmailer@tls.msk.ru/
- [openSUSE][RPM]: really fix *-virtio-gpu-pci dependency on ARM (bsc#1254286).
- [openSUSE][RPM] spec: make glusterfs support conditional (bsc#1254494).
ImportantSUSE bug 1230042SUSE bug 1250984SUSE bug 1253002SUSE bug 1254286SUSE bug 1254494CVE-2025-11234 at SUSECVE-2025-11234 at NVDCVE-2025-12464 at SUSECVE-2025-12464 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Important)SUSE Linux Micro 6.2
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2022-50253: bpf: make sure skb->len != 0 when redirecting to a tunneling device (bsc#1249912).
- CVE-2025-37916: pds_core: remove write-after-free of client_id (bsc#1243474).
- CVE-2025-38084: mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431 bsc#1245498).
- CVE-2025-38085: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431 bsc#1245499).
- CVE-2025-38321: smb: Log an error when close_all_cached_dirs fails (bsc#1246328).
- CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256).
- CVE-2025-39805: net: macb: fix unregister_netdev call order in macb_remove() (bsc#1249982).
- CVE-2025-39819: fs/smb: Fix inconsistent refcnt update (bsc#1250176).
- CVE-2025-39822: io_uring/kbuf: fix signedness in this_len calculation (bsc#1250034).
- CVE-2025-39831: fbnic: Move phylink resume out of service_task and into open/close (bsc#1249977).
- CVE-2025-39859: ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog (bsc#1250252).
- CVE-2025-39897: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval (bsc#1250746).
- CVE-2025-39917: bpf: Fix out-of-bounds dynptr write in bpf_crypto_crypt (bsc#1250723).
- CVE-2025-39944: octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() (bsc#1251120).
- CVE-2025-39961: iommu/amd/pgtbl: Fix possible race while increase page table level (bsc#1251817).
- CVE-2025-39980: nexthop: Forbid FDB status change while nexthop is in a group (bsc#1252063).
- CVE-2025-39990: bpf: Check the helper function is valid in get_helper_proto (bsc#1252054).
- CVE-2025-40001: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (bsc#1252303).
- CVE-2025-40003: net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work (bsc#1252301).
- CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342).
- CVE-2025-40021: tracing: dynevent: Add a missing lockdown check on dynevent (bsc#1252681).
- CVE-2025-40024: vhost: Take a reference on the task in struct vhost_task (bsc#1252686).
- CVE-2025-40027: net/9p: fix double req put in p9_fd_cancelled (bsc#1252763).
- CVE-2025-40031: tee: fix register_shm_helper() (bsc#1252779).
- CVE-2025-40033: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (bsc#1252824).
- CVE-2025-40038: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid (bsc#1252817).
- CVE-2025-40047: io_uring/waitid: always prune wait queue entry in io_waitid_wait() (bsc#1252790).
- CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808).
- CVE-2025-40055: ocfs2: fix double free in user_cluster_connect() (bsc#1252821).
- CVE-2025-40059: coresight: Fix incorrect handling for return value of devm_kzalloc (bsc#1252809).
- CVE-2025-40064: smc: Fix use-after-free in __pnet_find_base_ndev() (bsc#1252845).
- CVE-2025-40070: pps: fix warning in pps_register_cdev when register device fail (bsc#1252836).
- CVE-2025-40074: tcp: convert to dev_net_rcu() (bsc#1252794).
- CVE-2025-40075: tcp_metrics: use dst_dev_net_rcu() (bsc#1252795).
- CVE-2025-40081: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (bsc#1252776).
- CVE-2025-40083: net/sched: sch_qfq: Fix null-deref in agg_dequeue (bsc#1252912).
- CVE-2025-40086: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds (bsc#1252923).
- CVE-2025-40098: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (bsc#1252917).
- CVE-2025-40101: btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST (bsc#1252901).
- CVE-2025-40102: KVM: arm64: Prevent access to vCPU events before init (bsc#1252919).
- CVE-2025-40105: vfs: Don't leak disconnected dentries on umount (bsc#1252928).
- CVE-2025-40133: mptcp: Call dst_release() in mptcp_active_enable() (bsc#1253328).
- CVE-2025-40134: dm: fix NULL pointer dereference in __dm_suspend() (bsc#1253386).
- CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342).
- CVE-2025-40139: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (bsc#1253409).
- CVE-2025-40149: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (bsc#1253355).
- CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408).
- CVE-2025-40157: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller (bsc#1253423).
- CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253403).
- CVE-2025-40168: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (bsc#1253427).
- CVE-2025-40169: bpf: Reject negative offsets for ALU ops (bsc#1253416).
- CVE-2025-40173: net/ip6_tunnel: Prevent perpetual tunnel growth (bsc#1253421).
- CVE-2025-40175: idpf: cleanup remaining SKBs in PTP flows (bsc#1253426).
- CVE-2025-40176: tls: wait for pending async decryptions if tls_strp_msg_hold fails (bsc#1253425).
- CVE-2025-40178: pid: Add a judgment for ns null in pid_nr_ns (bsc#1253463).
- CVE-2025-40185: ice: ice_adapter: release xa entry on adapter allocation failure (bsc#1253394).
- CVE-2025-40201: kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths (bsc#1253455).
- CVE-2025-40203: listmount: don't call path_put() under namespace semaphore (bsc#1253457).
The following non security issues were fixed:
- ACPI: scan: Update honor list for RPMI System MSI (stable-fixes).
- ACPICA: Update dsmethod.c to get rid of unused variable warning (stable-fixes).
- Disable CONFIG_CPU5_WDT The cpu5wdt driver doesn't implement a
proper watchdog interface and has many code issues. It only handles
obscure and obsolete hardware. Stop building and supporting this driver
(jsc#PED-14062).
- Fix "drm/xe: Don't allow evicting of BOs in same VM in array of VM binds" (bsc#1252923)
- KVM: SVM: Delete IRTE link from previous vCPU before setting new IRTE (git-fixes).
- KVM: SVM: Delete IRTE link from previous vCPU irrespective of new routing (git-fixes).
- KVM: SVM: Mark VMCB_LBR dirty when MSR_IA32_DEBUGCTLMSR is updated (git-fixes).
- KVM: s390: improve interrupt cpu for wakeup (bsc#1235463).
- KVM: s390: kABI backport for 'last_sleep_cpu' (bsc#1252352).
- KVM: x86/mmu: Return -EAGAIN if userspace deletes/moves memslot during prefault (git-fixes).
- PCI/ERR: Update device error_state already after reset (stable-fixes).
- PM: EM: Slightly reduce em_check_capacity_update() overhead (stable-fixes).
- Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set" (git-fixes).
- Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" (git-fixes).
- Update config files: enable zstd module decompression (jsc#PED-14115).
- bpf/selftests: Fix test_tcpnotify_user (bsc#1253635).
- btrfs: do not clear read-only when adding sprout device (bsc#1253238).
- btrfs: do not update last_log_commit when logging inode due to a new name (git-fixes).
- dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386)
- drm/amd/display: Add AVI infoframe copy in copy_stream_update_to_stream (stable-fixes).
- drm/amd/display: update color on atomic commit time (stable-fixes).
- drm/amd/display: update dpp/disp clock from smu clock table (stable-fixes).
- drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes).
- hwmon: (lenovo-ec-sensors) Update P8 supprt (stable-fixes).
- media: amphion: Delete v4l2_fh synchronously in .release() (stable-fixes).
- mount: handle NULL values in mnt_ns_release() (bsc#1254308)
- net/smc: Remove validation of reserved bits in CLC Decline (bsc#1252357).
- net: phy: move realtek PHY driver to its own subdirectory (jsc#PED-14353).
- net: phy: realtek: add defines for shadowed c45 standard registers (jsc#PED-14353).
- net: phy: realtek: add helper RTL822X_VND2_C22_REG (jsc#PED-14353).
- net: phy: realtek: change order of calls in C22 read_status() (jsc#PED-14353).
- net: phy: realtek: clear 1000Base-T link partner advertisement (jsc#PED-14353).
- net: phy: realtek: improve mmd register access for internal PHY's (jsc#PED-14353).
- net: phy: realtek: read duplex and gbit master from PHYSR register (jsc#PED-14353).
- net: phy: realtek: switch from paged to MMD ops in rtl822x functions (jsc#PED-14353).
- net: phy: realtek: use string choices helpers (jsc#PED-14353).
- net: xilinx: axienet: Fix IRQ coalescing packet count overflow (bsc#1250746)
- net: xilinx: axienet: Fix RX skb ring management in DMAengine mode (bsc#1250746)
- net: xilinx: axienet: Fix Tx skb circular buffer occupancy check in dmaengine xmit (bsc#1250746)
- nvmet-auth: update sc_c in host response (git-fixes bsc#1249397).
- nvmet-auth: update sc_c in target host hash calculation (git-fixes).
- perf list: Add IBM z17 event descriptions (jsc#PED-13611).
- platform/x86:intel/pmc: Update Arrow Lake telemetry GUID (git-fixes).
- powercap: intel_rapl: Add support for Panther Lake platform (jsc#PED-13949).
- pwm: pca9685: Use bulk write to atomicially update registers (stable-fixes).
- r8169: add PHY c45 ops for MDIO_MMD_VENDOR2 registers (jsc#PED-14353).
- r8169: add support for Intel Killer E5000 (jsc#PED-14353).
- r8169: add support for RTL8125BP rev.b (jsc#PED-14353).
- r8169: add support for RTL8125D rev.b (jsc#PED-14353).
- r8169: adjust version numbering for RTL8126 (jsc#PED-14353).
- r8169: align RTL8125 EEE config with vendor driver (jsc#PED-14353).
- r8169: align RTL8125/RTL8126 PHY config with vendor driver (jsc#PED-14353).
- r8169: align RTL8126 EEE config with vendor driver (jsc#PED-14353).
- r8169: align WAKE_PHY handling with r8125/r8126 vendor drivers (jsc#PED-14353).
- r8169: avoid duplicated messages if loading firmware fails and switch to warn level (jsc#PED-14353).
- r8169: don't take RTNL lock in rtl_task() (jsc#PED-14353).
- r8169: enable EEE at 2.5G per default on RTL8125B (jsc#PED-14353).
- r8169: enable RTL8168H/RTL8168EP/RTL8168FP ASPM support (jsc#PED-14353).
- r8169: fix inconsistent indenting in rtl8169_get_eth_mac_stats (jsc#PED-14353).
- r8169: implement additional ethtool stats ops (jsc#PED-14353).
- r8169: improve __rtl8169_set_wol (jsc#PED-14353).
- r8169: improve initialization of RSS registers on RTL8125/RTL8126 (jsc#PED-14353).
- r8169: improve rtl_set_d3_pll_down (jsc#PED-14353).
- r8169: increase max jumbo packet size on RTL8125/RTL8126 (jsc#PED-14353).
- r8169: remove leftover locks after reverted change (jsc#PED-14353).
- r8169: remove original workaround for RTL8125 broken rx issue (jsc#PED-14353).
- r8169: remove rtl_dash_loop_wait_high/low (jsc#PED-14353).
- r8169: remove support for chip version 11 (jsc#PED-14353).
- r8169: remove unused flag RTL_FLAG_TASK_RESET_NO_QUEUE_WAKE (jsc#PED-14353).
- r8169: replace custom flag with disable_work() et al (jsc#PED-14353).
- r8169: switch away from deprecated pcim_iomap_table (jsc#PED-14353).
- r8169: use helper r8169_mod_reg8_cond to simplify rtl_jumbo_config (jsc#PED-14353).
- ring-buffer: Update pages_touched to reflect persistent buffer content (git-fixes).
- s390/mm: Fix __ptep_rdp() inline assembly (bsc#1253643).
- sched/fair: Get rid of sched_domains_curr_level hack for tl->cpumask() (bsc#1246843).
- sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1248792).
- sched/fair: Proportional newidle balance (bsc#1248792).
- sched/fair: Proportional newidle balance -KABI (bsc#1248792).
- sched/fair: Revert max_newidle_lb_cost bump (bsc#1248792).
- sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1248792).
- sched/fair: Small cleanup to sched_balance_newidle() (bsc#1248792).
- sched/fair: Small cleanup to update_newidle_cost() (bsc#1248792).
- scsi: lpfc: Add capability to register Platform Name ID to fabric (bsc#1254119).
- scsi: lpfc: Allow support for BB credit recovery in point-to-point topology (bsc#1254119).
- scsi: lpfc: Ensure unregistration of rpis for received PLOGIs (bsc#1254119).
- scsi: lpfc: Fix leaked ndlp krefs when in point-to-point topology (bsc#1254119).
- scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (bsc#1254119).
- scsi: lpfc: Modify kref handling for Fabric Controller ndlps (bsc#1254119).
- scsi: lpfc: Remove redundant NULL ptr assignment in lpfc_els_free_iocb() (bsc#1254119).
- scsi: lpfc: Revise discovery related function headers and comments (bsc#1254119).
- scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119).
- scsi: lpfc: Update various NPIV diagnostic log messaging (bsc#1254119).
- selftests/run_kselftest.sh: Add `--skip` argument option (bsc#1254221).
- smpboot: introduce SDTL_INIT() helper to tidy sched topology setup (bsc#1246843).
- soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes).
- spi: tegra210-quad: Check hardware status on timeout (bsc#1253155)
- spi: tegra210-quad: Fix timeout handling (bsc#1253155)
- spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155)
- spi: tegra210-quad: Update dummy sequence configuration (git-fixes)
- tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork (bsc#1250705).
- wifi: ath11k: Add quirk entries for Thinkpad T14s Gen3 AMD (bsc#1254181).
- wifi: mt76: do not add wcid entries to sta poll list during MCU reset (bsc#1254315).
- wifi: mt76: introduce mt792x_config_mac_addr_list routine (bsc#1254315).
- wifi: mt76: mt7925: Fix logical vs bitwise typo (bsc#1254315).
- wifi: mt76: mt7925: Remove unnecessary if-check (bsc#1254315).
- wifi: mt76: mt7925: Simplify HIF suspend handling to avoid suspend fail (bsc#1254315).
- wifi: mt76: mt7925: add EHT control support based on the CLC data (bsc#1254315).
- wifi: mt76: mt7925: add handler to hif suspend/resume event (bsc#1254315).
- wifi: mt76: mt7925: add pci restore for hibernate (bsc#1254315).
- wifi: mt76: mt7925: config the dwell time by firmware (bsc#1254315).
- wifi: mt76: mt7925: extend MCU support for testmode (bsc#1254315).
- wifi: mt76: mt7925: fix CLC command timeout when suspend/resume (bsc#1254315).
- wifi: mt76: mt7925: fix missing hdr_trans_tlv command for broadcast wtbl (bsc#1254315).
- wifi: mt76: mt7925: fix the unfinished command of regd_notifier before suspend (bsc#1254315).
- wifi: mt76: mt7925: refine the txpower initialization flow (bsc#1254315).
- wifi: mt76: mt7925: replace zero-length array with flexible-array member (bsc#1254315).
- wifi: mt76: mt7925: update the channel usage when the regd domain changed (bsc#1254315).
- wifi: mt76: mt7925e: fix too long of wifi resume time (bsc#1254315).
- x86/smpboot: avoid SMT domain attach/destroy if SMT is not enabled (bsc#1246843).
- x86/smpboot: moves x86_topology to static initialize and truncate (bsc#1246843).
- x86/smpboot: remove redundant CONFIG_SCHED_SMT (bsc#1246843).
ImportantSUSE bug 1235463SUSE bug 1243474SUSE bug 1245193SUSE bug 1245431SUSE bug 1245498SUSE bug 1245499SUSE bug 1246328SUSE bug 1246843SUSE bug 1247500SUSE bug 1248792SUSE bug 1249256SUSE bug 1249397SUSE bug 1249912SUSE bug 1249977SUSE bug 1249982SUSE bug 1250034SUSE bug 1250176SUSE bug 1250237SUSE bug 1250252SUSE bug 1250705SUSE bug 1250723SUSE bug 1250746SUSE bug 1251120SUSE bug 1251817SUSE bug 1252054SUSE bug 1252063SUSE bug 1252301SUSE bug 1252303SUSE bug 1252342SUSE bug 1252352SUSE bug 1252357SUSE bug 1252681SUSE bug 1252686SUSE bug 1252763SUSE bug 1252776SUSE bug 1252779SUSE bug 1252790SUSE bug 1252794SUSE bug 1252795SUSE bug 1252808SUSE bug 1252809SUSE bug 1252817SUSE bug 1252821SUSE bug 1252824SUSE bug 1252836SUSE bug 1252845SUSE bug 1252901SUSE bug 1252912SUSE bug 1252917SUSE bug 1252919SUSE bug 1252923SUSE bug 1252928SUSE bug 1253018SUSE bug 1253155SUSE bug 1253176SUSE bug 1253238SUSE bug 1253275SUSE bug 1253318SUSE bug 1253324SUSE bug 1253328SUSE bug 1253330SUSE bug 1253342SUSE bug 1253348SUSE bug 1253349SUSE bug 1253352SUSE bug 1253355SUSE bug 1253360SUSE bug 1253362SUSE bug 1253363SUSE bug 1253367SUSE bug 1253369SUSE bug 1253386SUSE bug 1253394SUSE bug 1253395SUSE bug 1253402SUSE bug 1253403SUSE bug 1253405SUSE bug 1253407SUSE bug 1253408SUSE bug 1253409SUSE bug 1253410SUSE bug 1253412SUSE bug 1253416SUSE bug 1253421SUSE bug 1253422SUSE bug 1253423SUSE bug 1253424SUSE bug 1253425SUSE bug 1253426SUSE bug 1253427SUSE bug 1253428SUSE bug 1253431SUSE bug 1253433SUSE bug 1253436SUSE bug 1253438SUSE bug 1253440SUSE bug 1253441SUSE bug 1253443SUSE bug 1253445SUSE bug 1253448SUSE bug 1253449SUSE bug 1253450SUSE bug 1253451SUSE bug 1253453SUSE bug 1253455SUSE bug 1253456SUSE bug 1253457SUSE bug 1253463SUSE bug 1253472SUSE bug 1253622SUSE bug 1253624SUSE bug 1253635SUSE bug 1253643SUSE bug 1253647SUSE bug 1254119SUSE bug 1254181SUSE bug 1254221SUSE bug 1254308SUSE bug 1254315CVE-2022-50253 at SUSECVE-2022-50253 at NVDCVE-2025-37916 at SUSECVE-2025-37916 at NVDCVE-2025-38084 at SUSECVE-2025-38084 at NVDCVE-2025-38085 at SUSECVE-2025-38085 at NVDCVE-2025-38321 at SUSECVE-2025-38321 at NVDCVE-2025-38728 at SUSECVE-2025-38728 at NVDCVE-2025-39805 at SUSECVE-2025-39805 at NVDCVE-2025-39819 at SUSECVE-2025-39819 at NVDCVE-2025-39822 at SUSECVE-2025-39822 at NVDCVE-2025-39831 at SUSECVE-2025-39831 at NVDCVE-2025-39859 at SUSECVE-2025-39859 at NVDCVE-2025-39897 at SUSECVE-2025-39897 at NVDCVE-2025-39917 at SUSECVE-2025-39917 at NVDCVE-2025-39944 at SUSECVE-2025-39944 at NVDCVE-2025-39961 at SUSECVE-2025-39961 at NVDCVE-2025-39980 at SUSECVE-2025-39980 at NVDCVE-2025-39990 at SUSECVE-2025-39990 at NVDCVE-2025-40001 at SUSECVE-2025-40001 at NVDCVE-2025-40003 at SUSECVE-2025-40003 at NVDCVE-2025-40006 at SUSECVE-2025-40006 at NVDCVE-2025-40021 at SUSECVE-2025-40021 at NVDCVE-2025-40024 at SUSECVE-2025-40024 at NVDCVE-2025-40027 at SUSECVE-2025-40027 at NVDCVE-2025-40031 at SUSECVE-2025-40031 at NVDCVE-2025-40033 at SUSECVE-2025-40033 at NVDCVE-2025-40038 at SUSECVE-2025-40038 at NVDCVE-2025-40047 at SUSECVE-2025-40047 at NVDCVE-2025-40053 at SUSECVE-2025-40053 at NVDCVE-2025-40055 at SUSECVE-2025-40055 at NVDCVE-2025-40059 at SUSECVE-2025-40059 at NVDCVE-2025-40064 at SUSECVE-2025-40064 at NVDCVE-2025-40070 at SUSECVE-2025-40070 at NVDCVE-2025-40074 at SUSECVE-2025-40074 at NVDCVE-2025-40075 at SUSECVE-2025-40075 at NVDCVE-2025-40081 at SUSECVE-2025-40081 at NVDCVE-2025-40083 at SUSECVE-2025-40083 at NVDCVE-2025-40086 at SUSECVE-2025-40086 at NVDCVE-2025-40098 at SUSECVE-2025-40098 at NVDCVE-2025-40101 at SUSECVE-2025-40101 at NVDCVE-2025-40102 at SUSECVE-2025-40102 at NVDCVE-2025-40105 at SUSECVE-2025-40105 at NVDCVE-2025-40107 at SUSECVE-2025-40107 at NVDCVE-2025-40109 at SUSECVE-2025-40109 at NVDCVE-2025-40110 at SUSECVE-2025-40110 at NVDCVE-2025-40111 at SUSECVE-2025-40111 at NVDCVE-2025-40115 at SUSECVE-2025-40115 at NVDCVE-2025-40116 at SUSECVE-2025-40116 at NVDCVE-2025-40118 at SUSECVE-2025-40118 at NVDCVE-2025-40120 at SUSECVE-2025-40120 at NVDCVE-2025-40121 at SUSECVE-2025-40121 at NVDCVE-2025-40127 at SUSECVE-2025-40127 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40132 at SUSECVE-2025-40132 at NVDCVE-2025-40133 at SUSECVE-2025-40133 at NVDCVE-2025-40134 at SUSECVE-2025-40134 at NVDCVE-2025-40135 at SUSECVE-2025-40135 at NVDCVE-2025-40139 at SUSECVE-2025-40139 at NVDCVE-2025-40140 at SUSECVE-2025-40140 at NVDCVE-2025-40141 at SUSECVE-2025-40141 at NVDCVE-2025-40142 at SUSECVE-2025-40142 at NVDCVE-2025-40149 at SUSECVE-2025-40149 at NVDCVE-2025-40153 at SUSECVE-2025-40153 at NVDCVE-2025-40154 at SUSECVE-2025-40154 at NVDCVE-2025-40156 at SUSECVE-2025-40156 at NVDCVE-2025-40157 at SUSECVE-2025-40157 at NVDCVE-2025-40158 at SUSECVE-2025-40158 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-40161 at SUSECVE-2025-40161 at NVDCVE-2025-40162 at SUSECVE-2025-40162 at NVDCVE-2025-40164 at SUSECVE-2025-40164 at NVDCVE-2025-40165 at SUSECVE-2025-40165 at NVDCVE-2025-40166 at SUSECVE-2025-40166 at NVDCVE-2025-40168 at SUSECVE-2025-40168 at NVDCVE-2025-40169 at SUSECVE-2025-40169 at NVDCVE-2025-40171 at SUSECVE-2025-40171 at NVDCVE-2025-40172 at SUSECVE-2025-40172 at NVDCVE-2025-40173 at SUSECVE-2025-40173 at NVDCVE-2025-40175 at SUSECVE-2025-40175 at NVDCVE-2025-40176 at SUSECVE-2025-40176 at NVDCVE-2025-40177 at SUSECVE-2025-40177 at NVDCVE-2025-40178 at SUSECVE-2025-40178 at NVDCVE-2025-40180 at SUSECVE-2025-40180 at NVDCVE-2025-40183 at SUSECVE-2025-40183 at NVDCVE-2025-40185 at SUSECVE-2025-40185 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDCVE-2025-40187 at SUSECVE-2025-40187 at NVDCVE-2025-40188 at SUSECVE-2025-40188 at NVDCVE-2025-40192 at SUSECVE-2025-40192 at NVDCVE-2025-40194 at SUSECVE-2025-40194 at NVDCVE-2025-40196 at SUSECVE-2025-40196 at NVDCVE-2025-40197 at SUSECVE-2025-40197 at NVDCVE-2025-40198 at SUSECVE-2025-40198 at NVDCVE-2025-40200 at SUSECVE-2025-40200 at NVDCVE-2025-40201 at SUSECVE-2025-40201 at NVDCVE-2025-40202 at SUSECVE-2025-40202 at NVDCVE-2025-40203 at SUSECVE-2025-40203 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDCVE-2025-40205 at SUSECVE-2025-40205 at NVDCVE-2025-40206 at SUSECVE-2025-40206 at NVDCVE-2025-40207 at SUSECVE-2025-40207 at NVDcpe:/o:suse:sl-micro:6.2Security update for sssd (Important)SUSE Linux Micro 6.2
This update for sssd fixes the following issues:
- CVE-2025-11561: Fixed default Kerberos configuration allowing privilege
escalation on AD-joined Linux systems (bsc#1244325)
ImportantSUSE bug 1244325SUSE bug 1251827CVE-2025-11561 at SUSECVE-2025-11561 at NVDcpe:/o:suse:sl-micro:6.2Security update for avahi (Moderate)SUSE Linux Micro 6.2
This update for avahi fixes the following issues:
- CVE-2024-52615: Fixed DNS spoofing (bsc#1233421)
ModerateSUSE bug 1233421CVE-2024-52615 at SUSECVE-2024-52615 at NVDcpe:/o:suse:sl-micro:6.2Security update for python-tornado6 (Important)SUSE Linux Micro 6.2
This update for python-tornado6 fixes the following issues:
- CVE-2025-67724: unescaped `reason` argument used in HTTP headers and in HTML default error pages can be used by
attackers to launch header injection or XSS attacks (bsc#1254903).
- CVE-2025-67725: quadratic complexity of string concatenation operations used by the `HTTPHeaders.add` method can lead
o DoS when processing a maliciously crafted HTTP request (bsc#1254905).
- CVE-2025-67726: quadratic complexity algorithm used in the `_parseparam` function of `httputil.py` can lead to DoS
when processing maliciously crafted parameters in a `Content-Disposition` header (bsc#1254904).
ImportantSUSE bug 1254903SUSE bug 1254904SUSE bug 1254905CVE-2025-67724 at SUSECVE-2025-67724 at NVDCVE-2025-67725 at SUSECVE-2025-67725 at NVDCVE-2025-67726 at SUSECVE-2025-67726 at NVDcpe:/o:suse:sl-micro:6.2Security update for libmicrohttpd (Important)SUSE Linux Micro 6.2
This update for libmicrohttpd fixes the following issues:
- CVE-2025-62689: Fixed heap-based buffer overflow through
a specially crafted packet (bsc#1253178)
- CVE-2025-59777: Fixed NULL pointer dereference through
a specially crafted packet (bsc#1253177)
ImportantSUSE bug 1253177SUSE bug 1253178CVE-2025-59777 at SUSECVE-2025-59777 at NVDCVE-2025-62689 at SUSECVE-2025-62689 at NVDcpe:/o:suse:sl-micro:6.2Security update for libpng16 (Important)SUSE Linux Micro 6.2
This update for libpng16 fixes the following issues:
- CVE-2025-64505: heap buffer over-read in `png_do_quantize` when processing PNG files malformed palette indices
(bsc#1254157).
- CVE-2025-64506: heap buffer over-read in `png_write_image_8bit` when processing 8-bit input with `convert_to_8bit`
enabled (bsc#1254158).
- CVE-2025-64720: out-of-bounds read in `png_image_read_composite` when processing palette images with
`PNG_FLAG_OPTIMIZE_ALPHA` enabled (bsc#1254159).
- CVE-2025-65018: heap buffer overflow in `png_image_finish_read` when processing specially crafted 16-bit interlaced
PNGs with 8-bit output format (bsc#1254160).
- CVE-2025-66293: out-of-bounds read of the `png_sRGB_base` array when processing palette PNG images with partial
transparency and gamma correction (bsc#1254480).
ImportantSUSE bug 1254157SUSE bug 1254158SUSE bug 1254159SUSE bug 1254160SUSE bug 1254480CVE-2025-64505 at SUSECVE-2025-64505 at NVDCVE-2025-64506 at SUSECVE-2025-64506 at NVDCVE-2025-64720 at SUSECVE-2025-64720 at NVDCVE-2025-65018 at SUSECVE-2025-65018 at NVDCVE-2025-66293 at SUSECVE-2025-66293 at NVDcpe:/o:suse:sl-micro:6.2Security update for glib2 (Important)SUSE Linux Micro 6.2
This update for glib2 fixes the following issues:
Update to version 2.84.4.
Security issues fixed:
- CVE-2025-14512: integer overflow in the GIO `escape_byte_string()` function when processing malicious files or remote
filesystem attribute values can lead to denial-of-service (bsc#1254878).
- CVE-2025-14087: buffer underflow in the GVariant parser `bytestring_parse()` and `string_parse()` functions when
processing attacker-influenced data may lead to crash or code execution (bsc#1254662).
- CVE-2025-13601: heap-based buffer overflow in the `g_escape_uri_string()` function when processing strings with a
large number of unacceptable characters may lead to crash or code execution (bsc#1254297).
- CVE-2025-7039: integer overflow when creating temporary files may lead to an out-of-bounds memory access that can be
used for path traversal or exposure of sensitive content in a temporary file (bsc#1249055).
Other issues fixed and changes:
- Fix GFile leak in `g_local_file_set_display_name` during error handling.
- Fix incorrect output parameter handling in closure helper of `g_settings_bind_with_mapping_closures`.
- `gfileutils`: fix computation of temporary file name.
- Fix GFile leak in `g_local_file_set_display_name()`.
- `gthreadpool`: catch `pool_spawner` creation failure.
- `gio/filenamecompleter`: fix leaks.
- `gfilenamecompleter`: fix `g_object_unref()` of undefined value.
ImportantSUSE bug 1249055SUSE bug 1254297SUSE bug 1254662SUSE bug 1254878CVE-2025-13601 at SUSECVE-2025-13601 at NVDCVE-2025-14087 at SUSECVE-2025-14087 at NVDCVE-2025-14512 at SUSECVE-2025-14512 at NVDCVE-2025-7039 at SUSECVE-2025-7039 at NVDcpe:/o:suse:sl-micro:6.2Security update for gpg2 (Important)SUSE Linux Micro 6.2
This update for gpg2 fixes the following issues:
- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).
Other security fixes:
- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).
- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).
- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).
ImportantSUSE bug 1255715SUSE bug 1256244SUSE bug 1256246SUSE bug 1256390CVE-2025-68973 at SUSECVE-2025-68973 at NVDcpe:/o:suse:sl-micro:6.2Security update for curl (Moderate)SUSE Linux Micro 6.2
This update for curl fixes the following issues:
This update for curl fixes the following issues:
- CVE-2025-14017: broken TLS options for threaded LDAPS (bsc#1256105).
- CVE-2025-14524: bearer token leak on cross-protocol redirect (bsc#1255731).
- CVE-2025-14819: libssh global knownhost override (bsc#1255732).
- CVE-2025-15079: libssh key passphrase bypass without agent set (bsc#1255733).
- CVE-2025-15224: OpenSSL partial chain store policy bypass (bsc#1255734).
ModerateSUSE bug 1255731SUSE bug 1255732SUSE bug 1255733SUSE bug 1255734SUSE bug 1256105CVE-2025-14017 at SUSECVE-2025-14017 at NVDCVE-2025-14524 at SUSECVE-2025-14524 at NVDCVE-2025-14819 at SUSECVE-2025-14819 at NVDCVE-2025-15079 at SUSECVE-2025-15079 at NVDCVE-2025-15224 at SUSECVE-2025-15224 at NVDcpe:/o:suse:sl-micro:6.2Security update for haproxy (Moderate)SUSE Linux Micro 6.2
This update for haproxy fixes the following issues:
- CVE-2025-11230: issue in the mjson JSON decoder leads to excessive resource consumption when processing numbers with
large exponents (bsc#1250983).
ModerateSUSE bug 1250983CVE-2025-11230 at SUSECVE-2025-11230 at NVDcpe:/o:suse:sl-micro:6.2Security update for docker (Critical)SUSE Linux Micro 6.2
This update for docker fixes the following issues:
Changes in docker:
- Update to Docker 28.5.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2851>
- Update to Docker 28.5.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2850>
- Update to docker-buildx v0.29.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.29.0>
- Remove git-core recommends on SLE. Most SLE systems have
installRecommends=yes by default and thus end up installing git with Docker.
bsc#1250508
This feature is mostly intended for developers ("docker build git://") so
most users already have the dependency installed, and the error when git is
missing is fairly straightforward (so they can easily figure out what they
need to install).
- Update to docker-buildx v0.28.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.28.0>
- Update to Docker 28.4.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2840>
* Fixes a nil pointer panic in "docker push". bsc#1248373
- Update warnings and errors related to "docker buildx ..." so that they
reference our openSUSE docker-buildx packages.
- Enable building docker-buildx for SLE15 systems with SUSEConnect secret
injection enabled. PED-12534 PED-8905 bsc#1247594
As docker-buildx does not support our SUSEConnect secret injection (and some
users depend "docker build" working transparently), patch the docker CLI so
that "docker build" will no longer automatically call "docker buildx build",
effectively making DOCKER_BUILDKIT=0 the default configuration. Users can
manually use "docker buildx ..." commands or set DOCKER_BUILDKIT=1 in order
to opt-in to using docker-buildx.
Users can silence the "docker build" warning by setting DOCKER_BUILDKIT=0
explicitly.
In order to inject SCC credentials with docker-buildx, users should use
RUN --mount=type=secret,id=SCCcredentials zypper -n ...
in their Dockerfiles, and
docker buildx build --secret id=SCCcredentials,src=/etc/zypp/credentials.d/SCCcredentials,type=file .
when doing their builds.
- Update to Docker 28.3.3-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2833>
CVE-2025-54388 bsc#1247367
- Update to docker-buildx v0.26.1. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.26.1>
- Update to docker-buildx v0.26.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.26.0>
CriticalSUSE bug 1247367SUSE bug 1247594SUSE bug 1248373SUSE bug 1250508CVE-2025-54388 at SUSECVE-2025-54388 at NVDcpe:/o:suse:sl-micro:6.2Security update of open-vm-tools (Important)SUSE Linux Micro 6.2
This update for open-vm-tools fixes the following issues:
Update to open-vm-tools 13.0.5 based on build 24915695. (boo#1250692):
Please refer to the Release Notes at
https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/ReleaseNotes.md.
The granular changes that have gone into the open-vm-tools 13.0.5 release
are in the ChangeLog at
https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/open-vm-tools/ChangeLog.
There are no new features in the open-vm-tools 13.0.5 release. This is
primarily a maintenance release that addresses a security issue.
This release resolves and includes the patch for CVE-2025-41244. For more
information on this vulnerability and its impact on Broadcom products,
see VMSA-2025-0015.
A minor enhancement has been made for Guest OS Customization. The
DeployPkg plugin has been updated to use "systemctl reboot", if available.
For a more complete list of issues addressed in this release, see the
What's New and Resolved Issues section of the Release Notes.
ImportantSUSE bug 1250373SUSE bug 1250692CVE-2025-41244 at SUSECVE-2025-41244 at NVDcpe:/o:suse:sl-micro:6.2Security update for podman (Important)SUSE Linux Micro 6.2
This update for podman fixes the following issues:
- CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files (bsc#1252376).
- CVE-2025-9566: kube play command may overwrite host files (bsc#1249154).
ImportantSUSE bug 1249154SUSE bug 1252376CVE-2025-31133 at SUSECVE-2025-31133 at NVDCVE-2025-52565 at SUSECVE-2025-52565 at NVDCVE-2025-52881 at SUSECVE-2025-52881 at NVDCVE-2025-9566 at SUSECVE-2025-9566 at NVDcpe:/o:suse:sl-micro:6.2Security update for libpcap (Low)SUSE Linux Micro 6.2
This update for libpcap fixes the following issues:
- CVE-2025-11961: missing validation of provided MAC-48 address string in `pcap_ether_aton()` can lead to out-of-bounds
read and write (bsc#1255765).
LowSUSE bug 1255765CVE-2025-11961 at SUSECVE-2025-11961 at NVDcpe:/o:suse:sl-micro:6.2Security update for python313 (Moderate)SUSE Linux Micro 6.2
This update for python313 fixes the following issues:
- Update to 3.13.11:
- Security
- CVE-2025-12084: cpython: Fixed quadratic algorithm in
xml.dom.minidom leading to denial of service (bsc#1254997)
- CVE-2025-13836: Fixed default Content-Lenght read amount
from HTTP response (bsc#1254400)
- CVE-2025-13837: Fixed plistlib module denial of service (bsc#1254401)
- CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory
(EOCD) not checked by the 'zipfile' module (bsc#1251305)
- gh-137836: Add support of the “plaintext” element, RAWTEXT
elements “xmp”, “iframe”, “noembed” and “noframes”, and
optionally RAWTEXT element “noscript” in
html.parser.HTMLParser.
- gh-136063: email.message: ensure linear complexity for
legacy HTTP parameters parsing. Patch by B?n?dikt Tran.
- CVE-2025-6075: Fixed performance issues caused by user-controller
os.path.expandvars() (bsc#1252974)
- Library
- gh-140797: Revert changes to the undocumented re.Scanner
class. Capturing groups are still allowed for backward
compatibility, although using them can lead to incorrect
result. They will be forbidden in future Python versions.
- gh-142206: The resource tracker in the multiprocessing
module now uses the original communication protocol, as in
Python 3.14.0 and below, by default. This avoids issues
with upgrading Python while it is running. (Note that such
‘in-place’ upgrades are not tested.) The tracker remains
compatible with subprocesses that use new protocol (that
is, subprocesses using Python 3.13.10, 3.14.1 and 3.15).
- Core and Builtins
- gh-142218: Fix crash when inserting into a split table
dictionary with a non str key that matches an existing key.
- Update to 3.13.10:
- Tools/Demos
- gh-141442: The iOS testbed now correctly handles test
arguments that contain spaces.
- Tests
- gh-140482: Preserve and restore the state of stty echo as
part of the test environment.
- gh-140082: Update python -m test to set FORCE_COLOR=1 when
being run with color enabled so that unittest which is run
by it with redirected output will output in color.
- gh-136442: Use exitcode 1 instead of 5 if
unittest.TestCase.setUpClass() raises an exception
- Library
- gh-74389: When the stdin being used by a subprocess.Popen
instance is closed, this is now ignored in
subprocess.Popen.communicate() instead of leaving the class
in an inconsistent state.
- gh-87512: Fix subprocess.Popen.communicate() timeout
handling on Windows when writing large input. Previously,
the timeout was ignored during stdin writing, causing the
method to block indefinitely if the child process did not
consume input quickly. The stdin write is now performed in
a background thread, allowing the timeout to be properly
enforced.
- gh-141473: When subprocess.Popen.communicate() was called
with input and a timeout and is called for a second time
after a TimeoutExpired exception before the process has
died, it should no longer hang.
- gh-59000: Fix pdb breakpoint resolution for class methods
when the module defining the class is not imported.
- gh-141570: Support file-like object raising OSError from
fileno() in color detection (_colorize.can_colorize()).
This can occur when sys.stdout is redirected.
- gh-141659: Fix bad file descriptor errors from
_posixsubprocess on AIX.
- gh-141497: ipaddress: ensure that the methods
IPv4Network.hosts() and IPv6Network.hosts() always return
an iterator.
- gh-140938: The statistics.stdev() and statistics.pstdev()
functions now raise a ValueError when the input contains an
infinity or a NaN.
- gh-124111: Updated Tcl threading configuration in _tkinter
to assume that threads are always available in Tcl 9 and
later.
- gh-137109: The os.fork and related forking APIs will no
longer warn in the common case where Linux or macOS
platform APIs return the number of threads in a process and
find the answer to be 1 even when a os.register_at_fork()
after_in_parent= callback (re)starts a thread.
- gh-141314: Fix assertion failure in io.TextIOWrapper.tell()
when reading files with standalone carriage return (\r)
line endings.
- gh-141311: Fix assertion failure in io.BytesIO.readinto()
and undefined behavior arising when read position is above
capcity in io.BytesIO.
- gh-141141: Fix a thread safety issue with
base64.b85decode(). Contributed by Benel Tayar.
- gh-140911: collections: Ensure that the methods
UserString.rindex() and UserString.index() accept
collections.UserString instances as the sub argument.
- gh-140797: The undocumented re.Scanner class now forbids
regular expressions containing capturing groups in its
lexicon patterns. Patterns using capturing groups could
previously lead to crashes with segmentation fault. Use
non-capturing groups (?:…) instead.
- gh-140815: faulthandler now detects if a frame or a code
object is invalid or freed. Patch by Victor Stinner.
- gh-100218: Correctly set errno when socket.if_nametoindex()
or socket.if_indextoname() raise an OSError. Patch by
B?n?dikt Tran.
- gh-140875: Fix handling of unclosed character references
(named and numerical) followed by the end of file in
html.parser.HTMLParser with convert_charrefs=False.
- gh-140734: multiprocessing: fix off-by-one error when
checking the length of a temporary socket file path. Patch
by B?n?dikt Tran.
- gh-140874: Bump the version of pip bundled in ensurepip to
version 25.3
- gh-140691: In urllib.request, when opening a FTP URL fails
because a data connection cannot be made, the control
connection’s socket is now closed to avoid
a ResourceWarning.
- gh-103847: Fix hang when cancelling process created by
asyncio.create_subprocess_exec() or
asyncio.create_subprocess_shell(). Patch by Kumar Aditya.
- gh-140590: Fix arguments checking for the
functools.partial.__setstate__() that may lead to internal
state corruption and crash. Patch by Sergey Miryanov.
- gh-140634: Fix a reference counting bug in
os.sched_param.__reduce__().
- gh-140633: Ignore AttributeError when setting a module’s
__file__ attribute when loading an extension module
packaged as Apple Framework.
- gh-140593: xml.parsers.expat: Fix a memory leak that could
affect users with ElementDeclHandler() set to a custom
element declaration handler. Patch by Sebastian Pipping.
- gh-140607: Inside io.RawIOBase.read(), validate that the
count of bytes returned by io.RawIOBase.readinto() is valid
(inside the provided buffer).
- gh-138162: Fix logging.LoggerAdapter with merge_extra=True
and without the extra argument.
- gh-140474: Fix memory leak in array.array when creating
arrays from an empty str and the u type code.
- gh-140272: Fix memory leak in the clear() method of the
dbm.gnu database.
- gh-140041: Fix import of ctypes on Android and Cygwin when
ABI flags are present.
- gh-139905: Add suggestion to error message for
typing.Generic subclasses when cls.__parameters__ is
missing due to a parent class failing to call
super().__init_subclass__() in its __init_subclass__.
- gh-139845: Fix to not print KeyboardInterrupt twice in
default asyncio REPL.
- gh-139783: Fix inspect.getsourcelines() for the case when
a decorator is followed by a comment or an empty line.
- gh-70765: http.server: fix default handling of HTTP/0.9
requests in BaseHTTPRequestHandler. Previously,
BaseHTTPRequestHandler.parse_request() incorrectly waited
for headers in the request although those are not supported
in HTTP/0.9. Patch by B?n?dikt Tran.
- gh-139391: Fix an issue when, on non-Windows platforms, it
was not possible to gracefully exit a python -m asyncio
process suspended by Ctrl+Z and later resumed by fg other
than with kill.
- gh-101828: Fix 'shift_jisx0213', 'shift_jis_2004',
'euc_jisx0213' and 'euc_jis_2004' codecs truncating null
chars as they were treated as part of multi-character
sequences.
- gh-139246: fix: paste zero-width in default repl width is
wrong.
- gh-90949: Add SetAllocTrackerActivationThreshold() and
SetAllocTrackerMaximumAmplification() to xmlparser objects
to prevent use of disproportional amounts of dynamic memory
from within an Expat parser. Patch by B?n?dikt Tran.
- gh-139065: Fix trailing space before a wrapped long word if
the line length is exactly width in textwrap.
- gh-138993: Dedent credits text.
- gh-138859: Fix generic type parameterization raising
a TypeError when omitting a ParamSpec that has a default
which is not a list of types.
- gh-138775: Use of python -m with base64 has been fixed to
detect input from a terminal so that it properly notices
EOF.
- gh-98896: Fix a failure in multiprocessing resource_tracker
when SharedMemory names contain colons. Patch by Rani
Pinchuk.
- gh-75989: tarfile.TarFile.extractall() and
tarfile.TarFile.extract() now overwrite symlinks when
extracting hardlinks. (Contributed by Alexander Enrique
Urieles Nieto in gh-75989.)
- gh-83424: Allows creating a ctypes.CDLL without name when
passing a handle as an argument.
- gh-136234: Fix asyncio.WriteTransport.writelines() to be
robust to connection failure, by using the same behavior as
write().
- gh-136057: Fixed the bug in pdb and bdb where next and step
can’t go over the line if a loop exists in the line.
- gh-135307: email: Fix exception in set_content() when
encoding text and max_line_length is set to 0 or None
(unlimited).
- gh-134453: Fixed subprocess.Popen.communicate() input=
handling of memoryview instances that were non-byte shaped
on POSIX platforms. Those are now properly cast to a byte
shaped view instead of truncating the input. Windows
platforms did not have this bug.
- gh-102431: Clarify constraints for “logical” arguments in
methods of decimal.Context.
- IDLE
- gh-96491: Deduplicate version number in IDLE shell title
bar after saving to a file.
- Documentation
- gh-141994: xml.sax.handler: Make Documentation of
xml.sax.handler.feature_external_ges warn of opening up to
external entity attacks. Patch by Sebastian Pipping.
- gh-140578: Remove outdated sencence in the documentation
for multiprocessing, that implied that
concurrent.futures.ThreadPoolExecutor did not exist.
- Core and Builtins
- gh-142048: Fix quadratically increasing garbage collection
delays in free-threaded build.
- gh-141930: When importing a module, use Python’s regular
file object to ensure that writes to .pyc files are
complete or an appropriate error is raised.
- gh-120158: Fix inconsistent state when enabling or
disabling monitoring events too many times.
- gh-141579: Fix sys.activate_stack_trampoline() to properly
support the perf_jit backend. Patch by Pablo Galindo.
- gh-141312: Fix the assertion failure in the __setstate__
method of the range iterator when a non-integer argument is
passed. Patch by Sergey Miryanov.
- gh-140939: Fix memory leak when bytearray or bytes is
formated with the
%*b format with a large width that results in
%a MemoryError.
- gh-140530: Fix a reference leak when raise exc from cause
fails. Patch by B?n?dikt Tran.
- gh-140576: Fixed crash in tokenize.generate_tokens() in
case of specific incorrect input. Patch by Mikhail Efimov.
- gh-140551: Fixed crash in dict if dict.clear() is called at
the lookup stage. Patch by Mikhail Efimov and Inada Naoki.
- gh-140471: Fix potential buffer overflow in ast.AST node
initialization when encountering malformed _fields
containing non-str.
- gh-140406: Fix memory leak when an object’s __hash__()
method returns an object that isn’t an int.
- gh-140306: Fix memory leaks in cross-interpreter channel
operations and shared namespace handling.
- gh-140301: Fix memory leak of PyConfig in subinterpreters.
- gh-140000: Fix potential memory leak when a reference cycle
exists between an instance of typing.TypeAliasType,
typing.TypeVar, typing.ParamSpec, or typing.TypeVarTuple
and its __name__ attribute. Patch by Mikhail Efimov.
- gh-139748: Fix reference leaks in error branches of
functions accepting path strings or bytes such as compile()
and os.system(). Patch by B?n?dikt Tran.
- gh-139516: Fix lambda colon erroneously start format spec
in f-string in tokenizer.
- gh-139640: Fix swallowing some syntax warnings in different
modules if they accidentally have the same message and are
emitted from the same line. Fix duplicated warnings in the
finally block.
- gh-137400: Fix a crash in the free threading build when
disabling profiling or tracing across all threads with
PyEval_SetProfileAllThreads() or
PyEval_SetTraceAllThreads() or their Python equivalents
threading.settrace_all_threads() and
threading.setprofile_all_threads().
- gh-133400: Fixed Ctrl+D (^D) behavior in _pyrepl module to
match old pre-3.13 REPL behavior.
- C API
- gh-140042: Removed the sqlite3_shutdown call that could
cause closing connections for sqlite when used with
multiple sub interpreters.
- gh-140487: Fix Py_RETURN_NOTIMPLEMENTED in limited C API
3.11 and older: don’t treat Py_NotImplemented as immortal.
Patch by Victor Stinner.
- Update to 3.13.9:
- Library
- gh-139783: Fix inspect.getsourcelines() for the case when a
decorator is followed by a comment or an empty line.
- Update to 3.13.8:
- Tools/Demos
- gh-139330: SBOM generation tool didn’t cross-check the version
and checksum values against the Modules/expat/refresh.sh script,
leading to the values becoming out-of-date during routine
updates.
- gh-137873: The iOS test runner has been simplified, resolving
some issues that have been observed using the runner in GitHub
Actions and Azure Pipelines test environments.
- Tests
- gh-139208: Fix regrtest --fast-ci --verbose: don’t ignore the
--verbose option anymore. Patch by Victor Stinner.
- Security
- gh-139400: xml.parsers.expat: Make sure that parent Expat
parsers are only garbage-collected once they are no longer
referenced by subparsers created by
ExternalEntityParserCreate(). Patch by Sebastian Pipping.
- gh-139283: sqlite3: correctly handle maximum number of rows to
fetch in Cursor.fetchmany and reject negative values for
Cursor.arraysize. Patch by B?n?dikt Tran.
- gh-135661: Fix CDATA section parsing in html.parser.HTMLParser
according to the HTML5 standard: ] ]> and ]] > no longer end the
CDATA section. Add private method _set_support_cdata() which can
be used to specify how to parse <[CDATA[ — as a CDATA section in
foreign content (SVG or MathML) or as a bogus comment in the
HTML namespace.
- Library
- gh-139312: Upgrade bundled libexpat to 2.7.3
- gh-139289: Do a real lazy-import on rlcompleter in pdb and
restore the existing completer after importing rlcompleter.
- gh-139210: Fix use-after-free when reporting unknown event in
xml.etree.ElementTree.iterparse(). Patch by Ken Jin.
- gh-138860: Lazy import rlcompleter in pdb to avoid deadlock in
subprocess.
- gh-112729: Fix crash when calling _interpreters.create when the
process is out of memory.
- gh-139076: Fix a bug in the pydoc module that was hiding
functions in a Python module if they were implemented in an
extension module and the module did not have __all__.
- gh-138998: Update bundled libexpat to 2.7.2
- gh-130567: Fix possible crash in locale.strxfrm() due to a
platform bug on macOS.
- gh-138779: Support device numbers larger than 2**63-1 for the
st_rdev field of the os.stat_result structure.
- gh-128636: Fix crash in PyREPL when os.environ is overwritten
with an invalid value for mac
- gh-88375: Fix normalization of the robots.txt rules and URLs in
the urllib.robotparser module. No longer ignore trailing ?.
Distinguish raw special characters ?, = and & from the
percent-encoded ones.
- gh-138515: email is added to Emscripten build.
- gh-111788: Fix parsing errors in the urllib.robotparser module.
Don’t fail trying to parse weird paths. Don’t fail trying to
decode non-UTF-8 robots.txt files.
- gh-138432: zoneinfo.reset_tzpath() will now convert any
os.PathLike objects it receives into strings before adding them
to TZPATH. It will raise TypeError if anything other than a
string is found after this conversion. If given an os.PathLike
object that represents a relative path, it will now raise
ValueError instead of TypeError, and present a more informative
error message.
- gh-138008: Fix segmentation faults in the ctypes module due to
invalid argtypes. Patch by Dung Nguyen.
- gh-60462: Fix locale.strxfrm() on Solaris (and possibly other
platforms).
- gh-138204: Forbid expansion of shared anonymous memory maps on
Linux, which caused a bus error.
- gh-138010: Fix an issue where defining a class with a
@warnings.deprecated-decorated base class may not invoke the
correct __init_subclass__() method in cases involving multiple
inheritance. Patch by Brian Schubert.
- gh-138133: Prevent infinite traceback loop when sending CTRL^C
to Python through strace.
- gh-134869: Fix an issue where pressing Ctrl+C during tab
completion in the REPL would leave the autocompletion menu in a
corrupted state.
- gh-137317: inspect.signature() now correctly handles classes
that use a descriptor on a wrapped __init__() or __new__()
method. Contributed by Yongyu Yan.
- gh-137754: Fix import of the zoneinfo module if the C
implementation of the datetime module is not available.
- gh-137490: Handle ECANCELED in the same way as EINTR in
signal.sigwaitinfo() on NetBSD.
- gh-137477: Fix inspect.getblock(), inspect.getsourcelines() and
inspect.getsource() for generator expressions.
- gh-137017: Fix threading.Thread.is_alive to remain True until
the underlying OS thread is fully cleaned up. This avoids false
negatives in edge cases involving thread monitoring or premature
threading.Thread.is_alive calls.
- gh-136134: SMTP.auth_cram_md5() now raises an SMTPException
instead of a ValueError if Python has been built without MD5
support. In particular, SMTP clients will not attempt to use
this method even if the remote server is assumed to support it.
Patch by B?n?dikt Tran.
- gh-136134: IMAP4.login_cram_md5 now raises an IMAP4.error if
CRAM-MD5 authentication is not supported. Patch by B?n?dikt
Tran.
- gh-135386: Fix opening a dbm.sqlite3 database for reading from
read-only file or directory.
- gh-126631: Fix multiprocessing forkserver bug which prevented
__main__ from being preloaded.
- gh-123085: In a bare call to importlib.resources.files(), ensure
the caller’s frame is properly detected when importlib.resources
is itself available as a compiled module only (no source).
- gh-118981: Fix potential hang in
multiprocessing.popen_spawn_posix that can happen when the child
proc dies early by closing the child fds right away.
- gh-78319: UTF8 support for the IMAP APPEND command has been made
RFC compliant.
- bpo-38735: Fix failure when importing a module from the root
directory on unix-like platforms with sys.pycache_prefix set.
- bpo-41839: Allow negative priority values from
os.sched_get_priority_min() and os.sched_get_priority_max()
functions.
- Core and Builtins
- gh-134466: Don’t run PyREPL in a degraded environment where
setting termios attributes is not allowed.
- gh-71810: Raise OverflowError for (-1).to_bytes() for signed
conversions when bytes count is zero. Patch by Sergey B
Kirpichev.
- gh-105487: Remove non-existent __copy__(), __deepcopy__(), and
__bases__ from the __dir__() entries of types.GenericAlias.
- gh-134163: Fix a hang when the process is out of memory inside
an exception handler.
- gh-138479: Fix a crash when a generic object’s __typing_subst__
returns an object that isn’t a tuple.
- gh-137576: Fix for incorrect source code being shown in
tracebacks from the Basic REPL when PYTHONSTARTUP is given.
Patch by Adam Hartz.
- gh-132744: Certain calls now check for runaway recursion and
respect the system recursion limit.
- C API
- gh-87135: Attempting to acquire the GIL after runtime
finalization has begun in a different thread now causes the
thread to hang rather than terminate, which avoids potential
crashes or memory corruption caused by attempting to terminate a
thread that is running code not specifically designed to support
termination. In most cases this hanging is harmless since the
process will soon exit anyway.
While not officially marked deprecated until 3.14,
PyThread_exit_thread is no longer called internally and remains
solely for interface compatibility. Its behavior is inconsistent
across platforms, and it can only be used safely in the unlikely
case that every function in the entire call stack has been
designed to support the platform-dependent termination
mechanism. It is recommended that users of this function change
their design to not require thread termination. In the unlikely
case that thread termination is needed and can be done safely,
users may migrate to calling platform-specific APIs such as
pthread_exit (POSIX) or _endthreadex (Windows) directly.
- Build
- gh-135734: Python can correctly be configured and built with
./configure --enable-optimizations --disable-test-modules.
Previously, the profile data generation step failed due to PGO
tests where immortalization couldn’t be properly suppressed.
- Update to 3.13.7:
- gh-137583: Fix a deadlock introduced in 3.13.6 when a call
to ssl.SSLSocket.recv was blocked in one thread, and then
another method on the object (such as ssl.SSLSocket.send) was
subsequently called in another thread.
- gh-137044: Return large limit values as positive integers
instead of negative integers in resource.getrlimit().
Accept large values and reject negative values (except
RLIM_INFINITY) for limits in resource.setrlimit().
- gh-136914: Fix retrieval of doctest.DocTest.lineno
for objects decorated with functools.cache() or
functools.cached_property.
- gh-131788: Make ResourceTracker.send from multiprocessing
re-entrant safe
- gh-136155: We are now checking for fatal errors in EPUB
builds in CI.
- gh-137400: Fix a crash in the free threading build when
disabling profiling or tracing across all threads with
PyEval_SetProfileAllThreads() or PyEval_SetTraceAllThreads()
or their Python equivalents threading.settrace_all_threads()
and threading.setprofile_all_threads().
- Update to 3.13.6:
- Security
- gh-135661: Fix parsing start and end tags in
html.parser.HTMLParser according to the HTML5 standard.
- gh-102555: Fix comment parsing in html.parser.HTMLParser
according to the HTML5 standard.
- CVE-2025-6069: Fix quadratic complexity in processing specially
crafted input in html.parser.HTMLParser. End-of-file errors
are now handled according to the HTML5 specs – comments and
declarations are automatically closed, tags are ignored
(gh-135462, bsc#1244705).
- CVE-2025-8194: tarfile now validates archives to ensure member
offsets are non-negative. (gh-130577, bsc#1247249).
- gh-118350: Fix support of escapable raw text mode (elements
“textarea” and “title”) in html.parser.HTMLParser.
- Core and Builtins
- gh-58124: Fix name of the Python encoding in Unicode errors
of the code page codec: use “cp65000” and “cp65001” instead
of “CP_UTF7” and “CP_UTF8” which are not valid Python code
names. Patch by Victor Stinner.
- gh-137314: Fixed a regression where raw f-strings
incorrectly interpreted escape sequences in format
specifications. Raw f-strings now properly preserve literal
backslashes in format specs, matching the behavior from
Python 3.11. For example, rf"{obj:\xFF}" now correctly
produces '\\xFF' instead of '?'. Patch by Pablo Galindo.
- gh-136541: Fix some issues with the perf trampolines
on x86-64 and aarch64. The trampolines were not being
generated correctly for some cases, which could lead to
the perf integration not working correctly. Patch by Pablo
Galindo.
- gh-109700: Fix memory error handling in
PyDict_SetDefault().
- gh-78465: Fix error message for cls.__new__(cls, ...) where
cls is not instantiable builtin or extension type (with
tp_new set to NULL).
- gh-135871: Non-blocking mutex lock attempts now return
immediately when the lock is busy instead of briefly
spinning in the free threading build.
- gh-135607: Fix potential weakref races in an object’s
destructor on the free threaded build.
- gh-135496: Fix typo in the f-string conversion type error
(“exclamanation” -> “exclamation”).
- gh-130077: Properly raise custom syntax errors when
incorrect syntax containing names that are prefixes of soft
keywords is encountered. Patch by Pablo Galindo.
- gh-135148: Fixed a bug where f-string debug expressions
(using =) would incorrectly strip out parts of strings
containing escaped quotes and # characters. Patch by Pablo
Galindo.
- gh-133136: Limit excess memory usage in the free threading
build when a large dictionary or list is resized and
accessed by multiple threads.
- gh-132617: Fix dict.update() modification check that could
incorrectly raise a “dict mutated during update” error when
a different dictionary was modified that happens to share
the same underlying keys object.
- gh-91153: Fix a crash when a bytearray is concurrently
mutated during item assignment.
- gh-127971: Fix off-by-one read beyond the end of a string
in string search.
- gh-125723: Fix crash with gi_frame.f_locals when generator
frames outlive their generator. Patch by Mikhail Efimov.
- Library
- gh-132710: If possible, ensure that uuid.getnode()
returns the same result even across different processes.
Previously, the result was constant only within the same
process. Patch by B?n?dikt Tran.
- gh-137273: Fix debug assertion failure in
locale.setlocale() on Windows.
- gh-137257: Bump the version of pip bundled in ensurepip to
version 25.2
- gh-81325: tarfile.TarFile now accepts a path-like when
working on a tar archive. (Contributed by Alexander Enrique
Urieles Nieto in gh-81325.)
- gh-130522: Fix unraisable TypeError raised during
interpreter shutdown in the threading module.
- gh-136549: Fix signature of threading.excepthook().
- gh-136523: Fix wave.Wave_write emitting an unraisable when
open raises.
- gh-52876: Add missing keepends (default True)
parameter to codecs.StreamReaderWriter.readline() and
codecs.StreamReaderWriter.readlines().
- gh-85702: If zoneinfo._common.load_tzdata is given a
package without a resource a zoneinfo.ZoneInfoNotFoundError
is raised rather than a PermissionError. Patch by Victor
Stinner.
- gh-134759: Fix UnboundLocalError in
email.message.Message.get_payload() when the payload to
decode is a bytes object. Patch by Kliment Lamonov.
- gh-136028: Fix parsing month names containing “İ” (U+0130,
LATIN CAPITAL LETTER I WITH DOT ABOVE) in time.strptime().
This affects locales az_AZ, ber_DZ, ber_MA and crh_UA.
- gh-135995: In the palmos encoding, make byte 0x9b decode to
› (U+203A - SINGLE RIGHT-POINTING ANGLE QUOTATION MARK).
- gh-53203: Fix time.strptime() for %c and %x formats on
locales byn_ER, wal_ET and lzh_TW, and for %X format on
locales ar_SA, bg_BG and lzh_TW.
- gh-91555: An earlier change, which was introduced in
3.13.4, has been reverted. It disabled logging for a logger
during handling of log messages for that logger. Since the
reversion, the behaviour should be as it was before 3.13.4.
- gh-135878: Fixes a crash of types.SimpleNamespace on free
threading builds, when several threads were calling its
__repr__() method at the same time.
- gh-135836: Fix IndexError in
asyncio.loop.create_connection() that could occur when
non-OSError exception is raised during connection and
socket’s close() raises OSError.
- gh-135836: Fix IndexError in
asyncio.loop.create_connection() that could occur when the
Happy Eyeballs algorithm resulted in an empty exceptions
list during connection attempts.
- gh-135855: Raise TypeError instead of SystemError when
_interpreters.set___main___attrs() is passed a non-dict
object. Patch by Brian Schubert.
- gh-135815: netrc: skip security checks if os.getuid() is
missing. Patch by B?n?dikt Tran.
- gh-135640: Address bug where it was possible to call
xml.etree.ElementTree.ElementTree.write() on an ElementTree
object with an invalid root element. This behavior blanked
the file passed to write if it already existed.
- gh-135444: Fix asyncio.DatagramTransport.sendto() to
account for datagram header size when data cannot be sent.
- gh-135497: Fix os.getlogin() failing for longer usernames
on BSD-based platforms.
- gh-135487: Fix reprlib.Repr.repr_int() when given integers
with more than sys.get_int_max_str_digits() digits. Patch
by B?n?dikt Tran.
- gh-135335: multiprocessing: Flush stdout and stderr after
preloading modules in the forkserver.
- gh-135244: uuid: when the MAC address cannot be
determined, the 48-bit node ID is now generated with a
cryptographically-secure pseudo-random number generator
(CSPRNG) as per RFC 9562, ?6.10.3. This affects uuid1().
- gh-135069: Fix the “Invalid error handling” exception in
encodings.idna.IncrementalDecoder to correctly replace the
‘errors’ parameter.
- gh-134698: Fix a crash when calling methods of
ssl.SSLContext or ssl.SSLSocket across multiple threads.
- gh-132124: On POSIX-compliant systems,
multiprocessing.util.get_temp_dir() now ignores TMPDIR
(and similar environment variables) if the path length of
AF_UNIX socket files exceeds the platform-specific maximum
length when using the forkserver start method. Patch by
B?n?dikt Tran.
- gh-133439: Fix dot commands with trailing spaces are
mistaken for multi-line SQL statements in the sqlite3
command-line interface.
- gh-132969: Prevent the ProcessPoolExecutor executor thread,
which remains running when shutdown(wait=False), from
attempting to adjust the pool’s worker processes after
the object state has already been reset during shutdown.
A combination of conditions, including a worker process
having terminated abormally, resulted in an exception and
a potential hang when the still-running executor thread
attempted to replace dead workers within the pool.
- gh-130664: Support the '_' digit separator in formatting
of the integral part of Decimal’s. Patch by Sergey B
Kirpichev.
- gh-85702: If zoneinfo._common.load_tzdata is given a
package without a resource a ZoneInfoNotFoundError is
raised rather than a IsADirectoryError.
- gh-130664: Handle corner-case for Fraction’s formatting:
treat zero-padding (preceding the width field by a zero
('0') character) as an equivalent to a fill character of
'0' with an alignment type of '=', just as in case of
float’s.
- Tools/Demos
- gh-135968: Stubs for strip are now provided as part of an
iOS install.
- Tests
- gh-135966: The iOS testbed now handles the app_packages
folder as a site directory.
- gh-135494: Fix regrtest to support excluding tests from
--pgo tests. Patch by Victor Stinner.
- gh-135489: Show verbose output for failing tests during PGO
profiling step with –enable-optimizations.
- Documentation
- gh-135171: Document that the iterator for the leftmost for
clause in the generator expression is created immediately.
- Build
- gh-135497: Fix the detection of MAXLOGNAME in the
configure.ac script.
ModerateSUSE bug 1244680SUSE bug 1244705SUSE bug 1247249SUSE bug 1251305SUSE bug 1252974SUSE bug 1254400SUSE bug 1254401SUSE bug 1254997CVE-2025-12084 at SUSECVE-2025-12084 at NVDCVE-2025-13836 at SUSECVE-2025-13836 at NVDCVE-2025-13837 at SUSECVE-2025-13837 at NVDCVE-2025-6069 at SUSECVE-2025-6069 at NVDCVE-2025-6075 at SUSECVE-2025-6075 at NVDCVE-2025-8194 at SUSECVE-2025-8194 at NVDCVE-2025-8291 at SUSECVE-2025-8291 at NVDcpe:/o:suse:sl-micro:6.2Security update for libpng16 (Moderate)SUSE Linux Micro 6.2
This update for libpng16 fixes the following issues:
- CVE-2026-22695: Fixed heap buffer over-read in png_image_finish_read (bsc#1256525).
- CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in png_image_write_* (bsc#1256526).
ModerateSUSE bug 1256525SUSE bug 1256526CVE-2026-22695 at SUSECVE-2026-22695 at NVDCVE-2026-22801 at SUSECVE-2026-22801 at NVDcpe:/o:suse:sl-micro:6.2Security update for gdk-pixbuf (Important)SUSE Linux Micro 6.2
This update for gdk-pixbuf fixes the following issues:
- CVE-2025-7345: heap buffer overflow in gdk-pixbuf within the gdk_pixbuf__jpeg_image_load_increment function
(io-jpeg.c) and in glib g_base64_encode_step (bsc#1246114).
- CVE-2025-6199: uninitialized memory could lead to leak arbitrary memory contents (bsc#1245227).
ImportantSUSE bug 1245227SUSE bug 1246114CVE-2025-6199 at SUSECVE-2025-6199 at NVDCVE-2025-7345 at SUSECVE-2025-7345 at NVDcpe:/o:suse:sl-micro:6.2Security update for python-urllib3 (Moderate)SUSE Linux Micro 6.2
This update for python-urllib3 fixes the following issues:
- CVE-2026-21441: Fixed excessive resource consumption during decompression of data in HTTP redirect responses (bsc#1256331).
ModerateSUSE bug 1256331CVE-2026-21441 at SUSECVE-2026-21441 at NVDcpe:/o:suse:sl-micro:6.2Security update for python-pyasn1 (Important)SUSE Linux Micro 6.2
This update for python-pyasn1 fixes the following issues:
- CVE-2026-23490: Fixed Denial-of-Service issue that may lead to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets (bsc#1256902)
ImportantSUSE bug 1256902CVE-2026-23490 at SUSECVE-2026-23490 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.7.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-40212: nfsd: fix refcount leak in nfsd_set_fh_dentry() (bsc#1254196).
ImportantSUSE bug 1254196CVE-2025-40212 at SUSECVE-2025-40212 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672).
- CVE-2025-38554: mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped (bsc#1248301).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537).
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-39963: io_uring: fix incorrect io_kiocb reference in io_link_skb (bsc#1251982).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
- CVE-2025-40212: nfsd: fix refcount leak in nfsd_set_fh_dentry() (bsc#1254196).
The following non security issue was fixed:
- Explicitly add module-common.c with vermagic and retpoline modinfo (bsc#1252270).
ImportantSUSE bug 1246019SUSE bug 1248301SUSE bug 1248400SUSE bug 1248631SUSE bug 1248670SUSE bug 1248672SUSE bug 1249207SUSE bug 1249208SUSE bug 1249241SUSE bug 1249537SUSE bug 1250192SUSE bug 1251982SUSE bug 1252270SUSE bug 1253437SUSE bug 1254196CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38554 at SUSECVE-2025-38554 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-39963 at SUSECVE-2025-39963 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDCVE-2025-40212 at SUSECVE-2025-40212 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.7.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-40212: nfsd: fix refcount leak in nfsd_set_fh_dentry() (bsc#1254196).
ImportantSUSE bug 1254196CVE-2025-40212 at SUSECVE-2025-40212 at NVDcpe:/o:suse:sl-micro:6.2Security update for avahi (Moderate)SUSE Linux Micro 6.2
This update for avahi fixes the following issues:
- CVE-2025-68276: Fixed refuse to create wide-area record browsers when
wide-area is off (bsc#1256498)
- CVE-2025-68471: Fixed DoS bug by changing assert to return (bsc#1256500)
- CVE-2025-68468: Fixed DoS bug by removing incorrect assertion (bsc#1256499)
ModerateSUSE bug 1256498SUSE bug 1256499SUSE bug 1256500CVE-2025-68276 at SUSECVE-2025-68276 at NVDCVE-2025-68468 at SUSECVE-2025-68468 at NVDCVE-2025-68471 at SUSECVE-2025-68471 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39963: io_uring: fix incorrect io_kiocb reference in io_link_skb (bsc#1251982).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
- CVE-2025-40212: nfsd: fix refcount leak in nfsd_set_fh_dentry() (bsc#1254196).
ImportantSUSE bug 1251982SUSE bug 1253437SUSE bug 1254196CVE-2025-39963 at SUSECVE-2025-39963 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDCVE-2025-40212 at SUSECVE-2025-40212 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672).
- CVE-2025-38554: mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped (bsc#1248301).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537).
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-39963: io_uring: fix incorrect io_kiocb reference in io_link_skb (bsc#1251982).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
- CVE-2025-40212: nfsd: fix refcount leak in nfsd_set_fh_dentry() (bsc#1254196).
The following non security issues were fixed:
- Explicitly add module-common.c with vermagic and retpoline modinfo (bsc#1252270).
- powerpc64/modules: correctly iterate over stubs in setup_ftrace_ool_stubs (bsc#1251956).
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1246019SUSE bug 1248301SUSE bug 1248400SUSE bug 1248631SUSE bug 1248670SUSE bug 1248672SUSE bug 1249207SUSE bug 1249208SUSE bug 1249241SUSE bug 1249537SUSE bug 1250192SUSE bug 1251956SUSE bug 1251982SUSE bug 1252270SUSE bug 1253437SUSE bug 1254196SUSE bug 1256928CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38554 at SUSECVE-2025-38554 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-39963 at SUSECVE-2025-39963 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDCVE-2025-40212 at SUSECVE-2025-40212 at NVDcpe:/o:suse:sl-micro:6.2Security update for cockpit-subscriptions (Moderate)SUSE Linux Micro 6.2
This update for cockpit-subscriptions fixes the following issues:
Update to version 12.1:
- CVE-2025-64718: js-yaml: fixed prototype pollution in merge (bsc#1255425).
ModerateSUSE bug 1255425CVE-2025-64718 at SUSECVE-2025-64718 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39963: io_uring: fix incorrect io_kiocb reference in io_link_skb (bsc#1251982).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
- CVE-2025-40212: nfsd: fix refcount leak in nfsd_set_fh_dentry() (bsc#1254196).
The following non security issues was fixed:
- Explicitly add module-common.c with vermagic and retpoline modinfo (bsc#1252270).
ImportantSUSE bug 1251982SUSE bug 1252270SUSE bug 1253437SUSE bug 1254196CVE-2025-39963 at SUSECVE-2025-39963 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDCVE-2025-40212 at SUSECVE-2025-40212 at NVDcpe:/o:suse:sl-micro:6.2Security update for ucode-amd (Important)SUSE Linux Micro 6.2
This update for ucode-amd fixes the following issues:
Changes in ucode-amd:
- Update to version 20251203 (git commit a0f0e52138e5):
* linux-firmware: Update amd-ucode copyright information
* linux-firmware: Update AMD cpu microcode
- Update to version 20251113 (git commit fb0dbcd30118):
* linux-firmware: Update AMD cpu microcode
- Update to version 20251031 (git commit 04b323bb64f9):
* linux-firmware: Update AMD cpu microcode
- Update to version 20251028 (git commit 4f72031fc195):
* linux-firmware: Update AMD cpu microcode
- Update to version 20251024 (git commit 9b899c779b8a):
* amd-ucode: Fix minimum revisions in README
- Update to version 20250730 (git commit 910c19074091):
* linux-firmware: Update AMD cpu microcode
Importantcpe:/o:suse:sl-micro:6.2Security update for python-urllib3 (Important)SUSE Linux Micro 6.2
This update for python-urllib3 fixes the following issues:
- CVE-2025-66471: Fixed excessive resource consumption via decompression
of highly compressed data in Streaming API (bsc#1254867)
- CVE-2025-66418: Fixed resource exhaustion via unbounded number of links
in the decompression chain (bsc#1254866)
ImportantSUSE bug 1254866SUSE bug 1254867CVE-2025-66418 at SUSECVE-2025-66418 at NVDCVE-2025-66471 at SUSECVE-2025-66471 at NVDcpe:/o:suse:sl-micro:6.2Recommended update for cloud-init (Important)SUSE Linux Micro 6.2
This update for cloud-init fixes the following issues:
Changes in cloud-init:
- Fix dependency replace -serial with -pyserial
- Drop unneeded test dependency on httpretty, fixed long ago
* https://github.com/canonical/cloud-init/pull/1720
- Update to version 25.1.3 (bsc#1245401 , CVE-2024-6174, bsc#1245403, CVE-2024-11584)
ImportantSUSE bug 1245401SUSE bug 1245403CVE-2024-11584 at SUSECVE-2024-11584 at NVDCVE-2024-6174 at SUSECVE-2024-6174 at NVDcpe:/o:suse:sl-micro:6.2Security update for elemental-register, elemental-toolkit (Important)SUSE Linux Micro 6.2
This update for elemental-register, elemental-toolkit fixes the following issues:
elemental-register was updated to 1.8.1:
Changes on top of v1.8.1:
* Update headers to 2026
* Update questions to include SL Micro 6.2
Update to v1.8.1:
* Install yip config files in before-install step
* Bump github.com/rancher-sandbox/go-tpm and its dependencies
This includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
elemental-toolkit was updated to v2.3.2:
* Bump golang.org/x/crypto library
This includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* bsc#1253581 (CVE-2025-47913)
* bsc#1253901 (CVE-2025-58181)
* bsc#1254079 (CVE-2025-47914)
ImportantSUSE bug 1241826SUSE bug 1241857SUSE bug 1251511SUSE bug 1251679SUSE bug 1253581SUSE bug 1253901SUSE bug 1254079CVE-2025-22872 at SUSECVE-2025-22872 at NVDCVE-2025-47911 at SUSECVE-2025-47911 at NVDCVE-2025-47913 at SUSECVE-2025-47913 at NVDCVE-2025-47914 at SUSECVE-2025-47914 at NVDCVE-2025-58181 at SUSECVE-2025-58181 at NVDCVE-2025-58190 at SUSECVE-2025-58190 at NVDcpe:/o:suse:sl-micro:6.2Security update for glibc (Important)SUSE Linux Micro 6.2
This update for glibc fixes the following issues:
Security fixes:
- CVE-2025-0395: Fixed buffer overflow in the assert() function (bsc#1236282).
- CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766).
- CVE-2026-0915: Fixed uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822).
- CVE-2025-15281: Fixed uninitialized memory may cause the process abort (bsc#1257005).
Other fixes:
- NPTL: Optimize trylock for high cache contention workloads (bsc#1256436)
ImportantSUSE bug 1236282SUSE bug 1256436SUSE bug 1256766SUSE bug 1256822SUSE bug 1257005CVE-2025-0395 at SUSECVE-2025-0395 at NVDCVE-2025-15281 at SUSECVE-2025-15281 at NVDCVE-2026-0861 at SUSECVE-2026-0861 at NVDCVE-2026-0915 at SUSECVE-2026-0915 at NVDcpe:/o:suse:sl-micro:6.2Security update for samba (Critical)SUSE Linux Micro 6.2
This update for samba fixes the following issues:
Update to 4.22.5:
* CVE-2025-10230: Command injection via WINS server hook script (bsc#1251280).
* CVE-2025-9640: uninitialized memory disclosure via vfs_streams_xattr (bsc#1251279).
- Relax samba-gpupdate requirement for cepces, certmonger, and sscep
to a recommends. They are only required if utilizing certificate
auto enrollment (bsc#1249087).
- Disable timeouts for smb.service so that possibly slow running
ExecStartPre script 'update-samba-security-profile' doesn't
cause service start to fail due to timeouts (bsc#1249181).
- Ensure semanage is pulled in as a requirement when samba in
installed when selinux security access mechanism that is used
(bsc#1249180).
- don't attempt to label paths that don't exist, also remove
unecessary evaluation of semange & restorecon cmds (bsc#1249179).
Update to 4.22.4:
* netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED with
SysvolReady=0
* getpwuid does not shift to new DC when current DC is down
* Windows security hardening locks out schannel'ed netlogon dc
calls like netr_DsRGetDCName-
* Unresponsive second DC can cause idmapping failure when using
idmap_ad-
* kinit command is failing with Missing cache Error.
* Figuring out the DC name from IP address fails and breaks
fork_domain_child().
* vfs_streams_depot fstatat broken.
* Delayed leader broadcast can block ctdb forever.
* Apparently there is a conflict between shadow_copy2 module
and virusfilter (action quarantine).
* Fix handling of empty GPO link.
* SMB ACL inheritance doesn't work for files created.
- adjust gpgme build dependency for future-proofing
CriticalSUSE bug 1249087SUSE bug 1249179SUSE bug 1249180SUSE bug 1249181SUSE bug 1251279SUSE bug 1251280CVE-2025-10230 at SUSECVE-2025-10230 at NVDCVE-2025-9640 at SUSECVE-2025-9640 at NVDcpe:/o:suse:sl-micro:6.2Security update for gpg2 (Important)SUSE Linux Micro 6.2
This update for gpg2 fixes the following issues:
- CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys (bsc#1257396).
- CVE-2026-24883: denial of service due to long signature packet length causing parse_signature to return success with sig->data[] set to a NULL value (bsc#1257395).
- gpg.fail/filename: GnuPG Accepts Path Separators and Path Traversals in Literal Data "Filename" Field (bsc#1256389).
ImportantSUSE bug 1256389SUSE bug 1257395SUSE bug 1257396CVE-2026-24882 at SUSECVE-2026-24882 at NVDCVE-2026-24883 at SUSECVE-2026-24883 at NVDcpe:/o:suse:sl-micro:6.2Security update for unbound (Moderate)SUSE Linux Micro 6.2
This update for unbound fixes the following issues:
Update to 1.24.1:
- CVE-2025-11411: Fixed possible domain hijacking attack (bsc#1252525).
ModerateSUSE bug 1252525CVE-2025-11411 at SUSECVE-2025-11411 at NVDcpe:/o:suse:sl-micro:6.2Security update for udisks2 (Moderate)SUSE Linux Micro 6.2
This update for udisks2 fixes the following issues:
- CVE-2025-8067: Fixed a missing bounds check that could lead to out-of-bounds
read in udisks daemon (bsc#1248502).
ModerateSUSE bug 1248502CVE-2025-8067 at SUSECVE-2025-8067 at NVDcpe:/o:suse:sl-micro:6.2Security update for libsoup (Important)SUSE Linux Micro 6.2
This update for libsoup fixes the following issues:
- CVE-2025-11021: Fixed out-of-bounds read in Cookie Date Handling of libsoup HTTP Library (bsc#1250562).
- CVE-2026-0719: Fixed stack-based buffer overflow in NTLM authentication can lead to arbitrary code execution (bsc#1256399).
- CVE-2026-0716: Fixed improper bounds handling may allow out-of-bounds read (bsc#1256418).
ImportantSUSE bug 1250562SUSE bug 1256399SUSE bug 1256418CVE-2025-11021 at SUSECVE-2025-11021 at NVDCVE-2026-0716 at SUSECVE-2026-0716 at NVDCVE-2026-0719 at SUSECVE-2026-0719 at NVDcpe:/o:suse:sl-micro:6.2Security update for tiff (Important)SUSE Linux Micro 6.2
This update for tiff fixes the following issues:
tiff was updated to 4.7.1:
* Software configuration changes:
* Define HAVE_JPEGTURBO_DUAL_MODE_8_12 and LERC_STATIC in tif_config.h.
* CMake: define WORDS_BIGENDIAN via tif_config.h
* doc/CMakeLists.txt: remove useless cmake_minimum_required()
* CMake: fix build with LLVM/Clang 17 (fixes issue #651)
* CMake: set CMP0074 new policy
* Set LINKER_LANGUAGE for C targets with C deps
* Export tiffxx cmake target (fixes issue #674)
* autogen.sh: Enable verbose wget.
* configure.ac: Syntax updates for Autoconf 2.71
* autogen.sh: Re-implement based on autoreconf. Failure to update
config.guess/config.sub does not return error (fixes issue #672)
* CMake: fix CMake 4.0 warning when minimum required version is < 3.10.
* CMake: Add build option tiff-static (fixes issue #709)
Library changes:
* Add TIFFOpenOptionsSetWarnAboutUnknownTags() for explicit control
about emitting warnings for unknown tags. No longer emit warnings
about unknown tags by default
* tif_predict.c: speed-up decompression in some cases.
* Bug fixes:
* tif_fax3: For fax group 3 data if no EOL is detected, reading is
retried without synchronisation for EOLs. (fixes issue #54)
* Updating TIFFMergeFieldInfo() with read_count=write_count=0 for
FIELD_IGNORE. Updating TIFFMergeFieldInfo() with read_count=write_count=0 for
FIELD_IGNORE. Improving handling when field_name = NULL. (fixes issue #532)
* tiff.h: add COMPRESSION_JXL_DNG_1_7=52546 as used for JPEGXL compression in
the DNG 1.7 specification
* TIFFWriteDirectorySec: Increment string length for ASCII tags for codec tags
defined with FIELD_xxx bits, as it is done for FIELD_CUSTOM tags. (fixes issue #648)
* Do not error out on a tag whose tag count value is zero, just issue a warning.
Fix parsing a private tag 0x80a6 (fixes issue #647)
* TIFFDefaultTransferFunction(): give up beyond td_bitspersample = 24
Fixes https://github.com/OSGeo/gdal/issues/10875)
* tif_getimage.c: Remove unnecessary calls to TIFFRGBAImageOK() (fixes issue #175)
* Fix writing a Predictor=3 file with non-native endianness
* _TIFFVSetField(): fix potential use of unallocated memory (out-of-bounds
* read / nullptr dereference) in case of out-of-memory situation when dealing with
custom tags (fixes issue #663)
* tif_fax3.c: Error out for CCITT fax encoding if SamplesPerPixel is not equal 1 and
PlanarConfiguration = Contiguous (fixes issue #26)
* tif_fax3.c: error out after a number of times end-of-line or unexpected bad code
words have been reached. (fixes issue #670)
* Fix memory leak in TIFFSetupStrips() (fixes issue #665)
* tif_zip.c: Provide zlib allocation functions. Otherwise for zlib built with
-DZ_SOLO inflating will fail.
* Fix memory leak in _TIFFSetDefaultCompressionState. (fixes issue #676)
* tif_predict.c: Don’t overwrite input buffer of TIFFWriteScanline() if "prediction"
is enabled. Use extra working buffer in PredictorEncodeRow(). (fixes issue #5)
* tif_getimage.c: update some integer overflow checks (fixes issue #79)
* tif_getimage.c: Fix buffer underflow crash for less raster rows at
TIFFReadRGBAImageOriented() (fixes issue #704, bsc#1250413, CVE-2025-9900)
* TIFFReadRGBAImage(): several fixes to avoid buffer overflows.
* Correct passing arguments to TIFFCvtIEEEFloatToNative() and TIFFCvtIEEEDoubleToNative()
if HAVE_IEEEFP is not defined. (fixes issue #699)
* LZWDecode(): avoid nullptr dereference when trying to read again after EOI marker
has been found with remaining output bytes (fixes issue #698)
* TIFFSetSubDirectory(): check _TIFFCheckDirNumberAndOffset() return.
* TIFFUnlinkDirectory() and TIFFWriteDirectorySec(): clear tif_rawcp when clearing
tif_rawdata (fixes issue #711)
* JPEGEncodeRaw(): error out if a previous scanline failed to be written, to avoid
out-of-bounds access (fixes issue #714)
* tif_jpeg: Fix bug in JPEGDecodeRaw() if JPEG_LIB_MK1_OR_12BIT is defined for 8/12bit
dual mode, introduced in libjpeg-turbo 2.2, which was actually released as 3.0.
Fixes issue #717
* add assert for TIFFReadCustomDirectory infoarray check.
* ppm2tiff: Fix bug in pack_words trailing bytes, where last two bytes of each line
were written wrongly. (fixes issue #467)
* fax2ps: fix regression of commit 28c38d648b64a66c3218778c4745225fe3e3a06d where
TIFFTAG_FAXFILLFUNC is being used rather than an output buffer (fixes issue #649)
* tiff2pdf: Check TIFFTAG_TILELENGTH and TIFFTAGTILEWIDTH (fixes issue #650)
* tiff2pdf: check h_samp and v_samp for range 1 to 4 to avoid division by zero.
Fixes issue #654
* tiff2pdf: avoid null pointer dereference. (fixes issue #741)
* Improve non-secure integer overflow check (comparison of division result with
multiplicant) at compiler optimisation in tiffcp, rgb2ycbcr and tiff2rgba.
Fixes issue #546
* tiff2rgba: fix some "a partial expression can generate an overflow before it is
assigned to a broader type" warnings. (fixes issue #682)
* tiffdither/tiffmedian: Don't skip the first line of the input image. (fixes issue #703)
* tiffdither: avoid out-of-bounds read identified in issue #733
* tiffmedian: error out if TIFFReadScanline() fails (fixes issue #707)
* tiffmedian: close input file. (fixes issue #735)
* thumbail: avoid potential out of bounds access (fixes issue #715)
* tiffcrop: close open TIFF files and release allocated buffers before exiting in case
of error to avoid memory leaks. (fixes issue #716)
* tiffcrop: fix double-free and memory leak exposed by issue #721
* tiffcrop: avoid buffer overflow. (fixes issue #740)
* tiffcrop: avoid nullptr dereference. (fixes issue #734)
* tiffdump: Fix coverity scan issue CID 1373365: Passing tainted expression *datamem
to PrintData, which uses it as a divisor or modulus.
* tiff2ps: check return of TIFFGetFiled() for TIFFTAG_STRIPBYTECOUNTS and
TIFFTAG_TILEBYTECOUNTS to avoid NULL pointer dereference. (fixes issue #718)
* tiffcmp: fix memory leak when second file cannot be opened. (fixes issue #718 and issue #729)
* tiffcp: fix setting compression level for lossless codecs. (fixes issue #730)
* raw2tiff: close input file before exit (fixes issue #742)
Tools changes:
* tiffinfo: add a -W switch to warn about unknown tags.
* tiffdither: process all pages in input TIFF file.
* Documentation:
* TIFFRGBAImage.rst note added for incorrect saving of images with TIFF orientation
from 5 (LeftTop) to 8 (LeftBottom) in the raster.
* TIFFRGBAImage.rst note added about un-associated alpha handling (fixes issue #67)
* Update "Defining New TIFF Tags" description. (fixes issue #642)
* Fix return type of TIFFReadEncodedTile()
* Update the documentation to reflect deprecated typedefs.
* TIFFWriteDirectory.rst: Clarify TIFFSetWriteOffset() only sets offset for image
data and not for IFD data.
* Update documentation on re-entrancy and thread safety.
* Remove dead links to no more existing Awaresystems web-site.
* Updating BigTIFF specification and some miscelaneous editions.
* Replace some last links and remove last todos.
* Added hints for correct allocation of TIFFYCbCrtoRGB structure and its
associated buffers. (fixes issue #681)
* Added chapter to "Using the TIFF Library" with links to handling multi-page TIFF
and custom directories. (fixes issue #43)
* update TIFFOpen.rst with the return values of mapproc and unmapproc. (fixes issue #12)
Security issues fixed:
* CVE-2025-8961: Fix segmentation fault via main function of tiffcrop utility [bsc#1248117]
* CVE-2025-8534: Fix null pointer dereference in function PS_Lvl2page [bsc#1247582]
* CVE-2025-9165: Fix local execution manipulation can lead to memory leak [bsc#1248330]
* CVE-2024-13978: Fix null pointer dereference in tiff2pdf [bsc#1247581]
* CVE-2025-8176: Fix heap use-after-free in tools/tiffmedian.c [bsc#1247108]
* CVE-2025-8177: Fix possible buffer overflow in tools/thumbnail.c:setrow() [bsc#1247106]
- Fix TIFFMergeFieldInfo() read_count=write_count=0 (bsc#1243503)
ImportantSUSE bug 1243503SUSE bug 1247106SUSE bug 1247108SUSE bug 1247581SUSE bug 1247582SUSE bug 1248117SUSE bug 1248330SUSE bug 1250413CVE-2024-13978 at SUSECVE-2024-13978 at NVDCVE-2025-8176 at SUSECVE-2025-8176 at NVDCVE-2025-8177 at SUSECVE-2025-8177 at NVDCVE-2025-8534 at SUSECVE-2025-8534 at NVDCVE-2025-8961 at SUSECVE-2025-8961 at NVDCVE-2025-9165 at SUSECVE-2025-9165 at NVDCVE-2025-9900 at SUSECVE-2025-9900 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Important)SUSE Linux Micro 6.2
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-38704: rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer (bsc#1254408).
- CVE-2025-39880: ceph: fix race condition validating r_parent before applying state (bsc#1250388).
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046).
- CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861).
- CVE-2025-40123: bpf: Enforce expected_attach_type for tailcall compatibility (bsc#1253365).
- CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling
- CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400).
- CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458).
- CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413).
- CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442).
- CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623).
- CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1254961).
- CVE-2025-40215: xfrm: delete x->tunnel as we delete x (bsc#1254959).
- CVE-2025-40218: mm/damon/vaddr: do not repeat pte_offset_map_lock() until success (bsc#1254964).
- CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520).
- CVE-2025-40231: vsock: fix lock inversion in vsock_assign_transport() (bsc#1254815).
- CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
- CVE-2025-40237: fs/notify: call exportfs_encode_fid with s_umount (bsc#1254809).
- CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871).
- CVE-2025-40239: net: phy: micrel: always set shared->phydev for LAN8814 (bsc#1254868).
- CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075).
- CVE-2025-40246: xfs: fix out of bounds memory read error in symlink repair (bsc#1254861).
- CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864).
- CVE-2025-40250: net/mlx5: Clean up only new IRQ glue on request_irq() failure (bsc#1254854).
- CVE-2025-40251: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (bsc#1254856).
- CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in
qede_tpa_cont() and qede_tpa_end() (bsc#1254849).
- CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852).
- CVE-2025-40255: net: core: prevent NULL deref in generic_hwtstamp_ioctl_lower() (bsc#1255156).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843).
- CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).
- CVE-2025-40268: cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082).
- CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297).
- CVE-2025-40274: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (bsc#1254830).
- CVE-2025-40276: drm/panthor: Flush shmem writes before mapping buffers CPU-uncached (bsc#1254824).
- CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825).
- CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846).
- CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847).
- CVE-2025-40292: virtio-net: fix received length check in big packets (bsc#1255175).
- CVE-2025-40293: iommufd: Don't overflow during division for dirty tracking (bsc#1255179).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255187).
- CVE-2025-40319: bpf: Sync pending IRQ work before freeing ring buffer (bsc#1254794).
- CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624).
- CVE-2025-40330: bnxt_en: Shutdown FW DMA in bnxt_shutdown() (bsc#1254616).
- CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615).
- CVE-2025-40338: ASoC: Intel: avs: Do not share the name pointer between components (bsc#1255273).
- CVE-2025-40346: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (bsc#1255318).
- CVE-2025-40347: net: enetc: fix the deadlock of enetc_mdio_lock (bsc#1255262).
- CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260).
- CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261).
- CVE-2025-40357: net/smc: fix general protection fault in __smc_diag_dump (bsc#1255097).
- CVE-2025-40359: perf/x86/intel: Fix KASAN global-out-of-bounds warning (bsc#1255087).
- CVE-2025-40362: ceph: fix multifs mds auth caps issue (bsc#1255103).
- CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255).
- CVE-2025-68197: bnxt_en: Fix null pointer dereference in bnxt_bs_trace_check_wrap() (bsc#1255242).
- CVE-2025-68198: crash: fix crashkernel resource shrink (bsc#1255243).
- CVE-2025-68202: sched_ext: Fix unsafe locking in the scx_dump_state() (bsc#1255223).
- CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142).
- CVE-2025-68208: bpf: account for current allocated stack depth in widen_imprecise_scalars() (bsc#1255227).
- CVE-2025-68209: mlx5: Fix default values in create CQ (bsc#1255230).
- CVE-2025-68215: ice: fix PTP cleanup on driver removal in error path (bsc#1255226).
- CVE-2025-68239: binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272).
- CVE-2025-68259: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (bsc#1255199).
- CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380).
- CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).
- CVE-2025-68293: mm/huge_memory: fix NULL pointer deference when splitting folio (bsc#1255150).
- CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120).
- CVE-2025-68302: net: sxgbe: fix potential NULL dereference in sxgbe_rx() (bsc#1255121).
- CVE-2025-68317: io_uring/zctx: check chained notif contexts (bsc#1255354).
- CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507).
- CVE-2025-68353: net: vxlan: prevent NULL deref in vxlan_xmit_one (bsc#1255533).
- CVE-2025-68363: bpf: Check skb->transport_header is set in bpf_skb_check_mtu (bsc#1255552).
- CVE-2025-68378: bpf: Refactor stack map trace depth calculation into helper function (bsc#1255614).
- CVE-2025-68736: landlock: Optimize file path walks and prepare for audit support (bsc#1255698).
- CVE-2025-68742: bpf: Fix invalid prog->stats access when update_effective_progs fails (bsc#1255707).
- CVE-2025-68744: bpf: Free special fields when update [lru_,]percpu_hash maps (bsc#1255709).
- CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606).
The following non security issues were fixed:
- KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it (bsc#1255672).
- Set HZ=1000 for ppc64 default configuration (jsc#PED-14344)
- bpf: Do not limit bpf_cgroup_from_id to current's namespace (bsc#1255433).
- btrfs: handle aligned EOF truncation correctly for subpage cases (bsc#1253238).
- cgroup: rstat: use LOCK CMPXCHG in css_rstat_updated (bsc#1255434).
- cifs: update dstaddr whenever channel iface is updated (git-fixes).
- cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026).
- cpuset: fix warning when disabling remote partition (bsc#1256794).
- ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378).
- net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes).
- netdevsim: print human readable IP address (bsc#1255071).
- powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event
handling (bsc#1253262 ltc#216029).
- powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285
bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493
bsc#1254244 ltc#216496).
- sched: Increase sched_tick_remote timeout (bsc#1254510).
- selftests: net: fib-onlink-tests: Set high metric for default IPv6 route (bsc#1255346).
- selftests: net: use slowwait to make sure IPv6 setup finished (bsc#1255349).
- selftests: net: use slowwait to stabilize vrf_route_leaking test (bsc#1255349).
- serial: xilinx_uartps: Use helper function hrtimer_update_function() (stable-fixes).
- supported.conf: Mark lan 743x supported (jsc#PED-14571)
- tick/sched: Limit non-timekeeper CPUs calling jiffies update (bsc#1254477).
- wifi: ath10k: Avoid vdev delete timeout when firmware is already down (stable-fixes).
- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256495).
- x86/microcode/AMD: Make __verify_patch_size() return bool (bsc#1256495).
- x86/microcode/AMD: Remove bogus comment from parse_container() (bsc#1256495).
- x86/microcode/AMD: Select which microcode patch to load (bsc#1256495).
- x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256495).
ImportantSUSE bug 1205462SUSE bug 1214285SUSE bug 1243112SUSE bug 1245193SUSE bug 1247500SUSE bug 1250388SUSE bug 1252046SUSE bug 1252861SUSE bug 1253155SUSE bug 1253238SUSE bug 1253262SUSE bug 1253365SUSE bug 1253400SUSE bug 1253413SUSE bug 1253414SUSE bug 1253442SUSE bug 1253458SUSE bug 1253623SUSE bug 1253674SUSE bug 1253739SUSE bug 1254126SUSE bug 1254128SUSE bug 1254195SUSE bug 1254244SUSE bug 1254363SUSE bug 1254378SUSE bug 1254408SUSE bug 1254477SUSE bug 1254510SUSE bug 1254518SUSE bug 1254519SUSE bug 1254520SUSE bug 1254615SUSE bug 1254616SUSE bug 1254618SUSE bug 1254621SUSE bug 1254624SUSE bug 1254791SUSE bug 1254793SUSE bug 1254794SUSE bug 1254795SUSE bug 1254796SUSE bug 1254797SUSE bug 1254798SUSE bug 1254808SUSE bug 1254809SUSE bug 1254813SUSE bug 1254815SUSE bug 1254821SUSE bug 1254824SUSE bug 1254825SUSE bug 1254827SUSE bug 1254828SUSE bug 1254829SUSE bug 1254830SUSE bug 1254832SUSE bug 1254835SUSE bug 1254840SUSE bug 1254843SUSE bug 1254846SUSE bug 1254847SUSE bug 1254849SUSE bug 1254850SUSE bug 1254851SUSE bug 1254852SUSE bug 1254854SUSE bug 1254856SUSE bug 1254858SUSE bug 1254860SUSE bug 1254861SUSE bug 1254864SUSE bug 1254868SUSE bug 1254869SUSE bug 1254871SUSE bug 1254894SUSE bug 1254957SUSE bug 1254959SUSE bug 1254961SUSE bug 1254964SUSE bug 1254996SUSE bug 1255026SUSE bug 1255030SUSE bug 1255034SUSE bug 1255035SUSE bug 1255039SUSE bug 1255040SUSE bug 1255041SUSE bug 1255042SUSE bug 1255057SUSE bug 1255058SUSE bug 1255064SUSE bug 1255065SUSE bug 1255068SUSE bug 1255071SUSE bug 1255072SUSE bug 1255075SUSE bug 1255077SUSE bug 1255081SUSE bug 1255082SUSE bug 1255083SUSE bug 1255087SUSE bug 1255092SUSE bug 1255094SUSE bug 1255095SUSE bug 1255097SUSE bug 1255099SUSE bug 1255103SUSE bug 1255116SUSE bug 1255120SUSE bug 1255121SUSE bug 1255122SUSE bug 1255124SUSE bug 1255131SUSE bug 1255134SUSE bug 1255135SUSE bug 1255136SUSE bug 1255138SUSE bug 1255140SUSE bug 1255142SUSE bug 1255145SUSE bug 1255146SUSE bug 1255149SUSE bug 1255150SUSE bug 1255152SUSE bug 1255154SUSE bug 1255155SUSE bug 1255156SUSE bug 1255161SUSE bug 1255167SUSE bug 1255169SUSE bug 1255171SUSE bug 1255175SUSE bug 1255179SUSE bug 1255181SUSE bug 1255182SUSE bug 1255186SUSE bug 1255187SUSE bug 1255190SUSE bug 1255193SUSE bug 1255196SUSE bug 1255197SUSE bug 1255199SUSE bug 1255202SUSE bug 1255203SUSE bug 1255206SUSE bug 1255209SUSE bug 1255218SUSE bug 1255220SUSE bug 1255221SUSE bug 1255223SUSE bug 1255226SUSE bug 1255227SUSE bug 1255228SUSE bug 1255230SUSE bug 1255231SUSE bug 1255233SUSE bug 1255234SUSE bug 1255242SUSE bug 1255243SUSE bug 1255246SUSE bug 1255247SUSE bug 1255251SUSE bug 1255252SUSE bug 1255253SUSE bug 1255255SUSE bug 1255256SUSE bug 1255259SUSE bug 1255260SUSE bug 1255261SUSE bug 1255262SUSE bug 1255272SUSE bug 1255273SUSE bug 1255274SUSE bug 1255276SUSE bug 1255279SUSE bug 1255297SUSE bug 1255312SUSE bug 1255316SUSE bug 1255318SUSE bug 1255325SUSE bug 1255329SUSE bug 1255346SUSE bug 1255349SUSE bug 1255351SUSE bug 1255354SUSE bug 1255357SUSE bug 1255377SUSE bug 1255379SUSE bug 1255380SUSE bug 1255395SUSE bug 1255401SUSE bug 1255415SUSE bug 1255428SUSE bug 1255433SUSE bug 1255434SUSE bug 1255480SUSE bug 1255483SUSE bug 1255488SUSE bug 1255489SUSE bug 1255493SUSE bug 1255495SUSE bug 1255505SUSE bug 1255507SUSE bug 1255508SUSE bug 1255509SUSE bug 1255533SUSE bug 1255541SUSE bug 1255550SUSE bug 1255552SUSE bug 1255553SUSE bug 1255567SUSE bug 1255580SUSE bug 1255601SUSE bug 1255603SUSE bug 1255611SUSE bug 1255614SUSE bug 1255672SUSE bug 1255688SUSE bug 1255698SUSE bug 1255706SUSE bug 1255707SUSE bug 1255709SUSE bug 1255722SUSE bug 1255723SUSE bug 1255724SUSE bug 1255812SUSE bug 1255813SUSE bug 1255814SUSE bug 1255816SUSE bug 1255931SUSE bug 1255932SUSE bug 1255934SUSE bug 1255943SUSE bug 1255944SUSE bug 1256238SUSE bug 1256495SUSE bug 1256606SUSE bug 1256794CVE-2025-38704 at SUSECVE-2025-38704 at NVDCVE-2025-39880 at SUSECVE-2025-39880 at NVDCVE-2025-39977 at SUSECVE-2025-39977 at NVDCVE-2025-40042 at SUSECVE-2025-40042 at NVDCVE-2025-40123 at SUSECVE-2025-40123 at NVDCVE-2025-40130 at SUSECVE-2025-40130 at NVDCVE-2025-40160 at SUSECVE-2025-40160 at NVDCVE-2025-40167 at SUSECVE-2025-40167 at NVDCVE-2025-40170 at SUSECVE-2025-40170 at NVDCVE-2025-40179 at SUSECVE-2025-40179 at NVDCVE-2025-40190 at SUSECVE-2025-40190 at NVDCVE-2025-40209 at SUSECVE-2025-40209 at NVDCVE-2025-40211 at SUSECVE-2025-40211 at NVDCVE-2025-40212 at SUSECVE-2025-40212 at NVDCVE-2025-40213 at SUSECVE-2025-40213 at NVDCVE-2025-40214 at SUSECVE-2025-40214 at NVDCVE-2025-40215 at SUSECVE-2025-40215 at NVDCVE-2025-40218 at SUSECVE-2025-40218 at NVDCVE-2025-40219 at SUSECVE-2025-40219 at NVDCVE-2025-40220 at SUSECVE-2025-40220 at NVDCVE-2025-40221 at SUSECVE-2025-40221 at NVDCVE-2025-40223 at SUSECVE-2025-40223 at NVDCVE-2025-40225 at SUSECVE-2025-40225 at NVDCVE-2025-40226 at SUSECVE-2025-40226 at NVDCVE-2025-40231 at SUSECVE-2025-40231 at NVDCVE-2025-40233 at SUSECVE-2025-40233 at NVDCVE-2025-40235 at SUSECVE-2025-40235 at NVDCVE-2025-40237 at SUSECVE-2025-40237 at NVDCVE-2025-40238 at SUSECVE-2025-40238 at NVDCVE-2025-40239 at SUSECVE-2025-40239 at NVDCVE-2025-40240 at SUSECVE-2025-40240 at NVDCVE-2025-40242 at SUSECVE-2025-40242 at NVDCVE-2025-40246 at SUSECVE-2025-40246 at NVDCVE-2025-40248 at SUSECVE-2025-40248 at NVDCVE-2025-40250 at SUSECVE-2025-40250 at NVDCVE-2025-40251 at SUSECVE-2025-40251 at NVDCVE-2025-40252 at SUSECVE-2025-40252 at NVDCVE-2025-40254 at SUSECVE-2025-40254 at NVDCVE-2025-40255 at SUSECVE-2025-40255 at NVDCVE-2025-40256 at SUSECVE-2025-40256 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40262 at SUSECVE-2025-40262 at NVDCVE-2025-40263 at SUSECVE-2025-40263 at NVDCVE-2025-40264 at SUSECVE-2025-40264 at NVDCVE-2025-40266 at SUSECVE-2025-40266 at NVDCVE-2025-40268 at SUSECVE-2025-40268 at NVDCVE-2025-40269 at SUSECVE-2025-40269 at NVDCVE-2025-40271 at SUSECVE-2025-40271 at NVDCVE-2025-40272 at SUSECVE-2025-40272 at NVDCVE-2025-40273 at SUSECVE-2025-40273 at NVDCVE-2025-40274 at SUSECVE-2025-40274 at NVDCVE-2025-40275 at SUSECVE-2025-40275 at NVDCVE-2025-40276 at SUSECVE-2025-40276 at NVDCVE-2025-40277 at SUSECVE-2025-40277 at NVDCVE-2025-40278 at SUSECVE-2025-40278 at NVDCVE-2025-40279 at SUSECVE-2025-40279 at NVDCVE-2025-40280 at SUSECVE-2025-40280 at NVDCVE-2025-40282 at SUSECVE-2025-40282 at NVDCVE-2025-40283 at SUSECVE-2025-40283 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40287 at SUSECVE-2025-40287 at NVDCVE-2025-40288 at SUSECVE-2025-40288 at NVDCVE-2025-40289 at SUSECVE-2025-40289 at NVDCVE-2025-40292 at SUSECVE-2025-40292 at NVDCVE-2025-40293 at SUSECVE-2025-40293 at NVDCVE-2025-40294 at SUSECVE-2025-40294 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-40301 at SUSECVE-2025-40301 at NVDCVE-2025-40302 at SUSECVE-2025-40302 at NVDCVE-2025-40303 at SUSECVE-2025-40303 at NVDCVE-2025-40304 at SUSECVE-2025-40304 at NVDCVE-2025-40307 at SUSECVE-2025-40307 at NVDCVE-2025-40308 at SUSECVE-2025-40308 at NVDCVE-2025-40309 at SUSECVE-2025-40309 at NVDCVE-2025-40310 at SUSECVE-2025-40310 at NVDCVE-2025-40311 at SUSECVE-2025-40311 at NVDCVE-2025-40314 at SUSECVE-2025-40314 at NVDCVE-2025-40315 at SUSECVE-2025-40315 at NVDCVE-2025-40316 at SUSECVE-2025-40316 at NVDCVE-2025-40317 at SUSECVE-2025-40317 at NVDCVE-2025-40318 at SUSECVE-2025-40318 at NVDCVE-2025-40319 at SUSECVE-2025-40319 at NVDCVE-2025-40320 at SUSECVE-2025-40320 at NVDCVE-2025-40321 at SUSECVE-2025-40321 at NVDCVE-2025-40322 at SUSECVE-2025-40322 at NVDCVE-2025-40323 at SUSECVE-2025-40323 at NVDCVE-2025-40324 at SUSECVE-2025-40324 at NVDCVE-2025-40328 at SUSECVE-2025-40328 at NVDCVE-2025-40329 at SUSECVE-2025-40329 at NVDCVE-2025-40330 at SUSECVE-2025-40330 at NVDCVE-2025-40331 at SUSECVE-2025-40331 at NVDCVE-2025-40332 at SUSECVE-2025-40332 at NVDCVE-2025-40337 at SUSECVE-2025-40337 at NVDCVE-2025-40338 at SUSECVE-2025-40338 at NVDCVE-2025-40339 at SUSECVE-2025-40339 at NVDCVE-2025-40340 at SUSECVE-2025-40340 at NVDCVE-2025-40342 at SUSECVE-2025-40342 at NVDCVE-2025-40343 at SUSECVE-2025-40343 at NVDCVE-2025-40344 at SUSECVE-2025-40344 at NVDCVE-2025-40345 at SUSECVE-2025-40345 at NVDCVE-2025-40346 at SUSECVE-2025-40346 at NVDCVE-2025-40347 at SUSECVE-2025-40347 at NVDCVE-2025-40350 at SUSECVE-2025-40350 at NVDCVE-2025-40353 at SUSECVE-2025-40353 at NVDCVE-2025-40354 at SUSECVE-2025-40354 at NVDCVE-2025-40355 at SUSECVE-2025-40355 at NVDCVE-2025-40357 at SUSECVE-2025-40357 at NVDCVE-2025-40359 at SUSECVE-2025-40359 at NVDCVE-2025-40360 at SUSECVE-2025-40360 at NVDCVE-2025-40362 at SUSECVE-2025-40362 at NVDCVE-2025-68167 at SUSECVE-2025-68167 at NVDCVE-2025-68170 at SUSECVE-2025-68170 at NVDCVE-2025-68171 at SUSECVE-2025-68171 at NVDCVE-2025-68172 at SUSECVE-2025-68172 at NVDCVE-2025-68176 at SUSECVE-2025-68176 at NVDCVE-2025-68180 at SUSECVE-2025-68180 at NVDCVE-2025-68181 at SUSECVE-2025-68181 at NVDCVE-2025-68183 at SUSECVE-2025-68183 at NVDCVE-2025-68184 at SUSECVE-2025-68184 at NVDCVE-2025-68185 at SUSECVE-2025-68185 at NVDCVE-2025-68190 at SUSECVE-2025-68190 at NVDCVE-2025-68192 at SUSECVE-2025-68192 at NVDCVE-2025-68194 at SUSECVE-2025-68194 at NVDCVE-2025-68195 at SUSECVE-2025-68195 at NVDCVE-2025-68197 at SUSECVE-2025-68197 at NVDCVE-2025-68198 at SUSECVE-2025-68198 at NVDCVE-2025-68201 at SUSECVE-2025-68201 at NVDCVE-2025-68202 at SUSECVE-2025-68202 at NVDCVE-2025-68206 at SUSECVE-2025-68206 at NVDCVE-2025-68207 at SUSECVE-2025-68207 at NVDCVE-2025-68208 at SUSECVE-2025-68208 at NVDCVE-2025-68209 at SUSECVE-2025-68209 at NVDCVE-2025-68210 at SUSECVE-2025-68210 at NVDCVE-2025-68213 at SUSECVE-2025-68213 at NVDCVE-2025-68215 at SUSECVE-2025-68215 at NVDCVE-2025-68217 at SUSECVE-2025-68217 at NVDCVE-2025-68222 at SUSECVE-2025-68222 at NVDCVE-2025-68223 at SUSECVE-2025-68223 at NVDCVE-2025-68230 at SUSECVE-2025-68230 at NVDCVE-2025-68233 at SUSECVE-2025-68233 at NVDCVE-2025-68235 at SUSECVE-2025-68235 at NVDCVE-2025-68237 at SUSECVE-2025-68237 at NVDCVE-2025-68238 at SUSECVE-2025-68238 at NVDCVE-2025-68239 at SUSECVE-2025-68239 at NVDCVE-2025-68242 at SUSECVE-2025-68242 at NVDCVE-2025-68244 at SUSECVE-2025-68244 at NVDCVE-2025-68249 at SUSECVE-2025-68249 at NVDCVE-2025-68252 at SUSECVE-2025-68252 at NVDCVE-2025-68254 at SUSECVE-2025-68254 at NVDCVE-2025-68255 at SUSECVE-2025-68255 at NVDCVE-2025-68256 at SUSECVE-2025-68256 at NVDCVE-2025-68257 at SUSECVE-2025-68257 at NVDCVE-2025-68258 at SUSECVE-2025-68258 at NVDCVE-2025-68259 at SUSECVE-2025-68259 at NVDCVE-2025-68264 at SUSECVE-2025-68264 at NVDCVE-2025-68283 at SUSECVE-2025-68283 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68286 at SUSECVE-2025-68286 at NVDCVE-2025-68287 at SUSECVE-2025-68287 at NVDCVE-2025-68289 at SUSECVE-2025-68289 at NVDCVE-2025-68290 at SUSECVE-2025-68290 at NVDCVE-2025-68293 at SUSECVE-2025-68293 at NVDCVE-2025-68298 at SUSECVE-2025-68298 at NVDCVE-2025-68301 at SUSECVE-2025-68301 at NVDCVE-2025-68302 at SUSECVE-2025-68302 at NVDCVE-2025-68303 at SUSECVE-2025-68303 at NVDCVE-2025-68305 at SUSECVE-2025-68305 at NVDCVE-2025-68306 at SUSECVE-2025-68306 at NVDCVE-2025-68307 at SUSECVE-2025-68307 at NVDCVE-2025-68308 at SUSECVE-2025-68308 at NVDCVE-2025-68311 at SUSECVE-2025-68311 at NVDCVE-2025-68312 at SUSECVE-2025-68312 at NVDCVE-2025-68313 at SUSECVE-2025-68313 at NVDCVE-2025-68317 at SUSECVE-2025-68317 at NVDCVE-2025-68327 at SUSECVE-2025-68327 at NVDCVE-2025-68328 at SUSECVE-2025-68328 at NVDCVE-2025-68330 at SUSECVE-2025-68330 at NVDCVE-2025-68331 at SUSECVE-2025-68331 at NVDCVE-2025-68332 at SUSECVE-2025-68332 at NVDCVE-2025-68335 at SUSECVE-2025-68335 at NVDCVE-2025-68339 at SUSECVE-2025-68339 at NVDCVE-2025-68340 at SUSECVE-2025-68340 at NVDCVE-2025-68342 at SUSECVE-2025-68342 at NVDCVE-2025-68343 at SUSECVE-2025-68343 at NVDCVE-2025-68344 at SUSECVE-2025-68344 at NVDCVE-2025-68345 at SUSECVE-2025-68345 at NVDCVE-2025-68346 at SUSECVE-2025-68346 at NVDCVE-2025-68347 at SUSECVE-2025-68347 at NVDCVE-2025-68351 at SUSECVE-2025-68351 at NVDCVE-2025-68352 at SUSECVE-2025-68352 at NVDCVE-2025-68353 at SUSECVE-2025-68353 at NVDCVE-2025-68354 at SUSECVE-2025-68354 at NVDCVE-2025-68362 at SUSECVE-2025-68362 at NVDCVE-2025-68363 at SUSECVE-2025-68363 at NVDCVE-2025-68378 at SUSECVE-2025-68378 at NVDCVE-2025-68380 at SUSECVE-2025-68380 at NVDCVE-2025-68724 at SUSECVE-2025-68724 at NVDCVE-2025-68732 at SUSECVE-2025-68732 at NVDCVE-2025-68736 at SUSECVE-2025-68736 at NVDCVE-2025-68740 at SUSECVE-2025-68740 at NVDCVE-2025-68742 at SUSECVE-2025-68742 at NVDCVE-2025-68744 at SUSECVE-2025-68744 at NVDCVE-2025-68746 at SUSECVE-2025-68746 at NVDCVE-2025-68747 at SUSECVE-2025-68747 at NVDCVE-2025-68748 at SUSECVE-2025-68748 at NVDCVE-2025-68749 at SUSECVE-2025-68749 at NVDCVE-2025-68750 at SUSECVE-2025-68750 at NVDCVE-2025-68753 at SUSECVE-2025-68753 at NVDCVE-2025-68757 at SUSECVE-2025-68757 at NVDCVE-2025-68758 at SUSECVE-2025-68758 at NVDCVE-2025-68759 at SUSECVE-2025-68759 at NVDCVE-2025-68765 at SUSECVE-2025-68765 at NVDCVE-2025-68766 at SUSECVE-2025-68766 at NVDCVE-2025-71096 at SUSECVE-2025-71096 at NVDcpe:/o:suse:sl-micro:6.2Security update for dpdk (Moderate)SUSE Linux Micro 6.2
This update for dpdk fixes the following issues:
Update to version 24.11.4.
Security issues fixed:
- CVE-2025-23259: issue in the Poll Mode Driver (PMD) allows an attacker on a VM in the system to leak information and
cause a denial of service on the network interface (bsc#1254161).
Other issues fixed:
- Remove obsolete build option -Denable_kmods.
- Add "which" as a build requirement.
- Drop pesign and needssslcertforbuild because we don't build a kmp anymore (bsc#1247389).
ModerateSUSE bug 1247389SUSE bug 1254161CVE-2025-23259 at SUSECVE-2025-23259 at NVDcpe:/o:suse:sl-micro:6.2Security update for glib2 (Important)SUSE Linux Micro 6.2
This update for glib2 fixes the following issues:
- CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354).
- CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355).
- CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353).
- CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049).
ImportantSUSE bug 1257049SUSE bug 1257353SUSE bug 1257354SUSE bug 1257355CVE-2026-0988 at SUSECVE-2026-0988 at NVDCVE-2026-1484 at SUSECVE-2026-1484 at NVDCVE-2026-1485 at SUSECVE-2026-1485 at NVDCVE-2026-1489 at SUSECVE-2026-1489 at NVDcpe:/o:suse:sl-micro:6.2Security update for openssl-3 (Important)SUSE Linux Micro 6.2
This update for openssl-3 fixes the following issues:
Security fixes:
- CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256829).
- CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256830).
- CVE-2025-15468: NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (bsc#1256831).
- CVE-2025-15469: "openssl dgst" one-shot codepath silently truncates inputs >16MB (bsc#1256832).
- CVE-2025-66199: TLS 1.3 CompressedCertificate excessive memory allocation (bsc#1256833).
- CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834).
- CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835).
- CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836).
- CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837).
- CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838).
- CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839).
- CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840).
Other fixes:
- Enable livepatching support for ppc64le (bsc#1257274).
ImportantSUSE bug 1256829SUSE bug 1256830SUSE bug 1256831SUSE bug 1256832SUSE bug 1256833SUSE bug 1256834SUSE bug 1256835SUSE bug 1256836SUSE bug 1256837SUSE bug 1256838SUSE bug 1256839SUSE bug 1256840SUSE bug 1257274CVE-2025-11187 at SUSECVE-2025-11187 at NVDCVE-2025-15467 at SUSECVE-2025-15467 at NVDCVE-2025-15468 at SUSECVE-2025-15468 at NVDCVE-2025-15469 at SUSECVE-2025-15469 at NVDCVE-2025-66199 at SUSECVE-2025-66199 at NVDCVE-2025-68160 at SUSECVE-2025-68160 at NVDCVE-2025-69418 at SUSECVE-2025-69418 at NVDCVE-2025-69419 at SUSECVE-2025-69419 at NVDCVE-2025-69420 at SUSECVE-2025-69420 at NVDCVE-2025-69421 at SUSECVE-2025-69421 at NVDCVE-2026-22795 at SUSECVE-2026-22795 at NVDCVE-2026-22796 at SUSECVE-2026-22796 at NVDcpe:/o:suse:sl-micro:6.2Security update for libxslt (Important)SUSE Linux Micro 6.2
This update for libxslt fixes the following issues:
Changes in libxslt:
- CVE-2025-11731: Fixed type confusion in exsltFuncResultCompfunction leading to denial of service (bsc#1251979)
- CVE-2025-10911: Fixed use-after-free with key data stored cross-RVT (bsc#1250553)
ImportantSUSE bug 1250553SUSE bug 1251979CVE-2025-10911 at SUSECVE-2025-10911 at NVDCVE-2025-11731 at SUSECVE-2025-11731 at NVDcpe:/o:suse:sl-micro:6.2Security update for cups (Critical)SUSE Linux Micro 6.2
This update for cups fixes the following issues:
Update to version 2.4.16.
Security issues fixed:
- CVE-2025-61915: local denial-of-service via cupsd.conf update and related issues (bsc#1253783).
- CVE-2025-58436: slow client communication leads to a possible DoS attack (bsc#1244057).
- CVE-2025-58364: unsafe deserialization and validation of printer attributes can cause a null dereference (bsc#1249128).
- CVE-2025-58060: authentication bypass with AuthType Negotiate (bsc#1249049).
Other updates and bugfixes:
- Version upgrade to 2.4.16:
* 'cupsUTF8ToCharset' didn't validate 2-byte UTF-8 sequences,
potentially reading past the end of the source string
(Issue #1438)
* The web interface did not support domain usernames fully
(Issue #1441)
* Fixed an infinite loop issue in the GTK+ print dialog
(Issue #1439 boo#1254353)
* Fixed stopping scheduler on unknown directive in
configuration (Issue #1443)
* Fixed packages for Immutable Mode (jsc#PED-14775
from epic jsc#PED-14688)
- Version upgrade to 2.4.15:
* Fixed potential crash in 'cups-driverd' when there are
duplicate PPDs (Issue #1355)
* Fixed error recovery when scanning for PPDs
in 'cups-driverd' (Issue #1416)
- Version upgrade to 2.4.14.
- Version upgrade to 2.4.13:
* Added 'print-as-raster' printer and job attributes
for forcing rasterization (Issue #1282)
* Updated documentation (Issue #1086)
* Updated IPP backend to try a sanitized user name if the
printer/server does not like the value (Issue #1145)
* Updated the scheduler to send the "printer-added"
or "printer-modified" events whenever an IPP Everywhere PPD
is installed (Issue #1244)
* Updated the scheduler to send the "printer-modified" event
whenever the system default printer is changed (Issue #1246)
* Fixed a memory leak in 'httpClose' (Issue #1223)
* Fixed missing commas in 'ippCreateRequestedArray'
(Issue #1234)
* Fixed subscription issues in the scheduler and D-Bus notifier
(Issue #1235)
* Fixed media-default reporting for custom sizes (Issue #1238)
* Fixed support for IPP/PPD options with periods or underscores
(Issue #1249)
* Fixed parsing of real numbers in PPD compiler source files
(Issue #1263)
* Fixed scheduler freezing with zombie clients (Issue #1264)
* Fixed support for the server name in the ErrorLog filename
(Issue #1277)
* Fixed job cleanup after daemon restart (Issue #1315)
* Fixed handling of buggy DYMO USB printer serial numbers
(Issue #1338)
* Fixed unreachable block in IPP backend (Issue #1351)
* Fixed memory leak in _cupsConvertOptions (Issue #1354)
- Version upgrade to 2.4.12:
* GnuTLS follows system crypto policies now (Issue #1105)
* Added `NoSystem` SSLOptions value (Issue #1130)
* Now we raise alert for certificate issues (Issue #1194)
* Added Kyocera USB quirk (Issue #1198)
* The scheduler now logs a job's debugging history
if the backend fails (Issue #1205)
* Fixed a potential timing issue with `cupsEnumDests`
(Issue #1084)
* Fixed a potential "lost PPD" condition in the scheduler
(Issue #1109)
* Fixed a compressed file error handling bug (Issue #1070)
* Fixed a bug in the make-and-model whitespace trimming
code (Issue #1096)
* Fixed a removal of IPP Everywhere permanent queue
if installation failed (Issue #1102)
* Fixed `ServerToken None` in scheduler (Issue #1111)
* Fixed invalid IPP keyword values created from PPD
option names (Issue #1118)
* Fixed handling of "media" and "PageSize" in the same
print request (Issue #1125)
* Fixed client raster printing from macOS (Issue #1143)
* Fixed the default User-Agent string.
* Fixed a recursion issue in `ippReadIO`.
* Fixed handling incorrect radix in `scan_ps()` (Issue #1188)
* Fixed validation of dateTime values with time zones
more than UTC+11 (Issue #1201)
* Fixed attributes returned by the Create-Xxx-Subscriptions
requests (Issue #1204)
* Fixed `ippDateToTime` when using a non GMT/UTC timezone
(Issue #1208)
* Fixed `job-completed` event notifications for jobs that are
cancelled before started (Issue #1209)
* Fixed DNS-SD discovery with `ippfind` (Issue #1211)
CriticalSUSE bug 1244057SUSE bug 1249049SUSE bug 1249128SUSE bug 1253783SUSE bug 1254353CVE-2025-58060 at SUSECVE-2025-58060 at NVDCVE-2025-58364 at SUSECVE-2025-58364 at NVDCVE-2025-58436 at SUSECVE-2025-58436 at NVDCVE-2025-61915 at SUSECVE-2025-61915 at NVDcpe:/o:suse:sl-micro:6.2Security update for libxml2 (Moderate)SUSE Linux Micro 6.2
This update for libxml2 fixes the following issues:
- CVE-2026-0989: Fixed call stack exhaustion leading to application crash
due to RelaxNG parser not limiting the recursion depth when
resolving `<include>` directives (bsc#1256805).
ModerateSUSE bug 1256805CVE-2026-0989 at SUSECVE-2026-0989 at NVDcpe:/o:suse:sl-micro:6.2Security update for python-maturin (Moderate)SUSE Linux Micro 6.2
This update for python-maturin fixes the following issues:
- CVE-2025-58160: tracing-subscriber: Fixed log pollution (bsc#1249011)
ModerateSUSE bug 1249011CVE-2025-58160 at SUSECVE-2025-58160 at NVDcpe:/o:suse:sl-micro:6.2Security update for cockpit-subscriptions (Important)SUSE Linux Micro 6.2
This update for cockpit-subscriptions fixes the following issues:
- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global
prototypes (bsc#1257324).
ImportantSUSE bug 1257324CVE-2025-13465 at SUSECVE-2025-13465 at NVDcpe:/o:suse:sl-micro:6.2Security update for cockpit (Important)SUSE Linux Micro 6.2
This update for cockpit fixes the following issues:
- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global
prototypes (bsc#1257324).
ImportantSUSE bug 1257324CVE-2025-13465 at SUSECVE-2025-13465 at NVDcpe:/o:suse:sl-micro:6.2Security update for libsoup (Important)SUSE Linux Micro 6.2
This update for libsoup fixes the following issues:
- CVE-2026-1536: HTTP header injection or response splitting via CRLF injection in the Content-Disposition header
(bsc#1257440).
- CVE-2026-1761: incorrect length calculation when parsing of multipart HTTP responses can lead to a stack-based
buffer overflow (bsc#1257598).
ImportantSUSE bug 1257440SUSE bug 1257598CVE-2026-1536 at SUSECVE-2026-1536 at NVDCVE-2026-1761 at SUSECVE-2026-1761 at NVDcpe:/o:suse:sl-micro:6.2Security update for patch (Low)SUSE Linux Micro 6.2
This update for patch fixes the following issues:
- CVE-2021-45261: invalid pointer via another_hunk function can cause a denial-of-service (bsc#1194037).
LowSUSE bug 1194037CVE-2021-45261 at SUSECVE-2021-45261 at NVDcpe:/o:suse:sl-micro:6.2Security update for openCryptoki (Moderate)SUSE Linux Micro 6.2
This update for openCryptoki fixes the following issues:
Upgrade openCryptoki to 3.26 (jsc#PED-14609)
Security fixes:
- CVE-2026-22791: supplying malformed compressed EC public key can lead to heap corruption or denial-of-service (bsc#1256673).
- CVE-2026-23893: Privilege Escalation or Data Exposure via Symlink Following (bsc#1257116).
Other fixes:
* Soft: Add support for RSA keys up to 16K bits.
* CCA: Add support for RSA keys up to 8K bits (requires CCA v8.4 or v7.6 or later).
* p11sak: Add support for generating RSA keys up to 16K bits.
* Soft/ICA: Add support for SHA512/224 and SHA512/256 key derivation mechanism (CKM_SHA512_224_KEY_DERIVATION and CKM_SHA512_256_KEY_DERIVATION).
* Soft/ICA/CCA/EP11: Add support for SHA-HMAC key types CKK_SHAxxx_HMAC and key gen mechanisms CKM_SHAxxx_KEY_GEN.
* p11sak: Add support for SHA-HMAC key types and key generation.
* p11sak: Add support for key wrap and unwrap commands to export and import private and secret keys by means of key wrapping/unwrapping
with various key wrapping mechanism.
* p11kmip: Add support for using an HSM-protected TLS client key via a PKCS#11 provider.
* p11sak: Add support for exporting non-sensitive private keys to password protected PEM files.
* Add support for canceling an operation via NULL mechanism pointer at C_XxxInit() call as an alternative to C_SessionCancel() (PKCS#11 v3.0).
* EP11: Add support for pairing friendly BLS12-381 EC curve for sign/verify using CKM_IBM_ECDSA_OTHER and signature/public key aggregation using CKM_IBM_EC_AGGREGATE.
* p11sak: Add support for generating BLS12-381 EC keys.
* EP11: Add support for IBM-specific ML-DSA and ML-KEM key types and mechanisms (requires an EP11 host library v4.2 or later, and
a CEX8P crypto card with firmware v9.6 or later on IBM z17, and v8.39 or later on IBM z16).
* CCA: Add support for IBM-specific ML-DSA and ML-KEM key types and mechanisms (requires CCA v8.4 or later).
* Soft: Add support for IBM-specific ML-DSA and ML-KEM key types and mechanisms (requires OpenSSL 3.5 or later, or the OQS-provider must be configured).
* p11sak: Add support for IBM-specific ML-DSA and ML-KEM key types.
* Bug fixes.
ModerateSUSE bug 1256673SUSE bug 1257116CVE-2026-22791 at SUSECVE-2026-22791 at NVDCVE-2026-23893 at SUSECVE-2026-23893 at NVDcpe:/o:suse:sl-micro:6.2Security update for expat (Important)SUSE Linux Micro 6.2
This update for expat fixes the following issues:
- CVE-2025-59375: Fixed large dynamic memory allocations via a small document submitted for parsing (bsc#1249584)
ImportantSUSE bug 1249584CVE-2025-59375 at SUSECVE-2025-59375 at NVDcpe:/o:suse:sl-micro:6.2Security update for cockpit-machines, cockpit (Important)SUSE Linux Micro 6.2
This update for cockpit-machines, cockpit fixes the following issues:
- CVE-2025-13465: Update the lodash dependencie to avoid prototype pollution. (bsc#1257324)
Changes in cockpit-machines:
- Update to 346
* 346
- Performance improvements
- Translation updates
* 345
- New virtual machines don't get SPICE graphics anymore
- Support for network port forwarding
- Bug fixes and translation updates
- Update to 344
* 344
- Port forwarding for user session VMs
- "Shutdown and restart" action
- Faster startup
* 343
- Memory usage now shows numbers reported by the guest (RHEL-116731)
- Update to 342
* 342
- Bug fixes and translation updates
* 341
- Improved UX for Disks and Network interface tables
- Bug fixes and translation updates
* 340
- Use exclusive VNC connections with "Remote resizing"
- Update to 339
* 339
- Serial consoles now keep their content and stay alive
- No longer copies qemu.conf values into VM definitions
* 338
- Translation and dependency updates
- Detachable VNC console
- Update to 337
* 337
- Bug fixes and translation updates
* 336
- Graphical VNC and serial consoles improvements
- Control VNC console resizing and scaling
- Bug fixes and translation updates
* 335
- Bug fixes and translation updates
* 334
- Bug fixes and translation updates
Changes in cockpit:
- Update to 354
* changes since 351
- 354
* Convert documentation to AsciiDoc
* Work around Firefox 146/147 bug (rhbz#2422331)
* Bug fixes
- 353
* Networking: Suggest prefix length and gateway address
* Bug fixes and translation updates
- 352
* Shown a warning if the last shutdown/reboot was unclean
* Bug fixes and translation updates
- Update to 351
* Changes since 349
- 351
* Firewall ports can be deleted individually
- 350
* networking: fix renaming of bridges and other groups (RHEL-117883)
* bridge: fix OpenSSH_10.2p1 host key detection
- Update to 349
* Changes since 346
- 349
* Package manifests: add any test
* Bug fixes and translation updates
- 348
* Bug fixes and translation updates
- 347
* Site-specific branding support
- Update to 346
* Changes since 344
- 346
* Support branding Cockpit pages
* Storage: Support for Stratis "V2" pools
- 345
* Translation and dependency updates
* Shorter IPv6 addresses
* IPv6 addresses for WireGuard
- Update to 344
* Changes since 340
- 344
* Bug fixes and translation updates
- 343
* login: Improve error message for unsupported shells
* cockpit: Handle file access issues with files in machines.d
* Translation updates
- 342
* systemd: ensure update() is called at least once for tuned-dialog
* Translation updates
- 341
* services: show link to podman page for quadlets
* Bug fixes and translation updates
ImportantSUSE bug 1221342SUSE bug 1236149SUSE bug 1239759SUSE bug 1248250SUSE bug 1249828SUSE bug 1249830SUSE bug 1257324SUSE bug 1257325CVE-2025-13465 at SUSECVE-2025-13465 at NVDcpe:/o:suse:sl-micro:6.2Security update for docker (Moderate)SUSE Linux Micro 6.2
This update for docker fixes the following issues:
- CVE-2025-58181: not validating the number of mechanisms can cause unlimited memory consumption (bsc#1253904).
ModerateSUSE bug 1253904CVE-2025-58181 at SUSECVE-2025-58181 at NVDcpe:/o:suse:sl-micro:6.2Security update for cockpit-repos (Important)SUSE Linux Micro 6.2
This update for cockpit-repos fixes the following issues:
Update to version 4.7.
Security issues fixed:
- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global
(bsc#1257325).
- CVE-2025-64718: js-yaml prototype pollution in merge (bsc#1255425).
Other updates and bugfixes:
- version update to 4.7
* Translation updates
- version update to 4.6:
* Translation updates
* Dependency updates
* Fix translations pot file not being update
- version update to 4.5:
* Dependency updates
- version update to 4.4:
* Translation updates
* Dependency updates
ImportantSUSE bug 1255425SUSE bug 1257325CVE-2025-13465 at SUSECVE-2025-13465 at NVDCVE-2025-64718 at SUSECVE-2025-64718 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1253439CVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.2Security update for openssl-3-livepatches (Critical)SUSE Linux Micro 6.2
This update for openssl-3-livepatches fixes the following issues:
- CVE-2025-11187: Fixed improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256878).
- CVE-2025-15467: Fixed stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256876).
- CVE-2025-15468: Fixed NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (bsc#1256880).
- CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK Unwrap (bsc#1250410).
CriticalSUSE bug 1250410SUSE bug 1256876SUSE bug 1256878SUSE bug 1256880CVE-2025-11187 at SUSECVE-2025-11187 at NVDCVE-2025-15467 at SUSECVE-2025-15467 at NVDCVE-2025-15468 at SUSECVE-2025-15468 at NVDCVE-2025-9230 at SUSECVE-2025-9230 at NVDcpe:/o:suse:sl-micro:6.2Security update for python313 (Important)SUSE Linux Micro 6.2
This update for python313 fixes the following issues:
Update to version 3.13.12.
Security issues fixed:
- CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable
characters (bsc#1257029).
- CVE-2025-15282: user-controlled data URLs parsed may allow injecting headers (bsc#1257046).
- CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using http.cookies.Morsel
(bsc#1257031).
- CVE-2026-0865: user-controlled header containing newlines can allow injecting HTTP headers (bsc#1257042).
- CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in `BytesGenerator`
(bsc#1257181).
Other updates and bugfixes:
- Update to version 3.13.12.
- Library
- gh-144380: Improve performance of io.BufferedReader line
iteration by ~49%.
- gh-144169: Fix three crashes when non-string keyword
arguments are supplied to objects in the ast module.
- gh-144100: Fixed a crash in ctypes when using a deprecated
POINTER(str) type in argtypes. Instead of aborting, ctypes
now raises a proper Python exception when the pointer
target type is unresolved.
- gh-144050: Fix stat.filemode() in the pure-Python
implementation to avoid misclassifying invalid mode values
as block devices.
- gh-144023: Fixed validation of file descriptor 0 in posix
functions when used with follow_symlinks parameter.
- gh-143999: Fix an issue where inspect.getgeneratorstate()
and inspect.getcoroutinestate() could fail for generators
wrapped by types.coroutine() in the suspended state.
- gh-143706: Fix multiprocessing forkserver so that sys.argv
is correctly set before __main__ is preloaded. Previously,
sys.argv was empty during main module import in forkserver
child processes. This fixes a regression introduced in
3.13.8 and 3.14.1. Root caused by Aaron Wieczorek, test
provided by Thomas Watson, thanks!
- gh-143638: Forbid reentrant calls of the pickle.Pickler and
pickle.Unpickler methods for the C implementation.
Previously, this could cause crash or data corruption, now
concurrent calls of methods of the same object raise
RuntimeError.
- gh-78724: Raise RuntimeError's when user attempts to call
methods on half-initialized Struct objects, For example,
created by Struct.__new__(Struct). Patch by Sergey
B Kirpichev.
- gh-143602: Fix a inconsistency issue in write() that leads
to unexpected buffer overwrite by deduplicating the buffer
exports.
- gh-143547: Fix sys.unraisablehook() when the hook raises an
exception and changes sys.unraisablehook(): hold a strong
reference to the old hook. Patch by Victor Stinner.
- gh-143378: Fix use-after-free crashes when a BytesIO object
is concurrently mutated during write() or writelines().
- gh-143346: Fix incorrect wrapping of the Base64 data in
plistlib._PlistWriter when the indent contains a mix of
tabs and spaces.
- gh-143310: tkinter: fix a crash when a Python list is
mutated during the conversion to a Tcl object (e.g., when
setting a Tcl variable). Patch by Benedikt Tran.
- gh-143309: Fix a crash in os.execve() on non-Windows
platforms when given a custom environment mapping which is
then mutated during parsing. Patch by Benedikt Tran.
- gh-143308: pickle: fix use-after-free crashes when
a PickleBuffer is concurrently mutated by a custom buffer
callback during pickling. Patch by Benedikt Tran and Aaron
Wieczorek.
- gh-143237: Fix support of named pipes in the rotating
logging handlers.
- gh-143249: Fix possible buffer leaks in Windows overlapped
I/O on error handling.
- gh-143241: zoneinfo: fix infinite loop in
ZoneInfo.from_file when parsing a malformed TZif file.
Patch by Fatih Celik.
- gh-142830: sqlite3: fix use-after-free crashes when the
connection's callbacks are mutated during a callback
execution. Patch by Benedikt Tran.
- gh-143200: xml.etree.ElementTree: fix use-after-free
crashes in __getitem__() and __setitem__() methods of
Element when the element is concurrently mutated. Patch by
Benedikt Tran.
- gh-142195: Updated timeout evaluation logic in subprocess
to be compatible with deterministic environments like
Shadow where time moves exactly as requested.
- gh-143145: Fixed a possible reference leak in ctypes when
constructing results with multiple output parameters on
error.
- gh-122431: Corrected the error message in
readline.append_history_file() to state that nelements must
be non-negative instead of positive.
- gh-143004: Fix a potential use-after-free in
collections.Counter.update() when user code mutates the
Counter during an update.
- gh-143046: The asyncio REPL no longer prints copyright and
version messages in the quiet mode (-q). Patch by Bartosz
Slawecki.
- gh-140648: The asyncio REPL now respects the -I flag
(isolated mode). Previously, it would load and execute
PYTHONSTARTUP even if the flag was set. Contributed by
Bartosz Slawecki.
- gh-142991: Fixed socket operations such as recvfrom() and
sendto() for FreeBSD divert(4) socket.
- gh-143010: Fixed a bug in mailbox where the precise timing
of an external event could result in the library opening an
existing file instead of a file it expected to create.
- gh-142881: Fix concurrent and reentrant call of
atexit.unregister().
- gh-112127: Fix possible use-after-free in
atexit.unregister() when the callback is unregistered
during comparison.
- gh-142783: Fix zoneinfo use-after-free with descriptor
_weak_cache. a descriptor as _weak_cache could cause
crashes during object creation. The fix ensures proper
reference counting for descriptor-provided objects.
- gh-142754: Add the ownerDocument attribute to
xml.dom.minidom elements and attributes created by directly
instantiating the Element or Attr class. Note that this way
of creating nodes is not supported; creator functions like
xml.dom.Document.documentElement() should be used instead.
- gh-142784: The asyncio REPL now properly closes the loop
upon the end of interactive session. Previously, it could
cause surprising warnings. Contributed by Bartosz Slawecki.
- gh-142555: array: fix a crash in a[i] = v when converting
i to an index via i.__index__ or i.__float__ mutates the
array.
- gh-142594: Fix crash in TextIOWrapper.close() when the
underlying buffer's closed property calls detach().
- gh-142451: hmac: Ensure that the HMAC.block_size attribute
is correctly copied by HMAC.copy. Patch by Benedikt Tran.
- gh-142495: collections.defaultdict now prioritizes
__setitem__() when inserting default values from
default_factory. This prevents race conditions where
a default value would overwrite a value set before
default_factory returns.
- gh-142651: unittest.mock: fix a thread safety issue where
Mock.call_count may return inaccurate values when the mock
is called concurrently from multiple threads.
- gh-142595: Added type check during initialization of the
decimal module to prevent a crash in case of broken stdlib.
Patch by Sergey B Kirpichev.
- gh-142517: The non-compat32 email policies now correctly
handle refolding encoded words that contain bytes that can
not be decoded in their specified character set. Previously
this resulted in an encoding exception during folding.
- gh-112527: The help text for required options in argparse
no longer extended with "(default: None)".
- gh-142315: Pdb can now run scripts from anonymous pipes
used in process substitution. Patch by Bartosz Slawecki.
- gh-142282: Fix winreg.QueryValueEx() to not accidentally
read garbage buffer under race condition.
- gh-75949: Fix argparse to preserve | separators in mutually
exclusive groups when the usage line wraps due to length.
- gh-68552: MisplacedEnvelopeHeaderDefect and Missing header
name defects are now correctly passed to the handle_defect
method of policy in FeedParser.
- gh-142006: Fix a bug in the email.policy.default folding
algorithm which incorrectly resulted in a doubled newline
when a line ending at exactly max_line_length was followed
by an unfoldable token.
- gh-105836: Fix asyncio.run_coroutine_threadsafe() leaving
underlying cancelled asyncio task running.
- gh-139971: pydoc: Ensure that the link to the online
documentation of a stdlib module is correct.
- gh-139262: Some keystrokes can be swallowed in the new
PyREPL on Windows, especially when used together with the
ALT key. Fix by Chris Eibl.
- gh-138897: Improved license/copyright/credits display in
the REPL: now uses a pager.
- gh-79986: Add parsing for References and In-Reply-To
headers to the email library that parses the header content
as lists of message id tokens. This prevents them from
being folded incorrectly.
- gh-109263: Starting a process from spawn context in
multiprocessing no longer sets the start method globally.
- gh-90871: Fixed an off by one error concerning the backlog
parameter in create_unix_server(). Contributed by Christian
Harries.
- gh-133253: Fix thread-safety issues in linecache.
- gh-132715: Skip writing objects during marshalling once
a failure has occurred.
- gh-127529: Correct behavior of
asyncio.selector_events.BaseSelectorEventLoop._accept_connection()
in handling ConnectionAbortedError in a loop. This improves
performance on OpenBSD.
- IDLE
- gh-143774: Better explain the operation of Format / Format
Paragraph.
- Core and Builtins
- gh-144307: Prevent a reference leak in module teardown at
interpreter finalization.
- gh-144194: Fix error handling in perf jitdump
initialization on memory allocation failure.
- gh-141805: Fix crash in set when objects with the same hash
are concurrently added to the set after removing an element
with the same hash while the set still contains elements
with the same hash.
- gh-143670: Fixes a crash in ga_repr_items_list function.
- gh-143377: Fix a crash in _interpreters.capture_exception()
when the exception is incorrectly formatted. Patch by
Benedikt Tran.
- gh-143189: Fix crash when inserting a non-str key into
a split table dictionary when the key matches an existing
key in the split table but has no corresponding value in
the dict.
- gh-143228: Fix use-after-free in perf trampoline when
toggling profiling while threads are running or during
interpreter finalization with daemon threads active. The
fix uses reference counting to ensure trampolines are not
freed while any code object could still reference them.
Pach by Pablo Galindo
- gh-142664: Fix a use-after-free crash in
memoryview.__hash__ when the __hash__ method of the
referenced object mutates that object or the view. Patch by
Benedikt Tran.
- gh-142557: Fix a use-after-free crash in bytearray.__mod__
when the bytearray is mutated while formatting the %-style
arguments. Patch by Benedikt Tran.
- gh-143195: Fix use-after-free crashes in bytearray.hex()
and memoryview.hex() when the separator's __len__() mutates
the original object. Patch by Benedikt Tran.
- gh-143135: Set sys.flags.inspect to 1 when PYTHONINSPECT is
0. Previously, it was set to 0 in this case.
- gh-143003: Fix an overflow of the shared empty buffer in
bytearray.extend() when __length_hint__() returns 0 for
non-empty iterator.
- gh-143006: Fix a possible assertion error when comparing
negative non-integer float and int with the same number of
bits in the integer part.
- gh-142776: Fix a file descriptor leak in import.c
- gh-142829: Fix a use-after-free crash in
contextvars.Context comparison when a custom __eq__ method
modifies the context via set().
- gh-142766: Clear the frame of a generator when
generator.close() is called.
- gh-142737: Tracebacks will be displayed in fallback mode
even if io.open() is lost. Previously, this would crash the
interpreter. Patch by Bartosz Slawecki.
- gh-142554: Fix a crash in divmod() when
_pylong.int_divmod() does not return a tuple of length two
exactly. Patch by Benedikt Tran.
- gh-142560: Fix use-after-free in bytearray search-like
methods (find(), count(), index(), rindex(), and rfind())
by marking the storage as exported which causes
reallocation attempts to raise BufferError. For contains(),
split(), and rsplit() the buffer protocol is used for this.
- gh-142343: Fix SIGILL crash on m68k due to incorrect
assembly constraint.
- gh-141732: Ensure the __repr__() for ExceptionGroup and
BaseExceptionGroup does not change when the exception
sequence that was original passed in to its constructor is
subsequently mutated.
- gh-100964: Fix reference cycle in exhausted generator
frames. Patch by Savannah Ostrowski.
- gh-140373: Correctly emit PY_UNWIND event when generator
object is closed. Patch by Mikhail Efimov.
- gh-138568: Adjusted the built-in help() function so that
empty inputs are ignored in interactive mode.
- gh-127773: Do not use the type attribute cache for types
with incompatible MRO.
- C API
- gh-142571: PyUnstable_CopyPerfMapFile() now checks that
opening the file succeeded before flushing.
- Build
- gh-142454: When calculating the digest of the JIT stencils
input, sort the hashed files by filenames before adding
their content to the hasher. This ensures deterministic
hash input and hence deterministic hash, independent on
filesystem order.
- gh-141808: When running make clean-retain-profile, keep the
generated JIT stencils. That way, the stencils are not
generated twice when Profile-guided optimization (PGO) is
used. It also allows distributors to supply their own
pre-built JIT stencils.
- gh-138061: Ensure reproducible builds by making JIT stencil
header generation deterministic.
ImportantSUSE bug 1257029SUSE bug 1257031SUSE bug 1257042SUSE bug 1257046SUSE bug 1257181CVE-2025-11468 at SUSECVE-2025-11468 at NVDCVE-2025-15282 at SUSECVE-2025-15282 at NVDCVE-2026-0672 at SUSECVE-2026-0672 at NVDCVE-2026-0865 at SUSECVE-2026-0865 at NVDCVE-2026-1299 at SUSECVE-2026-1299 at NVDcpe:/o:suse:sl-micro:6.2Security update for glibc-livepatches (Important)SUSE Linux Micro 6.2
This update for glibc-livepatches fixes the following issues:
Changes in glibc-livepatches:
- CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow (bsc#1256913)
ImportantSUSE bug 1226501SUSE bug 1228879SUSE bug 1256913CVE-2026-0861 at SUSECVE-2026-0861 at NVDcpe:/o:suse:sl-micro:6.2Security update for containerized-data-importer (Important)SUSE Linux Micro 6.2
This update for containerized-data-importer fixes the following issues:
Update to version 1.64.0.
Security issues fixed:
- CVE-2024-28180: improper handling of highly compressed data (bsc#1235204).
- CVE-2024-45338: denial of service due to non-linear parsing of case-insensitive content (bsc#1235365).
- CVE-2025-22868: unexpected memory consumption during token parsing in golang.org/x/oauth2 (bsc#1239205).
ImportantSUSE bug 1235204SUSE bug 1235365SUSE bug 1239205CVE-2024-28180 at SUSECVE-2024-28180 at NVDCVE-2024-45338 at SUSECVE-2024-45338 at NVDCVE-2025-22868 at SUSECVE-2025-22868 at NVDcpe:/o:suse:sl-micro:6.2Security update for kubevirt (Important)SUSE Linux Micro 6.2
This update for kubevirt fixes the following issues:
Update to version 1.7.0 (bsc#1257128).
Security issues fixed:
- CVE-2025-64435: logic flaw in the virt-controller can lead to incorrect status updates and potentially causing a DoS
(bsc#1253189).
- CVE-2024-45310: kubevirt vendored github.com/opencontainers/runc/libcontainer/utils: runc can be tricked into
creating empty files/directories on host (bsc#1257422).
- CVE-2025-22872: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction
(bsc#1241772).
- CVE-2025-64432: fail to correctly validate certain fields in the client TLS certificate may allow an attacker to
bypass existing RBAC controls (bsc#1253181).
- CVE-2025-64433: improper symlink handling can allow to read arbitrary files (bsc#1253185).
- CVE-2025-64434: compromising virt-handler instance can lead to impersonate virt-api and execute privileged operations
(bsc#1253186).
- CVE-2025-64437: mishandling of symlinks can lead to compromising the CIA (bsc#1253194).
- CVE-2025-64324: a logic bug that allows an attacker to read and write arbitrary files owned by more privileged users
(bsc#1253748).
Other updates and bugfixes:
- Upstream now uses stateless firmware for CoCo VMs.
ImportantSUSE bug 1241772SUSE bug 1253181SUSE bug 1253185SUSE bug 1253186SUSE bug 1253189SUSE bug 1253194SUSE bug 1253748SUSE bug 1257128SUSE bug 1257422CVE-2024-45310 at SUSECVE-2024-45310 at NVDCVE-2025-22872 at SUSECVE-2025-22872 at NVDCVE-2025-64324 at SUSECVE-2025-64324 at NVDCVE-2025-64432 at SUSECVE-2025-64432 at NVDCVE-2025-64433 at SUSECVE-2025-64433 at NVDCVE-2025-64434 at SUSECVE-2025-64434 at NVDCVE-2025-64435 at SUSECVE-2025-64435 at NVDCVE-2025-64437 at SUSECVE-2025-64437 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Important)SUSE Linux Micro 6.2
The SUSE Linux Enterprise 16.0 and SL MIxro 6.2 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-40147: blk-throttle: fix access race during throttle policy activation (bsc#1253344).
- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
- CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).
- CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
- CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).
- CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).
- CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).
- CVE-2025-68200: bpf: Add bpf_prog_run_data_pointers() (bsc#1255241).
- CVE-2025-68211: ksm: use range-walk function to jump over holes in scan_get_next_rmap_item (bsc#1255319).
- CVE-2025-68218: nvme-multipath: fix lockdep WARN due to partition scan work (bsc#1255245).
- CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).
- CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).
- CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
- CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).
- CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
- CVE-2025-68297: ceph: fix crash in process_v2_sparse_read() for encrypted directories (bsc#1255403).
- CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).
- CVE-2025-68325: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (bsc#1255417).
- CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482).
- CVE-2025-68341: veth: reduce XDP no_direct return section to fix race (bsc#1255506).
- CVE-2025-68348: block: fix memory leak in __blkdev_issue_zero_pages (bsc#1255694).
- CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (bsc#1255544).
- CVE-2025-68356: gfs2: Prevent recursive memory reclaim (bsc#1255593).
- CVE-2025-68359: btrfs: fix double free of qgroup record after failure to add delayed ref head (bsc#1255542).
- CVE-2025-68360: wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks (bsc#1255536).
- CVE-2025-68361: erofs: limit the level of fs stacking for file-backed mounts (bsc#1255526).
- CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).
- CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).
- CVE-2025-68368: md: init bioset in mddev_init (bsc#1255527).
- CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
- CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530).
- CVE-2025-68376: coresight: ETR: Fix ETR buffer use-after-free issue (bsc#1255529).
- CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
- CVE-2025-68735: drm/panthor: Prevent potential UAF in group creation (bsc#1255811).
- CVE-2025-68741: scsi: qla2xxx: Fix improper freeing of purex item (bsc#1255703).
- CVE-2025-68743: mshv: Fix create memory region overlap check (bsc#1255708).
- CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).
- CVE-2025-68768: inet: frags: add inet_frag_queue_flush() (bsc#1256579).
- CVE-2025-68770: bnxt_en: Fix XDP_TX path (bsc#1256584).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).
- CVE-2025-68776: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (bsc#1256659).
- CVE-2025-68784: xfs: fix a UAF problem in xattr repair (bsc#1256793).
- CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
- CVE-2025-68792: tpm2-sessions: Fix out of range indexing in name_size (bsc#1256656).
- CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
- CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).
- CVE-2025-68799: caif: fix integer underflow in cffrml_receive() (bsc#1256643).
- CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (bsc#1256646).
- CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).
- CVE-2025-68803: NFSD: NFSv4 file creation neglects setting ACL (bsc#1256770).
- CVE-2025-68811: svcrdma: use rc_pageoff for memcpy byte offset (bsc#1256677).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-68814: io_uring: fix filename leak in __io_openat_prep() (bsc#1256651).
- CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict (bsc#1256680).
- CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
- CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754).
- CVE-2025-68821: fuse: fix readahead reclaim deadlock (bsc#1256667).
- CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645).
- CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).
- CVE-2025-71080: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT (bsc#1256608).
- CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).
- CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed() (bsc#1256773).
- CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).
- CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).
- CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).
- CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects (bsc#1256607).
- CVE-2025-71098: ip6_gre: make ip6gre_header() robust (bsc#1256591).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2025-71123: ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757).
- CVE-2025-71126: mptcp: avoid deadlock on fallback while reinjecting (bsc#1256755).
- CVE-2025-71132: smc91x: fix broken irq-context in PREEMPT_RT (bsc#1256737).
- CVE-2025-71133: RDMA/irdma: avoid invalid read in irdma_net_event (bsc#1256733).
- CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (bsc#1256761).
- CVE-2025-71137: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" (bsc#1256760).
- CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159).
- CVE-2025-71149: io_uring/poll: correctly handle io_poll_add() return value on update (bsc#1257164).
- CVE-2025-71156: gve: defer interrupt enabling until NAPI registration (bsc#1257167).
- CVE-2025-71157: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() (bsc#1257168).
- CVE-2026-22976: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (bsc#1257035).
- CVE-2026-22977: net: sock: fix hardened usercopy panic in sock_recv_errqueue (bsc#1257053).
- CVE-2026-22981: idpf: detach and close netdevs while handling a reset (bsc#1257225).
- CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179).
- CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handle_auth_done() (bsc#1257217).
- CVE-2026-22986: gpiolib: fix race condition for gdev->srcu (bsc#1257276).
- CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221).
- CVE-2026-22991: libceph: make free_choose_arg_map() resilient to partial allocation (bsc#1257220).
- CVE-2026-22992: libceph: return the handler error from mon_handle_auth_done() (bsc#1257218).
- CVE-2026-22993: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (bsc#1257180).
- CVE-2026-22996: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv.
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).
- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).
- CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).
- CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).
The following non security issues were fixed:
- ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).
- Add bugnumber to an existing hv_netvsc change (bsc#1257473).
- Fix locking issue introduced by a CVE backport (bsc#1256975 bsc#1254977).
- Update config files: disable CONFIG_DEVPORT for arm64 (bsc#1256792)
- arm64: Update config files. Disable DEVPORT (bsc#1256792)
- bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).
- bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).
- btrfs: pass fs_info to btrfs_delete_ref_head() (git-fixes).
- btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes).
- bus: fsl-mc: Constify fsl_mc_device_match() (jsc#PED-10906 git-fixes).
- drm/imagination: Wait for FW trace update command completion (git-fixes).
- drm/msm/a6xx: fix bogus hwcg register updates (git-fixes).
- ice: use netif_get_num_default_rss_queues() (bsc#1247712).
- libbpf: Fix -Wdiscarded-qualifiers under C23 (bsc#1257309).
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1254447 bsc#1253087).
- net: mana: Fix incorrect speed reported by debugfs (bsc#1255232).
- net: mana: Support HW link state events (bsc#1253049).
- nfsd: adjust WARN_ON_ONCE in revoke_delegation (bsc#1257015).
- nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (git-fixes).
- powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).
- sched/fair: Disable scheduler feature NEXT_BUDDY (bsc#1255459).
- scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256864).
- scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256864).
- scsi: qla2xxx: Add Speed in SFP print information (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Allow recovery for tape devices (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256865 bsc#1256867 jsc#PED-14156).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- selftests: net: fib-onlink-tests: Convert to use namespaces by default (bsc#1255346).
- slimbus: core: Constify slim_eaddr_equal() (jsc#PED-10906 git-fixes).
- smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748,bsc#1257154).
- smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes).
- smb: improve directory cache reuse for readdir operations (bsc#1252712).
- tsm-mr: Add TVM Measurement Register support (bsc#1257504).
- tsm-mr: Add tsm-mr sample code (bsc#1257504).
- virt: tdx-guest: Expose TDX MRs as sysfs attributes (bsc#1257504).
- virt: tdx-guest: Refactor and streamline TDREPORT generation (bsc#1257504).
- virt: tdx-guest: Transition to scoped_cond_guard for mutex operations (bsc#1257504).
- wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes).
- x86/tdx: Add tdx_mcall_extend_rtmr() interface (bsc#1257504).
- x86/tdx: tdx_mcall_get_report0: Return -EBUSY on TDCALL_OPERAND_BUSY error (bsc#1257504).
ImportantSUSE bug 1205462SUSE bug 1214285SUSE bug 1215199SUSE bug 1235905SUSE bug 1242505SUSE bug 1242974SUSE bug 1242986SUSE bug 1243452SUSE bug 1243507SUSE bug 1243662SUSE bug 1246184SUSE bug 1246282SUSE bug 1247030SUSE bug 1247292SUSE bug 1247712SUSE bug 1248166SUSE bug 1248175SUSE bug 1248178SUSE bug 1248179SUSE bug 1248185SUSE bug 1248188SUSE bug 1248196SUSE bug 1248206SUSE bug 1248208SUSE bug 1248209SUSE bug 1248211SUSE bug 1248212SUSE bug 1248213SUSE bug 1248214SUSE bug 1248216SUSE bug 1248217SUSE bug 1248222SUSE bug 1248227SUSE bug 1248228SUSE bug 1248229SUSE bug 1248232SUSE bug 1248234SUSE bug 1248240SUSE bug 1248360SUSE bug 1248366SUSE bug 1248384SUSE bug 1248626SUSE bug 1249307SUSE bug 1249609SUSE bug 1249895SUSE bug 1249998SUSE bug 1250032SUSE bug 1250082SUSE bug 1250388SUSE bug 1250705SUSE bug 1250738SUSE bug 1250748SUSE bug 1252712SUSE bug 1252773SUSE bug 1252784SUSE bug 1252891SUSE bug 1252900SUSE bug 1253049SUSE bug 1253078SUSE bug 1253079SUSE bug 1253087SUSE bug 1253344SUSE bug 1253500SUSE bug 1253739SUSE bug 1254244SUSE bug 1254308SUSE bug 1254447SUSE bug 1254839SUSE bug 1254842SUSE bug 1254845SUSE bug 1254977SUSE bug 1255102SUSE bug 1255128SUSE bug 1255157SUSE bug 1255164SUSE bug 1255172SUSE bug 1255216SUSE bug 1255232SUSE bug 1255241SUSE bug 1255245SUSE bug 1255266SUSE bug 1255268SUSE bug 1255269SUSE bug 1255319SUSE bug 1255327SUSE bug 1255346SUSE bug 1255403SUSE bug 1255417SUSE bug 1255459SUSE bug 1255482SUSE bug 1255506SUSE bug 1255526SUSE bug 1255527SUSE bug 1255529SUSE bug 1255530SUSE bug 1255536SUSE bug 1255537SUSE bug 1255542SUSE bug 1255544SUSE bug 1255547SUSE bug 1255569SUSE bug 1255593SUSE bug 1255622SUSE bug 1255694SUSE bug 1255695SUSE bug 1255703SUSE bug 1255708SUSE bug 1255811SUSE bug 1255930SUSE bug 1256579SUSE bug 1256582SUSE bug 1256584SUSE bug 1256586SUSE bug 1256591SUSE bug 1256592SUSE bug 1256593SUSE bug 1256594SUSE bug 1256597SUSE bug 1256605SUSE bug 1256607SUSE bug 1256608SUSE bug 1256609SUSE bug 1256610SUSE bug 1256611SUSE bug 1256612SUSE bug 1256613SUSE bug 1256616SUSE bug 1256617SUSE bug 1256619SUSE bug 1256622SUSE bug 1256623SUSE bug 1256625SUSE bug 1256627SUSE bug 1256628SUSE bug 1256630SUSE bug 1256632SUSE bug 1256638SUSE bug 1256641SUSE bug 1256643SUSE bug 1256645SUSE bug 1256646SUSE bug 1256650SUSE bug 1256651SUSE bug 1256653SUSE bug 1256654SUSE bug 1256655SUSE bug 1256656SUSE bug 1256659SUSE bug 1256660SUSE bug 1256661SUSE bug 1256664SUSE bug 1256665SUSE bug 1256667SUSE bug 1256668SUSE bug 1256674SUSE bug 1256677SUSE bug 1256680SUSE bug 1256682SUSE bug 1256683SUSE bug 1256688SUSE bug 1256689SUSE bug 1256716SUSE bug 1256726SUSE bug 1256728SUSE bug 1256730SUSE bug 1256733SUSE bug 1256737SUSE bug 1256741SUSE bug 1256742SUSE bug 1256744SUSE bug 1256748SUSE bug 1256749SUSE bug 1256752SUSE bug 1256754SUSE bug 1256755SUSE bug 1256756SUSE bug 1256757SUSE bug 1256759SUSE bug 1256760SUSE bug 1256761SUSE bug 1256763SUSE bug 1256770SUSE bug 1256773SUSE bug 1256774SUSE bug 1256777SUSE bug 1256779SUSE bug 1256781SUSE bug 1256785SUSE bug 1256792SUSE bug 1256793SUSE bug 1256794SUSE bug 1256864SUSE bug 1256865SUSE bug 1256867SUSE bug 1256975SUSE bug 1257015SUSE bug 1257035SUSE bug 1257053SUSE bug 1257154SUSE bug 1257155SUSE bug 1257158SUSE bug 1257159SUSE bug 1257163SUSE bug 1257164SUSE bug 1257167SUSE bug 1257168SUSE bug 1257179SUSE bug 1257180SUSE bug 1257202SUSE bug 1257204SUSE bug 1257207SUSE bug 1257208SUSE bug 1257215SUSE bug 1257217SUSE bug 1257218SUSE bug 1257220SUSE bug 1257221SUSE bug 1257225SUSE bug 1257227SUSE bug 1257232SUSE bug 1257234SUSE bug 1257236SUSE bug 1257243SUSE bug 1257245SUSE bug 1257276SUSE bug 1257277SUSE bug 1257279SUSE bug 1257282SUSE bug 1257296SUSE bug 1257309SUSE bug 1257473SUSE bug 1257504SUSE bug 1257603CVE-2024-54031 at SUSECVE-2024-54031 at NVDCVE-2025-37744 at SUSECVE-2025-37744 at NVDCVE-2025-37751 at SUSECVE-2025-37751 at NVDCVE-2025-37841 at SUSECVE-2025-37841 at NVDCVE-2025-37845 at SUSECVE-2025-37845 at NVDCVE-2025-37904 at SUSECVE-2025-37904 at NVDCVE-2025-37955 at SUSECVE-2025-37955 at NVDCVE-2025-38243 at SUSECVE-2025-38243 at NVDCVE-2025-38262 at SUSECVE-2025-38262 at NVDCVE-2025-38297 at SUSECVE-2025-38297 at NVDCVE-2025-38298 at SUSECVE-2025-38298 at NVDCVE-2025-38379 at SUSECVE-2025-38379 at NVDCVE-2025-38423 at SUSECVE-2025-38423 at NVDCVE-2025-38505 at SUSECVE-2025-38505 at NVDCVE-2025-38507 at SUSECVE-2025-38507 at NVDCVE-2025-38510 at SUSECVE-2025-38510 at NVDCVE-2025-38511 at SUSECVE-2025-38511 at NVDCVE-2025-38512 at SUSECVE-2025-38512 at NVDCVE-2025-38513 at SUSECVE-2025-38513 at NVDCVE-2025-38515 at SUSECVE-2025-38515 at NVDCVE-2025-38516 at SUSECVE-2025-38516 at NVDCVE-2025-38520 at SUSECVE-2025-38520 at NVDCVE-2025-38521 at SUSECVE-2025-38521 at NVDCVE-2025-38529 at SUSECVE-2025-38529 at NVDCVE-2025-38530 at SUSECVE-2025-38530 at NVDCVE-2025-38535 at SUSECVE-2025-38535 at NVDCVE-2025-38537 at SUSECVE-2025-38537 at NVDCVE-2025-38538 at SUSECVE-2025-38538 at NVDCVE-2025-38539 at SUSECVE-2025-38539 at NVDCVE-2025-38540 at SUSECVE-2025-38540 at NVDCVE-2025-38541 at SUSECVE-2025-38541 at NVDCVE-2025-38543 at SUSECVE-2025-38543 at NVDCVE-2025-38547 at SUSECVE-2025-38547 at NVDCVE-2025-38548 at SUSECVE-2025-38548 at NVDCVE-2025-38550 at SUSECVE-2025-38550 at NVDCVE-2025-38551 at SUSECVE-2025-38551 at NVDCVE-2025-38569 at SUSECVE-2025-38569 at NVDCVE-2025-38589 at SUSECVE-2025-38589 at NVDCVE-2025-38590 at SUSECVE-2025-38590 at NVDCVE-2025-38645 at SUSECVE-2025-38645 at NVDCVE-2025-39689 at SUSECVE-2025-39689 at NVDCVE-2025-39795 at SUSECVE-2025-39795 at NVDCVE-2025-39813 at SUSECVE-2025-39813 at NVDCVE-2025-39814 at SUSECVE-2025-39814 at NVDCVE-2025-39817 at SUSECVE-2025-39817 at NVDCVE-2025-39829 at SUSECVE-2025-39829 at NVDCVE-2025-39880 at SUSECVE-2025-39880 at NVDCVE-2025-39913 at SUSECVE-2025-39913 at NVDCVE-2025-39927 at SUSECVE-2025-39927 at NVDCVE-2025-40030 at SUSECVE-2025-40030 at NVDCVE-2025-40045 at SUSECVE-2025-40045 at NVDCVE-2025-40097 at SUSECVE-2025-40097 at NVDCVE-2025-40106 at SUSECVE-2025-40106 at NVDCVE-2025-40147 at SUSECVE-2025-40147 at NVDCVE-2025-40195 at SUSECVE-2025-40195 at NVDCVE-2025-40257 at SUSECVE-2025-40257 at NVDCVE-2025-40259 at SUSECVE-2025-40259 at NVDCVE-2025-40261 at SUSECVE-2025-40261 at NVDCVE-2025-40363 at SUSECVE-2025-40363 at NVDCVE-2025-68174 at SUSECVE-2025-68174 at NVDCVE-2025-68178 at SUSECVE-2025-68178 at NVDCVE-2025-68188 at SUSECVE-2025-68188 at NVDCVE-2025-68200 at SUSECVE-2025-68200 at NVDCVE-2025-68211 at SUSECVE-2025-68211 at NVDCVE-2025-68218 at SUSECVE-2025-68218 at NVDCVE-2025-68227 at SUSECVE-2025-68227 at NVDCVE-2025-68241 at SUSECVE-2025-68241 at NVDCVE-2025-68245 at SUSECVE-2025-68245 at NVDCVE-2025-68261 at SUSECVE-2025-68261 at NVDCVE-2025-68296 at SUSECVE-2025-68296 at NVDCVE-2025-68297 at SUSECVE-2025-68297 at NVDCVE-2025-68320 at SUSECVE-2025-68320 at NVDCVE-2025-68325 at SUSECVE-2025-68325 at NVDCVE-2025-68337 at SUSECVE-2025-68337 at NVDCVE-2025-68341 at SUSECVE-2025-68341 at NVDCVE-2025-68348 at SUSECVE-2025-68348 at NVDCVE-2025-68349 at SUSECVE-2025-68349 at NVDCVE-2025-68356 at SUSECVE-2025-68356 at NVDCVE-2025-68359 at SUSECVE-2025-68359 at NVDCVE-2025-68360 at SUSECVE-2025-68360 at NVDCVE-2025-68361 at SUSECVE-2025-68361 at NVDCVE-2025-68366 at SUSECVE-2025-68366 at NVDCVE-2025-68367 at SUSECVE-2025-68367 at NVDCVE-2025-68368 at SUSECVE-2025-68368 at NVDCVE-2025-68372 at SUSECVE-2025-68372 at NVDCVE-2025-68374 at SUSECVE-2025-68374 at NVDCVE-2025-68376 at SUSECVE-2025-68376 at NVDCVE-2025-68379 at SUSECVE-2025-68379 at NVDCVE-2025-68725 at SUSECVE-2025-68725 at NVDCVE-2025-68735 at SUSECVE-2025-68735 at NVDCVE-2025-68741 at SUSECVE-2025-68741 at NVDCVE-2025-68743 at SUSECVE-2025-68743 at NVDCVE-2025-68764 at SUSECVE-2025-68764 at NVDCVE-2025-68768 at SUSECVE-2025-68768 at NVDCVE-2025-68770 at SUSECVE-2025-68770 at NVDCVE-2025-68771 at SUSECVE-2025-68771 at NVDCVE-2025-68773 at SUSECVE-2025-68773 at NVDCVE-2025-68775 at SUSECVE-2025-68775 at NVDCVE-2025-68776 at SUSECVE-2025-68776 at NVDCVE-2025-68777 at SUSECVE-2025-68777 at NVDCVE-2025-68778 at SUSECVE-2025-68778 at NVDCVE-2025-68783 at SUSECVE-2025-68783 at NVDCVE-2025-68784 at SUSECVE-2025-68784 at NVDCVE-2025-68788 at SUSECVE-2025-68788 at NVDCVE-2025-68789 at SUSECVE-2025-68789 at NVDCVE-2025-68792 at SUSECVE-2025-68792 at NVDCVE-2025-68795 at SUSECVE-2025-68795 at NVDCVE-2025-68797 at SUSECVE-2025-68797 at NVDCVE-2025-68798 at SUSECVE-2025-68798 at NVDCVE-2025-68799 at SUSECVE-2025-68799 at NVDCVE-2025-68800 at SUSECVE-2025-68800 at NVDCVE-2025-68801 at SUSECVE-2025-68801 at NVDCVE-2025-68802 at SUSECVE-2025-68802 at NVDCVE-2025-68803 at SUSECVE-2025-68803 at NVDCVE-2025-68804 at SUSECVE-2025-68804 at NVDCVE-2025-68808 at SUSECVE-2025-68808 at NVDCVE-2025-68811 at SUSECVE-2025-68811 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-68814 at SUSECVE-2025-68814 at NVDCVE-2025-68815 at SUSECVE-2025-68815 at NVDCVE-2025-68816 at SUSECVE-2025-68816 at NVDCVE-2025-68819 at SUSECVE-2025-68819 at NVDCVE-2025-68820 at SUSECVE-2025-68820 at NVDCVE-2025-68821 at SUSECVE-2025-68821 at NVDCVE-2025-68822 at SUSECVE-2025-68822 at NVDCVE-2025-71064 at SUSECVE-2025-71064 at NVDCVE-2025-71066 at SUSECVE-2025-71066 at NVDCVE-2025-71073 at SUSECVE-2025-71073 at NVDCVE-2025-71076 at SUSECVE-2025-71076 at NVDCVE-2025-71077 at SUSECVE-2025-71077 at NVDCVE-2025-71078 at SUSECVE-2025-71078 at NVDCVE-2025-71079 at SUSECVE-2025-71079 at NVDCVE-2025-71080 at SUSECVE-2025-71080 at NVDCVE-2025-71081 at SUSECVE-2025-71081 at NVDCVE-2025-71082 at SUSECVE-2025-71082 at NVDCVE-2025-71083 at SUSECVE-2025-71083 at NVDCVE-2025-71084 at SUSECVE-2025-71084 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDCVE-2025-71086 at SUSECVE-2025-71086 at NVDCVE-2025-71087 at SUSECVE-2025-71087 at NVDCVE-2025-71088 at SUSECVE-2025-71088 at NVDCVE-2025-71089 at SUSECVE-2025-71089 at NVDCVE-2025-71091 at SUSECVE-2025-71091 at NVDCVE-2025-71093 at SUSECVE-2025-71093 at NVDCVE-2025-71094 at SUSECVE-2025-71094 at NVDCVE-2025-71095 at SUSECVE-2025-71095 at NVDCVE-2025-71097 at SUSECVE-2025-71097 at NVDCVE-2025-71098 at SUSECVE-2025-71098 at NVDCVE-2025-71099 at SUSECVE-2025-71099 at NVDCVE-2025-71100 at SUSECVE-2025-71100 at NVDCVE-2025-71101 at SUSECVE-2025-71101 at NVDCVE-2025-71108 at SUSECVE-2025-71108 at NVDCVE-2025-71111 at SUSECVE-2025-71111 at NVDCVE-2025-71112 at SUSECVE-2025-71112 at NVDCVE-2025-71113 at SUSECVE-2025-71113 at NVDCVE-2025-71114 at SUSECVE-2025-71114 at NVDCVE-2025-71116 at SUSECVE-2025-71116 at NVDCVE-2025-71118 at SUSECVE-2025-71118 at NVDCVE-2025-71119 at SUSECVE-2025-71119 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2025-71123 at SUSECVE-2025-71123 at NVDCVE-2025-71126 at SUSECVE-2025-71126 at NVDCVE-2025-71130 at SUSECVE-2025-71130 at NVDCVE-2025-71131 at SUSECVE-2025-71131 at NVDCVE-2025-71132 at SUSECVE-2025-71132 at NVDCVE-2025-71133 at SUSECVE-2025-71133 at NVDCVE-2025-71135 at SUSECVE-2025-71135 at NVDCVE-2025-71136 at SUSECVE-2025-71136 at NVDCVE-2025-71137 at SUSECVE-2025-71137 at NVDCVE-2025-71138 at SUSECVE-2025-71138 at NVDCVE-2025-71141 at SUSECVE-2025-71141 at NVDCVE-2025-71142 at SUSECVE-2025-71142 at NVDCVE-2025-71143 at SUSECVE-2025-71143 at NVDCVE-2025-71145 at SUSECVE-2025-71145 at NVDCVE-2025-71147 at SUSECVE-2025-71147 at NVDCVE-2025-71148 at SUSECVE-2025-71148 at NVDCVE-2025-71149 at SUSECVE-2025-71149 at NVDCVE-2025-71154 at SUSECVE-2025-71154 at NVDCVE-2025-71156 at SUSECVE-2025-71156 at NVDCVE-2025-71157 at SUSECVE-2025-71157 at NVDCVE-2025-71162 at SUSECVE-2025-71162 at NVDCVE-2025-71163 at SUSECVE-2025-71163 at NVDCVE-2026-22976 at SUSECVE-2026-22976 at NVDCVE-2026-22977 at SUSECVE-2026-22977 at NVDCVE-2026-22978 at SUSECVE-2026-22978 at NVDCVE-2026-22981 at SUSECVE-2026-22981 at NVDCVE-2026-22982 at SUSECVE-2026-22982 at NVDCVE-2026-22984 at SUSECVE-2026-22984 at NVDCVE-2026-22985 at SUSECVE-2026-22985 at NVDCVE-2026-22986 at SUSECVE-2026-22986 at NVDCVE-2026-22988 at SUSECVE-2026-22988 at NVDCVE-2026-22989 at SUSECVE-2026-22989 at NVDCVE-2026-22990 at SUSECVE-2026-22990 at NVDCVE-2026-22991 at SUSECVE-2026-22991 at NVDCVE-2026-22992 at SUSECVE-2026-22992 at NVDCVE-2026-22993 at SUSECVE-2026-22993 at NVDCVE-2026-22996 at SUSECVE-2026-22996 at NVDCVE-2026-22997 at SUSECVE-2026-22997 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23000 at SUSECVE-2026-23000 at NVDCVE-2026-23001 at SUSECVE-2026-23001 at NVDCVE-2026-23002 at SUSECVE-2026-23002 at NVDCVE-2026-23005 at SUSECVE-2026-23005 at NVDCVE-2026-23006 at SUSECVE-2026-23006 at NVDCVE-2026-23011 at SUSECVE-2026-23011 at NVDcpe:/o:suse:sl-micro:6.2Security update for the initial kernel livepatch (Important)SUSE Linux Micro 6.2
This update contains initial livepatches for the SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2 kernel update.
Importantcpe:/o:suse:sl-micro:6.2Security update for haproxy (Moderate)SUSE Linux Micro 6.2
This update for haproxy fixes the following issues:
- Update to version 3.2.12+git0.6011f448e
- CVE-2026-26081: Fixed a DOS vulnerability in QUIC. (bsc#1257976)
- CVE-2026-26080: Fixed a DOS vulnerability in QUIC. (bsc#1257976)
ModerateSUSE bug 1257521SUSE bug 1257976CVE-2026-26080 at SUSECVE-2026-26080 at NVDCVE-2026-26081 at SUSECVE-2026-26081 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1253439CVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.2Security update for podman (Important)SUSE Linux Micro 6.2
This update for podman fixes the following issues:
Changes in podman:
- Add symlink to catatonit in /usr/libexec/podman (bsc#1248988)
- CVE-2025-47914: Fixed golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read (bsc#1253993)
- CVE-2025-47913: Fixed golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542):
- CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: Fixed runc: Container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files (bsc#1252376):
- CVE-2025-9566: Fixed that podman kube play command may overwrite host files (bsc#1249154):
ImportantSUSE bug 1248988SUSE bug 1249154SUSE bug 1252376SUSE bug 1253542SUSE bug 1253993CVE-2025-22869 at SUSECVE-2025-22869 at NVDCVE-2025-31133 at SUSECVE-2025-31133 at NVDCVE-2025-47913 at SUSECVE-2025-47913 at NVDCVE-2025-47914 at SUSECVE-2025-47914 at NVDCVE-2025-52565 at SUSECVE-2025-52565 at NVDCVE-2025-52881 at SUSECVE-2025-52881 at NVDCVE-2025-6032 at SUSECVE-2025-6032 at NVDCVE-2025-9566 at SUSECVE-2025-9566 at NVDcpe:/o:suse:sl-micro:6.2Security update for expat (Moderate)SUSE Linux Micro 6.2
This update for expat fixes the following issues:
- CVE-2026-24515: failure to copy the encoding handler data passed to XML_SetUnknownEncodingHandler may cause a NULL
dereference (bsc#1257144).
- CVE-2026-25210: lack of buffer size check can lead to an integer overflow (bsc#1257496).
ModerateSUSE bug 1257144SUSE bug 1257496CVE-2026-24515 at SUSECVE-2026-24515 at NVDCVE-2026-25210 at SUSECVE-2026-25210 at NVDcpe:/o:suse:sl-micro:6.2Security update for cockpit-podman (Important)SUSE Linux Micro 6.2
This update for cockpit-podman fixes the following issues:
- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global
prototypes (bsc#1257324).
ImportantSUSE bug 1257324CVE-2025-13465 at SUSECVE-2025-13465 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.7.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling (bsc#1253415).
ImportantSUSE bug 1253415CVE-2025-40130 at SUSECVE-2025-40130 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39698: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1250190).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling (bsc#1253415).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249480SUSE bug 1250190SUSE bug 1253415SUSE bug 1253439SUSE bug 1253473CVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39698 at SUSECVE-2025-39698 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40130 at SUSECVE-2025-40130 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39698: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1250190).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249480SUSE bug 1250190SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39698 at SUSECVE-2025-39698 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling (bsc#1253415).
ImportantSUSE bug 1253415CVE-2025-40130 at SUSECVE-2025-40130 at NVDcpe:/o:suse:sl-micro:6.2Security update for libxml2, libxslt (Moderate)SUSE Linux Micro 6.2
This update for libxml2, libxslt fixes the following issues:
Changes in libxml2:
- CVE-2026-0990: call stack overflow may lead to application crash due to infinite recursion in
`xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811).
- CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling
`nextCatalog` elements (bsc#1256809, bsc#1256812).
- CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files
(bsc#1247858).
- CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257594, bsc#1257595).
- CVE-2025-10911: parsing xsl nodes may lead to use-after-free with key data stored cross-RVT (bsc#1250553)
ModerateSUSE bug 1247850SUSE bug 1247858SUSE bug 1250553SUSE bug 1256804SUSE bug 1256807SUSE bug 1256808SUSE bug 1256809SUSE bug 1256810SUSE bug 1256811SUSE bug 1256812SUSE bug 1257593SUSE bug 1257594SUSE bug 1257595CVE-2025-10911 at SUSECVE-2025-10911 at NVDCVE-2025-8732 at SUSECVE-2025-8732 at NVDCVE-2026-0990 at SUSECVE-2026-0990 at NVDCVE-2026-0992 at SUSECVE-2026-0992 at NVDCVE-2026-1757 at SUSECVE-2026-1757 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.8.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling (bsc#1253415).
ImportantSUSE bug 1253415CVE-2025-40130 at SUSECVE-2025-40130 at NVDcpe:/o:suse:sl-micro:6.2Recommended update for shim (Moderate)SUSE Linux Micro 6.2
This update for shim fixes the following issues:
This update for shim fixes the following issues:
shim is updated to version 16.1:
- shim_start_image(): fix guid/handle pairing when uninstalling protocols
- Fix uncompressed ipv6 netboot
- fix test segfaults caused by uninitialized memory
- SbatLevel_Variable.txt: minor typo fix.
- Realloc() needs to allocate one more byte for sprintf()
- IPv6: Add more check to avoid multiple double colon and illegal char
- Loader proto v2
- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages
- Generate Authenticode for the entire PE file
- README: mention new loader protocol and interaction with UKIs
- shim: change automatically enable MOK_POLICY_REQUIRE_NX
- Save var info
- add SbatLevel entry 2025051000 for PSA-2025-00012-1
- Coverity fixes 20250804
- fix http boot
- Fix double free and leak in the loader protocol
shim is updated to version 16.0:
- Validate that a supplied vendor cert is not in PEM format
- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)
- sbat: Also bump latest for grub,4 (and to todays date)
- undo change that limits certificate files to a single file
- shim: don't set second_stage to the empty string
- Fix SBAT.md for today's consensus about numbers
- Update Code of Conduct contact address
- make-certs: Handle missing OpenSSL installation
- Update MokVars.txt
- export DEFINES for sub makefile
- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition
- Null-terminate 'arguments' in fallback
- Fix "Verifiying" typo in error message
- Update Fedora CI targets
- Force gcc to produce DWARF4 so that gdb can use it
- Minor housekeeping 2024121700
- Discard load-options that start with WINDOWS
- Fix the issue that the gBS->LoadImage pointer was empty.
- shim: Allow data after the end of device path node in load options
- Handle network file not found like disks
- Update gnu-efi submodule for EFI_HTTP_ERROR
- Increase EFI file alignment
- avoid EFIv2 runtime services on Apple x86 machines
- Improve shortcut performance when comparing two boolean expressions
- Provide better error message when MokManager is not found
- tpm: Boot with a warning if the event log is full
- MokManager: remove redundant logical constraints
- Test import_mok_state() when MokListRT would be bigger than available size
- test-mok-mirror: minor bug fix
- Fix file system browser hang when enrolling MOK from disk
- Ignore a minor clang-tidy nit
- Allow fallback to default loader when encountering errors on network boot
- test.mk: don't use a temporary random.bin
- pe: Enhance debug report for update_mem_attrs
- Multiple certificate handling improvements
- Generate SbatLevel Metadata from SbatLevel_Variable.txt
- Apply EKU check with compile option
- Add configuration option to boot an alternative 2nd stage
- Loader protocol (with Device Path resolution support)
- netboot cleanup for additional files
- Document how revocations can be delivered
- post-process-pe: add tests to validate NX compliance
- regression: CopyMem() in ad8692e copies out of bounds
- Save the debug and error logs in mok-variables
- Add features for the Host Security ID program
- Mirror some more efi variables to mok-variables
- This adds DXE Services measurements to HSI and uses them for NX
- Add shim's current NX_COMPAT status to HSIStatus
- README.tpm: reflect that vendor_db is in fact logged as "vendor_db"
- Reject HTTP message with duplicate Content-Length header fields
- Disable log saving
- fallback: don't add new boot order entries backwards
- README.tpm: Update MokList entry to MokListRT
- SBAT Level update for February 2025 GRUB CVEs
ModerateSUSE bug 1205588SUSE bug 1247432SUSE bug 1254336SUSE bug 1254679CVE-2024-2312 at SUSECVE-2024-2312 at NVDcpe:/o:suse:sl-micro:6.2Security update for virtiofsd (Important)SUSE Linux Micro 6.2
This update for virtiofsd fixes the following issue:
- CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion
(bsc#1257912).
ImportantSUSE bug 1257912CVE-2026-25727 at SUSECVE-2026-25727 at NVDcpe:/o:suse:sl-micro:6.2Security update for helm (Moderate)SUSE Linux Micro 6.2
This update for helm fixes the following issues:
- Update to version 3.19.1:
* CVE-2025-47911: golang.org/x/net/html: Fixed various algorithms with
quadratic complexity when parsing HTML documents (bsc#1251442)
* CVE-2025-58190: golang.org/x/net/html: Fixed xcessive memory
consumption by `html.ParseFragment` when processing specially
crafted input (bsc#1251649)
* jsonschema: warn and ignore unresolved URN $ref to match
v3.18.4
* Avoid "panic: interface conversion: interface {} is nil"
* Fix `helm pull` untar dir check with repo urls
* Fix deprecation warning
* Add timeout flag to repo add and update flags
- Update to version 3.19.0:
* bump version to v3.19.0
* fix: use username and password if provided
* fix(helm-lint): fmt
* fix(helm-lint): Add TLSClientConfig
* fix(helm-lint): Add HTTP/HTTPS URL support for json schema references
* chore(deps): bump the k8s-io group with 7 updates
* fix: go mod tidy for v3
* fix Chart.yaml handling
* Handle messy index files
* json schema fix
* fix: k8s version parsing to match original
* Do not explicitly set SNI in HTTPGetter
* Disabling linter due to unknown issue
* Updating link handling
* fix: user username password for login
* Update pkg/registry/transport.go
* fix: add debug logging to oci transport
* fix: legacy docker support broken for login
* fix: plugin installer test with no Internet
* Handle an empty registry config file.
* Prevent fetching newReference again as we have in calling method
* Prevent failure when resolving version tags in oras memory store
* fix(client): skipnode utilization for PreCopy
* test: Skip instead of returning early. looks more intentional
* test: tests repo stripping functionality
* test: include tests for Login based on different protocol prefixes
* fix(client): layers now returns manifest - remove duplicate from descriptors
* fix(client): return nil on non-allowed media types
* Fix 3.18.0 regression: registry login with scheme
* Update pkg/plugin/plugin.go
* Wait for Helm v4 before raising when platformCommand and Command are set
* Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]"
* build(deps): bump the k8s-io group with 7 updates
* chore: update generalization warning message
* fix: move warning to top of block
* fix: govulncheck workflow
* fix: replace fmt warning with slog
* fix: add warning when ignore repo flag
* feat: add httproute from gateway-api to create chart template
- Update to version 3.18.6:
* fix(helm-lint): fmt
* fix(helm-lint): Add TLSClientConfig
* fix(helm-lint): Add HTTP/HTTPS URL support for json schema
references
- Update to version 3.18.5:
* fix Chart.yaml handling 7799b48 (Matt Farina)
* Handle messy index files dd8502f (Matt Farina)
* json schema fix cb8595b (Robert Sirchia)
- Fix shell completion dependencies
* Add BuildRequires to prevent inclusion of folders owned by shells.
* Add Requires because installing completions without appropriate
shell is questionable.
- Fix zsh completion location
ModerateSUSE bug 1251442SUSE bug 1251649CVE-2025-47911 at SUSECVE-2025-47911 at NVDCVE-2025-58190 at SUSECVE-2025-58190 at NVDcpe:/o:suse:sl-micro:6.2Security update for gstreamer-rtsp-server, gstreamer-plugins-ugly, gstreamer-plugins-rs, gstreamer-plugins-libav, gstreamer-plugins-good, gstreamer-plugins-base, gstreamer-plugins-bad, gstreamer-docs, gstreamer-devtools, gstreamer (Moderate)SUSE Linux Micro 6.2
This update for gstreamer-rtsp-server, gstreamer-plugins-ugly, gstreamer-plugins-rs, gstreamer-plugins-libav, gstreamer-plugins-good, gstreamer-plugins-base, gstreamer-plugins-bad, gstreamer-docs, gstreamer-devtools, gstreamer fixes the following issues:
Changes in gstreamer-rtsp-server:
- Update to version 1.26.7:
+ Fix issues with G_DISABLE_CHECKS & G_DISABLE_ASSERT.
+ rtsp-server: tests: Switch to fixtures to ensure pool shutdown
+ rtsp-server: tests: Fix a few memory leaks
Changes in gstreamer-plugins-ugly:
- Update to version 1.26.7:
+ No changes, stable version bump only.
Changes in gstreamer-plugins-rs:
- Update to version 1.26.7+git0.6ab75814:
* tracers: Fix inverted append logic when writing log files
* threadshare:
- examples: standalone: also handle buffer lists
- Pad push_list: downgrade Pad flushing log level
- sinks: fix / handle query()
- backpressure: abort pending items on flush start
- udpsink: fix panic recalculating latency from certain
executors
- audiotestsrc:
. support more Audio formats
. use AudioInfo
. fix latency
. act as a pseudo live source by default
- runtime task: execute action in downward transition
- example cleanups
- udpsink: distinguish sync status for latency & report added
latency
- sink elements: implement `send_event`
- dataqueue elements: report min and max latency
* rtp:
- Add linear audio (L8, L16, L24) RTP payloaders / depayloaders
* rtp: basedepay: reuse last PTS, when possible
* skia: Update to skia-safe 0.89
* mp4: Update to mp4-atom 0.9
* Update dependencies
* webrtc: livekit: Drop connection lock after take()
* onvifmetadatapay: copy metadata from source buffer
* fallbacksrc: Fix custom source reuse case
* add `rust-tls-native-roots` feature to the `reqwest` dep
* rtpamrpay2:
- Actually forward the frame quality indicator
- Set frame quality indicator flag
- Add patch to fix reproducibility of package build (boo#1237097)
- Update to version 1.26.6+git20.e287e869:
* Fix some new clippy 1.90 warnings
* colordetect: Don't use deprecated color_name API
* deny: Update
* quinn: Update to web-transport-quinn 0.8
* skia: Update to skia-safe 0.88
* Update Cargo.lock
* Allow windows-sys 0.61 too
* intersink: add sync property
* meson: Fix .pc files installation and simplify build output
handling. This also fixes the .pc file install directory and
ensures that the .pc files are only installed when static
builds is enabled.
- Drop devel subpackage following upstream changes.
- Update to version 1.26.6:
+ aws: Ensure task stopping on paused-to-ready state change
+ fallbacksrc:
- Don't panic during retries if the element was shut down in
parallel
- Don't restart source if the element is just being shut down
- Fix some custom source deadlocks
- Fix sources only being restarted once
+ gtk4: Try importing dmabufs withouth DMA_DRM caps
+ inter: Give the appsrc/appsink a name that has the parent
element as prefix
+ mp4: Skip tests using x264enc if it does not exist
+ rtpgccbwe: avoid clamp() panic when min_bitrate > max_bitrate
+ rtpmp4gdepay2: allow only constantduration with neither
constantsize nor sizelength set
+ rtprecv: fix race condition on first buffer
+ speechmatics: Specify rustls as an explicit dependency
+ spotify: update to librespot 0.7
+ threadshare:
- add a blocking adapter element
- always use block_on_or_add_subtask
- audiotestsrc: fix setting samples-per-buffer...
- blocking_adapter: fix Since marker in docs
- fix resources not available when preparing asynchronously
- fix ts-inter test one_to_one_up_first
- have: have Task log its obj
- intersink: return from blocking tasks when stopping
- inter: update doc example
- runtime/pad: lower log level pushing Buffer to flushing pad
- separate blocking & throttling schedulers
- update examples
- Update to getifaddrs 0.5
- Fix macOS build post getifaddrs 0.5 update
- Bump up getiffaddrs to 0.1.5 and revert "udp: avoid
getifaddrs in android"
- Reapply "udp: avoid getifaddrs in android"
+ transcriberbin: Fix some deadlocks
+ Update dependencies
+ webrtc: Migrate to warp 0.4 and switch to tokio-rustls
+ webrtc/signalling: Fix setting of host address
+ ci: add script to check readme against plugins list
+ Fix various new clippy 1.89 warnings
+ Don't suggest running cargo cinstall after cargo cbuild
+ meson: Isolate built plugins from cargo target directory
- Update to version 1.26.5+git11.949807a4 (boo#1248053,
CVE-2025-55159):
+ rtprecv: fix race condition on first buffer
+ threadshare: intersink: return from blocking tasks when
stopping
+ threadshare: inter: store upstream latency in InterContext
+ threadshare: add a blocking adapter element
+ transcriberbin: Fix settings/state lock order violation in
set_property()
+ transcriberbin: Don't keep state locked while querying upstream
latency
+ threadshare: audiotestsrc: fix setting samples-per-buffer...
+ rtpgccbwe: avoid clamp() panic when min_bitrate > max_bitrate
+ fallbacksrc: Don't restart source if the element is just being
shut down
+ aws: Ensure task stopping on paused-to-ready state change
+ fallbacksrc: Don't panic during retries if the element was shut
down in parallel
+ Update Cargo.lock.
- Update to version 1.26.5:
+ awstranscriber2, awstranslate: Handle multiple stream-start
event
+ ceaX08overlay: support ANY caps features, allowing e.g.
memory:GLMemory if downstream supports the overlay composition
meta
+ hlsmultivariantsink: Fix master playlist version
+ rtprecv: Drop state lock before chaining RTCP packets from the
RTP chain function
+ Add rtpbin2 examples
+ rtpmp4apay2: fix payload size prefix
+ rtp: threadshare: fix some property ranges
+ mpegtslivesrc: Remove leftover debug message
+ ts-audiotestsrc fixes
+ threadshare: fix flush for ts-queue ts-proxy & ts-intersrc
+ threadshare: fix regression in ts-proxysrc
+ threadshare: improvements to some elements
+ threadshare: Enable windows Win32_Networking feature
+ threadshare: queue & proxy: fix race condition stopping
+ threadshare: Also enable windows Win32_Networking_WinSock
feature
+ tracers: pipeline-snapshot: reduce WebSocket connection log
level
+ tracers: queue-levels: add support for threadshare DataQueue
related elements
+ tracers: Update to etherparse 0.19
+ transcriberbin: Fix handling of upstream latency query
+ webrtcsink: Move videorate before videoconvert and videoscale
to avoid processing frames that would be dropped
+ Fix various new clippy 1.89 warnings
- Update to version 1.26.4:
+ aws: s3hlssink: Write to S3 on OutputStream flush
+ cea708mux: fix clipping function
+ dav1ddec: Use video decoder base class latency reporting API
+ elevenlabssynthesizer: fix running time checks
+ gopbuffer: Push GOPs in order of time on EOS
+ gtk4: Improve color-state fallbacks for unknown values
+ gtk4: Add YCbCr memory texture formats
+ gtk4: Promote set_caps debug log to info
+ hlssink3: Fix a comment typo
+ hlssink3: Use closed fragment location in playlist generation
+ livekit: add room-timeout
+ mccparse: Convert "U" to the correct byte representation
+ mp4mux: add TAI timestamp element and muxing
+ threadshare: add a ts-rtpdtmfsrc element
+ rtp: Update to rtcp-types 0.2
+ rtpsend: Don't configure a zero min RTCP interval for senders
+ rtpbin2: Fix handling of unknown PTs and don't warn about
incomplete RTP caps to allow for bundling
+ rtpbin2: Improve rtcp-mux support
+ rtpbin2: fix race condition on serialized Queries
+ rtpbin2: sync: fix race condition
+ rtprecv optimize src pad scheduling
+ rtprecv: fix SSRC collision event sent in wrong direction
+ skia: Add harfbuzz, freetype and fontconfig as dependencies in
the meson build
+ tttocea{6,7}08: Disallow pango markup from input caps
+ ts-intersrc: handle dynamic inter-ctx changes
+ threadshare: src elements: don't pause the task in downward
state transitions
+ webrtc: sink: avoid recursive locking of the session
+ webrtcsink: fix deadlock on error setting remote description
+ webrtcsink: add mitigation modes parameter and signal
+ webrtc: fix Safari addIceCandidate crash
+ webrtc-api: Set default bundle policy to max-bundle
+ WHIP client: emit shutdown after DELETE request
+ Fix various new clippy 1.88 warnings
+ Update dependencies
- Update to version 1.26.3:
+ Add new speech synthesis element around ElevenLabs API
+ cea708mux: fix another WouldOverflow case
+ cea708mux: support configuring a limit to how much data will be
pending.
+ cea708overlay: also reset the output size on flush stop
+ gcc: handle out of order packets
+ fmp4mux: Fix panic on late GOP
+ livekit: expose a connection state property
+ mp4mux: add taic box
+ mp4mux: test the trak structure
+ pcap_writer: Make target-property and pad-path properties
writable again
+ skia: Don't build skia plugin by default for now
+ threadshare: cleanups & usability improvements
+ threadshare: sync runtime with latest async-io
+ threadshare: fix kqueue reactor
+ threadshare: Update to getifaddrs 0.2
+ threadshare: add new thread-sharing inter elements
+ threadshare: add a ts-rtpdtmfsrc element
+ transcriberbin: fix naming of subtitle pads
+ tttocea708: don't panic if a new service would overflow
+ webrtc: android: Update Gradle and migrate to
FindGStreamerMobile
+ webrtc: add new examples for stream selection over data channel
+ webrtcsrc: the webrtcbin get-transceiver index is not
mlineindex
+ webrtcsrc: send CustomUpstream events over control channel ..
+ webrtcsink: Don't require encoder element for pre-encoded
streams
+ webrtcsink: Don't reject caps events if the codec_data changes
+ whip: server: pick session-id from the endpoint if specified
+ cargo: add config file to force
CARGO_NET_GIT_FETCH_WITH_CLI=true
+ Cargo.lock, deny: Update dependencies and log duplicated
targo-lexicon
+ Update windows-sys dependency from ">=0.52, <=0.59" to ">=0.52,
<=0.60"
+ deny: Add override for windows-sys 0.59
+ deny: Update lints
+ cargo_wrapper: Fix backslashes being parsed as escape codes on
Windows
+ Fixes for Clock: non-optional return types
+ Rename relationmeta plugin to analytics
Changes in gstreamer-plugins-libav:
- Update to version 1.26.7:
+ No changes, stable versionbump only.
Changes in gstreamer-plugins-good:
- Update to version 1.26.7:
+ matroskamux: Properly check if pads are EOS in find_best_pad
+ qtdemux:
- Bad performance with GoPro videos containing FDSC metadata
tracks
- Fix open/seek perf for GoPro files with SOS track
- Handle unsupported channel layout tags gracefully
- Set channel-mask to 0 for unknown layout tags
+ rtspsrc: Send RTSP keepalives in TCP/interleaved modes
+ v4l2:
- Add GstV4l2Error handling in gst_v4l2_get_capabilities
- Fix memory leak for DRM caps negotiation
+ v4l2transform: reconfigure v4l2object only if respective caps
changed
+ Fix issues with G_DISABLE_CHECKS & G_DISABLE_ASSERT
- Update to version 1.26.6:
+ adaptivedemux2: fix crash due to log
+ adaptivedemux2: Crash in logging when "Dropping EOS before next
period"
+ hlsdemux2: Fix parsing of byterange and init map directives
+ mpg123audiodec: Always break the decoding loop and relay
downstream flow errors upstream
+ v4l2: Add support for WVC1 and WMV3
+ Monorepo: dv plugin requires explicit enablement now for a
build using the Meson subproject fallback
- Update to version 1.26.5:
+ 4l2: fix memory leak for dynamic resolution change
+ videorate, imagefreeze: add support for JPEG XS
- Update to version 1.26.4:
+ adaptivedemux2: Fixed reverse playback
+ matroskademux: Send tags after seeking
+ qtdemux: Fix incorrect FourCC used when iterating over sbgp
atoms
+ qtdemux: Incorrect sibling type used in sbgp iteration loop
+ rtph265pay: add profile-id, tier-flag, and level-id to output
rtp caps
+ rtpjpeg: fix copying of quant data if it spans memory segments
+ soup: Disable range requests when talking to Python's
http.server
+ v4l2videodec: need replace acquired_caps on set_format success
+ Fix various valgrind/test errors when GST_DEBUG is enabled
+ More valgrind and test fixes
+ Various ASAN fixes
- Update to version 1.26.3:
+ aacparse: Fix counting audio channels in program_config_element
+ adaptivedemux2: free cancellable when freeing transfer task
+ dashdemux2: Fix seeking in a stream with gaps
+ decodebin wavparse cannot pull header
+ imagefreeze: fix not negotiate log when stop
+ osxvideosink: Use gst_pad_push_event() and post navigation
messages
+ qml6glsink: Allow configuring if the item will consume input
events
+ qtmux: Update chunk offsets when converting stco to co64 with
faststart
+ splitmuxsink: Only send closed message once per open fragment
+ rtph265depay: CRA_NUT can also start an (open) GOP
+ rtph265depay: fix codec_data generation
+ rtspsrc: Don't emit error during close if server is EOF
+ twcc: Fix reference timestamp wrapping (again)
+ v4l2: Fix possible internal pool leak
+ v4l2object: Add support for colorimetry bt2100-pq and 1:4:5:3
+ wavparse: Don't error out always when parsing acid chunks
Changes in gstreamer-plugins-base:
- Update to version 1.26.7:
+ discoverer: Mark gst_discoverer_stream_info_list_free() as
transfer full
+ riff: Add channel reorder maps for 3 and 7 channel audio
+ sdp: proper usage of gst_buffer_append
+ videorate: fix assert fail due to invalid buffer duration
+ Fix build error with glib < 2.68
- Update to version 1.26.6:
+ decodebin3: Update stream tags
+ rtpbasedepayload: Avoid potential use-after free
+ rtspconnection: Add get_url and get_ip return value annotation
+ gst_rtsp_connection_get_url return value transfer annotation
missing
+ videometa: Fix valgrind warning when deserializing video meta
+ videorate: don't hold the reference to the buffer in drop-only
mode
+ gst-device-monitor-1.0: Fix device-path regression on Windows
+ gst-device-monitor-1.0: Add quoting for powershell and cmd
+ Monorepo: opengl, vorbis, plugins require explicit enablement
now for a build using the Meson subproject fallback
- Update to version 1.26.5:
+ audioconvert: mix-matrix causes caps negotiation failure
+ decodebin3: Don't error on an incoming ONVIF metadata stream
+ gloverlay: Recompute geometry when caps change, and load
texture after stopping and starting again
+ uridecodebin3: Add missing locking and NULL checks when adding
URIs to messages
+ uridecodebin3: segfault in update_message_with_uri() if no
decoder available
+ videorate, imagefreeze: add support for JPEG XS
+ gst-device-monitor-1.0: Add shell quoting for launch lines
+ gst-device-monitor-1.0: Fix criticals, and also accept utf8 in
launch lines
+ gst-device-monitor-1.0: Use gst_print instead of g_print
- Update to version 1.26.4:
+ Revert "streamsynchronizer: Consider streams having received
stream-start as waiting"
+ alsa: free conf cache under valgrind
+ gst-device-monitor: Fix caps filter splitting
+ Fix various valgrind/test errors when GST_DEBUG is enabled
+ More valgrind and test fixes
+ Various ASAN fixes
- Update to version 1.26.3:
+ GstAudioAggregator: fix structure unref in peek_next_sample()
+ audioconvert: Fix setting mix-matrix when input caps changes
+ encodebasebin: Duplicate encoding profile in property setter
+ gl: simplify private
gst_gl_gst_meta_api_type_tags_contain_only()
+ osxvideosink: Use gst_pad_push_event() and post navigation
messages
+ playsink: Fix race condition in stream synchronizer pad cleanup
during state changes
+ python: Fix pulling events from appsink
+ streamsynchronizer: Consider streams having received
stream-start as waiting
+ urisourcebin: Text tracks are no longer set as sparse stream in
urisourcebin's multiqueue
Changes in gstreamer-plugins-bad:
- Update to version 1.26.7:
+ cuda: Fix runtime kernel compile with CUDA 13.0
+ d3d12convert: Fix crop meta support
+ d3d12deinterlace: Fix passthrough handling
+ gst: Fix a few small leaks
+ matroskamux: Properly check if pads are EOS in find_best_pad
+ tsdemux: Directly forward Opus AUs without opus_control_header
+ tsmux: Write a full Opus channel configuration if no matching
Vorbis one is found
+ unixfd: Fix case of buffer with big payload
+ vacompositor: Correct scale-method properties
+ webrtc: nice: Fix a use-after-free and a mem leak
+ Fix all compiler warnings on Fedora
+ Fix issues with G_DISABLE_CHECKS & G_DISABLE_ASSERT
- Update to version 1.26.6:
+ analytics: always add GstTensorMeta
+ cccombiner: Crash fixes
+ curlsmtpsink: adapt to date formatting issue
+ decklinkvideosrc: fix decklinkvideosrc becomes unrecoverable if
it fails to start streaming
+ decklinkvideosrc gets into unrecoverable state if device is
busy
+ dwrite: Fix D3D12 critical warning
+ hlsdemux: Fix parsing of byterange and init map directives
+ mpegtsmux: Caps event fails with stream type change error
+ vulkanh24xdec: couple of fixes
+ vulkanh26xdec: fix discont state handling
+ waylandsink: add some error handler for event dispatch
+ zbar: tests: Handle symbol-bytes as not null-terminated
+ Monorepo: avtp, codec2json, iqa, microdns, openjpeg, qroverlay,
soundtouch, tinyalsa plugins require explicit enablement now
for a build using the Meson subproject fallback
- Update to version 1.26.5:
+ av1parse: Don't error out on "currently" undefined seq-level
indices
+ av1parse: fails to parse AV1 bitstreams generated by FFmpeg
using the av1_nvenc hardware encoder
+ d3d12screencapturedevice: Avoid false device removal on monitor
reconfiguration
+ d3d12screencapturesrc: Fix OS handle leaks/random crash in WGC
mode
+ meson: d3d12: Add support for MinGW DirectXMath package
+ va: Re-negotiate after FLUSH
+ vaXXXenc: calculate latency with corrected framerate
+ vaXXXenc: fix potential race condition
+ vkphysicaldevice: enable sampler ycbcr conversion,
synchronization2 and timeline semaphore features
+ vulkan: ycbcr conversion extension got promoted in 1.1.0
+ wasapi2: Port to IMMDevice based device selection
- Fix really disabling faad when building without faad support.
- Do not build with faad in SLE16 where faad2 is not available.
- Update to version 1.26.4:
+ avtp: crf: Setup socket during state change to ensure we handle
failure
+ d3d12screencapture: Add support for monitor add/remove in
device provider
+ mpegtsmux: fix double free caused by shared PMT descriptor
+ openh264: Ensure src_pic is initialized before use
+ rtmp2src: various fixes to make it play back AWS medialive
streams
+ ssdobjectdetector: Use correct tensor data index for the scores
+ v4l2codecs: h265dec: Fix zero-copy of cropped window located at
position 0,0
+ vp9parse: Fix handling of spatial SVC decoding
+ vp9parse: Revert "Always default to super-frame"
+ vtenc: Fix negotiation failure with profile=main-422-10
+ vulkan: Fix drawing too many triangles in fullscreenquad
+ vulkanfullscreenquad: add locks for synchronisation
+ Fix various valgrind/test errors when GST_DEBUG is enabled
+ More valgrind and test fixes
+ Various ASAN fixes
- Provide and Obsolete gstreamer-1.20-plugin-openh264 too, not just
gstreamer-plugin-openh264.
- Update to version 1.26.3:
+ amc: Overhaul hw-accelerated video codecs detection
+ bayer2rgb: Fix RGB stride calculation
+ d3d12compositor: Fix critical warnings
+ dashsink: Fix failing test
+ decklink: calculate internal using values closer to the current
clock times
+ decklinkvideosink: show preroll frame correctly
+ decklink: clock synchronization after pause
+ h266parser: Fix overflow when parsing subpic_level_info
+ lcevcdec: Check for errors after receiving all enhanced and
base pictures
+ meson: fix building -bad tests with disabled soundtouch
+ mpegts: handle MPEG2-TS with KLV metadata safely by preventing
out of bounds
+ mpegtsmux: Corrections around Teletext handling
+ srtsink: Fix header buffer filtering
+ transcoder: Fix uritranscodebin reference handling
+ tsdemux: Allow access unit parsing failures
+ tsdemux: Send new-segment before GAP
+ vulkanupload: fix regression for uploading VulkanBuffer
+ vulkanupload: fix regression when uploading to single memory
multiplaned memory images
+ webrtcbin: disconnect signal ICE handlers on dispose
+ {d3d12,d3d11}compositor: Fix negative position handling
+ {nv,d3d12,d3d11}decoder: Use interlace info in input caps
- Build with noopenh264, move plugin to main package.
- Drop conditionals for fdk-aac, explicitly build it for all
targets.
- Move faad plugin to main package.
Changes in gstreamer-docs:
- Update to version 1.26.7:
+ No changes, stable bump only.
+ Update docs.
Changes in gstreamer-devtools:
- Update to version 1.26.7:
+ Fix issues with G_DISABLE_CHECKS & G_DISABLE_ASSERT
- Update to version 1.26.6:
+ validate: http-actions: Replace GUri with GstURI for GLib 2.64
compatibility
+ Fix memory leak and use of incorrect context
- Update to version 1.26.5:
+ No changes, stable bump only.
- Update vendored dependencies (boo#1248053, CVE-2025-55159).
- Update to version 1.26.4:
+ Update various Rust dependencies
- Update to version 1.26.3:
+ validate: More memory leaks
+ validate: Valgrind fixes
Changes in gstreamer:
- Update to version 1.26.7:
+ Highlighted bugfixes in 1.26.7:
- cea608overlay: improve handling of non-system memory
- cuda: Fix runtime kernel compile with CUDA 13.0
- d3d12: Fix crop meta support in converter and passthrough
handling in deinterlacer
- fallbacksrc: source handling improvements; no-more-pads
signal for streams-unaware parents
- inter: add properties to fine tune the inner elements
- qtdemux: surround sound channel layout handling fixes and
performance improvements for GoPro videos
- rtp: Add linear audio (L8, L16, L24) RTP payloaders /
depayloaders
- rtspsrc: Send RTSP keepalives in TCP/interleaved modes
- rtpamrpay2: frame quality indicator flag related fixes
- rtpbasepay2: reuse last PTS when possible, to work around
problems with NVIDIA Jetson AV1 encoder
- mpegtsmux, tsdemux: Opus audio handling fixes
- threadshare: latency related improvements and many other
fixes
- matroskamux, tsmux, flvmux, cea608mux: Best pad determination
fixes at EOS
- unixfd: support buffers with a big payload
- videorate unknown buffer duration assertion failure with
variable framerates
- editing services: Make GESTimeline respect
SELECT_ELEMENT_TRACK signal discard decision; memory leak
fixes
- gobject-introspection annotation fixes
- cerbero: Update meson to 1.9.0 to enable Xcode 26
compatibility
- Various bug fixes, build fixes, memory leak fixes, and other
stability and reliability improvements
+ gstreamer:
- controller: Fix get_all() return type annotation
- gst-launch: Do not assume error messages have a src element
- multiqueue: Fix object reference handling in signal callbacks
- netclientclock: Fix memory leak in error paths
- Update to version 1.26.6:
+ Highlighted bugfixes in 1.26.6:
- analytics GstTensorMeta handling changes (see note below)
- closed caption combiner and transcriberbin stability fixes
- decklinkvideosrc: fix unrecoverable state after failing to
start streaming because device is busy
- decodebin3 tag handling improvements
- fallbacksrc: Fix sources only being restarted once, as well
as some deadlocks and race conditions on shutdown
- gtk4paintablesink: Try importing dmabufs withouth DMA_DRM
caps
- hlsdemux2: Fix parsing of byterange and init map directives
- rtpmp4gdepay2: allow only constantduration with neither
constantsize nor sizelength set
- spotifysrc: update to librespot 0.7 to make work after recent
Spotify changes
- threadshare: new blocking adapter element for use in front of
block elements such as sinks that sync to the clock
- threadshare: various other threadshare element fixes and
improvements
- v4l2: Add support for WVC1 and WMV3
- videorate: possible performance improvements when operating
in drop-only mode
- GstBaseParse fixes
- Vulkan video decoder fixes
- Fix gst-device-monitor-1.0 tool device-path regression on
Windows
- Monorepo development environment builds fewer plugins using
subprojects by default, those require explicit enablement now
- Python bindings: Handle buffer PTS, DTS, duration, offset,
and offset-end as unsigned long long (regression fix)
- Cerbero: Reduce recipe parallelism in various cases and dump
cerbero and recipe versions into datadir during packaging
- Various bug fixes, build fixes, memory leak fixes, and other
stability and reliability improvements
+ Possibly breaking behavioural changes:
- Previously it was guaranteed that there is only ever up to
one GstTensorMeta per buffer. This is no longer true and code
working with GstTensorMeta must be able to handle multiple
GstTensorMeta now.
+ gstreamer:
- baseparse: Try harder to fixate caps based on upstream in
default negotiation
- gst-discoverer reports 1x1 dimensions for "valid" MP4 files
- baseparse: don't clear most sticky events after a FLUSH_STOP
event
- gstreamer: Disable miniobject inline functions for
gobject-introspection for non-subprojects too
- gstreamer: Make sure to zero-initialize the GValue before
G_VALUE_COLLECT_INIT
- ptp: Fix a new Rust 1.89 compiler warning on Windows
- ptp: Fix new compiler warning with Rust 1.89
- Segmentation fault when compiled with
"-ftrivial-auto-var-init=pattern". Use of unitialized GValue
- Update to version 1.26.5:
+ Highlighted bugfixes:
- audioconvert: Fix caps negotiation regression when using a
mix matrix
- cea608overlay, cea708overlay: Accept GPU memory buffers if
downstream supports the overlay composition meta
- d3d12screencapture source element and device provider fixes
- decodebin3: Don't error on an incoming ONVIF metadata stream
- uridecodebin3: Fix potential crash when adding URIs to
messages, e.g. if no decoder is available
- v4l2: Fix memory leak for dynamic resolution change
- VA encoder fixes
- videorate, imagefreeze: Add support for JPEG XS
- Vulkan integration fixes
- wasapi2 audio device monitor improvements
- threadshare: Many improvements and fixes to the generic
threadshare and RTP threadshare elements
- rtpbin2 improvements and fixes
- gst-device-monitor-1.0 command line tool improvements
- Various bug fixes, build fixes, memory leak fixes, and other
stability and reliability improvements
+ gstreamer:
- aggregator: add sub_latency_min to pad queue size
- build: Disable C5287 warning on MSVC
- Update to version 1.26.4:
+ Highlighted bugfixes in 1.26.4:
- adaptivedemux2: Fixed reverse playback
- d3d12screencapture: Add support for monitor add/remove in
device provider
- rtmp2src: various fixes to make it play back AWS medialive
streams
- rtph265pay: add profile-id, tier-flag, and level-id to output
rtp caps
- vp9parse: Fix handling of spatial SVC decoding
- vtenc: Fix negotiation failure with profile=main-422-10
- gtk4paintablesink: Add YCbCr memory texture formats and other
improvements
- livekit: add room-timeout
- mp4mux: add TAI timestamp muxing support
- rtpbin2: fix various race conditions, plus other bug fixes
and performance improvements
- threadshare: add a ts-rtpdtmfsrc element, implement run-time
input switching in ts-intersrc
- webrtcsink: fix deadlock on error setting remote description
and other fixes.
- cerbero: WiX installer: fix missing props files in the MSI
packages
- smaller macOS/iOS package sizes
- Various bug fixes, build fixes, memory leak fixes, and other
stability and reliability improvements
+ gstreamer:
- tracers: Fix deadlock in latency tracer
- Fix various valgrind/test errors when GST_DEBUG is enabled
- More valgrind and test fixes
- Various ASAN fixes
- Update to version 1.26.3:
+ Highlighted bugfixes in 1.26.3:
- Security fix for the H.266 video parser
- Fix regression for WAV files with acid chunks
- Fix high memory consumption caused by a text handling
regression in uridecodebin3 and playbin3
- Fix panic on late GOP in fragmented MP4 muxer
- Closed caption conversion, rendering and muxing improvements
- Decklink video sink preroll frame rendering and clock drift
handling fixes
- MPEG-TS demuxing and muxing fixes
- MP4 muxer fixes for creating very large files with faststart
support
- New thread-sharing 1:N inter source and sink elements, and a
ts-rtpdtmfsrc
- New speech synthesis element around ElevenLabs API
- RTP H.265 depayloader fixes and improvements, as well as TWCC
and GCC congestion control fixes
- Seeking improvements in DASH client for streams with gaps
- WebRTC sink and source fixes and enhancements, including to
LiveKit and WHIP signallers
- The macOS osxvideosink now posts navigation messages
- QtQML6GL video sink input event handling improvements
- Overhaul detection of hardware-accelerated video codecs on
Android
- Video4Linux capture source fixes and support for BT.2100 PQ
and 1:4:5:3 colorimetry
- Vulkan buffer upload and memory handling regression fixes
- gst-python: fix various regressions introduced in 1.26.2
- cerbero: fix text relocation issues on 32-bit Android and fix
broken VisualStudio VC templates
- packages: ship pbtypes plugin and update openssl to 3.5.0 LTS
- Various bug fixes, build fixes, memory leak fixes, and other
stability and reliability improvements
+ gstreamer:
- aggregator: Do not set event seqnum to INVALID
- baseparse: test: Fix race on test start
- pad: Only remove TAG events on STREAM_START if the stream-id
actually changes
- utils: Mark times array as static to avoid symbol conflict
with the POSIX function
- vecdeque: Use correct index type gst_vec_deque_drop_struct()
ModerateSUSE bug 1237097SUSE bug 1248053CVE-2025-55159 at SUSECVE-2025-55159 at NVDcpe:/o:suse:sl-micro:6.2Security update for qemu (Moderate)SUSE Linux Micro 6.2
This update for qemu fixes the following issues:
- Update to version 10.0.8
- CVE-2025-14876: Fixed unbounded allocation in virtio-crypto. (bsc#1255400)
- CVE-2026-0665: Fixed PIRQ bounds check in xen_physdev_map_pirq. (bsc#1256484)
ModerateSUSE bug 1255400SUSE bug 1256484SUSE bug 1257474SUSE bug 1257492CVE-2025-14876 at SUSECVE-2025-14876 at NVDCVE-2026-0665 at SUSECVE-2026-0665 at NVDcpe:/o:suse:sl-micro:6.2Security update for rust-keylime (Important)SUSE Linux Micro 6.2
This update for rust-keylime fixes the following issues:
- Update to version 0.2.8+116:
- CVE-2026-25727: Update vendored crates to fix a date parser can lead to stack exhaustion in Time. (bsc#1257908)
ImportantSUSE bug 1247193SUSE bug 1248006SUSE bug 1257908CVE-2025-55159 at SUSECVE-2025-55159 at NVDCVE-2025-58266 at SUSECVE-2025-58266 at NVDCVE-2026-25727 at SUSECVE-2026-25727 at NVDcpe:/o:suse:sl-micro:6.2Security update for python-maturin (Important)SUSE Linux Micro 6.2
This update for python-maturin fixes the following issue:
- CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion
(bsc#1257918).
ImportantSUSE bug 1257918CVE-2026-25727 at SUSECVE-2026-25727 at NVDcpe:/o:suse:sl-micro:6.2Security update for libpng16 (Important)SUSE Linux Micro 6.2
This update for libpng16 fixes the following issues:
- CVE-2026-25646: Heap buffer overflow vulnerability in png_set_dither/png_set_quantize (bsc#1258020)
- CVE-2025-28162: Fixed a memory leaks when running `pngimage`. (bsc#1257364)
- CVE-2025-28164: Fixed a memory leaks when running `pngimage`. (bsc#1257365)
ImportantSUSE bug 1257364SUSE bug 1257365SUSE bug 1258020CVE-2025-28162 at SUSECVE-2025-28162 at NVDCVE-2025-28164 at SUSECVE-2025-28164 at NVDCVE-2026-25646 at SUSECVE-2026-25646 at NVDcpe:/o:suse:sl-micro:6.2Security update for net-snmp (Important)SUSE Linux Micro 6.2
This update for net-snmp fixes the following issues:
- CVE-2025-68615: Fixed snmptrapd buffer overflow (bsc#1255491).
ImportantSUSE bug 1255491CVE-2025-68615 at SUSECVE-2025-68615 at NVDcpe:/o:suse:sl-micro:6.2Security update for libsoup (Important)SUSE Linux Micro 6.2
This update for libsoup fixes the following issues:
Update to libsoup 3.6.6:
- CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion (bsc#1252555).
- CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (bsc#1254876).
- CVE-2025-32049: Denial of Service attack to websocket server (bsc#1240751).
- CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398).
- CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects
(bsc#1257441).
- CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request
smuggling and potential DoS (bsc#1257597).
- CVE-2026-2369: Buffer overread due to integer underflow when handling zero-length resources (bsc#1258120).
- CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information
disclosure to remote attackers (bsc#1258170).
- CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).
Changelog:
- websocket: Fix out-of-bounds read in process_frame
- Check nulls returned by soup_date_time_new_from_http_string()
- Numerous fixes to handling of Range headers
- server: close the connection after responsing a request
containing Content-Length and Transfer-Encoding
- Use CRLF as line boundary when parsing chunked enconding data
- websocket: do not accept messages frames after closing due to
an error
- Sanitize filename of content disposition header values
- Always validate the headers value when coming from untrusted
source
- uri-utils: do host validation when checking if a GUri is valid
- multipart: check length of bytes read
soup_filter_input_stream_read_until()
- message-headers: Reject duplicate Host headers
- server: null-check soup_date_time_to_string()
- auth-digest: fix crash in
soup_auth_digest_get_protection_space()
- session: fix 'heap-use-after-free' caused by 'finishing' queue
item twice
- cookies: Avoid expires attribute if date is invalid
- http1: Set EOF flag once content-length bytes have been read
- date-utils: Add value checks for date/time parsing
- multipart: Fix multiple boundry limits
- Fixed multiple possible memory leaks
- message-headers: Correct merge of ranges
- body-input-stream: Correct chunked trailers end detection
- server-http2: Correctly validate URIs
- multipart: Fix read out of buffer bounds under
soup_multipart_new_from_message()
- headers: Ensure Request-Line comprises entire first line
- tests: Fix MSVC build error
- Fix possible deadlock on init from gmodule usage
- Updated translations.
ImportantSUSE bug 1240751SUSE bug 1252555SUSE bug 1254876SUSE bug 1257398SUSE bug 1257441SUSE bug 1257597SUSE bug 1258120SUSE bug 1258170SUSE bug 1258508CVE-2025-12105 at SUSECVE-2025-12105 at NVDCVE-2025-14523 at SUSECVE-2025-14523 at NVDCVE-2025-32049 at SUSECVE-2025-32049 at NVDCVE-2026-1467 at SUSECVE-2026-1467 at NVDCVE-2026-1539 at SUSECVE-2026-1539 at NVDCVE-2026-1760 at SUSECVE-2026-1760 at NVDCVE-2026-2369 at SUSECVE-2026-2369 at NVDCVE-2026-2443 at SUSECVE-2026-2443 at NVDCVE-2026-2708 at SUSECVE-2026-2708 at NVDcpe:/o:suse:sl-micro:6.2Security update for protobuf (Moderate)SUSE Linux Micro 6.2
This update for protobuf fixes the following issues:
Security fixes:
- CVE-2025-4565: Fixed parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive
groups or messages that could lead to crash due to RecursionError (bsc#1244663).
- CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python json_format.ParseDict (bsc#1257173).
Other fixes:
- Fixed import issues of reverse-dependency packages within the google namespace (bsc#1244918).
ModerateSUSE bug 1244663SUSE bug 1244918SUSE bug 1257173CVE-2025-4565 at SUSECVE-2025-4565 at NVDCVE-2026-0994 at SUSECVE-2026-0994 at NVDcpe:/o:suse:sl-micro:6.2Security update for librsvg (Moderate)SUSE Linux Micro 6.2
This update for librsvg fixes the following issues:
Update to version 2.60.2:
- CVE-2024-12224: Fixed idna accepts Punycode labels that do not produce any non-ASCII when decoded (bsc#1243867).
- CVE-2024-43806: Fixed memory explosion in rustix (bsc#1229950).
ModerateSUSE bug 1229376SUSE bug 1229950SUSE bug 1243867CVE-2024-12224 at SUSECVE-2024-12224 at NVDCVE-2024-43806 at SUSECVE-2024-43806 at NVDcpe:/o:suse:sl-micro:6.2Security update for libsodium (Moderate)SUSE Linux Micro 6.2
This update for libsodium fixes the following issues:
- CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070).
ModerateSUSE bug 1256070CVE-2025-15444 at SUSECVE-2025-15444 at NVDcpe:/o:suse:sl-micro:6.2Security update for ucode-intel (Moderate)SUSE Linux Micro 6.2
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20260210 release (bsc#1258046):
- CVE-2024-24853: Updated fix for incorrect behavior order in transition
between executive monitor and SMI transfer monitor (STM) in some Intel(R)
Processor may allow a privileged user to potentially enable escalation
of privilege via local access (bsc#1229129).
- CVE-2025-31648: Improper handling of values in the
microcode flow for some Intel Processor Family may allow
an escalation of privilege (bsc#1258046).
- Intel CPU Microcode was updated to the 20251111 release (bsc#1253319):
- Update for functional issues.
- switch the supplements to use supplements + kernel to allow
moving a installation to Intel hardware (bsc#1249138)
- Intel CPU Microcode was updated to the 20241029 release (bsc#1230400):
- Update for functional issues.
ModerateSUSE bug 1229129SUSE bug 1230400SUSE bug 1249138SUSE bug 1253319SUSE bug 1258046CVE-2024-24853 at SUSECVE-2024-24853 at NVDCVE-2025-31648 at SUSECVE-2025-31648 at NVDcpe:/o:suse:sl-micro:6.2Security update for vim (Important)SUSE Linux Micro 6.2
This update for vim fixes the following issues:
- Update Vim to version 9.2.0110 that includes security fixes for:
* CVE-2026-28417: crafted URL parsed by netrw plugin can lead to execute arbitrary shell commands (bsc#1259051).
* CVE-2026-26269: stack buffer overflow in Vim's NetBeans integration when processing the specialKeys command (bsc#1258229).
* CVE-2025-53906: path traversal in Vim's zip.vim plugin (bsc#1246602).
- Other changes:
* Add wayland-client to BuildRequires and enable Wayland support.
* Add Wayland include path to CFLAGS to fix clipboard compilation.
* Package new Swedish (sv) man pages and clean up duplicate encodings (sv.ISO8859-1 and sv.UTF-8).
ImportantSUSE bug 1246602SUSE bug 1258229SUSE bug 1259051CVE-2025-53906 at SUSECVE-2025-53906 at NVDCVE-2026-26269 at SUSECVE-2026-26269 at NVDCVE-2026-28417 at SUSECVE-2026-28417 at NVDcpe:/o:suse:sl-micro:6.2Security update for curl (Important)SUSE Linux Micro 6.2
This update for curl fixes the following issues:
- CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362).
- CVE-2026-3783: token leak with redirect and netrc (bsc#1259363).
- CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364).
- CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365).
ImportantSUSE bug 1259362SUSE bug 1259363SUSE bug 1259364SUSE bug 1259365CVE-2026-1965 at SUSECVE-2026-1965 at NVDCVE-2026-3783 at SUSECVE-2026-3783 at NVDCVE-2026-3784 at SUSECVE-2026-3784 at NVDCVE-2026-3805 at SUSECVE-2026-3805 at NVDcpe:/o:suse:sl-micro:6.2Security update for python-tornado6 (Important)SUSE Linux Micro 6.2
This update for python-tornado6 fixes the following issues:
- CVE-2026-31958: parsing large multipart bodies with many parts can cause a denial of service (bsc#1259553).
- incomplete validation of cookie attributes allows for injection of user-controlled values in other cookie attributes
(bsc#1259630).
ImportantSUSE bug 1259553SUSE bug 1259630CVE-2026-31958 at SUSECVE-2026-31958 at NVDcpe:/o:suse:sl-micro:6.2Security update for harfbuzz (Moderate)SUSE Linux Micro 6.2
This update for harfbuzz fixes the following issues:
Update to version 11.4.5:
Security fixes:
- CVE-2026-22693: Fixed a NULL pointer dereference in SubtableUnicodesCache::create (bsc#1256459).
Other fixes:
- Bug fixes for “AAT” shaping, and other shaping micro
optimizations.
- Fix a shaping regression affecting mark glyphs in certain
fonts.
- Fix pruning of mark filtering sets when subsetting fonts, which
caused changes in shaping behaviour.
- Make shaping fail much faster for certain malformed fonts
(e.g., those that trigger infinite recursion).
- Fix undefined behaviour introduced in 11.4.2.
- Fix detection of the “Cambria Math” font when fonts are scaled,
so the workaround for the bad MATH table constant is applied.
- Various performance and memory usage improvements.
- The hb-shape command line tool can now be built with the
amalgamated harfbuzz.cc source.
- Fix regression in handling version 2 of avar table.
- Increase various buffer length limits for better handling of
fonts that generate huge number of glyphs per codepoint (e.g.
Noto Sans Duployan).
- Improvements to the harfrust shaper for more accurate testing.
- Fix clang compiler warnings.
- General shaping and subsetting speedups.
- Fix in Graphite shaping backend when glyph advances became
negative.
- Subsetting improvements, pruning empty mark-attachment lookups.
- Don't use the macro name _S, which is reserved by system
liberaries.
- Build fixes and speedup.
- Add a kbts shaping backend that calls into the kb_text_shape
single-header shaping library. This is purely for testing and
performance evaluation and we do NOT recommend using it for any
other purposes.
- Fix bug in vertical shaping of fonts without the vmtx table.
- Fix build with non-compliant C++11 compilers that don't
recognize the "and" keyword.
- Fix crasher in the glyph_v_origin function introduced in
11.3.0.
- Speed up handling fonts with very large number of variations.
- Speed up getting horizontal and vertical glyph advances by up
to 24%.
- Significantly speed up vertical text shaping.
- Various documentation improvements.
- Various build improvements.
- Various subsetting improvements.
- Various improvements to Rust font functions (fontations
integration) and shaper (HarfRust integration).
- Rename harfruzz option and shaper to harfrust following
upstream rename.
- Implement hb_face_reference_blob() for DirectWrite font
functions.
- Various build improvements.
- Fix build with HB_NO_DRAW and HB_NO_PAINT.
- Add an optional harfruzz shaper that uses HarfRuzz; an ongoing
Rust port of HarfBuzz shaping. This shaper is mainly used for
testing the output of the Rust implementation.
- Fix regression that caused applying unsafe_to_break() to the
whole buffer to be ignored.
- Update USE data files.
- Fix getting advances of out-of-rage glyph indices in
DirectWrite font functions.
- Painting of COLRv1 fonts without clip boxes is now about 10
times faster.
- Synthetic bold/slant of a sub font is now respected, instead of
using the parent’s.
- Glyph extents for fonts synthetic bold/slant are now accurately
calculated.
- Various build fixes.
- Include bidi mirroring variants of the requested codepoints
when subsetting. The new HB_SUBSET_FLAGS_NO_BIDI_CLOSURE can be
used to disable this behaviour.
- Various bug fixes.
- Various build fixes and improvements.
- Various test suite improvements.
- The change in version 10.3.0 to apply “trak” table tracking
values to glyph advances directly has been reverted as it
required every font functions implementation to handle it,
which breaks existing custom font functions. Tracking is
instead back to being applied during shaping.
- When directwrite integration is enabled, we now link to
dwrite.dll instead of dynamically loading it.
- A new experimental APIs for getting raw “CFF” and “CFF2”
CharStrings.
- We now provide manpages for the various command line utilities.
Building manpages requires “help2man” and will be skipped if it
is not present.
- The command line utilities now set different return value for
different kinds of failures. Details are provided in the
manpages.
- Various fixes and improvements to fontations font functions.
- All shaping operations using the ot shaper have become memory
allocation-free.
- Glyph extents returned by hb-ot and hb-ft font functions are
now rounded in stead of flooring/ceiling them, which also
matches what other font libraries do.
- Fix “AAT” deleted glyph marks interfering with fallback mark
positioning.
- Glyph outlines emboldening have been moved out of hb-ot and
hb-ft font functions to the HarfBuzz font layer, so that it
works with any font functions implementation.
- Fix our fallback C++11 atomics integration, which seems to not
be widely used.
- Various testing fixes and improvements.
- Various subsetting fixes and improvements.
- Various other fixes and improvements.
ModerateSUSE bug 1256459CVE-2026-22693 at SUSECVE-2026-22693 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 3 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1255052).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255052SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644CVE-2025-40214 at SUSECVE-2025-40214 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1255052).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255052SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40214 at SUSECVE-2025-40214 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1255052).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255052SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40214 at SUSECVE-2025-40214 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1256624SUSE bug 1256644CVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1255052).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255052SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40214 at SUSECVE-2025-40214 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.2Security update for nghttp2 (Important)SUSE Linux Micro 6.2
This update for nghttp2 fixes the following issue:
- CVE-2026-27135: assertion failure due to missing state validation can lead to DoS (bsc#1259845).
ImportantSUSE bug 1259845CVE-2026-27135 at SUSECVE-2026-27135 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Important)SUSE Linux Micro 6.2
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues.
The following security issues were fixed:
- CVE-2025-39753: gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops (bsc#1249590).
- CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966).
- CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911).
- CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924).
- CVE-2025-40230: mm: prevent poison consumption when splitting THP (bsc#1254817).
- CVE-2025-68173: ftrace: Fix softlockup in ftrace_module_enable (bsc#1255311).
- CVE-2025-68186: ring-buffer: Do not warn in ring_buffer_map_get_reader() when reader catches up (bsc#1255144).
- CVE-2025-68292: mm/memfd: fix information leak in hugetlb folios (bsc#1255148).
- CVE-2025-68295: smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129).
- CVE-2025-68329: tracing: Fix WARN_ON in tracing_buffers_mmap_close for split VMAs (bsc#1255490).
- CVE-2025-68371: scsi: smartpqi: Fix device resources accessed after device removal (bsc#1255572).
- CVE-2025-68745: scsi: qla2xxx: Clear cmds after chip reset (bsc#1255721).
- CVE-2025-68785: net: openvswitch: fix middle attribute validation in push_nsh() action (bsc#1256640).
- CVE-2025-68810: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (bsc#1256679).
- CVE-2025-71071: iommu/mediatek: fix use-after-free on probe deferral (bsc#1256802).
- CVE-2025-71104: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708).
- CVE-2025-71125: tracing: Do not register unsupported perf events (bsc#1256784).
- CVE-2025-71134: mm/page_alloc: change all pageblocks migrate type on coalescing (bsc#1256732).
- CVE-2025-71161: dm-verity: disable recursive forward error correction (bsc#1257174).
- CVE-2025-71184: btrfs: tracepoints: use btrfs_root_id() to get the id of a root (bsc#1257635).
- CVE-2025-71193: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend (bsc#1257686).
- CVE-2025-71225: md: suspend array while updating raid_disks via sysfs (bsc#1258411).
- CVE-2026-22979: net: fix memory leak in skb_segment_list for GRO packets (bsc#1257228).
- CVE-2026-22998: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (bsc#1257209).
- CVE-2026-23003: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() (bsc#1257246).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231).
- CVE-2026-23010: ipv6: Fix use-after-free in inet6_addr_del() (bsc#1257332).
- CVE-2026-23017: idpf: fix error handling in the init_task on load (bsc#1257552).
- CVE-2026-23022: idpf: fix memory leak in idpf_vc_core_deinit() (bsc#1257581).
- CVE-2026-23023: idpf: fix memory leak in idpf_vport_rel() (bsc#1257556).
- CVE-2026-23024: idpf: fix memory leak of flow steer list on rmmod (bsc#1257572).
- CVE-2026-23035: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (bsc#1257559).
- CVE-2026-23042: idpf: fix aux device unplugging when rdma is not supported by vport (bsc#1257705).
- CVE-2026-23047: libceph: make calc_target() set t->paused, not just clear it (bsc#1257682).
- CVE-2026-23053: NFS: Fix a deadlock involving nfs_release_folio() (bsc#1257718).
- CVE-2026-23057: vsock/virtio: Coalesce only linear skb (bsc#1257740).
- CVE-2026-23064: net/sched: act_ife: avoid possible NULL deref (bsc#1257765).
- CVE-2026-23066: rxrpc: Fix recvmsg() unconditional requeue (bsc#1257726).
- CVE-2026-23068: spi: spi-sprd-adi: Fix double free in probe error path (bsc#1257805).
- CVE-2026-23069: vsock/virtio: fix potential underflow in virtio_transport_get_credit() (bsc#1257755).
- CVE-2026-23070: Octeontx2-af: Add proper checks for fwdata (bsc#1257709).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749).
- CVE-2026-23083: tools: ynl-gen: use big-endian netlink attribute types (bsc#1257745).
- CVE-2026-23084: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (bsc#1257830).
- CVE-2026-23085: irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758).
- CVE-2026-23086: vsock/virtio: cap TX credit to local buffer size (bsc#1257757).
- CVE-2026-23088: tracing: Fix crash on synthetic stacktrace field usage (bsc#1257814).
- CVE-2026-23095: gue: Fix skb memleak with inner IP protocol 0 (bsc#1257808).
- CVE-2026-23097: migrate: correct lock ordering for hugetlb file folios (bsc#1257815).
- CVE-2026-23099: bonding: limit BOND_MODE_8023AD to Ethernet devices (bsc#1257816).
- CVE-2026-23100: mm/hugetlb: fix hugetlb_pmd_shared() (bsc#1257817).
- CVE-2026-23102: arm64/fpsimd: signal: Fix restoration of SVE context (bsc#1257772).
- CVE-2026-23104: ice: fix devlink reload call trace (bsc#1257763).
- CVE-2026-23105: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (bsc#1257775).
- CVE-2026-23107: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762).
- CVE-2026-23110: scsi: core: Wake up the error handler when final completions race against each other (bsc#1257761).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258181).
- CVE-2026-23112: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (bsc#1258184).
- CVE-2026-23116: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (bsc#1258277).
- CVE-2026-23119: bonding: provide a net pointer to __skb_flow_dissect() (bsc#1258273).
- CVE-2026-23136: libceph: reset sparse-read state in osd_fault() (bsc#1258303).
- CVE-2026-23139: netfilter: nf_conncount: update last_gc only when GC has been performed (bsc#1258304).
- CVE-2026-23141: btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377).
- CVE-2026-23142: mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure (bsc#1258289).
- CVE-2026-23144: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure (bsc#1258290).
- CVE-2026-23148: nvmet: fix race in nvmet_bio_done() leading to NULL pointer dereference (bsc#1258258).
- CVE-2026-23154: net: fix segmentation of forwarding fraglist GRO (bsc#1258286).
- CVE-2026-23161: mm/shmem, swap: fix race of truncate and swap entry split (bsc#1258355).
- CVE-2026-23166: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (bsc#1258272).
- CVE-2026-23169: mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() (bsc#1258389).
- CVE-2026-23171: bonding: fix use-after-free due to enslave fail after slave array update (bsc#1258349).
- CVE-2026-23173: net/mlx5e: TC, delete flows only for existing peers (bsc#1258520).
- CVE-2026-23179: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (bsc#1258394).
- CVE-2026-23189: ceph: fix NULL pointer dereference in ceph_mds_auth_match() (bsc#1258308).
- CVE-2026-23198: KVM: Don't clobber irqfd routing type when deassigning irqfd (bsc#1258321).
- CVE-2026-23208: ALSA: usb-audio: Prevent excessive number of frames (bsc#1258468).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518).
- CVE-2026-23210: ice: Fix PTP NULL pointer dereference during VSI rebuild (bsc#1258517).
- CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-only (bsc#1258464).
- CVE-2026-23223: xfs: fix UAF in xchk_btree_check_block_owner (bsc#1258483).
- CVE-2026-23224: erofs: fix UAF issue for file-backed mounts w/ directio option (bsc#1258461).
The following non security issues were fixed:
- ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes).
- ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes).
- ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes).
- Add bugnumber to existing mana and mana_ib changes (bsc#1251135 bsc#1251971).
- HID: apple: Add EPOMAKER TH87 to the non-apple keyboards list (bsc#1258455).
- HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes).
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1255868).
- PCI: Add ASPEED vendor ID to pci_ids.h (bsc#1258672)
- PCI: Add PCI_BRIDGE_NO_ALIAS quirk for ASPEED AST1150 (bsc#1258672)
- PM: sleep: wakeirq: Update outdated documentation comments (git-fixes).
- Refresh and move upstreamed ath12k patch into sorted section
- Update "drm/mgag200: fix mgag200_bmc_stop_scanout()" bug number (bsc#1258153)
- add bugnumber to existing mana change (bsc#1252266).
- arm64: contpte: fix set_access_flags() no-op check for SMMU/ATS (bsc#1259329)
- bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691).
- can: bcm: fix locking for bcm_op runtime updates (git-fixes).
- clk: qcom: gcc-sm8450: Update the SDCC RCGs to use shared_floor_ops (git-fixes).
- clocksource: Fix the CPUs' choice in the watchdog per CPU verification (bsc#1257818).
- clocksource: Print durations for sync check unconditionally (bsc#1257818).
- clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1257818).
- clocksource: Use pr_info() for "Checking clocksource synchronization" message (bsc#1257818).
- dm: Fix deadlock when reloading a multipath table (bsc#1254928).
- drm/i915/display: Add quirk to skip retraining of dp link (bsc#1253129).
- ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes).
- gpiolib-acpi: Update file references in the Documentation and MAINTAINERS (git-fixes).
- i3c: master: Update hot-join flag only on success (git-fixes).
- ktls, sockmap: Fix missing uncharge operation (bsc#1252008).
- media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes).
- modpost: Ensure exported symbol namespaces are not quoted (bsc#1258489).
- net: mana: Handle hardware recovery events when probing the device (bsc#1257466).
- net: mana: Implement ndo_tx_timeout and serialize queue resets per port (bsc#1257472).
- platform/x86/amd: amd_3d_vcache: Add AMD 3D V-Cache optimizer driver (jsc#PED-11563).
- sched/core: Avoid direct access to hrtimer clockbase (bsc#1234634).
- sched/deadline: Fix race in push_dl_task() (bsc#1234634).
- sched/deadline: Stop dl_server before CPU goes offline (bsc#1234634).
- sched/fair: Fix pelt clock sync when entering idle (bsc#1234634).
- sched/fair: Fix pelt lost idle time detection (bsc#1234634).
- staging: rtl8723bs: fix missing status update on sdio_alloc_irq() failure (stable-fixes).
- wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes).
ImportantSUSE bug 1234634SUSE bug 1249590SUSE bug 1250748SUSE bug 1251135SUSE bug 1251966SUSE bug 1251971SUSE bug 1252008SUSE bug 1252266SUSE bug 1252911SUSE bug 1252924SUSE bug 1253129SUSE bug 1253691SUSE bug 1254817SUSE bug 1254928SUSE bug 1255129SUSE bug 1255144SUSE bug 1255148SUSE bug 1255311SUSE bug 1255490SUSE bug 1255572SUSE bug 1255721SUSE bug 1255868SUSE bug 1256640SUSE bug 1256675SUSE bug 1256679SUSE bug 1256708SUSE bug 1256732SUSE bug 1256784SUSE bug 1256802SUSE bug 1256865SUSE bug 1256867SUSE bug 1257154SUSE bug 1257174SUSE bug 1257209SUSE bug 1257222SUSE bug 1257228SUSE bug 1257231SUSE bug 1257246SUSE bug 1257332SUSE bug 1257466SUSE bug 1257472SUSE bug 1257473SUSE bug 1257551SUSE bug 1257552SUSE bug 1257553SUSE bug 1257554SUSE bug 1257556SUSE bug 1257557SUSE bug 1257559SUSE bug 1257560SUSE bug 1257561SUSE bug 1257562SUSE bug 1257565SUSE bug 1257570SUSE bug 1257572SUSE bug 1257573SUSE bug 1257576SUSE bug 1257579SUSE bug 1257580SUSE bug 1257581SUSE bug 1257586SUSE bug 1257600SUSE bug 1257631SUSE bug 1257635SUSE bug 1257679SUSE bug 1257682SUSE bug 1257686SUSE bug 1257687SUSE bug 1257688SUSE bug 1257704SUSE bug 1257705SUSE bug 1257706SUSE bug 1257707SUSE bug 1257709SUSE bug 1257714SUSE bug 1257715SUSE bug 1257716SUSE bug 1257718SUSE bug 1257722SUSE bug 1257723SUSE bug 1257726SUSE bug 1257729SUSE bug 1257730SUSE bug 1257732SUSE bug 1257734SUSE bug 1257735SUSE bug 1257737SUSE bug 1257739SUSE bug 1257740SUSE bug 1257741SUSE bug 1257742SUSE bug 1257743SUSE bug 1257745SUSE bug 1257749SUSE bug 1257750SUSE bug 1257755SUSE bug 1257757SUSE bug 1257758SUSE bug 1257759SUSE bug 1257761SUSE bug 1257762SUSE bug 1257763SUSE bug 1257765SUSE bug 1257768SUSE bug 1257770SUSE bug 1257772SUSE bug 1257775SUSE bug 1257776SUSE bug 1257788SUSE bug 1257789SUSE bug 1257790SUSE bug 1257805SUSE bug 1257808SUSE bug 1257809SUSE bug 1257811SUSE bug 1257813SUSE bug 1257814SUSE bug 1257815SUSE bug 1257816SUSE bug 1257817SUSE bug 1257818SUSE bug 1257830SUSE bug 1257942SUSE bug 1257952SUSE bug 1258153SUSE bug 1258181SUSE bug 1258184SUSE bug 1258222SUSE bug 1258232SUSE bug 1258234SUSE bug 1258237SUSE bug 1258245SUSE bug 1258249SUSE bug 1258252SUSE bug 1258256SUSE bug 1258258SUSE bug 1258259SUSE bug 1258272SUSE bug 1258273SUSE bug 1258276SUSE bug 1258277SUSE bug 1258279SUSE bug 1258286SUSE bug 1258289SUSE bug 1258290SUSE bug 1258297SUSE bug 1258298SUSE bug 1258299SUSE bug 1258303SUSE bug 1258304SUSE bug 1258308SUSE bug 1258309SUSE bug 1258313SUSE bug 1258317SUSE bug 1258321SUSE bug 1258323SUSE bug 1258324SUSE bug 1258326SUSE bug 1258331SUSE bug 1258338SUSE bug 1258349SUSE bug 1258354SUSE bug 1258355SUSE bug 1258358SUSE bug 1258374SUSE bug 1258376SUSE bug 1258377SUSE bug 1258379SUSE bug 1258389SUSE bug 1258394SUSE bug 1258395SUSE bug 1258397SUSE bug 1258411SUSE bug 1258415SUSE bug 1258419SUSE bug 1258421SUSE bug 1258422SUSE bug 1258424SUSE bug 1258429SUSE bug 1258430SUSE bug 1258442SUSE bug 1258455SUSE bug 1258461SUSE bug 1258464SUSE bug 1258465SUSE bug 1258468SUSE bug 1258469SUSE bug 1258483SUSE bug 1258484SUSE bug 1258489SUSE bug 1258517SUSE bug 1258518SUSE bug 1258519SUSE bug 1258520SUSE bug 1258524SUSE bug 1258544SUSE bug 1258660SUSE bug 1258672SUSE bug 1258824SUSE bug 1259329CVE-2025-39753 at SUSECVE-2025-39753 at NVDCVE-2025-39964 at SUSECVE-2025-39964 at NVDCVE-2025-40099 at SUSECVE-2025-40099 at NVDCVE-2025-40103 at SUSECVE-2025-40103 at NVDCVE-2025-40230 at SUSECVE-2025-40230 at NVDCVE-2025-68173 at SUSECVE-2025-68173 at NVDCVE-2025-68186 at SUSECVE-2025-68186 at NVDCVE-2025-68292 at SUSECVE-2025-68292 at NVDCVE-2025-68295 at SUSECVE-2025-68295 at NVDCVE-2025-68329 at SUSECVE-2025-68329 at NVDCVE-2025-68371 at SUSECVE-2025-68371 at NVDCVE-2025-68745 at SUSECVE-2025-68745 at NVDCVE-2025-68785 at SUSECVE-2025-68785 at NVDCVE-2025-68810 at SUSECVE-2025-68810 at NVDCVE-2025-68818 at SUSECVE-2025-68818 at NVDCVE-2025-71071 at SUSECVE-2025-71071 at NVDCVE-2025-71104 at SUSECVE-2025-71104 at NVDCVE-2025-71125 at SUSECVE-2025-71125 at NVDCVE-2025-71134 at SUSECVE-2025-71134 at NVDCVE-2025-71161 at SUSECVE-2025-71161 at NVDCVE-2025-71182 at SUSECVE-2025-71182 at NVDCVE-2025-71183 at SUSECVE-2025-71183 at NVDCVE-2025-71184 at SUSECVE-2025-71184 at NVDCVE-2025-71185 at SUSECVE-2025-71185 at NVDCVE-2025-71186 at SUSECVE-2025-71186 at NVDCVE-2025-71188 at SUSECVE-2025-71188 at NVDCVE-2025-71189 at SUSECVE-2025-71189 at NVDCVE-2025-71190 at SUSECVE-2025-71190 at NVDCVE-2025-71191 at SUSECVE-2025-71191 at NVDCVE-2025-71192 at SUSECVE-2025-71192 at NVDCVE-2025-71193 at SUSECVE-2025-71193 at NVDCVE-2025-71194 at SUSECVE-2025-71194 at NVDCVE-2025-71195 at SUSECVE-2025-71195 at NVDCVE-2025-71196 at SUSECVE-2025-71196 at NVDCVE-2025-71197 at SUSECVE-2025-71197 at NVDCVE-2025-71198 at SUSECVE-2025-71198 at NVDCVE-2025-71199 at SUSECVE-2025-71199 at NVDCVE-2025-71200 at SUSECVE-2025-71200 at NVDCVE-2025-71222 at SUSECVE-2025-71222 at NVDCVE-2025-71224 at SUSECVE-2025-71224 at NVDCVE-2025-71225 at SUSECVE-2025-71225 at NVDCVE-2025-71229 at SUSECVE-2025-71229 at NVDCVE-2025-71231 at SUSECVE-2025-71231 at NVDCVE-2025-71232 at SUSECVE-2025-71232 at NVDCVE-2025-71233 at SUSECVE-2025-71233 at NVDCVE-2025-71234 at SUSECVE-2025-71234 at NVDCVE-2025-71235 at SUSECVE-2025-71235 at NVDCVE-2025-71236 at SUSECVE-2025-71236 at NVDCVE-2026-22979 at SUSECVE-2026-22979 at NVDCVE-2026-22980 at SUSECVE-2026-22980 at NVDCVE-2026-22998 at SUSECVE-2026-22998 at NVDCVE-2026-23003 at SUSECVE-2026-23003 at NVDCVE-2026-23004 at SUSECVE-2026-23004 at NVDCVE-2026-23010 at SUSECVE-2026-23010 at NVDCVE-2026-23017 at SUSECVE-2026-23017 at NVDCVE-2026-23018 at SUSECVE-2026-23018 at NVDCVE-2026-23021 at SUSECVE-2026-23021 at NVDCVE-2026-23022 at SUSECVE-2026-23022 at NVDCVE-2026-23023 at SUSECVE-2026-23023 at NVDCVE-2026-23024 at SUSECVE-2026-23024 at NVDCVE-2026-23026 at SUSECVE-2026-23026 at NVDCVE-2026-23030 at SUSECVE-2026-23030 at NVDCVE-2026-23031 at SUSECVE-2026-23031 at NVDCVE-2026-23033 at SUSECVE-2026-23033 at NVDCVE-2026-23035 at SUSECVE-2026-23035 at NVDCVE-2026-23037 at SUSECVE-2026-23037 at NVDCVE-2026-23038 at SUSECVE-2026-23038 at NVDCVE-2026-23042 at SUSECVE-2026-23042 at NVDCVE-2026-23047 at SUSECVE-2026-23047 at NVDCVE-2026-23049 at SUSECVE-2026-23049 at NVDCVE-2026-23050 at SUSECVE-2026-23050 at NVDCVE-2026-23053 at SUSECVE-2026-23053 at NVDCVE-2026-23054 at SUSECVE-2026-23054 at NVDCVE-2026-23055 at SUSECVE-2026-23055 at NVDCVE-2026-23056 at SUSECVE-2026-23056 at NVDCVE-2026-23057 at SUSECVE-2026-23057 at NVDCVE-2026-23058 at SUSECVE-2026-23058 at NVDCVE-2026-23059 at SUSECVE-2026-23059 at NVDCVE-2026-23060 at SUSECVE-2026-23060 at NVDCVE-2026-23061 at SUSECVE-2026-23061 at NVDCVE-2026-23062 at SUSECVE-2026-23062 at NVDCVE-2026-23063 at SUSECVE-2026-23063 at NVDCVE-2026-23064 at SUSECVE-2026-23064 at NVDCVE-2026-23065 at SUSECVE-2026-23065 at NVDCVE-2026-23066 at SUSECVE-2026-23066 at NVDCVE-2026-23068 at SUSECVE-2026-23068 at NVDCVE-2026-23069 at SUSECVE-2026-23069 at NVDCVE-2026-23070 at SUSECVE-2026-23070 at NVDCVE-2026-23071 at SUSECVE-2026-23071 at NVDCVE-2026-23073 at SUSECVE-2026-23073 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23076 at SUSECVE-2026-23076 at NVDCVE-2026-23078 at SUSECVE-2026-23078 at NVDCVE-2026-23080 at SUSECVE-2026-23080 at NVDCVE-2026-23082 at SUSECVE-2026-23082 at NVDCVE-2026-23083 at SUSECVE-2026-23083 at NVDCVE-2026-23084 at SUSECVE-2026-23084 at NVDCVE-2026-23085 at SUSECVE-2026-23085 at NVDCVE-2026-23086 at SUSECVE-2026-23086 at NVDCVE-2026-23088 at SUSECVE-2026-23088 at NVDCVE-2026-23089 at SUSECVE-2026-23089 at NVDCVE-2026-23090 at SUSECVE-2026-23090 at NVDCVE-2026-23091 at SUSECVE-2026-23091 at NVDCVE-2026-23094 at SUSECVE-2026-23094 at NVDCVE-2026-23095 at SUSECVE-2026-23095 at NVDCVE-2026-23096 at SUSECVE-2026-23096 at NVDCVE-2026-23097 at SUSECVE-2026-23097 at NVDCVE-2026-23099 at SUSECVE-2026-23099 at NVDCVE-2026-23100 at SUSECVE-2026-23100 at NVDCVE-2026-23101 at SUSECVE-2026-23101 at NVDCVE-2026-23102 at SUSECVE-2026-23102 at NVDCVE-2026-23104 at SUSECVE-2026-23104 at NVDCVE-2026-23105 at SUSECVE-2026-23105 at NVDCVE-2026-23107 at SUSECVE-2026-23107 at NVDCVE-2026-23108 at SUSECVE-2026-23108 at NVDCVE-2026-23110 at SUSECVE-2026-23110 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23112 at SUSECVE-2026-23112 at NVDCVE-2026-23116 at SUSECVE-2026-23116 at NVDCVE-2026-23119 at SUSECVE-2026-23119 at NVDCVE-2026-23121 at SUSECVE-2026-23121 at NVDCVE-2026-23123 at SUSECVE-2026-23123 at NVDCVE-2026-23128 at SUSECVE-2026-23128 at NVDCVE-2026-23129 at SUSECVE-2026-23129 at NVDCVE-2026-23131 at SUSECVE-2026-23131 at NVDCVE-2026-23133 at SUSECVE-2026-23133 at NVDCVE-2026-23135 at SUSECVE-2026-23135 at NVDCVE-2026-23136 at SUSECVE-2026-23136 at NVDCVE-2026-23137 at SUSECVE-2026-23137 at NVDCVE-2026-23139 at SUSECVE-2026-23139 at NVDCVE-2026-23141 at SUSECVE-2026-23141 at NVDCVE-2026-23142 at SUSECVE-2026-23142 at NVDCVE-2026-23144 at SUSECVE-2026-23144 at NVDCVE-2026-23145 at SUSECVE-2026-23145 at NVDCVE-2026-23146 at SUSECVE-2026-23146 at NVDCVE-2026-23148 at SUSECVE-2026-23148 at NVDCVE-2026-23150 at SUSECVE-2026-23150 at NVDCVE-2026-23151 at SUSECVE-2026-23151 at NVDCVE-2026-23152 at SUSECVE-2026-23152 at NVDCVE-2026-23154 at SUSECVE-2026-23154 at NVDCVE-2026-23155 at SUSECVE-2026-23155 at NVDCVE-2026-23156 at SUSECVE-2026-23156 at NVDCVE-2026-23157 at SUSECVE-2026-23157 at NVDCVE-2026-23158 at SUSECVE-2026-23158 at NVDCVE-2026-23161 at SUSECVE-2026-23161 at NVDCVE-2026-23163 at SUSECVE-2026-23163 at NVDCVE-2026-23166 at SUSECVE-2026-23166 at NVDCVE-2026-23167 at SUSECVE-2026-23167 at NVDCVE-2026-23169 at SUSECVE-2026-23169 at NVDCVE-2026-23170 at SUSECVE-2026-23170 at NVDCVE-2026-23171 at SUSECVE-2026-23171 at NVDCVE-2026-23172 at SUSECVE-2026-23172 at NVDCVE-2026-23173 at SUSECVE-2026-23173 at NVDCVE-2026-23176 at SUSECVE-2026-23176 at NVDCVE-2026-23177 at SUSECVE-2026-23177 at NVDCVE-2026-23178 at SUSECVE-2026-23178 at NVDCVE-2026-23179 at SUSECVE-2026-23179 at NVDCVE-2026-23182 at SUSECVE-2026-23182 at NVDCVE-2026-23188 at SUSECVE-2026-23188 at NVDCVE-2026-23189 at SUSECVE-2026-23189 at NVDCVE-2026-23190 at SUSECVE-2026-23190 at NVDCVE-2026-23191 at SUSECVE-2026-23191 at NVDCVE-2026-23198 at SUSECVE-2026-23198 at NVDCVE-2026-23202 at SUSECVE-2026-23202 at NVDCVE-2026-23207 at SUSECVE-2026-23207 at NVDCVE-2026-23208 at SUSECVE-2026-23208 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDCVE-2026-23210 at SUSECVE-2026-23210 at NVDCVE-2026-23213 at SUSECVE-2026-23213 at NVDCVE-2026-23214 at SUSECVE-2026-23214 at NVDCVE-2026-23221 at SUSECVE-2026-23221 at NVDCVE-2026-23222 at SUSECVE-2026-23222 at NVDCVE-2026-23223 at SUSECVE-2026-23223 at NVDCVE-2026-23224 at SUSECVE-2026-23224 at NVDCVE-2026-23229 at SUSECVE-2026-23229 at NVDCVE-2026-23230 at SUSECVE-2026-23230 at NVDcpe:/o:suse:sl-micro:6.2Security update for the initial kernel livepatch (Important)SUSE Linux Micro 6.2
This update contains initial livepatches for the SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2 kernel update.
Importantcpe:/o:suse:sl-micro:6.2Security update for python-pyasn1 (Important)SUSE Linux Micro 6.2
This update for python-pyasn1 fixes the following issue:
- CVE-2026-30922: Denial of Service via Unbounded Recursion (bsc#1259803).
ImportantSUSE bug 1259803CVE-2026-30922 at SUSECVE-2026-30922 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1256624SUSE bug 1256644CVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1255052).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255052SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644CVE-2025-40214 at SUSECVE-2025-40214 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.2Security update for python-PyJWT (Important)SUSE Linux Micro 6.2
This update for python-PyJWT fixes the following issue:
Update to PyJWT 2.12.1:
- CVE-2026-32597: PyJWT accepts unknown `crit` header extensions (bsc#1259616).
Changelog:
Update to 2.12.1:
- Add missing typing_extensions dependency for Python < 3.11 in
#1150
Update to 2.12.0:
- Annotate PyJWKSet.keys for pyright by @tamird in #1134
- Close HTTPError response to prevent ResourceWarning on
Python 3.14 by @veeceey in #1133
- Do not keep algorithms dict in PyJWK instances by @akx in
#1143
- Use PyJWK algorithm when encoding without explicit
algorithm in #1148
- Docs: Add PyJWKClient API reference and document the
two-tier caching system (JWK Set cache and signing key LRU
cache).
Update to 2.11.0:
- Enforce ECDSA curve validation per RFC 7518 Section 3.4.
- Fix build system warnings by @kurtmckee in #1105
- Validate key against allowed types for Algorithm family in
#964
- Add iterator for JWKSet in #1041
- Validate iss claim is a string during encoding and decoding
by @pachewise in #1040
- Improve typing/logic for options in decode, decode_complete
by @pachewise in #1045
- Declare float supported type for lifespan and timeout by
@nikitagashkov in #1068
- Fix SyntaxWarnings/DeprecationWarnings caused by invalid
escape sequences by @kurtmckee in #1103
- Development: Build a shared wheel once to speed up test
suite setup times by @kurtmckee in #1114
- Development: Test type annotations across all supported
Python versions, increase the strictness of the type
checking, and remove the mypy pre-commit hook by @kurtmckee
in #1112
- Support Python 3.14, and test against PyPy 3.10 and 3.11 by
@kurtmckee in #1104
- Development: Migrate to build to test package building in
CI by @kurtmckee in #1108
- Development: Improve coverage config and eliminate unused
test suite code by @kurtmckee in #1115
- Docs: Standardize CHANGELOG links to PRs by @kurtmckee in
#1110
- Docs: Fix Read the Docs builds by @kurtmckee in #1111
- Docs: Add example of using leeway with nbf by @djw8605 in
#1034
- Docs: Refactored docs with autodoc; added PyJWS and
jwt.algorithms docs by @pachewise in #1045
- Docs: Documentation improvements for "sub" and "jti" claims
by @cleder in #1088
- Development: Add pyupgrade as a pre-commit hook by
@kurtmckee in #1109
- Add minimum key length validation for HMAC and RSA keys
(CWE-326). Warns by default via InsecureKeyLengthWarning
when keys are below minimum recommended lengths per RFC
7518 Section 3.2 (HMAC) and NIST SP 800-131A (RSA). Pass
enforce_minimum_key_length=True in options to PyJWT or
PyJWS to raise InvalidKeyError instead.
- Refactor PyJWT to own an internal PyJWS instance instead of
calling global api_jws functions.
ImportantSUSE bug 1259616CVE-2026-32597 at SUSECVE-2026-32597 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1255052).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255052SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40214 at SUSECVE-2025-40214 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1255052).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255052SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40214 at SUSECVE-2025-40214 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1255052).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255052SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40214 at SUSECVE-2025-40214 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.2Security update for net-tools (Moderate)SUSE Linux Micro 6.2
This update for net-tools fixes the following issues:
- Fix stack buffer overflow in parse_hex (bsc#1248687, GHSA-h667-qrp8-gj58).
- Fix stack-based buffer overflow in proc_gen_fmt (bsc#1248687, GHSA-w7jq-cmw2-cq59).
- Avoid unsafe memcpy in ifconfig (bsc#1248687).
- Prevent overflow in ax25 and netrom (bsc#1248687)
- Keep possibility to enter long interface names, even if they are
not accepted by the kernel, because it was always possible up to
CVE-2025-46836 fix. But issue a warning about an interface name
concatenation (bsc#1248410).
ModerateSUSE bug 1243581SUSE bug 1248410SUSE bug 1248687SUSE bug 142461SUSE bug 430864SUSE bug 544339CVE-2025-46836 at SUSECVE-2025-46836 at NVDcpe:/o:suse:sl-micro:6.2Security update for docker-compose (Important)SUSE Linux Micro 6.2
This update for docker-compose fixes the following issues:
- CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in
response to a key listing or signing request (bsc#1253584).
- CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds
read (bsc#1254041).
- CVE-2025-62725: OCI compose artifacts can be used to escape the cache directory and overwrite arbitrary files
(bsc#1252752).
ImportantSUSE bug 1252752SUSE bug 1253584SUSE bug 1254041CVE-2025-47913 at SUSECVE-2025-47913 at NVDCVE-2025-47914 at SUSECVE-2025-47914 at NVDCVE-2025-62725 at SUSECVE-2025-62725 at NVDcpe:/o:suse:sl-micro:6.2Security update for runc (Important)SUSE Linux Micro 6.2
This update for runc fixes the following issues:
- Update to runc v1.3.3:
* CVE-2025-31133, CVE-2025-52565, CVE-2025-52881: Fixed container breakouts by bypassing
runc's restrictions for writing to arbitrary /proc files (bsc#1252232)
ImportantSUSE bug 1252110SUSE bug 1252232CVE-2025-31133 at SUSECVE-2025-31133 at NVDCVE-2025-52565 at SUSECVE-2025-52565 at NVDCVE-2025-52881 at SUSECVE-2025-52881 at NVDcpe:/o:suse:sl-micro:6.2Security update for gnutls (Moderate)SUSE Linux Micro 6.2
This update for gnutls fixes the following issues:
- CVE-2025-14831: Fixed DoS via excessive resource consumption during certificate verification. (bsc#1257960)
- CVE-2025-9820: Fixed a buffer overflow in gnutls_pkcs11_token_init. (bsc#1254132)
- Add the functionality to allow to specify the hash algorithm for the PSK. This fixes a bug in the current implementation where the binder is always calculated with SHA256. (bsc#1258083, jsc#PED-15752, jsc#PED-15753)
ModerateSUSE bug 1254132SUSE bug 1257960SUSE bug 1258083CVE-2025-14831 at SUSECVE-2025-14831 at NVDCVE-2025-9820 at SUSECVE-2025-9820 at NVDcpe:/o:suse:sl-micro:6.2Security update for expat (Important)SUSE Linux Micro 6.2
This update for expat fixes the following issues:
- CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity
declaration value (bsc#1259726).
- CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711).
- CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition
(bsc#1259729).
ImportantSUSE bug 1259711SUSE bug 1259726SUSE bug 1259729CVE-2026-32776 at SUSECVE-2026-32776 at NVDCVE-2026-32777 at SUSECVE-2026-32777 at NVDCVE-2026-32778 at SUSECVE-2026-32778 at NVDcpe:/o:suse:sl-micro:6.2Security update for cockpit-repos (Important)SUSE Linux Micro 6.2
This update for cockpit-repos fixes the following issue:
- CVE-2026-26996: minimatch: ReDoS when glob pattern contains many consecutive wildcards followed by a literal character
that doesn't appear in the test string (bsc#1258637).
ImportantSUSE bug 1258637CVE-2026-26996 at SUSECVE-2026-26996 at NVDcpe:/o:suse:sl-micro:6.2Security update for libpng16 (Important)SUSE Linux Micro 6.2
This update for libpng16 fixes the following issues:
- CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code
execution (bsc#1260754).
- CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and
crashes (bsc#1260755).
ImportantSUSE bug 1260754SUSE bug 1260755CVE-2026-33416 at SUSECVE-2026-33416 at NVDCVE-2026-33636 at SUSECVE-2026-33636 at NVDcpe:/o:suse:sl-micro:6.2Security update for libtasn1 (Moderate)SUSE Linux Micro 6.2
This update for libtasn1 fixes the following issues:
- CVE-2025-13151: lack of validation of input data size leads to stack-based buffer overflow in
`asn1_expend_octet_string` (bsc#1256341).
ModerateSUSE bug 1256341CVE-2025-13151 at SUSECVE-2025-13151 at NVDcpe:/o:suse:sl-micro:6.2Security update for systemd (Important)SUSE Linux Micro 6.2
This update for systemd fixes the following issues:
Update to systemd v257.13:
Security issues:
- CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method (bsc#1259650).
- CVE-2026-29111: local unprivileged user can trigger an assert in systemd (bsc#1259418).
- udev: local root execution via malicious hardware devices and unsanitized kernel output (bsc#1259697).
Non security issues:
- Avoid shipping (empty) directories and ghost files in /var (jsc#PED-14853).
- Sign systemd-boot EFI binary on aarch64 (bsc#1258344)
- terminal-util: stop doing 0/upper bound check in tty_is_vc() (bsc#1255326)
Changelog:
- 6941d92dc2 machined: reject invalid class types when registering machines (bsc#1259650 CVE-2026-4105)
- 03bb697b8d udev: check for invalid chars in various fields received from the kernel (bsc#1259697)
- 54588d2ded core: validate input cgroup path more prudently (bsc#1259418 CVE-2026-29111)
- fb9d92682b terminal-util: stop doing 0/upper bound check in tty_is_vc() (bsc#1255326)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/3c53ef3ea20bd43ef587cbdfa7107aeb1ef55654...d349fc5cd4f9ee2b7884c2610647e92806d14b28
ImportantSUSE bug 1255326SUSE bug 1258344SUSE bug 1259418SUSE bug 1259650SUSE bug 1259697CVE-2026-29111 at SUSECVE-2026-29111 at NVDCVE-2026-4105 at SUSECVE-2026-4105 at NVDcpe:/o:suse:sl-micro:6.2Security update for tar (Important)SUSE Linux Micro 6.2
This update for tar fixes the following issue:
Security issue:
- CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399).
Non security issue:
- Fixes tar creating invalid tarballs when used with --delete (bsc#1246607)
ImportantSUSE bug 1246399SUSE bug 1246607CVE-2025-45582 at SUSECVE-2025-45582 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues
The following security issues were fixed:
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 3 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Important)SUSE Linux Micro 6.2
The SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
- CVE-2024-57891: sched_ext: Fix invalid irq restore in scx_ops_bypass() (bsc#1235953).
- CVE-2024-57951: hrtimers: Handle CPU state correctly on hotplug (bsc#1237108).
- CVE-2024-57952: Revert "libfs: fix infinite directory reads for offset dir" (bsc#1237131).
- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
- CVE-2025-22034: mm/rmap: avoid -EBUSY from make_device_exclusive() (bsc#1241435).
- CVE-2025-22077: Revert "smb: client: fix TCP timers deadlock after rmmod" (bsc#1241403).
- CVE-2025-23141: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782).
- CVE-2025-37821: sched/eevdf: Fix se->slice being set to U64_MAX and resulting (bsc#1242864).
- CVE-2025-37849: KVM: arm64: Tear down vGIC on failed vCPU creation (bsc#1243000).
- CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068).
- CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055).
- CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
- CVE-2025-38019: mlxsw: spectrum_router: Fix use-after-free when deleting GRE net devices (bsc#1245000).
- CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792).
- CVE-2025-38038: cpufreq: amd-pstate: Remove unnecessary driver_lock in set_boost (bsc#1244812).
- CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151).
- CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38101: ring-buffer: Fix buffer locking in ring_buffer_subbuf_order_set() (bsc#1245659).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38106: io_uring/sqpoll: do not put task_struct on tctx setup failure (bsc#1245664).
- CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695).
- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38168: perf: arm-ni: Unregister PMUs on probe failure (bsc#1245763).
- CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970).
- CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38216: iommu/vt-d: Restore context entry setup order for aliased devices (bsc#1245963).
- CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966).
- CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976).
- CVE-2025-38242: mm: userfaultfd: fix race of userfaultfd_move and swap cache (bsc#1246176).
- CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38256: io_uring/rsrc: fix folio unpinning (bsc#1246188).
- CVE-2025-38258: mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write (bsc#1246185).
- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
- CVE-2025-38267: ring-buffer: Do not trigger WARN_ON() due to a commit_overrun (bsc#1246245).
- CVE-2025-38270: net: drv: netdevsim: do not napi_complete() from netpoll (bsc#1246252).
- CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268).
- CVE-2025-38301: nvmem: zynqmp_nvmem: unbreak driver after cleanup (bsc#1246351).
- CVE-2025-38306: fs/fhandle.c: fix a race in call of has_locked_children() (bsc#1246366).
- CVE-2025-38311: iavf: get rid of the crit lock (bsc#1246376).
- CVE-2025-38318: perf: arm-ni: Fix missing platform_set_drvdata() (bsc#1246444).
- CVE-2025-38322: perf/x86/intel: Fix crash in icl_update_topdown_event() (bsc#1246447).
- CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473).
- CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253).
- CVE-2025-38341: eth: fbnic: avoid double free when failing to DMA-map FW msg (bsc#1246260).
- CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777).
- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).
- CVE-2025-38359: s390/mm: Fix in_atomic() handling in do_secure_storage_access() (bsc#1247076).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023).
- CVE-2025-38374: optee: ffa: fix sleep in atomic context (bsc#1247024).
- CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031).
- CVE-2025-38383: mm/vmalloc: fix data race in show_numa_info() (bsc#1247250).
- CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169).
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156).
- CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097).
- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
- CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when
rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
- CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38440: net/mlx5e: Fix race between DIM disable and net_dim() (bsc#1247290).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38451: md/md-bitmap: fix GPF in bitmap_get_stats() (bsc#1247102).
- CVE-2025-38453: kABI: io_uring: msg_ring ensure io_kiocb freeing is deferred (bsc#1247234).
- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
- CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).
- CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38470: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime (bsc#1247288).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38475: smc: Fix various oops due to inet_sock type confusion (bsc#1247308).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38493: tracing/osnoise: Fix crash in timerlat_dump_stack() (bsc#1247283).
- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38508: x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation (bsc#1248190).
- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
- CVE-2025-38539: tracing: Add down_write(trace_event_sem) when adding trace event (bsc#1248211).
- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
- CVE-2025-38545: net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info (bsc#1248224).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38549: efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths (bsc#1248235).
- CVE-2025-38554: mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped (bsc#1248299).
- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248374).
- CVE-2025-38571: sunrpc: fix client side handling of tls alerts (bsc#1248401).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248399).
- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1248368).
- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
- CVE-2025-38628: vdpa/mlx5: Fix release of uninitialized resources on error path (bsc#1248616).
- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248748).
- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
- CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
- CVE-2025-38686: userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry (bsc#1249160).
- CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (bsc#1249182).
- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
- CVE-2025-38710: gfs2: Validate i_depth for exhash directories (bsc#1249201).
- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
- CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
- CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
- CVE-2025-39683: tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286).
- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
- CVE-2025-39698: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1249322).
- CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
- CVE-2025-39723: kABI: netfs: handle new netfs_io_stream flag (bsc#1249314).
- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
- CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
- CVE-2025-39775: mm/mremap: fix WARN with uffd that has remap events disabled (bsc#1249500).
- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
- CVE-2025-39791: dm: dm-crypt: Do not partially accept write BIOs with zoned targets (bsc#1249550).
- CVE-2025-39792: dm: Always split write BIOs to zoned device limits (bsc#1249618).
- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
- CVE-2025-39813: ftrace: Also allocate and copy hash for reading of filter files (bsc#1250032).
- CVE-2025-39816: io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths (bsc#1249906).
- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
- CVE-2025-39828: kABI workaround for struct atmdev_ops extension (bsc#1250205).
- CVE-2025-39830: net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path (bsc#1249974).
- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
- CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
- CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
- CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
- CVE-2025-39852: net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6 (bsc#1250258).
- CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
- CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
- CVE-2025-39875: igb: Fix NULL pointer dereference in ethtool loopback test (bsc#1250398).
- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
- CVE-2025-39898: e1000e: fix heap overflow in e1000_set_eeprom (bsc#1250742).
- CVE-2025-39900: net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y (bsc#1250758).
- CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
- CVE-2025-39922: ixgbe: fix incorrect map used in eee linkmode (bsc#1250722).
- CVE-2025-39926: genetlink: fix genl_bind() invoking bind() after -EPERM (bsc#1250737).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).
- CVE-2026-38264: nvme-tcp: sanitize request list handling (bsc#1246387).
The following non-security bugs were fixed:
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- ACPI/processor_idle: Add FFH state handling (jsc#PED-13815).
- ACPI/processor_idle: Export acpi_processor_ffh_play_dead() (jsc#PED-13815).
- ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path (stable-fixes).
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).
- ACPI: LPSS: Remove AudioDSP related ID (git-fixes).
- ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message (git-fixes).
- ACPI: RISC-V: Fix FFH_CPPC_CSR error handling (git-fixes).
- ACPI: Return -ENODEV from acpi_parse_spcr() when SPCR support is disabled (stable-fixes).
- ACPI: Suppress misleading SPCR console message when SPCR table is absent (stable-fixes).
- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).
- ACPI: battery: Add synchronization between interface updates (git-fixes).
- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: Rescan "dead" SMT siblings during initialization (jsc#PED-13815).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).
- ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).
- ACPICA: Fix largest possible resource descriptor index (git-fixes).
- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes).
- ALSA: hda/cs35l56: Workaround bad dev-index on Lenovo Yoga Book 9i GenX (stable-fixes).
- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).
- ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable-fixes).
- ALSA: hda/realtek - Add mute LED support for HP Victus 15-fa0xxx (stable-fixes).
- ALSA: hda/realtek - Fix mute LED for HP Victus 16-d1xxx (MB 8A26) (stable-fixes).
- ALSA: hda/realtek - Fix mute LED for HP Victus 16-r0xxx (stable-fixes).
- ALSA: hda/realtek - Fix mute LED for HP Victus 16-r1xxx (stable-fixes).
- ALSA: hda/realtek - Fix mute LED for HP Victus 16-s0xxx (stable-fixes).
- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS NUC using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda/realtek: Fix mute LED mask on HP OMEN 16 laptop (git-fixes).
- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).
- ALSA: hda/realtek: add LG gram 16Z90R-A to alc269 fixup table (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git-fixes).
- ALSA: lx_core: use int type to store negative error codes (git-fixes).
- ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT (git-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: timer: fix ida_free call while not allocated (git-fixes).
- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).
- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).
- ALSA: usb-audio: Allow Focusrite devices to use low samplerates (git-fixes).
- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Convert comma to semicolon (git-fixes).
- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
- ALSA: usb-audio: Fix code alignment in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).
- ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: catpt: Expose correct bit depth to userspace (git-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback (git-fixes).
- ASoC: SOF: Intel: Read the LLP via the associated Link DMA channel (git-fixes).
- ASoC: SOF: Intel: hda-pcm: Place the constraint on period time instead of buffer time (git-fixes).
- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).
- ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context (git-fixes).
- ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines tear down (git-fixes).
- ASoC: SOF: ipc4-topology: Account for different ChainDMA host buffer size (git-fixes).
- ASoC: SOF: ipc4-topology: Correct the minimum host DMA buffer size (git-fixes).
- ASoC: SOF: topology: Parse the dapm_widget_tokens in case of DSPless mode (stable-fixes).
- ASoC: amd: acp: Adjust pdm gain value (stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).
- ASoC: codecs: wcd9375: Fix double free of regulator supplies (git-fixes).
- ASoC: codecs: wcd937x: Drop unused buck_supply (git-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: fsl_sai: replace regmap_write with regmap_update_bits (git-fixes).
- ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
- ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365_dai_set_priv (git-fixes).
- ASoC: mediatek: use reserved memory or enable buffer pre-allocation (git-fixes).
- ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes).
- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).
- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).
- ASoC: qcom: use drvdata instead of component to keep id (stable-fixes).
- ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue (stable-fixes).
- ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- ASoC: tas2781: Fix the wrong step for TLV on tas2781 (git-fixes).
- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).
- ASoC: wm8940: Correct PLL rate rounding (git-fixes).
- ASoC: wm8940: Correct typo in control name (git-fixes).
- ASoC: wm8974: Correct PLL rate rounding (git-fixes).
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).
- Bluetooth: ISO: free rx_skb if not consumed (git-fixes).
- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
- Bluetooth: MGMT: Fix possible UAFs (git-fixes).
- Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown (git-fixes).
- Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 (stable-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 0489/e14e for MT7925 (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).
- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).
- Bluetooth: hci_sync: Fix scan state after PA Sync has been established (git-fixes).
- Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements (git-fixes).
- Bluetooth: hci_sync: Prevent unintended PA sync when SID is 0xFF (git-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- Disable CET before shutdown by tboot (bsc#1247950).
- Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes).
- Documentation/x86: Document new attack vector controls (git-fixes).
- Documentation: ACPI: Fix parent device references (git-fixes).
- Documentation: KVM: Fix unexpected unindent warning (git-fixes).
- Documentation: KVM: Fix unexpected unindent warnings (git-fixes).
- Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes).
- Drop ath12k patch that was reverted in the upstream (git-fixes)
- EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
- Enable CONFIG_CMA_SYSFS This is a generally useful feature for anyone
using CMA or investigating CMA issues, with a small and simple code base
and no runtime overhead.
- Enable MT7925 WiFi drivers for openSUSE Leap 16.0 (bsc#1247325)
- Enable SMC_LO (a.k.a SMC-D) (jsc#PED-13256).
- Fix bogus i915 patch backport (bsc#1238972) It's been already cherry-picked in 6.12 kernel itself.
- Fix dma_unmap_sg() nents value (git-fixes)
- HID: amd_sfh: Add sync across amd sfh work functions (git-fixes).
- HID: apple: avoid setting up battery timer for devices without battery (git-fixes).
- HID: apple: validate feature-report field count to prevent NULL pointer dereference (git-fixes).
- HID: asus: add support for missing PX series fn keys (stable-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: core: do not bypass hid_hw_raw_request (stable-fixes).
- HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes).
- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).
- HID: hidraw: tighten ioctl command parsing (git-fixes).
- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).
- HID: input: report battery status changes immediately (git-fixes).
- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).
- HID: logitech: Add ids for G PRO 2 LIGHTSPEED (stable-fixes).
- HID: magicmouse: avoid setting up battery timer when not needed (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
- HID: wacom: Add a new Art Pen 2 (stable-fixes).
- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
- IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes)
- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
- Input: psxpad-spi - add a check for the return value of spi_setup() (git-fixes).
- Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (git-fixes).
- KEYS: X.509: Fix Basic Constraints CA flag parsing (git-fixes).
- KEYS: trusted_tpm1: Compare HMAC values in constant time (git-fixes).
- KVM: Allow CPU to reschedule while setting per-page memory attributes (git-fixes).
- KVM: Bail from the dirty ring reset flow if a signal is pending (git-fixes).
- KVM: Bound the number of dirty ring entries in a single reset at INT_MAX (git-fixes).
- KVM: Conditionally reschedule when resetting the dirty ring (git-fixes).
- KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).
- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).
- KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes).
- KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (git-fixes).
- KVM: TDX: Add new TDVMCALL status code for unsupported subfuncs (jsc#PED-13302).
- KVM: TDX: Do not report base TDVMCALLs (git-fixes).
- KVM: TDX: Exit to userspace for GetTdVmCallInfo (jsc#PED-13302).
- KVM: TDX: Exit to userspace for SetupEventNotifyInterrupt (jsc#PED-13302).
- KVM: TDX: Handle TDG.VP.VMCALL<GetQuote> (jsc#PED-13302).
- KVM: TDX: Report supported optional TDVMCALLs in TDX capabilities (jsc#PED-13302).
- KVM: TDX: Use kvm_arch_vcpu.host_debugctl to restore the host's DEBUGCTL (git-fixes).
- KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes).
- KVM: VMX: Ensure unused kvm_tdx_capabilities fields are zeroed out (jsc#PED-13302).
- KVM: arm64: Adjust range correctly during host stage-2 faults (git-fixes).
- KVM: arm64: Do not free hyp pages with pKVM on GICv2 (git-fixes).
- KVM: arm64: Fix error path in init_hyp_mode() (git-fixes).
- KVM: arm64: Mark freed S2 MMUs as invalid (git-fixes).
- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
- KVM: s390: Fix access to unavailable adapter indicator pages during postcopy (git-fixes bsc#1250124).
- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250123).
- KVM: x86/mmu: Locally cache whether a PFN is host MMIO when making a SPTE (git-fixes).
- KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table (git-fixes).
- KVM: x86: Avoid calling kvm_is_mmio_pfn() when kvm_x86_ops.get_mt_mask is NULL (git-fixes).
- KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap (git-fixes).
- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).
- KVM: x86: Reject KVM_SET_TSC_KHZ vCPU ioctl for TSC protected guest (git-fixes).
- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).
- Limit patch filenames to 100 characters (bsc#1249604).
- Move upstreamed SPI patch into sorted section
- NFS: Fix a race when updating an existing write (git-fixes).
- NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes).
- NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes).
- NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git-fixes).
- NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes).
- NFS: nfs_invalidate_folio() must observe the offset and size arguments (git-fixes).
- NFSD: Define a proc_layoutcommit for the FlexFiles layout type (git-fixes).
- NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul() (git-fixes).
- NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git-fixes).
- NFSv4.1: fix backchannel max_resp_sz verification check (git-fixes).
- NFSv4.2: another fix for listxattr (git-fixes).
- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
- NFSv4: Clear NFS_CAP_OPEN_XOR and NFS_CAP_DELEGTIME if not supported (git-fixes).
- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).
- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).
- NFSv4: Do not clear capabilities that won't be reset (git-fixes).
- Octeontx2-af: Skip overlap check for SPI field (git-fixes).
- PCI/ACPI: Fix pci_acpi_preserve_config() memory leak (git-fixes).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/AER: Fix missing uevent on recovery when a reset is requested (git-fixes).
- PCI/ERR: Fix uevent on failure to recover (git-fixes).
- PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (git-fixes).
- PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI/pwrctrl: Fix device leak at registration (git-fixes).
- PCI/sysfs: Ensure devices are powered for config reads (git-fixes).
- PCI: Extend isolated function probing to LoongArch (git-fixes).
- PCI: Rename PCIE_RESET_CONFIG_DEVICE_WAIT_MS to PCIE_RESET_CONFIG_WAIT_MS (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: dw-rockchip: Replace PERST# sleep time with proper macro (git-fixes).
- PCI: dw-rockchip: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ (git-fixes).
- PCI: dwc: Ensure that dw_pcie_wait_for_link() waits 100 ms after link up (stable-fixes).
- PCI: endpoint: Fix configfs group list head handling (git-fixes).
- PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes).
- PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes).
- PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes).
- PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Add IMX8MQ_EP third 64-bit BAR in epc_features (git-fixes).
- PCI: imx6: Add i.MX8Q PCIe Endpoint (EP) support (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: j721e: Fix incorrect error message in probe() (git-fixes).
- PCI: j721e: Fix programming sequence of "strap" settings (git-fixes).
- PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: qcom: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ (git-fixes).
- PCI: rcar-gen4: Add missing 1ms delay after PWR reset assertion (git-fixes).
- PCI: rcar-gen4: Assure reset occurs before DBI access (git-fixes).
- PCI: rcar-gen4: Fix PHY initialization (git-fixes).
- PCI: rcar-gen4: Fix inverted break condition in PHY initialization (git-fixes).
- PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock (git-fixes).
- PCI: rcar-host: Drop PMSR spinlock (git-fixes).
- PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() (git-fixes).
- PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes).
- PCI: tegra194: Handle errors in BPMP response (git-fixes).
- PCI: tegra194: Reset BARs when running in PCIe endpoint mode (git-fixes).
- PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock (git-fixes).
- PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation (git-fixes).
- PCI: xilinx-nwl: Fix ECAM programming (git-fixes).
- PM / devfreq: Check governor before using governor->name (git-fixes).
- PM / devfreq: Fix a index typo in trans_stat (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).
- PM / devfreq: rockchip-dfi: double count on RK3588 (git-fixes).
- PM: EM: use kfree_rcu() to simplify the code (stable-fixes).
- PM: cpufreq: powernv/tracing: Move powernv_throttle trace event (git-fixes).
- PM: hibernate: Add pm_hibernation_mode_is_suspend() (bsc#1243112).
- PM: hibernate: Add stub for pm_hibernate_is_recovering() (bsc#1243112).
- PM: hibernate: Fix pm_hibernation_mode_is_suspend() build breakage (bsc#1243112).
- PM: hibernate: add new api pm_hibernate_is_recovering() (bsc#1243112).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: runtime: Take active children into account in pm_runtime_get_if_in_use() (git-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix size of uverbs_copy_to() in BNXT_RE_METHOD_GET_TOGGLE_MEM (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes)
- RDMA/core: Rate limit GID cache warning messages (git-fixes)
- RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Drop GFP_NOWARN (git-fixes)
- RDMA/hns: Fix -Wframe-larger-than issue (git-fixes)
- RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes)
- RDMA/hns: Fix accessing uninitialized resources (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA/hns: Fix double destruction of rsv_qp (git-fixes)
- RDMA/hns: Fix querying wrong SCC context for DIP algorithm (git-fixes)
- RDMA/hns: Get message length of ack_req from FW (git-fixes)
- RDMA/mana_ib: Add device statistics support (bsc#1246651).
- RDMA/mana_ib: Drain send wrs of GSI QP (bsc#1251135).
- RDMA/mana_ib: Extend modify QP (bsc#1251135).
- RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes).
- RDMA/mana_ib: add additional port counters (git-fixes).
- RDMA/mana_ib: add support of multiple ports (git-fixes).
- RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- RDMA/mlx5: Fix UMR modifying of mkey page size (git-fixes)
- RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes)
- RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes)
- RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes)
- RDMA/rxe: Fix race in do_task() when draining (git-fixes)
- RDMA/rxe: Flush delayed SKBs while releasing RXE resources (git-fixes)
- RDMA/siw: Always report immediate post SQ errors (git-fixes)
- RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes)
- RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- README.BRANCH: mfranc@suse.cz leaving SUSE
- RISC-V: Add defines for the SBI nested acceleration extension (jsc#PED-348).
- Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes).
- Reapply "x86/smp: Eliminate mwait_play_dead_cpuid_hint()" (jsc#PED-13815).
- Revert "SUNRPC: Do not allow waiting for exiting tasks" (git-fixes).
- Revert "drm/amdgpu: fix incorrect vm flags to map bo" (stable-fixes).
- Revert "drm/nouveau: check ioctl command codes better" (git-fixes).
- Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes).
- Revert "leds: trigger: netdev: Configure LED blink interval for HW offload" (git-fixes).
- Revert "mac80211: Dynamically set CoDel parameters per station" (stable-fixes).
- Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running" (git-fixes).
- Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes).
- Revert "wifi: mt76: mt7925: Update mt7925_mcu_uni_[tx,rx]_ba for MLO" (git-fixes).
- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
- Squashfs: add additional inode sanity checking (git-fixes).
- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).
- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
- USB: gadget: f_hid: Fix memory leak in hidg_bind error path (git-fixes).
- USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes).
- USB: serial: option: add Foxconn T99W640 (stable-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: serial: option: add SIMCom 8230C compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- Update config files. (bsc#1249186) Enable where we define KABI refs + rely on Kconfig deps.
- Update config files: revive pwc driver for Leap (bsc#1249060)
- accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc() (git-fixes).
- accel/ivpu: Correct DCT interrupt handling (git-fixes).
- accel/ivpu: Fix reset_engine debugfs file logic (stable-fixes).
- accel/ivpu: Fix warning in ivpu_gem_bo_free() (git-fixes).
- accel/ivpu: Prevent recovery work from being queued during device removal (git-fixes).
- amdgpu/amdgpu_discovery: increase timeout limit for IFWI init (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64/mm: Check pmd_table() in pmd_trans_huge() (git-fixes)
- arm64/mm: Close theoretical race where stale TLB entry remains valid (git-fixes)
- arm64/mm: Drop wrong writes into TCR2_EL1 (git-fixes)
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- arm64/sysreg: Add register fields for HDFGRTR2_EL2 (git-fixes)
- arm64/sysreg: Add register fields for HDFGWTR2_EL2 (git-fixes)
- arm64/sysreg: Add register fields for HFGITR2_EL2 (git-fixes)
- arm64/sysreg: Add register fields for HFGRTR2_EL2 (git-fixes)
- arm64/sysreg: Add register fields for HFGWTR2_EL2 (git-fixes)
- arm64/sysreg: Update register fields for ID_AA64MMFR0_EL1 (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Handle KCOV __init vs inline mismatches (git-fixes)
- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: config: Make tpm_tis_spi module build-in (bsc#1246896)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: add big-endian property back into watchdog node (git-fixes)
- arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes)
- arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: exynos: gs101: Add 'local-timer-stop' to cpuidle nodes (git-fixes)
- arm64: dts: exynos: gs101: ufs: add dma-coherent property (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: freescale: imx93-tqma9352: Limit BUCK2 to 600mV (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-beacon: Set SAI5 MCLK direction to output for HDMI (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-beacon: Set SAI5 MCLK direction to output for HDMI (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
- arm64: dts: imx8mp-venice-gw702x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-venice-gw71xx: fix TPM SPI frequency (git-fixes)
- arm64: dts: imx8mp-venice-gw72xx: fix TPM SPI frequency (git-fixes)
- arm64: dts: imx8mp-venice-gw73xx: fix TPM SPI frequency (git-fixes)
- arm64: dts: imx8mp-venice-gw74xx: fix TPM SPI frequency (git-fixes)
- arm64: dts: imx8mp: Correct thermal sensor index (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
- arm64: dts: imx93-kontron: Fix GPIO for panel regulator (git-fixes)
- arm64: dts: imx93-kontron: Fix USB port assignment (git-fixes)
- arm64: dts: imx95: Correct the DMA interrupter number of pcie0_ep (git-fixes)
- arm64: dts: imx95: Correct the lpuart7 and lpuart8 srcid (git-fixes)
- arm64: dts: marvell: cn9132-clearfog: disable eMMC high-speed modes (git-fixes)
- arm64: dts: marvell: cn9132-clearfog: fix multi-lane pci x2 and x4 (git-fixes)
- arm64: dts: rockchip: Add cd-gpios for sdcard detect on Cool Pi 4B (git-fixes).
- arm64: dts: rockchip: Add cd-gpios for sdcard detect on Cool Pi CM5 (git-fixes)
- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
- arm64: dts: rockchip: Add vcc-supply to SPI flash on rk3566-rock3c (git-fixes)
- arm64: dts: rockchip: Fix Bluetooth interrupts flag on Neardi LBA3368 (git-fixes)
- arm64: dts: rockchip: Fix the headphone detection on the orangepi 5 (git-fixes)
- arm64: dts: rockchip: Move SHMEM memory to reserved memory on rk3588 (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma (git-fixes)
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
- arm64: dts: st: fix timer used for ticks (git-fixes)
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- arm64: map [_text, _stext) virtual address range (git-fixes)
- arm64: mte: Do not flag the zero page as PG_mte_tagged (git-fixes)
- arm64: poe: Handle spurious Overlay faults (git-fixes)
- arm64: rust: clean Rust 1.85.0 warning using softfloat target (git-fixes)
- arm64: stacktrace: Check kretprobe_find_ret_addr() return value (git-fixes)
- arm64: tegra: Add uartd serial alias for Jetson TX1 module (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: Resize aperture for the IGX PCIe C5 slot (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: ahci: Disable DIPM if host lacks support (stable-fixes).
- ata: ahci: Disallow LPM policy control if not supported (stable-fixes).
- ata: libata-sata: Add link_power_management_supported sysfs attribute (git-fixes).
- ata: libata-sata: Disallow changing LPM state if not supported (stable-fixes).
- ata: libata-scsi: Fix CDL control (git-fixes).
- audit,module: restore audit logging in load failure case (git-fixes).
- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
- batman-adv: fix OOB read/write in network-coding decode (git-fixes).
- benet: fix BUG when creating VFs (git-fixes).
- block: Introduce bio_needs_zone_write_plugging() (git-fixes).
- block: Make REQ_OP_ZONE_FINISH a write operation (git-fixes, bsc#1249552).
- block: ensure discard_granularity is zero when discard is not supported (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- block: sanitize chunk_sectors for atomic write limits (git-fixes).
- bnxt_en: Add a helper function to configure MRU and RSS (git-fixes).
- bnxt_en: Adjust TX rings if reservation is less than requested (git-fixes).
- bnxt_en: Fix DCB ETS validation (git-fixes).
- bnxt_en: Fix memory corruption when FW resources change during ifdown (git-fixes).
- bnxt_en: Fix stats context reservation logic (git-fixes).
- bnxt_en: Flush FW trace before copying to the coredump (git-fixes).
- bnxt_en: Update MRU and RSS table of RSS contexts on queue reset (git-fixes).
- bnxt_en: eliminate the compile warning in bnxt_request_irq due to CONFIG_RFS_ACCEL (git-fixes).
- bpf, arm64: Call bpf_jit_binary_pack_finalize() in bpf_jit_free() (git-fixes)
- bpf, arm64: Fix fp initialization for exception boundary (git-fixes)
- bpf, docs: Fix broken link to renamed bpf_iter_task_vmas.c (git-fixes).
- bpf, sockmap: Fix psock incorrectly pointing to sk (git-fixes).
- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
- bpf: Allow XDP dev-bound programs to perform XDP_REDIRECT into maps (git-fixes).
- bpf: Avoid RCU context warning when unpinning htab with internal structs (git-fixes).
- bpf: Check link_create.flags parameter for multi_kprobe (git-fixes).
- bpf: Check link_create.flags parameter for multi_uprobe (git-fixes).
- bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} (git-fixes).
- bpf: Fix uninitialized values in BPF_{CORE,PROBE}_READ (git-fixes).
- bpf: Forget ranges when refining tnum after JSET (git-fixes).
- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
- bpf: Only fails the busy counter check in bpf_cgrp_storage_get if it creates storage (git-fixes).
- bpf: Reject %p% format string in bprintf-like helpers (git-fixes).
- bpf: Reject attaching fexit/fmod_ret to __noreturn functions (git-fixes).
- bpf: Reject narrower access to pointer ctx fields (git-fixes).
- bpf: Return prog btf_id without capable check (git-fixes).
- bpf: Use preempt_count() directly in bpf_send_signal_common() (git-fixes).
- bpf: Use proper type to calculate bpf_raw_tp_null_args.mask index (git-fixes).
- bpf: fix possible endless loop in BPF map iteration (git-fixes).
- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).
- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).
- btrfs: add assertions and comment about path expectations to btrfs_cross_ref_exist() (git-fixes).
- btrfs: add debug build only WARN (bsc#1249038).
- btrfs: add function comment for check_committed_ref() (git-fixes).
- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).
- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).
- btrfs: avoid redundant call to get inline ref type at check_committed_ref() (git-fixes).
- btrfs: avoid starting new transaction when cleaning qgroup during subvolume drop (git-fixes).
- btrfs: clear dirty status from extent buffer on error at insert_new_root() (git-fixes).
- btrfs: codify pattern for adding block_group to bg_list (git-fixes).
- btrfs: convert ASSERT(0) with handled errors to DEBUG_WARN() (bsc#1249038).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
- btrfs: do not ignore inode missing when replaying log tree (git-fixes).
- btrfs: do not output error message if a qgroup has been already cleaned up (git-fixes).
- btrfs: do not return VM_FAULT_SIGBUS on failure to set delalloc for mmap write (bsc#1247949).
- btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes).
- btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes).
- btrfs: enhance ASSERT() to take optional format string (bsc#1249038).
- btrfs: error on missing block group when unaccounting log tree extent buffers (git-fixes).
- btrfs: exit after state split error at set_extent_bit() (git-fixes).
- btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068)
- btrfs: fix -ENOSPC mmap write failure on NOCOW files/extents (bsc#1247949).
- btrfs: fix assertion when building free space tree (git-fixes).
- btrfs: fix corruption reading compressed range when block size is smaller than page size (git-fixes).
- btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix incorrect log message for nobarrier mount option (git-fixes).
- btrfs: fix inode lookup error handling during log replay (git-fixes).
- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
- btrfs: fix invalid inode pointer after failure to create reloc inode (git-fixes).
- btrfs: fix invalid inode pointer dereferences during log replay (git-fixes).
- btrfs: fix iteration bug in __qgroup_excl_accounting() (git-fixes).
- btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes).
- btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes).
- btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes).
- btrfs: fix printing of mount info messages for NODATACOW/NODATASUM (git-fixes).
- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).
- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).
- btrfs: fix squota compressed stats leak (git-fixes).
- btrfs: fix ssd_spread overallocation (git-fixes).
- btrfs: fix subvolume deletion lockup caused by inodes xarray race (git-fixes).
- btrfs: fix the inode leak in btrfs_iget() (git-fixes).
- btrfs: fix two misuses of folio_shift() (git-fixes).
- btrfs: fix wrong length parameter for btrfs_cleanup_ordered_extents() (git-fixes).
- btrfs: handle unaligned EOF truncation correctly for subpage cases (bsc#1249038).
- btrfs: initialize inode::file_extent_tree after i_mode has been set (git-fixes).
- btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068)
- btrfs: make btrfs_iget() return a btrfs inode instead (git-fixes).
- btrfs: make btrfs_iget_path() return a btrfs inode instead (git-fixes).
- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).
- btrfs: pass a btrfs_inode to fixup_inode_link_count() (git-fixes).
- btrfs: pass struct btrfs_inode to btrfs_defrag_file() (git-fixes).
- btrfs: pass struct btrfs_inode to btrfs_double_mmap_lock() (git-fixes).
- btrfs: pass struct btrfs_inode to btrfs_double_mmap_unlock() (git-fixes).
- btrfs: pass struct btrfs_inode to btrfs_extent_same_range() (git-fixes).
- btrfs: pass struct btrfs_inode to btrfs_fill_inode() (git-fixes).
- btrfs: pass struct btrfs_inode to btrfs_iget_locked() (git-fixes).
- btrfs: pass struct btrfs_inode to btrfs_inode_inherit_props() (git-fixes).
- btrfs: pass struct btrfs_inode to btrfs_inode_type() (git-fixes).
- btrfs: pass struct btrfs_inode to btrfs_load_inode_props() (git-fixes).
- btrfs: pass struct btrfs_inode to btrfs_read_locked_inode() (git-fixes).
- btrfs: pass struct btrfs_inode to can_nocow_extent() (git-fixes).
- btrfs: pass struct btrfs_inode to clone_copy_inline_extent() (git-fixes).
- btrfs: pass struct btrfs_inode to extent_range_clear_dirty_for_io() (git-fixes).
- btrfs: pass struct btrfs_inode to fill_stack_inode_item() (git-fixes).
- btrfs: pass struct btrfs_inode to new_simple_dir() (git-fixes).
- btrfs: pass true to btrfs_delalloc_release_space() at btrfs_page_mkwrite() (bsc#1247949).
- btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes).
- btrfs: props: switch prop_handler::apply to struct btrfs_inode (git-fixes).
- btrfs: props: switch prop_handler::extract to struct btrfs_inode (git-fixes).
- btrfs: push cleanup into btrfs_read_locked_inode() (git-fixes).
- btrfs: qgroup: fix qgroup create ioctl returning success after quotas disabled (git-fixes).
- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).
- btrfs: qgroup: remove no longer used fs_info->qgroup_ulist (git-fixes).
- btrfs: qgroup: set quota enabled bit if quota disable fails flushing reservations (git-fixes).
- btrfs: record new subvolume in parent dir earlier to avoid dir logging races (git-fixes).
- btrfs: remove conditional path allocation in btrfs_read_locked_inode() (git-fixes).
- btrfs: remove no longer needed strict argument from can_nocow_extent() (git-fixes).
- btrfs: remove redundant path release when replaying a log tree (git-fixes).
- btrfs: remove the snapshot check from check_committed_ref() (git-fixes).
- btrfs: restore mount option info messages during mount (git-fixes).
- btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes).
- btrfs: return a btrfs_inode from read_one_inode() (git-fixes).
- btrfs: return any hit error from extent_writepage_io() (git-fixes).
- btrfs: send: remove unnecessary inode lookup at send_encoded_inline_extent() (git-fixes).
- btrfs: simplify arguments for btrfs_cross_ref_exist() (git-fixes).
- btrfs: simplify early error checking in btrfs_page_mkwrite() (bsc#1247949).
- btrfs: simplify error detection flow during log replay (git-fixes).
- btrfs: simplify return logic at check_committed_ref() (git-fixes).
- btrfs: subpage: fix the bitmap dump of the locked flags (git-fixes).
- btrfs: tests: fix chunk map leak after failure to add it to the tree (git-fixes).
- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
- btrfs: unfold transaction aborts when replaying log trees (git-fixes).
- btrfs: unify ordering of btrfs_key initializations (git-fixes).
- btrfs: update superblock's device bytes_used when dropping chunk (git-fixes).
- btrfs: use a single variable to track return value at btrfs_page_mkwrite() (bsc#1247949).
- btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes).
- btrfs: use filemap_get_folio() helper (git-fixes).
- btrfs: use struct btrfs_inode inside btrfs_get_name() (git-fixes).
- btrfs: use struct btrfs_inode inside btrfs_get_parent() (git-fixes).
- btrfs: use struct btrfs_inode inside btrfs_remap_file_range() (git-fixes).
- btrfs: use struct btrfs_inode inside btrfs_remap_file_range_prep() (git-fixes).
- btrfs: use struct btrfs_inode inside create_pending_snapshot() (git-fixes).
- btrfs: use verbose ASSERT() in volumes.c (bsc#1249038).
- build_bug.h: Add KABI assert (bsc#1249186).
- bus: firewall: Fix missing static inline annotations for stubs (git-fixes).
- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).
- bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes).
- bus: mhi: ep: Fix chained transfer handling in read path (git-fixes).
- bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes).
- bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() (git-fixes).
- bus: mhi: host: pci_generic: Fix the modem name of Foxconn T99W640 (git-fixes).
- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled (stable-fixes).
- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).
- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).
- can: kvaser_pciefd: Store device channel index (git-fixes).
- can: kvaser_usb: Assign netdev.dev_port based on device channel index (git-fixes).
- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes).
- can: peak_usb: fix USB FD devices potential malfunction (git-fixes).
- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).
- can: rcar_canfd: Fix controller mode setting (stable-fixes).
- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).
- cdc-acm: fix race between initial clearing halt and open (git-fixes).
- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- cgroup/cpuset: Fix a partition error with CPU hotplug (bsc#1241166).
- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).
- cgroup: Add compatibility option for content of /proc/cgroups (jsc#PED-12405).
- cgroup: Print message when /proc/cgroups is read on v2-only system (jsc#PED-12405).
- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
- cgroup: make css_rstat_updated nmi safe (bsc#1247963).
- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- clk: at91: peripheral: fix return value (git-fixes).
- clk: at91: sam9x7: update pll clk ranges (git-fixes).
- clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes).
- clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes).
- clk: imx95-blk-ctl: Fix synchronous abort (git-fixes).
- clk: mediatek: clk-mux: Do not pass flags to clk_mux_determine_rate_flags() (git-fixes).
- clk: mediatek: mt8195-infra_ao: Fix parent for infra_ao_hdmi_26m (git-fixes).
- clk: qcom: common: Fix NULL vs IS_ERR() check in qcom_cc_icc_register() (git-fixes).
- clk: qcom: gcc-ipq8074: fix broken freq table for nss_port6_tx_clk_src (git-fixes).
- clk: qcom: tcsrcc-x1e80100: Set the bi_tcxo as parent to eDP refclk (git-fixes).
- clk: renesas: cpg-mssr: Fix memory leak in cpg_mssr_reserved_init() (git-fixes).
- clk: renesas: rzv2h: Fix missing CLK_SET_RATE_PARENT flag for ddiv clocks (git-fixes).
- clk: samsung: exynos850: fix a comment (git-fixes).
- clk: samsung: gs101: fix CLK_DOUT_CMU_G3D_BUSD (git-fixes).
- clk: samsung: gs101: fix alternate mout_hsi0_usb20_ref parent clock (git-fixes).
- clk: sunxi-ng: v3s: Fix de clock definition (git-fixes).
- clk: tegra: do not overallocate memory for bpmp clocks (git-fixes).
- clk: thead: th1520-ap: Correctly refer the parent of osc_12m (git-fixes).
- clk: xilinx: vcu: unregister pll_post only if registered correctly (git-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).
- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
- config.sh: SLFO 1.2 branched in IBS
- config: arm64: default: enable mtu3 dual-role support for MediaTek platforms (bsc#1245206)
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- cpu: Define attack vectors (git-fixes).
- cpufreq/amd-pstate: Fix a regression leading to EPP 0 after resume (git-fixes).
- cpufreq/amd-pstate: Fix setting of CPPC.min_perf in active mode for performance governor (git-fixes).
- cpufreq/sched: Explicitly synchronize limits_changed flag (git-fixes)
- cpufreq/sched: Fix the usage of CPUFREQ_NEED_UPDATE_LIMITS (git-fixes)
- cpufreq: Add SM8650 to cpufreq-dt-platdev blocklist (stable-fixes).
- cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay (stable-fixes).
- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).
- cpufreq: Exit governor when failed to start old governor (stable-fixes).
- cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).
- cpufreq: Make drivers using CPUFREQ_ETERNAL specify transition latency (stable-fixes git-fixes).
- cpufreq: Reference count policy in cpufreq_update_limits() (git-fixes).
- cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() (stable-fixes).
- cpufreq: armada-8k: make both cpu masks static (git-fixes).
- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
- cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes).
- cpufreq: intel_pstate: Add Granite Rapids support in no-HWP mode (stable-fixes).
- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).
- cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (git-fixes).
- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
- cpufreq: mediatek: fix device leak on probe failure (git-fixes).
- cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus() (git-fixes).
- cpufreq: scmi: Skip SCMI devices that are not used by the CPUs (stable-fixes).
- cpufreq: scpi: compare kHz instead of Hz (git-fixes).
- cpufreq: sun50i: prevent out-of-bounds access (git-fixes).
- cpufreq: tegra186: Set target frequency for all cpus in policy (git-fixes).
- cpufreq: tegra186: Share policy per cluster (stable-fixes).
- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).
- crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes).
- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
- crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP (git-fixes).
- crypto: ccp - Add missing bootloader info reg for pspv6 (stable-fixes).
- crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes).
- crypto: ccp - Fix locking on alloc failure handling (git-fixes).
- crypto: essiv - Check ssize for decryption and in-place encryption (git-fixes).
- crypto: hisilicon - re-enable address prefetch after device resuming (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).
- crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes).
- crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations (git-fixes).
- crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).
- crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes).
- crypto: octeontx2 - Call strscpy() with correct size argument (git-fixes).
- crypto: octeontx2 - Fix address alignment issue on ucode loading (stable-fixes).
- crypto: octeontx2 - Fix address alignment on CN10K A0/A1 and OcteonTX2 (stable-fixes).
- crypto: octeontx2 - Fix address alignment on CN10KB and CN10KA-B0 (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes).
- crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes).
- crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes).
- crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes).
- crypto: qat - fix state restore for banks with exceptions (git-fixes).
- crypto: qat - flush misc workqueue during device shutdown (git-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- crypto: qat - use unmanaged allocation for dc_data (git-fixes).
- crypto: rng - Ensure set_ent is always present (git-fixes).
- crypto: rockchip - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes).
- devlink: Add support for u64 parameters (jsc#PED-13331).
- devlink: avoid param type value translations (jsc#PED-13331).
- devlink: define enum for attr types of dynamic attributes (jsc#PED-13331).
- devlink: introduce devlink_nl_put_u64() (jsc#PED-13331).
- devlink: let driver opt out of automatic phys_port_name generation (git-fixes).
- dm-mpath: do not print the "loaded" message if registering fails (git-fixes).
- dm-stripe: limit chunk_sectors to the stripe size (git-fixes).
- dm-table: fix checking for rq stackable devices (git-fixes).
- dm: Check for forbidden splitting of zone write operations (git-fixes).
- dm: split write BIOs on zone boundaries when zone append is not emulated (git-fixes).
- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).
- dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation (git-fixes).
- dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes).
- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).
- dmaengine: fsl-dpaa2-qdma: Drop unused mc_enc() (git-fixes).
- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).
- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
- dmaengine: idxd: Remove improper idxd_free (git-fixes).
- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mmp: Fix again Wvoid-pointer-to-enum-cast warning (git-fixes).
- dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git-fixes).
- dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes).
- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).
- dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes).
- dmaengine: stm32-dma: configure next sg only if there are more than 2 sgs (stable-fixes).
- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).
- docs: admin-guide: update to current minimum pipe size default (git-fixes).
- dpll: Add basic Microchip ZL3073x support (jsc#PED-13331).
- dpll: Make ZL3073X invisible (jsc#PED-13331).
- dpll: zl3073x: Add support to get/set frequency on pins (jsc#PED-13331).
- dpll: zl3073x: Add support to get/set priority on input pins (jsc#PED-13331).
- dpll: zl3073x: Fetch invariants during probe (jsc#PED-13331).
- dpll: zl3073x: Fix build failure (jsc#PED-13331).
- dpll: zl3073x: Implement input pin selection in manual mode (jsc#PED-13331).
- dpll: zl3073x: Implement input pin state setting in automatic mode (jsc#PED-13331).
- dpll: zl3073x: Read DPLL types and pin properties from system firmware (jsc#PED-13331).
- dpll: zl3073x: Register DPLL devices and pins (jsc#PED-13331).
- dpll: zl3073x: ZL3073X_I2C and ZL3073X_SPI should depend on NET (jsc#PED-13331).
- driver core/PM: Set power.no_callbacks along with power.no_pm (stable-fixes).
- drivers/base/node: fix double free in register_one_node() (git-fixes).
- drivers/base/node: handle error properly in register_one_node() (git-fixes).
- drivers: base: handle module_kobject creation (git-fixes).
- drm/amd : Update MES API header file for v11 & v12 (stable-fixes).
- drm/amd/amdgpu: Declare isp firmware binary file (stable-fixes).
- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
- drm/amd/amdgpu: Implement MES suspend/resume gang functionality for v12 (bsc#1243112).
- drm/amd/amdgpu: disable hwmon power1_cap* for gfx 11.0.3 on vf mode (stable-fixes).
- drm/amd/display: Add NULL check for stream before dereference in 'dm_vupdate_high_irq' (bsc#1243112).
- drm/amd/display: Add missing DCE6 SCL_HORZ_FILTER_INIT* SRIs (git-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Allow DCN301 to clear update flags (git-fixes).
- drm/amd/display: Allow RX6xxx & RX7700 to invoke amdgpu_irq_get/put (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Clear the CUR_ENABLE register on DCN314 w/out DPP PG (stable-fixes).
- drm/amd/display: Default IPS to RCG_IN_ACTIVE_IPS2_IN_OFF (git-fixes).
- drm/amd/display: Disable CRTC degamma LUT for DCN401 (stable-fixes).
- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
- drm/amd/display: Disable dsc_power_gate for dcn314 by default (stable-fixes).
- drm/amd/display: Disable scaling on DCE6 for now (git-fixes).
- drm/amd/display: Do not check for NULL divisor in fixpt code (git-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes).
- drm/amd/display: Do not print errors for nonexistent connectors (git-fixes).
- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
- drm/amd/display: Enable Dynamic DTBCLK Switch (bsc#1243112).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix Xorg desktop unresponsive on Replay panel (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Fix mismatch type comparison (stable-fixes).
- drm/amd/display: Fix vupdate_offload_work doc (bsc#1243112).
- drm/amd/display: Free memory allocation (stable-fixes).
- drm/amd/display: Init DCN35 clocks from pre-os HW values (git-fixes).
- drm/amd/display: Initialize mode_select to 0 (stable-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Properly clear SCL_*_FILTER_CONTROL on DCE6 (git-fixes).
- drm/amd/display: Properly disable scaling on DCE6 (git-fixes).
- drm/amd/display: Remove redundant semicolons (git-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd/display: Update DMCUB loading sequence for DCN3.5 (stable-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).
- drm/amd/display: fix a Null pointer dereference vulnerability (stable-fixes).
- drm/amd/display: fix dmub access race condition (bsc#1243112).
- drm/amd/display: fix initial backlight brightness calculation (git-fixes).
- drm/amd/display: limit clear_update_flags to dcn32 and above (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (bsc#1243112).
- drm/amd/display: remove output_tf_change flag (git-fixes).
- drm/amd/display: use udelay rather than fsleep (git-fixes).
- drm/amd/include : MES v11 and v12 API header update (stable-fixes).
- drm/amd/include : Update MES v12 API for fence update (stable-fixes).
- drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git-fixes).
- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).
- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).
- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).
- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).
- drm/amd/pm: fix null pointer access (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Avoid evicting resources at S5 (bsc#1243112).
- drm/amd: Check whether secure display TA loaded successfully (bsc#1243112).
- drm/amd: Fix hybrid sleep (bsc#1243112).
- drm/amd: Only restore cached manual clock settings in restore if OD enabled (bsc#1243112).
- drm/amd: Restore cached manual clock settings during resume (bsc#1243112).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu/discovery: fix fw based ip discovery (git-fixes).
- drm/amdgpu/discovery: optionally use fw based ip discovery (stable-fixes).
- drm/amdgpu/gfx10: fix KGQ reset sequence (git-fixes).
- drm/amdgpu/gfx10: fix kiq locking in KCQ reset (git-fixes).
- drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset (git-fixes).
- drm/amdgpu/gfx9: fix kiq locking in KCQ reset (git-fixes).
- drm/amdgpu/mes11: implement detect and reset callback (bsc#1243112).
- drm/amdgpu/mes12: implement detect and reset callback (bsc#1243112).
- drm/amdgpu/mes: add front end for detect and reset hung queue (bsc#1243112).
- drm/amdgpu/mes: add missing locking in helper functions (stable-fixes).
- drm/amdgpu/mes: enable compute pipes across all MEC (git-fixes).
- drm/amdgpu/mes: optimize compute loop handling (stable-fixes).
- drm/amdgpu/swm14: Update power limit logic (stable-fixes).
- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).
- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).
- drm/amdgpu/vcn: fix ref counting for ring based profile handling (git-fixes).
- drm/amdgpu/vpe: cancel delayed work in hw_fini (bsc#1243112).
- drm/amdgpu: Add additional DCE6 SCL registers (git-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: Avoid rma causes GPU duplicate reset (bsc#1243112).
- drm/amdgpu: Enable MES lr_compute_wa by default (stable-fixes).
- drm/amdgpu: Fix allocating extra dwords for rings (v2) (git-fixes).
- drm/amdgpu: Fix for GPU reset being blocked by KIQ I/O (bsc#1243112).
- drm/amdgpu: Increase reset counter only on success (stable-fixes).
- drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram() (git-fixes).
- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
- drm/amdgpu: Remove nbiov7.9 replay count reporting (git-fixes).
- drm/amdgpu: Report individual reset error (bsc#1243112).
- drm/amdgpu: Reset the clear flag in buddy during resume (git-fixes).
- drm/amdgpu: Update external revid for GC v9.5.0 (stable-fixes).
- drm/amdgpu: VCN v5_0_1 to prevent FW checking RB during DPG pause (stable-fixes).
- drm/amdgpu: add kicker fws loading for gfx11/smu13/psp13 (stable-fixes).
- drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities (stable-fixes).
- drm/amdgpu: do not resume device in thaw for normal hibernation (bsc#1243112).
- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix link error for !PM_SLEEP (bsc#1243112).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: fix vram reservation issue (git-fixes).
- drm/amdgpu: remove the redeclaration of variable i (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdgpu: update mmhub 4.1.0 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).
- drm/amdkfd: Fix mmap write lock not release (bsc#1243112).
- drm/ast: Use msleep instead of mdelay for edid read (git-fixes).
- drm/bridge: fix OF node leak (git-fixes).
- drm/bridge: it6505: select REGMAP_I2C (git-fixes).
- drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes).
- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
- drm/cirrus-qemu: Fix pitch programming (git-fixes).
- drm/connector: hdmi: Evaluate limited range after computing format (git-fixes).
- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).
- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).
- drm/edid: Define the quirks in an enum list (bsc#1248121).
- drm/format-helper: Add conversion from XRGB8888 to BGR888 (stable-fixes).
- drm/gem: Internally test import_attach for imported objects (git-fixes).
- drm/gem: Test for imported GEM buffers with helper (stable-fixes).
- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed (git-fixes).
- drm/hisilicon/hibmc: refactored struct hibmc_drm_private (stable-fixes).
- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).
- drm/i915/ddi: change intel_ddi_init_{dp, hdmi}_connector() return type (stable-fixes).
- drm/i915/ddi: gracefully handle errors from intel_ddi_init_hdmi_connector() (stable-fixes).
- drm/i915/ddi: only call shutdown hooks for valid encoders (stable-fixes).
- drm/i915/display: Fix dma_fence_wait_timeout() return value handling (git-fixes).
- drm/i915/display: add intel_encoder_is_hdmi() (stable-fixes).
- drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x (git-fixes).
- drm/i915/dp_mst: Work around Thunderbolt sink disconnect after SINK_COUNT_ESI read (stable-fixes).
- drm/i915/hdmi: add error handling in g4x_hdmi_init() (stable-fixes).
- drm/i915/hdmi: propagate errors from intel_hdmi_init_connector() (stable-fixes).
- drm/i915/icl+/tc: Cache the max lane count value (stable-fixes).
- drm/i915/icl+/tc: Convert AUX powered WARN to a debug message (stable-fixes).
- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).
- drm/imagination: Clear runtime PM errors while resetting the GPU (stable-fixes).
- drm/mediatek: Add error handling for old state CRTC in atomic_disable (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/mediatek: fix potential OF node use-after-free (git-fixes).
- drm/msm/dp: account for widebus and yuv420 during mode validation (git-fixes).
- drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes).
- drm/msm/dpu: fix incorrect type for ret (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Add error handling for krealloc in metadata setup (stable-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: update the high bitfield of certain DSI registers (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/gsp: fix potential leak of memory used during acpi init (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix bad ret code in nouveau_bo_move_prep (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).
- drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes).
- drm/panthor: Add missing explicit padding in drm_panthor_gpu_info (git-fixes).
- drm/panthor: Defer scheduler entitiy destruction to queue release (git-fixes).
- drm/panthor: Fix memory leak in panthor_ioctl_group_create() (git-fixes).
- drm/panthor: validate group queue count (git-fixes).
- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).
- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
- drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes).
- drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes).
- drm/simpledrm: Do not upcast in release helpers (git-fixes).
- drm/tests: Fix endian warning (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes).
- drm/vmwgfx: Fix Use-after-free in validation (git-fixes).
- drm/vmwgfx: Fix a null-ptr access in the cursor snooper (git-fixes).
- drm/vmwgfx: Fix copy-paste typo in validation (git-fixes).
- drm/xe/bmg: Add new PCI IDs (stable-fixes).
- drm/xe/bmg: Add one additional PCI ID (stable-fixes).
- drm/xe/bmg: Update Wa_22019338487 (git-fixes).
- drm/xe/gsc: do not flush the GSC worker from the reset path (git-fixes).
- drm/xe/hw_engine_group: Fix double write lock release in error path (git-fixes).
- drm/xe/mocs: Initialize MOCS index early (stable-fixes).
- drm/xe/pf: Move VFs reprovisioning to worker (stable-fixes).
- drm/xe/pf: Prepare to stop SR-IOV support prior GT reset (git-fixes).
- drm/xe/pf: Sanitize VF scratch registers on FLR (stable-fixes).
- drm/xe/tile: Release kobject for the failure path (git-fixes).
- drm/xe/uapi: Correct sync type definition in comments (git-fixes).
- drm/xe/uapi: loosen used tracking restriction (git-fixes).
- drm/xe/vf: Disable CSC support on VF (git-fixes).
- drm/xe/vm: Clear the scratch_pt pointer on error (git-fixes).
- drm/xe/xe_query: Use separate iterator while filling GT list (stable-fixes).
- drm/xe/xe_sync: avoid race during ufence signaling (git-fixes).
- drm/xe: Allow dropping kunit dependency as built-in (git-fixes).
- drm/xe: Attempt to bring bos back to VRAM after eviction (git-fixes).
- drm/xe: Carve out wopcm portion from the stolen memory (git-fixes).
- drm/xe: Do not trigger rebind on initial dma-buf validation (git-fixes).
- drm/xe: Ensure fixed_slice_mode gets set after ccs_mode change (git-fixes).
- drm/xe: Fix a NULL vs IS_ERR() in xe_vm_add_compute_exec_queue() (git-fixes).
- drm/xe: Fix build without debugfs (git-fixes).
- drm/xe: Make dma-fences compliant with the safe access rules (stable-fixes).
- drm/xe: Move page fault init after topology init (git-fixes).
- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).
- drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range (stable-fixes).
- dt-bindings: dpll: Add DPLL device and pin (jsc#PED-13331).
- dt-bindings: dpll: Add support for Microchip Azurite chip family (jsc#PED-13331).
- e1000e: disregard NVM checksum on tgp when valid checksum bit is not set (git-fixes).
- e1000e: ignore uninitialized checksum word on tgp (git-fixes).
- efi: stmm: Fix incorrect buffer allocation method (git-fixes).
- erofs: avoid reading more for fragment maps (git-fixes).
- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
- execmem: enforce allocation size aligment to PAGE_SIZE (git-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- exfat: fdatasync flag should be same like generic_write_sync() (git-fixes).
- ext4: fix checks for orphan inodes (bsc#1250119).
- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).
- fbcon: Fix OOB access in font allocation (git-fixes).
- fbcon: Fix outdated registered_fb reference in comment (git-fixes).
- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
- fbdev: Fix logic error in "offb" name match (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes).
- fbdev: simplefb: Fix use after free in simplefb_detach_genpds() (git-fixes).
- fgraph: Fix set_graph_notrace with setting TRACE_GRAPH_NOTRACE_BIT (git-fixes).
- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).
- firewire: ohci: correct code comments about bus_reset tasklet (git-fixes).
- firmware: arm_ffa: Change initcall level of ffa_init() to rootfs_initcall (stable-fixes).
- firmware: arm_scmi: Convert to SYSTEM_SLEEP_PM_OPS (git-fixes).
- firmware: arm_scmi: Fix up turbo frequencies selection (git-fixes).
- firmware: arm_scmi: Mark VirtIO ready before registering scmi_virtio_driver (git-fixes).
- firmware: arm_scmi: power_control: Ensure SCMI_SYSPOWER_IDLE is set early during resume (stable-fixes).
- firmware: firmware: meson-sm: fix compile-test default (git-fixes).
- firmware: meson_sm: fix device leak at probe (git-fixes).
- firmware: tegra: Fix IVC dependency problems (stable-fixes).
- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).
- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
- fs/proc/task_mmu: check p->vec_buf for NULL (git-fixes).
- fs/proc: Use inode_get_dev() for device numbers in procmap_query References: bsc#1246450
- ftrace: Fix function profiler's filtering functionality (git-fixes).
- ftrace: fix incorrect hash size in register_ftrace_direct() (git-fixes).
- gfs2: Call gfs2_queue_verify_delete from gfs2_evict_inode (bsc#1247220).
- gfs2: Clean up delete work processing (bsc#1247220).
- gfs2: Faster gfs2_upgrade_iopen_glock wakeups (bsc#1247220).
- gfs2: Initialize gl_no_formal_ino earlier (bsc#1247220).
- gfs2: Minor delete_work_func cleanup (bsc#1247220).
- gfs2: Only defer deletes when we have an iopen glock (bsc#1247220).
- gfs2: Prevent inode creation race (2) (bsc#1247220).
- gfs2: Prevent inode creation race (bsc#1247220).
- gfs2: Randomize GLF_VERIFY_DELETE work delay (bsc#1247220).
- gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (bsc#1247220).
- gfs2: Rename dinode_demise to evict_behavior (bsc#1247220).
- gfs2: Replace GIF_DEFER_DELETE with GLF_DEFER_DELETE (bsc#1247220).
- gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (bsc#1247220).
- gfs2: Simplify DLM_LKF_QUECVT use (bsc#1247220).
- gfs2: Update to the evict / remote delete documentation (bsc#1247220).
- gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (bsc#1247220).
- gfs2: gfs2_evict_inode clarification (bsc#1247220).
- gfs2: minor evict fix (bsc#1247220).
- gfs2: skip if we cannot defer delete (bsc#1247220).
- gpio: mlxbf2: use platform_get_irq_optional() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: virtio: Fix config space reading (git-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: mark the GPIO controller as sleeping (git-fixes).
- gpiolib: Extend software-node support to support secondary software-nodes (git-fixes).
- gve: Fix stuck TX queue for DQ queue format (git-fixes).
- gve: prevent ethtool ops after shutdown (git-fixes).
- habanalabs: fix UAF in export_dmabuf() (git-fixes).
- hid: fix I2C read buffer overflow in raw_event() for mcp2221 (stable-fixes).
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- hv_netvsc: Link queues to NAPIs (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes).
- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).
- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).
- hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes).
- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i2c: designware: Add disabling clocks when probe fails (git-fixes).
- i2c: designware: Add quirk for Intel Xe (stable-fixes).
- i2c: designware: Fix clock issue when PM is disabled (git-fixes).
- i2c: designware: Use temporary variable for struct device (stable-fixes).
- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).
- i2c: muxes: mule: Fix an error handling path in mule_i2c_mux_probe() (git-fixes).
- i2c: omap: Add support for setting mux (stable-fixes).
- i2c: omap: Fix an error handling path in omap_i2c_probe() (git-fixes).
- i2c: omap: Handle omap_i2c_init() errors in omap_i2c_probe() (git-fixes).
- i2c: omap: fix deprecated of_property_read_bool() use (git-fixes).
- i2c: qup: jump out of the loop in case of timeout (git-fixes).
- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).
- i2c: tegra: Fix reset error handling with ACPI (git-fixes).
- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
- i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes).
- i3c: Fix default I2C adapter timeout value (git-fixes).
- i3c: add missing include to internal header (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- i3c: master: svc: Recycle unused IBI slot (git-fixes).
- i3c: master: svc: Use manual response for IBI events (git-fixes).
- i40e: When removing VF MAC filters, only check PF-set MAC (git-fixes).
- i40e: report VF tx_dropped with tx_errors instead of tx_discards (git-fixes).
- ibmvnic: Fix hardcoded NUM_RX_STATS/NUM_TX_STATS with dynamic sizeof (git-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice/ptp: fix crosstimestamp reporting (git-fixes).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: Replace ice specific DSCP mapping num with a kernel define (jsc#PED-13728 jsc#PED-13762).
- ice: check correct pointer in fwlog debugfs (git-fixes).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: do not leave device non-functional if Tx scheduler config fails (git-fixes).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset (jsc#PED-13728).
- ice: fix incorrect counter for buffer allocation failures (git-fixes).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- ice: use fixed adapter index for E825C embedded devices (git-fixes).
- idpf: add PTP clock configuration (jsc#PED-13728 jsc#PED-13762).
- idpf: add Tx timestamp capabilities negotiation (jsc#PED-13728 jsc#PED-13762).
- idpf: add Tx timestamp flows (jsc#PED-13728 jsc#PED-13762).
- idpf: add cross timestamping (jsc#PED-13728).
- idpf: add flow steering support (jsc#PED-13728).
- idpf: add initial PTP support (jsc#PED-13728 jsc#PED-13762).
- idpf: add mailbox access to read PTP clock time (jsc#PED-13728 jsc#PED-13762).
- idpf: add support for Rx timestamping (jsc#PED-13728 jsc#PED-13762).
- idpf: add support for Tx refillqs in flow scheduling mode (jsc#PED-13728).
- idpf: assign extracted ptype to struct libeth_rqe_info field (jsc#PED-13728 jsc#PED-13762).
- idpf: change the method for mailbox workqueue allocation (jsc#PED-13728 jsc#PED-13762).
- idpf: fix UAF in RDMA core aux dev deinitialization (jsc#PED-13728).
- idpf: implement IDC vport aux driver MTU change handler (jsc#PED-13728 jsc#PED-13762).
- idpf: implement RDMA vport auxiliary dev create, init, and destroy (jsc#PED-13728 jsc#PED-13762).
- idpf: implement core RDMA auxiliary dev create, init, and destroy (jsc#PED-13728 jsc#PED-13762).
- idpf: implement get LAN MMIO memory regions (jsc#PED-13728 jsc#PED-13762).
- idpf: implement remaining IDC RDMA core callbacks and handlers (jsc#PED-13728 jsc#PED-13762).
- idpf: improve when to set RE bit logic (jsc#PED-13728).
- idpf: move virtchnl structures to the header file (jsc#PED-13728 jsc#PED-13762).
- idpf: negotiate PTP capabilities and get PTP clock (jsc#PED-13728 jsc#PED-13762).
- idpf: preserve coalescing settings across resets (jsc#PED-13728).
- idpf: remove obsolete stashing code (jsc#PED-13728).
- idpf: remove unreachable code from setting mailbox (jsc#PED-13728 jsc#PED-13762).
- idpf: replace flow scheduling buffer ring with buffer pool (jsc#PED-13728).
- idpf: set mac type when adding and removing MAC filters (jsc#PED-13728).
- idpf: simplify and fix splitq Tx packet rollback error path (jsc#PED-13728).
- idpf: stop Tx if there are insufficient buffer resources (jsc#PED-13728).
- idpf: use reserved RDMA vectors from control plane (jsc#PED-13728 jsc#PED-13762).
- igb: xsk: solve negative overflow of nb_pkts in zerocopy mode (git-fixes).
- igc: disable L1.2 PCI-E link substate to avoid performance issue (git-fixes).
- igc: fix disabling L1.2 PCI-E link substate on I226 on init (git-fixes).
- iidc/ice/irdma: Break iidc.h into two headers (jsc#PED-13728 jsc#PED-13762).
- iidc/ice/irdma: Rename IDC header file (jsc#PED-13728 jsc#PED-13762).
- iidc/ice/irdma: Rename to iidc_* convention (jsc#PED-13728 jsc#PED-13762).
- iidc/ice/irdma: Update IDC to support multiple consumers (jsc#PED-13728 jsc#PED-13762).
- iio/adc/pac1934: fix channel disable configuration (git-fixes).
- iio: accel: adxl355: Make timestamp 64-bit aligned using aligned_s64 (git-fixes).
- iio: accel: fxls8962af: Fix temperature calculation (git-fixes).
- iio: adc: ad7173: fix setting ODR in probe (git-fixes).
- iio: adc: ad7266: Fix potential timestamp alignment issue (git-fixes).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad7768-1: Fix insufficient alignment of timestamp (git-fixes).
- iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: adc: dln2: Use aligned_s64 for timestamp (git-fixes).
- iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes).
- iio: adc: max1363: Reorder mode_list[] entries (stable-fixes).
- iio: chemical: pms7003: use aligned_s64 for timestamp (git-fixes).
- iio: chemical: sps30: use aligned_s64 for timestamp (git-fixes).
- iio: common: st_sensors: Fix use of uninitialize device structs (stable-fixes).
- iio: consumers: Fix handling of negative channel scale in iio_convert_raw_to_processed() (git-fixes).
- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).
- iio: dac: ad5360: use int type to store negative error codes (git-fixes).
- iio: dac: ad5421: use int type to store negative error codes (git-fixes).
- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).
- iio: frequency: adf4350: Fix prescaler usage (git-fixes).
- iio: hid-sensor-prox: Fix incorrect OFFSET calculation (git-fixes).
- iio: hid-sensor-prox: Restore lost scale assignments (git-fixes).
- iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes).
- iio: imu: inv_icm42600: Convert to uXX and sXX integer types (stable-fixes).
- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).
- iio: imu: inv_icm42600: change invalid data error to -EBUSY (git-fixes).
- iio: imu: inv_icm42600: fix spi burst write not supported (git-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: light: Use aligned_s64 instead of open coding alignment (stable-fixes).
- iio: light: as73211: Ensure buffer holes are zeroed (git-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: pressure: mprls0025pa: use aligned_s64 for timestamp (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read() (git-fixes).
- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- intel_idle: Provide the default enter_dead() handler (jsc#PED-13815).
- intel_idle: Rescan "dead" SMT siblings during initialization (jsc#PED-13815).
- intel_idle: Use subsys_initcall_sync() for initialization (jsc#PED-13815).
- interconnect: qcom: sc8180x: specify num_nodes (git-fixes).
- interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg (git-fixes).
- io_uring/rw: do not mask in f_iocb_flags (jsc#PED-12882 bsc#1237542). Drop blacklisting.
- io_uring: expose read/write attribute capability (jsc#PED-12882 bsc#1237542).
- io_uring: fix potential page leak in io_sqe_buffer_register() (git-fixes).
- iommu/amd: Enable PASID and ATS capabilities in the correct order (git-fixes).
- iommu/amd: Fix alias device DTE setting (git-fixes).
- iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes).
- iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes).
- iommu/arm-smmu-v3: Fix smmu_domain->nr_ats_masters decrement (git-fixes).
- iommu/tegra241-cmdqv: Read SMMU IDR1.CMDQS instead of hardcoding (git-fixes).
- iommu/vt-d: Disallow dirty tracking if incoherent page walk (git-fixes).
- iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-fixes).
- iommu/vt-d: Fix missing PASID in dev TLB flush with cache_tag_flush_all (git-fixes).
- iommu/vt-d: Fix possible circular locking dependency (git-fixes).
- iommu/vt-d: Fix system hang on reboot -f (git-fixes).
- iommu/vt-d: PRS isn't usable if PDS isn't supported (git-fixes).
- iommu: Handle race with default domain setup (git-fixes).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- ipv6: annotate data-races around rt->fib6_nsiblings (git-fixes).
- ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes).
- ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes).
- ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes).
- ipvs: Fix clamp() of ip_vs_conn_tab on small memory systems (git-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
- iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes).
- ixgbe: fix ixgbe_orom_civd_info struct layout (bsc#1245410).
- ixgbe: prevent from unwanted interface name changes (git-fixes).
- ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc (git-fixes).
- kABI fix after Add TDX support for vSphere (jsc#PED-13302).
- kABI fix after KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes).
- kABI fix after KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes).
- kABI fix after KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap (git-fixes).
- kABI fix after vhost: Reintroduce kthread API and add mode selection (git-fixes).
- kABI workaround for "drm/dp: Add an EDID quirk for the DPCD register access probe" (bsc#1248121).
- kABI workaround for amd_sfh (git-fixes).
- kABI workaround for drm_gem.h (git-fixes).
- kABI workaround for struct mtk_base_afe changes (git-fixes).
- kABI: Fix the module::name type in audit_context (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
- kABI: fix for struct devlink_port_attrs: move new member to the end (git-fixes).
- kABI: netfilter: supress warnings for nft_set_ops (git-fixes).
- kABI: x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation (git-fixes).
- kabi/severities: ignore kABI compatibility in iio inv_icm42600 drivers They are used only locally
- kabi/severities: ignore two unused/dropped symbols from MEI
- kabi: Hide adding of u64 to devlink_param_type (jsc#PED-12745).
- kabi: Restore layout of parallel_data (bsc1248343).
- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
- kasan: use vmalloc_dump_obj() for vmalloc error reports (git-fixes).
- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).
- kbuild: rust: add rustc-min-version support function (git-fixes)
- kernel-binary: Another installation ordering fix (bsc#1241353).
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- kernel: globalize lookup_or_create_module_kobject() (stable-fixes).
- kernel: param: rename locate_module_kobject (stable-fixes).
- leds: flash: leds-qcom-flash: Fix registry access after re-bind (git-fixes).
- leds: flash: leds-qcom-flash: Update torch current clamp setting (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- leds: leds-lp55xx: Use correct address for memory programming (git-fixes).
- lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897).
- libbpf: Add identical pointer detection to btf_dedup_is_equiv() (git-fixes).
- libeth: move idpf_rx_csum_decoded and idpf_rx_extracted (jsc#PED-13728 jsc#PED-13762).
- livepatch: Add stack_order sysfs attribute (poo#187320).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- lpfc: do not use file->f_path.dentry for comparisons (bsc#1250519).
- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- mailbox: Not protect module_put with spin_lock_irqsave (stable-fixes).
- mailbox: mtk-cmdq: Remove pm_runtime APIs from cmdq_mbox_send_data() (git-fixes).
- mailbox: pcc: Always clear the platform ack interrupt first (stable-fixes).
- mailbox: pcc: Fix the possible race in updation of chan_in_use flag (stable-fixes).
- mailbox: pcc: Use acpi_os_ioremap() instead of ioremap() (stable-fixes).
- mailbox: zynqmp-ipi: Fix SGI cleanup on unbind (git-fixes).
- mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop (git-fixes).
- mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes (git-fixes).
- mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call (git-fixes).
- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).
- maple_tree: fix status setup on restore to active (git-fixes).
- maple_tree: fix testing for 32 bit builds (git-fixes).
- mctp: no longer rely on net->dev_index_head (git-fixes).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: dm-zoned-target: Initialize return variable r to avoid uninitialized use (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).
- media: cec: extron-da-hd-4k-plus: drop external-module make commands (git-fixes).
- media: cx18: Add missing check after DMA map (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in
w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: gspca: Add bounds checking to firmware parser (git-fixes).
- media: hi556: Fix reset GPIO timings (stable-fixes).
- media: hi556: correct the test pattern configuration (git-fixes).
- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
- media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe (git-fixes).
- media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes).
- media: ipu-bridge: Add _HID for OV5670 (stable-fixes).
- media: ipu6: isys: Use correct pads for xlate_streams() (git-fixes).
- media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls (git-fixes).
- media: lirc: Fix error handling in lirc_register() (git-fixes).
- media: mc: Fix MUST_CONNECT handling for pads with no links (git-fixes).
- media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval (git-fixes).
- media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes).
- media: pci: ivtv: Add missing check after DMA map (git-fixes).
- media: pci: mg4b: fix uninitialized iio scan data (git-fixes).
- media: pisp_be: Fix pm_runtime underrun in probe (git-fixes).
- media: qcom: camss: cleanup media device allocated resource on error path (git-fixes).
- media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git-fixes).
- media: rc: fix races with imon_disconnect() (git-fixes).
- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
- media: s5p-mfc: remove an unused/uninitialized variable (git-fixes).
- media: st-delta: avoid excessive stack usage (git-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: ti: j721e-csi2rx: Fix source subdev link creation (git-fixes).
- media: ti: j721e-csi2rx: Use devm_of_platform_populate (git-fixes).
- media: ti: j721e-csi2rx: fix list_del corruption (git-fixes).
- media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: usbtv: Lock resolution while streaming (git-fixes).
- media: uvcvideo: Add quirk for HP Webcam HD 2300 (stable-fixes).
- media: uvcvideo: Do not mark valid metadata as invalid (git-fixes).
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).
- media: uvcvideo: Rollback non processed entities on error (git-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes).
- media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes).
- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).
- media: v4l2: Add support for NV12M tiled variants to v4l2_format_info() (git-fixes).
- media: venus: Add a check for packet size after reading from shared memory (git-fixes).
- media: venus: Fix MSM8998 frequency table (git-fixes).
- media: venus: Fix OOB read due to missing payload bound check (git-fixes).
- media: venus: firmware: Use correct reset sequence for IRIS2 (git-fixes).
- media: venus: hfi: explicitly release IRQ during teardown (git-fixes).
- media: venus: protect against spurious interrupts during probe (git-fixes).
- media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: verisilicon: Fix AV1 decoder clock frequency (git-fixes).
- media: vivid: fix wrong pixel_array control size (git-fixes).
- media: zoran: Remove zoran_fh structure (git-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- mei: vsc: Destroy mutex after freeing the IRQ (git-fixes).
- mei: vsc: Do not re-init VSC from mei_vsc_hw_reset() on stop (git-fixes).
- mei: vsc: Drop unused vsc_tp_request_irq() and vsc_tp_free_irq() (stable-fixes).
- mei: vsc: Event notifier fixes (git-fixes).
- mei: vsc: Fix "BUG: Invalid wait context" lockdep error (git-fixes).
- mei: vsc: Run event callback from a workqueue (git-fixes).
- mei: vsc: Unset the event callback on remove and probe errors (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8186 (git-fixes).
- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mfd: axp20x: Set explicit ID for AXP313 regulator (stable-fixes).
- mfd: cros_ec: Separate charge-control probing from USB-PD (git-fixes).
- mfd: exynos-lpass: Fix another error handling path in exynos_lpass_probe() (git-fixes).
- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).
- microchip: lan865x: Fix LAN8651 autoloading (git-fixes).
- microchip: lan865x: Fix module autoloading (git-fixes).
- microchip: lan865x: fix missing Timer Increment config for Rev.B0/B1 (git-fixes).
- microchip: lan865x: fix missing netif_start_queue() call on device open (git-fixes).
- misc: fastrpc: Fix fastrpc_map_lookup operation (git-fixes).
- misc: fastrpc: Save actual DMA size in fastrpc_map structure (git-fixes).
- misc: fastrpc: Skip reference for DMA handles (git-fixes).
- misc: fastrpc: fix possible map leak in fastrpc_put_args (git-fixes).
- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).
- misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type (git-fixes).
- misc: pci_endpoint_test: Give disabled BARs a distinct error code (stable-fixes).
- misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes).
- mm/damon/core: avoid destroyed target reference from DAMOS quota (git-fixes).
- mm/damon/core: prevent unnecessary overflow in damos_set_effective_quota() (git-fixes).
- mm/damon/core: set quota->charged_from to jiffies at first charge window (git-fixes).
- mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() (git-fixes).
- mm/damon/ops-common: ignore migration request to invalid nodes (git-fixes).
- mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() (git-fixes).
- mm/damon/sysfs: fix use-after-free in state_show() (git-fixes).
- mm/memory-failure: fix redundant updates for already poisoned pages (bsc#1250087).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mm/userfaultfd: fix kmap_local LIFO ordering for CONFIG_HIGHPTE (git-fixes).
- mm: close theoretical race where stale TLB entries could linger (git-fixes).
- mm: fault in complete folios instead of individual pages for tmpfs (git-fixes).
- mm: fix the inaccurate memory statistics issue for users (bsc#1244723).
- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
- mm: khugepaged: fix call hpage_collapse_scan_file() for anonymous vma (git-fixes).
- mm: memory-tiering: fix PGPROMOTE_CANDIDATE counting (bsc#1245630).
- mm: memory-tiering: fix PGPROMOTE_CANDIDATE counting - kabi (bsc#1245630).
- mm: move page table sync declarations to linux/pgtable.h (git-fixes).
- mm: swap: fix potential buffer overflow in setup_clusters() (git-fixes).
- mmc: core: Fix variable shadowing in mmc_route_rpmb_frames() (git-fixes).
- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-of-arasan: Ensure CD logic stabilization before power-up (stable-fixes).
- mmc: sdhci-of-arasan: Support for emmc hardware reset (stable-fixes).
- mmc: sdhci-pci-gli: Add a new function to simplify the code (git-fixes).
- mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER (git-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- mmc: sdhci_am654: Disable HS400 for AM62P SR1.0 and SR1.1 (git-fixes).
- module: Fix memory deallocation on error path in move_module() (git-fixes).
- module: Prevent silent truncation of module name in delete_module(2) (git-fixes).
- module: Remove unnecessary +1 from last_unloaded_module::name size (git-fixes).
- module: Restore the moduleparam prefix length check (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fix spurious wake-up on under memory pressure (git-fixes).
- mtd: fix possible integer overflow in erase_xfer() (git-fixes).
- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
- mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes).
- mtd: rawnand: atmel: Fix error handling path in atmel_nand_controller_add_nands (git-fixes).
- mtd: rawnand: atmel: set pmecc data setup time (git-fixes).
- mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes).
- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).
- mtd: rawnand: qcom: Fix last codeword read in qcom_param_page_type_exec() (git-fixes).
- mtd: rawnand: renesas: Add missing check after DMA map (git-fixes).
- mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes).
- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).
- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
- mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes).
- mtd: spi-nor: spansion: Fixup params->set_4byte_addr_mode for SEMPER (git-fixes).
- mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes).
- mwl8k: Add missing check after DMA map (git-fixes).
- neighbour: Fix null-ptr-deref in neigh_flush_dev() (git-fixes).
- net/mlx5: Base ECVF devlink port attrs from 0 (git-fixes).
- net/mlx5: CT: Use the correct counter offset (git-fixes).
- net/mlx5: Check device memory pointer before usage (git-fixes).
- net/mlx5: Correctly set gso_segs when LRO is used (git-fixes).
- net/mlx5: Correctly set gso_size when LRO is used (git-fixes).
- net/mlx5: E-Switch, Fix peer miss rules to use peer eswitch (git-fixes).
- net/mlx5: Fix lockdep assertion on sync reset unload event (git-fixes).
- net/mlx5: Fix memory leak in cmd_exec() (git-fixes).
- net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow (git-fixes).
- net/mlx5: HWS, Fix pattern destruction in mlx5hws_pat_get_pattern error path (git-fixes).
- net/mlx5: HWS, fix bad parameter in CQ creation (git-fixes).
- net/mlx5: Nack sync reset when SFs are present (git-fixes).
- net/mlx5: Prevent flow steering mode changes in switchdev mode (git-fixes).
- net/mlx5: Reload auxiliary drivers on fw_activate (git-fixes).
- net/mlx5e: Add new prio for promiscuous mode (git-fixes).
- net/mlx5e: Clear Read-Only port buffer size in PBMC before update (git-fixes).
- net/mlx5e: Preserve shared buffer capacity during headroom updates (git-fixes).
- net/mlx5e: Remove skb secpath if xfrm state is not found (git-fixes).
- net/mlx5e: Set local Xoff after FW update (git-fixes).
- net/mlx5e: Update and set Xon/Xoff upon MTU set (git-fixes).
- net/mlx5e: Update and set Xon/Xoff upon port speed set (git-fixes).
- net/packet: fix a race in packet_set_ring() and packet_notifier() (git-fixes).
- net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes).
- net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git-fixes).
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes).
- net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes).
- net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (git-fixes).
- net: 802: LLC+SNAP OID:PID lookup on start of skb data (git-fixes).
- net: dsa: restore dsa_software_vlan_untag() ability to operate on VLAN-untagged traffic (git-fixes).
- net: dsa: tag_ocelot_8021q: fix broken reception (git-fixes).
- net: hsr: fix fill_frame_info() regression vs VLAN packets (git-fixes).
- net: hsr: fix hsr_init_sk() vs network/transport headers (git-fixes).
- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).
- net: ieee8021q: fix insufficient table-size assertion (stable-fixes).
- net: llc: reset skb->transport_header (git-fixes).
- net: mana: Add handler for hardware servicing events (bsc#1245730).
- net: mana: Add speed support in mana_get_link_ksettings (bsc#1245726).
- net: mana: Add support for net_shaper_ops (bsc#1245726).
- net: mana: Allocate MSI-X vectors dynamically (bsc#1245457).
- net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457).
- net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729).
- net: mana: Fix build errors when CONFIG_NET_SHAPER is disabled (gix-fixes).
- net: mana: Fix potential deadlocks in mana napi ops (bsc#1245726).
- net: mana: Handle Reset Request from MANA NIC (bsc#1245728).
- net: mana: Handle unsupported HWC commands (bsc#1245726).
- net: mana: Set tx_packets to post gso processing packet count (bsc#1245731).
- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
- net: mana: explain irq_setup() algorithm (bsc#1245457).
- net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes).
- net: mctp: handle skb cleanup on sock_queue failures (git-fixes).
- net: mdio: mdio-bcm-unimac: Correct rate fallback logic (git-fixes).
- net: nfc: nci: Add parameter validation for packet data (git-fixes).
- net: page_pool: allow enabling recycling late, fix false positive warning (git-fixes).
- net: phy: bcm54811: PHY initialization (stable-fixes).
- net: phy: fix phy_uses_state_machine() (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).
- net: rose: convert 'use' field to refcount_t (git-fixes).
- net: rose: fix a typo in rose_clear_routes() (git-fixes).
- net: rose: include node references in rose_neigh refcount (git-fixes).
- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).
- net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock (git-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- net: usb: cdc-ncm: check for filtering capability (git-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990A w/audio composition (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).
- net: usb: qmi_wwan: fix Telit Cinterion FE990A name (stable-fixes).
- net: usb: qmi_wwan: fix Telit Cinterion FN990A name (stable-fixes).
- net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes).
- net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes).
- netfilter: ctnetlink: fix refcount leak on table dump (git-fixes).
- netfilter: ctnetlink: remove refcounting in expectation dumpers (git-fixes).
- netfilter: nf_conncount: garbage collection is not skipped when jiffies wrap around (git-fixes).
- netfilter: nf_nat: also check reverse tuple to obtain clashing entry (git-fixes).
- netfilter: nf_reject: do not leak dst refcount for loopback packets (git-fixes).
- netfilter: nf_tables: Drop dead code from fill_*_info routines (git-fixes).
- netfilter: nf_tables: adjust lockdep assertions handling (git-fixes).
- netfilter: nf_tables: fix set size with rbtree backend (git-fixes).
- netfilter: nf_tables: imbalance in flowtable binding (git-fixes).
- netfilter: nft_ct: Use __refcount_inc() for per-CPU nft_ct_pcpu_template (git-fixes).
- netfilter: nft_flow_offload: update tcp state flags under lock (git-fixes).
- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
- netfilter: nft_set_hash: skip duplicated elements pending gc run (git-fixes).
- netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (git-fixes).
- netfilter: nft_set_pipapo: prefer kvmalloc for scratch maps (git-fixes).
- netfilter: nft_tunnel: fix geneve_opt dump (git-fixes).
- netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds (git-fixes).
- netlink: fix policy dump for int with validation callback (jsc#PED-13331).
- netlink: specs: devlink: replace underscores with dashes in names (jsc#PED-13331).
- netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes).
- nfs/localio: add direct IO enablement with sync and async IO support (git-fixes).
- nfs/localio: remove extra indirect nfs_to call to check {read,write}_iter (git-fixes).
- nfsd: Fix NFSD_MAY_BYPASS_GSS and NFSD_MAY_BYPASS_GSS_ON_ROOT (git-fixes).
- nfsd: fix access checking for NLM under XPRTSEC policies (git-fixes).
- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes).
- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
- nvme-auth: update bi_directional flag (git-fixes).
- nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).
- nvme-pci: try function level reset on init failure (git-fixes).
- nvme-tcp: log TLS handshake failures at error level (git-fixes).
- nvme-tcp: send only permitted commands for secure concat (git-fixes).
- nvme: fix PI insert on write (git-fixes).
- nvme: fix endianness of command word prints in nvme_log_err_passthru() (git-fixes).
- nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes).
- nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes).
- nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).
- nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500).
- nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).
- nvmet-tcp: fix callback lock for TLS handshake (git-fixes).
- nvmet: exit debugfs after discovery subsystem exits (git-fixes).
- nvmet: initialize discovery subsys after debugfs is initialized (git-fixes).
- nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails (git-fixes).
- objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler() (stable-fixes).
- objtool, lkdtm: Obfuscate the do_nothing() pointer (stable-fixes).
- objtool, regulator: rk808: Remove potential undefined behavior in rk806_set_mode_dcdc() (stable-fixes).
- of: dynamic: Fix memleak when of_pci_add_properties() failed (git-fixes).
- of: dynamic: Fix use after free in of_changeset_add_prop_helper() (git-fixes).
- of: resolver: Fix device node refcount leakage in of_resolve_phandles() (git-fixes).
- of: resolver: Simplify of_resolve_phandles() using __free() (stable-fixes).
- of: unittest: Fix device reference count leak in of_unittest_pci_node_verify (git-fixes).
- of: unittest: Unlock on error in unittest_data_add() (git-fixes).
- pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- percpu: fix race on alloc failed warning limit (git-fixes).
- perf bpf-event: Fix use-after-free in synthesis (git-fixes).
- perf bpf-utils: Constify bpil_array_desc (git-fixes).
- perf bpf-utils: Harden get_bpf_prog_info_linear (git-fixes).
- perf dso: Add missed dso__put to dso__load_kcore (git-fixes).
- perf hwmon_pmu: Avoid shortening hwmon PMU name (git-fixes).
- perf parse-events: Set default GH modifier properly (git-fixes).
- perf record: Cache build-ID of hit DSOs only (git-fixes).
- perf sched: Fix memory leaks for evsel->priv in timehist (git-fixes).
- perf sched: Fix memory leaks in 'perf sched latency' (git-fixes).
- perf sched: Fix memory leaks in 'perf sched map' (git-fixes).
- perf sched: Fix thread leaks in 'perf sched timehist' (git-fixes).
- perf sched: Free thread->priv using priv_destructor (git-fixes).
- perf sched: Make sure it frees the usage string (git-fixes).
- perf sched: Use RC_CHK_EQUAL() to compare pointers (git-fixes).
- perf symbol-minimal: Fix ehdr reading in filename__read_build_id (git-fixes).
- perf test: Fix a build error in x86 topdown test (git-fixes).
- perf tests bp_account: Fix leaked file descriptor (git-fixes).
- perf tools: Remove libtraceevent in .gitignore (git-fixes).
- perf topdown: Use attribute to see an event is a topdown metic or slots (git-fixes).
- perf trace: Remove --map-dump documentation (git-fixes).
- phy: fsl-imx8mq-usb: fix phy_tx_vboost_level_from_property() (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: mscc: Fix timestamping for vsc8584 (git-fixes).
- phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence (git-fixes).
- phy: qualcomm: phy-qcom-eusb2-repeater: Do not zero-out registers (git-fixes).
- phy: qualcomm: phy-qcom-eusb2-repeater: fix override properties (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568 (git-fixes).
- phy: rockchip: samsung-hdptx: Do no set rk_hdptx_phy->rate in case of errors (git-fixes).
- phy: rockchip: samsung-hdptx: Fix clock ratio setup (git-fixes).
- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
- phy: ti-pipe3: fix device leak at unbind (git-fixes).
- phy: ti: omap-usb2: fix device leak at unbind (git-fixes).
- pidfs: Fix memory leak in pidfd_info() (jsc#PED-13113).
- pidfs: raise SB_I_NODEV and SB_I_NOEXEC (bsc#1249562).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: berlin: fix memory leak in berlin_pinctrl_build_state() (git-fixes).
- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
- pinctrl: renesas: Use int type to store negative error codes (git-fixes).
- pinctrl: renesas: rzg2l: Fix invalid unsigned return in rzg3s_oen_read() (git-fixes).
- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes).
- pinmux: fix race causing mux_owner NULL with active mux_usecount (git-fixes).
- platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git-fixes).
- platform/chrome: cros_ec_sensorhub: Retries when a sensor is not ready (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).
- platform/mellanox: mlxbf-pmc: Use kstrtobool() to check 0/1 input (git-fixes).
- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
- platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (git-fixes).
- platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list (stable-fixes).
- platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list (stable-fixes).
- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).
- platform/x86/amd/pmf: Support new ACPI ID AMDI0108 (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- platform/x86/intel-uncore-freq: Check write blocked for ELC (git-fixes).
- platform/x86/intel: power-domains: Use topology_logical_package_id() for package ID (git-fixes).
- platform/x86: Fix initialization order for firmware_attributes_class (git-fixes).
- platform/x86: asus-nb-wmi: add DMI quirk for ASUS Zenbook Duo UX8406CA (stable-fixes).
- platform/x86: asus-wmi: Fix ROG button mapping, tablet mode on ASUS ROG Z13 (stable-fixes).
- platform/x86: asus-wmi: Re-add extra keys to ignore_key_wlan quirk (git-fixes).
- platform/x86: asus-wmi: Remove extra keys from ignore_key_wlan quirk (git-fixes).
- platform/x86: ideapad-laptop: Fix FnLock not remembered among boots (git-fixes).
- platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes).
- platform/x86: lg-laptop: Fix WMAB call in fan_mode_store() (git-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).
- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).
- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).
- power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes).
- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).
- power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git-fixes).
- power: supply: max77976_charger: fix constant current reporting (git-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/ftrace: ensure ftrace record ops are always set for NOPs (git-fixes).
- powerpc/ftrace: ensure ftrace record ops are always set for NOPs (jsc#PED-10909 git-fixes).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
- powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
- powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc64/modules: correctly iterate over stubs in setup_ftrace_ool_stubs (jsc#PED-10909 git-fixes).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
- pptp: fix pptp_xmit() error path (git-fixes).
- printk: nbcon: Allow reacquire during panic (bsc#1246688).
- psample: adjust size if rate_as_probability is set (git-fixes).
- ptp: fix breakage after ptp_vclock_in_use() rework (git-fixes).
- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
- pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- pwm: rockchip: Round period/duty down on apply, up on get (git-fixes).
- pwm: tiehrpwm: Do not drop runtime PM reference in .free() (git-fixes).
- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).
- pwm: tiehrpwm: Fix various off-by-one errors in duty-cycle calculation (git-fixes).
- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).
- r8169: add support for RTL8125D (stable-fixes).
- r8169: disable RTL8126 ZRX-DC timeout (stable-fixes).
- r8169: do not scan PHY addresses > 0 (stable-fixes).
- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).
- regulator: core: fix NULL dereference on unbind due to stale coupling data (stable-fixes).
- regulator: scmi: Use int type to store negative error codes (git-fixes).
- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- reset: eyeq: fix OF node leak (git-fixes).
- resource: Add resource set range and size helpers (jsc#PED-13728 jsc#PED-13762).
- resource: fix false warning in __request_region() (git-fixes).
- ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes).
- ring-buffer: Make reading page consistent with the code logic (git-fixes).
- rpm/config.sh: SLFO 1.2 is now synced to OBS as well
- rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes).
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes).
- rtc: optee: fix memory leak on driver removal (git-fixes).
- rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes).
- rtc: x1205: Fix Xicor X1205 vendor prefix (git-fixes).
- s390/ap: Unmask SLCF bit in card and queue ap functions sysfs (git-fixes bsc#1247837).
- s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246868).
- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249477).
- s390/early: Copy last breaking event address to pt_regs (git-fixes bsc#1249061).
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (bsc#1248727 git-fixes).
- s390/hypfs: Enable limited access during lockdown (bsc#1248727 git-fixes).
- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1247372).
- s390/mm: Allocate page table with PAGE_SIZE granularity (git-fixes bsc#1247838).
- s390/mm: Do not map lowcore with identity mapping (git-fixes bsc#1249066).
- s390/mm: Remove possible false-positive warning in pte_free_defer() (git-fixes bsc#1247366).
- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249478).
- s390/pci: Allow automatic recovery with minimal driver support (bsc#1248728 git-fixes).
- s390/sclp: Fix SCCB present check (git-fixes bsc#1249065).
- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249062).
- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249064).
- samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora (git-fixes).
- samples: mei: Fix building on musl libc (git-fixes).
- sched/deadline: Always stop dl-server before changing parameters (bsc#1247936).
- sched/deadline: Do not count nr_running for dl_server proxy tasks (git-fixes, bsc#1247936).
- sched/deadline: Fix RT task potential starvation when expiry time passed (git-fixes, bsc#1247936).
- sched/deadline: Fix dl_server_stopped() (bsc#1247936).
- sched/deadline: Initialize dl_servers after SMP (git-fixes)
- sched_ext, sched/core: Do not call scx_group_set_weight() (git-fixes)
- scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).
- scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519).
- scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).
- scsi: lpfc: Clean up extraneous phba dentries (bsc#1250519).
- scsi: lpfc: Convert debugfs directory counts from atomic to unsigned int (bsc#1250519).
- scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).
- scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).
- scsi: lpfc: Define size of debugfs entry for xri rebalancing (bsc#1250519).
- scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).
- scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).
- scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).
- scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519).
- scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).
- scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519).
- scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
- scsi: lpfc: Use int type to store negative error codes (bsc#1250519).
- scsi: lpfc: Use switch case statements in DIF debugfs handlers (bsc#1250519).
- scsi: lpfc: use min() to improve code (bsc#1250519).
- scsi: mpi3mr: Event processing debug improvement (bsc#1251186).
- scsi: mpi3mr: Fix I/O failures during controller reset (bsc#1251186).
- scsi: mpi3mr: Fix controller init failure on fault during queue creation (bsc#1251186).
- scsi: mpi3mr: Fix device loss during enclosure reboot due to zero link speed (bsc#1251186).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix premature TM timeouts on virtual drives (bsc#1251186).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpi3mr: Update MPI headers to revision 37 (bsc#1251186).
- scsi: mpi3mr: Update driver version to 8.15.0.5.50 (bsc#1251186).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: qla2xxx: Avoid stack frame size warning in qla_dfs (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp() (git-fixes).
- scsi: qla2xxx: Remove firmware URL (git-fixes).
- scsi: qla2xxx: Use secs_to_jiffies() instead of msecs_to_jiffies() (git-fixes).
- scsi: qla2xxx: edif: Fix incorrect sign of error code (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- scsi: smartpqi: Enhance WWID logging logic (bsc#1246631).
- scsi: smartpqi: Take drives offline when controller is offline (bsc#1246631).
- scsi: smartpqi: Update driver version to 2.1.34-035 (bsc#1246631).
- scsi: ufs: Fix toggling of clk_gating.state when clock gating is not allowed (git-fixes).
- scsi: ufs: Introduce quirk to extend PA_HIBERN8TIME for UFS devices (git-fixes).
- scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (git-fixes).
- scsi: ufs: core: Add missing post notify for power mode change (git-fixes).
- scsi: ufs: core: Add ufshcd_send_bsg_uic_cmd() for UFS BSG (git-fixes).
- scsi: ufs: core: Always initialize the UIC done completion (git-fixes).
- scsi: ufs: core: Do not perform UFS clkscaling during host async scan (git-fixes).
- scsi: ufs: core: Fix clk scaling to be conditional in reset and restore (git-fixes).
- scsi: ufs: core: Fix error return with query response (git-fixes).
- scsi: ufs: core: Fix spelling of a sysfs attribute name (git-fixes).
- scsi: ufs: core: Fix ufshcd_is_ufs_dev_busy() and ufshcd_eh_timed_out() (git-fixes).
- scsi: ufs: core: Honor runtime/system PM levels if set by host controller drivers (git-fixes).
- scsi: ufs: core: Improve ufshcd_mcq_sq_cleanup() (git-fixes).
- scsi: ufs: core: Introduce ufshcd_has_pending_tasks() (git-fixes).
- scsi: ufs: core: Prepare to introduce a new clock_gating lock (git-fixes).
- scsi: ufs: core: Remove redundant query_complete trace (git-fixes).
- scsi: ufs: core: Set default runtime/system PM levels before ufshcd_hba_init() (git-fixes).
- scsi: ufs: core: Update compl_time_stamp_local_clock after completing a cqe (git-fixes).
- scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume (git-fixes).
- scsi: ufs: exynos: Add check inside exynos_ufs_config_smu() (git-fixes).
- scsi: ufs: exynos: Add gs101_ufs_drv_init() hook and enable WriteBooster (git-fixes).
- scsi: ufs: exynos: Enable PRDT pre-fetching with UFSHCD_CAP_CRYPTO (git-fixes).
- scsi: ufs: exynos: Ensure consistent phy reference counts (git-fixes).
- scsi: ufs: exynos: Ensure pre_link() executes before exynos_ufs_phy_init() (git-fixes).
- scsi: ufs: exynos: Fix hibern8 notify callbacks (git-fixes).
- scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE (git-fixes).
- scsi: ufs: exynos: Move UFS shareability value to drvdata (git-fixes).
- scsi: ufs: exynos: Move phy calls to .exit() callback (git-fixes).
- scsi: ufs: exynos: Remove empty drv_init method (git-fixes).
- scsi: ufs: exynos: Remove superfluous function parameter (git-fixes).
- scsi: ufs: exynos: gs101: Put UFS device in reset on .suspend() (git-fixes).
- scsi: ufs: mcq: Delete ufshcd_release_scsi_cmd() in ufshcd_mcq_abort() (git-fixes).
- scsi: ufs: pltfrm: Disable runtime PM during removal of glue drivers (git-fixes).
- scsi: ufs: pltfrm: Drop PM runtime reference count after ufshcd_remove() (git-fixes).
- scsi: ufs: qcom: Fix crypto key eviction (git-fixes).
- scsi: ufs: qcom: fix dev reference leaked through of_qcom_ice_get (git-fixes).
- scsi: ufs: ufs-pci: Fix default runtime and system PM levels (git-fixes).
- scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers (git-fixes).
- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes bsc#1250671).
- selftest/livepatch: Only run test-kprobe with CONFIG_KPROBES_ON_FTRACE (poo#187320).
- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).
- selftests/livepatch: Ignore NO_SUPPORT line in dmesg (poo#187320).
- selftests/livepatch: Replace hardcoded module name with variable in test-callbacks.sh (poo#187320).
- selftests/run_kselftest.sh: Fix help string for --per-test-log (poo#187320).
- selftests/run_kselftest.sh: Use readlink if realpath is not available (poo#187320).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: ALSA: fix memory leak in utimer test (git-fixes).
- selftests: livepatch: add new ftrace helpers functions (poo#187320).
- selftests: livepatch: add test cases of stack_order sysfs interface (poo#187320).
- selftests: livepatch: handle PRINTK_CALLER in check_result() (poo#187320).
- selftests: livepatch: rename KLP_SYSFS_DIR to SYSFS_KLP_DIR (poo#187320).
- selftests: livepatch: save and restore kprobe state (poo#187320).
- selftests: livepatch: test if ftrace can trace a livepatched function (poo#187320).
- selftests: livepatch: test livepatching a kprobed function (poo#187320).
- selftests: ncdevmem: Move ncdevmem under drivers/net/hw (poo#187443).
- selinux: change security_compute_sid to return the ssid or tsid on match (git-fixes).
- selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len (stable-fixes).
- serial: 8250: Touch watchdogs in write_atomic() (bsc#1246688).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- serial: max310x: Add error checking in probe() (git-fixes).
- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
- skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix crypto buffers in non-linear memory (bsc#1250491, boo#1239206).
- smb: client: fix netns refcount leak after net_passive changes (git-fixes).
- soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soc: mediatek: mtk-svs: fix device leaks on mt8183 probe failure (git-fixes).
- soc: mediatek: mtk-svs: fix device leaks on mt8192 probe failure (git-fixes).
- soc: qcom: QMI encoding/decoding for big endian (git-fixes).
- soc: qcom: fix endianness for QMI header (git-fixes).
- soc: qcom: mdt_loader: Actually use the e_phoff (stable-fixes).
- soc: qcom: mdt_loader: Deal with zero e_shentsize (git-fixes).
- soc: qcom: mdt_loader: Ensure we do not read past the ELF header (git-fixes).
- soc: qcom: mdt_loader: Fix error return values in mdt_header_valid() (git-fixes).
- soc: qcom: pmic_glink: fix OF node leak (git-fixes).
- soc: qcom: rpmh-rsc: Add RSC version 4 support (stable-fixes).
- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).
- soundwire: Move handle_nested_irq outside of sdw_dev_lock (stable-fixes).
- soundwire: amd: cancel pending slave status handling workqueue during remove sequence (stable-fixes).
- soundwire: amd: fix for handling slave alerts after link is down (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- soundwire: stream: restore params when prepare ports fail (git-fixes).
- spi: bcm2835: Remove redundant semicolons (git-fixes).
- spi: cadence-quadspi: Fix cqspi_setup_flash() (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).
- spi: cadence-quadspi: fix cleanup of rx_chan on failure paths (stable-fixes).
- spi: cs42l43: Property entry should be a null-terminated array (bsc#1246979).
- spi: fix return code when spi device has too many chipselects (git-fixes).
- spi: mtk-snfi: Remove redundant semicolons (git-fixes).
- spi: spi-fsl-lpspi: Clamp too high speed_hz (git-fixes).
- spi: spi-fsl-lpspi: Clear status register after disabling the module (git-fixes).
- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).
- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
- spi: stm32: Check for cfg availability in stm32_spi_probe (git-fixes).
- sprintf.h requires stdarg.h (git-fixes).
- sprintf.h: mask additional include (git-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- staging: axis-fifo: fix TX handling on copy_from_user() failure (git-fixes).
- staging: axis-fifo: fix maximum TX packet length check (git-fixes).
- staging: axis-fifo: flush RX FIFO on read errors (git-fixes).
- staging: axis-fifo: remove sysfs interface (git-fixes).
- staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git-fixes).
- staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (git-fixes).
- staging: nvec: Fix incorrect null termination of battery manufacturer (git-fixes).
- staging: vchiq_arm: Make vchiq_shutdown never fail (git-fixes).
- struct cdc_ncm_ctx: move new member to end (git-fixes).
- sunrpc: fix client side handling of tls alerts (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunrpc: fix null pointer dereference on zero-length checksum (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- supported.conf: Mark ZL3073X modules supported
- supported.conf: mark hyperv_drm as external
- tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes).
- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
- thermal/drivers/mediatek/lvts_thermal: Add lvts commands and their sizes to driver data (stable-fixes).
- thermal/drivers/mediatek/lvts_thermal: Add mt7988 lvts commands (stable-fixes).
- thermal/drivers/mediatek/lvts_thermal: Change lvts commands array to static const (stable-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- thunderbolt: Compare HMAC values in constant time (git-fixes).
- thunderbolt: Fix copy+paste error in match_service_id() (git-fixes).
- tools/power turbostat: Clustered Uncore MHz counters should honor show/hide options (stable-fixes).
- tools/power turbostat: Fix bogus SysWatt for forked program (git-fixes).
- tools/power turbostat: Fix build with musl (stable-fixes).
- tools/power turbostat: Handle cap_get_proc() ENOSYS (stable-fixes).
- tools/power turbostat: Handle non-root legacy-uncore sysfs permissions (stable-fixes).
- tools/resolve_btfids: Fix build when cross compiling kernel with clang (git-fixes).
- tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single (git-fixes).
- trace/fgraph: Fix error handling (git-fixes).
- trace/ring-buffer: Do not use TP_printk() formatting for boot mapped buffers (git-fixes).
- tracepoint: Print the function symbol when tracepoint_debug is set (jsc#PED-13631).
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes).
- tracing/kprobes: Fix to free objects when failed to copy a symbol (git-fixes).
- tracing: Correct the refcount if the hist/hist_debug file fails to open (git-fixes).
- tracing: Fix filter string testing (git-fixes).
- tracing: Fix using ret variable in tracing_set_tracer() (git-fixes).
- tracing: Remove unneeded goto out logic (bsc#1249286).
- tracing: Switch trace.c code over to use guard() (git-fixes).
- tracing: Switch trace_events_hist.c code over to use guard() (git-fixes).
- tracing: fprobe events: Fix possible UAF on modules (git-fixes).
- tracing: tprobe-events: Fix leakage of module refcount (git-fixes).
- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).
- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).
- tty: serial: fix print format specifiers (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- ucount: fix atomic_long_inc_below() argument type (git-fixes).
- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
- usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes).
- usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call (git-fixes).
- usb: core: Add 0x prefix to quirks debug output (stable-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
- usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).
- usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes).
- usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes).
- usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes).
- usb: gadget: midi2: Fix MIDI2 IN EP max packet size (git-fixes).
- usb: gadget: midi2: Fix missing UMP group attributes initialization (git-fixes).
- usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes).
- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).
- usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes).
- usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes).
- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).
- usb: musb: omap2430: fix device leak at unbind (git-fixes).
- usb: phy: twl6030: Fix incorrect type for ret (git-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: fusb302: cache PD RX state (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).
- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).
- usb: typec: tcpm/tcpci_maxim: fix irq wake usage (stable-fixes).
- usb: typec: tcpm: allow switching to mode accessory to mux properly (stable-fixes).
- usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes).
- usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git-fixes).
- usb: typec: tcpm: properly deliver cable vdms to altmode drivers (git-fixes).
- usb: typec: tipd: Clear interrupts first (git-fixes).
- usb: typec: ucsi: Update power_supply on power role change (git-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: typec: ucsi: yoga-c630: fix error and remove paths (git-fixes).
- usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- use uniform permission checks for all mount propagation changes (git-fixes).
- vdpa/mlx5: Fix needs_teardown flag calculation (git-fixes).
- vdpa: Fix IDR memory leak in VDUSE module exit (git-fixes).
- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).
- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).
- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).
- vhost: Fix ioctl # for VHOST_[GS]ET_FORK_FROM_OWNER (git-fixes).
- vhost: Reintroduce kthread API and add mode selection (git-fixes).
- vhost: fail early when __vhost_add_used() fails (git-fixes).
- virtchnl2: add flow steering support (jsc#PED-13728).
- virtchnl2: rename enum virtchnl2_cap_rss (jsc#PED-13728).
- virtchnl: add PTP virtchnl definitions (jsc#PED-13728 jsc#PED-13762).
- virtio_net: Enforce minimum TX ring size for reliability (git-fixes).
- virtio_ring: Fix error reporting in virtqueue_resize (git-fixes).
- vmci: Prevent the dispatching of uninitialized payloads (git-fixes).
- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).
- vsock/virtio: Validate length in packet header before skb_put() (git-fixes).
- vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes).
- vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (git-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git-fixes).
- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).
- wifi: ath10k: shutdown driver when hardware is unreliable (stable-fixes).
- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).
- wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes).
- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath11k: fix group data packet drops during rekey (git-fixes).
- wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes).
- wifi: ath11k: fix source ring-buffer corruption (git-fixes).
- wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes).
- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: ath12k: Fix station association with MBSSID Non-TX BSS (stable-fixes).
- wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath12k: fix endianness handling while accessing wmi service bit (git-fixes).
- wifi: ath12k: fix memory leak in ath12k_pci_remove() (stable-fixes).
- wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (git-fixes).
- wifi: ath12k: fix source ring-buffer corruption (git-fixes).
- wifi: ath12k: fix the fetching of combined rssi (git-fixes).
- wifi: ath12k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
- wifi: ath12k: fix wrong logging ID used for CE (git-fixes).
- wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes).
- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).
- wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).
- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: Add missing firmware info for bz-b0-* models (bsc#1252084).
- wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes).
- wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes).
- wifi: iwlwifi: Remove redundant header files (git-fixes).
- wifi: iwlwifi: config: unify fw/pnvm MODULE_FIRMWARE (bsc#1252084).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: avoid outdated reorder buffer head_sn (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes).
- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
- wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes).
- wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes).
- wifi: mac80211: Do not schedule stopped TXQs (git-fixes).
- wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon() (git-fixes).
- wifi: mac80211: avoid weird state in error path (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: do not unreserve never reserved chanctx (stable-fixes).
- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).
- wifi: mac80211: fix incorrect type for ret (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
- wifi: mac80211: reject TDLS operations when station is not associated (git-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: fix linked list corruption (git-fixes).
- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).
- wifi: mt76: free pending offchannel tx frames on wcid cleanup (git-fixes).
- wifi: mt76: mt7915: fix mt7981 pre-calibration (git-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: mt76: mt7925: adjust rm BSS flow to prevent next connection failure (git-fixes).
- wifi: mt76: mt7925: fix locking in mt7925_change_vif_links() (git-fixes).
- wifi: mt76: mt7925: fix the wrong bss cleanup for SAP (git-fixes).
- wifi: mt76: mt7925u: use connac3 tx aggr check in tx complete (git-fixes).
- wifi: mt76: mt7996: Convert mt7996_wed_rro_addr to LE (git-fixes).
- wifi: mt76: mt7996: Fix RX packets configuration for primary WED device (git-fixes).
- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).
- wifi: mt76: prevent non-offchannel mgmt tx during scan/roc (git-fixes).
- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
- wifi: mwifiex: send world regulatory domain to driver (git-fixes).
- wifi: nl80211: Set num_sub_specs before looping through sub_specs (git-fixes).
- wifi: plfxlc: Fix error handling in usb driver probe (git-fixes).
- wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes).
- wifi: rtl8xxxu: Do not claim USB ID 07b8:8188 (stable-fixes).
- wifi: rtl8xxxu: Fix RX skb size for aggregation disabled (git-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtlwifi: rtl8192cu: Do not claim USB ID 07b8:8188 (stable-fixes).
- wifi: rtw88: Fix macid assigned to TDLS station (git-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
- wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes).
- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).
- wifi: rtw89: scan abort when assign/unassign_vif (stable-fixes).
- wifi: rtw89: wow: Add Basic Rate IE to probe request in scheduled scan mode (stable-fixes).
- wifi: virt_wifi: Fix page fault on connect (stable-fixes).
- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).
- writeback: Avoid contention on wb->list_lock when switching inodes (bsc#1237776).
- writeback: Avoid contention on wb->list_lock when switching inodes (kABI fixup) (bsc#1237776).
- writeback: Avoid excessively long inode switching times (bsc#1237776).
- writeback: Avoid softlockup when switching many inodes (bsc#1237776).
- x86/CPU/AMD: Add CPUID faulting support (jsc#PED-13704).
- x86/Kconfig: Add arch attack vector support (git-fixes).
- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
- x86/boot: Sanitize boot params before parsing command line (git-fixes).
- x86/bugs: Add SRSO_MITIGATION_NOSMT (git-fixes).
- x86/bugs: Add attack vector controls for BHI (git-fixes).
- x86/bugs: Add attack vector controls for GDS (git-fixes).
- x86/bugs: Add attack vector controls for ITS (git-fixes).
- x86/bugs: Add attack vector controls for L1TF (git-fixes).
- x86/bugs: Add attack vector controls for MDS (git-fixes).
- x86/bugs: Add attack vector controls for MMIO (git-fixes).
- x86/bugs: Add attack vector controls for RFDS (git-fixes).
- x86/bugs: Add attack vector controls for SRBDS (git-fixes).
- x86/bugs: Add attack vector controls for SRSO (git-fixes).
- x86/bugs: Add attack vector controls for SSB (git-fixes).
- x86/bugs: Add attack vector controls for TAA (git-fixes).
- x86/bugs: Add attack vector controls for TSA (git-fixes).
- x86/bugs: Add attack vector controls for retbleed (git-fixes).
- x86/bugs: Add attack vector controls for spectre_v1 (git-fixes).
- x86/bugs: Add attack vector controls for spectre_v2 (git-fixes).
- x86/bugs: Add attack vector controls for spectre_v2_user (git-fixes).
- x86/bugs: Allow ITS stuffing in eIBRS+retpoline mode also (git-fixes).
- x86/bugs: Avoid AUTO after the select step in the retbleed mitigation (git-fixes).
- x86/bugs: Avoid warning when overriding return thunk (git-fixes).
- x86/bugs: Clean up SRSO microcode handling (git-fixes).
- x86/bugs: Define attack vectors relevant for each bug (git-fixes).
- x86/bugs: Fix GDS mitigation selecting when mitigation is off (git-fixes).
- x86/bugs: Introduce cdt_possible() (git-fixes).
- x86/bugs: Print enabled attack vectors (git-fixes).
- x86/bugs: Remove its=stuff dependency on retbleed (git-fixes).
- x86/bugs: Select best SRSO mitigation (git-fixes).
- x86/bugs: Simplify the retbleed=stuff checks (git-fixes).
- x86/bugs: Use IBPB for retbleed if used by SRSO (git-fixes).
- x86/bugs: Use switch/case in its_apply_mitigation() (git-fixes).
- x86/cacheinfo: Properly parse CPUID(0x80000005) L1d/L1i associativity (git-fixes).
- x86/cacheinfo: Properly parse CPUID(0x80000006) L2/L3 associativity (git-fixes).
- x86/cpu: Sanitize CPUID(0x80000000) output (git-fixes).
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- x86/fpu/xstate: Fix inconsistencies in guest FPU xfeatures (git-fixes).
- x86/fpu: Avoid copying dynamic FP state from init_task in arch_dup_task_struct() (git-fixes).
- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/fpu: Fully optimize out WARN_ON_FPU() (git-fixes).
- x86/fpu: Refactor xfeature bitmask update code for sigframe XSAVE (git-fixes).
- x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler (git-fixes).
- x86/headers: Replace __ASSEMBLY__ with __ASSEMBLER__ in UAPI headers (git-fixes).
- x86/locking: Use ALT_OUTPUT_SP() for percpu_{,try_}cmpxchg{64,128}_op() (git-fixes).
- x86/mce/amd: Add default names for MCA banks and blocks (git-fixes).
- x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes).
- x86/mce: Ensure user polling settings are honored when restarting timer (git-fixes).
- x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git-fixes).
- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
- x86/microcode: Consolidate the loader enablement checking (git-fixes).
- x86/microcode: Update the Intel processor flag scan check (git-fixes).
- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).
- x86/mm/pat: do not collapse pages without PSE set (git-fixes).
- x86/nmi: Add an emergency handler in nmi_desc & use it in nmi_shootdown_cpus() (git-fixes).
- x86/percpu: Disable named address spaces for UBSAN_BOOL with KASAN for GCC < 14.2 (git-fixes).
- x86/pkeys: Simplify PKRU update in signal frame (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/pti: Add attack vector controls for PTI (git-fixes).
- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
- x86/smp: Allow calling mwait_play_dead with an arbitrary hint (jsc#PED-13815).
- x86/smp: Fix mwait_play_dead() and acpi_processor_ffh_play_dead() noreturn behavior (jsc#PED-13815).
- x86/smp: PM/hibernate: Split arch_resume_nosmt() (jsc#PED-13815).
- x86/smpboot: Fix INIT delay assignment for extended Intel Families (git-fixes).
- x86/topology: Implement topology_is_core_online() to address SMT regression (jsc#PED-13815).
- x86/traps: Initialize DR6 by writing its architectural reset value (git-fixes).
- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).
- xen/netfront: Fix TX response spurious interrupts (git-fixes).
- xen: fix UAF in dmabuf_exp_from_pages() (git-fixes).
- xfrm: replay: Fix the update of replay_esn->oseq_hi for GSO (git-fixes).
- xfs: change xfs_xattr_class from a TRACE_EVENT() to DECLARE_EVENT_CLASS() (git-fixes).
- xfs: do not propagate ENODATA disk errors into xattr code (git-fixes).
- xfs: fix scrub trace with null pointer in quotacheck (git-fixes).
- xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes).
- xfs: remove unused event xfs_alloc_near_error (git-fixes).
- xfs: remove unused event xfs_alloc_near_nominleft (git-fixes).
- xfs: remove unused event xfs_attr_node_removename (git-fixes).
- xfs: remove unused event xfs_ioctl_clone (git-fixes).
- xfs: remove unused event xfs_pagecache_inval (git-fixes).
- xfs: remove unused event xlog_iclog_want_sync (git-fixes).
- xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes).
- xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes).
- xfs: remove unused trace event xfs_discard_rtrelax (git-fixes).
- xfs: remove unused trace event xfs_log_cil_return (git-fixes).
- xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes).
- xfs: remove unused xfs_attr events (git-fixes).
- xfs: remove unused xfs_reflink_compare_extents events (git-fixes).
- xfs: remove usused xfs_end_io_direct events (git-fixes).
- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
- xhci: dbc: decouple endpoint allocation from initialization (git-fixes).
- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).
- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).
- zram: permit only one post-processing operation at a time (git-fixes).
ImportantSUSE bug 1215199SUSE bug 1218644SUSE bug 1230062SUSE bug 1234634SUSE bug 1234693SUSE bug 1234863SUSE bug 1235953SUSE bug 1236897SUSE bug 1237108SUSE bug 1237131SUSE bug 1237542SUSE bug 1237776SUSE bug 1238972SUSE bug 1239206SUSE bug 1240324SUSE bug 1240696SUSE bug 1240966SUSE bug 1240998SUSE bug 1241166SUSE bug 1241353SUSE bug 1241403SUSE bug 1241435SUSE bug 1242034SUSE bug 1242086SUSE bug 1242414SUSE bug 1242782SUSE bug 1242864SUSE bug 1242965SUSE bug 1242995SUSE bug 1243000SUSE bug 1243055SUSE bug 1243068SUSE bug 1243100SUSE bug 1243112SUSE bug 1243774SUSE bug 1244309SUSE bug 1244723SUSE bug 1244734SUSE bug 1244749SUSE bug 1244792SUSE bug 1244812SUSE bug 1244930SUSE bug 1244939SUSE bug 1245000SUSE bug 1245151SUSE bug 1245193SUSE bug 1245206SUSE bug 1245216SUSE bug 1245260SUSE bug 1245410SUSE bug 1245457SUSE bug 1245504SUSE bug 1245506SUSE bug 1245508SUSE bug 1245510SUSE bug 1245596SUSE bug 1245621SUSE bug 1245630SUSE bug 1245654SUSE bug 1245657SUSE bug 1245658SUSE bug 1245659SUSE bug 1245663SUSE bug 1245664SUSE bug 1245665SUSE bug 1245666SUSE bug 1245668SUSE bug 1245669SUSE bug 1245670SUSE bug 1245671SUSE bug 1245675SUSE bug 1245676SUSE bug 1245678SUSE bug 1245683SUSE bug 1245684SUSE bug 1245686SUSE bug 1245688SUSE bug 1245690SUSE bug 1245691SUSE bug 1245695SUSE bug 1245700SUSE bug 1245703SUSE bug 1245705SUSE bug 1245710SUSE bug 1245711SUSE bug 1245713SUSE bug 1245714SUSE bug 1245715SUSE bug 1245717SUSE bug 1245719SUSE bug 1245721SUSE bug 1245723SUSE bug 1245726SUSE bug 1245728SUSE bug 1245729SUSE bug 1245730SUSE bug 1245731SUSE bug 1245735SUSE bug 1245737SUSE bug 1245744SUSE bug 1245745SUSE bug 1245746SUSE bug 1245747SUSE bug 1245748SUSE bug 1245749SUSE bug 1245751SUSE bug 1245757SUSE bug 1245763SUSE bug 1245765SUSE bug 1245767SUSE bug 1245769SUSE bug 1245777SUSE bug 1245780SUSE bug 1245781SUSE bug 1245784SUSE bug 1245785SUSE bug 1245787SUSE bug 1245812SUSE bug 1245814SUSE bug 1245815SUSE bug 1245937SUSE bug 1245945SUSE bug 1245952SUSE bug 1245955SUSE bug 1245956SUSE bug 1245963SUSE bug 1245966SUSE bug 1245970SUSE bug 1245973SUSE bug 1245976SUSE bug 1245977SUSE bug 1245986SUSE bug 1246000SUSE bug 1246002SUSE bug 1246005SUSE bug 1246008SUSE bug 1246012SUSE bug 1246022SUSE bug 1246023SUSE bug 1246031SUSE bug 1246034SUSE bug 1246037SUSE bug 1246041SUSE bug 1246042SUSE bug 1246047SUSE bug 1246049SUSE bug 1246050SUSE bug 1246053SUSE bug 1246054SUSE bug 1246055SUSE bug 1246057SUSE bug 1246098SUSE bug 1246109SUSE bug 1246125SUSE bug 1246166SUSE bug 1246171SUSE bug 1246176SUSE bug 1246181SUSE bug 1246183SUSE bug 1246185SUSE bug 1246186SUSE bug 1246188SUSE bug 1246190SUSE bug 1246192SUSE bug 1246193SUSE bug 1246195SUSE bug 1246220SUSE bug 1246234SUSE bug 1246236SUSE bug 1246240SUSE bug 1246243SUSE bug 1246244SUSE bug 1246245SUSE bug 1246246SUSE bug 1246248SUSE bug 1246250SUSE bug 1246252SUSE bug 1246253SUSE bug 1246255SUSE bug 1246258SUSE bug 1246259SUSE bug 1246260SUSE bug 1246262SUSE bug 1246266SUSE bug 1246268SUSE bug 1246283SUSE bug 1246285SUSE bug 1246286SUSE bug 1246287SUSE bug 1246290SUSE bug 1246292SUSE bug 1246293SUSE bug 1246295SUSE bug 1246297SUSE bug 1246333SUSE bug 1246334SUSE bug 1246337SUSE bug 1246342SUSE bug 1246349SUSE bug 1246351SUSE bug 1246353SUSE bug 1246354SUSE bug 1246358SUSE bug 1246364SUSE bug 1246366SUSE bug 1246370SUSE bug 1246375SUSE bug 1246376SUSE bug 1246385SUSE bug 1246386SUSE bug 1246387SUSE bug 1246438SUSE bug 1246443SUSE bug 1246444SUSE bug 1246447SUSE bug 1246450SUSE bug 1246453SUSE bug 1246473SUSE bug 1246490SUSE bug 1246509SUSE bug 1246547SUSE bug 1246631SUSE bug 1246651SUSE bug 1246688SUSE bug 1246777SUSE bug 1246781SUSE bug 1246782SUSE bug 1246868SUSE bug 1246896SUSE bug 1246911SUSE bug 1246979SUSE bug 1247018SUSE bug 1247020SUSE bug 1247022SUSE bug 1247023SUSE bug 1247024SUSE bug 1247027SUSE bug 1247028SUSE bug 1247031SUSE bug 1247033SUSE bug 1247035SUSE bug 1247061SUSE bug 1247062SUSE bug 1247064SUSE bug 1247076SUSE bug 1247078SUSE bug 1247079SUSE bug 1247088SUSE bug 1247089SUSE bug 1247091SUSE bug 1247097SUSE bug 1247098SUSE bug 1247099SUSE bug 1247101SUSE bug 1247102SUSE bug 1247103SUSE bug 1247104SUSE bug 1247112SUSE bug 1247113SUSE bug 1247116SUSE bug 1247118SUSE bug 1247119SUSE bug 1247123SUSE bug 1247125SUSE bug 1247126SUSE bug 1247128SUSE bug 1247130SUSE bug 1247131SUSE bug 1247132SUSE bug 1247136SUSE bug 1247137SUSE bug 1247138SUSE bug 1247141SUSE bug 1247143SUSE bug 1247145SUSE bug 1247146SUSE bug 1247147SUSE bug 1247149SUSE bug 1247150SUSE bug 1247151SUSE bug 1247152SUSE bug 1247153SUSE bug 1247154SUSE bug 1247155SUSE bug 1247156SUSE bug 1247157SUSE bug 1247160SUSE bug 1247162SUSE bug 1247163SUSE bug 1247164SUSE bug 1247167SUSE bug 1247169SUSE bug 1247170SUSE bug 1247171SUSE bug 1247174SUSE bug 1247176SUSE bug 1247177SUSE bug 1247178SUSE bug 1247181SUSE bug 1247209SUSE bug 1247210SUSE bug 1247220SUSE bug 1247223SUSE bug 1247227SUSE bug 1247229SUSE bug 1247231SUSE bug 1247233SUSE bug 1247234SUSE bug 1247235SUSE bug 1247236SUSE bug 1247238SUSE bug 1247239SUSE bug 1247241SUSE bug 1247243SUSE bug 1247250SUSE bug 1247251SUSE bug 1247252SUSE bug 1247253SUSE bug 1247255SUSE bug 1247262SUSE bug 1247265SUSE bug 1247270SUSE bug 1247271SUSE bug 1247273SUSE bug 1247274SUSE bug 1247276SUSE bug 1247277SUSE bug 1247278SUSE bug 1247279SUSE bug 1247280SUSE bug 1247282SUSE bug 1247283SUSE bug 1247284SUSE bug 1247285SUSE bug 1247288SUSE bug 1247289SUSE bug 1247290SUSE bug 1247293SUSE bug 1247308SUSE bug 1247311SUSE bug 1247313SUSE bug 1247314SUSE bug 1247317SUSE bug 1247325SUSE bug 1247347SUSE bug 1247348SUSE bug 1247349SUSE bug 1247366SUSE bug 1247372SUSE bug 1247376SUSE bug 1247426SUSE bug 1247437SUSE bug 1247442SUSE bug 1247483SUSE bug 1247500SUSE bug 1247712SUSE bug 1247837SUSE bug 1247838SUSE bug 1247935SUSE bug 1247936SUSE bug 1247949SUSE bug 1247950SUSE bug 1247963SUSE bug 1247976SUSE bug 1248088SUSE bug 1248111SUSE bug 1248121SUSE bug 1248183SUSE bug 1248186SUSE bug 1248190SUSE bug 1248192SUSE bug 1248194SUSE bug 1248198SUSE bug 1248199SUSE bug 1248200SUSE bug 1248202SUSE bug 1248205SUSE bug 1248211SUSE bug 1248223SUSE bug 1248224SUSE bug 1248225SUSE bug 1248230SUSE bug 1248235SUSE bug 1248255SUSE bug 1248296SUSE bug 1248297SUSE bug 1248299SUSE bug 1248302SUSE bug 1248304SUSE bug 1248306SUSE bug 1248312SUSE bug 1248333SUSE bug 1248334SUSE bug 1248337SUSE bug 1248338SUSE bug 1248340SUSE bug 1248341SUSE bug 1248343SUSE bug 1248345SUSE bug 1248349SUSE bug 1248350SUSE bug 1248354SUSE bug 1248355SUSE bug 1248357SUSE bug 1248359SUSE bug 1248361SUSE bug 1248363SUSE bug 1248365SUSE bug 1248367SUSE bug 1248368SUSE bug 1248374SUSE bug 1248377SUSE bug 1248378SUSE bug 1248380SUSE bug 1248386SUSE bug 1248390SUSE bug 1248392SUSE bug 1248395SUSE bug 1248396SUSE bug 1248399SUSE bug 1248401SUSE bug 1248511SUSE bug 1248512SUSE bug 1248573SUSE bug 1248575SUSE bug 1248577SUSE bug 1248609SUSE bug 1248610SUSE bug 1248616SUSE bug 1248617SUSE bug 1248619SUSE bug 1248621SUSE bug 1248622SUSE bug 1248624SUSE bug 1248627SUSE bug 1248628SUSE bug 1248634SUSE bug 1248635SUSE bug 1248639SUSE bug 1248643SUSE bug 1248647SUSE bug 1248648SUSE bug 1248652SUSE bug 1248655SUSE bug 1248662SUSE bug 1248664SUSE bug 1248666SUSE bug 1248669SUSE bug 1248674SUSE bug 1248681SUSE bug 1248727SUSE bug 1248728SUSE bug 1248748SUSE bug 1248754SUSE bug 1248775SUSE bug 1249022SUSE bug 1249038SUSE bug 1249060SUSE bug 1249061SUSE bug 1249062SUSE bug 1249064SUSE bug 1249065SUSE bug 1249066SUSE bug 1249126SUSE bug 1249143SUSE bug 1249156SUSE bug 1249159SUSE bug 1249160SUSE bug 1249163SUSE bug 1249164SUSE bug 1249166SUSE bug 1249167SUSE bug 1249169SUSE bug 1249170SUSE bug 1249172SUSE bug 1249176SUSE bug 1249177SUSE bug 1249182SUSE bug 1249186SUSE bug 1249190SUSE bug 1249193SUSE bug 1249195SUSE bug 1249199SUSE bug 1249201SUSE bug 1249202SUSE bug 1249203SUSE bug 1249204SUSE bug 1249206SUSE bug 1249215SUSE bug 1249220SUSE bug 1249221SUSE bug 1249254SUSE bug 1249258SUSE bug 1249262SUSE bug 1249263SUSE bug 1249265SUSE bug 1249266SUSE bug 1249269SUSE bug 1249271SUSE bug 1249272SUSE bug 1249273SUSE bug 1249274SUSE bug 1249278SUSE bug 1249279SUSE bug 1249281SUSE bug 1249282SUSE bug 1249284SUSE bug 1249285SUSE bug 1249286SUSE bug 1249288SUSE bug 1249290SUSE bug 1249292SUSE bug 1249295SUSE bug 1249296SUSE bug 1249297SUSE bug 1249299SUSE bug 1249300SUSE bug 1249301SUSE bug 1249303SUSE bug 1249304SUSE bug 1249305SUSE bug 1249306SUSE bug 1249308SUSE bug 1249309SUSE bug 1249312SUSE bug 1249313SUSE bug 1249314SUSE bug 1249315SUSE bug 1249316SUSE bug 1249318SUSE bug 1249319SUSE bug 1249320SUSE bug 1249321SUSE bug 1249322SUSE bug 1249323SUSE bug 1249324SUSE bug 1249333SUSE bug 1249334SUSE bug 1249338SUSE bug 1249346SUSE bug 1249374SUSE bug 1249413SUSE bug 1249477SUSE bug 1249478SUSE bug 1249479SUSE bug 1249486SUSE bug 1249490SUSE bug 1249494SUSE bug 1249500SUSE bug 1249504SUSE bug 1249506SUSE bug 1249508SUSE bug 1249509SUSE bug 1249510SUSE bug 1249513SUSE bug 1249515SUSE bug 1249516SUSE bug 1249522SUSE bug 1249523SUSE bug 1249524SUSE bug 1249526SUSE bug 1249533SUSE bug 1249538SUSE bug 1249540SUSE bug 1249542SUSE bug 1249545SUSE bug 1249547SUSE bug 1249548SUSE bug 1249550SUSE bug 1249552SUSE bug 1249554SUSE bug 1249562SUSE bug 1249566SUSE bug 1249587SUSE bug 1249598SUSE bug 1249604SUSE bug 1249608SUSE bug 1249615SUSE bug 1249618SUSE bug 1249774SUSE bug 1249833SUSE bug 1249887SUSE bug 1249888SUSE bug 1249901SUSE bug 1249904SUSE bug 1249906SUSE bug 1249915SUSE bug 1249974SUSE bug 1249975SUSE bug 1250002SUSE bug 1250007SUSE bug 1250021SUSE bug 1250025SUSE bug 1250028SUSE bug 1250032SUSE bug 1250087SUSE bug 1250088SUSE bug 1250119SUSE bug 1250123SUSE bug 1250124SUSE bug 1250177SUSE bug 1250179SUSE bug 1250203SUSE bug 1250204SUSE bug 1250205SUSE bug 1250237SUSE bug 1250242SUSE bug 1250247SUSE bug 1250249SUSE bug 1250251SUSE bug 1250258SUSE bug 1250262SUSE bug 1250266SUSE bug 1250267SUSE bug 1250268SUSE bug 1250275SUSE bug 1250276SUSE bug 1250281SUSE bug 1250291SUSE bug 1250292SUSE bug 1250294SUSE bug 1250296SUSE bug 1250297SUSE bug 1250298SUSE bug 1250334SUSE bug 1250344SUSE bug 1250365SUSE bug 1250371SUSE bug 1250377SUSE bug 1250386SUSE bug 1250389SUSE bug 1250398SUSE bug 1250402SUSE bug 1250406SUSE bug 1250407SUSE bug 1250408SUSE bug 1250450SUSE bug 1250491SUSE bug 1250519SUSE bug 1250522SUSE bug 1250650SUSE bug 1250655SUSE bug 1250671SUSE bug 1250702SUSE bug 1250711SUSE bug 1250712SUSE bug 1250713SUSE bug 1250716SUSE bug 1250719SUSE bug 1250722SUSE bug 1250729SUSE bug 1250736SUSE bug 1250737SUSE bug 1250739SUSE bug 1250741SUSE bug 1250742SUSE bug 1250758SUSE bug 1250952SUSE bug 1251100SUSE bug 1251114SUSE bug 1251134SUSE bug 1251135SUSE bug 1251143SUSE bug 1251146SUSE bug 1251186SUSE bug 1251216SUSE bug 1251230SUSE bug 1251810SUSE bug 1252084CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2024-57891 at SUSECVE-2024-57891 at NVDCVE-2024-57951 at SUSECVE-2024-57951 at NVDCVE-2024-57952 at SUSECVE-2024-57952 at NVDCVE-2024-58090 at SUSECVE-2024-58090 at NVDCVE-2025-22034 at SUSECVE-2025-22034 at NVDCVE-2025-22077 at SUSECVE-2025-22077 at NVDCVE-2025-23141 at SUSECVE-2025-23141 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37821 at SUSECVE-2025-37821 at NVDCVE-2025-37849 at SUSECVE-2025-37849 at NVDCVE-2025-37856 at SUSECVE-2025-37856 at NVDCVE-2025-37861 at SUSECVE-2025-37861 at NVDCVE-2025-37864 at SUSECVE-2025-37864 at NVDCVE-2025-38006 at SUSECVE-2025-38006 at NVDCVE-2025-38008 at SUSECVE-2025-38008 at NVDCVE-2025-38019 at SUSECVE-2025-38019 at NVDCVE-2025-38034 at SUSECVE-2025-38034 at NVDCVE-2025-38038 at SUSECVE-2025-38038 at NVDCVE-2025-38052 at SUSECVE-2025-38052 at NVDCVE-2025-38058 at SUSECVE-2025-38058 at NVDCVE-2025-38062 at SUSECVE-2025-38062 at NVDCVE-2025-38075 at SUSECVE-2025-38075 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38088 at SUSECVE-2025-38088 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38090 at SUSECVE-2025-38090 at NVDCVE-2025-38091 at SUSECVE-2025-38091 at NVDCVE-2025-38095 at SUSECVE-2025-38095 at NVDCVE-2025-38096 at SUSECVE-2025-38096 at NVDCVE-2025-38098 at SUSECVE-2025-38098 at NVDCVE-2025-38099 at SUSECVE-2025-38099 at NVDCVE-2025-38101 at SUSECVE-2025-38101 at NVDCVE-2025-38102 at SUSECVE-2025-38102 at NVDCVE-2025-38103 at SUSECVE-2025-38103 at NVDCVE-2025-38106 at SUSECVE-2025-38106 at NVDCVE-2025-38107 at SUSECVE-2025-38107 at NVDCVE-2025-38108 at SUSECVE-2025-38108 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38112 at SUSECVE-2025-38112 at NVDCVE-2025-38113 at SUSECVE-2025-38113 at NVDCVE-2025-38114 at SUSECVE-2025-38114 at NVDCVE-2025-38117 at SUSECVE-2025-38117 at NVDCVE-2025-38118 at SUSECVE-2025-38118 at NVDCVE-2025-38119 at SUSECVE-2025-38119 at NVDCVE-2025-38120 at SUSECVE-2025-38120 at NVDCVE-2025-38122 at SUSECVE-2025-38122 at NVDCVE-2025-38123 at SUSECVE-2025-38123 at NVDCVE-2025-38124 at SUSECVE-2025-38124 at NVDCVE-2025-38125 at SUSECVE-2025-38125 at NVDCVE-2025-38127 at SUSECVE-2025-38127 at NVDCVE-2025-38128 at SUSECVE-2025-38128 at NVDCVE-2025-38129 at SUSECVE-2025-38129 at NVDCVE-2025-38134 at SUSECVE-2025-38134 at NVDCVE-2025-38135 at SUSECVE-2025-38135 at NVDCVE-2025-38136 at SUSECVE-2025-38136 at NVDCVE-2025-38137 at SUSECVE-2025-38137 at NVDCVE-2025-38138 at SUSECVE-2025-38138 at NVDCVE-2025-38140 at SUSECVE-2025-38140 at NVDCVE-2025-38141 at SUSECVE-2025-38141 at NVDCVE-2025-38142 at SUSECVE-2025-38142 at NVDCVE-2025-38143 at SUSECVE-2025-38143 at NVDCVE-2025-38145 at SUSECVE-2025-38145 at NVDCVE-2025-38146 at SUSECVE-2025-38146 at NVDCVE-2025-38148 at SUSECVE-2025-38148 at NVDCVE-2025-38149 at SUSECVE-2025-38149 at NVDCVE-2025-38151 at SUSECVE-2025-38151 at NVDCVE-2025-38153 at SUSECVE-2025-38153 at NVDCVE-2025-38154 at SUSECVE-2025-38154 at NVDCVE-2025-38155 at SUSECVE-2025-38155 at NVDCVE-2025-38156 at SUSECVE-2025-38156 at NVDCVE-2025-38157 at SUSECVE-2025-38157 at NVDCVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38160 at SUSECVE-2025-38160 at NVDCVE-2025-38161 at SUSECVE-2025-38161 at NVDCVE-2025-38165 at SUSECVE-2025-38165 at NVDCVE-2025-38168 at SUSECVE-2025-38168 at NVDCVE-2025-38169 at SUSECVE-2025-38169 at NVDCVE-2025-38170 at SUSECVE-2025-38170 at NVDCVE-2025-38172 at SUSECVE-2025-38172 at NVDCVE-2025-38173 at SUSECVE-2025-38173 at NVDCVE-2025-38174 at SUSECVE-2025-38174 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38180 at SUSECVE-2025-38180 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38182 at SUSECVE-2025-38182 at NVDCVE-2025-38184 at SUSECVE-2025-38184 at NVDCVE-2025-38185 at SUSECVE-2025-38185 at NVDCVE-2025-38186 at SUSECVE-2025-38186 at NVDCVE-2025-38188 at SUSECVE-2025-38188 at NVDCVE-2025-38189 at SUSECVE-2025-38189 at NVDCVE-2025-38190 at SUSECVE-2025-38190 at NVDCVE-2025-38193 at SUSECVE-2025-38193 at NVDCVE-2025-38197 at SUSECVE-2025-38197 at NVDCVE-2025-38198 at SUSECVE-2025-38198 at NVDCVE-2025-38201 at SUSECVE-2025-38201 at NVDCVE-2025-38205 at SUSECVE-2025-38205 at NVDCVE-2025-38208 at SUSECVE-2025-38208 at NVDCVE-2025-38209 at SUSECVE-2025-38209 at NVDCVE-2025-38211 at SUSECVE-2025-38211 at NVDCVE-2025-38213 at SUSECVE-2025-38213 at NVDCVE-2025-38214 at SUSECVE-2025-38214 at NVDCVE-2025-38215 at SUSECVE-2025-38215 at NVDCVE-2025-38216 at SUSECVE-2025-38216 at NVDCVE-2025-38217 at SUSECVE-2025-38217 at NVDCVE-2025-38220 at SUSECVE-2025-38220 at NVDCVE-2025-38222 at SUSECVE-2025-38222 at NVDCVE-2025-38224 at SUSECVE-2025-38224 at NVDCVE-2025-38225 at SUSECVE-2025-38225 at NVDCVE-2025-38226 at SUSECVE-2025-38226 at NVDCVE-2025-38227 at SUSECVE-2025-38227 at NVDCVE-2025-38228 at SUSECVE-2025-38228 at NVDCVE-2025-38229 at SUSECVE-2025-38229 at NVDCVE-2025-38231 at SUSECVE-2025-38231 at NVDCVE-2025-38232 at SUSECVE-2025-38232 at NVDCVE-2025-38233 at SUSECVE-2025-38233 at NVDCVE-2025-38234 at SUSECVE-2025-38234 at NVDCVE-2025-38242 at SUSECVE-2025-38242 at NVDCVE-2025-38244 at SUSECVE-2025-38244 at NVDCVE-2025-38245 at SUSECVE-2025-38245 at NVDCVE-2025-38246 at SUSECVE-2025-38246 at NVDCVE-2025-38249 at SUSECVE-2025-38249 at NVDCVE-2025-38251 at SUSECVE-2025-38251 at NVDCVE-2025-38253 at SUSECVE-2025-38253 at NVDCVE-2025-38255 at SUSECVE-2025-38255 at NVDCVE-2025-38256 at SUSECVE-2025-38256 at NVDCVE-2025-38257 at SUSECVE-2025-38257 at NVDCVE-2025-38258 at SUSECVE-2025-38258 at NVDCVE-2025-38259 at SUSECVE-2025-38259 at NVDCVE-2025-38263 at SUSECVE-2025-38263 at NVDCVE-2025-38264 at SUSECVE-2025-38264 at NVDCVE-2025-38265 at SUSECVE-2025-38265 at NVDCVE-2025-38267 at SUSECVE-2025-38267 at NVDCVE-2025-38268 at SUSECVE-2025-38268 at NVDCVE-2025-38270 at SUSECVE-2025-38270 at NVDCVE-2025-38272 at SUSECVE-2025-38272 at NVDCVE-2025-38273 at SUSECVE-2025-38273 at NVDCVE-2025-38274 at SUSECVE-2025-38274 at NVDCVE-2025-38275 at SUSECVE-2025-38275 at NVDCVE-2025-38277 at SUSECVE-2025-38277 at NVDCVE-2025-38278 at SUSECVE-2025-38278 at NVDCVE-2025-38286 at SUSECVE-2025-38286 at NVDCVE-2025-38287 at SUSECVE-2025-38287 at NVDCVE-2025-38288 at SUSECVE-2025-38288 at NVDCVE-2025-38289 at SUSECVE-2025-38289 at NVDCVE-2025-38290 at SUSECVE-2025-38290 at NVDCVE-2025-38291 at SUSECVE-2025-38291 at NVDCVE-2025-38292 at SUSECVE-2025-38292 at NVDCVE-2025-38293 at SUSECVE-2025-38293 at NVDCVE-2025-38299 at SUSECVE-2025-38299 at NVDCVE-2025-38300 at SUSECVE-2025-38300 at NVDCVE-2025-38301 at SUSECVE-2025-38301 at NVDCVE-2025-38302 at SUSECVE-2025-38302 at NVDCVE-2025-38303 at SUSECVE-2025-38303 at NVDCVE-2025-38304 at SUSECVE-2025-38304 at NVDCVE-2025-38305 at SUSECVE-2025-38305 at NVDCVE-2025-38306 at SUSECVE-2025-38306 at NVDCVE-2025-38307 at SUSECVE-2025-38307 at NVDCVE-2025-38311 at SUSECVE-2025-38311 at NVDCVE-2025-38312 at SUSECVE-2025-38312 at NVDCVE-2025-38313 at SUSECVE-2025-38313 at NVDCVE-2025-38315 at SUSECVE-2025-38315 at NVDCVE-2025-38317 at SUSECVE-2025-38317 at NVDCVE-2025-38318 at SUSECVE-2025-38318 at NVDCVE-2025-38319 at SUSECVE-2025-38319 at NVDCVE-2025-38322 at SUSECVE-2025-38322 at NVDCVE-2025-38323 at SUSECVE-2025-38323 at NVDCVE-2025-38326 at SUSECVE-2025-38326 at NVDCVE-2025-38332 at SUSECVE-2025-38332 at NVDCVE-2025-38335 at SUSECVE-2025-38335 at NVDCVE-2025-38336 at SUSECVE-2025-38336 at NVDCVE-2025-38337 at SUSECVE-2025-38337 at NVDCVE-2025-38338 at SUSECVE-2025-38338 at NVDCVE-2025-38339 at SUSECVE-2025-38339 at NVDCVE-2025-38341 at SUSECVE-2025-38341 at NVDCVE-2025-38342 at SUSECVE-2025-38342 at NVDCVE-2025-38343 at SUSECVE-2025-38343 at NVDCVE-2025-38344 at SUSECVE-2025-38344 at NVDCVE-2025-38345 at SUSECVE-2025-38345 at NVDCVE-2025-38348 at SUSECVE-2025-38348 at NVDCVE-2025-38349 at SUSECVE-2025-38349 at NVDCVE-2025-38350 at SUSECVE-2025-38350 at NVDCVE-2025-38351 at SUSECVE-2025-38351 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-38353 at SUSECVE-2025-38353 at NVDCVE-2025-38354 at SUSECVE-2025-38354 at NVDCVE-2025-38355 at SUSECVE-2025-38355 at NVDCVE-2025-38356 at SUSECVE-2025-38356 at NVDCVE-2025-38359 at SUSECVE-2025-38359 at NVDCVE-2025-38360 at SUSECVE-2025-38360 at NVDCVE-2025-38361 at SUSECVE-2025-38361 at NVDCVE-2025-38362 at SUSECVE-2025-38362 at NVDCVE-2025-38363 at SUSECVE-2025-38363 at NVDCVE-2025-38364 at SUSECVE-2025-38364 at NVDCVE-2025-38365 at SUSECVE-2025-38365 at NVDCVE-2025-38368 at SUSECVE-2025-38368 at NVDCVE-2025-38369 at SUSECVE-2025-38369 at NVDCVE-2025-38371 at SUSECVE-2025-38371 at NVDCVE-2025-38372 at SUSECVE-2025-38372 at NVDCVE-2025-38373 at SUSECVE-2025-38373 at NVDCVE-2025-38374 at SUSECVE-2025-38374 at NVDCVE-2025-38375 at SUSECVE-2025-38375 at NVDCVE-2025-38376 at SUSECVE-2025-38376 at NVDCVE-2025-38377 at SUSECVE-2025-38377 at NVDCVE-2025-38380 at SUSECVE-2025-38380 at NVDCVE-2025-38381 at SUSECVE-2025-38381 at NVDCVE-2025-38382 at SUSECVE-2025-38382 at NVDCVE-2025-38383 at SUSECVE-2025-38383 at NVDCVE-2025-38384 at SUSECVE-2025-38384 at NVDCVE-2025-38385 at SUSECVE-2025-38385 at NVDCVE-2025-38386 at SUSECVE-2025-38386 at NVDCVE-2025-38387 at SUSECVE-2025-38387 at NVDCVE-2025-38389 at SUSECVE-2025-38389 at NVDCVE-2025-38390 at SUSECVE-2025-38390 at NVDCVE-2025-38391 at SUSECVE-2025-38391 at NVDCVE-2025-38392 at SUSECVE-2025-38392 at NVDCVE-2025-38393 at SUSECVE-2025-38393 at NVDCVE-2025-38395 at SUSECVE-2025-38395 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38397 at SUSECVE-2025-38397 at NVDCVE-2025-38399 at SUSECVE-2025-38399 at NVDCVE-2025-38400 at SUSECVE-2025-38400 at NVDCVE-2025-38401 at SUSECVE-2025-38401 at NVDCVE-2025-38402 at SUSECVE-2025-38402 at NVDCVE-2025-38403 at SUSECVE-2025-38403 at NVDCVE-2025-38404 at SUSECVE-2025-38404 at NVDCVE-2025-38405 at SUSECVE-2025-38405 at NVDCVE-2025-38406 at SUSECVE-2025-38406 at NVDCVE-2025-38408 at SUSECVE-2025-38408 at NVDCVE-2025-38409 at SUSECVE-2025-38409 at NVDCVE-2025-38410 at SUSECVE-2025-38410 at NVDCVE-2025-38412 at SUSECVE-2025-38412 at NVDCVE-2025-38413 at SUSECVE-2025-38413 at NVDCVE-2025-38414 at SUSECVE-2025-38414 at NVDCVE-2025-38415 at SUSECVE-2025-38415 at NVDCVE-2025-38416 at SUSECVE-2025-38416 at NVDCVE-2025-38417 at SUSECVE-2025-38417 at NVDCVE-2025-38418 at SUSECVE-2025-38418 at NVDCVE-2025-38419 at SUSECVE-2025-38419 at NVDCVE-2025-38420 at SUSECVE-2025-38420 at NVDCVE-2025-38421 at SUSECVE-2025-38421 at NVDCVE-2025-38424 at SUSECVE-2025-38424 at NVDCVE-2025-38425 at SUSECVE-2025-38425 at NVDCVE-2025-38426 at SUSECVE-2025-38426 at NVDCVE-2025-38427 at SUSECVE-2025-38427 at NVDCVE-2025-38428 at SUSECVE-2025-38428 at NVDCVE-2025-38429 at SUSECVE-2025-38429 at NVDCVE-2025-38430 at SUSECVE-2025-38430 at NVDCVE-2025-38436 at SUSECVE-2025-38436 at NVDCVE-2025-38438 at SUSECVE-2025-38438 at NVDCVE-2025-38439 at SUSECVE-2025-38439 at NVDCVE-2025-38440 at SUSECVE-2025-38440 at NVDCVE-2025-38441 at SUSECVE-2025-38441 at NVDCVE-2025-38443 at SUSECVE-2025-38443 at NVDCVE-2025-38444 at SUSECVE-2025-38444 at NVDCVE-2025-38445 at SUSECVE-2025-38445 at NVDCVE-2025-38446 at SUSECVE-2025-38446 at NVDCVE-2025-38448 at SUSECVE-2025-38448 at NVDCVE-2025-38449 at SUSECVE-2025-38449 at NVDCVE-2025-38450 at SUSECVE-2025-38450 at NVDCVE-2025-38451 at SUSECVE-2025-38451 at NVDCVE-2025-38453 at SUSECVE-2025-38453 at NVDCVE-2025-38454 at SUSECVE-2025-38454 at NVDCVE-2025-38455 at SUSECVE-2025-38455 at NVDCVE-2025-38456 at SUSECVE-2025-38456 at NVDCVE-2025-38457 at SUSECVE-2025-38457 at NVDCVE-2025-38458 at SUSECVE-2025-38458 at NVDCVE-2025-38459 at SUSECVE-2025-38459 at NVDCVE-2025-38460 at SUSECVE-2025-38460 at NVDCVE-2025-38461 at SUSECVE-2025-38461 at NVDCVE-2025-38462 at SUSECVE-2025-38462 at NVDCVE-2025-38463 at SUSECVE-2025-38463 at NVDCVE-2025-38464 at SUSECVE-2025-38464 at NVDCVE-2025-38465 at SUSECVE-2025-38465 at NVDCVE-2025-38466 at SUSECVE-2025-38466 at NVDCVE-2025-38467 at SUSECVE-2025-38467 at NVDCVE-2025-38468 at SUSECVE-2025-38468 at NVDCVE-2025-38470 at SUSECVE-2025-38470 at NVDCVE-2025-38472 at SUSECVE-2025-38472 at NVDCVE-2025-38473 at SUSECVE-2025-38473 at NVDCVE-2025-38474 at SUSECVE-2025-38474 at NVDCVE-2025-38475 at SUSECVE-2025-38475 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDCVE-2025-38478 at SUSECVE-2025-38478 at NVDCVE-2025-38480 at SUSECVE-2025-38480 at NVDCVE-2025-38481 at SUSECVE-2025-38481 at NVDCVE-2025-38482 at SUSECVE-2025-38482 at NVDCVE-2025-38483 at SUSECVE-2025-38483 at NVDCVE-2025-38484 at SUSECVE-2025-38484 at NVDCVE-2025-38485 at SUSECVE-2025-38485 at NVDCVE-2025-38487 at SUSECVE-2025-38487 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-38489 at SUSECVE-2025-38489 at NVDCVE-2025-38490 at SUSECVE-2025-38490 at NVDCVE-2025-38491 at SUSECVE-2025-38491 at NVDCVE-2025-38493 at SUSECVE-2025-38493 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDCVE-2025-38496 at SUSECVE-2025-38496 at NVDCVE-2025-38497 at SUSECVE-2025-38497 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38503 at SUSECVE-2025-38503 at NVDCVE-2025-38506 at SUSECVE-2025-38506 at NVDCVE-2025-38508 at SUSECVE-2025-38508 at NVDCVE-2025-38514 at SUSECVE-2025-38514 at NVDCVE-2025-38524 at SUSECVE-2025-38524 at NVDCVE-2025-38526 at SUSECVE-2025-38526 at NVDCVE-2025-38527 at SUSECVE-2025-38527 at NVDCVE-2025-38528 at SUSECVE-2025-38528 at NVDCVE-2025-38531 at SUSECVE-2025-38531 at NVDCVE-2025-38533 at SUSECVE-2025-38533 at NVDCVE-2025-38539 at SUSECVE-2025-38539 at NVDCVE-2025-38544 at SUSECVE-2025-38544 at NVDCVE-2025-38545 at SUSECVE-2025-38545 at NVDCVE-2025-38546 at SUSECVE-2025-38546 at NVDCVE-2025-38549 at SUSECVE-2025-38549 at NVDCVE-2025-38552 at SUSECVE-2025-38552 at NVDCVE-2025-38553 at SUSECVE-2025-38553 at NVDCVE-2025-38554 at SUSECVE-2025-38554 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDCVE-2025-38556 at SUSECVE-2025-38556 at NVDCVE-2025-38557 at SUSECVE-2025-38557 at NVDCVE-2025-38559 at SUSECVE-2025-38559 at NVDCVE-2025-38560 at SUSECVE-2025-38560 at NVDCVE-2025-38563 at SUSECVE-2025-38563 at NVDCVE-2025-38564 at SUSECVE-2025-38564 at NVDCVE-2025-38565 at SUSECVE-2025-38565 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38568 at SUSECVE-2025-38568 at NVDCVE-2025-38571 at SUSECVE-2025-38571 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38573 at SUSECVE-2025-38573 at NVDCVE-2025-38574 at SUSECVE-2025-38574 at NVDCVE-2025-38576 at SUSECVE-2025-38576 at NVDCVE-2025-38581 at SUSECVE-2025-38581 at NVDCVE-2025-38582 at SUSECVE-2025-38582 at NVDCVE-2025-38583 at SUSECVE-2025-38583 at NVDCVE-2025-38584 at SUSECVE-2025-38584 at NVDCVE-2025-38585 at SUSECVE-2025-38585 at NVDCVE-2025-38586 at SUSECVE-2025-38586 at NVDCVE-2025-38587 at SUSECVE-2025-38587 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38591 at SUSECVE-2025-38591 at NVDCVE-2025-38593 at SUSECVE-2025-38593 at NVDCVE-2025-38595 at SUSECVE-2025-38595 at NVDCVE-2025-38597 at SUSECVE-2025-38597 at NVDCVE-2025-38601 at SUSECVE-2025-38601 at NVDCVE-2025-38602 at SUSECVE-2025-38602 at NVDCVE-2025-38604 at SUSECVE-2025-38604 at NVDCVE-2025-38605 at SUSECVE-2025-38605 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-38609 at SUSECVE-2025-38609 at NVDCVE-2025-38610 at SUSECVE-2025-38610 at NVDCVE-2025-38612 at SUSECVE-2025-38612 at NVDCVE-2025-38614 at SUSECVE-2025-38614 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38619 at SUSECVE-2025-38619 at NVDCVE-2025-38621 at SUSECVE-2025-38621 at NVDCVE-2025-38622 at SUSECVE-2025-38622 at NVDCVE-2025-38623 at SUSECVE-2025-38623 at NVDCVE-2025-38624 at SUSECVE-2025-38624 at NVDCVE-2025-38628 at SUSECVE-2025-38628 at NVDCVE-2025-38630 at SUSECVE-2025-38630 at NVDCVE-2025-38631 at SUSECVE-2025-38631 at NVDCVE-2025-38632 at SUSECVE-2025-38632 at NVDCVE-2025-38634 at SUSECVE-2025-38634 at NVDCVE-2025-38635 at SUSECVE-2025-38635 at NVDCVE-2025-38639 at SUSECVE-2025-38639 at NVDCVE-2025-38640 at SUSECVE-2025-38640 at NVDCVE-2025-38643 at SUSECVE-2025-38643 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38646 at SUSECVE-2025-38646 at NVDCVE-2025-38648 at SUSECVE-2025-38648 at NVDCVE-2025-38656 at SUSECVE-2025-38656 at NVDCVE-2025-38658 at SUSECVE-2025-38658 at NVDCVE-2025-38659 at SUSECVE-2025-38659 at NVDCVE-2025-38660 at SUSECVE-2025-38660 at NVDCVE-2025-38662 at SUSECVE-2025-38662 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDCVE-2025-38665 at SUSECVE-2025-38665 at NVDCVE-2025-38668 at SUSECVE-2025-38668 at NVDCVE-2025-38670 at SUSECVE-2025-38670 at NVDCVE-2025-38671 at SUSECVE-2025-38671 at NVDCVE-2025-38676 at SUSECVE-2025-38676 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDCVE-2025-38679 at SUSECVE-2025-38679 at NVDCVE-2025-38680 at SUSECVE-2025-38680 at NVDCVE-2025-38681 at SUSECVE-2025-38681 at NVDCVE-2025-38683 at SUSECVE-2025-38683 at NVDCVE-2025-38684 at SUSECVE-2025-38684 at NVDCVE-2025-38685 at SUSECVE-2025-38685 at NVDCVE-2025-38686 at SUSECVE-2025-38686 at NVDCVE-2025-38687 at SUSECVE-2025-38687 at NVDCVE-2025-38691 at SUSECVE-2025-38691 at NVDCVE-2025-38692 at SUSECVE-2025-38692 at NVDCVE-2025-38693 at SUSECVE-2025-38693 at NVDCVE-2025-38694 at SUSECVE-2025-38694 at NVDCVE-2025-38695 at SUSECVE-2025-38695 at NVDCVE-2025-38700 at SUSECVE-2025-38700 at NVDCVE-2025-38701 at SUSECVE-2025-38701 at NVDCVE-2025-38702 at SUSECVE-2025-38702 at NVDCVE-2025-38703 at SUSECVE-2025-38703 at NVDCVE-2025-38705 at SUSECVE-2025-38705 at NVDCVE-2025-38706 at SUSECVE-2025-38706 at NVDCVE-2025-38709 at SUSECVE-2025-38709 at NVDCVE-2025-38710 at SUSECVE-2025-38710 at NVDCVE-2025-38717 at SUSECVE-2025-38717 at NVDCVE-2025-38721 at SUSECVE-2025-38721 at NVDCVE-2025-38722 at SUSECVE-2025-38722 at NVDCVE-2025-38724 at SUSECVE-2025-38724 at NVDCVE-2025-38725 at SUSECVE-2025-38725 at NVDCVE-2025-38727 at SUSECVE-2025-38727 at NVDCVE-2025-38729 at SUSECVE-2025-38729 at NVDCVE-2025-38730 at SUSECVE-2025-38730 at NVDCVE-2025-38732 at SUSECVE-2025-38732 at NVDCVE-2025-38733 at SUSECVE-2025-38733 at NVDCVE-2025-38734 at SUSECVE-2025-38734 at NVDCVE-2025-38735 at SUSECVE-2025-38735 at NVDCVE-2025-38736 at SUSECVE-2025-38736 at NVDCVE-2025-39673 at SUSECVE-2025-39673 at NVDCVE-2025-39675 at SUSECVE-2025-39675 at NVDCVE-2025-39677 at SUSECVE-2025-39677 at NVDCVE-2025-39678 at SUSECVE-2025-39678 at NVDCVE-2025-39679 at SUSECVE-2025-39679 at NVDCVE-2025-39681 at SUSECVE-2025-39681 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-39683 at SUSECVE-2025-39683 at NVDCVE-2025-39684 at SUSECVE-2025-39684 at NVDCVE-2025-39685 at SUSECVE-2025-39685 at NVDCVE-2025-39686 at SUSECVE-2025-39686 at NVDCVE-2025-39687 at SUSECVE-2025-39687 at NVDCVE-2025-39691 at SUSECVE-2025-39691 at NVDCVE-2025-39693 at SUSECVE-2025-39693 at NVDCVE-2025-39694 at SUSECVE-2025-39694 at NVDCVE-2025-39695 at SUSECVE-2025-39695 at NVDCVE-2025-39697 at SUSECVE-2025-39697 at NVDCVE-2025-39698 at SUSECVE-2025-39698 at NVDCVE-2025-39700 at SUSECVE-2025-39700 at NVDCVE-2025-39701 at SUSECVE-2025-39701 at NVDCVE-2025-39703 at SUSECVE-2025-39703 at NVDCVE-2025-39705 at SUSECVE-2025-39705 at NVDCVE-2025-39706 at SUSECVE-2025-39706 at NVDCVE-2025-39707 at SUSECVE-2025-39707 at NVDCVE-2025-39709 at SUSECVE-2025-39709 at NVDCVE-2025-39710 at SUSECVE-2025-39710 at NVDCVE-2025-39711 at SUSECVE-2025-39711 at NVDCVE-2025-39712 at SUSECVE-2025-39712 at NVDCVE-2025-39713 at SUSECVE-2025-39713 at NVDCVE-2025-39714 at SUSECVE-2025-39714 at NVDCVE-2025-39718 at SUSECVE-2025-39718 at NVDCVE-2025-39719 at SUSECVE-2025-39719 at NVDCVE-2025-39721 at SUSECVE-2025-39721 at NVDCVE-2025-39722 at SUSECVE-2025-39722 at NVDCVE-2025-39723 at SUSECVE-2025-39723 at NVDCVE-2025-39724 at SUSECVE-2025-39724 at NVDCVE-2025-39726 at SUSECVE-2025-39726 at NVDCVE-2025-39727 at SUSECVE-2025-39727 at NVDCVE-2025-39730 at SUSECVE-2025-39730 at NVDCVE-2025-39732 at SUSECVE-2025-39732 at NVDCVE-2025-39738 at SUSECVE-2025-39738 at NVDCVE-2025-39739 at SUSECVE-2025-39739 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-39744 at SUSECVE-2025-39744 at NVDCVE-2025-39746 at SUSECVE-2025-39746 at NVDCVE-2025-39747 at SUSECVE-2025-39747 at NVDCVE-2025-39748 at SUSECVE-2025-39748 at NVDCVE-2025-39749 at SUSECVE-2025-39749 at NVDCVE-2025-39750 at SUSECVE-2025-39750 at NVDCVE-2025-39751 at SUSECVE-2025-39751 at NVDCVE-2025-39754 at SUSECVE-2025-39754 at NVDCVE-2025-39757 at SUSECVE-2025-39757 at NVDCVE-2025-39758 at SUSECVE-2025-39758 at NVDCVE-2025-39759 at SUSECVE-2025-39759 at NVDCVE-2025-39760 at SUSECVE-2025-39760 at NVDCVE-2025-39761 at SUSECVE-2025-39761 at NVDCVE-2025-39763 at SUSECVE-2025-39763 at NVDCVE-2025-39764 at SUSECVE-2025-39764 at NVDCVE-2025-39765 at SUSECVE-2025-39765 at NVDCVE-2025-39766 at SUSECVE-2025-39766 at NVDCVE-2025-39770 at SUSECVE-2025-39770 at NVDCVE-2025-39772 at SUSECVE-2025-39772 at NVDCVE-2025-39773 at SUSECVE-2025-39773 at NVDCVE-2025-39775 at SUSECVE-2025-39775 at NVDCVE-2025-39782 at SUSECVE-2025-39782 at NVDCVE-2025-39783 at SUSECVE-2025-39783 at NVDCVE-2025-39787 at SUSECVE-2025-39787 at NVDCVE-2025-39788 at SUSECVE-2025-39788 at NVDCVE-2025-39790 at SUSECVE-2025-39790 at NVDCVE-2025-39791 at SUSECVE-2025-39791 at NVDCVE-2025-39792 at SUSECVE-2025-39792 at NVDCVE-2025-39797 at SUSECVE-2025-39797 at NVDCVE-2025-39798 at SUSECVE-2025-39798 at NVDCVE-2025-39800 at SUSECVE-2025-39800 at NVDCVE-2025-39801 at SUSECVE-2025-39801 at NVDCVE-2025-39806 at SUSECVE-2025-39806 at NVDCVE-2025-39807 at SUSECVE-2025-39807 at NVDCVE-2025-39808 at SUSECVE-2025-39808 at NVDCVE-2025-39810 at SUSECVE-2025-39810 at NVDCVE-2025-39811 at SUSECVE-2025-39811 at NVDCVE-2025-39813 at SUSECVE-2025-39813 at NVDCVE-2025-39816 at SUSECVE-2025-39816 at NVDCVE-2025-39823 at SUSECVE-2025-39823 at NVDCVE-2025-39824 at SUSECVE-2025-39824 at NVDCVE-2025-39825 at SUSECVE-2025-39825 at NVDCVE-2025-39826 at SUSECVE-2025-39826 at NVDCVE-2025-39827 at SUSECVE-2025-39827 at NVDCVE-2025-39828 at SUSECVE-2025-39828 at NVDCVE-2025-39830 at SUSECVE-2025-39830 at NVDCVE-2025-39832 at SUSECVE-2025-39832 at NVDCVE-2025-39833 at SUSECVE-2025-39833 at NVDCVE-2025-39834 at SUSECVE-2025-39834 at NVDCVE-2025-39835 at SUSECVE-2025-39835 at NVDCVE-2025-39836 at SUSECVE-2025-39836 at NVDCVE-2025-39838 at SUSECVE-2025-39838 at NVDCVE-2025-39839 at SUSECVE-2025-39839 at NVDCVE-2025-39841 at SUSECVE-2025-39841 at NVDCVE-2025-39842 at SUSECVE-2025-39842 at NVDCVE-2025-39844 at SUSECVE-2025-39844 at NVDCVE-2025-39845 at SUSECVE-2025-39845 at NVDCVE-2025-39847 at SUSECVE-2025-39847 at NVDCVE-2025-39848 at SUSECVE-2025-39848 at NVDCVE-2025-39849 at SUSECVE-2025-39849 at NVDCVE-2025-39850 at SUSECVE-2025-39850 at NVDCVE-2025-39851 at SUSECVE-2025-39851 at NVDCVE-2025-39852 at SUSECVE-2025-39852 at NVDCVE-2025-39853 at SUSECVE-2025-39853 at NVDCVE-2025-39854 at SUSECVE-2025-39854 at NVDCVE-2025-39857 at SUSECVE-2025-39857 at NVDCVE-2025-39860 at SUSECVE-2025-39860 at NVDCVE-2025-39861 at SUSECVE-2025-39861 at NVDCVE-2025-39863 at SUSECVE-2025-39863 at NVDCVE-2025-39864 at SUSECVE-2025-39864 at NVDCVE-2025-39865 at SUSECVE-2025-39865 at NVDCVE-2025-39869 at SUSECVE-2025-39869 at NVDCVE-2025-39870 at SUSECVE-2025-39870 at NVDCVE-2025-39871 at SUSECVE-2025-39871 at NVDCVE-2025-39873 at SUSECVE-2025-39873 at NVDCVE-2025-39875 at SUSECVE-2025-39875 at NVDCVE-2025-39877 at SUSECVE-2025-39877 at NVDCVE-2025-39882 at SUSECVE-2025-39882 at NVDCVE-2025-39884 at SUSECVE-2025-39884 at NVDCVE-2025-39885 at SUSECVE-2025-39885 at NVDCVE-2025-39889 at SUSECVE-2025-39889 at NVDCVE-2025-39890 at SUSECVE-2025-39890 at NVDCVE-2025-39891 at SUSECVE-2025-39891 at NVDCVE-2025-39896 at SUSECVE-2025-39896 at NVDCVE-2025-39898 at SUSECVE-2025-39898 at NVDCVE-2025-39899 at SUSECVE-2025-39899 at NVDCVE-2025-39900 at SUSECVE-2025-39900 at NVDCVE-2025-39902 at SUSECVE-2025-39902 at NVDCVE-2025-39907 at SUSECVE-2025-39907 at NVDCVE-2025-39909 at SUSECVE-2025-39909 at NVDCVE-2025-39916 at SUSECVE-2025-39916 at NVDCVE-2025-39918 at SUSECVE-2025-39918 at NVDCVE-2025-39922 at SUSECVE-2025-39922 at NVDCVE-2025-39923 at SUSECVE-2025-39923 at NVDCVE-2025-39925 at SUSECVE-2025-39925 at NVDCVE-2025-39926 at SUSECVE-2025-39926 at NVDCVE-2025-39931 at SUSECVE-2025-39931 at NVDCVE-2025-39934 at SUSECVE-2025-39934 at NVDCVE-2025-39937 at SUSECVE-2025-39937 at NVDCVE-2025-39938 at SUSECVE-2025-39938 at NVDCVE-2025-39945 at SUSECVE-2025-39945 at NVDCVE-2025-39946 at SUSECVE-2025-39946 at NVDCVE-2025-39952 at SUSECVE-2025-39952 at NVDCVE-2025-39957 at SUSECVE-2025-39957 at NVDCVE-2025-40300 at SUSECVE-2025-40300 at NVDcpe:/o:suse:sl-micro:6.2Security update for zlib (Moderate)SUSE Linux Micro 6.2
This update for zlib fixes the following issues:
- CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392)
- CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378)
ModerateSUSE bug 1216378SUSE bug 1258392CVE-2023-45853 at SUSECVE-2023-45853 at NVDCVE-2026-27171 at SUSECVE-2026-27171 at NVDcpe:/o:suse:sl-micro:6.2Security update for util-linux (Moderate)SUSE Linux Micro 6.2
This update for util-linux fixes the following issues:
Security issues:
- CVE-2025-14104: heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666).
- CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859).
Non security issues:
- fdisk: Fix possible partition overlay and data corruption if EBR gap is missing (bsc#1222465).
- lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682).
ModerateSUSE bug 1222465SUSE bug 1254666SUSE bug 1258859CVE-2025-14104 at SUSECVE-2025-14104 at NVDCVE-2026-3184 at SUSECVE-2026-3184 at NVDcpe:/o:suse:sl-micro:6.2Security update for ovmf (Moderate)SUSE Linux Micro 6.2
This update for ovmf fixes the following issue:
- CVE-2025-59438: mbedtls: padding oracle attack possible through timing of cipher error reporting (bsc#1252441).
ModerateSUSE bug 1252441CVE-2025-59438 at SUSECVE-2025-59438 at NVDcpe:/o:suse:sl-micro:6.2Security update for glibc (Important)SUSE Linux Micro 6.2
This update for glibc fixes the following issues:
Security fixes:
- CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response (bsc#1260078).
- CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions (bsc#1260082).
Other fixes:
- nss: Missing checks in __nss_configure_lookup, __nss_database_get (bsc#1258319).
ImportantSUSE bug 1258319SUSE bug 1260078SUSE bug 1260082CVE-2026-4437 at SUSECVE-2026-4437 at NVDCVE-2026-4438 at SUSECVE-2026-4438 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) (Important)SUSE Linux Micro 6.2
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.2Security update for cockpit-podman (Important)SUSE Linux Micro 6.2
This update for cockpit-podman fixes the following issues:
- CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive CPU and memory consumption and
may crash a Node.js process (bsc#1257836).
- CVE-2026-26996: minimatch: ReDoS when glob pattern contains many consecutive wildcards followed by a literal character
that doesn't appear in the test string (bsc#1258641).
ImportantSUSE bug 1257836SUSE bug 1258641CVE-2026-25547 at SUSECVE-2026-25547 at NVDCVE-2026-26996 at SUSECVE-2026-26996 at NVDcpe:/o:suse:sl-micro:6.2Security update for cockpit-machines (Important)SUSE Linux Micro 6.2
This update for cockpit-machines fixes the following issues:
- CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive resource consumption and crash
a Node.js process (bsc#1257836).
- CVE-2026-26996: minimatch: processing of glob pattern containing repeated wildcards followed by a literal character
that doesn't appear in the test string can lead to ReDoS (bsc#1258641).
ImportantSUSE bug 1257836SUSE bug 1258641CVE-2026-25547 at SUSECVE-2026-25547 at NVDCVE-2026-26996 at SUSECVE-2026-26996 at NVDcpe:/o:suse:sl-micro:6.2Security update for cockpit (Important)SUSE Linux Micro 6.2
This update for cockpit fixes the following issues:
- CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive resource consumption and crash
a Node.js process (bsc#1257836).
- CVE-2026-26996: minimatch: processing of glob pattern containing repeated wildcards followed by a literal character
that doesn't appear in the test string can lead to ReDoS (bsc#1258641).
ImportantSUSE bug 1257836SUSE bug 1258641CVE-2026-25547 at SUSECVE-2026-25547 at NVDCVE-2026-26996 at SUSECVE-2026-26996 at NVDcpe:/o:suse:sl-micro:6.2Security update for python-cryptography (Important)SUSE Linux Micro 6.2
This update for python-cryptography fixes the following issues:
- CVE-2026-34073: Fixed X.509 bypass of name constraints on wildcard SANs with matching peer names. (bsc#1260876)
- CVE-2026-26007: missing validation can lead to security issues for signature verification (ECDSA) and shared key negotiation (ECDH) (bsc#1258074).
ImportantSUSE bug 1258074SUSE bug 1260876CVE-2026-26007 at SUSECVE-2026-26007 at NVDCVE-2026-34073 at SUSECVE-2026-34073 at NVDcpe:/o:suse:sl-micro:6.2Security update for curl (Important)SUSE Linux Micro 6.2
This update for curl fixes the following issues:
- CVE-2025-9086: Fixed Out of bounds read for cookie path (bsc#1249191)
- CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes (bsc#1253757)
- CVE-2025-10148: Fixed predictable WebSocket mask (bsc#1249348)
Other fixes:
- tool_operate: fix return code when --retry is used but not
triggered (bsc#1249367)
ImportantSUSE bug 1249191SUSE bug 1249348SUSE bug 1249367SUSE bug 1253757CVE-2025-10148 at SUSECVE-2025-10148 at NVDCVE-2025-11563 at SUSECVE-2025-11563 at NVDCVE-2025-9086 at SUSECVE-2025-9086 at NVDcpe:/o:suse:sl-micro:6.2Security update for the Linux Kernel (Important)SUSE Linux Micro 6.2
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-21816: hrtimers: Force migrate away hrtimers queued after (bsc#1238472).
- CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (bsc#1248630).
- CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
- CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
- CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
- CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
- CVE-2025-39779: btrfs: subpage: keep TOWRITE tag until folio is cleaned (bsc#1249495).
- CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
- CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
- CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
- CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
- CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).
- CVE-2025-39903: of_numa: fix uninitialized memory nodes causing kernel panic (bsc#1250749).
- CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
- CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
- CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
- CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
- CVE-2025-39950: net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCP_REPAIR (bsc#1251176).
- CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804).
- CVE-2025-39956: igc: don't fail igc_probe() on LED setup error (bsc#1251809).
- CVE-2025-39963: io_uring: fix incorrect io_kiocb reference in io_link_skb (bsc#1251819).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
- CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
- CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
- CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
- CVE-2025-39979: net/mlx5: fs, add API for sharing HWS action by refcount (bsc#1252067).
- CVE-2025-39984: net: tun: Update napi->skb after XDP process (bsc#1252081).
- CVE-2025-39992: mm: swap: check for stable address space before operating on the VMA (bsc#1252076).
- CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).
- CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
- CVE-2025-40012: net/smc: fix warning in smc_rx_splice() when calling get_page() (bsc#1252330).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780).
- CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
- CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).
- CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
- CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
- CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774).
- CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree (bsc#1252918).
The following non security issues were fixed:
- add bug reference to existing hv_netvsc change (bsc#1252265)
- amd-pstate-ut: Reset amd-pstate driver mode after running selftests (bsc#1249226).
- cgroup/cpuset: Remove remote_partition_check() & make update_cpumasks_hier() handle remote partition (bsc#1241166).
- cpuset: Use new excpus for nocpu error check when enabling root partition (bsc#1241166).
- cpuset: fix failure to enable isolated partition when containing isolcpus (bsc#1241166).
- doc/README.SUSE: Correct the character used for TAINT_NO_SUPPORT
The character was previously 'N', but upstream used it for TAINT_TEST,
which prompted the change of TAINT_NO_SUPPORT to 'n'.
- dpll: zl3073x: Add firmware loading functionality (bsc#1252253).
- dpll: zl3073x: Add functions to access hardware registers (bsc#1252253).
- dpll: zl3073x: Add low-level flash functions (bsc#1252253).
- dpll: zl3073x: Add support to get fractional frequency offset (bsc#1252253).
- dpll: zl3073x: Add support to get phase offset on connected input pin (bsc#1252253).
- dpll: zl3073x: Add support to get/set esync on pins (bsc#1252253).
- dpll: zl3073x: Fix double free in zl3073x_devlink_flash_update() (bsc#1252253).
- dpll: zl3073x: Handle missing or corrupted flash configuration (bsc#1252253).
- dpll: zl3073x: Implement devlink flash callback (bsc#1252253).
- dpll: zl3073x: Increase maximum size of flash utility (bsc#1252253).
- dpll: zl3073x: Refactor DPLL initialization (bsc#1252253).
- drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).
- drm/xe/guc: Prepare GuC register list and update ADS size for error capture (stable-fixes).
- ixgbe: handle IXGBE_VF_FEATURES_NEGOTIATE mbox cmd (bsc#1247222).
- ixgbe: handle IXGBE_VF_GET_PF_LINK_STATE mailbox operation (bsc#1247222).
- ixgbevf: fix getting link speed data for E610 devices (bsc#1247222).
- ixgbevf: fix mailbox API compatibility by negotiating supported features (bsc#1247222).
- kbuild/modfinal: Link livepatches with module-common.o (bsc#1218644, bsc#1252270).
- kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
- kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930).
- nvme-auth: update sc_c in host response (git-fixes bsc#1249397).
- perf hwmon_pmu: Fix uninitialized variable warning (perf-sle16-v6.13-userspace-update, git-fixes).
- phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
- powerpc/fadump: skip parameter area allocation when fadump is disabled (jsc#PED-9891 git-fixes).
- proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
- proc: fix type confusion in pde_set_flags() (bsc#1248630)
- rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946)
- scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267).
- x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1252725).
- x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID (bsc#1252734).
- x86/resctrl: Refactor resctrl_arch_rmid_read() (bsc#1252734).
- x86/virt/tdx: Mark memory cache state incoherent when making SEAMCALL (jsc#PED-348).
ImportantSUSE bug 1218644SUSE bug 1238472SUSE bug 1239206SUSE bug 1241166SUSE bug 1241637SUSE bug 1247222SUSE bug 1248630SUSE bug 1249161SUSE bug 1249226SUSE bug 1249302SUSE bug 1249317SUSE bug 1249397SUSE bug 1249398SUSE bug 1249495SUSE bug 1249512SUSE bug 1249608SUSE bug 1249735SUSE bug 1250202SUSE bug 1250379SUSE bug 1250400SUSE bug 1250455SUSE bug 1250491SUSE bug 1250704SUSE bug 1250721SUSE bug 1250749SUSE bug 1250946SUSE bug 1251176SUSE bug 1251177SUSE bug 1251232SUSE bug 1251233SUSE bug 1251804SUSE bug 1251809SUSE bug 1251819SUSE bug 1251930SUSE bug 1251967SUSE bug 1252033SUSE bug 1252035SUSE bug 1252039SUSE bug 1252044SUSE bug 1252047SUSE bug 1252051SUSE bug 1252052SUSE bug 1252056SUSE bug 1252060SUSE bug 1252062SUSE bug 1252064SUSE bug 1252065SUSE bug 1252067SUSE bug 1252069SUSE bug 1252070SUSE bug 1252072SUSE bug 1252074SUSE bug 1252075SUSE bug 1252076SUSE bug 1252078SUSE bug 1252079SUSE bug 1252081SUSE bug 1252082SUSE bug 1252083SUSE bug 1252253SUSE bug 1252265SUSE bug 1252267SUSE bug 1252270SUSE bug 1252330SUSE bug 1252333SUSE bug 1252336SUSE bug 1252346SUSE bug 1252348SUSE bug 1252349SUSE bug 1252678SUSE bug 1252679SUSE bug 1252688SUSE bug 1252725SUSE bug 1252734SUSE bug 1252772SUSE bug 1252774SUSE bug 1252780SUSE bug 1252785SUSE bug 1252787SUSE bug 1252789SUSE bug 1252797SUSE bug 1252819SUSE bug 1252822SUSE bug 1252826SUSE bug 1252841SUSE bug 1252848SUSE bug 1252849SUSE bug 1252850SUSE bug 1252851SUSE bug 1252854SUSE bug 1252858SUSE bug 1252862SUSE bug 1252865SUSE bug 1252866SUSE bug 1252873SUSE bug 1252902SUSE bug 1252909SUSE bug 1252915SUSE bug 1252918SUSE bug 1252921SUSE bug 1252939CVE-2025-21816 at SUSECVE-2025-21816 at NVDCVE-2025-38653 at SUSECVE-2025-38653 at NVDCVE-2025-38718 at SUSECVE-2025-38718 at NVDCVE-2025-39676 at SUSECVE-2025-39676 at NVDCVE-2025-39702 at SUSECVE-2025-39702 at NVDCVE-2025-39756 at SUSECVE-2025-39756 at NVDCVE-2025-39779 at SUSECVE-2025-39779 at NVDCVE-2025-39797 at SUSECVE-2025-39797 at NVDCVE-2025-39812 at SUSECVE-2025-39812 at NVDCVE-2025-39866 at SUSECVE-2025-39866 at NVDCVE-2025-39876 at SUSECVE-2025-39876 at NVDCVE-2025-39881 at SUSECVE-2025-39881 at NVDCVE-2025-39895 at SUSECVE-2025-39895 at NVDCVE-2025-39903 at SUSECVE-2025-39903 at NVDCVE-2025-39911 at SUSECVE-2025-39911 at NVDCVE-2025-39947 at SUSECVE-2025-39947 at NVDCVE-2025-39948 at SUSECVE-2025-39948 at NVDCVE-2025-39949 at SUSECVE-2025-39949 at NVDCVE-2025-39950 at SUSECVE-2025-39950 at NVDCVE-2025-39955 at SUSECVE-2025-39955 at NVDCVE-2025-39956 at SUSECVE-2025-39956 at NVDCVE-2025-39963 at SUSECVE-2025-39963 at NVDCVE-2025-39965 at SUSECVE-2025-39965 at NVDCVE-2025-39967 at SUSECVE-2025-39967 at NVDCVE-2025-39968 at SUSECVE-2025-39968 at NVDCVE-2025-39969 at SUSECVE-2025-39969 at NVDCVE-2025-39970 at SUSECVE-2025-39970 at NVDCVE-2025-39971 at SUSECVE-2025-39971 at NVDCVE-2025-39972 at SUSECVE-2025-39972 at NVDCVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-39978 at SUSECVE-2025-39978 at NVDCVE-2025-39979 at SUSECVE-2025-39979 at NVDCVE-2025-39981 at SUSECVE-2025-39981 at NVDCVE-2025-39982 at SUSECVE-2025-39982 at NVDCVE-2025-39984 at SUSECVE-2025-39984 at NVDCVE-2025-39985 at SUSECVE-2025-39985 at NVDCVE-2025-39986 at SUSECVE-2025-39986 at NVDCVE-2025-39987 at SUSECVE-2025-39987 at NVDCVE-2025-39988 at SUSECVE-2025-39988 at NVDCVE-2025-39991 at SUSECVE-2025-39991 at NVDCVE-2025-39992 at SUSECVE-2025-39992 at NVDCVE-2025-39993 at SUSECVE-2025-39993 at NVDCVE-2025-39994 at SUSECVE-2025-39994 at NVDCVE-2025-39995 at SUSECVE-2025-39995 at NVDCVE-2025-39996 at SUSECVE-2025-39996 at NVDCVE-2025-39997 at SUSECVE-2025-39997 at NVDCVE-2025-40000 at SUSECVE-2025-40000 at NVDCVE-2025-40005 at SUSECVE-2025-40005 at NVDCVE-2025-40009 at SUSECVE-2025-40009 at NVDCVE-2025-40011 at SUSECVE-2025-40011 at NVDCVE-2025-40012 at SUSECVE-2025-40012 at NVDCVE-2025-40013 at SUSECVE-2025-40013 at NVDCVE-2025-40016 at SUSECVE-2025-40016 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40019 at SUSECVE-2025-40019 at NVDCVE-2025-40020 at SUSECVE-2025-40020 at NVDCVE-2025-40029 at SUSECVE-2025-40029 at NVDCVE-2025-40032 at SUSECVE-2025-40032 at NVDCVE-2025-40035 at SUSECVE-2025-40035 at NVDCVE-2025-40036 at SUSECVE-2025-40036 at NVDCVE-2025-40037 at SUSECVE-2025-40037 at NVDCVE-2025-40040 at SUSECVE-2025-40040 at NVDCVE-2025-40043 at SUSECVE-2025-40043 at NVDCVE-2025-40044 at SUSECVE-2025-40044 at NVDCVE-2025-40048 at SUSECVE-2025-40048 at NVDCVE-2025-40049 at SUSECVE-2025-40049 at NVDCVE-2025-40051 at SUSECVE-2025-40051 at NVDCVE-2025-40052 at SUSECVE-2025-40052 at NVDCVE-2025-40056 at SUSECVE-2025-40056 at NVDCVE-2025-40058 at SUSECVE-2025-40058 at NVDCVE-2025-40060 at SUSECVE-2025-40060 at NVDCVE-2025-40061 at SUSECVE-2025-40061 at NVDCVE-2025-40062 at SUSECVE-2025-40062 at NVDCVE-2025-40071 at SUSECVE-2025-40071 at NVDCVE-2025-40078 at SUSECVE-2025-40078 at NVDCVE-2025-40080 at SUSECVE-2025-40080 at NVDCVE-2025-40085 at SUSECVE-2025-40085 at NVDCVE-2025-40087 at SUSECVE-2025-40087 at NVDCVE-2025-40091 at SUSECVE-2025-40091 at NVDCVE-2025-40096 at SUSECVE-2025-40096 at NVDCVE-2025-40100 at SUSECVE-2025-40100 at NVDCVE-2025-40104 at SUSECVE-2025-40104 at NVDCVE-2025-40364 at SUSECVE-2025-40364 at NVDcpe:/o:suse:sl-micro:6.2Security update for libvirt (Moderate)SUSE Linux Micro 6.2
This update for libvirt fixes the following issues:
- CVE-2025-13193: Fixed Information disclosure via world-readable VM snapshots (bsc#1253703)
- CVE-2025-12748: Fixed Denial of service in XML parsing (bsc#1253278)
Other fixes:
- spec: Adjust dbus dependency (bsc#1253642)
- qemu: Add support for Intel TDX (jsc#PED-9265)
ModerateSUSE bug 1253278SUSE bug 1253642SUSE bug 1253703CVE-2025-12748 at SUSECVE-2025-12748 at NVDCVE-2025-13193 at SUSECVE-2025-13193 at NVDcpe:/o:suse:sl-micro:6.2Security update for openssh (Moderate)SUSE Linux Micro 6.2
This update for openssh fixes the following issues:
- CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198).
- CVE-2025-61985: code execution via '\0' character in ssh:// URI when a ProxyCommand is used (bsc#1251199).
ModerateSUSE bug 1251198SUSE bug 1251199CVE-2025-61984 at SUSECVE-2025-61984 at NVDCVE-2025-61985 at SUSECVE-2025-61985 at NVDcpe:/o:suse:sl-micro:6.2Security update for binutils (Important)SUSE Linux Micro 6.2
This update for binutils fixes the following issues:
Changes in binutils:
- Update to current 2.45 branch at 94cb1c075 to include fix
for PR33584 (a problem related to LTO vs fortran COMMON
blocks).
- Do not enable '-z gcs=implicit' on aarch64 for old codestreams.
Update to version 2.45:
* New versioned release of libsframe.so.2
* s390: tools now support SFrame format 2; recognize "z17" as CPU
name [bsc#1247105, jsc#IBM-1485]
* sframe sections are now of ELF section type SHT_GNU_SFRAME.
* sframe secions generated by the assembler have
SFRAME_F_FDE_FUNC_START_PCREL set.
* riscv: Support more extensions: standard: Zicfiss v1.0, Zicfilp v1.0,
Zcmp v1.0, Zcmt v1.0, Smrnmi v1.0, S[sm]dbltrp v1.0, S[sm]ctr v1.0,
ssqosid v1.0, ssnpm v1.0, smnpm v1.0, smmpm v1.0, sspm v1.0, supm v1.0,
sha v1.0, zce v1.0, smcdeleg v1.0, ssccfg v1.0, svvptc v1.0, zilsd v1.0,
zclsd v1.0, smrnmi v1.0;
vendor: CORE-V, xcvbitmanip v1.0 and xcvsimd v1.0;
SiFive, xsfvqmaccdod v1.0, xsfvqmaccqoqv1.0 and xsfvfnrclipxfqf v1.0;
T-Head: xtheadvdot v1.0;
MIPS: xmipscbop v1.0, xmipscmov v1.0, xmipsexectl v1.0, xmipslsp v1.0.
* Support RISC-V privileged version 1.13, profiles 20/22/23, and
.bfloat16 directive.
* x86: Add support for these ISAs: Intel Diamond Rapids AMX, MOVRS,
AVX10.2 (including SM4), MSR_IMM; Zhaoxin PadLock PHE2, RNG2, GMI, XMODX.
Drop support for AVX10.2 256 bit rounding.
* arm: Add support for most of Armv9.6, enabled by -march=armv9.6-a and
extensions '+cmpbr', '+f8f16mm', '+f8f32mm', '+fprcvt', '+lsfe', '+lsui',
'+occmo', '+pops', '+sme2p2', '+ssve-aes', '+sve-aes', '+sve-aes2',
'+sve-bfscale', '+sve-f16f32mm' and '+sve2p2'.
* Predefined symbols "GAS(version)" and, on non-release builds, "GAS(date)"
are now being made available.
* Add .errif and .warnif directives.
* linker:
- Add --image-base=<ADDR> option to the ELF linker to behave the same
as -Ttext-segment for compatibility with LLD.
- Add support for mixed LTO and non-LTO codes in relocatable output.
- s390: linker generates .eh_frame and/or .sframe for linker
generated .plt sections by default (can be disabled
by --no-ld-generated-unwind-info).
- riscv: add new PLT formats, and GNU property merge rules for zicfiss
and zicfilp extensions.
- gold is no longer included
- Contains fixes for these non-CVEs (not security bugs per upstreams
SECURITY.md):
* bsc#1236632 aka CVE-2025-0840 aka PR32560
* bsc#1236977 aka CVE-2025-1149 aka PR32576
* bsc#1236978 aka CVE-2025-1148 aka PR32576
* bsc#1236999 aka CVE-2025-1176 aka PR32636
* bsc#1237000 aka CVE-2025-1153 aka PR32603
* bsc#1237001 aka CVE-2025-1152 aka PR32576
* bsc#1237003 aka CVE-2025-1151 aka PR32576
* bsc#1237005 aka CVE-2025-1150 aka PR32576
* bsc#1237018 aka CVE-2025-1178 aka PR32638
* bsc#1237019 aka CVE-2025-1181 aka PR32643
* bsc#1237020 aka CVE-2025-1180 aka PR32642
* bsc#1237021 aka CVE-2025-1179 aka PR32640
* bsc#1237042 aka CVE-2025-1182 aka PR32644
* bsc#1240870 aka CVE-2025-3198 aka PR32716
* bsc#1243756 aka CVE-2025-5244 aka PR32858
* bsc#1243760 aka CVE-2025-5245 aka PR32829
* bsc#1246481 aka CVE-2025-7545 aka PR33049
* bsc#1246486 aka CVE-2025-7546 aka PR33050
* bsc#1247114 aka CVE-2025-8224 aka PR32109
* bsc#1247117 aka CVE-2025-8225 no PR
* bsc#1236976 aka CVE-2025-1147 aka PR32556
* bsc#1250632 aka CVE-2025-11083 aka PR33457
* bsc#1251275 aka CVE-2025-11412 aka PR33452
* bsc#1251276 aka CVE-2025-11413 aka PR33456
* bsc#1251277 aka CVE-2025-11414 aka PR33450
* bsc#1251794 aka CVE-2025-11494 aka PR33499
* bsc#1251795 aka CVE-2025-11495 aka PR33502
binutils-2.43-branch.diff.gz
ImportantSUSE bug 1236632SUSE bug 1236976SUSE bug 1236977SUSE bug 1236978SUSE bug 1236999SUSE bug 1237000SUSE bug 1237001SUSE bug 1237003SUSE bug 1237005SUSE bug 1237018SUSE bug 1237019SUSE bug 1237020SUSE bug 1237021SUSE bug 1237042SUSE bug 1240870SUSE bug 1243756SUSE bug 1243760SUSE bug 1246481SUSE bug 1246486SUSE bug 1247105SUSE bug 1247114SUSE bug 1247117SUSE bug 1250632SUSE bug 1251275SUSE bug 1251276SUSE bug 1251277SUSE bug 1251794SUSE bug 1251795CVE-2025-0840 at SUSECVE-2025-0840 at NVDCVE-2025-11083 at SUSECVE-2025-11083 at NVDCVE-2025-11412 at SUSECVE-2025-11412 at NVDCVE-2025-11413 at SUSECVE-2025-11413 at NVDCVE-2025-11414 at SUSECVE-2025-11414 at NVDCVE-2025-1147 at SUSECVE-2025-1147 at NVDCVE-2025-1148 at SUSECVE-2025-1148 at NVDCVE-2025-1149 at SUSECVE-2025-1149 at NVDCVE-2025-11494 at SUSECVE-2025-11494 at NVDCVE-2025-11495 at SUSECVE-2025-11495 at NVDCVE-2025-1150 at SUSECVE-2025-1150 at NVDCVE-2025-1151 at SUSECVE-2025-1151 at NVDCVE-2025-1152 at SUSECVE-2025-1152 at NVDCVE-2025-1153 at SUSECVE-2025-1153 at NVDCVE-2025-1176 at SUSECVE-2025-1176 at NVDCVE-2025-1178 at SUSECVE-2025-1178 at NVDCVE-2025-1179 at SUSECVE-2025-1179 at NVDCVE-2025-1180 at SUSECVE-2025-1180 at NVDCVE-2025-1181 at SUSECVE-2025-1181 at NVDCVE-2025-1182 at SUSECVE-2025-1182 at NVDCVE-2025-3198 at SUSECVE-2025-3198 at NVDCVE-2025-5244 at SUSECVE-2025-5244 at NVDCVE-2025-5245 at SUSECVE-2025-5245 at NVDCVE-2025-7545 at SUSECVE-2025-7545 at NVDCVE-2025-7546 at SUSECVE-2025-7546 at NVDCVE-2025-8224 at SUSECVE-2025-8224 at NVDCVE-2025-8225 at SUSECVE-2025-8225 at NVDcpe:/o:suse:sl-micro:6.2Security update for qemu (Critical)SUSE Linux Micro 6.0
This update for qemu fixes the following issues:
- Update to version 8.2.5:
* target/loongarch: fix a wrong print in cpu dump
* ui/sdl2: Allow host to power down screen
* target/i386: fix SSE and SSE2 feature check
* target/i386: fix xsave.flat from kvm-unit-tests
* disas/riscv: Decode all of the pmpcfg and pmpaddr CSRs
* target/riscv/kvm.c: Fix the hart bit setting of AIA
* target/riscv: rvzicbo: Fixup CBO extension register calculation
* target/riscv: do not set mtval2 for non guest-page faults
* target/riscv: prioritize pmp errors in raise_mmu_exception()
* target/riscv: rvv: Remove redudant SEW checking for vector fp narrow/widen instructions
* target/riscv: rvv: Check single width operator for vfncvt.rod.f.f.w
* target/riscv: rvv: Check single width operator for vector fp widen instructions
* target/riscv: rvv: Fix Zvfhmin checking for vfwcvt.f.f.v and vfncvt.f.f.w instructions
* target/riscv/cpu.c: fix Zvkb extension config
* target/riscv: Fix the element agnostic function problem
* target/riscv/kvm: tolerate KVM disable ext errors
* hw/intc/riscv_aplic: APLICs should add child earlier than realize
* iotests: test NBD+TLS+iothread
* qio: Inherit follow_coroutine_ctx across TLS
* target/arm: Disable SVE extensions when SVE is disabled
* hw/intc/arm_gic: Fix handling of NS view of GICC_APR<n>
* hvf: arm: Fix encodings for ID_AA64PFR1_EL1 and debug System registers
* gitlab: use 'setarch -R' to workaround tsan bug
* gitlab: use $MAKE instead of 'make'
* dockerfiles: add 'MAKE' env variable to remaining containers
* gitlab: Update msys2-64bit runner tags
* target/i386: no single-step exception after MOV or POP SS
- Update to version 8.2.4.
* target/sh4: Fix SUBV opcode
* target/sh4: Fix ADDV opcode
* hw/arm/npcm7xx: Store derivative OTP fuse key in little endian
* hw/dmax/xlnx_dpdma: fix handling of address_extension descriptor fields
* hw/ufs: Fix buffer overflow bug
* tests/avocado: update sunxi kernel from armbian to 6.6.16
* target/loongarch/cpu.c: typo fix: expection
* backends/cryptodev-builtin: Fix local_error leaks
* nbd/server: Mark negotiation functions as coroutine_fn
* nbd/server: do not poll within a coroutine context
* linux-user: do_setsockopt: fix SOL_ALG.ALG_SET_KEY
* target/riscv/kvm: change timer regs size to u64
* target/riscv/kvm: change KVM_REG_RISCV_FP_D to u64
* target/riscv/kvm: change KVM_REG_RISCV_FP_F to u32
- Update to version 8.2.3.
* Update version for 8.2.3 release
* ppc/spapr: Initialize max_cpus limit to SPAPR_IRQ_NR_IPIS.
* ppc/spapr: Introduce SPAPR_IRQ_NR_IPIS to refer IRQ range for CPU IPIs.
* hw/pci-host/ppc440_pcix: Do not expose a bridge device on PCI bus
* hw/isa/vt82c686: Keep track of PIRQ/PINT pins separately
* virtio-pci: fix use of a released vector
* linux-user/x86_64: Handle the vsyscall page in open_self_maps_{2,4}
* hw/audio/virtio-snd: Remove unused assignment
* hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum()
* hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set
* hw/net/lan9118: Fix overflow in MIL TX FIFO
* hw/net/lan9118: Replace magic '2048' value by MIL_TXFIFO_SIZE definition
* backends/cryptodev: Do not abort for invalid session ID
* hw/misc/applesmc: Fix memory leak in reset() handler
* hw/block/nand: Fix out-of-bound access in NAND block buffer
* hw/block/nand: Have blk_load() take unsigned offset and return boolean
* hw/block/nand: Factor nand_load_iolen() method out
* qemu-options: Fix CXL Fixed Memory Window interleave-granularity typo
* hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs
* hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs
* hw/display/virtio-gpu: Protect from DMA re-entrancy bugs
* mirror: Don't call job_pause_point() under graph lock (bsc#1224179)
- Backports and bugfixes:
* hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum() (bsc#1222841, CVE-2024-3567)
* hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446)
* hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446)
* hw/display/virtio-gpu: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446)
* hw/virtio: Introduce virtio_bh_new_guarded() helper (bsc#1222843, CVE-2024-3446)
* hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set (bsc#1222845, CVE-2024-3447)
* hw/nvme: Use pcie_sriov_num_vfs() (bsc#1220065, CVE-2024-26328)
- Update to version 8.2.2
* chardev/char-socket: Fix TLS io channels sending too much data to the backend
* tests/unit/test-util-sockets: Remove temporary file after test
* hw/usb/bus.c: PCAP adding 0xA in Windows version
* hw/intc/Kconfig: Fix GIC settings when using "--without-default-devices"
* gitlab: force allow use of pip in Cirrus jobs
* tests/vm: avoid re-building the VM images all the time
* tests/vm: update openbsd image to 7.4
* target/i386: leave the A20 bit set in the final NPT walk
* target/i386: remove unnecessary/wrong application of the A20 mask
* target/i386: Fix physical address truncation
* target/i386: check validity of VMCB addresses
* target/i386: mask high bits of CR3 in 32-bit mode
* pl031: Update last RTCLR value on write in case it's read back
* hw/nvme: fix invalid endian conversion
* update edk2 binaries to edk2-stable202402
* update edk2 submodule to edk2-stable202402
* target/ppc: Fix crash on machine check caused by ifetch
* target/ppc: Fix lxv/stxv MSR facility check
* .gitlab-ci.d/windows.yml: Drop msys2-32bit job
* system/vl: Update description for input grab key
* docs/system: Update description for input grab key
* hw/hppa/Kconfig: Fix building with "configure --without-default-devices"
* tests/qtest: Depend on dbus_display1_dep
* meson: Explicitly specify dbus-display1.h dependency
* audio: Depend on dbus_display1_dep
* ui/console: Fix console resize with placeholder surface
* ui/clipboard: add asserts for update and request
* ui/clipboard: mark type as not available when there is no data
* ui: reject extended clipboard message if not activated
* target/i386: Generate an illegal opcode exception on cmp instructions with lock prefix
* i386/cpuid: Move leaf 7 to correct group
* i386/cpuid: Decrease cpuid_i when skipping CPUID leaf 1F
* i386/cpu: Mask with XCR0/XSS mask for FEAT_XSAVE_XCR0_HI and FEAT_XSAVE_XSS_HI leafs
* i386/cpu: Clear FEAT_XSAVE_XSS_LO/HI leafs when CPUID_EXT_XSAVE is not available
* .gitlab-ci/windows.yml: Don't install libusb or spice packages on 32-bit
* iotests: Make 144 deterministic again
* target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU
* target/arm: Fix SVE/SME gross MTE suppression checks
* target/arm: Handle mte in do_ldrq, do_ldro
- Address bsc#1220310. Backported upstream commits:
* ppc/spapr: Initialize max_cpus limit to SPAPR_IRQ_NR_IPIS
* ppc/spapr: Introduce SPAPR_IRQ_NR_IPIS to refer IRQ range for CPU IPIs.
CriticalSUSE bug 1084909SUSE bug 1220065SUSE bug 1220310SUSE bug 1222218SUSE bug 1222841SUSE bug 1222843SUSE bug 1222845SUSE bug 1224179CVE-2024-26328 at SUSECVE-2024-26328 at NVDCVE-2024-3446 at SUSECVE-2024-3446 at NVDCVE-2024-3447 at SUSECVE-2024-3447 at NVDCVE-2024-3567 at SUSECVE-2024-3567 at NVDcpe:/o:suse:sl-micro:6.0Security update for libndp (Important)SUSE Linux Micro 6.0
This update for libndp fixes the following issues:
- CVE-2024-5564: Fixed buffer overflow in route information length field (bsc#1225771).
ImportantSUSE bug 1225771CVE-2024-5564 at SUSECVE-2024-5564 at NVDcpe:/o:suse:sl-micro:6.0Security update for wget (Moderate)SUSE Linux Micro 6.0
This update for wget fixes the following issues:
- CVE-2024-38428: Fix mishandled semicolons in the userinfo subcomponent of a URI. (bsc#1226419)
- Update to GNU wget 1.24.5:
* Fix how subdomain matches are checked for HSTS.
* Wget will now also parse the srcset attribute in <source> HTML tags
* Support reading fetchmail style "user" and "passwd" fields from netrc
* In some cases, prevent the confusing "Cannot write to... (success)" error messages
* Support extremely fast download speeds (TB/s)
* Ensure that CSS URLs are corectly quoted
* libproxy support is now upstream- drop wget-libproxy.patch
ModerateSUSE bug 1226419CVE-2024-38428 at SUSECVE-2024-38428 at NVDcpe:/o:suse:sl-micro:6.0Security update for util-linux (Important)SUSE Linux Micro 6.0
This update for util-linux fixes the following issues:
Security issue fixed:
- CVE-2024-28085: Properly neutralize escape sequences in wall to avoid potential account takeover. (bsc#1221831)
Non-security issues fixed:
- Fix hang of lscpu -e (bsc#1225598)
- lscpu: Add more ARM cores (bsc#1223605)
- Document that chcpu -g is not supported on IBM z/VM (bsc#1218609)
- Processes not cleaned up after failed SSH session are using up 100% CPU (bsc#1220117)
ImportantSUSE bug 1218609SUSE bug 1220117SUSE bug 1221831SUSE bug 1223605SUSE bug 1225598CVE-2024-28085 at SUSECVE-2024-28085 at NVDcpe:/o:suse:sl-micro:6.0Security update for libdb-4_8 (Moderate)SUSE Linux Micro 6.0
This update for libdb-4_8 fixes the following issues:
CVE-2019-2708: Fixed data store execution leading to partial DoS (bsc#1174414)
Changes:
* libdb: Data store execution leads to partial DoS
* Backport the upsteam commits:
- Fixed several possible crashes when running db_verify
on a corrupted database. [#27864]
- Fixed several possible hangs when running db_verify
on a corrupted database. [#27864]
- Added a warning message when attempting to verify a queue
database which has many extent files. Verification will take
a long time if there are many extent files. [#27864]
ModerateSUSE bug 1174414CVE-2019-2708 at SUSECVE-2019-2708 at NVDcpe:/o:suse:sl-micro:6.0Security update for expat (Moderate)SUSE Linux Micro 6.0
This update for expat fixes the following issues:
- CVE-2024-50602: Fixed possible denial-of-service vulnerability inside XML_ResumeParser (bsc#1232579).
ModerateSUSE bug 1232579CVE-2024-50602 at SUSECVE-2024-50602 at NVDcpe:/o:suse:sl-micro:6.0Security update for libarchive (Important)SUSE Linux Micro 6.0
This update for libarchive fixes the following issues:
- CVE-2024-48958: Fixed out-of-bounds access in execute_filter_delta (bsc#1231624).
- CVE-2024-20697: Fixed out-of-bounds remote code execution vulnerability (bsc#1225972).
- CVE-2024-48957: Fixed out-of-bounds access in execute_filter_audio (bsc#1231544).
ImportantSUSE bug 1225972SUSE bug 1231544SUSE bug 1231624CVE-2024-20697 at SUSECVE-2024-20697 at NVDCVE-2024-26256 at SUSECVE-2024-26256 at NVDCVE-2024-48957 at SUSECVE-2024-48957 at NVDCVE-2024-48958 at SUSECVE-2024-48958 at NVDcpe:/o:suse:sl-micro:6.0Security update for cups (Important)SUSE Linux Micro 6.0
This update for cups fixes the following issues:
- Version upgrade to 2.4.11:
See https://github.com/openprinting/cups/releases
CUPS 2.4.11 brings several bug fixes regarding IPP response
validation, processing PPD values, Web UI support
(checkbox support, modifying printers) and others fixes.
Detailed list (from CHANGES.md):
* Updated the maximum file descriptor limit
for `cupsd` to 64k-1 (Issue #989)
* Fixed `lpoptions -d` with a discovered
but not added printer (Issue #833)
* Fixed incorrect error message for HTTP/IPP errors (Issue #893)
* Fixed JobPrivateAccess and SubscriptionPrivateAccess support
for "all" (Issue #990)
* Fixed issues with cupsGetDestMediaByXxx (Issue #993)
* Fixed adding and modifying of printers
via the web interface (Issue #998)
* Fixed HTTP PeerCred authentication
for domain users (Issue #1001)
* Fixed checkbox support (Issue #1008)
* Fixed printer state notifications (Issue #1013)
* Fixed IPP Everywhere printer setup (Issue #1033)
Issues are those at https://github.com/OpenPrinting/cups/issues
In particular CUPS 2.4.11 contains those commit regarding
IPP response validation and processing PPD values:
* "Quote PPD localized strings"
https://github.com/OpenPrinting/cups/commit/1e6ca5913eceee906038bc04cc7ccfbe2923bdfd
plus a cleanup to "Fix warnings for unused vars"
https://github.com/OpenPrinting/cups/commit/2abe1ba8a66864aa82cd9836b37e57103b8e1a3b
- Version upgrade to 2.4.10:
See https://github.com/openprinting/cups/releases
CUPS 2.4.10 brings two fixes:
* Fixed error handling when reading a mixed 1setOf attribute.
* Fixed scheduler start if there is only domain socket
to listen on (Issue #985) which is fix for regression
after fix for CVE-2024-35235 in scenarios where is
no other listeners in cupsd.conf than domain socket
created on demand by systemd, launchd or upstart.
Issues are those at https://github.com/OpenPrinting/cups/issues
- Version upgrade to 2.4.9:
See https://github.com/openprinting/cups/releases
CUPS 2.4.9 brings security fix for CVE-2024-35235 and
several bug fixes regarding CUPS Web User Interface,
PPD generation and HTTP protocol implementation.
Detailed list (from CHANGES.md):
* Fixed domain socket handling (CVE-2024-35235)
* Fixed creating of `cupsUrfSupported` PPD keyword
(Issue #952)
* Fixed searching for destinations in web ui (Issue #954)
* Fixed TLS negotiation using OpenSSL with servers
that require the TLS SNI extension.
* Really raised `cups_enum_dests()` timeout for listing
available IPP printers (Issue #751)...
* Fixed `Host` header regression (Issue #967)
* Fixed DNS-SD lookups of local services with Avahi
(Issue #970)
* Fixed listing jobs in destinations in web ui.
(Apple issue #6204)
* Fixed showing search query in web ui help page.
(Issue #977)
Issues are those at https://github.com/OpenPrinting/cups/issues
Apple issues are those at https://github.com/apple/cups/issues
- Update to version 2.4.8:
See https://github.com/openprinting/cups/releases
CUPS 2.4.8 brings many bug fixes which aggregated over the last
half a year. It brings the important fix for race conditions
and errors which can happen when installing permanent
IPP Everywhere printer, support for PAM modules password-auth
and system-auth and new option for lpstat which can show only
the successful jobs.
Detailed list (from CHANGES.md):
* Added warning if the device has to be asked for
'all,media-col-database' separately (Issue #829)
* Added new value for 'lpstat' option '-W' - successfull - for
getting successfully printed jobs (Issue #830)
* Added support for PAM modules password-auth
and system-auth (Issue #892)
* Updated IPP Everywhere printer creation error
reporting (Issue #347)
* Updated and documented the MIME typing buffering
limit (Issue #925)
* Raised 'cups_enum_dests()' timeout for listing
available IPP printers (Issue #751)
* Now report an error for temporary printer defaults
with lpadmin (Issue #237)
* Fixed mapping of PPD InputSlot, MediaType,
and OutputBin values (Issue #238)
* Fixed "document-unprintable-error" handling (Issue #391)
* Fixed the web interface not showing an error
for a non-existent printer (Issue #423)
* Fixed printing of jobs with job name longer than 255 chars
on older printers (Issue #644)
* Really backported fix for Issue #742
* Fixed 'cupsCopyDestInfo' device connection
detection (Issue #586)
* Fixed "Upgrade" header handling when there is
no TLS support (Issue #775)
* Fixed memory leak when unloading a job (Issue #813)
* Fixed memory leak when creating color profiles (Issue #815)
* Fixed a punch finishing bug in the IPP Everywhere
support (Issue #821)
* Fixed crash in 'scan_ps()' if incoming argument
is NULL (Issue #831)
* Fixed setting job state reasons for successful
jobs (Issue #832)
* Fixed infinite loop in IPP backend if hostname
is IP address with Kerberos (Issue #838)
* Added additional check on socket if 'revents' from 'poll()'
returns POLLHUP together with POLLIN or POLLOUT
in 'httpAddrConnect2()' (Issue #839)
* Fixed crash in 'ppdEmitString()' if 'size' is NULL (Issue #850)
* Fixed reporting 'media-source-supported' when
sharing printer which has numbers as strings instead of
keywords as 'InputSlot' values (Issue #859)
* Fixed IPP backend to support the "print-scaling" option
with IPP printers (Issue #862)
* Fixed potential race condition for the creation
of temporary queues (Issue #871)
* Fixed 'httpGets' timeout handling (Issue #879)
* Fixed checking for required attributes during
PPD generation (Issue #890)
* Fixed encoding of IPv6 addresses in HTTP requests (Issue #903)
* Fixed sending response headers to client (Issue #927)
* Fixed CGI program initialization and validation
of form checkbox and text fields.
Issues are those at https://github.com/OpenPrinting/cups/issues
- Version upgrade to 2.4.7:
See https://github.com/openprinting/cups/releases
CUPS 2.4.7 is released to ship the fix for CVE-2023-4504
and several other changes, among them it is
adding OpenSSL support for cupsHashData function and bug fixes.
Detailed list:
* CVE-2023-4504 - Fixed Heap-based buffer overflow when
reading Postscript in PPD files
* Added OpenSSL support for cupsHashData (Issue #762)
* Fixed delays in lpd backend (Issue #741)
* Fixed extensive logging in scheduler (Issue #604)
* Fixed hanging of lpstat on IBM AIX (Issue #773)
* Fixed hanging of lpstat on Solaris (Issue #156)
* Fixed printing to stderr if we can't open cups-files.conf
(Issue #777)
* Fixed purging job files via cancel -x (Issue #742)
* Fixed RFC 1179 port reserving behavior in LPD backend
(Issue #743)
* Fixed a bug in the PPD command interpretation code
(Issue #768)
Issues are those at https://github.com/OpenPrinting/cups/issues
- Version upgrade to 2.4.6:
See https://github.com/openprinting/cups/releases
CUPS 2.4.6 is released to ship the fix for CVE-2023-34241
and two other bug fixes.
Detailed list:
* Fix linking error on old MacOS (Issue #715)
* Fix printing multiple files on specific printers (Issue #643)
* Fix use-after-free when logging warnings in case of failures
in cupsdAcceptClient() (fixes CVE-2023-34241)
Issues are those at https://github.com/OpenPrinting/cups/issues
- Version upgrade to 2.4.5:
See https://github.com/openprinting/cups/releases
CUPS 2.4.5 is a hotfix release for a bug which corrupted
locally saved certificates, which broke secured printing
via TLS after the first print job.
- Version upgrade to 2.4.4:
See https://github.com/openprinting/cups/releases
CUPS 2.4.4 release is created as a hotfix for segfault
in cupsGetNamedDest(), when caller tries to find
the default destination and the default destination
is not set on the machine.
- Version upgrade to 2.4.3:
See https://github.com/openprinting/cups/releases
CUPS 2.4.3 brings fix for CVE-2023-32324, several improvements
and many bug fixes. CUPS now implements fallback for printers
with broken firmware, which is not capable of answering
to IPP request get-printer-attributes with all,
media-col-database - this enables driverless support for
bunch of printers which don't follow IPP Everywhere standard.
Aside from the CVE fix the most important fixes are around color
settings, printer application support fixes and OpenSSL support.
Detailed list of changes:
* Added a title with device uri for found network printers
(Issues #402, #393)
* Added new media sizes defined by IANA (Issues #501)
* Added quirk for GoDEX label printers (Issue #440)
* Fixed --enable-libtool-unsupported (Issue #394)
* Fixed configuration on RISC-V machines (Issue #404)
* Fixed the device_uri invalid pointer for driverless printers
with .local hostname (Issue #419)
* Fixed an OpenSSL crash bug (Issue #409)
* Fixed a potential SNMP OID value overflow issue (Issue #431)
* Fixed an OpenSSL certificate loading issue (Issue #465)
* Fixed Brazilian Portuguese translations (Issue #288)
* Fixed cupsd default keychain location when building
with OpenSSL (Issue #529)
* Fixed default color settings for CMYK printers as well
(Issue #500)
* Fixed duplicate PPD2IPP media-type names (Issue #688)
* Fixed possible heap buffer overflow in _cups_strlcpy()
(fixes CVE-2023-32324)
* Fixed InputSlot heuristic for photo sizes smaller than 5x7"
if there is no media-source in the request (Issue #569)
* Fixed invalid memory access during generating IPP Everywhere
queue (Issue #466)
* Fixed lprm if no destination is provided (Issue #457)
* Fixed memory leaks in create_local_bg_thread() (Issue #466)
* Fixed media size tolerance in ippeveprinter (Issue #487)
* Fixed passing command name without path into ippeveprinter
(Issue #629)
* Fixed saving strings file path in printers.conf (Issue #710)
* Fixed TLS certificate generation bugs (Issue #652)
* ippDeleteValues would not delete the last value (Issue #556)
* Ignore some of IPP defaults if the application sends
its PPD alternative (Issue #484)
* Make Letter the default size in ippevepcl (Issue #543)
* Now accessing Admin page in Web UI requires authentication
(Issue #518)
* Now look for default printer on network if needed (Issue #452)
* Now we poll media-col-database separately if we fail at first
(Issue #599)
* Now report fax attributes and values as needed (Issue #459)
* Now localize HTTP responses using the Content-Language value
(Issue #426)
* Raised file size limit for importing PPD via Web UI
(Issue #433)
* Raised maximum listen backlog size to INT MAX (Issue #626)
* Update print-color-mode if the printer is modified
via ColorModel PPD option (Issue #451)
* Use localhost when printing via printer application
(Issue #353)
* Write defaults into /etc/cups/lpoptions if we're root
(Issue #456)
Issues are those at https://github.com/OpenPrinting/cups/issues
ImportantSUSE bug 1219503SUSE bug 1225365CVE-2023-32324 at SUSECVE-2023-32324 at NVDCVE-2023-32360 at SUSECVE-2023-32360 at NVDCVE-2023-34241 at SUSECVE-2023-34241 at NVDCVE-2023-4504 at SUSECVE-2023-4504 at NVDCVE-2024-35235 at SUSECVE-2024-35235 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-requests (Moderate)SUSE Linux Micro 6.0
This update for python-requests contains the following fixes:
- Add patch to fix to inject the default CA bundles if they are not specified.
(bsc#1226321, bsc#1231500)
- Remove Requires on python-py, it should have been removed earlier.
- update to 2.32.3:
* Fixed bug breaking the ability to specify custom SSLContexts
in sub-classes of HTTPAdapter.
* Fixed issue where Requests started failing to run on Python
versions compiled without the `ssl` module.
* To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0,
we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing
custom HTTPAdapters will need to migrate their code to use this new API. get_connection is
* Fixed an issue where setting verify=False on the first request from a Session
will cause subsequent requests to the same origin to also ignore cert verification,
* verify=True now reuses a global SSLContext which should improve request time
* Requests now supports optional use of character detection (chardet or charset_normalizer)
when repackaged or vendored. This enables pip and other projects to minimize their
ModerateSUSE bug 1224788SUSE bug 1226321SUSE bug 1231500CVE-2024-35195 at SUSECVE-2024-35195 at NVDcpe:/o:suse:sl-micro:6.0Security update for wget (Moderate)SUSE Linux Micro 6.0
This update for wget fixes the following issues:
- CVE-2024-10524: Drop support for shorthand URLs (bsc#1233773).
ModerateSUSE bug 1233773CVE-2024-10524 at SUSECVE-2024-10524 at NVDcpe:/o:suse:sl-micro:6.0Security update for sevctl (Moderate)SUSE Linux Micro 6.0
This update for sevctl fixes the following issues:
Security issue fixed:
- CVE-2023-50711: Fixed out of bounds memory accesses in a vendored dependency (bsc#1218502)
Non-security issue fixed:
- Update vendored dependencies and re-enable cargo update obs service (bsc#1229953)
ModerateSUSE bug 1218499SUSE bug 1218502SUSE bug 1229953CVE-2023-50711 at SUSECVE-2023-50711 at NVDcpe:/o:suse:sl-micro:6.0Security update for opensc (Moderate)SUSE Linux Micro 6.0
This update for opensc fixes the following issues:
- CVE-2024-8443: Fixed heap buffer overflow in OpenPGP driver when generating key (bsc#1230364)
- CVE-2024-45620: Fixed incorrect handling of the length of buffers or files in pkcs15init (bsc#1230076)
- CVE-2024-45619: Fixed incorrect handling length of buffers or files in libopensc (bsc#1230075)
- CVE-2024-45618: Fixed uninitialized values after incorrect or missing checking return values of functions in pkcs15init (bsc#1230074)
- CVE-2024-45617: Fixed uninitialized values after incorrect or missing checking return values of functions in libopensc (bsc#1230073)
- CVE-2024-45616: Fixed uninitialized values after incorrect check or usage of APDU response values in libopensc (bsc#1230072)
- CVE-2024-45615: Fixed uninitialized values in libopensc and pkcs15init (bsc#1230071)
ModerateSUSE bug 1230071SUSE bug 1230072SUSE bug 1230073SUSE bug 1230074SUSE bug 1230075SUSE bug 1230076SUSE bug 1230364CVE-2024-45615 at SUSECVE-2024-45615 at NVDCVE-2024-45616 at SUSECVE-2024-45616 at NVDCVE-2024-45617 at SUSECVE-2024-45617 at NVDCVE-2024-45618 at SUSECVE-2024-45618 at NVDCVE-2024-45619 at SUSECVE-2024-45619 at NVDCVE-2024-45620 at SUSECVE-2024-45620 at NVDCVE-2024-8443 at SUSECVE-2024-8443 at NVDcpe:/o:suse:sl-micro:6.0Security update for curl (Moderate)SUSE Linux Micro 6.0
This update for curl fixes the following issues:
- CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528)
ModerateSUSE bug 1232528CVE-2024-9681 at SUSECVE-2024-9681 at NVDcpe:/o:suse:sl-micro:6.0Security update for wpa_supplicant (Moderate)SUSE Linux Micro 6.0
This update for wpa_supplicant fixes the following issues:
- CVE-2023-52160: Fixed WiFi authentication bypass (bsc#1219975).
ModerateSUSE bug 1219975CVE-2023-52160 at SUSECVE-2023-52160 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
- CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).
- CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
- CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).
- CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).
- CVE-2024-40925: block: fix request.queuelist usage in flush (bsc#1227789).
- CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866).
- CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
- CVE-2024-39496: btrfs: zoned: fix use-after-free due to race with dev replace (bsc#1227719).
- CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
- CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
- CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
- CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
- CVE-2024-40975: platform/x86: x86-android-tablets: Unregister devices in reverse order (bsc#1227926).
- CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
- CVE-2024-40947: ima: Avoid blocking in RCU read-side critical section (bsc#1227803).
- CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).
- CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).
- CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).
- CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).
- CVE-2024-39504: netfilter: nft_inner: validate mandatory meta and payload (bsc#1227757).
- CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).
- CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
- CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
- CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).
- CVE-2024-40928: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() (bsc#1227788).
- CVE-2024-26944: btrfs: zoned: fix lock ordering in btrfs_zone_activate() (bsc#1223731).
- CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
- CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).
- CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779).
- CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
- CVE-2024-35908: tls: get psock ref after taking rxlock to avoid leak (bsc#1224490)
- CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)
- CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
- CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
- CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
- CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).
- CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
- CVE-2024-27404: mptcp: fix data races on remote_id (bsc#1224422)
- CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
- CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
- CVE-2024-40948: mm/page_table_check: fix crash on ZONE_DEVICE (bsc#1227801).
- CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
- CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
- CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).
- CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).
- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103.
- CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).
- CVE-2024-27012: netfilter: nf_tables: restore set elements when delete set fails (bsc#1223804).
- CVE-2024-39498: drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2 (bsc#1227723)
- CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).
- CVE-2024-27016: netfilter: flowtable: validate pppoe header (bsc#1223807).
- CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
- CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
- CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
- CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).
- CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).
- CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).
- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
- CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).
- CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
- CVE-2024-27064: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain (bsc#1223740).
- CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
- CVE-2023-47210: wifi: iwlwifi: bump FW API to 90 for BZ/SC devices (bsc#1225601, bsc#1225600).
- CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
- CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
- CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
- CVE-2024-26826: mptcp: fix data re-injection from stale subflow (bsc#1223010).
- CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
- CVE-2024-35942: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain (bsc#1224589).
- CVE-2024-26691: KVM: arm64: Fix circular locking dependency (bsc#1222463).
- CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744).
- CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
- CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
- CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).
- CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).
- CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).
- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
- CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).
- CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).
- CVE-2024-39474: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL (bsc#1227434).
- CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
- CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
- CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
- CVE-2024-36003: ice: fix LAG and VF lock dependency in ice_reset_vf() (bsc#1224544).
- CVE-2024-38604: block: refine the EOF check in blkdev_iomap_begin (bsc#1226866).
- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
- CVE-2024-26623: pds_core: Prevent race issues involving the adminq (bsc#1221057).
- CVE-2024-26785: iommufd: Fix protection fault in iommufd_test_syz_conv_iova (bsc#1222779).
- CVE-2024-26734: devlink: fix possible use-after-free and memory leaks in devlink_init() (bsc#1222438).
- CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
- CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
- CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758).
- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
- CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).
- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
- CVE-2024-35843: iommu/vt-d: Use device rbtree in iopf reporting path (bsc#1224751).
- CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).
- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
- CVE-2024-36281: net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules (bsc#1226799).
- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
- CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841).
- CVE-2024-38636: f2fs: multidev: fix to recognize valid zero block address (bsc#1226879).
- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
- CVE-2024-38566: bpf: Fix verifier assumptions about socket->sk (bsc#1226790).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
- CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).
- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
- CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).
- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
- CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).
- CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).
- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
- CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).
- CVE-2024-38569: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group (bsc#1226772).
- CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).
- CVE-2024-26814: vfio/fsl-mc: Block calling interrupt handler without trigger (bsc#1222810).
- CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).
- CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).
- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
- CVE-2024-27414: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back (bsc#1224439).
- CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).
- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
- CVE-2024-36024: drm/amd/display: Disable idle reallow as part of command/gpint execution (bsc#1225702).
- CVE-2024-36903: ipv6: Fix potential uninit-value access in __ip6_make_skb() (bsc#1225741).
- CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
- CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).
- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
- CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
- CVE-2024-36882: mm: use memalloc_nofs_save() in page_cache_ra_order() (bsc#1225723).
- CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).
- CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).
- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).
- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
- CVE-2023-52786: ext4: fix racy may inline data check in dio write (bsc#1224939).
- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
- CVE-2024-36935: ice: ensure the copied buf is NUL terminated (bsc#1225763).
- CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).
- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).
- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
- CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).
- CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).
- CVE-2024-35892: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() (bsc#1224515).
- CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).
- CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).
- CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).
- CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475).
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
- CVE-2024-35926: crypto: iaa - Fix async_disable descriptor leak (bsc#1224655).
- CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).
- CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).
- CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).
- CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).
- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).
- CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759)
- CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762).
- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).
- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
- CVE-2024-36030: Fixed the double free in rvu_npc_freemem() (bsc#1225712)
- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (CVE-2023-52698 bsc#1224621)
- CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).
- CVE-2023-52434: Fixed potential OOBs in smb2_parse_contexts() (bsc#1220148).
- CVE-2024-26860: Fixed a memory leak when rechecking the data (bsc#1223077).
- CVE-2023-52772: Fixed use-after-free in unix_stream_read_actor() (bsc#1224989).
- CVE-2024-27431: Fixed Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718).
- CVE-2024-35860: Struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531).
- CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581).
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2024-35895: Fixed lock inversion deadlock in map delete elem (bsc#1224511).
- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
- CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
- CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).
- CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).
- CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464).
- CVE-2024-27036: Fixed writeback data corruption (bsc#1223810).
- CVE-2024-35903: Fixed IP after emitting call depth accounting (bsc#1224493).
- CVE-2024-35931: Fixed PCI error slot reset during RAS recovery (bsc#1224652).
- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
- CVE-2024-35880: io_uring/kbuf: hold io_buffer_list reference over mmap (bsc#1224523).
- CVE-2024-35831: io_uring: Fix release of pinned pages when __io_uaddr_map fails (bsc#1224698).
- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).
- CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502).
- CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541).
- CVE-2024-36007: Fixed warning during rehash (bsc#1224543).
- CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530).
- CVE-2023-52771: Fixed delete_endpoint() vs parent unregistration race (bsc#1225007).
- CVE-2024-35827: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() (bsc#1224606).
- CVE-2024-27408: Fixed race condition in dmaengine w-edma/eDMA (bsc#1224430).
- CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649).
- CVE-2024-35921: Fixed oops when HEVC init fails (bsc#1224477).
- CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936).
- CVE-2024-35991: Fixed kABI workaround for struct idxd_evl (bsc#1224553).
- CVE-2024-27418: Fixed memory leak in mctp_local_output (bsc#1224720)
- CVE-2024-27417: Fixed potential "struct net" leak in inet6_rtm_getaddr() (bsc#1224721)
- CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187).
- CVE-2024-35917: Fixed Fix bpf_plt pointer arithmetic (bsc#1224481).
- CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).
- CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).
- CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628).
- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2023-52659: Fixed to pfn_to_kaddr() not treated as a 64-bit type (bsc#1224442).
- CVE-2023-52699: sysv: don't call sb_bread() with pointers_lock held (bsc#1224659).
- CVE-2024-21823: Fixed safety flag to struct ends (bsc#1223625).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098).
- CVE-2023-52483: mctp: perform route lookups under a RCU read-side lock (bsc#1220738).
- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
- CVE-2024-26632: Fixed iterating over an empty bio with bio_for_each_folio_all (bsc#1221635).
- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).
- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
- CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829).
- CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).
- CVE-2023-6238: Fixed kcalloc() arguments order (bsc#1217384).
- CVE-2024-26946: Fixed copy_from_kernel_nofault() to read from unsafe address (bsc#1223669).
- CVE-2024-26945: Fixed nr_cpus < nr_iaa case (bsc#1223732).
- CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385).
- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
- CVE-2023-52641: Fixed NULL ptr dereference checking at the end of attr_allocate_frame() (bsc#1222303)
- CVE-2024-26939: Fixed UAF on destroy against retire race (bsc#1223679).
- CVE-2024-26865: rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (bsc#1223062).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-26726: Fixed invalid drop extent_map for free space inode on write error (bsc#1222532)
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
- CVE-2024-26991: Fixed overflow lpage_info when checking attributes (bsc#1223695).
- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2024-27022: Fixed linking file vma until vma is fully initialized (bsc#1223774).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
- CVE-2024-26899: Fixed deadlock between bd_link_disk_holder and partition scan (bsc#1223045).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26638: Fixed uninitialize struct msghdr completely (bsc#1221649 CVE-2024-26638).
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26909: Fixed drm bridge use-after-free (bsc#1223143).
- CVE-2024-26674: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups (bsc#1222378).
- CVE-2024-26906: Fixed invalid vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).
- CVE-2024-26832: Fixed missing folio cleanup in writeback race path (bsc#1223007).
- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).
- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
- CVE-2024-26844: Fixed WARNING in _copy_from_iter (bsc#1223015).
- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
- CVE-2024-26774: Fixed dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt (bsc#1222622).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2024-26815: Fixed improper TCA_TAPRIO_TC_ENTRY_INDEX check (bsc#1222635).
- CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801).
- CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557).
- CVE-2024-26731: Fixed NULL pointer dereference in sk_psock_verdict_data_ready() (bsc#1222371).
- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26740: Fixed use the backlog for mirred ingress (bsc#1222563).
- CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445).
- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2023-52640: Fixed out-of-bounds in ntfs_listxattr (bsc#1222301).
- CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).
- CVE-2023-52631: Fixed an NULL dereference bug (bsc#1222264 CVE-2023-52631).
- CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2023-52458: Fixed check that partition length needs to be aligned with block size (bsc#1220428).
- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
- CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
The following non-security bugs were fixed:
- 9p: add missing locking around taking dentry fid list (git-fixes)
- ACPI: CPPC: Fix access width used for PCC registers (git-fixes).
- ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).
- ACPI: CPPC: Use access_width over bit_width for system memory accesses (stable-fixes).
- ACPI: EC: Abort address space access upon error (stable-fixes).
- ACPI: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes).
- ACPI: EC: Evaluate orphan _REG under EC device (git-fixes).
- ACPI: EC: Install address space handler at the namespace root (stable-fixes).
- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).
- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).
- ACPI: disable -Wstringop-truncation (git-fixes).
- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes).
- ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).
- ACPI: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
- ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).
- ACPI: scan: Do not increase dep_unmet for already met dependencies (git-fixes).
- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (bsc#1217750).
- ACPI: x86: Add PNP_UART1_SKIP quirk for Lenovo Blade2 tablets (stable-fixes).
- ACPI: x86: Force StorageD3Enable on more products (stable-fixes).
- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).
- ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (git-fixes).
- ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).
- ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).
- ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).
- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
- ALSA: PCM: Allow resume only for suspended streams (stable-fixes).
- ALSA: aoa: avoid false-positive format truncation warning (git-fixes).
- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).
- ALSA: core: Remove debugfs at disconnection (git-fixes).
- ALSA: dmaengine: Synchronize dma channel after drop() (stable-fixes).
- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes).
- ALSA: emux: improve patch ioctl data validation (stable-fixes).
- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).
- ALSA: hda/conexant: Mute speakers at suspend / shutdown (bsc#1228269).
- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).
- ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (bsc#1228269).
- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
- ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318 (stable-fixes).
- ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).
- ALSA: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 14 eu0000 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14AHP9 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ARP8 (stable-fixes).
- ALSA: hda/realtek: Add quirks for ASUS Laptops using CS35L56 (stable-fixes).
- ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-fixes).
- ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N (stable-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
- ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes).
- ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).
- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
- ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes).
- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).
- ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes).
- ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).
- ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion models (bsc#1223462).
- ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).
- ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7 (stable-fixes).
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes).
- ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4 (git-fixes).
- ALSA: hda/realtek: Fixes for Asus GU605M and GA403U sound (stable-fixes).
- ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).
- ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes).
- ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).
- ALSA: hda/realtek: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).
- ALSA: hda/realtek: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes).
- ALSA: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes).
- ALSA: hda/realtek: cs35l41: Fixup remaining asus strix models (git-fixes).
- ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).
- ALSA: hda/realtek: fix the hp playback volume issue for LG machines (stable-fixes).
- ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo Hera2 Laptop (stable-fixes).
- ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad ICE-1 (stable-fixes).
- ALSA: hda/tas2781: add locks to kcontrols (git-fixes).
- ALSA: hda/tas2781: correct the register for pow calibrated data (git-fixes).
- ALSA: hda/tas2781: remove digital gain kcontrol (git-fixes).
- ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).
- ALSA: hda: clarify Copyright information (stable-fixes).
- ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).
- ALSA: hda: cs35l41: Component should be unbound before deconstruction (git-fixes).
- ALSA: hda: cs35l41: Fix swapped l/r audio channels for Lenovo ThinBook 13x Gen4 (git-fixes).
- ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).
- ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind() (git-fixes).
- ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-fixes).
- ALSA: hda: cs35l41: Remove redundant argument to cs35l41_request_firmware_file() (stable-fixes).
- ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-fixes).
- ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).
- ALSA: hda: cs35l41: Update DSP1RX5/6 Sources for DSP config (stable-fixes).
- ALSA: hda: cs35l56: Add ACPI device match tables (git-fixes).
- ALSA: hda: cs35l56: Component should be unbound before deconstruction (git-fixes).
- ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() (stable-fixes).
- ALSA: hda: cs35l56: Fix lifecycle of codec pointer (stable-fixes).
- ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).
- ALSA: hda: cs35l56: Set the init_done flag before component_add() (git-fixes).
- ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-fixes).
- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).
- ALSA: hda: tas2781: Component should be unbound before deconstruction (git-fixes).
- ALSA: line6: Zero-initialize message buffers (stable-fixes).
- ALSA: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes).
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
- ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
- ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-fixes).
- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
- ALSA: seq: Do not clear bank selection at event -> UMP MIDI2 conversion (git-fixes).
- ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).
- ALSA: seq: Fix missing MSB in MIDI2 SPP conversion (git-fixes).
- ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-fixes).
- ALSA: seq: Fix missing channel at encoding RPN/NRPN MIDI2 messages (git-fixes).
- ALSA: seq: Fix yet another spot for system message conversion (git-fixes).
- ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages (git-fixes).
- ALSA: seq: ump: Fix missing System Reset message handling (git-fixes).
- ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).
- ALSA: seq: ump: Skip useless ports for static blocks (git-fixes).
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
- ALSA: timer: Set lower bound of start tick time (stable-fixes).
- ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).
- ALSA: ump: Do not clear bank selection after sending a program change (git-fixes).
- ALSA: ump: Do not update FB name for static blocks (git-fixes).
- ALSA: ump: Force 1 Group for MIDI1 FBs (git-fixes).
- ALSA: ump: Set default protocol when not given explicitly (git-fixes).
- ALSA: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes).
- ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).
- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).
- ALSA: usb-audio: Fix microphone sound on HD webcam (stable-fixes).
- ALSA: usb-audio: Move HD Webcam quirk to the right place (git-fixes).
- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
- ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).
- ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).
- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-fixes).
- ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).
- ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).
- ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).
- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).
- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
- ASoC: Intel: avs: Populate board selection with new I2S entries (stable-fixes).
- ASoC: Intel: avs: Set name of control as in topology (git-fixes).
- ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).
- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).
- ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-fixes).
- ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710) laptops (stable-fixes).
- ASoC: Intel: common: add ACPI matching tables for Arrow Lake (stable-fixes).
- ASoC: Intel: sof-sdw: really remove FOUR_SPEAKER quirk (git-fixes).
- ASoC: Intel: sof_sdw: add JD2 quirk for HP Omen 14 (stable-fixes).
- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0C0F (stable-fixes).
- ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (git-fixes).
- ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).
- ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3 suspend (stable-fixes).
- ASoC: SOF: Intel: hda-pcm: Limit the maximum number of periods by MAX_BDL_ENTRIES (stable-fixes).
- ASoC: SOF: Intel: hda: fix null deref on system suspend entry (git-fixes).
- ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-fixes).
- ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).
- ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).
- ASoC: SOF: amd: Optimize quirk for Valve Galileo (stable-fixes).
- ASoC: SOF: imx8m: Fix DSP control regmap retrieval (git-fixes).
- ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend (stable-fixes).
- ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (git-fixes).
- ASoC: SOF: ipc4-topology: Preserve the DMA Link ID for ChainDMA on unprepare (git-fixes).
- ASoC: SOF: ipc4-topology: Use correct queue_id for requesting input pin format (stable-fixes).
- ASoC: SOF: pcm: Restrict DSP D0i3 during S0ix to IPC3 (stable-fixes).
- ASoC: SOF: sof-audio: Skip unprepare for in-use widgets on error rollback (stable-fixes).
- ASoC: TAS2781: Fix tasdev_load_calibrated_data() (git-fixes).
- ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).
- ASoC: amd: Adjust error handling in case of absent codec device (git-fixes).
- ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes).
- ASoC: amd: acp: fix for acp_init function error handling (git-fixes).
- ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes).
- ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS M5602RA (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 (stable-fixes).
- ASoC: amd: yc: Revert "Fix non-functional mic on Lenovo 21J2" (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E16 Gen 2 (bsc#1228269).
- ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).
- ASoC: cs35l41: Update DSP1RX5/6 Sources for DSP config (git-fixes).
- ASoC: cs35l56: Accept values greater than 0 as IRQ numbers (git-fixes).
- ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).
- ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).
- ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).
- ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes).
- ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value (git-fixes).
- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
- ASoC: max98088: Check for clk_prepare_enable() error (git-fixes).
- ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-fixes).
- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).
- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
- ASoC: q6apm-lpass-dai: close graph on prepare errors (git-fixes).
- ASoC: qcom: Adjust issues in case of DT error in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates (git-fixes).
- ASoC: rockchip: i2s-tdm: Fix trcm mode by setting clock on right mclk (git-fixes).
- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-fixes).
- ASoC: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
- ASoC: rt5682-sdw: fix locking sequence (git-fixes).
- ASoC: rt711-sdca: fix locking sequence (git-fixes).
- ASoC: rt711-sdw: add missing readable registers (stable-fixes).
- ASoC: rt711-sdw: fix locking sequence (git-fixes).
- ASoC: rt712-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: rt715-sdca: volume step modification (git-fixes).
- ASoC: rt715: add vendor clear control register (git-fixes).
- ASoC: rt722-sdca-sdw: add debounce time for type detection (stable-fixes).
- ASoC: rt722-sdca-sdw: add silence detection register as volatile (stable-fixes).
- ASoC: rt722-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).
- ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).
- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
- ASoC: sof: amd: fix for firmware reload failure in Vangogh platform (git-fixes).
- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).
- ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).
- ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).
- ASoC: tas2781: mark dvc_tlv with __maybe_unused (git-fixes).
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes).
- ASoC: ti: omap-hdmi: Fix too long driver name (stable-fixes).
- ASoC: tlv320adc3xxx: Do not strip remove function when driver is builtin (git-fixes).
- ASoC: topology: Do not assign fields that are already set (stable-fixes).
- ASoC: topology: Fix references to freed memory (stable-fixes).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
- ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).
- ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl() (git-fixes).
- ASoc: tas2781: Enable RCA-based playback without DSP firmware download (git-fixes).
- Bluetooth: Add new quirk for broken read key length on ATS2851 (stable-fixes).
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).
- Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).
- Bluetooth: ISO: Align broadcast sync_timeout with connection timeout (stable-fixes).
- Bluetooth: ISO: Check socket flag instead of hcon (git-fixes).
- Bluetooth: ISO: Do not reject BT_ISO_QOS if parameters are unset (git-fixes).
- Bluetooth: ISO: Fix BIS cleanup (stable-fixes).
- Bluetooth: Ignore too large handle values in BIG (git-fixes).
- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes).
- Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).
- Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID (bsc#1221504).
- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: add quirk for broken address properties (git-fixes).
- Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes).
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).
- Bluetooth: btintel: Fixe build regression (git-fixes).
- Bluetooth: btintel: Refactor btintel_set_ppag() (git-fixes).
- Bluetooth: btnxpuart: Add handling for boot-signature timeout errors (git-fixes).
- Bluetooth: btnxpuart: Enable Power Save feature on startup (stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
- Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-fixes).
- Bluetooth: hci_bcm4377: Fix msgid release (git-fixes).
- Bluetooth: hci_bcm4377: Use correct unit for timeouts (git-fixes).
- Bluetooth: hci_core: Cancel request on command timeout (stable-fixes).
- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-fixes).
- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
- Bluetooth: hci_event: Fix setting of unicast qos interval (git-fixes).
- Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS (stable-fixes).
- Bluetooth: hci_event: Set QoS encryption from BIGInfo report (git-fixes).
- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).
- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync (git-fixes).
- Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY (git-fixes).
- Bluetooth: hci_sync: Use QoS to determine which PHY to scan (stable-fixes).
- Bluetooth: l2cap: Do not double set the HCI_CONN_MGMT_CONNECTED bit (git-fixes).
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).
- Bluetooth: mgmt: Fix limited discoverable off timeout (stable-fixes).
- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).
- Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes).
- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).
- Bluetooth: qca: add missing firmware sanity checks (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
- Bluetooth: qca: fix NVM configuration parsing (git-fixes).
- Bluetooth: qca: fix device-address endianness (git-fixes).
- Bluetooth: qca: fix firmware check error path (git-fixes).
- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).
- Bluetooth: qca: set power_ctrl_enabled on NULL returned by gpiod_get_optional() (git-fixes).
- EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).
- Edit "amdkfd: use calloc instead of kzalloc to avoid integer overflow" Reference CVE and bug numbers.
- Enable CONFIG_FIPS_SIGNATURE_SELFTEST (bsc#1222771)
- Enable CONFIG_SCHED_CLUSTER=y on arm64 (jsc#PED-8701).
- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_ECDSA.
- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_RSA.
- Fix a potential infinite loop in extract_user_to_sg() (git-fixes).
- Fix build errors due to new UIO_MEM_DMA_COHERENT mess (git-fixes).
- HID: Add quirk for Logitech Casa touchpad (stable-fixes).
- HID: Ignore battery for ELAN touchscreens 2F2C and 4116 (stable-fixes).
- HID: amd_sfh: Handle "no sensors" in PM operations (git-fixes).
- HID: core: remove unnecessary WARN_ON() in implement() (git-fixes).
- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-fixes).
- HID: input: avoid polling stylus battery on Chromebook Pompom (stable-fixes).
- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
- HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports (git-fixes).
- HID: mcp-2221: cancel delayed_work only when CONFIG_IIO is enabled (stable-fixes).
- HID: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).
- HID: wacom: Modify pen IDs (git-fixes).
- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
- Input: ads7846 - use spi_device_id table (stable-fixes).
- Input: allocate keycode for Display refresh rate toggle (stable-fixes).
- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).
- Input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes).
- Input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes).
- Input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes).
- Input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).
- Input: i8042 - add Ayaneo Kun to i8042 quirk table (stable-fixes).
- Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes).
- Input: imagis - use FIELD_GET where applicable (stable-fixes).
- Input: ims-pcu - fix printf string overflow (git-fixes).
- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).
- Input: qt1050 - handle CHIP_ID reading error (git-fixes).
- Input: silead - Always support 10 fingers (stable-fixes).
- Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails (stable-fixes).
- Input: xpad - add additional HyperX Controller Identifiers (stable-fixes).
- Input: xpad - add support for ASUS ROG RAIKIRI (git-fixes).
- Input: xpad - add support for ASUS ROG RAIKIRI PRO (stable-fixes).
- Input: xpad - add support for Snakebyte GAMEPADs (stable-fixes).
- KEYS: trusted: Do not use WARN when encode fails (git-fixes).
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
- KVM: SEV-ES: Delegate LBR virtualization to the processor (git-fixes).
- KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (git-fixes).
- KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).
- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (git-fixes).
- KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).
- KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (git-fixes).
- KVM: VMX: Disable LBR virtualization if the CPU does not support LBR callstacks (git-fixes).
- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
- KVM: arm64: Use local TLBI on permission relaxation (bsc#1219478).
- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224790).
- KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal slots (git-fixes).
- KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-fixes).
- KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).
- KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (git-fixes).
- KVM: x86/pmu: Allow programming events that match unsupported arch events (git-fixes).
- KVM: x86/pmu: Always treat Fixed counters as available when supported (git-fixes).
- KVM: x86/pmu: Apply "fast" RDPMC only to Intel PMUs (git-fixes).
- KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).
- KVM: x86/pmu: Disallow "fast" RDPMC for architectural Intel PMUs (git-fixes).
- KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).
- KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-fixes).
- KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives (git-fixes).
- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (bsc#1226158).
- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (git-fixes).
- KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at "RESET" (git-fixes).
- KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).
- KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).
- KVM: x86/xen: improve accuracy of Xen timers (git-fixes).
- KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-fixes).
- KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery (git-fixes).
- KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-fixes).
- KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes).
- KVM: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes).
- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-fixes).
- KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).
- KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-fixes).
- KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-fixes).
- KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they're a WIP (git-fixes).
- KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-fixes).
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- NFS: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes).
- NFS: Fix an off by one in root_nfs_cat() (git-fixes).
- NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt (git-fixes).
- NFS: Read unlock folio on nfs_page_create_from_folio() error (git-fixes).
- NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847).
- NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
- NFS: add barriers when testing for NFS_FSDATA_BLOCKED (git-fixes).
- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).
- NFSD: Convert the callback workqueue to use delayed_work (git-fixes).
- NFSD: Fix checksum mismatches in the duplicate reply cache (git-fixes).
- NFSD: Fix nfsd_clid_class use of __string_len() macro (git-fixes).
- NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- NFSD: Retransmit callbacks after client reconnects (git-fixes).
- NFSD: change LISTXATTRS cookie encoding to big-endian (git-fixes).
- NFSD: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).
- NFSD: fix LISTXATTRS returning more bytes than maxcount (git-fixes).
- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
- NFSv4.1 enforce rootpath check in fs_location query (git-fixes).
- NFSv4.1/pnfs: fix NFS with TLS in pnfs (git-fixes).
- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
- NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362).
- NFSv4: Fixup smatch warning for ambiguous return (git-fixes).
- Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).
- PCI/AER: Block runtime suspend when handling errors (stable-fixes).
- PCI/ASPM: Update save_state when configuration changes (bsc#1226915)
- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
- PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (stable-fixes).
- PCI/DPC: Use FIELD_GET() (stable-fixes).
- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/MSI: Fix UAF in msi_capability_init (git-fixes).
- PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes).
- PCI/PM: Drain runtime-idle callbacks before driver removal (stable-fixes).
- PCI: Clear Secondary Status errors after enumeration (bsc#1226928)
- PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).
- PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge (stable-fixes).
- PCI: Do not wait for disconnected devices when resuming (git-fixes).
- PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).
- PCI: Extend ACS configurability (bsc#1228090).
- PCI: Fix resource double counting on remove & rescan (git-fixes).
- PCI: Fix typos in docs and comments (stable-fixes).
- PCI: Introduce cleanup helpers for device reference counts and locks (stable-fixes).
- PCI: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
- PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word() (stable-fixes).
- PCI: dw-rockchip: Fix initial PERST# GPIO value (git-fixes).
- PCI: dwc: Fix index 0 incorrectly being interpreted as a free ATU slot (git-fixes).
- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).
- PCI: endpoint: Clean up error handling in vpci_scan_bus() (git-fixes).
- PCI: endpoint: Fix error handling in epf_ntb_epc_cleanup() (git-fixes).
- PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init() (git-fixes).
- PCI: hv: Fix ring buffer size calculation (git-fixes).
- PCI: keystone: Do not enable BAR 0 for AM654x (git-fixes).
- PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (git-fixes).
- PCI: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes).
- PCI: qcom-ep: Disable resources unconditionally during PERST# assert (git-fixes).
- PCI: qcom: Add support for sa8775p SoC (git-fixes).
- PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p (git-fixes).
- PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() (git-fixes).
- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).
- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes).
- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
- PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).
- PCI: switchtec: Use normal comment style (stable-fixes).
- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
- PCI: tegra194: Set EP alignment restriction for inbound ATU (git-fixes).
- PCI: vmd: Create domain symlink before pci_bus_add_devices() (bsc#1227363).
- PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).
- PM: s2idle: Make sure CPUs will wakeup directly on resume (git-fixes).
- Port "certs: Add ECDSA signature verification self-test".
- Port "certs: Move RSA self-test data to separate file".
- RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300).
- RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).
- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
- RDMA/bnxt_re: Fix the max msix vectors macro (git-fixes)
- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)
- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
- RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw (git-fixes)
- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)
- RDMA/hns: Fix GMV table pagesize (git-fixes)
- RDMA/hns: Fix UAF for cq async event (git-fixes)
- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
- RDMA/hns: Modify the print level of CQE error (git-fixes)
- RDMA/hns: Use complete parentheses in macros (git-fixes)
- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
- RDMA/mana_ib: Ignore optional access flags for MRs (git-fixes).
- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)
- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
- RDMA/mlx5: Change check for cacheable mkeys (git-fixes)
- RDMA/mlx5: Ensure created mkeys always have a populated rb_key (git-fixes)
- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)
- RDMA/mlx5: Fix unwind flow as part of mlx5_ib_stage_init_init (git-fixes)
- RDMA/mlx5: Follow rb_key.ats when creating new mkeys (git-fixes)
- RDMA/mlx5: Remove extra unlock on error path (git-fixes)
- RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)
- RDMA/restrack: Fix potential invalid address access (git-fixes)
- RDMA/rxe: Allow good work requests to be executed (git-fixes)
- RDMA/rxe: Fix data copy for IB_SEND_INLINE (git-fixes)
- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
- RDMA/rxe: Fix responder length checking for UD request packets (git-fixes)
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
- RDMA/rxe: Fix the problem "mutex_destroy missing" (git-fixes)
- Reapply "drm/qxl: simplify qxl_fence_wait" (stable-fixes).
- Refresh kabi workaround ath updates (bsc#1227149#)
- Refresh the previous ASoC patch, landed in subsystem tree (bsc#1228269)
- Remove NTFSv3 from configs (bsc#1224429)
- SEV: disable SEV-ES DebugSwap by default (git-fixes).
- SUNRPC: Fix gss_free_in_token_pages() (git-fixes).
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272).
- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
- SUNRPC: return proper error from gss_wrap_req_priv (git-fixes).
- Temporarily drop KVM patch that caused a regression (bsc#1226158)
- USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes).
- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).
- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).
- USB: core: Add hub_get() and hub_put() routines (stable-fixes).
- USB: core: Fix access violation during port device removal (git-fixes).
- USB: core: Fix deadlock in port "disable" sysfs attribute (stable-fixes).
- USB: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes).
- USB: serial: add device ID for VeriFone adapter (stable-fixes).
- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).
- USB: serial: mos7840: fix crash on resume (git-fixes).
- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
- USB: serial: option: add Fibocom FM350-GL (stable-fixes).
- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
- USB: serial: option: add Netprisma LCUK54 series modules (stable-fixes).
- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
- USB: serial: option: add Rolling RW350-GL variants (stable-fixes).
- USB: serial: option: add Telit FN912 rmnet compositions (stable-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
- USB: serial: option: add Telit generic core-dump composition (stable-fixes).
- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
- USB: serial: option: add support for Foxconn T99W651 (stable-fixes).
- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
- USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes).
- Update ath11k suspend patches from the latest subsystem tree (bsc#1207948).
- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).
- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).
- Workaround broken chacha crypto fallback (bsc#1218205).
- X.509: Fix the parser of extended key usage for length (bsc#1218820).
- accel/ivpu: Fix deadlock in context_xa (git-fixes).
- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).
- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
- ahci: asm1064: correct count of reported ports (stable-fixes).
- amd/amdkfd: sync all devices to wait all processes being evicted (stable-fixes).
- amdkfd: use calloc instead of kzalloc to avoid integer overflow (stable-fixes).
- arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).
- arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502)
- arm64/io: add constant-argument check (bsc#1226502 git-fixes)
- arm64/ptrace: Use saved floating point state type to determine SVE (git-fixes)
- arm64/sve: Lower the maximum allocation for the SVE ptrace regset (git-fixes)
- arm64: Add the arm64.no32bit_el0 command line option (jsc#PED-3184).
- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).
- arm64: bpf: fix 32bit unconditional bswap (git-fixes).
- arm64: dts: Fix dtc interrupt_provider warnings (git-fixes)
- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
- arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)
- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: enable hysteresis on slow input (git-fixes)
- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
- arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)
- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)
- arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)
- arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes)
- arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx93-11x11-evk: Remove the 'no-sdio' property (git-fixes)
- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Add mdio and ethernet-phy nodes to (git-fixes)
- arm64: dts: rockchip: Add missing power-domains for rk356x vop_mmu (git-fixes)
- arm64: dts: rockchip: Add pinctrl for UART0 to rk3308-rock-pi-s (git-fixes)
- arm64: dts: rockchip: Add sdmmc related properties on (git-fixes)
- arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes)
- arm64: dts: rockchip: Drop invalid mic-in-differential on (git-fixes)
- arm64: dts: rockchip: Fix SD NAND and eMMC init on rk3308-rock-pi-s (git-fixes)
- arm64: dts: rockchip: Fix mic-in-differential usage on (git-fixes)
- arm64: dts: rockchip: Fix mic-in-differential usage on rk3566-roc-pc (git-fixes)
- arm64: dts: rockchip: Fix the DCDC_REG2 minimum voltage on Quartz64 (git-fixes)
- arm64: dts: rockchip: Fix the value of `dlg,jack-det-rate` mismatch (git-fixes)
- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- arm64: dts: rockchip: Rename LED related pinctrl nodes on (git-fixes)
- arm64: dts: rockchip: Update WIFi/BT related nodes on (git-fixes)
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes)
- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)
- arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)
- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
- arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8688).
- arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8688).
- arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8688).
- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
- arm64: tegra: Set the correct PHY mode for MGBE (git-fixes)
- arm_pmu: acpi: Add a representative platform device for TRBE (bsc#1220587)
- arm_pmu: acpi: Refactor arm_spe_acpi_register_device() (bsc#1220587)
- asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-fixes).
- ata,scsi: libata-core: Do not leak memory for ata_port struct members (git-fixes).
- ata: ahci: Clean up sysfs file on error (git-fixes).
- ata: libata-core: Allow command duration limits detection for ACS-4 drives (git-fixes).
- ata: libata-core: Fix double free on error (git-fixes).
- ata: libata-core: Fix null pointer dereference on error (git-fixes).
- ata: libata-scsi: Fix offsets for the fixed format sense data (git-fixes).
- ata: pata_legacy: make legacy_exit() work again (git-fixes).
- ata: sata_gemini: Check clk_enable() result (stable-fixes).
- ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).
- auxdisplay: ht16k33: Drop reference after LED registration (git-fixes).
- ax25: Fix netdev refcount issue (git-fixes).
- ax25: Fix refcount imbalance on inbound connections (git-fixes).
- ax25: Fix reference count leak issue of net_device (git-fixes).
- ax25: Fix reference count leak issues of ax25_dev (git-fixes).
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
- batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).
- batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes).
- bitops: add missing prototype check (git-fixes).
- blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (bsc#1225605).
- blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).
- block: Move checking GENHD_FL_NO_PART to bdev_add_partition() (bsc#1226213).
- block: fix q->blkg_list corruption during disk rebind (bsc#1223591).
- bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX (git-fixes).
- bnx2x: Fix firmware version string character counts (git-fixes).
- bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).
- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-fixes).
- bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)
- bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).
- bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).
- bootmem: use kmemleak_free_part_phys in free_bootmem_page (git-fixes).
- bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).
- bpf, arm64: Fix incorrect runtime stats (git-fixes)
- bpf, arm64: fix bug in BPF_LDX_MEMSX (git-fixes)
- bpf, scripts: Correct GPL license name (git-fixes).
- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).
- bpf: check bpf_func_state->callback_depth when pruning states (bsc#1225903).
- bpf: correct loop detection for iterators convergence (bsc#1225903).
- bpf: exact states comparison for iterator convergence checks (bsc#1225903).
- bpf: extract __check_reg_arg() utility function (bsc#1225903).
- bpf: extract same_callsites() as utility function (bsc#1225903).
- bpf: extract setup_func_entry() utility function (bsc#1225903).
- bpf: fix precision backtracking instruction iteration (bsc#1225756).
- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
- bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903).
- bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903).
- bpf: print full verifier states on infinite loop detection (bsc#1225903).
- bpf: verify callbacks as if they are called unknown number of times (bsc#1225903).
- bpf: widening for callback iterators (bsc#1225903).
- btrfs: add a helper to read the superblock metadata_uuid (git-fixes)
- btrfs: add and use helper to check if block group is used (bsc#1220120).
- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: add new unused block groups to the list of unused block groups (bsc#1220120).
- btrfs: allow to run delayed refs by bytes to be released instead of count (bsc#1220120).
- btrfs: always clear PERTRANS metadata during commit (git-fixes)
- btrfs: always print transaction aborted messages with an error level (git-fixes)
- btrfs: always reserve space for delayed refs when starting transaction (bsc#1220120).
- btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).
- btrfs: assert delayed node locked when removing delayed item (git-fixes)
- btrfs: avoid start and commit empty transaction when flushing qgroups (bsc#1220120).
- btrfs: avoid start and commit empty transaction when starting qgroup rescan (bsc#1220120).
- btrfs: avoid starting and committing empty transaction when flushing space (bsc#1220120).
- btrfs: avoid starting new transaction when flushing delayed items and refs (bsc#1220120).
- btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)
- btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-fixes)
- btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size (git-fixes)
- btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-fixes)
- btrfs: do not allow non subvolume root targets for snapshot (git-fixes)
- btrfs: do not arbitrarily slow down delalloc if we're committing (git-fixes)
- btrfs: do not delete unused block group if it may be used soon (bsc#1220120).
- btrfs: do not refill whole delayed refs block reserve when starting transaction (bsc#1220120).
- btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-fixes)
- btrfs: do not steal space from global rsv after a transaction abort (bsc#1220120).
- btrfs: do not warn if discard range is not aligned to sector (git-fixes)
- btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is given (bsc#1223285).
- btrfs: error out when COWing block using a stale transaction (git-fixes)
- btrfs: error out when reallocating block for defrag using a stale transaction (git-fixes)
- btrfs: error when COWing block from a root that is being deleted (git-fixes)
- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)
- btrfs: fail priority metadata ticket with real fs error (bsc#1220120).
- btrfs: file_remove_privs needs an exclusive lock in direct io write (git-fixes)
- btrfs: fix 64bit compat send ioctl arguments not initializing version member (git-fixes)
- btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)
- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)
- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)
- btrfs: fix off-by-one when checking chunk map includes logical address (git-fixes)
- btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).
- btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).
- btrfs: fix race when refilling delayed refs block reserve (git-fixes)
- btrfs: fix start transaction qgroup rsv double free (git-fixes)
- btrfs: fix stripe length calculation for non-zoned data chunk allocation (bsc#1217489).
- btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range() (git-fixes)
- btrfs: free qgroup rsv on io failure (git-fixes)
- btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-fixes)
- btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).
- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)
- btrfs: initialize key where it's used when running delayed data ref (bsc#1220120).
- btrfs: log message if extent item not found when running delayed extent op (bsc#1220120).
- btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).
- btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).
- btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).
- btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).
- btrfs: make error messages more clear when getting a chunk map (git-fixes)
- btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).
- btrfs: make find_free_dev_extent() static (bsc#1220120).
- btrfs: make insert_delayed_ref() return a bool instead of an int (bsc#1220120).
- btrfs: merge find_free_dev_extent() and find_free_dev_extent_start() (bsc#1220120).
- btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).
- btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).
- btrfs: output extra debug info if we failed to find an inline backref (git-fixes)
- btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes() (bsc#1220120).
- btrfs: prevent transaction block reserve underflow when starting transaction (git-fixes)
- btrfs: print available space across all block groups when dumping space info (bsc#1220120).
- btrfs: print available space for a block group when dumping a space info (bsc#1220120).
- btrfs: print block group super and delalloc bytes when dumping space info (bsc#1220120).
- btrfs: print target number of bytes when dumping free space (bsc#1220120).
- btrfs: qgroup: always free reserved space for extent records (bsc#1216196).
- btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-fixes)
- btrfs: record delayed inode root in transaction (git-fixes)
- btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)
- btrfs: release path before inode lookup during the ino lookup ioctl (git-fixes)
- btrfs: remove pointless 'ref_root' variable from run_delayed_data_ref() (bsc#1220120).
- btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release() (bsc#1220120).
- btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_drop argument from __btrfs_free_extent() (bsc#1220120).
- btrfs: remove the refcount warning/check at btrfs_put_delayed_ref() (bsc#1220120).
- btrfs: remove unnecessary logic when running new delayed references (bsc#1220120).
- btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).
- btrfs: remove unused is_head field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: rename add_new_free_space() to btrfs_add_new_free_space() (bsc#1220120).
- btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).
- btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).
- btrfs: reset destination buffer when read_extent_buffer() gets invalid range (git-fixes)
- btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (git-fixes)
- btrfs: return -EUCLEAN if extent item is missing when searching inline backref (bsc#1220120).
- btrfs: return real error when orphan cleanup fails due to a transaction abort (bsc#1220120).
- btrfs: send: do not issue unnecessary zero writes for trailing hole (bsc#1222459).
- btrfs: send: ensure send_fd is writable (git-fixes)
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)
- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
- btrfs: set page extent mapped after read_folio in relocate_one_page (git-fixes)
- btrfs: simplify check for extent item overrun at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: stop doing excessive space reservation for csum deletion (bsc#1220120).
- btrfs: store the error that turned the fs into error state (bsc#1220120).
- btrfs: sysfs: validate scrub_speed_max value (git-fixes)
- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)
- btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).
- btrfs: update documentation for add_new_free_space() (bsc#1220120).
- btrfs: use a bool to track qgroup record insertion when adding ref head (bsc#1220120).
- btrfs: use a single switch statement when initializing delayed ref head (bsc#1220120).
- btrfs: use a single variable for return value at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: use a single variable for return value at run_delayed_extent_op() (bsc#1220120).
- btrfs: use bool type for delayed ref head fields that are used as booleans (bsc#1220120).
- btrfs: use the correct superblock to compare fsid in btrfs_validate_super (git-fixes)
- btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)
- btrfs: zoned: do not skip block groups with 100% zone unusable (bsc#1220120).
- bus: mhi: ep: check the correct variable in mhi_ep_register_controller() (git-fixes).
- bus: mhi: host: allow MHI client drivers to provide the firmware via a pointer (bsc#1227149).
- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes).
- cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-fixes).
- cachefiles: remove requests from xarray during flushing requests (bsc#1226588).
- can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (git-fixes).
- can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes).
- can: mcp251xfd: fix infinite loop when xmit fails (git-fixes).
- cdrom: rearrange last_media_change check to avoid unintentional overflow (stable-fixes).
- ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022).
- ceph: always check dir caps asynchronously (bsc#1226022).
- ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).
- ceph: break the check delayed cap loop every 5s (bsc#1226022).
- ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228417).
- ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).
- ceph: stop copying to iter at EOF on sync reads (bsc#1222606).
- ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022).
- certs: Add ECDSA signature verification self-test (bsc#1222777).
- certs: Move RSA self-test data to separate file (bsc#1222777).
- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (git-fixes).
- checkpatch: really skip LONG_LINE_* when LONG_LINE is ignored (git-fixes).
- cifs: Add a laundromat thread for cached directories (git-fixes, bsc#1225172).
- cifs: Do not use certain unnecessary folio_*() functions (bsc#1225172).
- cifs: account for primary channel in the interface list (bsc#1225172).
- cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1225172).
- cifs: distribute channels across interfaces based on speed (bsc#1225172).
- cifs: do not pass cifs_sb when trying to add channels (bsc#1225172).
- cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1225172).
- cifs: fix charset issue in reconnection (bsc#1225172).
- cifs: fix leak of iface for primary channel (git-fixes, bsc#1225172).
- cifs: handle cases where a channel is closed (bsc#1225172).
- cifs: handle cases where multiple sessions share connection (bsc#1225172).
- cifs: reconnect work should have reference on server struct (bsc#1225172).
- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).
- clk: Get runtime PM before walking tree during disable_unused (git-fixes).
- clk: Get runtime PM before walking tree for clk_summary (git-fixes).
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
- clk: Show active consumers of clocks in debugfs (stable-fixes).
- clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (git-fixes).
- clk: mediatek: Do a runtime PM get on controllers during probe (git-fixes).
- clk: mediatek: mt8183: Only enable runtime PM on mt8183-mfgcfg (git-fixes).
- clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).
- clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).
- clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).
- clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-fixes).
- clk: qcom: clk-alpha-pll: set ALPHA_EN bit for Stromer Plus PLLs (git-fixes).
- clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).
- clk: qcom: gcc-sm6350: Fix gpll6* & gpll7 parents (git-fixes).
- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
- clk: qcom: reset: Commonize the de/assert functions (stable-fixes).
- clk: qcom: reset: Ensure write completion on reset de/assertion (git-fixes).
- clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).
- clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).
- clk: rs9: fix wrong default value for clock amplitude (git-fixes).
- clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).
- clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).
- clkdev: Update clkdev id usage to allow for longer names (stable-fixes).
- clocksource/drivers/arm_global_timer: Fix maximum prescaler value (git-fixes).
- clocksource/drivers/imx: Fix -Wunused-but-set-variable warning (git-fixes).
- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
- config/arm64: Enable CoreSight PMU drivers (bsc#1228289 jsc#PED-7859)
- coresight: trbe: Add a representative coresight_platform_data for (bsc#1220587)
- coresight: trbe: Allocate platform data per device (bsc#1220587)
- coresight: trbe: Enable ACPI based TRBE devices (bsc#1220587)
- counter: linux/counter.h: fix Excess kernel-doc description warning (git-fixes).
- counter: ti-eqep: enable clock at probe (git-fixes).
- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
- cpufreq/amd-pstate: Fix the scaling_max_freq setting on shared memory CPPC systems (git-fixes).
- cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).
- cpufreq: amd-pstate: fix memory leak on CPU EPP exit (stable-fixes).
- cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-fixes).
- cpufreq: exit() callback is optional (git-fixes).
- cpufreq: ti-cpufreq: Handle deferred probe with dev_err_probe() (git-fixes).
- cpumask: Add for_each_cpu_from() (bsc#1225053).
- crypto/ecdh: make ecdh_compute_value() to zeroize the public key (bsc#1222768).
- crypto/ecdsa: make ecdsa_ecc_ctx_deinit() to zeroize the public key (bsc#1222768).
- crypto: aead,cipher - zeroize key buffer after use (stable-fixes).
- crypto: bcm - Fix pointer arithmetic (git-fixes).
- crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).
- crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).
- crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked (git-fixes).
- crypto: ccp - drop platform ifdef checks (git-fixes).
- crypto: deflate - Add aliases to deflate (bsc#1227190).
- crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).
- crypto: ecdh - explicitly zeroize private_key (stable-fixes).
- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
- crypto: ecdsa - Fix the public key format description (git-fixes).
- crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).
- crypto: hisilicon/debugfs - Fix debugfs uninit process issue (stable-fixes).
- crypto: hisilicon/qm - Add the err memory release process to qm uninit (stable-fixes).
- crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes).
- crypto: iaa - Account for cpu-less numa nodes (bsc#1227190).
- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).
- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).
- crypto: qat - extend scope of lock in adf_cfg_add_key_value_param() (git-fixes).
- crypto: qat - fix ring to service map for dcc in 4xxx (git-fixes).
- crypto: qat - improve error logging to be consistent across features (git-fixes).
- crypto: qat - relocate and rename get_service_enabled() (stable-fixes).
- crypto: qat - specify firmware files for 402xx (git-fixes).
- crypto: rsa - add a check for allocation failure (bsc#1222775).
- crypto: rsa - allow only odd e and restrict value in FIPS mode (bsc#1222775).
- crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c (bsc#1222769).
- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
- cxl/acpi: Fix load failures due to single window creation failure (git-fixes).
- cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window (git-fixes).
- cxl/region: Fix cxlr_pmem leaks (git-fixes).
- cxl/region: Fix memregion leaks in devm_cxl_add_region() (git-fixes).
- cxl/test: Add missing vmalloc.h for tools/testing/cxl/test/mem.c (git-fixes).
- cxl/trace: Correct DPA field masks for general_media & dram events (git-fixes).
- cxl/trace: Properly initialize cxl_poison region name (git-fixes).
- dax/bus.c: replace driver-core lock usage by a local rwsem (jsc#PED-5853).
- dax/bus.c: replace several sprintf() with sysfs_emit() (jsc#PED-5853).
- dax: alloc_dax() return ERR_PTR(-EOPNOTSUPP) for CONFIG_DAX=n (jsc#PED-5853).
- decompress_bunzip2: fix rare decompression failure (git-fixes).
- device-dax: make dax_bus_type const (jsc#PED-5853).
- devres: Fix devm_krealloc() wasting memory (git-fixes).
- devres: Fix memory leakage caused by driver API devm_free_percpu() (git-fixes).
- dlm: fix user space lkb refcounting (git-fixes).
- dlm: fix user space lock decision to copy lvb (git-fixes).
- dm crypt: remove redundant state settings after waking up (jsc#PED-7542).
- dm thin: add braces around conditional code that spans lines (jsc#PED-7542).
- dm verity: set DM_TARGET_SINGLETON feature flag (jsc#PED-7542).
- dm-integrity: set max_integrity_segments in dm_integrity_io_hints (jsc#PED-7542).
- dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575).
- dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape (bsc#1219596)
- dm-raid: add a new helper prepare_suspend() in md_personality (jsc#PED-7542).
- dm-raid: really frozen sync_thread during suspend (jsc#PED-7542).
- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).
- dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list (jsc#PED-7542).
- dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).
- dma-buf: Fix NULL pointer dereference in sanitycheck() (git-fixes).
- dma-mapping: benchmark: fix node id validation (git-fixes).
- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).
- dma: fix call order in dmam_free_coherent (git-fixes).
- dma: xilinx_dpdma: Fix locking (git-fixes).
- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).
- dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes).
- dmaengine: ioatdma: Fix error path in ioat3_dma_probe() (git-fixes).
- dmaengine: ioatdma: Fix kmemleak in ioat_pci_probe() (git-fixes).
- dmaengine: ioatdma: Fix leaking on version mismatch (git-fixes).
- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- dmaengine: ti: k3-udma: Fix BCHAN count with UHC and HC channels (git-fixes).
- docs: Restore "smart quotes" for quotes (stable-fixes).
- docs: crypto: async-tx-api: fix broken code example (git-fixes).
- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).
- docs: netdev: Fix typo in Signed-off-by tag (git-fixes).
- dpll: spec: use proper enum for pin capabilities attribute (git-fixes).
- driver core: Introduce device_link_wait_removal() (stable-fixes).
- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
- drivers/xen: Improve the late XenStore init protocol (git-fixes).
- drivers: core: synchronize really_probe() and dev_uevent() (git-fixes).
- drivers: soc: xilinx: check return status of get_api_version() (git-fixes).
- drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() (stable-fixes).
- drm/amd/amdgpu: Fix uninitialized variable warnings (git-fixes).
- drm/amd/display: ASSERT when failing to find index by plane/stream id (stable-fixes).
- drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes).
- drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).
- drm/amd/display: Add dml2 copy functions (stable-fixes).
- drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).
- drm/amd/display: Add refresh rate range check (stable-fixes).
- drm/amd/display: Allocate zero bw after bw alloc enable (stable-fixes).
- drm/amd/display: Allow dirty rects to be sent to dmub when abm is active (stable-fixes).
- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).
- drm/amd/display: Change default size for dummy plane in DML2 (stable-fixes).
- drm/amd/display: Check index msg_id before read or write (stable-fixes).
- drm/amd/display: Check pipe offset before setting vblank (stable-fixes).
- drm/amd/display: Disable seamless boot on 128b/132b encoding (stable-fixes).
- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
- drm/amd/display: Enable colorspace property for MST connectors (git-fixes).
- drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/display: Fix DC mode screen flickering on DCN321 (stable-fixes).
- drm/amd/display: Fix array-index-out-of-bounds in dml2/FCLKChangeSupport (stable-fixes).
- drm/amd/display: Fix bounds check for dcn35 DcfClocks (git-fixes).
- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).
- drm/amd/display: Fix idle check for shared firmware state (stable-fixes).
- drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).
- drm/amd/display: Fix nanosec stat overflow (stable-fixes).
- drm/amd/display: Fix noise issue on HDMI AV mute (stable-fixes).
- drm/amd/display: Fix overlapping copy within dml_core_mode_programming (stable-fixes).
- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).
- drm/amd/display: Fix refresh rate range for some panel (stable-fixes).
- drm/amd/display: Fix uninitialized variables in DM (stable-fixes).
- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).
- drm/amd/display: Init DPPCLK from SMU on dcn32 (stable-fixes).
- drm/amd/display: Move 'struct scaler_data' off stack (git-fixes).
- drm/amd/display: Override min required DCFCLK in dml1_validate (stable-fixes).
- drm/amd/display: Prevent crash when disable stream (stable-fixes).
- drm/amd/display: Program VSC SDP colorimetry for all DP sinks >= 1.4 (stable-fixes).
- drm/amd/display: Remove MPC rate control logic from DCN30 and above (stable-fixes).
- drm/amd/display: Remove pixle rate limit for subvp (stable-fixes).
- drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate() (git-fixes).
- drm/amd/display: Return the correct HDCP error code (stable-fixes).
- drm/amd/display: Revert Remove pixle rate limit for subvp (stable-fixes).
- drm/amd/display: Send DP_TOTAL_LTTPR_CNT during detection if LTTPR is present (stable-fixes).
- drm/amd/display: Send DTBCLK disable message on first commit (git-fixes).
- drm/amd/display: Set DCN351 BB and IP the same as DCN35 (stable-fixes).
- drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (stable-fixes).
- drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes).
- drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes).
- drm/amd/display: Skip pipe if the pipe idx not set properly (stable-fixes).
- drm/amd/display: Update efficiency bandwidth for dcn351 (stable-fixes).
- drm/amd/display: Update odm when ODM combine is changed on an otg master pipe with no plane (stable-fixes).
- drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found (stable-fixes).
- drm/amd/display: Workaround register access in idle race with cursor (stable-fixes).
- drm/amd/display: change dram_clock_latency to 34us for dcn35 (stable-fixes).
- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
- drm/amd/display: fix input states translation error for dcn35 & dcn351 (stable-fixes).
- drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
- drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes).
- drm/amd/pm: Restore config space after reset (stable-fixes).
- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
- drm/amd/pm: remove logically dead code for renoir (git-fixes).
- drm/amd/swsmu: modify the gfx activity scaling (stable-fixes).
- drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).
- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).
- drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).
- drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes).
- drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes).
- drm/amdgpu/display: Address kdoc for 'is_psr_su' in 'fill_dc_dirty_rects' (git-fixes).
- drm/amdgpu/mes: fix use-after-free issue (stable-fixes).
- drm/amdgpu/pm: Check the validity of overdiver power limit (git-fixes).
- drm/amdgpu/pm: Fix NULL pointer dereference when get power limit (git-fixes).
- drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
- drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).
- drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-fixes).
- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-fixes).
- drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).
- drm/amdgpu: Fix VRAM memory accounting (stable-fixes).
- drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() (git-fixes).
- drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).
- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
- drm/amdgpu: Fix memory range calculation (git-fixes).
- drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes).
- drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes).
- drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).
- drm/amdgpu: Fix uninitialized variable warnings (stable-fixes).
- drm/amdgpu: Indicate CU havest info to CP (stable-fixes).
- drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes).
- drm/amdgpu: Refine IB schedule error logging (stable-fixes).
- drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes).
- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
- drm/amdgpu: Update BO eviction priorities (stable-fixes).
- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (stable-fixes).
- drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).
- drm/amdgpu: always force full reset for SOC21 (stable-fixes).
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
- drm/amdgpu: avoid using null object of framebuffer (stable-fixes).
- drm/amdgpu: drop setting buffer funcs in sdma442 (git-fixes).
- drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/amdgpu: fix deadlock while reading mqd from debugfs (git-fixes).
- drm/amdgpu: fix doorbell regression (git-fixes).
- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
- drm/amdgpu: fix locking scope when flushing tlb (stable-fixes).
- drm/amdgpu: fix mmhub client id out-of-bounds access (git-fixes).
- drm/amdgpu: fix the warning about the expression (int)size - len (stable-fixes).
- drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
- drm/amdgpu: fix use-after-free bug (stable-fixes).
- drm/amdgpu: fix visible VRAM handling during faults (git-fixes).
- drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).
- drm/amdgpu: init microcode chip name from ip versions (stable-fixes).
- drm/amdgpu: make damage clips support configurable (stable-fixes).
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
- drm/amdgpu: remove invalid resource->start check v2 (git-fixes).
- drm/amdgpu: silence UBSAN warning (stable-fixes).
- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).
- drm/amdkfd: Add VRAM accounting for SVM migration (stable-fixes).
- drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).
- drm/amdkfd: Fix CU Masking for GFX 9.4.3 (git-fixes).
- drm/amdkfd: Fix memory leak in create_process failure (git-fixes).
- drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).
- drm/amdkfd: Let VRAM allocations go to GTT domain on small APUs (stable-fixes).
- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).
- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
- drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).
- drm/arm/komeda: Fix komeda probe failing if there are no links in the secondary pipeline (git-fixes).
- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).
- drm/ast: Fix soft lockup (git-fixes).
- drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).
- drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-fixes).
- drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: anx7625: Update audio status while detecting (git-fixes).
- drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: it6505: fix hibernate to resume no display issue (git-fixes).
- drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611uxc: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: samsung-dsim: Set P divider based on min/max of fin pll (git-fixes).
- drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).
- drm/buddy: check range allocation matches alignment (stable-fixes).
- drm/ci: update device type for volteer devices (git-fixes).
- drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes).
- drm/connector: Add \n to message about demoting connector force-probes (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes).
- drm/drm_file: Fix pid refcounting race (git-fixes).
- drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes).
- drm/etnaviv: fix tx clock gating on some GC7000 variants (stable-fixes).
- drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).
- drm/exynos: do not return negative values from .get_modes() (stable-fixes).
- drm/exynos: dp: drop driver owner initialization (stable-fixes).
- drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).
- drm/fbdev-dma: Fix framebuffer mode for big endian devices (git-fixes).
- drm/fbdev-dma: Only set smem_start is enable per module option (git-fixes).
- drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).
- drm/fbdev-generic: Fix framebuffer on big endian devices (git-fixes).
- drm/gma500: Remove lid code (git-fixes).
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-fixes).
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-fixes).
- drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).
- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
- drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).
- drm/i915/display: Use i915_gem_object_get_dma_address to get dma address (stable-fixes).
- drm/i915/dp: Do not switch the LTTPR mode on an active link (git-fixes).
- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13 (git-fixes).
- drm/i915/dp: Remove support for UHBR13.5 (git-fixes).
- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
- drm/i915/dsb: Fix DSB vblank waits when using VRR (git-fixes).
- drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly (git-fixes).
- drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).
- drm/i915/gt: Disable HW load balancing for CCS (git-fixes).
- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
- drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes).
- drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes).
- drm/i915/gt: Enable only one CCS for compute workload (git-fixes).
- drm/i915/gt: Fix CCS id's calculation for CCS mode setting (git-fixes).
- drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).
- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
- drm/i915/hwmon: Fix locking inversion in sysfs getter (git-fixes).
- drm/i915/hwmon: Get rid of devm (stable-fixes).
- drm/i915/lspcon: Separate function to set expected mode (bsc#1193599).
- drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).
- drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).
- drm/i915/mst: Limit MST+DSC to TGL+ (git-fixes).
- drm/i915/mst: Reject FEC+MST on ICL (git-fixes).
- drm/i915/mtl: Update workaround 14018575942 (git-fixes).
- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
- drm/i915/vrr: Generate VRR "safe window" for DSB (git-fixes).
- drm/i915: Disable live M/N updates when using bigjoiner (stable-fixes).
- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
- drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() (git-fixes).
- drm/i915: Fix audio component initialization (git-fixes).
- drm/i915: Include the PLL name in the debug messages (stable-fixes).
- drm/i915: Pre-populate the cursor physical dma address (git-fixes).
- drm/i915: Replace a memset() with zero initialization (stable-fixes).
- drm/i915: Stop printing pipe name as hex (stable-fixes).
- drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs (stable-fixes).
- drm/i915: Try to preserve the current shared_dpll for fastset on type-c ports (stable-fixes).
- drm/i915: Use named initializers for DPLL info (stable-fixes).
- drm/imx/ipuv3: do not return negative values from .get_modes() (stable-fixes).
- drm/komeda: check for error-valued pointer (git-fixes).
- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).
- drm/lima: Mark simple_ondemand governor as softdep (git-fixes).
- drm/lima: add mask irq callback to gp and pp (stable-fixes).
- drm/lima: fix shared irq handling on driver remove (stable-fixes).
- drm/lima: mask irqs in timeout path before hard reset (stable-fixes).
- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
- drm/mediatek: Add DRM_MODE_ROTATE_0 to rotation property (git-fixes).
- drm/mediatek: Add OVL compatible name for MT8195 (git-fixes).
- drm/mediatek: Add missing plane settings when async update (git-fixes).
- drm/mediatek: Call drm_atomic_helper_shutdown() at shutdown time (stable-fixes).
- drm/mediatek: Fix XRGB setting error in Mixer (git-fixes).
- drm/mediatek: Fix XRGB setting error in OVL (git-fixes).
- drm/mediatek: Fix bit depth overwritten for mtk_ovl_set bit_depth() (git-fixes).
- drm/mediatek: Fix destination alpha error in OVL (git-fixes).
- drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).
- drm/mediatek: Remove less-than-zero comparison of an unsigned value (git-fixes).
- drm/mediatek: Set DRM mode configs accordingly (git-fixes).
- drm/mediatek: Support DRM plane alpha in Mixer (git-fixes).
- drm/mediatek: Support DRM plane alpha in OVL (git-fixes).
- drm/mediatek: Support RGBA8888 and RGBX8888 in OVL on MT8195 (git-fixes).
- drm/mediatek: Turn off the layers with zero width or height (git-fixes).
- drm/mediatek: Use 8-bit alpha in ETHDR (git-fixes).
- drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).
- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
- drm/meson: dw-hdmi: power up phy on device init (git-fixes).
- drm/meson: fix canvas release in bind function (git-fixes).
- drm/meson: gate px_clk when setting rate (git-fixes).
- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).
- drm/mgag200: Bind I2C lifetime to DRM device (git-fixes).
- drm/mgag200: Set DDC timeout in milliseconds (git-fixes).
- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-fixes).
- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_generic_write_seq() (git-fixes).
- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
- drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).
- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
- drm/msm/dpu: Add callback function pointer check before its call (git-fixes).
- drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).
- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
- drm/msm/dpu: do not allow overriding data from catalog (git-fixes).
- drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-fixes).
- drm/msm/dpu: fix encoder irq wait skip (git-fixes).
- drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible (git-fixes).
- drm/msm/dpu: use devres-managed allocation for MDP TOP (stable-fixes).
- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).
- drm/msm/dsi: set VIDEO_COMPRESSION_MODE_CTRL_WC (git-fixes).
- drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes).
- drm/msm: Add newlines to some debug prints (git-fixes).
- drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1 (bsc#1223838).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (stable-fixes).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (stable-fixes).
- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).
- drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).
- drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-fixes).
- drm/nouveau: do not attempt to schedule hpd_work on headless cards (git-fixes).
- drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (git-fixes).
- drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-fixes).
- drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).
- drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes).
- drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes).
- drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).
- drm/panel: himax-hx8394: Handle errors from mipi_dsi_dcs_set_display_on() better (git-fixes).
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes).
- drm/panel: ilitek-ili9882t: Check for errors on the NOP in prepare() (git-fixes).
- drm/panel: ilitek-ili9882t: If prepare fails, disable GPIO before regulators (git-fixes).
- drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-fixes).
- drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init (git-fixes).
- drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes).
- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).
- drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).
- drm/panel: sitronix-st7789v: Add check for of_drm_get_panel_orientation (git-fixes).
- drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (git-fixes).
- drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- drm/prime: Unbreak virtgpu dma-buf export (git-fixes).
- drm/probe-helper: warn about negative .get_modes() (stable-fixes).
- drm/qxl: Add check for drm_cvt_mode (git-fixes).
- drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).
- drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).
- drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes).
- drm/radeon: check bo_va->bo is non-NULL before using it (stable-fixes).
- drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).
- drm/radeon: silence UBSAN warning (v3) (stable-fixes).
- drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).
- drm/rockchip: vop2: Fix the port mux of VP2 (git-fixes).
- drm/rockchip: vop2: Remove AR30 and AB30 format support (git-fixes).
- drm/sched: fix null-ptr-deref in init entity (git-fixes).
- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).
- drm/sun4i: hdmi: Convert encoder to atomic (stable-fixes).
- drm/sun4i: hdmi: Move mode_set into enable (stable-fixes).
- drm/ttm: Always take the bo delayed cleanup path for imported bos (git-fixes).
- drm/ttm: return ENOSPC from ttm_bo_mem_space v3 (stable-fixes).
- drm/ttm: stop pooling cached NUMA pages v2 (git-fixes).
- drm/udl: Remove DRM_CONNECTOR_POLL_HPD (git-fixes).
- drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
- drm/vc4: hdmi: do not return negative values from .get_modes() (stable-fixes).
- drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes).
- drm/vmwgfx: Do not memcmp equivalent pointers (git-fixes).
- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
- drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).
- drm/vmwgfx: Fix Legacy Display Unit (git-fixes).
- drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
- drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes).
- drm/vmwgfx: Fix prime import/export (git-fixes).
- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
- drm: Check output polling initialized before disabling (stable-fixes).
- drm: Check polling initialized before enabling in drm_helper_probe_single_connector_modes (stable-fixes).
- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).
- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).
- drm: nv04: Fix out of bounds access (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes).
- drm: vc4: Fix possible null pointer dereference (git-fixes).
- drm: zynqmp_dpsub: Always register bridge (git-fixes).
- drm: zynqmp_dpsub: Fix an error handling path in zynqmp_dpsub_probe() (git-fixes).
- drm: zynqmp_kms: Fix AUX bus not getting unregistered (git-fixes).
- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
- dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).
- dyndbg: fix old BUG_ON in >control parser (stable-fixes).
- e1000e: Minor flow correction in e1000_shutdown function (git-fixes).
- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-fixes).
- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (git-fixes).
- ecryptfs: Fix buffer size for tag 66 packet (git-fixes)
- ecryptfs: Reject casefold directory inodes (git-fixes)
- eeprom: at24: Probe for DDR3 thermal sensor in the SPD case (stable-fixes).
- eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes).
- efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory (git-fixes).
- efi/unaccepted: touch soft lockup during memory accept (git-fixes).
- efi/x86: Free EFI memory map only when installing a new one (git-fixes).
- efi: disable mirror feature during crashkernel (stable-fixes).
- efi: fix panic in kdump kernel (git-fixes).
- efi: libstub: only free priv.runtime_map when allocated (git-fixes).
- erofs: ensure m_llen is reset to 0 if metadata is invalid (git-fixes).
- exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes).
- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).
- f2fs: fix error path of __f2fs_build_free_nids (git-fixes).
- fast_dput(): handle underflows gracefully (git-fixes)
- fat: fix uninitialized field in nostale filehandles (git-fixes)
- fbdev: fix incorrect address computation in deferred IO (git-fixes).
- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).
- fbdev: sh7760fb: allow modular build (git-fixes).
- fbdev: shmobile: fix snprintf truncation (git-fixes).
- fbdev: sisfb: hide unused variables (git-fixes).
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).
- filelock: fix potential use-after-free in posix_lock_inode (git-fixes).
- firewire: core: use long bus reset on gap count error (stable-fixes).
- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).
- firmware: arm_scmi: Make raw debugfs entries non-seekable (git-fixes).
- firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes).
- firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes).
- firmware: cs_dsp: Return error if block header overflows file (git-fixes).
- firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes).
- firmware: cs_dsp: Validate payload length before processing block (git-fixes).
- firmware: dmi-id: add a release callback function (git-fixes).
- firmware: dmi: Stop decoding on broken entry (stable-fixes).
- firmware: psci: Fix return value from psci_system_suspend() (git-fixes).
- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).
- firmware: tegra: bpmp: Return directly after a failed kzalloc() in get_filename() (stable-fixes).
- firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes).
- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (git-fixes).
- firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes).
- fpga: dfl-pci: add PCI subdevice ID for Intel D5005 card (stable-fixes).
- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)
- fs/9p: translate O_TRUNC into OTRUNC (git-fixes)
- fs/file: fix the check in find_next_fd() (git-fixes).
- fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() (git-fixes).
- fs: Fix error checking for d_hash_and_lookup() (git-fixes)
- fs: indicate request originates from old mount API (git-fixes)
- fs: relax mount_setattr() permission checks (git-fixes)
- fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)
- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
- fuse: do not unhash root (bsc#1223946).
- fuse: fix root lookup with nonzero generation (bsc#1223945).
- fuse: verify {g,u}id mount options correctly (bsc#1228193).
- geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).
- geneve: make sure to pull inner header in geneve_rx() (git-fixes).
- genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() (git-fixes).
- gfs2: Do not forget to complete delayed withdraw (git-fixes).
- gfs2: Fix "ignore unlock failures after withdraw" (git-fixes).
- gfs2: Fix invalid metadata access in punch_hole (git-fixes).
- gfs2: Get rid of gfs2_alloc_blocks generation parameter (git-fixes).
- gfs2: Rename gfs2_lookup_{ simple => meta } (git-fixes).
- gfs2: Use mapping->gfp_mask for metadata inodes (git-fixes).
- gfs2: convert to ctime accessor functions (git-fixes).
- gpio: cdev: check for NULL labels when sanitizing them for irqs (git-fixes).
- gpio: cdev: fix missed label sanitizing in debounce_setup() (git-fixes).
- gpio: cdev: sanitize the label before requesting the interrupt (stable-fixes).
- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
- gpio: davinci: Validate the obtained number of IRQs (git-fixes).
- gpio: lpc32xx: fix module autoloading (stable-fixes).
- gpio: mc33880: Convert comma to semicolon (git-fixes).
- gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (stable-fixes).
- gpio: tangier: Use correct type for the IRQ chip data (git-fixes).
- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).
- gpio: tqmx86: fix broken IRQ_TYPE_EDGE_BOTH interrupt type (git-fixes).
- gpio: tqmx86: fix typo in Kconfig label (git-fixes).
- gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).
- gpio: tqmx86: store IRQ trigger type and unmask status separately (git-fixes).
- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
- gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).
- gpiolib: cdev: fix uninitialised kfifo (git-fixes).
- gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-fixes).
- gpiolib: swnode: Remove wrong header inclusion (git-fixes).
- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).
- gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (git-fixes).
- hfsplus: fix to avoid false alarm of circular locking (git-fixes).
- hfsplus: fix uninit-value in copy_name (git-fixes).
- hpet: Support 32-bit userspace (git-fixes).
- hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes).
- hwmon: (amc6821) add of_match table (stable-fixes).
- hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes).
- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).
- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).
- hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor (git-fixes).
- hwmon: (lm70) fix links in doc and comments (git-fixes).
- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes).
- hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes).
- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).
- hwmon: (shtc1) Fix property misspelling (git-fixes).
- hwrng: amd - Convert PCIBIOS_* return codes to errnos (git-fixes).
- hwrng: core - Fix wrong quality calculation at hw rng registration (git-fixes).
- hwtracing: hisi_ptt: Move type check to the beginning of hisi_ptt_pmu_event_init() (git-fixes).
- i2c: acpi: Unbind mux adapters before delete (git-fixes).
- i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: cadence: Avoid fifo clear after start (git-fixes).
- i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: i801: Annotate apanel_addr as __ro_after_init (stable-fixes).
- i2c: mark HostNotify target address as used (git-fixes).
- i2c: ocores: set IACK bit after core is enabled (git-fixes).
- i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr (git-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- i2c: rcar: bring hardware to known state when probing (git-fixes).
- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-fixes).
- i2c: testunit: avoid re-issued work after read message (git-fixes).
- i2c: testunit: correct Kconfig description (git-fixes).
- i2c: testunit: discard write requests while old command is running (git-fixes).
- i2c: testunit: do not erase registers after STOP (git-fixes).
- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).
- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).
- i40e: Enforce software interrupt during busy-poll exit (git-fixes).
- i40e: Fix VF MAC filter removal (git-fixes).
- i40e: Fix firmware version comparison function (git-fixes).
- i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes).
- i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).
- i40e: fix vf may be used uninitialized in this function warning (git-fixes).
- i40e: fix: remove needless retries of NVM update (bsc#1227736).
- i915: make inject_virtual_interrupt() void (stable-fixes).
- ice: Refactor FW data type and fix bitmap casting issue (git-fixes).
- ice: fix enabling RX VLAN filtering (git-fixes).
- ice: fix memory corruption bug with suspend and rebuild (git-fixes).
- ice: fix stats being updated by way too large values (git-fixes).
- ice: fix typo in assignment (git-fixes).
- ice: fix uninitialized dplls mutex usage (git-fixes).
- ice: reconfig host after changing MSI-X on VF (git-fixes).
- ice: reorder disabling IRQ and NAPI in ice_qp_dis (git-fixes).
- ice: use relative VSI index for VFs instead of PF VSI number (git-fixes).
- ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes).
- ida: make 'ida_dump' static (git-fixes).
- idma64: Do not try to serve interrupts when device is powered off (git-fixes).
- idpf: disable local BH when scheduling napi for marker packets (git-fixes).
- idpf: extend tx watchdog timeout (bsc#1224137).
- idpf: fix kernel panic on unknown packet types (git-fixes).
- igb: Fix missing time sync events (git-fixes).
- igb: extend PTP timestamp adjustments to i211 (git-fixes).
- igc: Fix missing time sync events (git-fixes).
- igc: Remove stale comment about Tx timestamping (git-fixes).
- igc: avoid returning frame twice in XDP_REDIRECT (git-fixes).
- iio: Fix the sorting functionality in iio_gts_build_avail_time_table (git-fixes).
- iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- iio: accel: mxc4005: Reset chip on probe() and resume() (stable-fixes).
- iio: accel: mxc4005: allow module autoloading via OF compatible (stable-fixes).
- iio: adc: ad7266: Fix variable checking bug (git-fixes).
- iio: adc: ad9467: fix scan type sign (git-fixes).
- iio: adc: ad9467: use chip_info variables instead of array (stable-fixes).
- iio: adc: ad9467: use spi_get_device_match_data() (stable-fixes).
- iio: adc: stm32: Fixing err code to not indicate success (git-fixes).
- iio: chemical: bme680: Fix calibration data variable (git-fixes).
- iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).
- iio: chemical: bme680: Fix pressure value output (git-fixes).
- iio: chemical: bme680: Fix sensor data read operation (git-fixes).
- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).
- iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).
- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
- iio: frequency: adrf6780: rm clk provider include (git-fixes).
- iio: gts-helper: Fix division loop (git-fixes).
- iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).
- iio: pressure: Fixes BME280 SPI driver data (git-fixes).
- iio: pressure: bmp280: Fix BMP580 temperature reading (stable-fixes).
- iio: pressure: dps310: support negative temperature values (git-fixes).
- iio: pressure: fix some word spelling errors (stable-fixes).
- iio: xilinx-ams: Do not include ams_ctrl_channels in scan_mask (git-fixes).
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- inet: frags: eliminate kernel-doc warning (git-fixes).
- inet_diag: annotate data-races around inet_diag_table[] (git-fixes).
- init/main.c: Fix potential static_command_line memory overflow (git-fixes).
- init: open /initrd.image with O_LARGEFILE (stable-fixes).
- input/touchscreen: imagis: Correct the maximum touch area value (stable-fixes).
- input: Add event code for accessibility key (stable-fixes).
- input: Add support for "Do Not Disturb" (stable-fixes).
- intel: legacy: Partial revert of field get conversion (git-fixes).
- intel_th: pci: Add Granite Rapids SOC support (stable-fixes).
- intel_th: pci: Add Granite Rapids support (stable-fixes).
- intel_th: pci: Add Lunar Lake support (stable-fixes).
- intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).
- intel_th: pci: Add Meteor Lake-S support (stable-fixes).
- intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes).
- interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS() (git-fixes).
- interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-fixes).
- interconnect: qcom: qcm2290: Fix mas_snoc_bimc RPM master ID (git-fixes).
- interconnect: qcom: sc8180x: Mark CO0 BCM keepalive (git-fixes).
- interconnect: qcom: sm8550: Enable sync_state (git-fixes).
- io-wq: write next_work before dropping acct_lock (git-fixes).
- io_uring/io-wq: Use set_bit() and test_bit() at worker->flags (git-fixes).
- io_uring/io-wq: avoid garbage value of 'match' in io_wq_enqueue() (git-fixes).
- io_uring/kbuf: get rid of bl->is_ready (git-fixes).
- io_uring/kbuf: get rid of lower BGID lists (git-fixes).
- io_uring/kbuf: protect io_buffer_list teardown with a reference (git-fixes).
- io_uring/kbuf: rename is_mapped (git-fixes).
- io_uring/net: correct the type of variable (git-fixes).
- io_uring/net: correctly handle multishot recvmsg retry setup (git-fixes).
- io_uring/net: fix sendzc lazy wake polling (git-fixes).
- io_uring/net: move receive multishot out of the generic msghdr path (git-fixes).
- io_uring/net: restore msg_control on sendzc retry (git-fixes).
- io_uring/net: unify how recvmsg and sendmsg copy in the msghdr (git-fixes).
- io_uring/rsrc: do not lock while !TASK_RUNNING (git-fixes).
- io_uring/rsrc: fix incorrect assignment of iter->nr_segs in io_import_fixed (git-fixes).
- io_uring/rw: do not allow multishot reads without NOWAIT support (git-fixes).
- io_uring/rw: return IOU_ISSUE_SKIP_COMPLETE for multishot retry (git-fixes).
- io_uring/sqpoll: work around a potential audit memory leak (git-fixes).
- io_uring/unix: drop usage of io_uring socket (git-fixes).
- io_uring: Fix io_cqring_wait() not restoring sigmask on get_timespec64() failure (git-fixes).
- io_uring: clean rings on NO_MMAP alloc fail (git-fixes).
- io_uring: clear opcode specific data for an early failure (git-fixes).
- io_uring: do not save/restore iowait state (git-fixes).
- io_uring: fail NOP if non-zero op flags is passed in (git-fixes).
- io_uring: fix io_queue_proc modifying req->flags (git-fixes).
- io_uring: fix mshot io-wq checks (git-fixes).
- io_uring: fix mshot read defer taskrun cqe posting (git-fixes).
- io_uring: fix poll_remove stalled req completion (git-fixes).
- io_uring: kabi cookie remove (bsc#1217384).
- io_uring: remove looping around handling traditional task_work (git-fixes).
- io_uring: remove unconditional looping in local task_work handling (git-fixes).
- io_uring: use private workqueue for exit work (git-fixes).
- io_uring: use the right type for work_llist empty check (git-fixes).
- iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)
- iommu/amd: Enhance def_domain_type to handle untrusted device (git-fixes).
- iommu/amd: Fix panic accessing amd_iommu_enable_faulting (bsc#1224767).
- iommu/amd: Fix sysfs leak in iommu init (git-fixes).
- iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA (git-fixes).
- iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes).
- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)
- iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
- iommu/vt-d: Allocate DMAR fault interrupts locally (bsc#1224767).
- iommu/vt-d: Allocate local memory for page request queue (git-fixes).
- iommu/vt-d: Fix WARN_ON in iommu probe path (git-fixes).
- iommu/vt-d: Fix wrong use of pasid config (git-fixes).
- iommu/vt-d: Improve ITE fault handling if target device isn't present (git-fixes).
- iommu/vt-d: Set SSADE when attaching to a parent with dirty tracking (git-fixes).
- iommu/vt-d: Update iotlb in nested domain attach (git-fixes).
- iommu/vt-d: Use rbtree to track iommu probed devices (git-fixes).
- iommu: Fix compilation without CONFIG_IOMMU_INTEL (git-fixes).
- iommu: Map reserved memory as cacheable if device is coherent (git-fixes).
- iommu: Return right value in iommu_sva_bind_device() (git-fixes).
- iommu: Undo pasid attachment only for the devices that have succeeded (git-fixes).
- iommu: mtk: fix module autoloading (git-fixes).
- iommufd/iova_bitmap: Bounds check mapped::pages access (git-fixes).
- iommufd/iova_bitmap: Consider page offset for the pages to be pinned (git-fixes).
- iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (git-fixes).
- iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).
- iommufd: Fix iopt_access_list_id overwrite bug (git-fixes).
- iommufd: Reject non-zero data_type if no data_len is provided (git-fixes).
- ionic: set adminq irq affinity (git-fixes).
- ipmi: ssif_bmc: prevent integer overflow on 32bit systems (git-fixes).
- ipv4: annotate data-races around fi->fib_dead (git-fixes).
- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
- irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).
- irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).
- irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).
- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes).
- irqchip/gic-v3-its: Prevent double free on error (git-fixes).
- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-fixes).
- irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-fixes).
- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on register's index (stable-fixes).
- irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).
- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register (stable-fixes).
- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type (git-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).
- iwlwifi: fw: fix more kernel-doc warnings (bsc#1227149).
- iwlwifi: mvm: Drop unused fw_trips_index[] from iwl_mvm_thermal_device (bsc#1227149).
- iwlwifi: mvm: Populate trip table before registering thermal zone (bsc#1227149).
- iwlwifi: mvm: Use for_each_thermal_trip() for walking trip points (bsc#1227149).
- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes).
- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes).
- jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes).
- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).
- jfs: Fix array-index-out-of-bounds in diFree (git-fixes).
- jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383).
- kABI fix of KVM: x86/pmu: Allow programming events that match unsupported arch events (bsc#1225696).
- kABI fix of KVM: x86/pmu: Prioritize VMX interception over
- kABI fix of KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- kABI workaround for cs35l56 (git-fixes).
- kABI workaround for of driver changes (git-fixes).
- kABI workaround for sof_ipc_pcm_ops (git-fixes).
- kABI workaround for wireless updates (bsc#1227149).
- kABI: Adjust trace_iterator.wait_index (git-fixes).
- kABI: bpf: verifier kABI workaround (bsc#1225903).
- kabi fix of perf/x86/intel: Expose existence of callback support to KVM (git fixes).
- kabi/severities: Ignore io_uring internal symbols
- kabi/severities: Remove mitigation-related symbols
- kabi/severities: cleanup and update for WiFi driver entries (bsc#1227149)
- kabi/severities: cover all ath/* drivers (bsc#1227149)
- kabi/severities: cover all mt76 modules (bsc#1227149)
- kabi/severities: ignore IMS functions
- kabi/severities: ignore TAS2781 symbol drop, it's only locally used
- kabi/severities: ignore Wangxun ethernet driver local symbols
- kabi/severities: ignore amd pds internal symbols
- kabi/severities: ignore brcmfmac-specific local symbols
- kabi/severities: ignore kABI changes Realtek WiFi drivers (bsc#1227149)
- kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502)
- kasan, fortify: properly rename memintrinsics (git-fixes).
- kasan/test: avoid gcc warning for intentional overflow (git-fixes).
- kasan: disable kasan_non_canonical_hook() for HW tags (git-fixes).
- kasan: print the original fault addr when access invalid shadow (git-fixes).
- kbuild: Fix build target deb-pkg: ln: failed to create hard link (git-fixes).
- kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).
- kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 (stable-fixes).
- kbuild: avoid build error when single DTB is turned into composite DTB (git-fixes).
- kconfig: doc: fix a typo in the note about 'imply' (git-fixes).
- kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes).
- kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes).
- kconfig: gconf: give a proper initial state to the Save button (stable-fixes).
- kconfig: remove wrong expr_trans_bool() (stable-fixes).
- kcov: do not lose track of remote references during softirqs (git-fixes).
- kernel-binary: vdso: Own module_dir
- kernel-doc: fix struct_group_tagged() parsing (git-fixes).
- kexec: do syscore_shutdown() in kernel_kexec (git-fixes).
- kheaders: explicitly define file modes for archived headers (stable-fixes).
- knfsd: LOOKUP can return an illegal error value (git-fixes).
- kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes).
- kprobe/ftrace: bail out if ftrace was killed (git-fixes).
- kprobe/ftrace: fix build error due to bad function definition (git-fixes).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- kselftest: Add a ksft_perror() helper (stable-fixes).
- kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).
- kunit: Fix checksum tests on big endian CPUs (git-fixed).
- leds: flash: leds-qcom-flash: Test the correct variable in init (git-fixes).
- leds: mt6360: Fix memory leak in mt6360_init_isnk_properties() (git-fixes).
- leds: pwm: Disable PWM when going to suspend (git-fixes).
- leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes).
- leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes).
- leds: triggers: Flush pending brightness before activating trigger (git-fixes).
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).
- lib: objagg: Fix general protection fault (git-fixes).
- lib: objagg: Fix spelling (git-fixes).
- lib: test_objagg: Fix spelling (git-fixes).
- libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228192).
- libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help (jsc#PED-5853).
- libperf evlist: Avoid out-of-bounds access (git-fixes).
- libsubcmd: Fix parse-options memory leak (git-fixes).
- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes)
- lsm: fix the logic in security_inode_getsecctx() (git-fixes).
- mISDN: Fix a use after free in hfcmulti_tx() (git-fixes).
- mISDN: fix MISDN_TIME_STAMP handling (git-fixes).
- mac802154: fix llsec key resources release in mac802154_llsec_key_del (git-fixes).
- mac802154: fix time calculation in ieee802154_configure_durations() (git-fixes).
- mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (git-fixes).
- maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).
- md/dm-raid: do not call md_reap_sync_thread() directly (jsc#PED-7542).
- md/raid1-10: add a helper raid1_check_read_range() (jsc#PED-7542).
- md/raid1-10: factor out a new helper raid1_should_read_first() (jsc#PED-7542).
- md/raid1: factor out choose_bb_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out choose_slow_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out helpers to add rdev to conf (jsc#PED-7542).
- md/raid1: factor out helpers to choose the best rdev from read_balance() (jsc#PED-7542).
- md/raid1: factor out read_first_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out the code to manage sequential IO (jsc#PED-7542).
- md/raid1: fix choose next idle in read_balance() (jsc#PED-7542).
- md/raid1: record nonrot rdevs while adding/removing rdevs to conf (jsc#PED-7542).
- md: Do not clear MD_CLOSING when the raid is about to stop (jsc#PED-7542).
- md: add a new helper rdev_has_badblock() (jsc#PED-7542).
- md: add a new helper reshape_interrupted() (jsc#PED-7542).
- md: changed the switch of RAID_VERSION to if (jsc#PED-7542).
- md: check mddev->pers before calling md_set_readonly() (jsc#PED-7542).
- md: clean up invalid BUG_ON in md_ioctl (jsc#PED-7542).
- md: clean up openers check in do_md_stop() and md_set_readonly() (jsc#PED-7542).
- md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (jsc#PED-7542).
- md: export helper md_is_rdwr() (jsc#PED-7542).
- md: export helpers to stop sync_thread (jsc#PED-7542).
- md: factor out a helper to sync mddev (jsc#PED-7542).
- md: fix kmemleak of rdev->serial (jsc#PED-7542).
- md: get rdev->mddev with READ_ONCE() (jsc#PED-7542).
- md: merge the check of capabilities into md_ioctl_valid() (jsc#PED-7542).
- md: preserve KABI in struct md_personality (jsc#PED-7542).
- md: remove redundant check of 'mddev->sync_thread' (jsc#PED-7542).
- md: remove redundant md_wakeup_thread() (jsc#PED-7542).
- md: return directly before setting did_set_md_closing (jsc#PED-7542).
- md: sync blockdev before stopping raid or setting readonly (jsc#PED-7542).
- md: use RCU lock to protect traversal in md_spares_need_change() (jsc#PED-7542).
- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).
- media: cadence: csi2rx: use match fwnode for media link (git-fixes).
- media: cec: core: remove length check of Timer Status (stable-fixes).
- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).
- media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes).
- media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes).
- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (git-fixes).
- media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-fixes).
- media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes).
- media: dvbdev: Initialize sbuf (stable-fixes).
- media: dw2102: Do not translate i2c read into write (stable-fixes).
- media: dw2102: fix a potential buffer overflow (git-fixes).
- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
- media: i2c: Fix imx412 exposure control (git-fixes).
- media: i2c: et8ek8: Do not strip remove function when driver is builtin (git-fixes).
- media: imon: Fix race getting ictx->lock (git-fixes).
- media: imx-jpeg: Drop initial source change event if capture has been setup (git-fixes).
- media: imx-jpeg: Remove some redundant error logs (git-fixes).
- media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() (git-fixes).
- media: ipu3-cio2: Request IRQ earlier (git-fixes).
- media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).
- media: mc: Fix flags handling when creating pad links (stable-fixes).
- media: mc: Fix graph walk in media_pipeline_start (git-fixes).
- media: mc: Rename pad variable to clarify intent (stable-fixes).
- media: mc: mark the media devnode as registered from the, start (git-fixes).
- media: mxl5xx: Move xpt structures off stack (stable-fixes).
- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).
- media: pci: ivtv: Add check for DMA map result (git-fixes).
- media: radio-shark2: Avoid led_names truncations (git-fixes).
- media: rcar-vin: Fix YUYV8_1X16 handling for CSI-2 (git-fixes).
- media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).
- media: renesas: vsp1: Fix _irqsave and _irq mix (git-fixes).
- media: renesas: vsp1: Store RPF partition configuration per RPF instance (git-fixes).
- media: rkisp1: Fix IRQ handling due to shared interrupts (stable-fixes).
- media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-fixes).
- media: sta2x11: fix irq handler cast (stable-fixes).
- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).
- media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).
- media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).
- media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes).
- media: uvcvideo: Override default flags (git-fixes).
- media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).
- media: v4l2-subdev: Fix stream handling for crop API (git-fixes).
- media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).
- media: v4l: async: Fix NULL pointer dereference in adding ancillary links (git-fixes).
- media: v4l: subdev: Fix typo in documentation (git-fixes).
- media: venus: fix use after free in vdec_close (git-fixes).
- media: venus: flush all buffers in output plane streamoff (git-fixes).
- mei: demote client disconnect warning on suspend to debug (stable-fixes).
- mei: me: add arrow lake point H DID (stable-fixes).
- mei: me: add arrow lake point S DID (stable-fixes).
- mei: me: add lunar lake point M DID (stable-fixes).
- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
- mei: me: release irq in mei_me_pci_resume error path (git-fixes).
- mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes).
- mfd: pm8008: Fix regmap irq chip initialisation (git-fixes).
- misc: fastrpc: Avoid updating PD type for capability request (git-fixes).
- misc: fastrpc: Copy the complete capability structure to user (git-fixes).
- misc: fastrpc: Fix DSP capabilities request (git-fixes).
- misc: fastrpc: Fix memory leak in audio daemon attach operation (git-fixes).
- misc: fastrpc: Fix ownership reassignment of remote heap (git-fixes).
- misc: fastrpc: Restrict untrusted app to attach to privileged PD (git-fixes).
- misc: microchip: pci1xxxx: Fix a memory leak in the error handling of gp_aux_bus_probe() (git-fixes).
- misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() (git-fixes).
- mlxbf_gige: call request_irq() after NAPI initialized (git-fixes).
- mlxbf_gige: stop PHY during open() error paths (git-fixes).
- mlxbf_gige: stop interface during shutdown (git-fixes).
- mlxsw: Use refcount_t for reference counting (git-fixes).
- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
- mm,page_owner: Fix printing of stack records (bsc#1222366).
- mm,page_owner: Fix refcount imbalance (bsc#1222366).
- mm,page_owner: Update metadata for tail pages (bsc#1222366).
- mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).
- mm,page_owner: drop unnecessary check (bsc#1222366).
- mm,page_owner: fix recursion (bsc#1222366).
- mm/slab: make __free(kfree) accept error pointers (git-fixes).
- mm: memcg: do not periodically flush stats when memcg is disabled (bsc#1222525).
- mm: memcg: use larger batches for proactive reclaim (bsc#1222522).
- mm: page_owner: fix wrong information in dump_page_owner (git-fixes).
- mm_init kABI workaround (git-fixes).
- mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).
- mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes).
- mmc: core: Avoid negative index with array access (git-fixes).
- mmc: core: Do not force a retune before RPMB switch (stable-fixes).
- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
- mmc: davinci: Do not strip remove function when driver is builtin (git-fixes).
- mmc: omap: fix broken slot switch lookup (git-fixes).
- mmc: omap: fix deferred probe (git-fixes).
- mmc: omap: restore original power up/down steps (git-fixes).
- mmc: sdhci-acpi: Add quirk to enable pull-up on the card-detect GPIO on Asus T100TA (git-fixes).
- mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).
- mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).
- mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).
- mmc: sdhci-brcmstb: check R1_STATUS for erase/trim/discard (git-fixes).
- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
- mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc HS200 mode (git-fixes).
- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).
- mmc: sdhci: Add support for "Tuning Error" interrupts (stable-fixes).
- mmc: sdhci: Do not invert write-protect twice (git-fixes).
- mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes).
- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).
- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
- modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS (stable-fixes).
- module: do not ignore sysfs_create_link() failures (git-fixes).
- mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).
- mptcp: annotate data-races around msk->rmem_fwd_alloc (git-fixes).
- mptcp: fix bogus receive window shrinkage with multiple subflows (git-fixes).
- mptcp: move __mptcp_error_report in protocol.c (git-fixes).
- mptcp: process pending subflow error on close (git-fixes).
- mt76: connac: move more mt7921/mt7915 mac shared code in connac lib (bsc#1227149).
- mt76: mt7996: rely on mt76_sta_stats in mt76_wcid (bsc#1227149).
- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).
- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes).
- mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).
- mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).
- mtd: rawnand: Fix the nand_read_data_op() early check (git-fixes).
- mtd: rawnand: hynix: fixed typo (git-fixes).
- mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).
- mtd: spinand: Add support for 5-byte IDs (stable-fixes).
- net/dcb: check for detached device before executing callbacks (bsc#1215587).
- net/mlx5: Correctly compare pkt reformat ids (git-fixes).
- net/mlx5: E-switch, Change flow rule destination checking (git-fixes).
- net/mlx5: E-switch, store eswitch pointer before registering devlink_param (git-fixes).
- net/mlx5: Fix MTMP register capability offset in MCAM register (git-fixes).
- net/mlx5: Fix fw reporter diagnose output (git-fixes).
- net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).
- net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes).
- net/mlx5: Properly link new fs rules into the tree (git-fixes).
- net/mlx5: Register devlink first under devlink lock (git-fixes).
- net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-fixes).
- net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).
- net/mlx5: offset comp irq index in name by one (git-fixes).
- net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes).
- net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit (git-fixes).
- net/mlx5e: Fix MACsec state loss upon state update in offload path (git-fixes).
- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).
- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).
- net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).
- net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-fixes).
- net/mlx5e: Switch to using _bh variant of of spinlock API in port timestamping NAPI poll context (git-fixes).
- net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (git-fixes).
- net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).
- net/smc: fix documentation of buffer sizes (git-fixes).
- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (git-fixes).
- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).
- net: NSH: fix kernel-doc notation warning (git-fixes).
- net: Use sockaddr_storage for getsockopt(SO_PEERNAME) (git-fixes).
- net: add netdev_lockdep_set_classes() to virtual drivers (git-fixes).
- net: annotate data-races around sk->sk_bind_phc (git-fixes).
- net: annotate data-races around sk->sk_forward_alloc (git-fixes).
- net: annotate data-races around sk->sk_lingertime (git-fixes).
- net: annotate data-races around sk->sk_tsflags (git-fixes).
- net: bonding: remove kernel-doc comment marker (git-fixes).
- net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes).
- net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes).
- net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).
- net: cfg802154: fix kernel-doc notation warnings (git-fixes).
- net: dsa: microchip: fix register write order in ksz8_ind_write8() (git-fixes).
- net: dsa: mt7530: fix handling of all link-local frames (git-fixes).
- net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports (git-fixes).
- net: dsa: mt7530: prevent possible incorrect XTAL frequency selection (git-fixes).
- net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-fixes).
- net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45() (git-fixes).
- net: ena: Fix incorrect descriptor free behavior (git-fixes).
- net: ena: Fix potential sign extension issue (git-fixes).
- net: ena: Fix redundant device NUMA node override (jsc#PED-8688).
- net: ena: Move XDP code to its new files (git-fixes).
- net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-fixes).
- net: ena: Remove ena_select_queue (git-fixes).
- net: ena: Set tx_info->xdpf value to NULL (git-fixes).
- net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).
- net: ena: Wrong missing IO completions check order (git-fixes).
- net: ethernet: mtk_eth_soc: fix PPE hanging issue (git-fixes).
- net: ethernet: mtk_wed: introduce mtk_wed_buf structure (bsc#1227149).
- net: ethernet: mtk_wed: rename mtk_rxbm_desc in mtk_wed_bm_desc (bsc#1227149).
- net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (git-fixes).
- net: fec: Set mac_managed_pm during probe (git-fixes).
- net: fill in MODULE_DESCRIPTION()s in kuba@'s modules (bsc#1227149).
- net: hns3: Remove io_stop_wc() calls after __iowrite64_copy() (bsc#1226502)
- net: hns3: fix index limit to support all queue stats (git-fixes).
- net: hns3: fix kernel crash when 1588 is received on HIP08 devices (git-fixes).
- net: hns3: fix kernel crash when devlink reload during pf initialization (git-fixes).
- net: hns3: fix port duplex configure error in IMP reset (git-fixes).
- net: hns3: fix wrong judgment condition issue (git-fixes).
- net: hns3: mark unexcuted loopback test result as UNEXECUTED (git-fixes).
- net: hns3: tracing: fix hclgevf trace event strings (git-fixes).
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (git-fixes).
- net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-fixes).
- net: ks8851: Inline ks8851_rx_skb() (git-fixes).
- net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-fixes).
- net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips (git-fixes).
- net: lan743x: Support WOL at both the PHY and MAC appropriately (git-fixes).
- net: lan743x: disable WOL upon resume to restore full data path operation (git-fixes).
- net: libwx: fix memory leak on free page (git-fixes).
- net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
- net: llc: fix kernel-doc notation warnings (git-fixes).
- net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() (stable-fixes).
- net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).
- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
- net: mana: Fix possible double free in error handling path (git-fixes).
- net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).
- net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up (git-fixes).
- net: nfc: remove inappropriate attrs check (stable-fixes).
- net: pcs: xpcs: Return EINVAL in the internal methods (git-fixes).
- net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).
- net: phy: fix phy_read_poll_timeout argument type in genphy_loopback (git-fixes).
- net: phy: micrel: Fix potential null pointer dereference (git-fixes).
- net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).
- net: phy: micrel: fix KSZ9477 PHY issues after suspend/resume (git-fixes).
- net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping (git-fixes).
- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (git-fixes).
- net: phy: microchip: lan87xx: reinit PHY after cable test (git-fixes).
- net: phy: mxl-gpy: Remove interrupt mask clearing from config_init (git-fixes).
- net: phy: phy_device: Fix PHY LED blinking code comment (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (stable-fixes).
- net: ravb: Always process TX descriptor ring (git-fixes).
- net: ravb: Always update error counters (git-fixes).
- net: ravb: Let IP-specific receive function to interrogate descriptors (git-fixes).
- net: smsc95xx: add support for SYS TEC USB-SPEmodule1 (git-fixes).
- net: sparx5: Fix use after free inside sparx5_del_mact_entry (git-fixes).
- net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).
- net: sparx5: flower: fix fragment flags handling (git-fixes).
- net: stmmac: Fix incorrect dereference in interrupt handlers (git-fixes).
- net: stmmac: dwmac-starfive: Add support for JH7100 SoC (git-fixes).
- net: stmmac: fix rx queue priority assignment (git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).
- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).
- net: tls: fix returned read length with async decrypt (bsc#1221858).
- net: tls: fix use-after-free with partial reads and async (bsc#1221858).
- net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).
- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).
- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).
- net: usb: ax88179_178a: improve link status logs (git-fixes).
- net: usb: ax88179_178a: improve reset check (git-fixes).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net: usb: qmi_wwan: add Telit FN912 compositions (stable-fixes).
- net: usb: qmi_wwan: add Telit FN920C04 compositions (git-fixes).
- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- net: veth: do not manipulate GRO when using XDP (git-fixes).
- net: wwan: t7xx: Split 64bit accesses to fix alignment issues (git-fixes).
- net:usb:qmi_wwan: support Rolling modules (stable-fixes).
- netfilter: nf_tables: disable toggling dormant table state more than once (git-fixes).
- netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).
- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).
- nf_conntrack: fix -Wunused-const-variable= (git-fixes).
- nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes).
- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).
- nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
- nfp: flower: handle acti_netdevs allocation failure (git-fixes).
- nfs: Avoid flushing many pages with NFS_FILE_SYNC (bsc#1218442).
- nfs: Block on write congestion (bsc#1218442).
- nfs: Bump default write congestion size (bsc#1218442).
- nfs: Drop pointless check from nfs_commit_release_pages() (bsc#1218442).
- nfs: Fix up kabi after adding write_congestion_wait (bsc#1218442).
- nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes).
- nfs: Properly initialize server->writeback (bsc#1218442).
- nfs: drop the incorrect assertion in nfs_swap_rw() (git-fixes).
- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (git-fixes).
- nfs: fix undefined behavior in nfs_block_bits() (git-fixes).
- nfs: keep server info for remounts (git-fixes).
- nfsd: Fix a regression in nfsd_setattr() (git-fixes).
- nfsd: do not call locks_release_private() twice concurrently (git-fixes).
- nfsd: hold a lighter-weight client reference over CB_RECALL_ANY (git-fixes).
- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).
- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
- nilfs2: add missing check for inode numbers on directory entries (stable-fixes).
- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes).
- nilfs2: convert persistent object allocator to use kmap_local (git-fixes).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes).
- nilfs2: fix inode number range checks (stable-fixes).
- nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (git-fixes).
- nilfs2: fix out-of-range warning (git-fixes).
- nilfs2: fix potential bug in end_buffer_async_write (git-fixes).
- nilfs2: fix potential hang in nilfs_detach_log_writer() (git-fixes).
- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).
- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).
- nilfs2: make superblock data array index computation sparse friendly (git-fixes).
- nilfs2: return the mapped address from nilfs_get_page() (stable-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- nouveau/gsp: do not check devinit disable on GSP (git-fixes).
- nouveau/uvmm: fix addr/range calcs for remap operations (git-fixes).
- nouveau: add an ioctl to report vram usage (stable-fixes).
- nouveau: add an ioctl to return vram bar size (stable-fixes).
- nouveau: fix devinit paths to only handle display on GSP (git-fixes).
- nouveau: fix function cast warning (git-fixes).
- nouveau: fix instmem race condition around ptr stores (git-fixes).
- nouveau: lock the client object tree (stable-fixes).
- nouveau: report byte usage in VRAM usage (git-fixes).
- nouveau: reset the bo resource bus info after an eviction (git-fixes).
- nvdimm/pmem: Treat alloc_dax() -EOPNOTSUPP failure as non-fatal (jsc#PED-5853).
- nvdimm/pmem: fix leak on dax_add_host() failure (jsc#PED-5853).
- nvdimm: make nvdimm_bus_type const (jsc#PED-5853).
- nvme-fabrics: short-circuit reconnect retries (bsc#1186716).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvme-multipath: fix io accounting on failover (git-fixes).
- nvme-pci: Add quirk for broken MSIs (git-fixes).
- nvme-tcp: Export the nvme_tcp_wq to sysfs (bsc#1224049).
- nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).
- nvme/tcp: Add wq_unbound modparam for nvme_tcp_wq (bsc#1224049).
- nvme: cancel pending I/O if nvme controller is in terminal state (bsc#1226503).
- nvme: do not retry authentication failures (bsc#1186716).
- nvme: find numa distance only if controller has valid numa id (git-fixes).
- nvme: fix multipath batched completion accounting (git-fixes).
- nvme: fix nvme_pr_* status code parsing (git-fixes).
- nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
- nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH (git-fixes).
- nvme: return kernel error codes for admin queue connect (bsc#1186716).
- nvmet-auth: replace pr_debug() with pr_err() to report an error (git-fixes).
- nvmet-auth: return the error code to the nvmet_auth_host_hash() callers (git-fixes).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: avoid deadlock on delete association path (git-fixes).
- nvmet-fc: defer cleanup using RCU properly (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvmet-passthru: propagate status from id override functions (git-fixes).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
- nvmet-tcp: fix possible memory leak when tearing down a controller (git-fixes).
- nvmet: fix ns enable/disable possible hang (git-fixes).
- nvmet: fix nvme status code when namespace is disabled (git-fixes).
- nvmet: lock config semaphore when accessing DH-HMAC-CHAP key (bsc#1186716).
- nvmet: prevent sprintf() overflow in nvmet_subsys_nsid_exists() (git-fixes).
- nvmet: return DHCHAP status codes from nvmet_setup_auth() (bsc#1186716).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: fix DIO failure due to insufficient transaction credits (git-fixes).
- ocfs2: fix races between hole punching and AIO+DIO (git-fixes).
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- ocfs2: use coarse time for new created files (git-fixes).
- octeontx2-af: Add array index check (git-fixes).
- octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).
- octeontx2-af: Fix devlink params (git-fixes).
- octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).
- octeontx2-af: Use matching wake_up API variant in CGX command interface (git-fixes).
- octeontx2-af: Use separate handlers for interrupts (git-fixes).
- octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).
- octeontx2-pf: Send UP messages to VF only when VF is up (git-fixes).
- octeontx2-pf: Use default max_active works instead of one (git-fixes).
- octeontx2-pf: Wait till detach_resources msg is complete (git-fixes).
- octeontx2-pf: check negative error code in otx2_open() (git-fixes).
- octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).
- octeontx2: Detect the mbox up or down message via register (git-fixes).
- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (git-fixes).
- of: module: add buffer overflow check in of_modalias() (git-fixes).
- of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).
- of: property: Add in-ports/out-ports support to of_graph_get_port_parent() (stable-fixes).
- of: property: Improve finding the consumer of a remote-endpoint property (git-fixes).
- of: property: Improve finding the supplier of a remote-endpoint property (git-fixes).
- of: property: fix typo in io-channels (git-fixes).
- of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-fixes).
- of: unittest: Fix compile in the non-dynamic case (git-fixes).
- orangefs: fix out-of-bounds fsid access (git-fixes).
- overflow: Allow non-type arg to type_max() and type_min() (stable-fixes).
- pNFS/filelayout: fixup pNfs allocation modes (git-fixes).
- peci: linux/peci.h: fix Excess kernel-doc description warning (git-fixes).
- perf annotate: Fix annotation_calc_lines() to pass correct address to get_srcline() (git-fixes).
- perf annotate: Get rid of duplicate --group option item (git-fixes).
- perf auxtrace: Fix multiple use of --itrace option (git-fixes).
- perf bench internals inject-build-id: Fix trap divide when collecting just one DSO (git-fixes).
- perf bench uprobe: Remove lib64 from libc.so.6 binary path (git-fixes).
- perf bpf: Clean up the generated/copied vmlinux.h (git-fixes).
- perf daemon: Fix file leak in daemon_session__control (git-fixes).
- perf docs: Document bpf event modifier (git-fixes).
- perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample() (git-fixes).
- perf expr: Fix "has_event" function for metric style events (git-fixes).
- perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer) (git-fixes).
- perf jevents: Drop or simplify small integer values (git-fixes).
- perf list: fix short description for some cache events (git-fixes).
- perf lock contention: Add a missing NULL check (git-fixes).
- perf metric: Do not remove scale from counts (git-fixes).
- perf pmu: Count sys and cpuid JSON events separately (git fixes).
- perf pmu: Fix a potential memory leak in perf_pmu__lookup() (git-fixes).
- perf pmu: Treat the msr pmu as software (git-fixes).
- perf print-events: make is_event_supported() more robust (git-fixes).
- perf probe: Add missing libgen.h header needed for using basename() (git-fixes).
- perf record: Check conflict between '--timestamp-filename' option and pipe mode before recording (git-fixes).
- perf record: Delete session after stopping sideband thread (git-fixes).
- perf record: Fix debug message placement for test consumption (git-fixes).
- perf record: Fix possible incorrect free in record__switch_output() (git-fixes).
- perf report: Avoid SEGV in report__setup_sample_type() (git-fixes).
- perf sched timehist: Fix -g/--call-graph option failure (git-fixes).
- perf script: Show also errors for --insn-trace option (git-fixes).
- perf srcline: Add missed addr2line closes (git-fixes).
- perf stat: Avoid metric-only segv (git-fixes).
- perf stat: Do not display metric header for non-leader uncore events (git-fixes).
- perf stat: Do not fail on metrics on s390 z/VM systems (git-fixes).
- perf symbols: Fix ownership of string in dso__load_vmlinux() (git-fixes).
- perf test shell arm_coresight: Increase buffer size for Coresight basic tests (git-fixes).
- perf tests: Apply attributes to all events in object code reading test (git-fixes).
- perf tests: Make "test data symbol" more robust on Neoverse N1 (git-fixes).
- perf tests: Make data symbol test wait for perf to start (bsc#1220045).
- perf tests: Skip data symbol test if buf1 symbol is missing (bsc#1220045).
- perf thread: Fixes to thread__new() related to initializing comm (git-fixes).
- perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() (git-fixes).
- perf top: Uniform the event name for the hybrid machine (git-fixes).
- perf top: Use evsel's cpus to replace user_requested_cpus (git-fixes).
- perf ui browser: Avoid SEGV on title (git fixes).
- perf ui browser: Do not save pointer to stack memory (git-fixes).
- perf vendor events amd: Add Zen 4 memory controller events (git-fixes).
- perf vendor events amd: Fix Zen 4 cache latency events (git-fixes).
- perf/x86/amd/core: Avoid register reset when CPU is dead (git-fixes).
- perf/x86/amd/core: Update and fix stalled-cycles-* events for Zen 2 and later (git-fixes).
- perf/x86/amd/lbr: Discard erroneous branch entries (git-fixes).
- perf/x86/amd/lbr: Use freeze based on availability (git-fixes).
- perf/x86/intel/ds: Do not clear ->pebs_data_cfg for the last PEBS event (git-fixes).
- perf/x86/intel: Expose existence of callback support to KVM (git-fixes).
- perf/x86: Fix out of range data (git-fixes).
- phy: cadence-torrent: Check return value on register read (git-fixes).
- phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).
- phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).
- phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).
- phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).
- phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).
- phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).
- phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered (git-fixes).
- pinctrl/meson: fix typo in PDM's pin name (git-fixes).
- pinctrl: armada-37xx: remove an unused variable (git-fixes).
- pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).
- pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).
- pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).
- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes).
- pinctrl: freescale: mxs: Fix refcount of child (git-fixes).
- pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-fixes).
- pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).
- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).
- pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-fixes).
- pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).
- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).
- pinctrl: renesas: r8a779g0: FIX PWM suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix (H)SCIF1 suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix (H)SCIF3 suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix CANFD5 suffix (git-fixes).
- pinctrl: renesas: r8a779g0: Fix FXR_TXEN[AB] suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix IRQ suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix TCLK suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix TPU suffixes (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes).
- pinctrl: rockchip: update rk3308 iomux routes (git-fixes).
- pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).
- pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes).
- platform/chrome: cros_ec_uart: properly fix race condition (git-fixes).
- platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-fixes).
- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).
- platform/x86/intel/tpmi: Handle error from tpmi_process_info() (stable-fixes).
- platform/x86: ISST: Add Grand Ridge to HPM CPU list (stable-fixes).
- platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).
- platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes).
- platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes).
- platform/x86: lg-laptop: Change ACPI device id (stable-fixes).
- platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes).
- platform/x86: lg-laptop: Use ACPI device handle when evaluating WMAB/WMBB (stable-fixes).
- platform/x86: thinkpad_acpi: Take hotkey_mutex during hotkey_exit() (git-fixes).
- platform/x86: toshiba_acpi: Add quirk for buttons on Z830 (stable-fixes).
- platform/x86: toshiba_acpi: Fix array out-of-bounds access (git-fixes).
- platform/x86: toshiba_acpi: Fix quickstart quirk handling (git-fixes).
- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).
- platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6" tablet (stable-fixes).
- platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes).
- platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes).
- platform/x86: x86-android-tablets: Fix acer_b1_750_goodix_gpios name (stable-fixes).
- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).
- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).
- power: supply: ab8500: Fix error handling when calling iio_read_channel_processed() (git-fixes).
- power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes).
- power: supply: ingenic: Fix some error handling paths in ingenic_battery_get_property() (git-fixes).
- power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-fixes).
- powerpc/64s/radix/kfence: map __kfence_pool at page granularity (bsc#1223570 ltc#205770).
- powerpc/crypto/chacha-p10: Fix failure on non Power10 (bsc#1218205).
- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).
- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks (git-fixes).
- powerpc/prom: Add CPU info to hardware description string later (bsc#1215199).
- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).
- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).
- powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).
- powerpc/pseries: make max polling consistent for longer H_CALLs (bsc#1215199).
- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
- powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).
- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
- ppdev: Add an error check in register_device (git-fixes).
- prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).
- printk: Add this_cpu_in_panic() (bsc#1225607).
- printk: Adjust mapping for 32bit seq macros (bsc#1225607).
- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).
- printk: Consolidate console deferred printing (bsc#1225607).
- printk: Disable passing console lock owner completely during panic() (bsc#1225607).
- printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).
- printk: For @suppress_panic_printk check for other CPU in panic (bsc#1225607).
- printk: Keep non-panic-CPUs out of console lock (bsc#1225607).
- printk: Let no_printk() use _printk() (bsc#1225618).
- printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).
- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1225607).
- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).
- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).
- printk: Wait for all reserved records with pr_flush() (bsc#1225607).
- printk: nbcon: Relocate 32bit seq macros (bsc#1225607).
- printk: ringbuffer: Clarify special lpos values (bsc#1225607).
- printk: ringbuffer: Cleanup reader terminology (bsc#1225607).
- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1225607).
- printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).
- proc/kcore: do not try to access unaccepted memory (git-fixes).
- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
- pstore: inode: Convert mutex usage to guard(mutex) (stable-fixes).
- pstore: inode: Only d_invalidate() is needed (git-fixes).
- pwm: img: fix pwm clock lookup (git-fixes).
- pwm: sti: Prepare removing pwm_chip from driver data (stable-fixes).
- pwm: sti: Simplify probe function using devm functions (git-fixes).
- pwm: stm32: Always do lazy disabling (git-fixes).
- qibfs: fix dentry leak (git-fixes)
- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d (git-fixes).
- r8169: skip DASH fw status checks when DASH is disabled (git-fixes).
- random: handle creditable entropy from atomic process context (git-fixes).
- regmap-i2c: Subtract reg size from max_write (stable-fixes).
- regmap: Add regmap_read_bypassed() (git-fixes).
- regmap: kunit: Ensure that changed bytes are actually different (stable-fixes).
- regmap: maple: Fix cache corruption in regcache_maple_drop() (git-fixes).
- regmap: maple: Fix uninitialized symbol 'ret' warnings (git-fixes).
- regulator: bd71815: fix ramp values (git-fixes).
- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).
- regulator: change devm_regulator_get_enable_optional() stub to return Ok (git-fixes).
- regulator: change stubbed devm_regulator_get_enable to return Ok (git-fixes).
- regulator: core: Fix modpost error "regulator_get_regmap" undefined (git-fixes).
- regulator: core: fix debugfs creation regression (git-fixes).
- regulator: irq_helpers: duplicate IRQ name (stable-fixes).
- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).
- regulator: tps65132: Add of_match table (stable-fixes).
- regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).
- remoteproc: imx_rproc: Fix refcount mistake in imx_rproc_addr_init (git-fixes).
- remoteproc: imx_rproc: Skip over memory region when node value is NULL (git-fixes).
- remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs (git-fixes).
- remoteproc: k3-r5: Fix IPC-only mode detection (git-fixes).
- remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-fixes).
- remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-fixes).
- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).
- remoteproc: stm32: Fix incorrect type assignment returned by stm32_rproc_get_loaded_rsc_tablef (git-fixes).
- remoteproc: stm32_rproc: Fix mailbox interrupts queuing (git-fixes).
- remoteproc: virtio: Fix wdg cannot recovery remote processor (git-fixes).
- ring-buffer: Do not set shortest_full when full target is hit (git-fixes).
- ring-buffer: Fix a race between readers and resize checks (git-fixes).
- ring-buffer: Fix full_waiters_pending in poll (git-fixes).
- ring-buffer: Fix resetting of shortest_full (git-fixes).
- ring-buffer: Fix waking up ring buffer readers (git-fixes).
- ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).
- ring-buffer: Only update pages_touched when a new page is touched (git-fixes).
- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).
- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes).
- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes).
- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.
- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.
- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.
- rtc: abx80x: Fix return value of nvmem callback on read (git-fixes).
- rtc: cmos: Fix return value of nvmem callbacks (git-fixes).
- rtc: interface: Add RTC offset to alarm after fix-up (git-fixes).
- rtc: isl1208: Fix return value of nvmem callbacks (git-fixes).
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).
- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).
- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).
- s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227072).
- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).
- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348).
- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225136).
- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225134).
- s390/ism: Properly fix receive message buffer allocation (git-fixes bsc#1223590).
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223872).
- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).
- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223870).
- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223593).
- s390/vtime: fix average steal time calculation (git-fixes bsc#1221783).
- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223592).
- s390: Implement __iowrite32_copy() (bsc#1226502)
- s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502)
- saa7134: Unchecked i2c_transfer function result fixed (git-fixes).
- sched/balancing: Rename newidle_balance() => sched_balance_newidle() (bsc#1222173).
- sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791).
- sched/fair: Check root_domain::overload value before update (bsc#1222173).
- sched/fair: Use helper functions to access root_domain::overload (bsc#1222173).
- sched/psi: Select KERNFS as needed (git-fixes).
- sched/topology: Optimize topology_span_sane() (bsc#1225053).
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
- scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).
- scsi: core: Fix unremoved procfs host directory regression (git-fixes).
- scsi: csiostor: Avoid function pointer casts (git-fixes).
- scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() (git-fixes).
- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).
- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).
- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).
- scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842).
- scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842).
- scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842).
- scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
- scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).
- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842).
- scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777).
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).
- scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).
- scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).
- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
- scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
- scsi: mpi3mr: Reduce stack usage in mpi3mr_refresh_sas_ports() (git-fixes).
- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).
- scsi: mylex: Fix sysfs buffer lengths (git-fixes).
- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).
- scsi: sg: Avoid race in error handling & drop bogus warn (git-fixes).
- scsi: sg: Avoid sg device teardown race (git-fixes).
- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes).
- sctp: annotate data-races around sk->sk_wmem_queued (git-fixes).
- sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() (git-fixes).
- selftests/binderfs: use the Makefile's rules, not Make's implicit rules (git-fixes).
- selftests/bpf: add edge case backtracking logic test (bsc#1225756).
- selftests/bpf: precision tracking test for BPF_NEG and BPF_END (bsc#1225756).
- selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903).
- selftests/bpf: test if state loops are detected in a tricky case (bsc#1225903).
- selftests/bpf: test widening for iterating callbacks (bsc#1225903).
- selftests/bpf: tests for iterating callbacks (bsc#1225903).
- selftests/bpf: tests with delayed read/precision makrs in loop body (bsc#1225903).
- selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903).
- selftests/bpf: track tcp payload offset as scalar in xdp_synproxy (bsc#1225903).
- selftests/ftrace: Fix event filter target_func selection (stable-fixes).
- selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).
- selftests/kcmp: remove unused open mode (git-fixes).
- selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages (git-fixes).
- selftests/mm: fix build warnings on ppc64 (stable-fixes).
- selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique namespace (stable-fixes).
- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
- selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).
- selftests/powerpc/papr-vpd: Fix missing variable initialization (jsc#PED-4486 git-fixes).
- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).
- selftests/sigaltstack: Fix ppc64 GCC build (git-fixes).
- selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-fixes).
- selftests: default to host arch for LLVM builds (git-fixes).
- selftests: fix OOM in msg_zerocopy selftest (git-fixes).
- selftests: forwarding: Fix ping failure due to short timeout (git-fixes).
- selftests: kselftest: Fix build failure with NOLIBC (git-fixes).
- selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (git-fixes).
- selftests: make order checking verbose in msg_zerocopy selftest (git-fixes).
- selftests: mptcp: add ms units for tc-netem delay (stable-fixes).
- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (git-fixes).
- selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).
- selftests: net: move amt to socat for better compatibility (git-fixes).
- selftests: sud_test: return correct emulated syscall value on RISC-V (stable-fixes).
- selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC (git-fixes).
- selftests: timers: Convert posix_timers test to generate KTAP output (stable-fixes).
- selftests: timers: Fix abs() warning in posix_timers test (git-fixes).
- selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).
- selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior (stable-fixes).
- selftests: vxlan_mdb: Fix failures with old libnet (git-fixes).
- selinux: avoid dereference of garbage after mount failure (git-fixes).
- selinux: introduce an initial SID for early boot processes (bsc#1208593).
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).
- serial: 8250_dw: Revert: Do not reclock if already at correct rate (git-fixes).
- serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
- serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).
- serial: Lock console when calling into driver before registration (git-fixes).
- serial: bcm63xx-uart: fix tx after conversion to uart_port_tx_limited() (git-fixes).
- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).
- serial: core: introduce uart_port_tx_limited_flags() (git-fixes).
- serial: core: only stop transmit when HW fifo is empty (git-fixes).
- serial: exar: adding missing CTI and Exar PCI ids (stable-fixes).
- serial: imx: Introduce timeout when waiting on transmitter empty (stable-fixes).
- serial: imx: Raise TX trigger level to 8 (stable-fixes).
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).
- serial: max3100: Fix bitwise types (git-fixes).
- serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes).
- serial: max3100: Update uart_driver_registered on driver removal (git-fixes).
- serial: max310x: fix NULL pointer dereference in I2C instantiation (git-fixes).
- serial: max310x: fix syntax error in IRQ error message (git-fixes).
- serial: mxs-auart: add spinlock around changing cts state (git-fixes).
- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).
- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).
- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).
- serial: stm32: Reset .throttled state in .startup() (git-fixes).
- series.conf: cleanup Fix subsection header to silence series_insert error.
- slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
- smb3: allow controlling length of time directory entries are cached with dir leases (git-fixes, bsc#1225172).
- smb3: allow controlling maximum number of cached directories (git-fixes, bsc#1225172).
- smb3: do not start laundromat thread when dir leases disabled (git-fixes, bsc#1225172).
- smb3: show beginning time for per share stats (bsc#1225172).
- smb: client: do not start laundromat thread on nohandlecache (git-fixes, bsc#1225172).
- smb: client: ensure to try all targets when finding nested links (bsc#1225172).
- smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1225172).
- smb: client: fix parsing of SMB3.1.1 POSIX create context (git-fixes, bsc#1225172).
- smb: client: get rid of dfs code dep in namespace.c (bsc#1225172).
- smb: client: get rid of dfs naming in automount code (bsc#1225172).
- smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1225172).
- smb: client: make laundromat a delayed worker (git-fixes, bsc#1225172).
- smb: client: prevent new fids from being removed by laundromat (git-fixes, bsc#1225172).
- smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1225172).
- smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1225172).
- smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1225172).
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
- soc: fsl: qbman: Use raw spinlock for cgr_lock (git-fixes).
- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
- soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt (stable-fixes).
- soc: qcom: pdr: fix parsing of domains lists (git-fixes).
- soc: qcom: pdr: protect locator_addr with the main mutex (git-fixes).
- soc: qcom: pmic_glink: Handle the return value of pmic_glink_init (git-fixes).
- soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).
- soc: qcom: pmic_glink: do not traverse clients list without a lock (git-fixes).
- soc: qcom: pmic_glink: notify clients about the current state (git-fixes).
- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).
- soc: qcom: rpmh-rsc: Ensure irqs are not disabled by rpmh_rsc_send_data() callers (git-fixes).
- soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (stable-fixes).
- soc: xilinx: rename cpu_number1 to dummy_cpu_number (git-fixes).
- sock_diag: annotate data-races around sock_diag_handlers[family] (git-fixes).
- soundwire: amd: fix for wake interrupt handling for clockstop mode (git-fixes).
- soundwire: cadence: fix invalid PDI offset (stable-fixes).
- speakup: Avoid crash on very long word (git-fixes).
- speakup: Fix 8bit characters from direct synth (git-fixes).
- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
- spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).
- spi: atmel-quadspi: Add missing check for clk_prepare (git-fixes).
- spi: cadence: Ensure data lines set to low during dummy-cycle period (stable-fixes).
- spi: fix null pointer dereference within spi_sync (git-fixes).
- spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).
- spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes).
- spi: intel-pci: Add support for Lunar Lake-M SPI serial flash (stable-fixes).
- spi: lm70llp: fix links in doc and comments (git-fixes).
- spi: lpspi: Avoid potential use-after-free in probe() (git-fixes).
- spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe (git-fixes).
- spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).
- spi: microchip-core: defer asserting chip select until just before write to TX FIFO (git-fixes).
- spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer (git-fixes).
- spi: microchip-core: fix the issues in the isr (git-fixes).
- spi: microchip-core: only disable SPI controller when register value change requires it (git-fixes).
- spi: mux: set ctlr->bits_per_word_mask (stable-fixes).
- spi: spi-fsl-lpspi: remove redundant spi_controller_put call (git-fixes).
- spi: spi-microchip-core: Fix the number of chip selects supported (git-fixes).
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
- spi: spidev: add correct compatible for Rohm BH2228FV (git-fixes).
- spi: stm32: Do not warn about spurious interrupts (git-fixes).
- spi: stm32: qspi: Clamp stm32_qspi_get_mode() output to CCR_BUSWIDTH_4 (git-fixes).
- spi: stm32: qspi: Fix dual flash mode sanity test in stm32_qspi_setup() (git-fixes).
- spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).
- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).
- ssb: Fix potential NULL pointer dereference in ssb_device_uevent() (stable-fixes).
- staging: vc04_services: changen strncpy() to strscpy_pad() (stable-fixes).
- staging: vc04_services: fix information leak in create_component() (git-fixes).
- staging: vt6655: Remove unused declaration of RFbAL7230SelectChannelPostProcess() (git-fixes).
- stmmac: Clear variable when destroying workqueue (git-fixes).
- struct acpi_ec kABI workaround (git-fixes).
- sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
- supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570)
- supported.conf: Add APM X-Gene SoC hardware monitoring driver (jsc#PED-8649) Module is marked supported because of merge from SP6, but lets add reference to SLM6.0 maintenance task.
- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8644)
- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8645)
- supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional.
- supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems.
- supported.conf: mark vdpa modules supported (jsc#PED-8954)
- supported.conf: support tcp_dctcp module (jsc#PED-8111)
- supported.conf: update for mt76 stuff (bsc#1227149)
- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)
- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)
- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)
- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331)
- swiotlb: use the calculated number of areas (git-fixes).
- tcp: Dump bound-only sockets in inet_diag (bsc#1204562).
- thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data (stable-fixes).
- thermal/drivers/mediatek/lvts_thermal: Return error in case of invalid efuse data (git-fixes).
- thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).
- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
- thermal/of: Assume polling-delay(-passive) 0 when absent (stable-fixes).
- thermal: devfreq_cooling: Fix perf state when calculate dfc res_util (git-fixes).
- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
- thunderbolt: Do not create DisplayPort tunnels on adapters of the same router (git-fixes).
- thunderbolt: Fix wake configurations after device unplug (stable-fixes).
- thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).
- thunderbolt: Introduce tb_port_reset() (stable-fixes).
- thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4 routers (stable-fixes).
- thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).
- thunderbolt: debugfs: Fix margin debugfs node creation condition (git-fixes).
- tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).
- tls: do not skip over different type records from the rx_list (bsc#1221858).
- tls: fix peeking with sync+async decryption (bsc#1221858).
- tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).
- tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).
- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).
- tools/memory-model: Fix bug in lock.cat (git-fixes).
- tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).
- tools/power turbostat: Remember global max_die_id (stable-fixes).
- tools/power/cpupower: Fix Pstate frequency reporting on AMD Family 1Ah CPUs (stable-fixes).
- tools/power/turbostat: Fix uncore frequency file string (bsc#1221765).
- tools: ynl: do not leak mcast_groups on init error (git-fixes).
- tools: ynl: fix handling of multiple mcast groups (git-fixes).
- tools: ynl: make sure we always pass yarg to mnl_cb_run (git-fixes).
- tpm_tis: Do *not* flush uninitialized work (git-fixes).
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).
- tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes).
- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).
- tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (git-fixes).
- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).
- tracing: Build event generation tests only as modules (git-fixes).
- tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).
- tracing: Remove precision vsnprintf() check from print event (git-fixes).
- tracing: Use .flush() call to wake up readers (git-fixes).
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- tty: mcf: MCF54418 has 10 UARTS (git-fixes).
- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).
- tty: n_tty: Fix buffer offsets when lookahead is used (git-fixes).
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
- ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
- ubifs: Set page uptodate in the correct place (git-fixes).
- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
- ubifs: fix sort function prototype (git-fixes).
- usb-storage: alauda: Check whether the media is initialized (git-fixes).
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (bsc#1220569).
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).
- usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc3-am62: Disable wakeup at remove (git-fixes).
- usb: dwc3-am62: Rename private data (git-fixes).
- usb: dwc3-am62: fix module unload/reload behavior (git-fixes).
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).
- usb: dwc3: core: Add DWC31 version 2.00a controller (stable-fixes).
- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
- usb: dwc3: core: Workaround for CSR read timeout (stable-fixes).
- usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).
- usb: dwc3: pci: Do not set "linux,phy_charger_detect" property on Lenovo Yoga Tab2 1380 (stable-fixes).
- usb: dwc3: pci: Drop duplicate ID (git-fixes).
- usb: dwc3: pci: add support for the Intel Panther Lake (stable-fixes).
- usb: fotg210: Add missing kernel doc description (git-fixes).
- usb: gadget: aspeed_udc: fix device address configuration (git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
- usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
- usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (git-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
- usb: gadget: function: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).
- usb: gadget: printer: SS+ support (stable-fixes).
- usb: gadget: printer: fix races against disable (git-fixes).
- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (git-fixes).
- usb: gadget: uvc: configfs: ensure guid to be valid before set (stable-fixes).
- usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR (stable-fixes).
- usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-fixes).
- usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes).
- usb: musb: da8xx: fix a resource leak in probe() (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: phy: generic: Get the vbus supply (git-fixes).
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).
- usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
- usb: typec: tcpm: Correct port source pdo array in pd_set callback (git-fixes).
- usb: typec: tcpm: Correct the PDO counting in pd_set (git-fixes).
- usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).
- usb: typec: tcpm: Update PD of Type-C port upon pd_set (git-fixes).
- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
- usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() (git-fixes).
- usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes).
- usb: typec: tcpm: unregister existing source caps before re-registration (git-fixes).
- usb: typec: tipd: fix event checking for tps6598x (git-fixes).
- usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).
- usb: typec: ucsi: Ack unsupported commands (stable-fixes).
- usb: typec: ucsi: Check for notifications after init (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
- usb: typec: ucsi: Fix connector check on init (git-fixes).
- usb: typec: ucsi: Fix race between typec_switch and role_switch (git-fixes).
- usb: typec: ucsi: Limit read size on v1.2 (stable-fixes).
- usb: typec: ucsi: Never send a lone connector change ack (stable-fixes).
- usb: typec: ucsi: always register a link to USB PD device (git-fixes).
- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).
- usb: typec: ucsi: glink: fix child node release in probe function (git-fixes).
- usb: typec: ucsi: simplify partner's PD caps registration (git-fixes).
- usb: typec: ucsi_acpi: Refactor and fix DELL quirk (git-fixes).
- usb: typec: ucsi_glink: drop special handling for CCI_BUSY (stable-fixes).
- usb: ucsi: stm32: fix command completion handling (git-fixes).
- usb: udc: remove warning when queue disabled ep (stable-fixes).
- usb: xhci-plat: Do not include xhci.h (stable-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
- usb: xhci: Implement xhci_handshake_check_state() helper.
- usb: xhci: correct return value in case of STS_HCE (git-fixes).
- usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB (stable-fixes).
- vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
- vboxsf: explicitly deny setlease attempts (stable-fixes).
- vdpa/mlx5: Allow CVQ size changes (git-fixes).
- vdpa_sim: reset must not run (git-fixes).
- veth: try harder when allocating queue memory (git-fixes).
- vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).
- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).
- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).
- virtio_net: Do not send RSS key if it is not supported (git-fixes).
- virtio_net: avoid data-races on dev->stats fields (git-fixes).
- virtio_net: checksum offloading handling fix (git-fixes).
- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).
- vmlinux.lds.h: catch .bss..L* sections into BSS") (git-fixes).
- vsock/virtio: fix packet delivery to tap device (git-fixes).
- watchdog: bd9576: Drop "always-running" property (git-fixes).
- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).
- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).
- watchdog: rzg2l_wdt: Check return status of pm_runtime_put() (git-fixes).
- watchdog: rzg2l_wdt: Use pm_runtime_resume_and_get() (git-fixes).
- watchdog: rzn1: Convert comma to semicolon (git-fixes).
- watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() (git-fixes).
- wifi: add HAS_IOPORT dependencies (bsc#1227149).
- wifi: ar5523: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ar5523: enable proper endpoint verification (git-fixes).
- wifi: ath10/11/12k: Use alloc_ordered_workqueue() to create ordered workqueues (bsc#1227149).
- wifi: ath10k: Annotate struct ath10k_ce_ring with __counted_by (bsc#1227149).
- wifi: ath10k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath10k: Drop checks that are always false (bsc#1227149).
- wifi: ath10k: Drop cleaning of driver data from probe error path and remove (bsc#1227149).
- wifi: ath10k: Fix a few spelling errors (bsc#1227149).
- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
- wifi: ath10k: Fix enum ath10k_fw_crash_dump_type kernel-doc (bsc#1227149).
- wifi: ath10k: Fix htt_data_tx_completion kernel-doc warning (bsc#1227149).
- wifi: ath10k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath10k: Remove unused struct ath10k_htc_frame (bsc#1227149).
- wifi: ath10k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).
- wifi: ath10k: Use DECLARE_FLEX_ARRAY() for ath10k_htc_record (bsc#1227149).
- wifi: ath10k: Use list_count_nodes() (bsc#1227149).
- wifi: ath10k: add missing wmi_10_4_feature_mask documentation (bsc#1227149).
- wifi: ath10k: add support to allow broadcast action frame RX (bsc#1227149).
- wifi: ath10k: consistently use kstrtoX_from_user() functions (bsc#1227149).
- wifi: ath10k: correctly document enum wmi_tlv_tx_pause_id (bsc#1227149).
- wifi: ath10k: drop HTT_DATA_TX_STATUS_DOWNLOAD_FAIL (bsc#1227149).
- wifi: ath10k: fix QCOM_RPROC_COMMON dependency (git-fixes).
- wifi: ath10k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).
- wifi: ath10k: fix htt_q_state_conf & htt_q_state kernel-doc (bsc#1227149).
- wifi: ath10k: improve structure padding (bsc#1227149).
- wifi: ath10k: indicate to mac80211 scan complete with aborted flag for ATH10K_SCAN_STARTING state (bsc#1227149).
- wifi: ath10k: poll service ready message before failing (git-fixes).
- wifi: ath10k: populate board data for WCN3990 (git-fixes).
- wifi: ath10k: remove ath10k_htc_record::pauload[] (bsc#1227149).
- wifi: ath10k: remove duplicate memset() in 10.4 TDLS peer update (bsc#1227149).
- wifi: ath10k: remove struct wmi_pdev_chanlist_update_event (bsc#1227149).
- wifi: ath10k: remove unused template structs (bsc#1227149).
- wifi: ath10k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath10k: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: ath10k: simplify __ath10k_htt_tx_txq_recalc() (bsc#1227149).
- wifi: ath10k: simplify ath10k_peer_create() (bsc#1227149).
- wifi: ath10k: use flexible array in struct wmi_host_mem_chunks (bsc#1227149).
- wifi: ath10k: use flexible array in struct wmi_tdls_peer_capabilities (bsc#1227149).
- wifi: ath10k: use flexible arrays for WMI start scan TLVs (bsc#1227149).
- wifi: ath11k: Add HTT stats for PHY reset case (bsc#1227149).
- wifi: ath11k: Add coldboot calibration support for QCN9074 (bsc#1227149).
- wifi: ath11k: Allow ath11k to boot without caldata in ftm mode (bsc#1227149).
- wifi: ath11k: Consistently use ath11k_vif_to_arvif() (bsc#1227149).
- wifi: ath11k: Consolidate WMI peer flags (bsc#1227149).
- wifi: ath11k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath11k: Do not directly use scan_flags in struct scan_req_params (bsc#1227149).
- wifi: ath11k: EMA beacon support (bsc#1227149).
- wifi: ath11k: Fix a few spelling errors (bsc#1227149).
- wifi: ath11k: Fix ath11k_htc_record flexible record (bsc#1227149).
- wifi: ath11k: Introduce and use ath11k_sta_to_arsta() (bsc#1227149).
- wifi: ath11k: MBSSID beacon support (bsc#1227149).
- wifi: ath11k: MBSSID configuration during vdev create/start (bsc#1227149).
- wifi: ath11k: MBSSID parameter configuration in AP mode (bsc#1227149).
- wifi: ath11k: Really consistently use ath11k_vif_to_arvif() (bsc#1227149).
- wifi: ath11k: Relocate the func ath11k_mac_bitrate_mask_num_ht_rates() and change hweight16 to hweight8 (bsc#1227149).
- wifi: ath11k: Remove ath11k_base::bd_api (bsc#1227149).
- wifi: ath11k: Remove cal_done check during probe (bsc#1227149).
- wifi: ath11k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).
- wifi: ath11k: Remove scan_flags union from struct scan_req_params (bsc#1227149).
- wifi: ath11k: Remove struct ath11k::ops (bsc#1227149).
- wifi: ath11k: Remove unneeded semicolon (bsc#1227149).
- wifi: ath11k: Remove unused declarations (bsc#1227149).
- wifi: ath11k: Remove unused struct ath11k_htc_frame (bsc#1227149).
- wifi: ath11k: Send HT fixed rate in WMI peer fixed param (bsc#1227149).
- wifi: ath11k: Split coldboot calibration hw_param (bsc#1227149).
- wifi: ath11k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).
- wifi: ath11k: Use device_get_match_data() (bsc#1227149).
- wifi: ath11k: Use list_count_nodes() (bsc#1227149).
- wifi: ath11k: add WMI event debug messages (bsc#1227149).
- wifi: ath11k: add WMI_TLV_SERVICE_EXT_TPC_REG_SUPPORT service bit (bsc#1227149).
- wifi: ath11k: add chip id board name while searching board-2.bin for WCN6855 (bsc#1227149).
- wifi: ath11k: add firmware-2.bin support (bsc#1227149).
- wifi: ath11k: add handler for WMI_VDEV_SET_TPC_POWER_CMDID (bsc#1227149).
- wifi: ath11k: add parse of transmit power envelope element (bsc#1227149).
- wifi: ath11k: add parsing of phy bitmap for reg rules (bsc#1227149).
- wifi: ath11k: add support for QCA2066 (bsc#1227149).
- wifi: ath11k: add support to select 6 GHz regulatory type (bsc#1227149).
- wifi: ath11k: ath11k_debugfs_register(): fix format-truncation warning (bsc#1227149).
- wifi: ath11k: avoid forward declaration of ath11k_mac_start_vdev_delay() (bsc#1227149).
- wifi: ath11k: call ath11k_mac_fils_discovery() without condition (bsc#1227149).
- wifi: ath11k: constify MHI channel and controller configs (bsc#1227149).
- wifi: ath11k: debug: add ATH11K_DBG_CE (bsc#1227149).
- wifi: ath11k: debug: remove unused ATH11K_DBG_ANY (bsc#1227149).
- wifi: ath11k: debug: use all upper case in ATH11k_DBG_HAL (bsc#1227149).
- wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).
- wifi: ath11k: do not use %pK (bsc#1227149).
- wifi: ath11k: document HAL_RX_BUF_RBM_SW4_BM (bsc#1227149).
- wifi: ath11k: dp: cleanup debug message (bsc#1227149).
- wifi: ath11k: driver settings for MBSSID and EMA (bsc#1227149).
- wifi: ath11k: drop NULL pointer check in ath11k_update_per_peer_tx_stats() (bsc#1227149).
- wifi: ath11k: drop redundant check in ath11k_dp_rx_mon_dest_process() (bsc#1227149).
- wifi: ath11k: enable 36 bit mask for stream DMA (bsc#1227149).
- wifi: ath11k: factory test mode support (bsc#1227149).
- wifi: ath11k: fill parameters for vdev set tpc power WMI command (bsc#1227149).
- wifi: ath11k: fix CAC running state during virtual interface start (bsc#1227149).
- wifi: ath11k: fix IOMMU errors on buffer rings (bsc#1227149).
- wifi: ath11k: fix RCU documentation in ath11k_mac_op_ipv6_changed() (git-fixes).
- wifi: ath11k: fix WCN6750 firmware crash caused by 17 num_vdevs (bsc#1227149).
- wifi: ath11k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).
- wifi: ath11k: fix a possible dead lock caused by ab->base_lock (bsc#1227149).
- wifi: ath11k: fix ath11k_mac_op_remain_on_channel() stack usage (bsc#1227149).
- wifi: ath11k: fix connection failure due to unexpected peer delete (bsc#1227149).
- wifi: ath11k: fix tid bitmap is 0 in peer rx mu stats (bsc#1227149).
- wifi: ath11k: fix wrong definition of CE ring's base address (git-fixes).
- wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
- wifi: ath11k: hal: cleanup debug message (bsc#1227149).
- wifi: ath11k: htc: cleanup debug messages (bsc#1227149).
- wifi: ath11k: initialize eirp_power before use (bsc#1227149).
- wifi: ath11k: mac: fix struct ieee80211_sband_iftype_data handling (bsc#1227149).
- wifi: ath11k: mhi: add a warning message for MHI_CB_EE_RDDM crash (bsc#1227149).
- wifi: ath11k: move pci.ops registration ahead (bsc#1227149).
- wifi: ath11k: move power type check to ASSOC stage when connecting to 6 GHz AP (bsc#1227149).
- wifi: ath11k: move references from rsvd2 to info fields (bsc#1227149).
- wifi: ath11k: pci: cleanup debug logging (bsc#1227149).
- wifi: ath11k: print debug level in debug messages (bsc#1227149).
- wifi: ath11k: provide address list if chip supports 2 stations (bsc#1227149).
- wifi: ath11k: qmi: refactor ath11k_qmi_m3_load() (bsc#1227149).
- wifi: ath11k: refactor ath11k_wmi_tlv_parse_alloc() (bsc#1227149).
- wifi: ath11k: refactor setting country code logic (stable-fixes).
- wifi: ath11k: refactor vif parameter configurations (bsc#1227149).
- wifi: ath11k: rely on mac80211 debugfs handling for vif (bsc#1227149).
- wifi: ath11k: remove ath11k_htc_record::pauload[] (bsc#1227149).
- wifi: ath11k: remove invalid peer create logic (bsc#1227149).
- wifi: ath11k: remove manual mask names from debug messages (bsc#1227149).
- wifi: ath11k: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath11k: remove unsupported event handlers (bsc#1227149).
- wifi: ath11k: remove unused function ath11k_tm_event_wmi() (bsc#1227149).
- wifi: ath11k: remove unused members of 'struct ath11k_base' (bsc#1227149).
- wifi: ath11k: remove unused scan_events from struct scan_req_params (bsc#1227149).
- wifi: ath11k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1227149).
- wifi: ath11k: rename ath11k_start_vdev_delay() (bsc#1227149).
- wifi: ath11k: rename the sc naming convention to ab (bsc#1227149).
- wifi: ath11k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).
- wifi: ath11k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath11k: restore country code during resume (git-fixes).
- wifi: ath11k: save max transmit power in vdev start response event from firmware (bsc#1227149).
- wifi: ath11k: save power spectral density(PSD) of regulatory rule (bsc#1227149).
- wifi: ath11k: simplify ath11k_mac_validate_vht_he_fixed_rate_settings() (bsc#1227149).
- wifi: ath11k: simplify the code with module_platform_driver (bsc#1227149).
- wifi: ath11k: store cur_regulatory_info for each radio (bsc#1227149).
- wifi: ath11k: support 2 station interfaces (bsc#1227149).
- wifi: ath11k: update proper pdev/vdev id for testmode command (bsc#1227149).
- wifi: ath11k: update regulatory rules when connect to AP on 6 GHz band for station (bsc#1227149).
- wifi: ath11k: update regulatory rules when interface added (bsc#1227149).
- wifi: ath11k: use RCU when accessing struct inet6_dev::ac_list (bsc#1227149).
- wifi: ath11k: use WMI_VDEV_SET_TPC_POWER_CMDID when EXT_TPC_REG_SUPPORT for 6 GHz (bsc#1227149).
- wifi: ath11k: use kstrtoul_from_user() where appropriate (bsc#1227149).
- wifi: ath11k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).
- wifi: ath11k: wmi: add unified command debug messages (bsc#1227149).
- wifi: ath11k: wmi: cleanup error handling in ath11k_wmi_send_init_country_cmd() (bsc#1227149).
- wifi: ath11k: wmi: use common error handling style (bsc#1227149).
- wifi: ath11k: workaround too long expansion sparse warnings (bsc#1227149).
- wifi: ath12k: Add logic to write QRTR node id to scratch (bsc#1227149).
- wifi: ath12k: Add missing qmi_txn_cancel() calls (bsc#1227149).
- wifi: ath12k: Add support to parse new WMI event for 6 GHz regulatory (bsc#1227149).
- wifi: ath12k: Consistently use ath12k_vif_to_arvif() (bsc#1227149).
- wifi: ath12k: Consolidate WMI peer flags (bsc#1227149).
- wifi: ath12k: Correct 6 GHz frequency value in rx status (git-fixes).
- wifi: ath12k: Do not drop tx_status in failure case (git-fixes).
- wifi: ath12k: Do not use scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: Enable Mesh support for QCN9274 (bsc#1227149).
- wifi: ath12k: Fix a few spelling errors (bsc#1227149).
- wifi: ath12k: Fix tx completion ring (WBM2SW) setup failure (git-fixes).
- wifi: ath12k: Fix uninitialized use of ret in ath12k_mac_allocate() (bsc#1227149).
- wifi: ath12k: Introduce and use ath12k_sta_to_arsta() (bsc#1227149).
- wifi: ath12k: Introduce the container for mac80211 hw (bsc#1227149).
- wifi: ath12k: Make QMI message rules const (bsc#1227149).
- wifi: ath12k: Optimize the mac80211 hw data access (bsc#1227149).
- wifi: ath12k: Read board id to support split-PHY QCN9274 (bsc#1227149).
- wifi: ath12k: Refactor the mac80211 hw access from link/radio (bsc#1227149).
- wifi: ath12k: Remove ath12k_base::bd_api (bsc#1227149).
- wifi: ath12k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).
- wifi: ath12k: Remove some dead code (bsc#1227149).
- wifi: ath12k: Remove struct ath12k::ops (bsc#1227149).
- wifi: ath12k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath12k: Remove unnecessary struct qmi_txn initializers (bsc#1227149).
- wifi: ath12k: Remove unused declarations (bsc#1227149).
- wifi: ath12k: Remove unused scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: Set default beacon mode to burst mode (bsc#1227149).
- wifi: ath12k: Update Qualcomm Innovation Center, Inc. copyrights (stable-fixes).
- wifi: ath12k: Use initializers for QMI message buffers (bsc#1227149).
- wifi: ath12k: Use msdu_end to check MCBC (bsc#1227149).
- wifi: ath12k: Use pdev_id rather than mac_id to get pdev (bsc#1227149).
- wifi: ath12k: WMI support to process EHT capabilities (bsc#1227149).
- wifi: ath12k: add 320 MHz bandwidth enums (bsc#1227149).
- wifi: ath12k: add CE and ext IRQ flag to indicate irq_handler (bsc#1227149).
- wifi: ath12k: add EHT PHY modes (bsc#1227149).
- wifi: ath12k: add MAC id support in WBM error path (bsc#1227149).
- wifi: ath12k: add MLO header in peer association (bsc#1227149).
- wifi: ath12k: add P2P IE in beacon template (bsc#1227149).
- wifi: ath12k: add QMI PHY capability learn support (bsc#1227149).
- wifi: ath12k: add WMI support for EHT peer (bsc#1227149).
- wifi: ath12k: add ath12k_qmi_free_resource() for recovery (bsc#1227149).
- wifi: ath12k: add fallback board name without variant while searching board-2.bin (bsc#1227149).
- wifi: ath12k: add firmware-2.bin support (bsc#1227149).
- wifi: ath12k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED (bsc#1227149).
- wifi: ath12k: add keep backward compatibility of PHY mode to avoid firmware crash (bsc#1227149).
- wifi: ath12k: add msdu_end structure for WCN7850 (bsc#1227149).
- wifi: ath12k: add parsing of phy bitmap for reg rules (bsc#1227149).
- wifi: ath12k: add processing for TWT disable event (bsc#1227149).
- wifi: ath12k: add processing for TWT enable event (bsc#1227149).
- wifi: ath12k: add qmi_cnss_feature_bitmap field to hardware parameters (bsc#1227149).
- wifi: ath12k: add rcu lock for ath12k_wmi_p2p_noa_event() (bsc#1227149).
- wifi: ath12k: add read variant from SMBIOS for download board data (bsc#1227149).
- wifi: ath12k: add string type to search board data in board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: add support for BA1024 (bsc#1227149).
- wifi: ath12k: add support for collecting firmware log (bsc#1227149).
- wifi: ath12k: add support for hardware rfkill for WCN7850 (bsc#1227149).
- wifi: ath12k: add support for peer meta data version (bsc#1227149).
- wifi: ath12k: add support one MSI vector (bsc#1227149).
- wifi: ath12k: add support to search regdb data in board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: add wait operation for tx management packets for flush from mac80211 (bsc#1227149).
- wifi: ath12k: advertise P2P dev support for WCN7850 (bsc#1227149).
- wifi: ath12k: allow specific mgmt frame tx while vdev is not up (bsc#1227149).
- wifi: ath12k: ath12k_start_vdev_delay(): convert to use ar (bsc#1227149).
- wifi: ath12k: avoid deadlock by change ieee80211_queue_work for regd_update_work (bsc#1227149).
- wifi: ath12k: avoid duplicated vdev stop (git-fixes).
- wifi: ath12k: avoid explicit HW conversion argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid explicit RBM id argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid explicit mac id argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid repeated hw access from ar (bsc#1227149).
- wifi: ath12k: avoid repeated wiphy access from hw (bsc#1227149).
- wifi: ath12k: call ath12k_mac_fils_discovery() without condition (bsc#1227149).
- wifi: ath12k: change DMA direction while mapping reinjected packets (git-fixes).
- wifi: ath12k: change MAC buffer ring size to 2048 (bsc#1227149).
- wifi: ath12k: change WLAN_SCAN_PARAMS_MAX_IE_LEN from 256 to 512 (bsc#1227149).
- wifi: ath12k: change interface combination for P2P mode (bsc#1227149).
- wifi: ath12k: change to initialize recovery variables earlier in ath12k_core_reset() (bsc#1227149).
- wifi: ath12k: change to treat alpha code na as world wide regdomain (bsc#1227149).
- wifi: ath12k: change to use dynamic memory for channel list of scan (bsc#1227149).
- wifi: ath12k: check M3 buffer size as well whey trying to reuse it (bsc#1227149).
- wifi: ath12k: check hardware major version for WCN7850 (bsc#1227149).
- wifi: ath12k: configure RDDM size to MHI for device recovery (bsc#1227149).
- wifi: ath12k: configure puncturing bitmap (bsc#1227149).
- wifi: ath12k: correct the data_type from QMI_OPT_FLAG to QMI_UNSIGNED_1_BYTE for mlo_capable (bsc#1227149).
- wifi: ath12k: delete the timer rx_replenish_retry during rmmod (bsc#1227149).
- wifi: ath12k: designating channel frequency for ROC scan (bsc#1227149).
- wifi: ath12k: disable QMI PHY capability learn in split-phy QCN9274 (bsc#1227149).
- wifi: ath12k: do not drop data frames from unassociated stations (bsc#1227149).
- wifi: ath12k: do not restore ASPM in case of single MSI vector (bsc#1227149).
- wifi: ath12k: drop NULL pointer check in ath12k_update_per_peer_tx_stats() (bsc#1227149).
- wifi: ath12k: drop failed transmitted frames from metric calculation (git-fixes).
- wifi: ath12k: enable 320 MHz bandwidth for 6 GHz band in EHT PHY capability for WCN7850 (bsc#1227149).
- wifi: ath12k: enable 802.11 power save mode in station mode (bsc#1227149).
- wifi: ath12k: enable IEEE80211_HW_SINGLE_SCAN_ON_ALL_BANDS for WCN7850 (bsc#1227149).
- wifi: ath12k: fetch correct pdev id from WMI_SERVICE_READY_EXT_EVENTID (bsc#1227149).
- wifi: ath12k: fix PCI read and write (bsc#1227149).
- wifi: ath12k: fix WARN_ON during ath12k_mac_update_vif_chan (bsc#1227149).
- wifi: ath12k: fix broken structure wmi_vdev_create_cmd (bsc#1227149).
- wifi: ath12k: fix conf_mutex in ath12k_mac_op_unassign_vif_chanctx() (bsc#1227149).
- wifi: ath12k: fix debug messages (bsc#1227149).
- wifi: ath12k: fix fetching MCBC flag for QCN9274 (bsc#1227149).
- wifi: ath12k: fix firmware assert during insmod in memory segment mode (bsc#1227149).
- wifi: ath12k: fix firmware crash during reo reinject (git-fixes).
- wifi: ath12k: fix invalid m3 buffer address (bsc#1227149).
- wifi: ath12k: fix invalid memory access while processing fragmented packets (git-fixes).
- wifi: ath12k: fix kernel crash during resume (bsc#1227149).
- wifi: ath12k: fix license in p2p.c and p2p.h (bsc#1227149).
- wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).
- wifi: ath12k: fix peer metadata parsing (git-fixes).
- wifi: ath12k: fix potential wmi_mgmt_tx_queue race condition (bsc#1227149).
- wifi: ath12k: fix radar detection in 160 MHz (bsc#1227149).
- wifi: ath12k: fix recovery fail while firmware crash when doing channel switch (bsc#1227149).
- wifi: ath12k: fix the error handler of rfkill config (bsc#1227149).
- wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 (bsc#1227149).
- wifi: ath12k: fix the problem that down grade phy mode operation (bsc#1227149).
- wifi: ath12k: fix wrong definition of CE ring's base address (git-fixes).
- wifi: ath12k: fix wrong definitions of hal_reo_update_rx_queue (bsc#1227149).
- wifi: ath12k: get msi_data again after request_irq is called (bsc#1227149).
- wifi: ath12k: implement handling of P2P NoA event (bsc#1227149).
- wifi: ath12k: implement remain on channel for P2P mode (bsc#1227149).
- wifi: ath12k: increase vdev setup timeout (bsc#1227149).
- wifi: ath12k: indicate NON MBSSID vdev by default during vdev start (bsc#1227149).
- wifi: ath12k: indicate scan complete for scan canceled when scan running (bsc#1227149).
- wifi: ath12k: indicate to mac80211 scan complete with aborted flag for ATH12K_SCAN_STARTING state (bsc#1227149).
- wifi: ath12k: move HE capabilities processing to a new function (bsc#1227149).
- wifi: ath12k: move peer delete after vdev stop of station for WCN7850 (bsc#1227149).
- wifi: ath12k: parse WMI service ready ext2 event (bsc#1227149).
- wifi: ath12k: peer assoc for 320 MHz (bsc#1227149).
- wifi: ath12k: prepare EHT peer assoc parameters (bsc#1227149).
- wifi: ath12k: propagate EHT capabilities to userspace (bsc#1227149).
- wifi: ath12k: refactor DP Rxdma ring structure (bsc#1227149).
- wifi: ath12k: refactor QMI MLO host capability helper function (bsc#1227149).
- wifi: ath12k: refactor ath12k_bss_assoc() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_allocate() and ath12k_mac_destroy() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_ampdu_action() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_conf_tx() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_config() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_configure_filter() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_flush() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_start() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_stop() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_update_vif_offload() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_register() and ath12k_mac_unregister() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_setup_channels_rates() (bsc#1227149).
- wifi: ath12k: refactor ath12k_wmi_tlv_parse_alloc() (bsc#1227149).
- wifi: ath12k: refactor multiple MSI vector implementation (bsc#1227149).
- wifi: ath12k: refactor the rfkill worker (bsc#1227149).
- wifi: ath12k: register EHT mesh capabilities (bsc#1227149).
- wifi: ath12k: relax list iteration in ath12k_mac_vif_unref() (bsc#1227149).
- wifi: ath12k: relocate ath12k_dp_pdev_pre_alloc() call (bsc#1227149).
- wifi: ath12k: remove hal_desc_sz from hw params (bsc#1227149).
- wifi: ath12k: remove redundant memset() in ath12k_hal_reo_qdesc_setup() (bsc#1227149).
- wifi: ath12k: remove the unused scan_events from ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: remove unused ATH12K_BD_IE_BOARD_EXT (bsc#1227149).
- wifi: ath12k: rename HE capabilities setup/copy functions (bsc#1227149).
- wifi: ath12k: rename the sc naming convention to ab (bsc#1227149).
- wifi: ath12k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).
- wifi: ath12k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath12k: send WMI_PEER_REORDER_QUEUE_SETUP_CMDID when ADDBA session starts (bsc#1227149).
- wifi: ath12k: set IRQ affinity to CPU0 in case of one MSI vector (bsc#1227149).
- wifi: ath12k: set PERST pin no pull request for WCN7850 (bsc#1227149).
- wifi: ath12k: split hal_ops to support RX TLVs word mask compaction (bsc#1227149).
- wifi: ath12k: subscribe required word mask from rx tlv (bsc#1227149).
- wifi: ath12k: support default regdb while searching board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: trigger station disconnect on hardware restart (bsc#1227149).
- wifi: ath12k: use ATH12K_PCI_IRQ_DP_OFFSET for DP IRQ (bsc#1227149).
- wifi: ath12k: use correct flag field for 320 MHz channels (bsc#1227149).
- wifi: ath12k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).
- wifi: ath5k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath5k: Remove redundant dev_err() (bsc#1227149).
- wifi: ath5k: ath5k_hw_get_median_noise_floor(): use swap() (bsc#1227149).
- wifi: ath5k: remove phydir check from ath5k_debug_init_device() (bsc#1227149).
- wifi: ath5k: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath5k: remove unused ath5k_eeprom_info::ee_antenna (bsc#1227149).
- wifi: ath5k: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: ath6kl: Remove error checking for debugfs_create_dir() (bsc#1227149).
- wifi: ath6kl: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath6kl: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: ath9k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath9k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath9k: Remove unnecessary ternary operators (bsc#1227149).
- wifi: ath9k: Remove unused declarations (bsc#1227149).
- wifi: ath9k: avoid using uninitialized array (bsc#1227149).
- wifi: ath9k: clean up function ath9k_hif_usb_resume (bsc#1227149).
- wifi: ath9k: consistently use kstrtoX_from_user() functions (bsc#1227149).
- wifi: ath9k: delete some unused/duplicate macros (bsc#1227149).
- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
- wifi: ath9k: fix parameter check in ath9k_init_debug() (bsc#1227149).
- wifi: ath9k: remove redundant assignment to variable ret (bsc#1227149).
- wifi: ath9k: reset survey of current channel after a scan started (bsc#1227149).
- wifi: ath9k: simplify ar9003_hw_process_ini() (bsc#1227149).
- wifi: ath9k: use u32 for txgain indexes (bsc#1227149).
- wifi: ath9k: work around memset overflow warning (bsc#1227149).
- wifi: ath9k_htc: fix format-truncation warning (bsc#1227149).
- wifi: ath: Use is_multicast_ether_addr() to check multicast Ether address (bsc#1227149).
- wifi: ath: dfs_pattern_detector: Use flex array to simplify code (bsc#1227149).
- wifi: ath: remove unused-but-set parameter (bsc#1227149).
- wifi: ath: work around false-positive stringop-overread warning (bsc#1227149).
- wifi: atk10k: Do not opencode ath10k_pci_priv() in ath10k_ahb_priv() (bsc#1227149).
- wifi: atmel: remove unused ioctl function (bsc#1227149).
- wifi: b43: silence sparse warnings (bsc#1227149).
- wifi: brcm80211: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro (stable-fixes).
- wifi: brcmfmac: Annotate struct brcmf_gscan_config with __counted_by (bsc#1227149).
- wifi: brcmfmac: Demote vendor-specific attach/detach messages to info (git-fixes).
- wifi: brcmfmac: Detect corner error case earlier with log (bsc#1227149).
- wifi: brcmfmac: add linefeed at end of file (bsc#1227149).
- wifi: brcmfmac: add per-vendor feature detection callback (stable-fixes).
- wifi: brcmfmac: allow per-vendor event handling (bsc#1227149).
- wifi: brcmfmac: cfg80211: Use WSEC to set SAE password (stable-fixes).
- wifi: brcmfmac: do not cast hidden SSID attribute value to boolean (bsc#1227149).
- wifi: brcmfmac: do not pass hidden SSID attribute as value directly (bsc#1227149).
- wifi: brcmfmac: export firmware interface functions (bsc#1227149).
- wifi: brcmfmac: firmware: Annotate struct brcmf_fw_request with __counted_by (bsc#1227149).
- wifi: brcmfmac: fix format-truncation warnings (bsc#1227149).
- wifi: brcmfmac: fix gnu_printf warnings (bsc#1227149).
- wifi: brcmfmac: fweh: Add __counted_by for struct brcmf_fweh_queue_item and use struct_size() (bsc#1227149).
- wifi: brcmfmac: fweh: Fix boot crash on Raspberry Pi 4 (bsc#1227149).
- wifi: brcmfmac: move feature overrides before feature_disable (bsc#1227149).
- wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).
- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes).
- wifi: brcmsmac: cleanup SCB-related data types (bsc#1227149).
- wifi: brcmsmac: fix gnu_printf warnings (bsc#1227149).
- wifi: brcmsmac: phy: Remove unreachable code (bsc#1227149).
- wifi: brcmsmac: remove more unused data types (bsc#1227149).
- wifi: brcmsmac: remove unused data type (bsc#1227149).
- wifi: brcmsmac: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: brcmsmac: silence sparse warnings (bsc#1227149).
- wifi: brcmutil: use helper function pktq_empty() instead of open code (bsc#1227149).
- wifi: carl9170: Remove redundant assignment to pointer super (bsc#1227149).
- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).
- wifi: carl9170: re-fix fortified-memset warning (git-fixes).
- wifi: carl9170: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: cfg80211: Add support for setting TID to link mapping (bsc#1227149).
- wifi: cfg80211: Allow AP/P2PGO to indicate port authorization to peer STA/P2PClient (bsc#1227149).
- wifi: cfg80211: Extend support for scanning while MLO connected (bsc#1227149).
- wifi: cfg80211: Fix typo in documentation (bsc#1227149).
- wifi: cfg80211: Handle specific BSSID in 6GHz scanning (bsc#1227149).
- wifi: cfg80211: Include operating class 137 in 6GHz band (bsc#1227149).
- wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes).
- wifi: cfg80211: OWE DH IE handling offload (bsc#1227149).
- wifi: cfg80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: cfg80211: Schedule regulatory check on BSS STA channel change (bsc#1227149).
- wifi: cfg80211: Update the default DSCP-to-UP mapping (bsc#1227149).
- wifi: cfg80211: add BSS usage reporting (bsc#1227149).
- wifi: cfg80211: add RNR with reporting AP information (bsc#1227149).
- wifi: cfg80211: add a flag to disable wireless extensions (bsc#1227149).
- wifi: cfg80211: add local_state_change to deauth trace (bsc#1227149).
- wifi: cfg80211: add locked debugfs wrappers (bsc#1227149).
- wifi: cfg80211: add support for SPP A-MSDUs (bsc#1227149).
- wifi: cfg80211: address several kerneldoc warnings (bsc#1227149).
- wifi: cfg80211: allow reg update by driver even if wiphy->regd is set (bsc#1227149).
- wifi: cfg80211: annotate iftype_data pointer with sparse (bsc#1227149).
- wifi: cfg80211: avoid double free if updating BSS fails (bsc#1227149).
- wifi: cfg80211: call reg_call_notifier on beacon hints (bsc#1227149).
- wifi: cfg80211: check A-MSDU format more carefully (stable-fixes).
- wifi: cfg80211: check RTNL when iterating devices (bsc#1227149).
- wifi: cfg80211: check wiphy mutex is held for wdev mutex (bsc#1227149).
- wifi: cfg80211: consume both probe response and beacon IEs (bsc#1227149).
- wifi: cfg80211: detect stuck ECSA element in probe resp (bsc#1227149).
- wifi: cfg80211: ensure cfg80211_bss_update frees IEs on error (bsc#1227149).
- wifi: cfg80211: export DFS CAC time and usable state helper functions (bsc#1227149).
- wifi: cfg80211: expose nl80211_chan_width_to_mhz for wide sharing (bsc#1227149).
- wifi: cfg80211: fix 6 GHz scan request building (stable-fixes).
- wifi: cfg80211: fix CQM for non-range use (bsc#1227149).
- wifi: cfg80211: fix header kernel-doc typos (bsc#1227149).
- wifi: cfg80211: fix kernel-doc for wiphy_delayed_work_flush() (bsc#1227149).
- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).
- wifi: cfg80211: fix spelling & punctutation (bsc#1227149).
- wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes).
- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: fully move wiphy work to unbound workqueue (git-fixes).
- wifi: cfg80211: generate an ML element for per-STA profiles (bsc#1227149).
- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: handle UHB AP and STA power type (bsc#1227149).
- wifi: cfg80211: hold wiphy lock in cfg80211_any_wiphy_oper_chan() (bsc#1227149).
- wifi: cfg80211: hold wiphy mutex for send_interface (bsc#1227149).
- wifi: cfg80211: improve documentation for flag fields (bsc#1227149).
- wifi: cfg80211: introduce cfg80211_ssid_eq() (bsc#1227149).
- wifi: cfg80211: make RX assoc data const (bsc#1227149).
- wifi: cfg80211: make read-only array centers_80mhz static const (bsc#1227149).
- wifi: cfg80211: modify prototype for change_beacon (bsc#1227149).
- wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes).
- wifi: cfg80211: reg: Support P2P operation on DFS channels (bsc#1227149).
- wifi: cfg80211: reg: describe return values in kernel-doc (bsc#1227149).
- wifi: cfg80211: reg: fix various kernel-doc issues (bsc#1227149).
- wifi: cfg80211: reg: hold wiphy mutex for wdev iteration (bsc#1227149).
- wifi: cfg80211: remove scan_width support (bsc#1227149).
- wifi: cfg80211: remove wdev mutex (bsc#1227149).
- wifi: cfg80211: rename UHB to 6 GHz (bsc#1227149).
- wifi: cfg80211: report per-link errors during association (bsc#1227149).
- wifi: cfg80211: report unprotected deauth/disassoc in wowlan (bsc#1227149).
- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes).
- wifi: cfg80211: save power spectral density(psd) of regulatory rule (bsc#1227149).
- wifi: cfg80211: set correct param change count in ML element (bsc#1227149).
- wifi: cfg80211: sme: hold wiphy lock for wdev iteration (bsc#1227149).
- wifi: cfg80211: sort certificates in build (bsc#1227149).
- wifi: cfg80211: split struct cfg80211_ap_settings (bsc#1227149).
- wifi: cfg80211: validate HE operation element parsing (bsc#1227149).
- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes).
- wifi: cfg80211: wext: convert return value to kernel-doc (bsc#1227149).
- wifi: cfg80211: wext: set ssids=NULL for passive scans (git-fixes).
- wifi: cw1200: Avoid processing an invalid TIM IE (bsc#1227149).
- wifi: cw1200: Convert to GPIO descriptors (bsc#1227149).
- wifi: cw1200: fix __le16 sparse warnings (bsc#1227149).
- wifi: cw1200: restore endian swapping (bsc#1227149).
- wifi: drivers: Explicitly include correct DT includes (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for Broadcom WLAN (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for ar5523 (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for mt76 drivers (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for p54spi (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wcn36xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wilc1000 (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wl1251 and wl12xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wl18xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wlcore (bsc#1227149).
- wifi: hostap: Add __counted_by for struct prism2_download_data and use struct_size() (bsc#1227149).
- wifi: hostap: fix stringop-truncations GCC warning (bsc#1227149).
- wifi: hostap: remove unused ioctl function (bsc#1227149).
- wifi: ieee80211: add UL-bandwidth definition of trigger frame (bsc#1227149).
- wifi: ieee80211: add definitions for negotiated TID to Link map (bsc#1227149).
- wifi: ieee80211: check for NULL in ieee80211_mle_size_ok() (stable-fixes).
- wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).
- wifi: iwlmei: do not send SAP messages if AMT is disabled (bsc#1227149).
- wifi: iwlmei: do not send nic info with invalid mac address (bsc#1227149).
- wifi: iwlmei: send HOST_GOES_DOWN message even if wiamt is disabled (bsc#1227149).
- wifi: iwlmei: send driver down SAP message only if wiamt is enabled (bsc#1227149).
- wifi: iwlmvm: fw: Add new OEM vendor to tas approved list (bsc#1227149).
- wifi: iwlwifi: Add rf_mapping of new wifi7 devices (bsc#1227149).
- wifi: iwlwifi: Add support for PPAG cmd v5 and PPAG revision 3 (bsc#1227149).
- wifi: iwlwifi: Add support for new 802.11be device (bsc#1227149).
- wifi: iwlwifi: Do not mark DFS channels as NO-IR (bsc#1227149).
- wifi: iwlwifi: Extract common prph mac/phy regions data dump logic (bsc#1227149).
- wifi: iwlwifi: Fix spelling mistake "SESION" -> "SESSION" (bsc#1227149).
- wifi: iwlwifi: Use request_module_nowait (bsc#1227149).
- wifi: iwlwifi: abort scan when rfkill on but device enabled (bsc#1227149).
- wifi: iwlwifi: add HONOR to PPAG approved list (bsc#1227149).
- wifi: iwlwifi: add Razer to ppag approved list (bsc#1227149).
- wifi: iwlwifi: add mapping of a periphery register crf for WH RF (bsc#1227149).
- wifi: iwlwifi: add new RF support for wifi7 (bsc#1227149).
- wifi: iwlwifi: add support for SNPS DPHYIP region type (bsc#1227149).
- wifi: iwlwifi: add support for a wiphy_work rx handler (bsc#1227149).
- wifi: iwlwifi: add support for activating UNII-1 in WW via BIOS (bsc#1227149).
- wifi: iwlwifi: add support for new ini region types (bsc#1227149).
- wifi: iwlwifi: adjust rx_phyinfo debugfs to MLO (bsc#1227149).
- wifi: iwlwifi: always have 'uats_enabled' (bsc#1227149).
- wifi: iwlwifi: api: clean up some kernel-doc/typos (bsc#1227149).
- wifi: iwlwifi: api: dbg-tlv: fix up kernel-doc (bsc#1227149).
- wifi: iwlwifi: api: fix a small upper/lower-case typo (bsc#1227149).
- wifi: iwlwifi: api: fix center_freq label in PHY diagram (bsc#1227149).
- wifi: iwlwifi: api: fix constant version to match FW (bsc#1227149).
- wifi: iwlwifi: api: fix kernel-doc reference (bsc#1227149).
- wifi: iwlwifi: bump FW API to 84 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 86 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 87 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 88 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: cancel session protection only if there is one (bsc#1227149).
- wifi: iwlwifi: change link id in time event to s8 (bsc#1227149).
- wifi: iwlwifi: check for kmemdup() return value in iwl_parse_tlv_firmware() (bsc#1227149).
- wifi: iwlwifi: cleanup BT Shared Single Antenna code (bsc#1227149).
- wifi: iwlwifi: cleanup sending PER_CHAIN_LIMIT_OFFSET_CMD (bsc#1227149).
- wifi: iwlwifi: cleanup uefi variables loading (bsc#1227149).
- wifi: iwlwifi: clear link_id in time_event (bsc#1227149).
- wifi: iwlwifi: dbg-tlv: avoid extra allocation/copy (bsc#1227149).
- wifi: iwlwifi: dbg-tlv: use struct_size() for allocation (bsc#1227149).
- wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes).
- wifi: iwlwifi: disable 160 MHz based on subsystem device ID (bsc#1227149).
- wifi: iwlwifi: disable eSR when BT is active (bsc#1227149).
- wifi: iwlwifi: disable multi rx queue for 9000 (bsc#1227149).
- wifi: iwlwifi: do not check TAS block list size twice (bsc#1227149).
- wifi: iwlwifi: do not use TRUE/FALSE with bool (bsc#1227149).
- wifi: iwlwifi: drop NULL pointer check in iwl_mvm_tzone_set_trip_temp() (bsc#1227149).
- wifi: iwlwifi: dvm: remove kernel-doc warnings (bsc#1227149).
- wifi: iwlwifi: error-dump: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: fail NIC access fast on dead NIC (bsc#1227149).
- wifi: iwlwifi: fix #ifdef CONFIG_ACPI check (bsc#1227149).
- wifi: iwlwifi: fix iwl_mvm_get_valid_rx_ant() (git-fixes).
- wifi: iwlwifi: fix opmode start/stop race (bsc#1227149).
- wifi: iwlwifi: fix some kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: fix some kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: fix system commands group ordering (bsc#1227149).
- wifi: iwlwifi: fix the rf step and flavor bits range (bsc#1227149).
- wifi: iwlwifi: fw: Add support for UATS table in UHB (bsc#1227149).
- wifi: iwlwifi: fw: Fix debugfs command sending (bsc#1227149).
- wifi: iwlwifi: fw: allow vmalloc for PNVM image (bsc#1227149).
- wifi: iwlwifi: fw: dbg: ensure correct config name sizes (bsc#1227149).
- wifi: iwlwifi: fw: disable firmware debug asserts (bsc#1227149).
- wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
- wifi: iwlwifi: fw: file: clean up kernel-doc (bsc#1227149).
- wifi: iwlwifi: fw: file: do not use [0] for variable arrays (bsc#1227149).
- wifi: iwlwifi: fw: fix compile w/o CONFIG_ACPI (git-fixes).
- wifi: iwlwifi: fw: fix compiler warning for NULL string print (bsc#1227149).
- wifi: iwlwifi: fw: increase fw_version string size (bsc#1227149).
- wifi: iwlwifi: fw: reconstruct the API/CAPA enum number (bsc#1227149).
- wifi: iwlwifi: fw: replace deprecated strncpy with strscpy_pad (bsc#1227149).
- wifi: iwlwifi: handle per-phy statistics from fw (bsc#1227149).
- wifi: iwlwifi: implement GLAI ACPI table loading (bsc#1227149).
- wifi: iwlwifi: implement can_activate_links callback (bsc#1227149).
- wifi: iwlwifi: implement enable/disable for China 2022 regulatory (bsc#1227149).
- wifi: iwlwifi: iwl-fh.h: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: iwl-trans.h: clean up kernel-doc (bsc#1227149).
- wifi: iwlwifi: iwlmvm: handle unprotected deauth/disassoc in d3 (bsc#1227149).
- wifi: iwlwifi: load b0 version of ucode for HR1/HR2 (bsc#1227149).
- wifi: iwlwifi: make TB reallocation a debug message (bsc#1227149).
- wifi: iwlwifi: make time_events MLO aware (bsc#1227149).
- wifi: iwlwifi: mei: return error from register when not built (bsc#1227149).
- wifi: iwlwifi: mvm: Add basic link selection logic (bsc#1227149).
- wifi: iwlwifi: mvm: Add support for removing responder TKs (bsc#1227149).
- wifi: iwlwifi: mvm: Allow DFS concurrent operation (bsc#1227149).
- wifi: iwlwifi: mvm: Configure the link mapping for non-MLD FW (bsc#1227149).
- wifi: iwlwifi: mvm: Correctly report TSF data in scan complete (bsc#1227149).
- wifi: iwlwifi: mvm: Declare support for secure LTF measurement (bsc#1227149).
- wifi: iwlwifi: mvm: Do not warn if valid link pair was not found (bsc#1227149).
- wifi: iwlwifi: mvm: Do not warn on invalid link on scan complete (bsc#1227149).
- wifi: iwlwifi: mvm: Extend support for P2P service discovery (bsc#1227149).
- wifi: iwlwifi: mvm: Fix FTM initiator flags (bsc#1227149).
- wifi: iwlwifi: mvm: Fix scan abort handling with HW rfkill (stable-fixes).
- wifi: iwlwifi: mvm: Fix unreachable code path (bsc#1227149).
- wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes).
- wifi: iwlwifi: mvm: Keep connection in case of missed beacons during RX (bsc#1227149).
- wifi: iwlwifi: mvm: Return success if link could not be removed (bsc#1227149).
- wifi: iwlwifi: mvm: Use the link ID provided in scan request (bsc#1227149).
- wifi: iwlwifi: mvm: add US/Canada MCC to API (bsc#1227149).
- wifi: iwlwifi: mvm: add a debug print when we get a BAR (bsc#1227149).
- wifi: iwlwifi: mvm: add a debugfs hook to clear the monitor data (bsc#1227149).
- wifi: iwlwifi: mvm: add a per-link debugfs (bsc#1227149).
- wifi: iwlwifi: mvm: add a print when sending RLC command (bsc#1227149).
- wifi: iwlwifi: mvm: add start mac ctdp sum calculation debugfs handler (bsc#1227149).
- wifi: iwlwifi: mvm: add support for TID to link mapping neg request (bsc#1227149).
- wifi: iwlwifi: mvm: add support for new wowlan_info_notif (bsc#1227149).
- wifi: iwlwifi: mvm: advertise MLO only if EHT is enabled (bsc#1227149).
- wifi: iwlwifi: mvm: advertise support for SCS traffic description (bsc#1227149).
- wifi: iwlwifi: mvm: advertise support for protected ranging negotiation (bsc#1227149).
- wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).
- wifi: iwlwifi: mvm: always update keys in D3 exit (bsc#1227149).
- wifi: iwlwifi: mvm: avoid garbage iPN (bsc#1227149).
- wifi: iwlwifi: mvm: calculate EMLSR mode after connection (bsc#1227149).
- wifi: iwlwifi: mvm: check AP supports EMLSR (bsc#1227149).
- wifi: iwlwifi: mvm: check for iwl_mvm_mld_update_sta() errors (bsc#1227149).
- wifi: iwlwifi: mvm: check link more carefully (bsc#1227149).
- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).
- wifi: iwlwifi: mvm: check own capabilities for EMLSR (bsc#1227149).
- wifi: iwlwifi: mvm: cleanup MLO and non-MLO unification code (bsc#1227149).
- wifi: iwlwifi: mvm: combine condition/warning (bsc#1227149).
- wifi: iwlwifi: mvm: consider having one active link (bsc#1227149).
- wifi: iwlwifi: mvm: const-ify chandef pointers (bsc#1227149).
- wifi: iwlwifi: mvm: cycle FW link on chanctx removal (bsc#1227149).
- wifi: iwlwifi: mvm: d3: avoid intermediate/early mutex unlock (bsc#1227149).
- wifi: iwlwifi: mvm: d3: disconnect on GTK rekey failure (bsc#1227149).
- wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes).
- wifi: iwlwifi: mvm: d3: implement suspend with MLO (bsc#1227149).
- wifi: iwlwifi: mvm: debugfs for fw system stats (bsc#1227149).
- wifi: iwlwifi: mvm: define RX queue sync timeout as a macro (bsc#1227149).
- wifi: iwlwifi: mvm: disable MLO for the time being (bsc#1227149).
- wifi: iwlwifi: mvm: disallow puncturing in US/Canada (bsc#1227149).
- wifi: iwlwifi: mvm: disconnect long CSA only w/o alternative (bsc#1227149).
- wifi: iwlwifi: mvm: disconnect station vifs if recovery failed (bsc#1227149).
- wifi: iwlwifi: mvm: do not abort queue sync in CT-kill (bsc#1227149).
- wifi: iwlwifi: mvm: do not add dummy phy context (bsc#1227149).
- wifi: iwlwifi: mvm: do not always disable EMLSR due to BT coex (bsc#1227149).
- wifi: iwlwifi: mvm: do not do duplicate detection for nullfunc packets (bsc#1227149).
- wifi: iwlwifi: mvm: do not initialize csa_work twice (git-fixes).
- wifi: iwlwifi: mvm: do not limit VLP/AFC to UATS-enabled (git-fixes).
- wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).
- wifi: iwlwifi: mvm: do not send BT_COEX_CI command on new devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not send NDPs for new tx devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not send STA_DISABLE_TX_CMD for newer firmware (bsc#1227149).
- wifi: iwlwifi: mvm: do not send the smart fifo command if not needed (bsc#1227149).
- wifi: iwlwifi: mvm: do not set trigger frame padding in AP mode (bsc#1227149).
- wifi: iwlwifi: mvm: do not support reduced tx power on ack for new devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not wake up rx_sync_waitq upon RFKILL (git-fixes).
- wifi: iwlwifi: mvm: enable FILS DF Tx on non-PSC channel (bsc#1227149).
- wifi: iwlwifi: mvm: enable HE TX/RX <242 tone RU on new RFs (bsc#1227149).
- wifi: iwlwifi: mvm: expand queue sync warning messages (bsc#1227149).
- wifi: iwlwifi: mvm: extend alive timeout to 2 seconds (bsc#1227149).
- wifi: iwlwifi: mvm: fix ROC version check (bsc#1227149).
- wifi: iwlwifi: mvm: fix SB CFG check (bsc#1227149).
- wifi: iwlwifi: mvm: fix a battery life regression (bsc#1227149).
- wifi: iwlwifi: mvm: fix a crash on 7265 (bsc#1227149).
- wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).
- wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).
- wifi: iwlwifi: mvm: fix kernel-doc (bsc#1227149).
- wifi: iwlwifi: mvm: fix link ID management (bsc#1227149).
- wifi: iwlwifi: mvm: fix recovery flow in CSA (bsc#1227149).
- wifi: iwlwifi: mvm: fix regdb initialization (bsc#1227149).
- wifi: iwlwifi: mvm: fix the PHY context resolution for p2p device (bsc#1227149).
- wifi: iwlwifi: mvm: fix the TXF mapping for BZ devices (bsc#1227149).
- wifi: iwlwifi: mvm: fix the key PN index (bsc#1227149).
- wifi: iwlwifi: mvm: fix thermal kernel-doc (bsc#1227149).
- wifi: iwlwifi: mvm: fold the ref++ into iwl_mvm_phy_ctxt_add (bsc#1227149).
- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).
- wifi: iwlwifi: mvm: handle BA session teardown in RF-kill (stable-fixes).
- wifi: iwlwifi: mvm: handle debugfs names more carefully (bsc#1227149).
- wifi: iwlwifi: mvm: handle link-STA allocation in restart (bsc#1227149).
- wifi: iwlwifi: mvm: implement ROC version 3 (bsc#1227149).
- wifi: iwlwifi: mvm: implement new firmware API for statistics (bsc#1227149).
- wifi: iwlwifi: mvm: include link ID when releasing frames (git-fixes).
- wifi: iwlwifi: mvm: increase session protection after CSA (bsc#1227149).
- wifi: iwlwifi: mvm: init vif works only once (git-fixes).
- wifi: iwlwifi: mvm: introduce PHY_CONTEXT_CMD_API_VER_5 (bsc#1227149).
- wifi: iwlwifi: mvm: introduce esr_disable_reason (bsc#1227149).
- wifi: iwlwifi: mvm: iterate active links for STA queues (bsc#1227149).
- wifi: iwlwifi: mvm: limit EHT 320 MHz MCS for STEP URM (bsc#1227149).
- wifi: iwlwifi: mvm: limit pseudo-D3 to 60 seconds (bsc#1227149).
- wifi: iwlwifi: mvm: log dropped frames (bsc#1227149).
- wifi: iwlwifi: mvm: log dropped packets due to MIC error (bsc#1227149).
- wifi: iwlwifi: mvm: make "pldr_sync" mode effective (bsc#1227149).
- wifi: iwlwifi: mvm: make functions public (bsc#1227149).
- wifi: iwlwifi: mvm: make pldr_sync AX210 specific (bsc#1227149).
- wifi: iwlwifi: mvm: move BA notif messages before action (bsc#1227149).
- wifi: iwlwifi: mvm: move RU alloc B2 placement (bsc#1227149).
- wifi: iwlwifi: mvm: move listen interval to constants (bsc#1227149).
- wifi: iwlwifi: mvm: offload IGTK in AP if BIGTK is supported (bsc#1227149).
- wifi: iwlwifi: mvm: partially support PHY context version 6 (bsc#1227149).
- wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF (bsc#1227149).
- wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes).
- wifi: iwlwifi: mvm: reduce maximum RX A-MPDU size (bsc#1227149).
- wifi: iwlwifi: mvm: refactor TX rate handling (bsc#1227149).
- wifi: iwlwifi: mvm: refactor duplicate chanctx condition (bsc#1227149).
- wifi: iwlwifi: mvm: remove EHT code from mac80211.c (bsc#1227149).
- wifi: iwlwifi: mvm: remove IWL_MVM_STATUS_NEED_FLUSH_P2P (bsc#1227149).
- wifi: iwlwifi: mvm: remove flags for enable/disable beacon filter (bsc#1227149).
- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
- wifi: iwlwifi: mvm: remove one queue sync on BA session stop (bsc#1227149).
- wifi: iwlwifi: mvm: remove set_tim callback for MLD ops (bsc#1227149).
- wifi: iwlwifi: mvm: remove stale STA link data during restart (stable-fixes).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
- wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).
- wifi: iwlwifi: mvm: rework debugfs handling (bsc#1227149).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
- wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).
- wifi: iwlwifi: mvm: set properly mac header (git-fixes).
- wifi: iwlwifi: mvm: show dump even for pldr_sync (bsc#1227149).
- wifi: iwlwifi: mvm: show skb_mac_gso_segment() failure reason (bsc#1227149).
- wifi: iwlwifi: mvm: simplify the reorder buffer (bsc#1227149).
- wifi: iwlwifi: mvm: skip adding debugfs symlink for reconfig (bsc#1227149).
- wifi: iwlwifi: mvm: support CSA with MLD (bsc#1227149).
- wifi: iwlwifi: mvm: support SPP A-MSDUs (bsc#1227149).
- wifi: iwlwifi: mvm: support flush on AP interfaces (bsc#1227149).
- wifi: iwlwifi: mvm: support injection antenna control (bsc#1227149).
- wifi: iwlwifi: mvm: support iwl_dev_tx_power_cmd_v8 (bsc#1227149).
- wifi: iwlwifi: mvm: support set_antenna() (bsc#1227149).
- wifi: iwlwifi: mvm: unlock mvm if there is no primary link (bsc#1227149).
- wifi: iwlwifi: mvm: use correct address 3 in A-MSDU (stable-fixes).
- wifi: iwlwifi: mvm: use fast balance scan in case of an active P2P GO (bsc#1227149).
- wifi: iwlwifi: mvm: use the new command to clear the internal buffer (bsc#1227149).
- wifi: iwlwifi: mvm: work around A-MSDU size problem (bsc#1227149).
- wifi: iwlwifi: no power save during transition to D3 (bsc#1227149).
- wifi: iwlwifi: nvm-parse: advertise common packet padding (bsc#1227149).
- wifi: iwlwifi: nvm: parse the VLP/AFC bit from regulatory (bsc#1227149).
- wifi: iwlwifi: pcie: (re-)assign BAR0 on driver bind (bsc#1227149).
- wifi: iwlwifi: pcie: Add new PCI device id and CNVI (bsc#1227149).
- wifi: iwlwifi: pcie: Add the PCI device id for new hardware (stable-fixes).
- wifi: iwlwifi: pcie: clean up WFPM control bits (bsc#1227149).
- wifi: iwlwifi: pcie: clean up device removal work (bsc#1227149).
- wifi: iwlwifi: pcie: clean up gen1/gen2 TFD unmap (bsc#1227149).
- wifi: iwlwifi: pcie: do not allow hw-rfkill to stop device on gen2 (bsc#1227149).
- wifi: iwlwifi: pcie: dump CSRs before removal (bsc#1227149).
- wifi: iwlwifi: pcie: enable TOP fatal error interrupt (bsc#1227149).
- wifi: iwlwifi: pcie: fix RB status reading (stable-fixes).
- wifi: iwlwifi: pcie: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: pcie: get_crf_id() can be void (bsc#1227149).
- wifi: iwlwifi: pcie: give up mem read if HW is dead (bsc#1227149).
- wifi: iwlwifi: pcie: move gen1 TB handling to header (bsc#1227149).
- wifi: iwlwifi: pcie: point invalid TFDs to invalid data (bsc#1227149).
- wifi: iwlwifi: pcie: propagate iwl_pcie_gen2_apm_init() error (bsc#1227149).
- wifi: iwlwifi: pcie: rescan bus if no parent (bsc#1227149).
- wifi: iwlwifi: prepare for reading DSM from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading PPAG table from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading SAR tables from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading SPLC from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading TAS table from UEFI (bsc#1227149).
- wifi: iwlwifi: properly check if link is active (bsc#1227149).
- wifi: iwlwifi: properly set WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK (stable-fixes).
- wifi: iwlwifi: queue: fix kernel-doc (bsc#1227149).
- wifi: iwlwifi: queue: improve warning for no skb in reclaim (bsc#1227149).
- wifi: iwlwifi: queue: move iwl_txq_gen2_set_tb() up (bsc#1227149).
- wifi: iwlwifi: read DSM func 2 for specific RF types (bsc#1227149).
- wifi: iwlwifi: read DSM functions from UEFI (bsc#1227149).
- wifi: iwlwifi: read ECKV table from UEFI (bsc#1227149).
- wifi: iwlwifi: read PPAG table from UEFI (bsc#1227149).
- wifi: iwlwifi: read SAR tables from UEFI (bsc#1227149).
- wifi: iwlwifi: read SPLC from UEFI (bsc#1227149).
- wifi: iwlwifi: read WRDD table from UEFI (bsc#1227149).
- wifi: iwlwifi: read WTAS table from UEFI (bsc#1227149).
- wifi: iwlwifi: read mac step from aux register (bsc#1227149).
- wifi: iwlwifi: read txq->read_ptr under lock (stable-fixes).
- wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).
- wifi: iwlwifi: refactor RX tracing (bsc#1227149).
- wifi: iwlwifi: remove 'def_rx_queue' struct member (bsc#1227149).
- wifi: iwlwifi: remove Gl A-step remnants (bsc#1227149).
- wifi: iwlwifi: remove WARN from read_mem32() (bsc#1227149).
- wifi: iwlwifi: remove async command callback (bsc#1227149).
- wifi: iwlwifi: remove dead-code (bsc#1227149).
- wifi: iwlwifi: remove extra kernel-doc (bsc#1227149).
- wifi: iwlwifi: remove memory check for LMAC error address (bsc#1227149).
- wifi: iwlwifi: remove retry loops in start (bsc#1227149).
- wifi: iwlwifi: remove unused function prototype (bsc#1227149).
- wifi: iwlwifi: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: iwlwifi: return negative -EINVAL instead of positive EINVAL (bsc#1227149).
- wifi: iwlwifi: rfi: use a single DSM function for all RFI configurations (bsc#1227149).
- wifi: iwlwifi: send EDT table to FW (bsc#1227149).
- wifi: iwlwifi: separate TAS 'read-from-BIOS' and 'send-to-FW' flows (bsc#1227149).
- wifi: iwlwifi: simplify getting DSM from ACPI (bsc#1227149).
- wifi: iwlwifi: skip affinity setting on non-SMP (bsc#1227149).
- wifi: iwlwifi: skip opmode start retries on dead transport (bsc#1227149).
- wifi: iwlwifi: small cleanups in PPAG table flows (bsc#1227149).
- wifi: iwlwifi: support link command version 2 (bsc#1227149).
- wifi: iwlwifi: support link id in SESSION_PROTECTION_NOTIF (bsc#1227149).
- wifi: iwlwifi: support link_id in SESSION_PROTECTION cmd (bsc#1227149).
- wifi: iwlwifi: take SGOM and UATS code out of ACPI ifdef (bsc#1227149).
- wifi: iwlwifi: take send-DSM-to-FW flows out of ACPI ifdef (bsc#1227149).
- wifi: iwlwifi: trace full frames with TX status request (bsc#1227149).
- wifi: iwlwifi: update context info structure definitions (bsc#1227149).
- wifi: iwlwifi: use system_unbound_wq for debug dump (bsc#1227149).
- wifi: iwlwifi: validate PPAG table when sent to FW (bsc#1227149).
- wifi: lib80211: remove unused variables iv32 and iv16 (bsc#1227149).
- wifi: libertas: Follow renaming of SPI "master" to "controller" (bsc#1227149).
- wifi: libertas: add missing calls to cancel_work_sync() (bsc#1227149).
- wifi: libertas: cleanup SDIO reset (bsc#1227149).
- wifi: libertas: handle possible spu_write_u16() errors (bsc#1227149).
- wifi: libertas: prefer kstrtoX() for simple integer conversions (bsc#1227149).
- wifi: libertas: simplify list operations in free_if_spi_card() (bsc#1227149).
- wifi: libertas: use convenient lists to manage SDIO packets (bsc#1227149).
- wifi: mac80211: Add __counted_by for struct ieee802_11_elems and use struct_size() (bsc#1227149).
- wifi: mac80211: Avoid address calculations via out of bounds array indexing (stable-fixes).
- wifi: mac80211: Check if we had first beacon with relevant links (bsc#1227149).
- wifi: mac80211: Do not force off-channel for management Tx with MLO (bsc#1227149).
- wifi: mac80211: Do not include crypto/algapi.h (bsc#1227149).
- wifi: mac80211: Extend support for scanning while MLO connected (bsc#1227149).
- wifi: mac80211: Fix SMPS handling in the context of MLO (bsc#1227149).
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes).
- wifi: mac80211: Notify the low level driver on change in MLO valid links (bsc#1227149).
- wifi: mac80211: Print local link address during authentication (bsc#1227149).
- wifi: mac80211: Recalc offload when monitor stop (git-fixes).
- wifi: mac80211: Remove unused function declarations (bsc#1227149).
- wifi: mac80211: Rename and update IEEE80211_VIF_DISABLE_SMPS_OVERRIDE (bsc#1227149).
- wifi: mac80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: mac80211: Sanity check tx bitrate if not provided by driver (bsc#1227149).
- wifi: mac80211: Schedule regulatory channels check on bandwith change (bsc#1227149).
- wifi: mac80211: Skip association timeout update after comeback rejection (bsc#1227149).
- wifi: mac80211: add a driver callback to add vif debugfs (bsc#1227149).
- wifi: mac80211: add a driver callback to check active_links (bsc#1227149).
- wifi: mac80211: add a flag to disallow puncturing (bsc#1227149).
- wifi: mac80211: add back SPDX identifier (bsc#1227149).
- wifi: mac80211: add ieee80211_tdls_sta_link_id() (stable-fixes).
- wifi: mac80211: add link id to ieee80211_gtk_rekey_add() (bsc#1227149).
- wifi: mac80211: add link id to mgd_prepare_tx() (bsc#1227149).
- wifi: mac80211: add more ops assertions (bsc#1227149).
- wifi: mac80211: add more warnings about inserting sta info (bsc#1227149).
- wifi: mac80211: add support for SPP A-MSDUs (bsc#1227149).
- wifi: mac80211: add support for mld in ieee80211_chswitch_done (bsc#1227149).
- wifi: mac80211: add support for parsing TID to Link mapping element (bsc#1227149).
- wifi: mac80211: add/remove driver debugfs entries as appropriate (bsc#1227149).
- wifi: mac80211: additions to change_beacon() (bsc#1227149).
- wifi: mac80211: address some kerneldoc warnings (bsc#1227149).
- wifi: mac80211: allow 64-bit radiotap timestamps (bsc#1227149).
- wifi: mac80211: allow for_each_sta_active_link() under RCU (bsc#1227149).
- wifi: mac80211: apply mcast rate only if interface is up (stable-fixes).
- wifi: mac80211: cancel multi-link reconf work on disconnect (git-fixes).
- wifi: mac80211: chanctx emulation set CHANGE_CHANNEL when in_reconfig (git-fixes).
- wifi: mac80211: check EHT/TTLM action frame length (bsc#1227149).
- wifi: mac80211: check wiphy mutex in ops (bsc#1227149).
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).
- wifi: mac80211: clean up assignments to pointer cache (stable-fixes).
- wifi: mac80211: cleanup airtime arithmetic with ieee80211_sta_keep_active() (bsc#1227149).
- wifi: mac80211: cleanup auth_data only if association continues (bsc#1227149).
- wifi: mac80211: convert A-MPDU work to wiphy work (bsc#1227149).
- wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).
- wifi: mac80211: correctly set active links upon TTLM (bsc#1227149).
- wifi: mac80211: correcty limit wider BW TDLS STAs (git-fixes).
- wifi: mac80211: debugfs: lock wiphy instead of RTNL (bsc#1227149).
- wifi: mac80211: describe return values in kernel-doc (bsc#1227149).
- wifi: mac80211: disable softirqs for queued frame handling (git-fixes).
- wifi: mac80211: do not connect to an AP while it's in a CSA process (bsc#1227149).
- wifi: mac80211: do not re-add debugfs entries during resume (bsc#1227149).
- wifi: mac80211: do not select link ID if not provided in scan request (bsc#1227149).
- wifi: mac80211: do not set ESS capab bit in assoc request (bsc#1227149).
- wifi: mac80211: do not use rate mask for scanning (stable-fixes).
- wifi: mac80211: drop robust action frames before assoc (bsc#1227149).
- wifi: mac80211: drop spurious WARN_ON() in ieee80211_ibss_csa_beacon() (bsc#1227149).
- wifi: mac80211: ensure beacon is non-S1G prior to extracting the beacon timestamp field (stable-fixes).
- wifi: mac80211: ethtool: always hold wiphy mutex (bsc#1227149).
- wifi: mac80211: ethtool: hold wiphy mutex (bsc#1227149).
- wifi: mac80211: expand __ieee80211_data_to_8023() status (bsc#1227149).
- wifi: mac80211: extend wiphy lock in interface removal (bsc#1227149).
- wifi: mac80211: fix BA session teardown race (bsc#1227149).
- wifi: mac80211: fix BSS_CHANGED_UNSOL_BCAST_PROBE_RESP (bsc#1227149).
- wifi: mac80211: fix SMPS status handling (bsc#1227149).
- wifi: mac80211: fix TXQ error path and cleanup (bsc#1227149).
- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes).
- wifi: mac80211: fix a expired vs. cancel race in roc (bsc#1227149).
- wifi: mac80211: fix advertised TTLM scheduling (bsc#1227149).
- wifi: mac80211: fix another key installation error path (bsc#1227149).
- wifi: mac80211: fix change_address deadlock during unregister (bsc#1227149).
- wifi: mac80211: fix channel switch link data (bsc#1227149).
- wifi: mac80211: fix driver debugfs for vif type change (bsc#1227149).
- wifi: mac80211: fix error path key leak (bsc#1227149).
- wifi: mac80211: fix header kernel-doc typos (bsc#1227149).
- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).
- wifi: mac80211: fix ieee80211_drop_unencrypted_mgmt return type/value (bsc#1227149).
- wifi: mac80211: fix monitor channel with chanctx emulation (bsc#1227149).
- wifi: mac80211: fix potential key leak (bsc#1227149).
- wifi: mac80211: fix prep_connection error path (stable-fixes).
- wifi: mac80211: fix spelling typo in comment (bsc#1227149).
- wifi: mac80211: fix unaligned le16 access (git-fixes).
- wifi: mac80211: fix unsolicited broadcast probe config (bsc#1227149).
- wifi: mac80211: fix various kernel-doc issues (bsc#1227149).
- wifi: mac80211: fixes in FILS discovery updates (bsc#1227149).
- wifi: mac80211: flush STA queues on unauthorization (bsc#1227149).
- wifi: mac80211: flush wiphy work where appropriate (bsc#1227149).
- wifi: mac80211: handle debugfs when switching to/from MLO (bsc#1227149).
- wifi: mac80211: handle tasklet frames before stopping (stable-fixes).
- wifi: mac80211: hold wiphy lock in netdev/link debugfs (bsc#1227149).
- wifi: mac80211: hold wiphy_lock around concurrency checks (bsc#1227149).
- wifi: mac80211: improve CSA/ECSA connection refusal (bsc#1227149).
- wifi: mac80211: initialize SMPS mode correctly (bsc#1227149).
- wifi: mac80211: lock wiphy for aggregation debugfs (bsc#1227149).
- wifi: mac80211: lock wiphy in IP address notifier (bsc#1227149).
- wifi: mac80211: make mgd_protect_tdls_discover MLO-aware (bsc#1227149).
- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes).
- wifi: mac80211: mesh: Remove unused function declaration mesh_ids_set_default() (bsc#1227149).
- wifi: mac80211: mesh: fix some kdoc warnings (bsc#1227149).
- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes).
- wifi: mac80211: move CSA finalize to wiphy work (bsc#1227149).
- wifi: mac80211: move DFS CAC work to wiphy work (bsc#1227149).
- wifi: mac80211: move TDLS work to wiphy work (bsc#1227149).
- wifi: mac80211: move color change finalize to wiphy work (bsc#1227149).
- wifi: mac80211: move dynamic PS to wiphy work (bsc#1227149).
- wifi: mac80211: move filter reconfig to wiphy work (bsc#1227149).
- wifi: mac80211: move key tailroom work to wiphy work (bsc#1227149).
- wifi: mac80211: move link activation work to wiphy work (bsc#1227149).
- wifi: mac80211: move monitor work to wiphy work (bsc#1227149).
- wifi: mac80211: move tspec work to wiphy work (bsc#1227149).
- wifi: mac80211: only call drv_sta_rc_update for uploaded stations (stable-fixes).
- wifi: mac80211: process and save negotiated TID to Link mapping request (bsc#1227149).
- wifi: mac80211: purge TX queues in flush_queues flow (bsc#1227149).
- wifi: mac80211: reduce iflist_mtx (bsc#1227149).
- wifi: mac80211: reject MLO channel configuration if not supported (bsc#1227149).
- wifi: mac80211: relax RCU check in for_each_vif_active_link() (bsc#1227149).
- wifi: mac80211: remove RX_DROP_UNUSABLE (bsc#1227149).
- wifi: mac80211: remove ampdu_mlme.mtx (bsc#1227149).
- wifi: mac80211: remove chanctx_mtx (bsc#1227149).
- wifi: mac80211: remove key_mtx (bsc#1227149).
- wifi: mac80211: remove link before AP (git-fixes).
- wifi: mac80211: remove local->mtx (bsc#1227149).
- wifi: mac80211: remove redundant ML element check (bsc#1227149).
- wifi: mac80211: remove shifted rate support (bsc#1227149).
- wifi: mac80211: remove sta_mtx (bsc#1227149).
- wifi: mac80211: remove unnecessary struct forward declaration (bsc#1227149).
- wifi: mac80211: rename ieee80211_tx_status() to ieee80211_tx_status_skb() (bsc#1227149).
- wifi: mac80211: rename struct cfg80211_rx_assoc_resp to cfg80211_rx_assoc_resp_data (bsc#1227149).
- wifi: mac80211: report per-link error during association (bsc#1227149).
- wifi: mac80211: reset negotiated TTLM on disconnect (git-fixes).
- wifi: mac80211: rework RX timestamp flags (bsc#1227149).
- wifi: mac80211: rework ack_frame_id handling a bit (bsc#1227149).
- wifi: mac80211: rx.c: fix sentence grammar (bsc#1227149).
- wifi: mac80211: set wiphy for virtual monitors (bsc#1227149).
- wifi: mac80211: simplify non-chanctx drivers (bsc#1227149).
- wifi: mac80211: split ieee80211_drop_unencrypted_mgmt() return value (bsc#1227149).
- wifi: mac80211: sta_info.c: fix sentence grammar (bsc#1227149).
- wifi: mac80211: support antenna control in injection (bsc#1227149).
- wifi: mac80211: support handling of advertised TID-to-link mapping (bsc#1227149).
- wifi: mac80211: take MBSSID/EHT data also from probe resp (bsc#1227149).
- wifi: mac80211: take wiphy lock for MAC addr change (bsc#1227149).
- wifi: mac80211: tx: clarify conditions in if statement (bsc#1227149).
- wifi: mac80211: update beacon counters per link basis (bsc#1227149).
- wifi: mac80211: update some locking documentation (bsc#1227149).
- wifi: mac80211: update the rx_chains after set_antenna() (bsc#1227149).
- wifi: mac80211: use bandwidth indication element for CSA (bsc#1227149).
- wifi: mac80211: use deflink and fix typo in link ID check (bsc#1227149).
- wifi: mac80211: use wiphy locked debugfs for sdata/link (bsc#1227149).
- wifi: mac80211: use wiphy locked debugfs helpers for agg_status (bsc#1227149).
- wifi: mac80211_hwsim: init peer measurement result (git-fixes).
- wifi: mt7601u: delete dead code checking debugfs returns (bsc#1227149).
- wifi: mt7601u: replace strlcpy() with strscpy() (bsc#1227149).
- wifi: mt76: Annotate struct mt76_rx_tid with __counted_by (bsc#1227149).
- wifi: mt76: Convert to platform remove callback returning void (bsc#1227149).
- wifi: mt76: Remove redundant assignment to variable tidno (bsc#1227149).
- wifi: mt76: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: mt76: Replace strlcpy() with strscpy() (bsc#1227149).
- wifi: mt76: Use PTR_ERR_OR_ZERO() to simplify code (bsc#1227149).
- wifi: mt76: add DMA mapping error check in mt76_alloc_txwi() (bsc#1227149).
- wifi: mt76: add ability to explicitly forbid LED registration with DT (bsc#1227149).
- wifi: mt76: add support for providing eeprom in nvmem cells (bsc#1227149).
- wifi: mt76: add tx_nss histogram to ethtool stats (bsc#1227149).
- wifi: mt76: change txpower init to per-phy (bsc#1227149).
- wifi: mt76: check sta rx control frame to multibss capability (bsc#1227149).
- wifi: mt76: check txs format before getting skb by pid (bsc#1227149).
- wifi: mt76: check vif type before reporting cca and csa (bsc#1227149).
- wifi: mt76: connac: add MBSSID support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add beacon duplicate TX mode support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add beacon protection support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add connac3 mac library (bsc#1227149).
- wifi: mt76: connac: add data field in struct tlv (bsc#1227149).
- wifi: mt76: connac: add eht support for phy mode config (bsc#1227149).
- wifi: mt76: connac: add eht support for tx power (bsc#1227149).
- wifi: mt76: connac: add firmware support for mt7992 (bsc#1227149).
- wifi: mt76: connac: add more unified command IDs (bsc#1227149).
- wifi: mt76: connac: add more unified event IDs (bsc#1227149).
- wifi: mt76: connac: add new definition of tx descriptor (bsc#1227149).
- wifi: mt76: connac: add support for dsp firmware download (bsc#1227149).
- wifi: mt76: connac: add support to set ifs time by mcu command (bsc#1227149).
- wifi: mt76: connac: add thermal protection support for mt7996 (bsc#1227149).
- wifi: mt76: connac: check for null before dereferencing (bsc#1227149).
- wifi: mt76: connac: export functions for mt7925 (bsc#1227149).
- wifi: mt76: connac: introduce helper for mt7925 chipset (bsc#1227149).
- wifi: mt76: connac: set correct muar_idx for mt799x chipsets (bsc#1227149).
- wifi: mt76: connac: set fixed_bw bit in TX descriptor for fixed rate frames (bsc#1227149).
- wifi: mt76: connac: use muar idx 0xe for non-mt799x as well (bsc#1227149).
- wifi: mt76: disable HW AMSDU when using fixed rate (bsc#1227149).
- wifi: mt76: dma: introduce __mt76_dma_queue_reset utility routine (bsc#1227149).
- wifi: mt76: enable UNII-4 channel 177 support (bsc#1227149).
- wifi: mt76: fix race condition related to checking tx queue fill status (bsc#1227149).
- wifi: mt76: fix the issue of missing txpwr settings from ch153 to ch177 (bsc#1227149).
- wifi: mt76: fix typo in mt76_get_of_eeprom_from_nvmem function (bsc#1227149).
- wifi: mt76: increase MT_QFLAG_WED_TYPE size (bsc#1227149).
- wifi: mt76: introduce mt76_queue_is_wed_tx_free utility routine (bsc#1227149).
- wifi: mt76: introduce wed pointer in mt76_queue (bsc#1227149).
- wifi: mt76: limit support of precal loading for mt7915 to MTD only (bsc#1227149).
- wifi: mt76: make mt76_get_of_eeprom static again (bsc#1227149).
- wifi: mt76: mmio: move mt76_mmio_wed_{init,release}_rx_buf in common code (bsc#1227149).
- wifi: mt76: move ampdu_state in mt76_wcid (bsc#1227149).
- wifi: mt76: move mt76_mmio_wed_offload_{enable,disable} in common code (bsc#1227149).
- wifi: mt76: move mt76_net_setup_tc in common code (bsc#1227149).
- wifi: mt76: move rate info in mt76_vif (bsc#1227149).
- wifi: mt76: move wed reset common code in mt76 module (bsc#1227149).
- wifi: mt76: mt7603: add missing register initialization for MT7628 (bsc#1227149).
- wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).
- wifi: mt76: mt7603: disable A-MSDU tx support on MT7628 (bsc#1227149).
- wifi: mt76: mt7603: fix beacon interval after disabling a single vif (bsc#1227149).
- wifi: mt76: mt7603: fix tx filter/flush function (bsc#1227149).
- wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).
- wifi: mt76: mt7603: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7603: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7615: add missing chanctx ops (bsc#1227149).
- wifi: mt76: mt7615: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).
- wifi: mt76: mt7615: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7615: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt76_connac3: move lmac queue enumeration in mt76_connac3_mac.h (bsc#1227149).
- wifi: mt76: mt76x02: fix return value check in mt76x02_mac_process_rx (bsc#1227149).
- wifi: mt76: mt76x2u: add netgear wdna3100v3 to device table (bsc#1227149).
- wifi: mt76: mt7915 add tc offloading support (bsc#1227149).
- wifi: mt76: mt7915: accumulate mu-mimo ofdma muru stats (bsc#1227149).
- wifi: mt76: mt7915: add locking for accessing mapped registers (bsc#1227149).
- wifi: mt76: mt7915: add missing chanctx ops (bsc#1227149).
- wifi: mt76: mt7915: add support for MT7981 (bsc#1227149).
- wifi: mt76: mt7915: also MT7981 is 3T3R but nss2 on 5 GHz band (bsc#1227149).
- wifi: mt76: mt7915: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).
- wifi: mt76: mt7915: drop return in mt7915_sta_statistics (bsc#1227149).
- wifi: mt76: mt7915: fix EEPROM offset of TSSI flag on MT7981 (bsc#1227149).
- wifi: mt76: mt7915: fix error recovery with WED enabled (bsc#1227149).
- wifi: mt76: mt7915: fix monitor mode issues (bsc#1227149).
- wifi: mt76: mt7915: move mib_stats structure in mt76.h (bsc#1227149).
- wifi: mt76: mt7915: move poll_list in mt76_wcid (bsc#1227149).
- wifi: mt76: mt7915: move sta_poll_list and sta_poll_lock in mt76_dev (bsc#1227149).
- wifi: mt76: mt7915: report tx retries/failed counts for non-WED path (bsc#1227149).
- wifi: mt76: mt7915: update mpdu density capability (bsc#1227149).
- wifi: mt76: mt7915: update mt798x_wmac_adie_patch_7976 (bsc#1227149).
- wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-fixes).
- wifi: mt76: mt7921: Support temp sensor (bsc#1227149).
- wifi: mt76: mt7921: add 6GHz power type support for clc (bsc#1227149).
- wifi: mt76: mt7921: convert acpisar and clc pointers to void (bsc#1227149).
- wifi: mt76: mt7921: enable set txpower for UNII-4 (bsc#1227149).
- wifi: mt76: mt7921: fix 6GHz disabled by the missing default CLC config (bsc#1227149).
- wifi: mt76: mt7921: fix CLC command timeout when suspend/resume (bsc#1227149).
- wifi: mt76: mt7921: fix a potential association failure upon resuming (bsc#1227149).
- wifi: mt76: mt7921: fix kernel panic by accessing invalid 6GHz channel info (bsc#1227149).
- wifi: mt76: mt7921: fix suspend issue on MediaTek COB platform (bsc#1227149).
- wifi: mt76: mt7921: fix the unfinished command of regd_notifier before suspend (bsc#1227149).
- wifi: mt76: mt7921: fix wrong 6Ghz power type (bsc#1227149).
- wifi: mt76: mt7921: get regulatory information from the clc event (bsc#1227149).
- wifi: mt76: mt7921: get rid of MT7921_RESET_TIMEOUT marco (bsc#1227149).
- wifi: mt76: mt7921: make mt7921_mac_sta_poll static (bsc#1227149).
- wifi: mt76: mt7921: move acpi_sar code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move common register definition in mt792x_regs.h (bsc#1227149).
- wifi: mt76: mt7921: move connac nic capability handling to mt7921 (bsc#1227149).
- wifi: mt76: mt7921: move debugfs shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move dma shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move hif_ops macro in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move init shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move mac shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move mt7921_dma_init in pci.c (bsc#1227149).
- wifi: mt76: mt7921: move mt7921u_disconnect mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: move mt792x_hw_dev in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move mt792x_mutex_{acquire/release} in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move runtime-pm pci code in mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: move shared runtime-pm code on mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: reduce the size of MCU firmware download Rx queue (bsc#1227149).
- wifi: mt76: mt7921: rely on mib_stats shared definition (bsc#1227149).
- wifi: mt76: mt7921: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7921: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7921: remove macro duplication in regs.h (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_dev in mt792x_dev (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_hif_ops in mt792x_hif_ops (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_phy in mt792x_phy (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_sta in mt792x_sta (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_vif in mt792x_vif (bsc#1227149).
- wifi: mt76: mt7921: support 5.9/6GHz channel config in acpi (bsc#1227149).
- wifi: mt76: mt7921: update the channel usage when the regd domain changed (bsc#1227149).
- wifi: mt76: mt7921e: report tx retries/failed counts in tx free event (bsc#1227149).
- wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (stable-fixes).
- wifi: mt76: mt7925: add Mediatek Wi-Fi7 driver for mt7925 chips (bsc#1227149).
- wifi: mt76: mt7925: add flow to avoid chip bt function fail (bsc#1227149).
- wifi: mt76: mt7925: add support to set ifs time by mcu command (bsc#1227149).
- wifi: mt76: mt7925: ensure 4-byte alignment for suspend & wow command (bsc#1227149).
- wifi: mt76: mt7925: fix SAP no beacon issue in 5Ghz and 6Ghz band (bsc#1227149).
- wifi: mt76: mt7925: fix WoW failed in encrypted mode (bsc#1227149).
- wifi: mt76: mt7925: fix connect to 80211b mode fail in 2Ghz band (bsc#1227149).
- wifi: mt76: mt7925: fix fw download fail (bsc#1227149).
- wifi: mt76: mt7925: fix mcu query command fail (bsc#1227149).
- wifi: mt76: mt7925: fix the wrong data type for scan command (bsc#1227149).
- wifi: mt76: mt7925: fix the wrong header translation config (bsc#1227149).
- wifi: mt76: mt7925: fix typo in mt7925_init_he_caps (bsc#1227149).
- wifi: mt76: mt7925: fix wmm queue mapping (bsc#1227149).
- wifi: mt76: mt7925: remove iftype from mt7925_init_eht_caps signature (bsc#1227149).
- wifi: mt76: mt7925: support temperature sensor (bsc#1227149).
- wifi: mt76: mt7925: update PCIe DMA settings (bsc#1227149).
- wifi: mt76: mt7925e: fix use-after-free in free_irq() (bsc#1227149).
- wifi: mt76: mt792x: add the illegal value check for mtcl table of acpi (bsc#1227149).
- wifi: mt76: mt792x: fix ethtool warning (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x-lib module (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x-usb module (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x_irq_map (bsc#1227149).
- wifi: mt76: mt792x: move MT7921_PM_TIMEOUT and MT7921_HW_SCAN_TIMEOUT in common code (bsc#1227149).
- wifi: mt76: mt792x: move more dma shared code in mt792x_dma (bsc#1227149).
- wifi: mt76: mt792x: move mt7921_load_firmware in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt792x: move mt7921_skb_add_usb_sdio_hdr in mt792x module (bsc#1227149).
- wifi: mt76: mt792x: move shared structure definition in mt792x.h (bsc#1227149).
- wifi: mt76: mt792x: move some common usb code in mt792x module (bsc#1227149).
- wifi: mt76: mt792x: support mt7925 chip init (bsc#1227149).
- wifi: mt76: mt792x: update the country list of EU for ACPI SAR (bsc#1227149).
- wifi: mt76: mt792xu: enable dmashdl support (bsc#1227149).
- wifi: mt76: mt7996: Add mcu commands for getting sta tx statistic (bsc#1227149).
- wifi: mt76: mt7996: Use DECLARE_FLEX_ARRAY() and fix -Warray-bounds warnings (bsc#1227149).
- wifi: mt76: mt7996: add DMA support for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: add TX statistics for EHT mode in debugfs (bsc#1227149).
- wifi: mt76: mt7996: add locking for accessing mapped registers (stable-fixes).
- wifi: mt76: mt7996: add muru support (bsc#1227149).
- wifi: mt76: mt7996: add sanity checks for background radar trigger (stable-fixes).
- wifi: mt76: mt7996: add support for variants with auxiliary RX path (bsc#1227149).
- wifi: mt76: mt7996: add thermal sensor device support (bsc#1227149).
- wifi: mt76: mt7996: add txpower setting support (bsc#1227149).
- wifi: mt76: mt7996: adjust WFDMA settings to improve performance (bsc#1227149).
- wifi: mt76: mt7996: adjust interface num and wtbl size for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: align the format of fixed rate command (bsc#1227149).
- wifi: mt76: mt7996: check txs format before getting skb by pid (bsc#1227149).
- wifi: mt76: mt7996: disable AMSDU for non-data frames (stable-fixes).
- wifi: mt76: mt7996: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).
- wifi: mt76: mt7996: drop return in mt7996_sta_statistics (bsc#1227149).
- wifi: mt76: mt7996: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).
- wifi: mt76: mt7996: enable PPDU-TxS to host (bsc#1227149).
- wifi: mt76: mt7996: enable VHT extended NSS BW feature (bsc#1227149).
- wifi: mt76: mt7996: ensure 4-byte alignment for beacon commands (bsc#1227149).
- wifi: mt76: mt7996: fix alignment of sta info event (bsc#1227149).
- wifi: mt76: mt7996: fix fortify warning (bsc#1227149).
- wifi: mt76: mt7996: fix fw loading timeout (bsc#1227149).
- wifi: mt76: mt7996: fix mt7996_mcu_all_sta_info_event struct packing (bsc#1227149).
- wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature (bsc#1227149).
- wifi: mt76: mt7996: fix size of txpower MCU command (bsc#1227149).
- wifi: mt76: mt7996: fix uninitialized variable in mt7996_irq_tasklet() (bsc#1227149).
- wifi: mt76: mt7996: fix uninitialized variable in parsing txfree (bsc#1227149).
- wifi: mt76: mt7996: get tx_retries and tx_failed from txfree (bsc#1227149).
- wifi: mt76: mt7996: handle IEEE80211_RC_SMPS_CHANGED (bsc#1227149).
- wifi: mt76: mt7996: increase tx token size (bsc#1227149).
- wifi: mt76: mt7996: introduce mt7996_band_valid() (bsc#1227149).
- wifi: mt76: mt7996: mark GCMP IGTK unsupported (bsc#1227149).
- wifi: mt76: mt7996: move radio ctrl commands to proper functions (bsc#1227149).
- wifi: mt76: mt7996: only set vif teardown cmds at remove interface (bsc#1227149).
- wifi: mt76: mt7996: rely on mib_stats shared definition (bsc#1227149).
- wifi: mt76: mt7996: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7996: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7996: remove TXS queue setting (bsc#1227149).
- wifi: mt76: mt7996: remove periodic MPDU TXS request (bsc#1227149).
- wifi: mt76: mt7996: rework ampdu params setting (bsc#1227149).
- wifi: mt76: mt7996: rework register offsets for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: set DMA mask to 36 bits for boards with more than 4GB of RAM (bsc#1227149).
- wifi: mt76: mt7996: support more options for mt7996_set_bitrate_mask() (bsc#1227149).
- wifi: mt76: mt7996: support mt7992 eeprom loading (bsc#1227149).
- wifi: mt76: mt7996: support per-band LED control (bsc#1227149).
- wifi: mt76: mt7996: switch to mcu command for TX GI report (bsc#1227149).
- wifi: mt76: mt7996: use u16 for val field in mt7996_mcu_set_rro signature (bsc#1227149).
- wifi: mt76: permit to load precal from NVMEM cell for mt7915 (bsc#1227149).
- wifi: mt76: permit to use alternative cell name to eeprom NVMEM load (bsc#1227149).
- wifi: mt76: reduce spin_lock_bh held up in mt76_dma_rx_cleanup (bsc#1227149).
- wifi: mt76: replace skb_put with skb_put_zero (stable-fixes).
- wifi: mt76: report non-binding skb tx rate when WED is active (bsc#1227149).
- wifi: mt76: set page_pool napi pointer for mmio devices (bsc#1227149).
- wifi: mt76: split get_of_eeprom in subfunction (bsc#1227149).
- wifi: mt76: usb: create a dedicated queue for psd traffic (bsc#1227149).
- wifi: mt76: usb: store usb endpoint in mt76_queue (bsc#1227149).
- wifi: mt76: use atomic iface iteration for pre-TBTT work (bsc#1227149).
- wifi: mt76: use chainmask for power delta calculation (bsc#1227149).
- wifi: mwifiex: Drop unused headers (bsc#1227149).
- wifi: mwifiex: Fix interface type change (git-fixes).
- wifi: mwifiex: Refactor 1-element array into flexible array in struct mwifiex_ie_types_chan_list_param_set (bsc#1227149).
- wifi: mwifiex: Replace one-element array with flexible-array member in struct mwifiex_ie_types_rxba_sync (bsc#1227149).
- wifi: mwifiex: Set WIPHY_FLAG_NETNS_OK flag (bsc#1227149).
- wifi: mwifiex: Use default @max_active for workqueues (bsc#1227149).
- wifi: mwifiex: Use helpers to check multicast addresses (bsc#1227149).
- wifi: mwifiex: Use list_count_nodes() (bsc#1227149).
- wifi: mwifiex: cleanup adapter data (bsc#1227149).
- wifi: mwifiex: cleanup private data structures (bsc#1227149).
- wifi: mwifiex: cleanup struct mwifiex_sdio_mpa_rx (bsc#1227149).
- wifi: mwifiex: drop BUG_ON from TX paths (bsc#1227149).
- wifi: mwifiex: fix comment typos in SDIO module (bsc#1227149).
- wifi: mwifiex: followup PCIE and related cleanups (bsc#1227149).
- wifi: mwifiex: handle possible mwifiex_write_reg() errors (bsc#1227149).
- wifi: mwifiex: handle possible sscanf() errors (bsc#1227149).
- wifi: mwifiex: mwifiex_process_sleep_confirm_resp(): remove unused priv variable (bsc#1227149).
- wifi: mwifiex: prefer strscpy() over strlcpy() (bsc#1227149).
- wifi: mwifiex: simplify PCIE write operations (bsc#1227149).
- wifi: mwifiex: use MODULE_FIRMWARE to add firmware files metadata (bsc#1227149).
- wifi: mwifiex: use cfg80211_ssid_eq() instead of mwifiex_ssid_cmp() (bsc#1227149).
- wifi: mwifiex: use is_zero_ether_addr() instead of ether_addr_equal() (bsc#1227149).
- wifi: mwifiex: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).
- wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
- wifi: nl80211: Avoid address calculations via out of bounds array indexing (git-fixes).
- wifi: nl80211: Extend del pmksa support for SAE and OWE security (bsc#1227149).
- wifi: nl80211: Remove unused declaration nl80211_pmsr_dump_results() (bsc#1227149).
- wifi: nl80211: additions to NL80211_CMD_SET_BEACON (bsc#1227149).
- wifi: nl80211: allow reporting wakeup for unprot deauth/disassoc (bsc#1227149).
- wifi: nl80211: do not free NULL coalescing rule (git-fixes).
- wifi: nl80211: fixes to FILS discovery updates (bsc#1227149).
- wifi: nl80211: refactor nl80211_send_mlme_event() arguments (bsc#1227149).
- wifi: p54: Add missing MODULE_FIRMWARE macro (bsc#1227149).
- wifi: p54: Annotate struct p54_cal_database with __counted_by (bsc#1227149).
- wifi: p54: fix GCC format truncation warning with wiphy->fw_version (bsc#1227149).
- wifi: plfxlc: Drop unused include (bsc#1227149).
- wifi: radiotap: add bandwidth definition of EHT U-SIG (bsc#1227149).
- wifi: remove unused argument of ieee80211_get_tdls_action() (bsc#1227149).
- wifi: rsi: fix restricted __le32 degrades to integer sparse warnings (bsc#1227149).
- wifi: rsi: rsi_91x_coex: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_debugfs: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_hal: Remove unnecessary conversions (bsc#1227149).
- wifi: rsi: rsi_91x_mac80211: Remove unnecessary conversions (bsc#1227149).
- wifi: rsi: rsi_91x_main: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_sdio: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_sdio_ops: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_usb: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_usb_ops: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rt2x00: Simplify bool conversion (bsc#1227149).
- wifi: rt2x00: correct MAC_SYS_CTRL register RX mask in R-Calibration (bsc#1227149).
- wifi: rt2x00: disable RTS threshold for rt2800 by default (bsc#1227149).
- wifi: rt2x00: fix MT7620 low RSSI issue (bsc#1227149).
- wifi: rt2x00: fix rt2800 watchdog function (bsc#1227149).
- wifi: rt2x00: fix the typo in comments (bsc#1227149).
- wifi: rt2x00: improve MT7620 register initialization (bsc#1227149).
- wifi: rt2x00: introduce DMA busy check watchdog for rt2800 (bsc#1227149).
- wifi: rt2x00: limit MT7620 TX power based on eeprom calibration (bsc#1227149).
- wifi: rt2x00: make watchdog param per device (bsc#1227149).
- wifi: rt2x00: remove redundant check if u8 array element is less than zero (bsc#1227149).
- wifi: rt2x00: remove useless code in rt2x00queue_create_tx_descriptor() (bsc#1227149).
- wifi: rt2x00: rework MT7620 PA/LNA RF calibration (bsc#1227149).
- wifi: rt2x00: rework MT7620 channel config function (bsc#1227149).
- wifi: rt2x00: silence sparse warnings (bsc#1227149).
- wifi: rt2x00: simplify rt2x00crypto_rx_insert_iv() (bsc#1227149).
- wifi: rtl8xxxu: 8188e: convert usage of priv->vif to priv->vifs[0] (bsc#1227149).
- wifi: rtl8xxxu: 8188f: Limit TX power index (git-fixes).
- wifi: rtl8xxxu: Actually use macid in rtl8xxxu_gen2_report_connect (bsc#1227149).
- wifi: rtl8xxxu: Add TP-Link TL-WN823N V2 (bsc#1227149).
- wifi: rtl8xxxu: Add a description about the device ID 0x7392:0xb722 (bsc#1227149).
- wifi: rtl8xxxu: Add beacon functions (bsc#1227149).
- wifi: rtl8xxxu: Add parameter force to rtl8xxxu_refresh_rate_mask (bsc#1227149).
- wifi: rtl8xxxu: Add parameter macid to update_rate_mask (bsc#1227149).
- wifi: rtl8xxxu: Add parameter role to report_connect (bsc#1227149).
- wifi: rtl8xxxu: Add set_tim() callback (bsc#1227149).
- wifi: rtl8xxxu: Add sta_add() and sta_remove() callbacks (bsc#1227149).
- wifi: rtl8xxxu: Add start_ap() callback (bsc#1227149).
- wifi: rtl8xxxu: Allow creating interface in AP mode (bsc#1227149).
- wifi: rtl8xxxu: Allow setting rts threshold to -1 (bsc#1227149).
- wifi: rtl8xxxu: Clean up filter configuration (bsc#1227149).
- wifi: rtl8xxxu: Declare AP mode support for 8188f (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8192EU (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8710BU (RTL8188GU) (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8723BU (bsc#1227149).
- wifi: rtl8xxxu: Enable hw seq for mgmt/non-QoS data frames (bsc#1227149).
- wifi: rtl8xxxu: Fix LED control code of RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: Fix off by one initial RTS rate (bsc#1227149).
- wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).
- wifi: rtl8xxxu: Put the macid in txdesc (bsc#1227149).
- wifi: rtl8xxxu: Remove usage of ieee80211_get_tx_rate() (bsc#1227149).
- wifi: rtl8xxxu: Remove usage of tx_info->control.rates[0].flags (bsc#1227149).
- wifi: rtl8xxxu: Rename some registers (bsc#1227149).
- wifi: rtl8xxxu: Select correct queue for beacon frames (bsc#1227149).
- wifi: rtl8xxxu: Set maximum number of supported stations (bsc#1227149).
- wifi: rtl8xxxu: Support USB RX aggregation for the newer chips (bsc#1227149).
- wifi: rtl8xxxu: Support new chip RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: add hw crypto support for AP mode (bsc#1227149).
- wifi: rtl8xxxu: add macids for STA mode (bsc#1227149).
- wifi: rtl8xxxu: add missing number of sec cam entries for all variants (bsc#1227149).
- wifi: rtl8xxxu: check vif before using in rtl8xxxu_tx() (bsc#1227149).
- wifi: rtl8xxxu: convert EN_DESC_ID of TX descriptor to le32 type (bsc#1227149).
- wifi: rtl8xxxu: declare concurrent mode support for 8188f (bsc#1227149).
- wifi: rtl8xxxu: do not parse CFO, if both interfaces are connected in STA mode (bsc#1227149).
- wifi: rtl8xxxu: enable MFP support with security flag of RX descriptor (bsc#1227149).
- wifi: rtl8xxxu: enable channel switch support (bsc#1227149).
- wifi: rtl8xxxu: extend check for matching bssid to both interfaces (bsc#1227149).
- wifi: rtl8xxxu: extend wifi connected check to both interfaces (bsc#1227149).
- wifi: rtl8xxxu: fix error messages (bsc#1227149).
- wifi: rtl8xxxu: fix mixed declarations in rtl8xxxu_set_aifs() (bsc#1227149).
- wifi: rtl8xxxu: make instances of iface limit and combination to be static const (bsc#1227149).
- wifi: rtl8xxxu: make supporting AP mode only on port 0 transparent (bsc#1227149).
- wifi: rtl8xxxu: mark TOTOLINK N150UA V5/N150UA-B as tested (bsc#1227149).
- wifi: rtl8xxxu: prepare supporting two virtual interfaces (bsc#1227149).
- wifi: rtl8xxxu: remove assignment of priv->vif in rtl8xxxu_bss_info_changed() (bsc#1227149).
- wifi: rtl8xxxu: remove obsolete priv->vif (bsc#1227149).
- wifi: rtl8xxxu: rtl8xxxu_rx_complete(): remove unnecessary return (bsc#1227149).
- wifi: rtl8xxxu: support multiple interface in start_ap() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in bss_info_changed() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in configure_filter() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in set_aifs() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in update_beacon_work_callback() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in watchdog_callback() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in {add,remove}_interface() (bsc#1227149).
- wifi: rtl8xxxu: support setting bssid register for multiple interfaces (bsc#1227149).
- wifi: rtl8xxxu: support setting linktype for both interfaces (bsc#1227149).
- wifi: rtl8xxxu: support setting mac address register for both interfaces (bsc#1227149).
- wifi: rtl8xxxu: update rate mask per sta (bsc#1227149).
- wifi: rtlwifi: Convert to use PCIe capability accessors (bsc#1227149).
- wifi: rtlwifi: Ignore IEEE80211_CONF_CHANGE_RETRY_LIMITS (bsc#1227149).
- wifi: rtlwifi: Remove bridge vendor/device ids (bsc#1227149).
- wifi: rtlwifi: Remove rtl_intf_ops.read_efuse_byte (bsc#1227149).
- wifi: rtlwifi: Remove unused PCI related defines and struct (bsc#1227149).
- wifi: rtlwifi: Speed up firmware loading for USB (bsc#1227149).
- wifi: rtlwifi: cleanup USB interface (bsc#1227149).
- wifi: rtlwifi: cleanup few rtlxxx_tx_fill_desc() routines (bsc#1227149).
- wifi: rtlwifi: cleanup few rtlxxxx_set_hw_reg() routines (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_hal (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_phy (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_ps_ctl (bsc#1227149).
- wifi: rtlwifi: drop chk_switch_dmdp() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop fill_fake_txdesc() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop pre_fill_tx_bd_desc() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop unused const_amdpci_aspm (bsc#1227149).
- wifi: rtlwifi: remove misused flag from HAL data (bsc#1227149).
- wifi: rtlwifi: remove unreachable code in rtl92d_dm_check_edca_turbo() (bsc#1227149).
- wifi: rtlwifi: remove unused dualmac control leftovers (bsc#1227149).
- wifi: rtlwifi: remove unused timer and related code (bsc#1227149).
- wifi: rtlwifi: rtl8192cu: Fix 2T2R chip type detection (bsc#1227149).
- wifi: rtlwifi: rtl8192cu: Fix TX aggregation (bsc#1227149).
- wifi: rtlwifi: rtl8192de: Do not read register in _rtl92de_query_rxphystatus (bsc#1227149).
- wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).
- wifi: rtlwifi: rtl8723: Remove unused function rtl8723_cmd_send_packet() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Access full PMCS reg and use pci_regs.h (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Add pdev into _rtl8821ae_clear_pci_pme_status() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Remove unnecessary PME_Status bit set (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Reverse PM Capability exists check (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Use pci_find_capability() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: phy: remove some useless code (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: phy: using calculate_bit_shift() (bsc#1227149).
- wifi: rtlwifi: rtl92ee_dm_dynamic_primary_cca_check(): fix typo in function name (bsc#1227149).
- wifi: rtlwifi: rtl_usb: Store the endpoint addresses (bsc#1227149).
- wifi: rtlwifi: rtl_usb: Use sync register writes (bsc#1227149).
- wifi: rtlwifi: set initial values for unexpected cases of USB endpoint priority (bsc#1227149).
- wifi: rtlwifi: simplify LED management (bsc#1227149).
- wifi: rtlwifi: simplify TX command fill callbacks (bsc#1227149).
- wifi: rtlwifi: simplify rtl_action_proc() and rtl_tx_agg_start() (bsc#1227149).
- wifi: rtlwifi: use convenient list_count_nodes() (bsc#1227149).
- wifi: rtlwifi: use eth_broadcast_addr() to assign broadcast address (bsc#1227149).
- wifi: rtlwifi: use helper function rtl_get_hdr() (bsc#1227149).
- wifi: rtlwifi: use unsigned long for bt_coexist_8723 timestamp (bsc#1227149).
- wifi: rtlwifi: use unsigned long for rtl_bssid_entry timestamp (bsc#1227149).
- wifi: rtw88: 8821c: tweak CCK TX filter setting for SRRC regulation (bsc#1227149).
- wifi: rtw88: 8821c: update TX power limit to V67 (bsc#1227149).
- wifi: rtw88: 8821cu: Fix connection failure (stable-fixes).
- wifi: rtw88: 8822c: update TX power limit to V70 (bsc#1227149).
- wifi: rtw88: 8822ce: refine power parameters for RFE type 5 (bsc#1227149).
- wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU (stable-fixes).
- wifi: rtw88: Add support for the SDIO based RTL8723DS chipset (bsc#1227149).
- wifi: rtw88: Fix AP mode incorrect DTIM behavior (bsc#1227149).
- wifi: rtw88: Fix action frame transmission fail before association (bsc#1227149).
- wifi: rtw88: Skip high queue in hci_flush (bsc#1227149).
- wifi: rtw88: Stop high queue during scan (bsc#1227149).
- wifi: rtw88: Use random MAC when efuse MAC invalid (bsc#1227149).
- wifi: rtw88: add missing unwind goto for __rtw_download_firmware() (bsc#1227149).
- wifi: rtw88: debug: add to check if debug mask is enabled (bsc#1227149).
- wifi: rtw88: debug: remove wrapper of rtw_dbg() (bsc#1227149).
- wifi: rtw88: dump firmware debug information in abnormal state (bsc#1227149).
- wifi: rtw88: fix incorrect error codes in rtw_debugfs_copy_from_user (bsc#1227149).
- wifi: rtw88: fix incorrect error codes in rtw_debugfs_set_* (bsc#1227149).
- wifi: rtw88: fix not entering PS mode after AP stops (bsc#1227149).
- wifi: rtw88: fix typo rtw8822cu_probe (bsc#1227149).
- wifi: rtw88: process VO packets without workqueue to avoid PTK rekey failed (bsc#1227149).
- wifi: rtw88: refine register based H2C command (bsc#1227149).
- wifi: rtw88: regd: configure QATAR and UK (bsc#1227149).
- wifi: rtw88: regd: update regulatory map to R64-R42 (bsc#1227149).
- wifi: rtw88: remove unused USB bulkout size set (bsc#1227149).
- wifi: rtw88: remove unused and set but unused leftovers (bsc#1227149).
- wifi: rtw88: rtw8723d: Implement RTL8723DS (SDIO) efuse parsing (bsc#1227149).
- wifi: rtw88: simplify __rtw_tx_work() (bsc#1227149).
- wifi: rtw88: simplify vif iterators (bsc#1227149).
- wifi: rtw88: use cfg80211_ssid_eq() instead of rtw_ssid_equal() (bsc#1227149).
- wifi: rtw88: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).
- wifi: rtw88: use struct instead of macros to set TX desc (bsc#1227149).
- wifi: rtw89: 52c: rfk: disable DPK during MCC (bsc#1227149).
- wifi: rtw89: 52c: rfk: refine MCC channel info notification (bsc#1227149).
- wifi: rtw89: 8851b: add 8851B basic chip_info (bsc#1227149).
- wifi: rtw89: 8851b: add 8851be to Makefile and Kconfig (bsc#1227149).
- wifi: rtw89: 8851b: add BT coexistence support function (bsc#1227149).
- wifi: rtw89: 8851b: add DLE mem and HFC quota (bsc#1227149).
- wifi: rtw89: 8851b: add MAC configurations to chip_info (bsc#1227149).
- wifi: rtw89: 8851b: add NCTL post table (bsc#1227149).
- wifi: rtw89: 8851b: add RF configurations (bsc#1227149).
- wifi: rtw89: 8851b: add TX power related functions (bsc#1227149).
- wifi: rtw89: 8851b: add basic power on function (bsc#1227149).
- wifi: rtw89: 8851b: add set channel function (bsc#1227149).
- wifi: rtw89: 8851b: add set_channel_rf() (bsc#1227149).
- wifi: rtw89: 8851b: add support WoWLAN to 8851B (bsc#1227149).
- wifi: rtw89: 8851b: add to parse efuse content (bsc#1227149).
- wifi: rtw89: 8851b: add to read efuse version to recognize hardware version B (bsc#1227149).
- wifi: rtw89: 8851b: configure CRASH_TRIGGER feature for 8851B (bsc#1227149).
- wifi: rtw89: 8851b: configure GPIO according to RFE type (bsc#1227149).
- wifi: rtw89: 8851b: configure to force 1 TX power value (bsc#1227149).
- wifi: rtw89: 8851b: enable hw_scan support (bsc#1227149).
- wifi: rtw89: 8851b: fill BB related capabilities to chip_info (bsc#1227149).
- wifi: rtw89: 8851b: rfk: Fix spelling mistake KIP_RESOTRE -> KIP_RESTORE (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add AACK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add DACK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add DPK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add IQK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add LCK track (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add RCK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add RX DCK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add TSSI (bsc#1227149).
- wifi: rtw89: 8851b: rfk: update IQK to version 0x8 (bsc#1227149).
- wifi: rtw89: 8851b: update RF radio A parameters to R28 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R28 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R34 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R37 (bsc#1227149).
- wifi: rtw89: 8851be: add 8851BE PCI entry and fill PCI capabilities (bsc#1227149).
- wifi: rtw89: 8852b: fix definition of KIP register number (git-fixes).
- wifi: rtw89: 8852b: update TX power tables to R35 (bsc#1227149).
- wifi: rtw89: 8852b: update TX power tables to R36 (bsc#1227149).
- wifi: rtw89: 8852c: Fix TSSI causes transmit power inaccuracy (bsc#1227149).
- wifi: rtw89: 8852c: Update bandedge parameters for better performance (bsc#1227149).
- wifi: rtw89: 8852c: add quirk to set PCI BER for certain platforms (bsc#1227149).
- wifi: rtw89: 8852c: declare to support two chanctx (bsc#1227149).
- wifi: rtw89: 8852c: read RX gain offset from efuse for 6GHz channels (bsc#1227149).
- wifi: rtw89: 8852c: update RF radio A/B parameters to R63 (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (1 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (2 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (3 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R67 (bsc#1227149).
- wifi: rtw89: 8922a: add 8922A basic chip info (bsc#1227149).
- wifi: rtw89: 8922a: add BTG functions to assist BT coexistence to control TX/RX (bsc#1227149).
- wifi: rtw89: 8922a: add NCTL pre-settings for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: 8922a: add RF read/write v2 (bsc#1227149).
- wifi: rtw89: 8922a: add SER IMR tables (bsc#1227149).
- wifi: rtw89: 8922a: add TX power related ops (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops related to BB init (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops to get thermal value (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::bb_preinit to enable BB before downloading firmware (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::cfg_txrx_path (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::rfk_hw_init (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::rfk_init_late to do initial RF calibrations later (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::{enable,disable}_bb_rf (bsc#1227149).
- wifi: rtw89: 8922a: add coexistence helpers of SW grant (bsc#1227149).
- wifi: rtw89: 8922a: add helper of set_channel (bsc#1227149).
- wifi: rtw89: 8922a: add ieee80211_ops::hw_scan (bsc#1227149).
- wifi: rtw89: 8922a: add more fields to beacon H2C command to support multi-links (bsc#1227149).
- wifi: rtw89: 8922a: add power on/off functions (bsc#1227149).
- wifi: rtw89: 8922a: add register definitions of H2C, C2H, page, RRSR and EDCCA (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel BB part (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel MAC part (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel RF part (bsc#1227149).
- wifi: rtw89: 8922a: configure CRASH_TRIGGER FW feature (bsc#1227149).
- wifi: rtw89: 8922a: correct register definition and merge IO for ctrl_nbtg_bt_tx() (bsc#1227149).
- wifi: rtw89: 8922a: declare to support two chanctx (bsc#1227149).
- wifi: rtw89: 8922a: dump MAC registers when SER occurs (bsc#1227149).
- wifi: rtw89: 8922a: extend and add quota number (bsc#1227149).
- wifi: rtw89: 8922a: hook handlers of TX/RX descriptors to chip_ops (bsc#1227149).
- wifi: rtw89: 8922a: implement AP mode related reg for BE generation (bsc#1227149).
- wifi: rtw89: 8922a: implement {stop,resume}_sch_tx and cfg_ppdu (bsc#1227149).
- wifi: rtw89: 8922a: read efuse content from physical map (bsc#1227149).
- wifi: rtw89: 8922a: read efuse content via efuse map struct from logic map (bsc#1227149).
- wifi: rtw89: 8922a: rfk: implement chip_ops to call RF calibrations (bsc#1227149).
- wifi: rtw89: 8922a: set RX gain along with set_channel operation (bsc#1227149).
- wifi: rtw89: 8922a: set chip_ops FEM and GPIO to NULL (bsc#1227149).
- wifi: rtw89: 8922a: set memory heap address for secure firmware (bsc#1227149).
- wifi: rtw89: 8922a: update BA CAM number to 24 (bsc#1227149).
- wifi: rtw89: 8922a: update the register used in DIG and the DIG flow (bsc#1227149).
- wifi: rtw89: 8922ae: add 8922AE PCI entry and basic info (bsc#1227149).
- wifi: rtw89: 8922ae: add v2 interrupt handlers for 8922AE (bsc#1227149).
- wifi: rtw89: Add EHT rate mask as parameters of RA H2C command (bsc#1227149).
- wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-fixes).
- wifi: rtw89: Fix clang -Wimplicit-fallthrough in rtw89_query_sar() (bsc#1227149).
- wifi: rtw89: Introduce Time Averaged SAR (TAS) feature (bsc#1227149).
- wifi: rtw89: Refine active scan behavior in 6 GHz (bsc#1227149).
- wifi: rtw89: Set default CQM config if not present (bsc#1227149).
- wifi: rtw89: TX power stuffs replace confusing naming of _max with _num (bsc#1227149).
- wifi: rtw89: Update EHT PHY beamforming capability (bsc#1227149).
- wifi: rtw89: acpi: process 6 GHz band policy from DSM (bsc#1227149).
- wifi: rtw89: add C2H RA event V1 to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add C2H event handlers of RFK log and report (bsc#1227149).
- wifi: rtw89: add CFO XTAL registers field to support 8851B (bsc#1227149).
- wifi: rtw89: add DBCC H2C to notify firmware the status (bsc#1227149).
- wifi: rtw89: add EHT capabilities for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add EHT radiotap in monitor mode (bsc#1227149).
- wifi: rtw89: add EVM and SNR statistics to debugfs (bsc#1227149).
- wifi: rtw89: add EVM for antenna diversity (bsc#1227149).
- wifi: rtw89: add H2C RA command V1 to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add H2C command to download beacon frame for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add RSSI based antenna diversity (bsc#1227149).
- wifi: rtw89: add RSSI statistics for the case of antenna diversity to debugfs (bsc#1227149).
- wifi: rtw89: add XTAL SI for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add chip_info::chip_gen to determine chip generation (bsc#1227149).
- wifi: rtw89: add chip_info::txwd_info size to generalize TX WD submit (bsc#1227149).
- wifi: rtw89: add chip_ops::h2c_ba_cam() to configure BA CAM (bsc#1227149).
- wifi: rtw89: add chip_ops::query_rxdesc() and rxd_len as helpers to support newer chips (bsc#1227149).
- wifi: rtw89: add chip_ops::update_beacon to abstract update beacon operation (bsc#1227149).
- wifi: rtw89: add firmware H2C command of BA CAM V1 (bsc#1227149).
- wifi: rtw89: add firmware parser for v1 format (bsc#1227149).
- wifi: rtw89: add firmware suit for BB MCU 0/1 (bsc#1227149).
- wifi: rtw89: add function prototype for coex request duration (bsc#1227149).
- wifi: rtw89: add mac_gen pointer to access mac port registers (bsc#1227149).
- wifi: rtw89: add mlo_dbcc_mode for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add new H2C command to pause/sleep transmitting by MAC ID (bsc#1227149).
- wifi: rtw89: add new H2C for PS mode in 802.11be chip (bsc#1227149).
- wifi: rtw89: add reserved size as factor of DLE used size (bsc#1227149).
- wifi: rtw89: add subband index of primary channel to struct rtw89_chan (bsc#1227149).
- wifi: rtw89: add to display hardware rates v1 histogram in debugfs (bsc#1227149).
- wifi: rtw89: add to fill TX descriptor for firmware command v2 (bsc#1227149).
- wifi: rtw89: add to fill TX descriptor v2 (bsc#1227149).
- wifi: rtw89: add to parse firmware elements of BB and RF tables (bsc#1227149).
- wifi: rtw89: add to query RX descriptor format v2 (bsc#1227149).
- wifi: rtw89: add tx_wake notify for 8851B (bsc#1227149).
- wifi: rtw89: add wait/completion for abort scan (bsc#1227149).
- wifi: rtw89: adjust init_he_cap() to add EHT cap into iftype_data (bsc#1227149).
- wifi: rtw89: advertise missing extended scan feature (bsc#1227149).
- wifi: rtw89: avoid stringop-overflow warning (bsc#1227149).
- wifi: rtw89: call rtw89_chan_get() by vif chanctx if aware of vif (bsc#1227149).
- wifi: rtw89: chan: MCC take reconfig into account (bsc#1227149).
- wifi: rtw89: chan: add sub-entity swap function to cover replacing (bsc#1227149).
- wifi: rtw89: chan: move handling from add/remove to assign/unassign for MLO (bsc#1227149).
- wifi: rtw89: chan: support MCC on Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: chan: tweak bitmap recalc ahead before MLO (bsc#1227149).
- wifi: rtw89: chan: tweak weight recalc ahead before MLO (bsc#1227149).
- wifi: rtw89: change naming of BA CAM from V1 to V0_EXT (bsc#1227149).
- wifi: rtw89: change qutoa to DBCC by default for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: change supported bandwidths of chip_info to bit mask (bsc#1227149).
- wifi: rtw89: cleanup firmware elements parsing (bsc#1227149).
- wifi: rtw89: cleanup private data structures (bsc#1227149).
- wifi: rtw89: cleanup rtw89_iqk_info and related code (bsc#1227149).
- wifi: rtw89: coex: Add Bluetooth RSSI level information (bsc#1227149).
- wifi: rtw89: coex: Add Pre-AGC control to enhance Wi-Fi RX performance (bsc#1227149).
- wifi: rtw89: coex: Add coexistence policy to decrease WiFi packet CRC-ERR (bsc#1227149).
- wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members (bsc#1227149).
- wifi: rtw89: coex: Record down Wi-Fi initial mode information (bsc#1227149).
- wifi: rtw89: coex: Reorder H2C command index to align with firmware (bsc#1227149).
- wifi: rtw89: coex: Set Bluetooth scan low-priority when Wi-Fi link/scan (bsc#1227149).
- wifi: rtw89: coex: Still show hardware grant signal info even Wi-Fi is PS (bsc#1227149).
- wifi: rtw89: coex: To improve Wi-Fi performance while BT is idle (bsc#1227149).
- wifi: rtw89: coex: Translate antenna configuration from ID to string (bsc#1227149).
- wifi: rtw89: coex: Update BTG control related logic (bsc#1227149).
- wifi: rtw89: coex: Update RF parameter control setting logic (bsc#1227149).
- wifi: rtw89: coex: Update coexistence policy for Wi-Fi LPS (bsc#1227149).
- wifi: rtw89: coex: When Bluetooth not available do not set power/gain (bsc#1227149).
- wifi: rtw89: coex: add BTC ctrl_info version 7 and related logic (bsc#1227149).
- wifi: rtw89: coex: add annotation __counted_by() for struct rtw89_btc_btf_set_slot_table (bsc#1227149).
- wifi: rtw89: coex: add annotation __counted_by() to struct rtw89_btc_btf_set_mon_reg (bsc#1227149).
- wifi: rtw89: coex: add init_info H2C command format version 7 (bsc#1227149).
- wifi: rtw89: coex: add return value to ensure H2C command is success or not (bsc#1227149).
- wifi: rtw89: coex: fix configuration for shared antenna for 8922A (bsc#1227149).
- wifi: rtw89: coex: use struct assignment to replace memcpy() to append TDMA content (bsc#1227149).
- wifi: rtw89: configure PPDU max user by chip (bsc#1227149).
- wifi: rtw89: consider RX info for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: consolidate registers of mac port to struct (bsc#1227149).
- wifi: rtw89: correct PHY register offset for PHY-1 (bsc#1227149).
- wifi: rtw89: correct aSIFSTime for 6GHz band (stable-fixes).
- wifi: rtw89: correct the DCFO tracking flow to improve CFO compensation (bsc#1227149).
- wifi: rtw89: debug: add FW log component for scan (bsc#1227149).
- wifi: rtw89: debug: add debugfs entry to disable dynamic mechanism (bsc#1227149).
- wifi: rtw89: debug: add to check if debug mask is enabled (bsc#1227149).
- wifi: rtw89: debug: remove wrapper of rtw89_debug() (bsc#1227149).
- wifi: rtw89: debug: show txpwr table according to chip gen (bsc#1227149).
- wifi: rtw89: debug: txpwr table access only valid page according to chip (bsc#1227149).
- wifi: rtw89: debug: txpwr table supports Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: declare EXT NSS BW of VHT capability (bsc#1227149).
- wifi: rtw89: declare MCC in interface combination (bsc#1227149).
- wifi: rtw89: define hardware rate v1 for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: differentiate narrow_bw_ru_dis setting according to chip gen (bsc#1227149).
- wifi: rtw89: disable RTS when broadcast/multicast (bsc#1227149).
- wifi: rtw89: download firmware with five times retry (bsc#1227149).
- wifi: rtw89: drop TIMING_BEACON_ONLY and sync beacon TSF by self (bsc#1227149).
- wifi: rtw89: enlarge supported length of read_reg debugfs entry (bsc#1227149).
- wifi: rtw89: extend PHY status parser to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fix HW scan not aborting properly (git-fixes).
- wifi: rtw89: fix HW scan timeout due to TSF sync issue (bsc#1227149).
- wifi: rtw89: fix a width vs precision bug (bsc#1227149).
- wifi: rtw89: fix disabling concurrent mode TX hang issue (bsc#1227149).
- wifi: rtw89: fix misbehavior of TX beacon in concurrent mode (bsc#1227149).
- wifi: rtw89: fix not entering PS mode after AP stops (bsc#1227149).
- wifi: rtw89: fix null pointer access when abort scan (stable-fixes).
- wifi: rtw89: fix spelling typo of IQK debug messages (bsc#1227149).
- wifi: rtw89: fix typo of rtw89_fw_h2c_mcc_macid_bitmap() (bsc#1227149).
- wifi: rtw89: fw: add H2C command to reset CMAC table for WiFi 7 (bsc#1227149).
- wifi: rtw89: fw: add H2C command to reset DMAC table for WiFi 7 (bsc#1227149).
- wifi: rtw89: fw: add H2C command to update security CAM v2 (bsc#1227149).
- wifi: rtw89: fw: add checking type for variant type of firmware (bsc#1227149).
- wifi: rtw89: fw: add chip_ops to update CMAC table to associated station (bsc#1227149).
- wifi: rtw89: fw: add definition of H2C command and C2H event for MRC series (bsc#1227149).
- wifi: rtw89: fw: add version field to BB MCU firmware element (bsc#1227149).
- wifi: rtw89: fw: consider checksum length of security data (bsc#1227149).
- wifi: rtw89: fw: download firmware with key data for secure boot (bsc#1227149).
- wifi: rtw89: fw: extend JOIN H2C command to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: extend program counter dump for Wi-Fi 7 chip (bsc#1227149).
- wifi: rtw89: fw: fill CMAC table to associated station for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: generalize download firmware flow by mac_gen pointers (bsc#1227149).
- wifi: rtw89: fw: implement MRC H2C command functions (bsc#1227149).
- wifi: rtw89: fw: implement supported functions of download firmware for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: load TX power track tables from fw_element (bsc#1227149).
- wifi: rtw89: fw: move polling function of firmware path ready to an individual function (bsc#1227149).
- wifi: rtw89: fw: parse secure section from firmware file (bsc#1227149).
- wifi: rtw89: fw: propagate an argument include_bb for BB MCU firmware (bsc#1227149).
- wifi: rtw89: fw: read firmware secure information from efuse (bsc#1227149).
- wifi: rtw89: fw: refine download flow to support variant firmware suits (bsc#1227149).
- wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband (bsc#1227149).
- wifi: rtw89: fw: update TX AMPDU parameter to CMAC table (bsc#1227149).
- wifi: rtw89: fw: use struct to fill BA CAM H2C commands (bsc#1227149).
- wifi: rtw89: fw: use struct to fill JOIN H2C command (bsc#1227149).
- wifi: rtw89: get data rate mode/NSS/MCS v1 from RX descriptor (bsc#1227149).
- wifi: rtw89: indicate TX power by rate table inside RFE parameter (bsc#1227149).
- wifi: rtw89: indicate TX shape table inside RFE parameter (bsc#1227149).
- wifi: rtw89: initialize antenna for antenna diversity (bsc#1227149).
- wifi: rtw89: initialize multi-channel handling (bsc#1227149).
- wifi: rtw89: introduce infrastructure of firmware elements (bsc#1227149).
- wifi: rtw89: introduce realtek ACPI DSM method (bsc#1227149).
- wifi: rtw89: introduce v1 format of firmware header (bsc#1227149).
- wifi: rtw89: load BB parameters to PHY-1 (bsc#1227149).
- wifi: rtw89: load RFK log format string from firmware file (bsc#1227149).
- wifi: rtw89: load TX power by rate when RFE parms setup (bsc#1227149).
- wifi: rtw89: load TX power related tables from FW elements (bsc#1227149).
- wifi: rtw89: mac: Fix spelling mistakes "notfify" -> "notify" (bsc#1227149).
- wifi: rtw89: mac: add coexistence helpers {cfg/get}_plt (bsc#1227149).
- wifi: rtw89: mac: add feature_init to initialize BA CAM V1 (bsc#1227149).
- wifi: rtw89: mac: add flags to check if CMAC and DMAC are enabled (bsc#1227149).
- wifi: rtw89: mac: add mac_gen_def::band1_offset to map MAC band1 register address (bsc#1227149).
- wifi: rtw89: mac: add registers of MU-EDCA parameters for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add suffix _ax to MAC functions (bsc#1227149).
- wifi: rtw89: mac: add sys_init and filter option for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add to access efuse for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add to get DLE reserved quota (bsc#1227149).
- wifi: rtw89: mac: check queue empty according to chip gen (bsc#1227149).
- wifi: rtw89: mac: correct MUEDCA setting for MAC-1 (bsc#1227149).
- wifi: rtw89: mac: define internal memory address for WiFi 7 chip (bsc#1227149).
- wifi: rtw89: mac: define register address of rx_filter to generalize code (bsc#1227149).
- wifi: rtw89: mac: do bf_monitor only if WiFi 6 chips (bsc#1227149).
- wifi: rtw89: mac: functions to configure hardware engine and quota for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: generalize code to indirectly access WiFi internal memory (bsc#1227149).
- wifi: rtw89: mac: generalize register of MU-EDCA switch according to chip gen (bsc#1227149).
- wifi: rtw89: mac: get TX power control register according to chip gen (bsc#1227149).
- wifi: rtw89: mac: handle C2H receive/done ACK in interrupt context (bsc#1227149).
- wifi: rtw89: mac: implement MRC C2H event handling (bsc#1227149).
- wifi: rtw89: mac: implement to configure TX/RX engines for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: move code related to hardware engine to individual functions (bsc#1227149).
- wifi: rtw89: mac: refine SER setting during WiFi CPU power on (bsc#1227149).
- wifi: rtw89: mac: reset PHY-1 hardware when going to enable/disable (bsc#1227149).
- wifi: rtw89: mac: return held quota of DLE when changing MAC-1 (bsc#1227149).
- wifi: rtw89: mac: set bf_assoc capabilities according to chip gen (bsc#1227149).
- wifi: rtw89: mac: set bfee_ctrl() according to chip gen (bsc#1227149).
- wifi: rtw89: mac: update RTS threshold according to chip gen (bsc#1227149).
- wifi: rtw89: mac: use mac_gen pointer to access about efuse (bsc#1227149).
- wifi: rtw89: mac: use pointer to access functions of hardware engine and quota (bsc#1227149).
- wifi: rtw89: mcc: consider and determine BT duration (bsc#1227149).
- wifi: rtw89: mcc: deal with BT slot change (bsc#1227149).
- wifi: rtw89: mcc: deal with P2P PS change (bsc#1227149).
- wifi: rtw89: mcc: deal with beacon NoA if GO exists (bsc#1227149).
- wifi: rtw89: mcc: decide pattern and calculate parameters (bsc#1227149).
- wifi: rtw89: mcc: fill fundamental configurations (bsc#1227149).
- wifi: rtw89: mcc: fix NoA start time when GO is auxiliary (bsc#1227149).
- wifi: rtw89: mcc: initialize start flow (bsc#1227149).
- wifi: rtw89: mcc: track beacon offset and update when needed (bsc#1227149).
- wifi: rtw89: mcc: trigger FW to start/stop MCC (bsc#1227149).
- wifi: rtw89: mcc: update role bitmap when changed (bsc#1227149).
- wifi: rtw89: modify the register setting and the flow of CFO tracking (bsc#1227149).
- wifi: rtw89: move software DCFO compensation setting to proper position (bsc#1227149).
- wifi: rtw89: only reset BB/RF for existing WiFi 6 chips while starting up (bsc#1227149).
- wifi: rtw89: packet offload wait for FW response (bsc#1227149).
- wifi: rtw89: parse EHT information from RX descriptor and PPDU status packet (bsc#1227149).
- wifi: rtw89: parse TX EHT rate selected by firmware from RA C2H report (bsc#1227149).
- wifi: rtw89: parse and print out RFK log from C2H events (bsc#1227149).
- wifi: rtw89: pause/proceed MCC for ROC and HW scan (bsc#1227149).
- wifi: rtw89: pci: add LTR v2 for WiFi 7 chip (bsc#1227149).
- wifi: rtw89: pci: add PCI generation information to pci_info for each chip (bsc#1227149).
- wifi: rtw89: pci: add new RX ring design to determine full RX ring efficiently (bsc#1227149).
- wifi: rtw89: pci: add pre_deinit to be called after probe complete (bsc#1227149).
- wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command (git-fixes).
- wifi: rtw89: pci: correct interrupt mitigation register for 8852CE (bsc#1227149).
- wifi: rtw89: pci: define PCI ring address for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor (stable-fixes).
- wifi: rtw89: pci: fix interrupt enable mask for HALT C2H of RTL8851B (bsc#1227149).
- wifi: rtw89: pci: generalize code of PCI control DMA IO for WiFi 7 (bsc#1227149).
- wifi: rtw89: pci: generalize interrupt status bits of interrupt handlers (bsc#1227149).
- wifi: rtw89: pci: implement PCI CLK/ASPM/L1SS for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: implement PCI mac_post_init for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: implement PCI mac_pre_init for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: interrupt v2 refine IMR for SER (bsc#1227149).
- wifi: rtw89: pci: reset BDRAM according to chip gen (bsc#1227149).
- wifi: rtw89: pci: stop/start DMA for level 1 recovery according to chip gen (bsc#1227149).
- wifi: rtw89: pci: update SER timer unit and timeout time (bsc#1227149).
- wifi: rtw89: pci: update interrupt mitigation register for 8922AE (bsc#1227149).
- wifi: rtw89: pci: use DBI function for 8852AE/8852BE/8851BE (bsc#1227149).
- wifi: rtw89: pci: use gen_def pointer to configure mac_{pre,post}_init and clear PCI ring index (bsc#1227149).
- wifi: rtw89: pci: validate RX tag for RXQ and RPQ (bsc#1227149).
- wifi: rtw89: phy: add BB wrapper of TX power for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: phy: add parser to support RX gain dynamic setting flow (bsc#1227149).
- wifi: rtw89: phy: add phy_gen_def::cr_base to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: phy: change naming related BT coexistence functions (bsc#1227149).
- wifi: rtw89: phy: dynamically adjust EDCCA threshold (bsc#1227149).
- wifi: rtw89: phy: extend TX power common stuffs for Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: phy: generalize valid bit of BSS color (bsc#1227149).
- wifi: rtw89: phy: ignore special data from BB parameter file (bsc#1227149).
- wifi: rtw89: phy: modify register setting of ENV_MNTR, PHYSTS and DIG (bsc#1227149).
- wifi: rtw89: phy: move bb_gain_info used by WiFi 6 chips to union (bsc#1227149).
- wifi: rtw89: phy: print out RFK log with formatted string (bsc#1227149).
- wifi: rtw89: phy: rate pattern handles HW rate by chip gen (bsc#1227149).
- wifi: rtw89: phy: refine helpers used for raw TX power (bsc#1227149).
- wifi: rtw89: phy: set TX power RU limit according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power by rate according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power limit according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power offset according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set channel_info for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: prepare scan leaf functions for wifi 7 ICs (bsc#1227149).
- wifi: rtw89: process regulatory for 6 GHz power type (bsc#1227149).
- wifi: rtw89: provide functions to configure NoA for beacon update (bsc#1227149).
- wifi: rtw89: recognize log format from firmware file (bsc#1227149).
- wifi: rtw89: reference quota mode when setting Tx power (bsc#1227149).
- wifi: rtw89: refine H2C command that pause transmitting by MAC ID (bsc#1227149).
- wifi: rtw89: refine add_chan H2C command to encode_bits (bsc#1227149).
- wifi: rtw89: refine bandwidth 160MHz uplink OFDMA performance (bsc#1227149).
- wifi: rtw89: refine clearing supported bands to check 2/5 GHz first (bsc#1227149).
- wifi: rtw89: refine element naming used by queue empty check (bsc#1227149).
- wifi: rtw89: refine hardware scan C2H events (bsc#1227149).
- wifi: rtw89: refine packet offload delete flow of 6 GHz probe (bsc#1227149).
- wifi: rtw89: refine packet offload handling under SER (bsc#1227149).
- wifi: rtw89: refine remain on channel flow to improve P2P connection (bsc#1227149).
- wifi: rtw89: refine rtw89_correct_cck_chan() by rtw89_hw_to_nl80211_band() (bsc#1227149).
- wifi: rtw89: refine uplink trigger based control mechanism (bsc#1227149).
- wifi: rtw89: regd: configure Thailand in regulation type (bsc#1227149).
- wifi: rtw89: regd: handle policy of 6 GHz according to BIOS (bsc#1227149).
- wifi: rtw89: regd: judge 6 GHz according to chip and BIOS (bsc#1227149).
- wifi: rtw89: regd: judge UNII-4 according to BIOS and chip (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R64-R40 (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R64-R43 (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R65-R44 (bsc#1227149).
- wifi: rtw89: release bit in rtw89_fw_h2c_del_pkt_offload() (bsc#1227149).
- wifi: rtw89: return failure if needed firmware elements are not recognized (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger DACK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger DPK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger IQK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger RX DCK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger TSSI (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger TXGAPK (bsc#1227149).
- wifi: rtw89: rfk: add a completion to wait RF calibration report from C2H event (bsc#1227149).
- wifi: rtw89: rfk: disable driver tracking during MCC (bsc#1227149).
- wifi: rtw89: rfk: send channel information to firmware for RF calibrations (bsc#1227149).
- wifi: rtw89: sar: let caller decide the center frequency to query (bsc#1227149).
- wifi: rtw89: scan offload wait for FW done ACK (bsc#1227149).
- wifi: rtw89: ser: L1 add pre-M0 and post-M0 states (bsc#1227149).
- wifi: rtw89: ser: reset total_sta_assoc and tdls_peer when L2 (bsc#1227149).
- wifi: rtw89: set TX power without precondition during setting channel (bsc#1227149).
- wifi: rtw89: set capability of TX antenna diversity (bsc#1227149).
- wifi: rtw89: set entry size of address CAM to H2C field by chip (bsc#1227149).
- wifi: rtw89: show EHT rate in debugfs (bsc#1227149).
- wifi: rtw89: support U-NII-4 channels on 5GHz band (bsc#1227149).
- wifi: rtw89: support firmware log with formatted text (bsc#1227149).
- wifi: rtw89: suppress the log for specific SER called CMDPSR_FRZTO (bsc#1227149).
- wifi: rtw89: tweak H2C TX waiting function for SER (bsc#1227149).
- wifi: rtw89: update DMA function with different generation (bsc#1227149).
- wifi: rtw89: update ps_state register for chips with different generation (bsc#1227149).
- wifi: rtw89: update scan C2H messages for wifi 7 IC (bsc#1227149).
- wifi: rtw89: update suspend/resume for different generation (bsc#1227149).
- wifi: rtw89: use PLCP information to match BSS_COLOR and AID (bsc#1227149).
- wifi: rtw89: use chip_info::small_fifo_size to choose debug_mask (bsc#1227149).
- wifi: rtw89: use flexible array member in rtw89_btc_btf_tlv (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits to access RX info (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits() to access RX descriptor (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits() to access received PHY status IEs (bsc#1227149).
- wifi: rtw89: use struct rtw89_phy_sts_ie0 instead of macro to access PHY IE0 status (bsc#1227149).
- wifi: rtw89: use struct to access RA report (bsc#1227149).
- wifi: rtw89: use struct to access firmware C2H event header (bsc#1227149).
- wifi: rtw89: use struct to access register-based H2C/C2H (bsc#1227149).
- wifi: rtw89: use struct to fill H2C command to download beacon frame (bsc#1227149).
- wifi: rtw89: use struct to parse firmware header (bsc#1227149).
- wifi: rtw89: use struct to set RA H2C command (bsc#1227149).
- wifi: rtw89: wow: move release offload packet earlier for WoWLAN mode (bsc#1227149).
- wifi: rtw89: wow: refine WoWLAN flows of HCI interrupts and low power mode (bsc#1227149).
- wifi: rtw89: wow: set security engine options for 802.11ax chips only (bsc#1227149).
- wifi: rtw89: wow: update WoWLAN reason register for different chips (bsc#1227149).
- wifi: rtw89: wow: update WoWLAN status register for different generation (bsc#1227149).
- wifi: rtw89: wow: update config mac function with different generation (bsc#1227149).
- wifi: ti: wlcore: sdio: Drop unused include (bsc#1227149).
- wifi: virt_wifi: avoid reporting connection success with wrong SSID (git-fixes).
- wifi: virt_wifi: do not use strlen() in const context (git-fixes).
- wifi: wcn36xx: Annotate struct wcn36xx_hal_ind_msg with __counted_by (bsc#1227149).
- wifi: wcn36xx: Convert to platform remove callback returning void (bsc#1227149).
- wifi: wcn36xx: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: wext: avoid extra calls to strlen() in ieee80211_bss() (bsc#1227149).
- wifi: wfx: Use devm_kmemdup to replace devm_kmalloc + memcpy (bsc#1227149).
- wifi: wfx: allow to send frames during ROC (bsc#1227149).
- wifi: wfx: fix power_save setting when AP is stopped (bsc#1227149).
- wifi: wfx: implement wfx_remain_on_channel() (bsc#1227149).
- wifi: wfx: introduce hif_scan_uniq() (bsc#1227149).
- wifi: wfx: move wfx_skb_*() out of the header file (bsc#1227149).
- wifi: wfx: relocate wfx_rate_mask_to_hw() (bsc#1227149).
- wifi: wfx: scan_lock is global to the device (bsc#1227149).
- wifi: wfx: simplify exclusion between scan and Rx filters (bsc#1227149).
- wifi: wil6210: fw: Replace zero-length arrays with DECLARE_FLEX_ARRAY() helper (bsc#1227149).
- wifi: wil6210: wmi: Replace zero-length array with DECLARE_FLEX_ARRAY() helper (bsc#1227149).
- wifi: wilc1000: Increase ASSOC response buffer (bsc#1227149).
- wifi: wilc1000: Remove unused declarations (bsc#1227149).
- wifi: wilc1000: add SPI commands retry mechanism (bsc#1227149).
- wifi: wilc1000: add back-off algorithm to balance tx queue packets (bsc#1227149).
- wifi: wilc1000: add missing read critical sections around vif list traversal (bsc#1227149).
- wifi: wilc1000: always release SDIO host in wilc_sdio_cmd53() (bsc#1227149).
- wifi: wilc1000: cleanup struct wilc_conn_info (bsc#1227149).
- wifi: wilc1000: correct CRC7 calculation (bsc#1227149).
- wifi: wilc1000: fix declarations ordering (bsc#1227149).
- wifi: wilc1000: fix driver_handler when committing initial configuration (bsc#1227149).
- wifi: wilc1000: fix ies_len type in connect path (git-fixes).
- wifi: wilc1000: fix incorrect power down sequence (bsc#1227149).
- wifi: wilc1000: remove AKM suite be32 conversion for external auth request (bsc#1227149).
- wifi: wilc1000: remove setting msg.spi (bsc#1227149).
- wifi: wilc1000: remove use of has_thrpt_enh3 flag (bsc#1227149).
- wifi: wilc1000: set preamble size to auto as default in wilc_init_fw_config() (bsc#1227149).
- wifi: wilc1000: simplify remain on channel support (bsc#1227149).
- wifi: wilc1000: simplify wilc_scan() (bsc#1227149).
- wifi: wilc1000: split deeply nested RCU list traversal in dedicated helper (bsc#1227149).
- wifi: wilc1000: use SRCU instead of RCU for vif list traversal (bsc#1227149).
- wifi: wilc1000: validate chip id during bus probe (bsc#1227149).
- wifi: wl1251: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wl18xx: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: boot: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: main: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: sdio: Rate limit wl12xx_sdio_raw_{read,write}() failures warns (bsc#1227149).
- wifi: wlcore: sdio: Use module_sdio_driver macro to simplify the code (bsc#1227149).
- wifi: zd1211rw: fix typo "tranmits" (bsc#1227149).
- wifi: zd1211rw: remove __nocast from zd_addr_t (bsc#1227149).
- wifi: zd1211rw: silence sparse warnings (bsc#1227149).
- wireguard: netlink: access device through ctx instead of peer (git-fixes).
- wireguard: netlink: check for dangling peer via is_dead instead of empty list (git-fixes).
- wireguard: receive: annotate data-race around receiving_counter.counter (git-fixes).
- wlcore: spi: Remove redundant of_match_ptr() (bsc#1227149).
- work around gcc bugs with 'asm goto' with outputs (git-fixes).
- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).
- x86/amd_nb: Check for invalid SMN reads (git-fixes).
- x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-fixes).
- x86/asm: Fix build of UML with KASAN (git-fixes).
- x86/asm: Remove the __iomem annotation of movdir64b()'s dst argument (git-fixes).
- x86/bhi: Avoid warning in #DB handler due to BHI mitigation :(git-fixes).
- x86/boot: Ignore NMIs during very early boot (git-fixes).
- x86/bugs: Fix BHI retpoline check (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- x86/bugs: Remove default case for fully switched enums (git-fixes).
- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-fixes).
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).
- x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).
- x86/cpu: Provide default cache line size if not enumerated (git-fixes).
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
- x86/csum: Fix clang -Wuninitialized in csum_partial() (git-fixes).
- x86/csum: Improve performance of `csum_partial` (git-fixes).
- x86/csum: Remove unnecessary odd handling (git-fixes).
- x86/csum: clean up `csum_partial' further (git-fixes).
- x86/efistub: Add missing boot_params for mixed mode compat entry (git-fixes).
- x86/efistub: Call mixed mode boot services on the firmware's stack (git-fixes).
- x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes).
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- x86/head/64: Move the __head definition to <asm/init.h> (git-fixes).
- x86/hyperv: Allow 15-bit APIC IDs for VTL platforms (git-fixes).
- x86/hyperv: Use per cpu initial stack for vtl context (git-fixes).
- x86/insn: Add VEX versions of VPDPBUSD, VPDPBUSDS, VPDPWSSD and VPDPWSSDS (git-fixes).
- x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes).
- x86/kconfig: Add as-instr64 macro to properly evaluate AS_WRUSS (git-fixes).
- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (git-fixes).
- x86/kexec: Fix bug with call depth tracking (git-fixes).
- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).
- x86/mce: Dynamically size space for machine check records (bsc#1222241).
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
- x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel (git-fixes).
- x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes).
- x86/nmi: Fix the inverse "in NMI handler" check (git-fixes).
- x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).
- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).
- x86/purgatory: Switch to the position-independent small code model (git-fixes).
- x86/resctrl: Read supported bandwidth sources from CPUID (git-fixes).
- x86/resctrl: Remove redundant variable in mbm_config_write_domain() (git-fixes).
- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).
- x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-fixes).
- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).
- x86/sev: Fix position dependent variable references in startup code (git-fixes).
- x86/shstk: Make return uprobe work with shadow stack (git-fixes).
- x86/speculation, objtool: Use absolute relocations for annotations (git-fixes).
- x86/srso: Disentangle rethunk-dependent options (git-fixes).
- x86/srso: Fix unret validation dependencies (git-fixes).
- x86/srso: Improve i-cache locality for alias mitigation (git-fixes).
- x86/srso: Print actual mitigation if requested mitigation isn't possible (git-fixes).
- x86/srso: Remove 'pred_cmd' label (git-fixes).
- x86/srso: Unexport untraining functions (git-fixes).
- x86/tdx: Preserve shared bit on mprotect() (git-fixes).
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
- x86/uaccess: Fix missed zeroing of ia32 u64 get_user() range checking (git-fixes).
- x86/xen: Add some null pointer checking to smp.c (git-fixes).
- x86/xen: attempt to inflate the memory balloon on PVH (git-fixes).
- x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502)
- xdp, bonding: Fix feature flags when there are no slave devs anymore (git-fixes).
- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
- xen/events: drop xen_allocate_irqs_dynamic() (git-fixes).
- xen/events: fix error code in xen_bind_pirq_msi_to_irq() (git-fixes).
- xen/events: increment refcnt only if event channel is refcounted (git-fixes).
- xen/events: modify internal [un]bind interfaces (git-fixes).
- xen/events: reduce externally visible helper functions (git-fixes).
- xen/events: remove some simple helpers from events_base.c (git-fixes).
- xen/evtchn: avoid WARN() when unbinding an event channel (git-fixes).
- xen/x86: add extra pages to unpopulated-alloc if available (git-fixes).
- xen: evtchn: Allow shared registration of IRQ handers (git-fixes).
- xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228211).
- xfs: add lock protection when remove perag from radix tree (git-fixes).
- xfs: allow extent free intents to be retried (git-fixes).
- xfs: fix perag leak when growfs fails (git-fixes).
- xfs: force all buffers to be written during btree bulk load (git-fixes).
- xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-fixes).
- xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).
- xfs: recompute growfsrtfree transaction reservation while growing rt volume (git-fixes).
- xfs: transfer recovered intent item ownership in ->iop_recover (git-fixes).
- xfs: use roundup_pow_of_two instead of ffs during xlog_find_tail (git-fixes).
- xfs: use xfs_defer_pending objects to recover intent items (git-fixes).
- xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Handle TD clearing for multiple streams case (git-fixes).
- xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes).
- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).
- xhci: add helper that checks for unhandled events on a event ring (git-fixes).
- xhci: always resume roothubs if xHC was reset during resume (stable-fixes).
- xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event() (git-fixes).
- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1141539SUSE bug 1181674SUSE bug 1186716SUSE bug 1187716SUSE bug 1193599SUSE bug 1194869SUSE bug 1195775SUSE bug 1204562SUSE bug 1207948SUSE bug 1208593SUSE bug 1209657SUSE bug 1209834SUSE bug 1213573SUSE bug 1214852SUSE bug 1215199SUSE bug 1215587SUSE bug 1216196SUSE bug 1216358SUSE bug 1216702SUSE bug 1217169SUSE bug 1217384SUSE bug 1217408SUSE bug 1217481SUSE bug 1217489SUSE bug 1217750SUSE bug 1217912SUSE bug 1217959SUSE bug 1218205SUSE bug 1218336SUSE bug 1218442SUSE bug 1218447SUSE bug 1218562SUSE bug 1218730SUSE bug 1218779SUSE bug 1218820SUSE bug 1218917SUSE bug 1219104SUSE bug 1219170SUSE bug 1219224SUSE bug 1219451SUSE bug 1219478SUSE bug 1219485SUSE bug 1219596SUSE bug 1219623SUSE bug 1219633SUSE bug 1219832SUSE bug 1219834SUSE bug 1219847SUSE bug 1219953SUSE bug 1220021SUSE bug 1220045SUSE bug 1220120SUSE bug 1220138SUSE bug 1220148SUSE bug 1220328SUSE bug 1220342SUSE bug 1220427SUSE bug 1220428SUSE bug 1220430SUSE bug 1220569SUSE bug 1220587SUSE bug 1220738SUSE bug 1220783SUSE bug 1220915SUSE bug 1220942SUSE bug 1221044SUSE bug 1221057SUSE bug 1221086SUSE bug 1221293SUSE bug 1221303SUSE bug 1221504SUSE bug 1221612SUSE bug 1221615SUSE bug 1221635SUSE bug 1221645SUSE bug 1221647SUSE bug 1221649SUSE bug 1221654SUSE bug 1221656SUSE bug 1221659SUSE bug 1221765SUSE bug 1221777SUSE bug 1221783SUSE bug 1221816SUSE bug 1221829SUSE bug 1221830SUSE bug 1221858SUSE bug 1221958SUSE bug 1222011SUSE bug 1222015SUSE bug 1222080SUSE bug 1222173SUSE bug 1222241SUSE bug 1222264SUSE bug 1222273SUSE bug 1222294SUSE bug 1222301SUSE bug 1222303SUSE bug 1222304SUSE bug 1222307SUSE bug 1222326SUSE bug 1222328SUSE bug 1222357SUSE bug 1222366SUSE bug 1222368SUSE bug 1222371SUSE bug 1222378SUSE bug 1222380SUSE bug 1222385SUSE bug 1222422SUSE bug 1222426SUSE bug 1222428SUSE bug 1222437SUSE bug 1222438SUSE bug 1222445SUSE bug 1222459SUSE bug 1222463SUSE bug 1222464SUSE bug 1222489SUSE bug 1222522SUSE bug 1222525SUSE bug 1222532SUSE bug 1222557SUSE bug 1222559SUSE bug 1222563SUSE bug 1222585SUSE bug 1222588SUSE bug 1222596SUSE bug 1222606SUSE bug 1222608SUSE bug 1222613SUSE bug 1222615SUSE bug 1222617SUSE bug 1222618SUSE bug 1222619SUSE bug 1222622SUSE bug 1222624SUSE bug 1222627SUSE bug 1222630SUSE bug 1222635SUSE bug 1222654SUSE bug 1222721SUSE bug 1222727SUSE bug 1222768SUSE bug 1222769SUSE bug 1222771SUSE bug 1222775SUSE bug 1222777SUSE bug 1222779SUSE bug 1222780SUSE bug 1222782SUSE bug 1222793SUSE bug 1222799SUSE bug 1222801SUSE bug 1222809SUSE bug 1222810SUSE bug 1222893SUSE bug 1222968SUSE bug 1223007SUSE bug 1223010SUSE bug 1223011SUSE bug 1223015SUSE bug 1223016SUSE bug 1223018SUSE bug 1223020SUSE bug 1223021SUSE bug 1223023SUSE bug 1223024SUSE bug 1223033SUSE bug 1223034SUSE bug 1223035SUSE bug 1223038SUSE bug 1223039SUSE bug 1223041SUSE bug 1223045SUSE bug 1223046SUSE bug 1223051SUSE bug 1223052SUSE bug 1223058SUSE bug 1223060SUSE bug 1223061SUSE bug 1223062SUSE bug 1223076SUSE bug 1223077SUSE bug 1223084SUSE bug 1223111SUSE bug 1223113SUSE bug 1223138SUSE bug 1223143SUSE bug 1223187SUSE bug 1223189SUSE bug 1223190SUSE bug 1223191SUSE bug 1223198SUSE bug 1223202SUSE bug 1223265SUSE bug 1223285SUSE bug 1223315SUSE bug 1223338SUSE bug 1223369SUSE bug 1223380SUSE bug 1223384SUSE bug 1223390SUSE bug 1223439SUSE bug 1223462SUSE bug 1223532SUSE bug 1223539SUSE bug 1223570SUSE bug 1223575SUSE bug 1223590SUSE bug 1223591SUSE bug 1223592SUSE bug 1223593SUSE bug 1223625SUSE bug 1223626SUSE bug 1223627SUSE bug 1223629SUSE bug 1223631SUSE bug 1223632SUSE bug 1223633SUSE bug 1223634SUSE bug 1223637SUSE bug 1223638SUSE bug 1223641SUSE bug 1223642SUSE bug 1223643SUSE bug 1223644SUSE bug 1223645SUSE bug 1223646SUSE bug 1223648SUSE bug 1223649SUSE bug 1223650SUSE bug 1223651SUSE bug 1223652SUSE bug 1223653SUSE bug 1223654SUSE bug 1223655SUSE bug 1223657SUSE bug 1223660SUSE bug 1223661SUSE bug 1223663SUSE bug 1223664SUSE bug 1223665SUSE bug 1223666SUSE bug 1223667SUSE bug 1223668SUSE bug 1223669SUSE bug 1223670SUSE bug 1223671SUSE bug 1223675SUSE bug 1223677SUSE bug 1223678SUSE bug 1223679SUSE bug 1223686SUSE bug 1223692SUSE bug 1223693SUSE bug 1223695SUSE bug 1223696SUSE bug 1223698SUSE bug 1223699SUSE bug 1223705SUSE bug 1223709SUSE bug 1223711SUSE bug 1223712SUSE bug 1223714SUSE bug 1223715SUSE bug 1223717SUSE bug 1223718SUSE bug 1223723SUSE bug 1223725SUSE bug 1223728SUSE bug 1223731SUSE bug 1223732SUSE bug 1223734SUSE bug 1223735SUSE bug 1223737SUSE bug 1223738SUSE bug 1223739SUSE bug 1223740SUSE bug 1223741SUSE bug 1223744SUSE bug 1223745SUSE bug 1223747SUSE bug 1223748SUSE bug 1223749SUSE bug 1223750SUSE bug 1223752SUSE bug 1223754SUSE bug 1223756SUSE bug 1223757SUSE bug 1223759SUSE bug 1223760SUSE bug 1223761SUSE bug 1223762SUSE bug 1223764SUSE bug 1223765SUSE bug 1223768SUSE bug 1223769SUSE bug 1223770SUSE bug 1223774SUSE bug 1223776SUSE bug 1223778SUSE bug 1223779SUSE bug 1223780SUSE bug 1223781SUSE bug 1223782SUSE bug 1223787SUSE bug 1223788SUSE bug 1223789SUSE bug 1223790SUSE bug 1223802SUSE bug 1223804SUSE bug 1223805SUSE bug 1223806SUSE bug 1223807SUSE bug 1223808SUSE bug 1223810SUSE bug 1223813SUSE bug 1223815SUSE bug 1223816SUSE bug 1223819SUSE bug 1223821SUSE bug 1223822SUSE bug 1223823SUSE bug 1223824SUSE bug 1223826SUSE bug 1223827SUSE bug 1223828SUSE bug 1223829SUSE bug 1223831SUSE bug 1223834SUSE bug 1223836SUSE bug 1223837SUSE bug 1223838SUSE bug 1223842SUSE bug 1223843SUSE bug 1223844SUSE bug 1223847SUSE bug 1223863SUSE bug 1223869SUSE bug 1223870SUSE bug 1223871SUSE bug 1223872SUSE bug 1223874SUSE bug 1223944SUSE bug 1223945SUSE bug 1223946SUSE bug 1223991SUSE bug 1224049SUSE bug 1224076SUSE bug 1224096SUSE bug 1224098SUSE bug 1224099SUSE bug 1224137SUSE bug 1224166SUSE bug 1224174SUSE bug 1224177SUSE bug 1224180SUSE bug 1224181SUSE bug 1224187SUSE bug 1224331SUSE bug 1224348SUSE bug 1224414SUSE bug 1224422SUSE bug 1224423SUSE bug 1224429SUSE bug 1224430SUSE bug 1224432SUSE bug 1224433SUSE bug 1224437SUSE bug 1224438SUSE bug 1224439SUSE bug 1224442SUSE bug 1224443SUSE bug 1224445SUSE bug 1224449SUSE bug 1224477SUSE bug 1224479SUSE bug 1224480SUSE bug 1224481SUSE bug 1224482SUSE bug 1224486SUSE bug 1224487SUSE bug 1224488SUSE bug 1224490SUSE bug 1224491SUSE bug 1224492SUSE bug 1224493SUSE bug 1224494SUSE bug 1224495SUSE bug 1224497SUSE bug 1224498SUSE bug 1224499SUSE bug 1224500SUSE bug 1224501SUSE bug 1224502SUSE bug 1224504SUSE bug 1224505SUSE bug 1224506SUSE bug 1224507SUSE bug 1224508SUSE bug 1224509SUSE bug 1224511SUSE bug 1224512SUSE bug 1224513SUSE bug 1224515SUSE bug 1224516SUSE bug 1224517SUSE bug 1224519SUSE bug 1224520SUSE bug 1224521SUSE bug 1224523SUSE bug 1224524SUSE bug 1224525SUSE bug 1224526SUSE bug 1224530SUSE bug 1224531SUSE bug 1224534SUSE bug 1224537SUSE bug 1224539SUSE bug 1224540SUSE bug 1224541SUSE bug 1224542SUSE bug 1224543SUSE bug 1224544SUSE bug 1224545SUSE bug 1224546SUSE bug 1224549SUSE bug 1224550SUSE bug 1224552SUSE bug 1224553SUSE bug 1224555SUSE bug 1224557SUSE bug 1224558SUSE bug 1224559SUSE bug 1224562SUSE bug 1224565SUSE bug 1224566SUSE bug 1224567SUSE bug 1224568SUSE bug 1224569SUSE bug 1224571SUSE bug 1224572SUSE bug 1224573SUSE bug 1224575SUSE bug 1224576SUSE bug 1224577SUSE bug 1224578SUSE bug 1224579SUSE bug 1224580SUSE bug 1224581SUSE bug 1224582SUSE bug 1224583SUSE bug 1224584SUSE bug 1224585SUSE bug 1224586SUSE bug 1224587SUSE bug 1224588SUSE bug 1224589SUSE bug 1224592SUSE bug 1224596SUSE bug 1224598SUSE bug 1224600SUSE bug 1224601SUSE bug 1224602SUSE bug 1224603SUSE bug 1224604SUSE bug 1224605SUSE bug 1224606SUSE bug 1224607SUSE bug 1224608SUSE bug 1224609SUSE bug 1224611SUSE bug 1224612SUSE bug 1224613SUSE bug 1224614SUSE bug 1224615SUSE bug 1224617SUSE bug 1224618SUSE bug 1224619SUSE bug 1224620SUSE bug 1224621SUSE bug 1224622SUSE bug 1224623SUSE bug 1224624SUSE bug 1224626SUSE bug 1224627SUSE bug 1224628SUSE bug 1224629SUSE bug 1224630SUSE bug 1224632SUSE bug 1224633SUSE bug 1224634SUSE bug 1224636SUSE bug 1224637SUSE bug 1224638SUSE bug 1224639SUSE bug 1224640SUSE bug 1224641SUSE bug 1224643SUSE bug 1224644SUSE bug 1224645SUSE bug 1224646SUSE bug 1224647SUSE bug 1224648SUSE bug 1224649SUSE bug 1224650SUSE bug 1224651SUSE bug 1224652SUSE bug 1224653SUSE bug 1224654SUSE bug 1224655SUSE bug 1224657SUSE bug 1224659SUSE bug 1224660SUSE bug 1224661SUSE bug 1224662SUSE bug 1224663SUSE bug 1224664SUSE bug 1224665SUSE bug 1224666SUSE bug 1224667SUSE bug 1224668SUSE bug 1224670SUSE bug 1224671SUSE bug 1224672SUSE bug 1224673SUSE bug 1224674SUSE bug 1224675SUSE bug 1224676SUSE bug 1224677SUSE bug 1224678SUSE bug 1224679SUSE bug 1224680SUSE bug 1224681SUSE bug 1224682SUSE bug 1224683SUSE bug 1224685SUSE bug 1224686SUSE bug 1224687SUSE bug 1224688SUSE bug 1224692SUSE bug 1224696SUSE bug 1224697SUSE bug 1224698SUSE bug 1224699SUSE bug 1224701SUSE bug 1224703SUSE bug 1224704SUSE bug 1224705SUSE bug 1224706SUSE bug 1224707SUSE bug 1224709SUSE bug 1224710SUSE bug 1224712SUSE bug 1224714SUSE bug 1224716SUSE bug 1224717SUSE bug 1224718SUSE bug 1224719SUSE bug 1224720SUSE bug 1224721SUSE bug 1224722SUSE bug 1224723SUSE bug 1224725SUSE bug 1224727SUSE bug 1224729SUSE bug 1224730SUSE bug 1224731SUSE bug 1224732SUSE bug 1224733SUSE bug 1224735SUSE bug 1224736SUSE bug 1224738SUSE bug 1224739SUSE bug 1224740SUSE bug 1224741SUSE bug 1224742SUSE bug 1224743SUSE bug 1224747SUSE bug 1224749SUSE bug 1224751SUSE bug 1224759SUSE bug 1224763SUSE bug 1224764SUSE bug 1224765SUSE bug 1224766SUSE bug 1224767SUSE bug 1224790SUSE bug 1224792SUSE bug 1224793SUSE bug 1224803SUSE bug 1224804SUSE bug 1224866SUSE bug 1224928SUSE bug 1224930SUSE bug 1224932SUSE bug 1224933SUSE bug 1224935SUSE bug 1224936SUSE bug 1224937SUSE bug 1224939SUSE bug 1224941SUSE bug 1224944SUSE bug 1224946SUSE bug 1224947SUSE bug 1224949SUSE bug 1224951SUSE bug 1224988SUSE bug 1224989SUSE bug 1224992SUSE bug 1224998SUSE bug 1225000SUSE bug 1225001SUSE bug 1225004SUSE bug 1225006SUSE bug 1225007SUSE bug 1225008SUSE bug 1225009SUSE bug 1225014SUSE bug 1225015SUSE bug 1225022SUSE bug 1225025SUSE bug 1225028SUSE bug 1225029SUSE bug 1225031SUSE bug 1225036SUSE bug 1225041SUSE bug 1225044SUSE bug 1225049SUSE bug 1225050SUSE bug 1225053SUSE bug 1225076SUSE bug 1225077SUSE bug 1225078SUSE bug 1225081SUSE bug 1225085SUSE bug 1225086SUSE bug 1225088SUSE bug 1225090SUSE bug 1225092SUSE bug 1225096SUSE bug 1225097SUSE bug 1225098SUSE bug 1225101SUSE bug 1225103SUSE bug 1225104SUSE bug 1225105SUSE bug 1225106SUSE bug 1225108SUSE bug 1225120SUSE bug 1225132SUSE bug 1225133SUSE bug 1225134SUSE bug 1225136SUSE bug 1225172SUSE bug 1225180SUSE bug 1225272SUSE bug 1225300SUSE bug 1225391SUSE bug 1225472SUSE bug 1225475SUSE bug 1225476SUSE bug 1225477SUSE bug 1225478SUSE bug 1225485SUSE bug 1225489SUSE bug 1225490SUSE bug 1225502SUSE bug 1225527SUSE bug 1225529SUSE bug 1225530SUSE bug 1225532SUSE bug 1225534SUSE bug 1225548SUSE bug 1225550SUSE bug 1225553SUSE bug 1225554SUSE bug 1225555SUSE bug 1225556SUSE bug 1225557SUSE bug 1225559SUSE bug 1225560SUSE bug 1225564SUSE bug 1225565SUSE bug 1225566SUSE bug 1225568SUSE bug 1225569SUSE bug 1225570SUSE bug 1225571SUSE bug 1225572SUSE bug 1225573SUSE bug 1225577SUSE bug 1225578SUSE bug 1225579SUSE bug 1225580SUSE bug 1225581SUSE bug 1225583SUSE bug 1225584SUSE bug 1225585SUSE bug 1225586SUSE bug 1225587SUSE bug 1225588SUSE bug 1225589SUSE bug 1225590SUSE bug 1225591SUSE bug 1225592SUSE bug 1225593SUSE bug 1225594SUSE bug 1225595SUSE bug 1225599SUSE bug 1225600SUSE bug 1225601SUSE bug 1225602SUSE bug 1225605SUSE bug 1225607SUSE bug 1225609SUSE bug 1225610SUSE bug 1225611SUSE bug 1225616SUSE bug 1225618SUSE bug 1225640SUSE bug 1225642SUSE bug 1225681SUSE bug 1225692SUSE bug 1225694SUSE bug 1225695SUSE bug 1225696SUSE bug 1225698SUSE bug 1225699SUSE bug 1225702SUSE bug 1225704SUSE bug 1225705SUSE bug 1225708SUSE bug 1225710SUSE bug 1225711SUSE bug 1225712SUSE bug 1225714SUSE bug 1225715SUSE bug 1225717SUSE bug 1225719SUSE bug 1225720SUSE bug 1225722SUSE bug 1225723SUSE bug 1225726SUSE bug 1225728SUSE bug 1225731SUSE bug 1225732SUSE bug 1225734SUSE bug 1225735SUSE bug 1225736SUSE bug 1225737SUSE bug 1225741SUSE bug 1225744SUSE bug 1225745SUSE bug 1225746SUSE bug 1225747SUSE bug 1225748SUSE bug 1225749SUSE bug 1225750SUSE bug 1225752SUSE bug 1225753SUSE bug 1225756SUSE bug 1225757SUSE bug 1225758SUSE bug 1225759SUSE bug 1225760SUSE bug 1225761SUSE bug 1225762SUSE bug 1225763SUSE bug 1225765SUSE bug 1225766SUSE bug 1225767SUSE bug 1225769SUSE bug 1225770SUSE bug 1225773SUSE bug 1225775SUSE bug 1225805SUSE bug 1225810SUSE bug 1225815SUSE bug 1225820SUSE bug 1225823SUSE bug 1225827SUSE bug 1225829SUSE bug 1225830SUSE bug 1225834SUSE bug 1225835SUSE bug 1225839SUSE bug 1225840SUSE bug 1225842SUSE bug 1225843SUSE bug 1225847SUSE bug 1225851SUSE bug 1225856SUSE bug 1225866SUSE bug 1225872SUSE bug 1225894SUSE bug 1225895SUSE bug 1225896SUSE bug 1225898SUSE bug 1225903SUSE bug 1225945SUSE bug 1226022SUSE bug 1226131SUSE bug 1226145SUSE bug 1226149SUSE bug 1226155SUSE bug 1226158SUSE bug 1226163SUSE bug 1226202SUSE bug 1226211SUSE bug 1226212SUSE bug 1226213SUSE bug 1226226SUSE bug 1226457SUSE bug 1226502SUSE bug 1226503SUSE bug 1226513SUSE bug 1226514SUSE bug 1226519SUSE bug 1226520SUSE bug 1226582SUSE bug 1226587SUSE bug 1226588SUSE bug 1226592SUSE bug 1226593SUSE bug 1226594SUSE bug 1226595SUSE bug 1226597SUSE bug 1226607SUSE bug 1226608SUSE bug 1226610SUSE bug 1226612SUSE bug 1226613SUSE bug 1226630SUSE bug 1226632SUSE bug 1226633SUSE bug 1226634SUSE bug 1226637SUSE bug 1226657SUSE bug 1226658SUSE bug 1226734SUSE bug 1226735SUSE bug 1226737SUSE bug 1226738SUSE bug 1226739SUSE bug 1226740SUSE bug 1226741SUSE bug 1226742SUSE bug 1226744SUSE bug 1226746SUSE bug 1226747SUSE bug 1226749SUSE bug 1226750SUSE bug 1226754SUSE bug 1226757SUSE bug 1226758SUSE bug 1226760SUSE bug 1226761SUSE bug 1226764SUSE bug 1226767SUSE bug 1226768SUSE bug 1226769SUSE bug 1226771SUSE bug 1226772SUSE bug 1226774SUSE bug 1226775SUSE bug 1226776SUSE bug 1226777SUSE bug 1226780SUSE bug 1226781SUSE bug 1226783SUSE bug 1226785SUSE bug 1226786SUSE bug 1226788SUSE bug 1226789SUSE bug 1226790SUSE bug 1226791SUSE bug 1226796SUSE bug 1226799SUSE bug 1226837SUSE bug 1226839SUSE bug 1226840SUSE bug 1226841SUSE bug 1226842SUSE bug 1226844SUSE bug 1226848SUSE bug 1226852SUSE bug 1226856SUSE bug 1226857SUSE bug 1226859SUSE bug 1226861SUSE bug 1226863SUSE bug 1226864SUSE bug 1226866SUSE bug 1226867SUSE bug 1226868SUSE bug 1226875SUSE bug 1226876SUSE bug 1226878SUSE bug 1226879SUSE bug 1226883SUSE bug 1226886SUSE bug 1226890SUSE bug 1226891SUSE bug 1226894SUSE bug 1226895SUSE bug 1226905SUSE bug 1226908SUSE bug 1226909SUSE bug 1226911SUSE bug 1226915SUSE bug 1226928SUSE bug 1226934SUSE bug 1226938SUSE bug 1226939SUSE bug 1226941SUSE bug 1226948SUSE bug 1226949SUSE bug 1226950SUSE bug 1226962SUSE bug 1226976SUSE bug 1226989SUSE bug 1226990SUSE bug 1226992SUSE bug 1226993SUSE bug 1226994SUSE bug 1226995SUSE bug 1226996SUSE bug 1227066SUSE bug 1227072SUSE bug 1227085SUSE bug 1227089SUSE bug 1227090SUSE bug 1227096SUSE bug 1227101SUSE bug 1227103SUSE bug 1227149SUSE bug 1227190SUSE bug 1227282SUSE bug 1227362SUSE bug 1227363SUSE bug 1227383SUSE bug 1227432SUSE bug 1227434SUSE bug 1227435SUSE bug 1227443SUSE bug 1227446SUSE bug 1227447SUSE bug 1227487SUSE bug 1227573SUSE bug 1227626SUSE bug 1227716SUSE bug 1227719SUSE bug 1227723SUSE bug 1227730SUSE bug 1227736SUSE bug 1227755SUSE bug 1227757SUSE bug 1227762SUSE bug 1227763SUSE bug 1227779SUSE bug 1227780SUSE bug 1227783SUSE bug 1227786SUSE bug 1227788SUSE bug 1227789SUSE bug 1227797SUSE bug 1227800SUSE bug 1227801SUSE bug 1227803SUSE bug 1227806SUSE bug 1227813SUSE bug 1227814SUSE bug 1227836SUSE bug 1227855SUSE bug 1227862SUSE bug 1227866SUSE bug 1227886SUSE bug 1227899SUSE bug 1227910SUSE bug 1227913SUSE bug 1227926SUSE bug 1228090SUSE bug 1228192SUSE bug 1228193SUSE bug 1228211SUSE bug 1228269SUSE bug 1228289SUSE bug 1228327SUSE bug 1228328SUSE bug 1228403SUSE bug 1228405SUSE bug 1228408SUSE bug 1228417CVE-2021-47432 at SUSECVE-2021-47432 at NVDCVE-2022-48669 at SUSECVE-2022-48669 at NVDCVE-2022-48772 at SUSECVE-2022-48772 at NVDCVE-2023-0160 at SUSECVE-2023-0160 at NVDCVE-2023-38417 at SUSECVE-2023-38417 at NVDCVE-2023-47210 at SUSECVE-2023-47210 at NVDCVE-2023-51780 at SUSECVE-2023-51780 at NVDCVE-2023-52434 at SUSECVE-2023-52434 at NVDCVE-2023-52435 at SUSECVE-2023-52435 at NVDCVE-2023-52458 at SUSECVE-2023-52458 at NVDCVE-2023-52472 at SUSECVE-2023-52472 at NVDCVE-2023-52483 at SUSECVE-2023-52483 at NVDCVE-2023-52503 at SUSECVE-2023-52503 at NVDCVE-2023-52616 at SUSECVE-2023-52616 at NVDCVE-2023-52618 at SUSECVE-2023-52618 at NVDCVE-2023-52622 at SUSECVE-2023-52622 at NVDCVE-2023-52631 at SUSECVE-2023-52631 at NVDCVE-2023-52635 at SUSECVE-2023-52635 at NVDCVE-2023-52640 at SUSECVE-2023-52640 at NVDCVE-2023-52641 at SUSECVE-2023-52641 at NVDCVE-2023-52645 at SUSECVE-2023-52645 at NVDCVE-2023-52647 at SUSECVE-2023-52647 at NVDCVE-2023-52648 at SUSECVE-2023-52648 at NVDCVE-2023-52649 at SUSECVE-2023-52649 at NVDCVE-2023-52650 at SUSECVE-2023-52650 at NVDCVE-2023-52652 at SUSECVE-2023-52652 at NVDCVE-2023-52653 at SUSECVE-2023-52653 at NVDCVE-2023-52654 at SUSECVE-2023-52654 at NVDCVE-2023-52655 at SUSECVE-2023-52655 at NVDCVE-2023-52656 at SUSECVE-2023-52656 at NVDCVE-2023-52657 at SUSECVE-2023-52657 at NVDCVE-2023-52658 at SUSECVE-2023-52658 at NVDCVE-2023-52659 at SUSECVE-2023-52659 at NVDCVE-2023-52660 at SUSECVE-2023-52660 at NVDCVE-2023-52661 at SUSECVE-2023-52661 at NVDCVE-2023-52662 at SUSECVE-2023-52662 at NVDCVE-2023-52663 at SUSECVE-2023-52663 at NVDCVE-2023-52664 at SUSECVE-2023-52664 at NVDCVE-2023-52667 at SUSECVE-2023-52667 at NVDCVE-2023-52669 at SUSECVE-2023-52669 at NVDCVE-2023-52670 at SUSECVE-2023-52670 at NVDCVE-2023-52671 at SUSECVE-2023-52671 at NVDCVE-2023-52672 at SUSECVE-2023-52672 at NVDCVE-2023-52673 at SUSECVE-2023-52673 at NVDCVE-2023-52674 at SUSECVE-2023-52674 at NVDCVE-2023-52675 at SUSECVE-2023-52675 at NVDCVE-2023-52676 at SUSECVE-2023-52676 at NVDCVE-2023-52678 at SUSECVE-2023-52678 at NVDCVE-2023-52679 at SUSECVE-2023-52679 at NVDCVE-2023-52680 at SUSECVE-2023-52680 at NVDCVE-2023-52681 at SUSECVE-2023-52681 at NVDCVE-2023-52683 at SUSECVE-2023-52683 at NVDCVE-2023-52686 at SUSECVE-2023-52686 at NVDCVE-2023-52687 at SUSECVE-2023-52687 at NVDCVE-2023-52690 at SUSECVE-2023-52690 at NVDCVE-2023-52691 at SUSECVE-2023-52691 at NVDCVE-2023-52692 at SUSECVE-2023-52692 at NVDCVE-2023-52693 at SUSECVE-2023-52693 at NVDCVE-2023-52694 at SUSECVE-2023-52694 at NVDCVE-2023-52695 at SUSECVE-2023-52695 at NVDCVE-2023-52696 at SUSECVE-2023-52696 at NVDCVE-2023-52697 at SUSECVE-2023-52697 at NVDCVE-2023-52698 at SUSECVE-2023-52698 at NVDCVE-2023-52699 at SUSECVE-2023-52699 at NVDCVE-2023-52735 at SUSECVE-2023-52735 at NVDCVE-2023-52749 at SUSECVE-2023-52749 at NVDCVE-2023-52750 at SUSECVE-2023-52750 at NVDCVE-2023-52751 at SUSECVE-2023-52751 at NVDCVE-2023-52753 at SUSECVE-2023-52753 at NVDCVE-2023-52754 at SUSECVE-2023-52754 at NVDCVE-2023-52757 at SUSECVE-2023-52757 at NVDCVE-2023-52759 at SUSECVE-2023-52759 at NVDCVE-2023-52762 at SUSECVE-2023-52762 at NVDCVE-2023-52763 at SUSECVE-2023-52763 at NVDCVE-2023-52764 at SUSECVE-2023-52764 at NVDCVE-2023-52765 at SUSECVE-2023-52765 at NVDCVE-2023-52766 at SUSECVE-2023-52766 at NVDCVE-2023-52767 at SUSECVE-2023-52767 at NVDCVE-2023-52768 at SUSECVE-2023-52768 at NVDCVE-2023-52769 at SUSECVE-2023-52769 at NVDCVE-2023-52771 at SUSECVE-2023-52771 at NVDCVE-2023-52772 at SUSECVE-2023-52772 at NVDCVE-2023-52773 at SUSECVE-2023-52773 at NVDCVE-2023-52774 at SUSECVE-2023-52774 at NVDCVE-2023-52775 at SUSECVE-2023-52775 at NVDCVE-2023-52776 at SUSECVE-2023-52776 at NVDCVE-2023-52777 at SUSECVE-2023-52777 at NVDCVE-2023-52780 at SUSECVE-2023-52780 at NVDCVE-2023-52781 at SUSECVE-2023-52781 at NVDCVE-2023-52782 at SUSECVE-2023-52782 at NVDCVE-2023-52783 at SUSECVE-2023-52783 at NVDCVE-2023-52784 at SUSECVE-2023-52784 at NVDCVE-2023-52786 at SUSECVE-2023-52786 at NVDCVE-2023-52787 at SUSECVE-2023-52787 at NVDCVE-2023-52788 at SUSECVE-2023-52788 at NVDCVE-2023-52789 at SUSECVE-2023-52789 at NVDCVE-2023-52791 at SUSECVE-2023-52791 at NVDCVE-2023-52792 at SUSECVE-2023-52792 at NVDCVE-2023-52794 at SUSECVE-2023-52794 at NVDCVE-2023-52795 at SUSECVE-2023-52795 at NVDCVE-2023-52796 at SUSECVE-2023-52796 at NVDCVE-2023-52798 at SUSECVE-2023-52798 at NVDCVE-2023-52799 at SUSECVE-2023-52799 at NVDCVE-2023-52800 at SUSECVE-2023-52800 at NVDCVE-2023-52801 at SUSECVE-2023-52801 at NVDCVE-2023-52803 at SUSECVE-2023-52803 at NVDCVE-2023-52804 at SUSECVE-2023-52804 at NVDCVE-2023-52805 at SUSECVE-2023-52805 at NVDCVE-2023-52806 at SUSECVE-2023-52806 at NVDCVE-2023-52807 at SUSECVE-2023-52807 at NVDCVE-2023-52808 at SUSECVE-2023-52808 at NVDCVE-2023-52809 at SUSECVE-2023-52809 at NVDCVE-2023-52810 at SUSECVE-2023-52810 at NVDCVE-2023-52811 at SUSECVE-2023-52811 at NVDCVE-2023-52812 at SUSECVE-2023-52812 at NVDCVE-2023-52813 at SUSECVE-2023-52813 at NVDCVE-2023-52814 at SUSECVE-2023-52814 at NVDCVE-2023-52815 at SUSECVE-2023-52815 at NVDCVE-2023-52816 at SUSECVE-2023-52816 at NVDCVE-2023-52817 at SUSECVE-2023-52817 at NVDCVE-2023-52818 at SUSECVE-2023-52818 at NVDCVE-2023-52819 at SUSECVE-2023-52819 at NVDCVE-2023-52821 at SUSECVE-2023-52821 at NVDCVE-2023-52825 at SUSECVE-2023-52825 at NVDCVE-2023-52826 at SUSECVE-2023-52826 at NVDCVE-2023-52827 at SUSECVE-2023-52827 at NVDCVE-2023-52829 at SUSECVE-2023-52829 at NVDCVE-2023-52832 at SUSECVE-2023-52832 at NVDCVE-2023-52833 at SUSECVE-2023-52833 at NVDCVE-2023-52834 at SUSECVE-2023-52834 at NVDCVE-2023-52835 at SUSECVE-2023-52835 at NVDCVE-2023-52836 at SUSECVE-2023-52836 at NVDCVE-2023-52837 at SUSECVE-2023-52837 at NVDCVE-2023-52838 at SUSECVE-2023-52838 at NVDCVE-2023-52840 at SUSECVE-2023-52840 at NVDCVE-2023-52841 at SUSECVE-2023-52841 at NVDCVE-2023-52842 at SUSECVE-2023-52842 at NVDCVE-2023-52843 at SUSECVE-2023-52843 at NVDCVE-2023-52844 at SUSECVE-2023-52844 at NVDCVE-2023-52845 at SUSECVE-2023-52845 at NVDCVE-2023-52846 at SUSECVE-2023-52846 at NVDCVE-2023-52847 at SUSECVE-2023-52847 at NVDCVE-2023-52849 at SUSECVE-2023-52849 at NVDCVE-2023-52850 at SUSECVE-2023-52850 at NVDCVE-2023-52851 at SUSECVE-2023-52851 at NVDCVE-2023-52853 at SUSECVE-2023-52853 at NVDCVE-2023-52854 at SUSECVE-2023-52854 at NVDCVE-2023-52855 at SUSECVE-2023-52855 at NVDCVE-2023-52856 at SUSECVE-2023-52856 at NVDCVE-2023-52857 at SUSECVE-2023-52857 at NVDCVE-2023-52858 at SUSECVE-2023-52858 at NVDCVE-2023-52860 at SUSECVE-2023-52860 at NVDCVE-2023-52861 at SUSECVE-2023-52861 at NVDCVE-2023-52862 at SUSECVE-2023-52862 at NVDCVE-2023-52863 at SUSECVE-2023-52863 at NVDCVE-2023-52864 at SUSECVE-2023-52864 at NVDCVE-2023-52865 at SUSECVE-2023-52865 at NVDCVE-2023-52866 at SUSECVE-2023-52866 at NVDCVE-2023-52867 at SUSECVE-2023-52867 at NVDCVE-2023-52868 at SUSECVE-2023-52868 at NVDCVE-2023-52869 at SUSECVE-2023-52869 at NVDCVE-2023-52870 at SUSECVE-2023-52870 at NVDCVE-2023-52871 at SUSECVE-2023-52871 at NVDCVE-2023-52872 at SUSECVE-2023-52872 at NVDCVE-2023-52873 at SUSECVE-2023-52873 at NVDCVE-2023-52874 at SUSECVE-2023-52874 at NVDCVE-2023-52875 at SUSECVE-2023-52875 at NVDCVE-2023-52876 at SUSECVE-2023-52876 at NVDCVE-2023-52877 at SUSECVE-2023-52877 at NVDCVE-2023-52878 at SUSECVE-2023-52878 at NVDCVE-2023-52879 at SUSECVE-2023-52879 at NVDCVE-2023-52880 at SUSECVE-2023-52880 at NVDCVE-2023-52881 at SUSECVE-2023-52881 at NVDCVE-2023-52882 at SUSECVE-2023-52882 at NVDCVE-2023-52883 at SUSECVE-2023-52883 at NVDCVE-2023-52884 at SUSECVE-2023-52884 at NVDCVE-2023-6238 at SUSECVE-2023-6238 at NVDCVE-2023-6270 at SUSECVE-2023-6270 at NVDCVE-2023-7042 at SUSECVE-2023-7042 at NVDCVE-2024-0639 at SUSECVE-2024-0639 at NVDCVE-2024-21823 at SUSECVE-2024-21823 at NVDCVE-2024-22099 at SUSECVE-2024-22099 at NVDCVE-2024-23848 at SUSECVE-2024-23848 at NVDCVE-2024-24861 at SUSECVE-2024-24861 at NVDCVE-2024-25739 at SUSECVE-2024-25739 at NVDCVE-2024-25741 at SUSECVE-2024-25741 at NVDCVE-2024-26601 at SUSECVE-2024-26601 at NVDCVE-2024-26611 at SUSECVE-2024-26611 at NVDCVE-2024-26614 at SUSECVE-2024-26614 at NVDCVE-2024-26615 at SUSECVE-2024-26615 at NVDCVE-2024-26623 at SUSECVE-2024-26623 at NVDCVE-2024-26625 at SUSECVE-2024-26625 at NVDCVE-2024-26632 at SUSECVE-2024-26632 at NVDCVE-2024-26633 at SUSECVE-2024-26633 at NVDCVE-2024-26635 at SUSECVE-2024-26635 at NVDCVE-2024-26636 at SUSECVE-2024-26636 at NVDCVE-2024-26638 at SUSECVE-2024-26638 at NVDCVE-2024-26641 at SUSECVE-2024-26641 at NVDCVE-2024-26642 at SUSECVE-2024-26642 at NVDCVE-2024-26643 at SUSECVE-2024-26643 at NVDCVE-2024-26654 at SUSECVE-2024-26654 at NVDCVE-2024-26656 at SUSECVE-2024-26656 at NVDCVE-2024-26657 at SUSECVE-2024-26657 at NVDCVE-2024-26663 at SUSECVE-2024-26663 at NVDCVE-2024-26665 at SUSECVE-2024-26665 at NVDCVE-2024-26671 at SUSECVE-2024-26671 at NVDCVE-2024-26673 at SUSECVE-2024-26673 at NVDCVE-2024-26674 at SUSECVE-2024-26674 at NVDCVE-2024-26676 at SUSECVE-2024-26676 at NVDCVE-2024-26679 at SUSECVE-2024-26679 at NVDCVE-2024-26684 at SUSECVE-2024-26684 at NVDCVE-2024-26685 at SUSECVE-2024-26685 at NVDCVE-2024-26691 at SUSECVE-2024-26691 at NVDCVE-2024-26692 at SUSECVE-2024-26692 at NVDCVE-2024-26704 at SUSECVE-2024-26704 at NVDCVE-2024-26714 at SUSECVE-2024-26714 at NVDCVE-2024-26726 at SUSECVE-2024-26726 at NVDCVE-2024-26731 at SUSECVE-2024-26731 at NVDCVE-2024-26733 at SUSECVE-2024-26733 at NVDCVE-2024-26734 at SUSECVE-2024-26734 at NVDCVE-2024-26737 at SUSECVE-2024-26737 at NVDCVE-2024-26739 at SUSECVE-2024-26739 at NVDCVE-2024-26740 at SUSECVE-2024-26740 at NVDCVE-2024-26742 at SUSECVE-2024-26742 at NVDCVE-2024-26750 at SUSECVE-2024-26750 at NVDCVE-2024-26758 at SUSECVE-2024-26758 at NVDCVE-2024-26760 at SUSECVE-2024-26760 at NVDCVE-2024-26761 at SUSECVE-2024-26761 at NVDCVE-2024-26764 at SUSECVE-2024-26764 at NVDCVE-2024-26767 at SUSECVE-2024-26767 at NVDCVE-2024-26769 at SUSECVE-2024-26769 at NVDCVE-2024-26772 at SUSECVE-2024-26772 at NVDCVE-2024-26773 at SUSECVE-2024-26773 at NVDCVE-2024-26774 at SUSECVE-2024-26774 at NVDCVE-2024-26775 at SUSECVE-2024-26775 at NVDCVE-2024-26780 at SUSECVE-2024-26780 at NVDCVE-2024-26783 at SUSECVE-2024-26783 at NVDCVE-2024-26785 at SUSECVE-2024-26785 at NVDCVE-2024-26786 at SUSECVE-2024-26786 at NVDCVE-2024-26791 at SUSECVE-2024-26791 at NVDCVE-2024-26793 at SUSECVE-2024-26793 at NVDCVE-2024-26794 at SUSECVE-2024-26794 at NVDCVE-2024-26802 at SUSECVE-2024-26802 at NVDCVE-2024-26805 at SUSECVE-2024-26805 at NVDCVE-2024-26807 at SUSECVE-2024-26807 at NVDCVE-2024-26813 at SUSECVE-2024-26813 at NVDCVE-2024-26814 at SUSECVE-2024-26814 at NVDCVE-2024-26815 at SUSECVE-2024-26815 at NVDCVE-2024-26816 at SUSECVE-2024-26816 at NVDCVE-2024-26822 at SUSECVE-2024-26822 at NVDCVE-2024-26826 at SUSECVE-2024-26826 at NVDCVE-2024-26828 at SUSECVE-2024-26828 at NVDCVE-2024-26832 at SUSECVE-2024-26832 at NVDCVE-2024-26836 at SUSECVE-2024-26836 at NVDCVE-2024-26844 at SUSECVE-2024-26844 at NVDCVE-2024-26845 at SUSECVE-2024-26845 at NVDCVE-2024-26846 at SUSECVE-2024-26846 at NVDCVE-2024-26853 at SUSECVE-2024-26853 at NVDCVE-2024-26854 at SUSECVE-2024-26854 at NVDCVE-2024-26855 at SUSECVE-2024-26855 at NVDCVE-2024-26856 at SUSECVE-2024-26856 at NVDCVE-2024-26857 at SUSECVE-2024-26857 at NVDCVE-2024-26858 at SUSECVE-2024-26858 at NVDCVE-2024-26860 at SUSECVE-2024-26860 at NVDCVE-2024-26861 at SUSECVE-2024-26861 at NVDCVE-2024-26862 at SUSECVE-2024-26862 at NVDCVE-2024-26863 at SUSECVE-2024-26863 at NVDCVE-2024-26865 at SUSECVE-2024-26865 at NVDCVE-2024-26866 at SUSECVE-2024-26866 at NVDCVE-2024-26868 at SUSECVE-2024-26868 at NVDCVE-2024-26870 at SUSECVE-2024-26870 at NVDCVE-2024-26878 at SUSECVE-2024-26878 at NVDCVE-2024-26881 at SUSECVE-2024-26881 at NVDCVE-2024-26882 at SUSECVE-2024-26882 at NVDCVE-2024-26883 at SUSECVE-2024-26883 at NVDCVE-2024-26884 at SUSECVE-2024-26884 at NVDCVE-2024-26885 at SUSECVE-2024-26885 at NVDCVE-2024-26889 at SUSECVE-2024-26889 at NVDCVE-2024-26898 at SUSECVE-2024-26898 at NVDCVE-2024-26899 at SUSECVE-2024-26899 at NVDCVE-2024-26900 at SUSECVE-2024-26900 at NVDCVE-2024-26901 at SUSECVE-2024-26901 at NVDCVE-2024-26903 at SUSECVE-2024-26903 at NVDCVE-2024-26906 at SUSECVE-2024-26906 at NVDCVE-2024-26909 at SUSECVE-2024-26909 at NVDCVE-2024-26919 at SUSECVE-2024-26919 at NVDCVE-2024-26920 at SUSECVE-2024-26920 at NVDCVE-2024-26921 at SUSECVE-2024-26921 at NVDCVE-2024-26922 at SUSECVE-2024-26922 at NVDCVE-2024-26923 at SUSECVE-2024-26923 at NVDCVE-2024-26925 at SUSECVE-2024-26925 at NVDCVE-2024-26928 at SUSECVE-2024-26928 at NVDCVE-2024-26929 at SUSECVE-2024-26929 at NVDCVE-2024-26930 at SUSECVE-2024-26930 at NVDCVE-2024-26931 at SUSECVE-2024-26931 at NVDCVE-2024-26932 at SUSECVE-2024-26932 at NVDCVE-2024-26933 at SUSECVE-2024-26933 at NVDCVE-2024-26934 at SUSECVE-2024-26934 at NVDCVE-2024-26935 at SUSECVE-2024-26935 at NVDCVE-2024-26937 at SUSECVE-2024-26937 at NVDCVE-2024-26938 at SUSECVE-2024-26938 at NVDCVE-2024-26939 at SUSECVE-2024-26939 at NVDCVE-2024-26940 at SUSECVE-2024-26940 at NVDCVE-2024-26943 at SUSECVE-2024-26943 at NVDCVE-2024-26944 at SUSECVE-2024-26944 at NVDCVE-2024-26945 at SUSECVE-2024-26945 at NVDCVE-2024-26946 at SUSECVE-2024-26946 at NVDCVE-2024-26948 at SUSECVE-2024-26948 at NVDCVE-2024-26949 at SUSECVE-2024-26949 at NVDCVE-2024-26950 at SUSECVE-2024-26950 at NVDCVE-2024-26951 at SUSECVE-2024-26951 at NVDCVE-2024-26955 at SUSECVE-2024-26955 at NVDCVE-2024-26956 at SUSECVE-2024-26956 at NVDCVE-2024-26957 at SUSECVE-2024-26957 at NVDCVE-2024-26958 at SUSECVE-2024-26958 at NVDCVE-2024-26959 at SUSECVE-2024-26959 at NVDCVE-2024-26960 at SUSECVE-2024-26960 at NVDCVE-2024-26961 at SUSECVE-2024-26961 at NVDCVE-2024-26962 at SUSECVE-2024-26962 at NVDCVE-2024-26963 at SUSECVE-2024-26963 at NVDCVE-2024-26964 at SUSECVE-2024-26964 at NVDCVE-2024-26965 at SUSECVE-2024-26965 at NVDCVE-2024-26966 at SUSECVE-2024-26966 at NVDCVE-2024-26968 at SUSECVE-2024-26968 at NVDCVE-2024-26969 at SUSECVE-2024-26969 at NVDCVE-2024-26970 at SUSECVE-2024-26970 at NVDCVE-2024-26972 at SUSECVE-2024-26972 at NVDCVE-2024-26973 at SUSECVE-2024-26973 at NVDCVE-2024-26974 at SUSECVE-2024-26974 at NVDCVE-2024-26975 at SUSECVE-2024-26975 at NVDCVE-2024-26977 at SUSECVE-2024-26977 at NVDCVE-2024-26978 at SUSECVE-2024-26978 at NVDCVE-2024-26981 at SUSECVE-2024-26981 at NVDCVE-2024-26982 at SUSECVE-2024-26982 at NVDCVE-2024-26983 at SUSECVE-2024-26983 at NVDCVE-2024-26984 at SUSECVE-2024-26984 at NVDCVE-2024-26986 at SUSECVE-2024-26986 at NVDCVE-2024-26988 at SUSECVE-2024-26988 at NVDCVE-2024-26989 at SUSECVE-2024-26989 at NVDCVE-2024-26990 at SUSECVE-2024-26990 at NVDCVE-2024-26991 at SUSECVE-2024-26991 at NVDCVE-2024-26992 at SUSECVE-2024-26992 at NVDCVE-2024-26993 at SUSECVE-2024-26993 at NVDCVE-2024-26994 at SUSECVE-2024-26994 at NVDCVE-2024-26995 at SUSECVE-2024-26995 at NVDCVE-2024-26996 at SUSECVE-2024-26996 at NVDCVE-2024-26997 at SUSECVE-2024-26997 at NVDCVE-2024-26999 at SUSECVE-2024-26999 at NVDCVE-2024-27000 at SUSECVE-2024-27000 at NVDCVE-2024-27001 at SUSECVE-2024-27001 at NVDCVE-2024-27002 at SUSECVE-2024-27002 at NVDCVE-2024-27003 at SUSECVE-2024-27003 at NVDCVE-2024-27004 at SUSECVE-2024-27004 at NVDCVE-2024-27008 at SUSECVE-2024-27008 at NVDCVE-2024-27009 at SUSECVE-2024-27009 at NVDCVE-2024-27012 at SUSECVE-2024-27012 at NVDCVE-2024-27013 at SUSECVE-2024-27013 at NVDCVE-2024-27014 at SUSECVE-2024-27014 at NVDCVE-2024-27015 at SUSECVE-2024-27015 at NVDCVE-2024-27016 at SUSECVE-2024-27016 at NVDCVE-2024-27019 at SUSECVE-2024-27019 at NVDCVE-2024-27020 at SUSECVE-2024-27020 at NVDCVE-2024-27022 at SUSECVE-2024-27022 at NVDCVE-2024-27023 at SUSECVE-2024-27023 at NVDCVE-2024-27025 at SUSECVE-2024-27025 at NVDCVE-2024-27027 at SUSECVE-2024-27027 at NVDCVE-2024-27028 at SUSECVE-2024-27028 at NVDCVE-2024-27029 at SUSECVE-2024-27029 at NVDCVE-2024-27030 at SUSECVE-2024-27030 at NVDCVE-2024-27031 at SUSECVE-2024-27031 at NVDCVE-2024-27036 at SUSECVE-2024-27036 at NVDCVE-2024-27037 at SUSECVE-2024-27037 at NVDCVE-2024-27038 at SUSECVE-2024-27038 at NVDCVE-2024-27039 at SUSECVE-2024-27039 at NVDCVE-2024-27040 at SUSECVE-2024-27040 at NVDCVE-2024-27041 at SUSECVE-2024-27041 at NVDCVE-2024-27042 at SUSECVE-2024-27042 at NVDCVE-2024-27043 at SUSECVE-2024-27043 at NVDCVE-2024-27044 at SUSECVE-2024-27044 at NVDCVE-2024-27045 at SUSECVE-2024-27045 at NVDCVE-2024-27046 at SUSECVE-2024-27046 at NVDCVE-2024-27047 at SUSECVE-2024-27047 at NVDCVE-2024-27048 at SUSECVE-2024-27048 at NVDCVE-2024-27051 at SUSECVE-2024-27051 at NVDCVE-2024-27052 at SUSECVE-2024-27052 at NVDCVE-2024-27053 at SUSECVE-2024-27053 at NVDCVE-2024-27054 at SUSECVE-2024-27054 at NVDCVE-2024-27056 at SUSECVE-2024-27056 at NVDCVE-2024-27057 at SUSECVE-2024-27057 at NVDCVE-2024-27059 at SUSECVE-2024-27059 at NVDCVE-2024-27060 at SUSECVE-2024-27060 at NVDCVE-2024-27062 at SUSECVE-2024-27062 at NVDCVE-2024-27064 at SUSECVE-2024-27064 at NVDCVE-2024-27065 at SUSECVE-2024-27065 at NVDCVE-2024-27067 at SUSECVE-2024-27067 at NVDCVE-2024-27068 at SUSECVE-2024-27068 at NVDCVE-2024-27071 at SUSECVE-2024-27071 at NVDCVE-2024-27072 at SUSECVE-2024-27072 at NVDCVE-2024-27073 at SUSECVE-2024-27073 at NVDCVE-2024-27074 at SUSECVE-2024-27074 at NVDCVE-2024-27075 at SUSECVE-2024-27075 at NVDCVE-2024-27076 at SUSECVE-2024-27076 at NVDCVE-2024-27077 at SUSECVE-2024-27077 at NVDCVE-2024-27078 at SUSECVE-2024-27078 at NVDCVE-2024-27080 at SUSECVE-2024-27080 at NVDCVE-2024-27388 at SUSECVE-2024-27388 at NVDCVE-2024-27389 at SUSECVE-2024-27389 at NVDCVE-2024-27391 at SUSECVE-2024-27391 at NVDCVE-2024-27393 at SUSECVE-2024-27393 at NVDCVE-2024-27395 at SUSECVE-2024-27395 at NVDCVE-2024-27396 at SUSECVE-2024-27396 at NVDCVE-2024-27398 at SUSECVE-2024-27398 at NVDCVE-2024-27399 at SUSECVE-2024-27399 at NVDCVE-2024-27400 at SUSECVE-2024-27400 at NVDCVE-2024-27401 at SUSECVE-2024-27401 at NVDCVE-2024-27402 at SUSECVE-2024-27402 at NVDCVE-2024-27404 at SUSECVE-2024-27404 at NVDCVE-2024-27405 at SUSECVE-2024-27405 at NVDCVE-2024-27408 at SUSECVE-2024-27408 at NVDCVE-2024-27410 at SUSECVE-2024-27410 at NVDCVE-2024-27411 at SUSECVE-2024-27411 at NVDCVE-2024-27412 at SUSECVE-2024-27412 at NVDCVE-2024-27413 at SUSECVE-2024-27413 at NVDCVE-2024-27414 at SUSECVE-2024-27414 at NVDCVE-2024-27416 at SUSECVE-2024-27416 at NVDCVE-2024-27417 at SUSECVE-2024-27417 at NVDCVE-2024-27418 at SUSECVE-2024-27418 at NVDCVE-2024-27419 at SUSECVE-2024-27419 at NVDCVE-2024-27431 at SUSECVE-2024-27431 at NVDCVE-2024-27432 at SUSECVE-2024-27432 at NVDCVE-2024-27434 at SUSECVE-2024-27434 at NVDCVE-2024-27435 at SUSECVE-2024-27435 at NVDCVE-2024-27436 at SUSECVE-2024-27436 at NVDCVE-2024-33619 at SUSECVE-2024-33619 at NVDCVE-2024-34777 at SUSECVE-2024-34777 at NVDCVE-2024-35247 at SUSECVE-2024-35247 at NVDCVE-2024-35784 at SUSECVE-2024-35784 at NVDCVE-2024-35786 at SUSECVE-2024-35786 at NVDCVE-2024-35788 at SUSECVE-2024-35788 at NVDCVE-2024-35789 at SUSECVE-2024-35789 at NVDCVE-2024-35790 at SUSECVE-2024-35790 at NVDCVE-2024-35791 at SUSECVE-2024-35791 at NVDCVE-2024-35794 at SUSECVE-2024-35794 at NVDCVE-2024-35795 at SUSECVE-2024-35795 at NVDCVE-2024-35796 at SUSECVE-2024-35796 at NVDCVE-2024-35799 at SUSECVE-2024-35799 at NVDCVE-2024-35800 at SUSECVE-2024-35800 at NVDCVE-2024-35801 at SUSECVE-2024-35801 at NVDCVE-2024-35803 at SUSECVE-2024-35803 at NVDCVE-2024-35804 at SUSECVE-2024-35804 at NVDCVE-2024-35805 at SUSECVE-2024-35805 at NVDCVE-2024-35806 at SUSECVE-2024-35806 at NVDCVE-2024-35807 at SUSECVE-2024-35807 at NVDCVE-2024-35808 at SUSECVE-2024-35808 at NVDCVE-2024-35809 at SUSECVE-2024-35809 at NVDCVE-2024-35810 at SUSECVE-2024-35810 at NVDCVE-2024-35811 at SUSECVE-2024-35811 at NVDCVE-2024-35812 at SUSECVE-2024-35812 at NVDCVE-2024-35813 at SUSECVE-2024-35813 at NVDCVE-2024-35814 at SUSECVE-2024-35814 at NVDCVE-2024-35815 at SUSECVE-2024-35815 at NVDCVE-2024-35817 at SUSECVE-2024-35817 at NVDCVE-2024-35819 at SUSECVE-2024-35819 at NVDCVE-2024-35821 at SUSECVE-2024-35821 at NVDCVE-2024-35822 at SUSECVE-2024-35822 at NVDCVE-2024-35823 at SUSECVE-2024-35823 at NVDCVE-2024-35824 at SUSECVE-2024-35824 at NVDCVE-2024-35825 at SUSECVE-2024-35825 at NVDCVE-2024-35827 at SUSECVE-2024-35827 at NVDCVE-2024-35828 at SUSECVE-2024-35828 at NVDCVE-2024-35829 at SUSECVE-2024-35829 at NVDCVE-2024-35830 at SUSECVE-2024-35830 at NVDCVE-2024-35831 at SUSECVE-2024-35831 at NVDCVE-2024-35833 at SUSECVE-2024-35833 at NVDCVE-2024-35834 at SUSECVE-2024-35834 at NVDCVE-2024-35835 at SUSECVE-2024-35835 at NVDCVE-2024-35836 at SUSECVE-2024-35836 at NVDCVE-2024-35837 at SUSECVE-2024-35837 at NVDCVE-2024-35838 at SUSECVE-2024-35838 at NVDCVE-2024-35841 at SUSECVE-2024-35841 at NVDCVE-2024-35842 at SUSECVE-2024-35842 at NVDCVE-2024-35843 at SUSECVE-2024-35843 at NVDCVE-2024-35845 at SUSECVE-2024-35845 at NVDCVE-2024-35847 at SUSECVE-2024-35847 at NVDCVE-2024-35848 at SUSECVE-2024-35848 at NVDCVE-2024-35849 at SUSECVE-2024-35849 at NVDCVE-2024-35850 at SUSECVE-2024-35850 at NVDCVE-2024-35851 at SUSECVE-2024-35851 at NVDCVE-2024-35852 at SUSECVE-2024-35852 at NVDCVE-2024-35853 at SUSECVE-2024-35853 at NVDCVE-2024-35854 at SUSECVE-2024-35854 at NVDCVE-2024-35857 at SUSECVE-2024-35857 at NVDCVE-2024-35860 at SUSECVE-2024-35860 at NVDCVE-2024-35861 at SUSECVE-2024-35861 at NVDCVE-2024-35862 at SUSECVE-2024-35862 at NVDCVE-2024-35863 at SUSECVE-2024-35863 at NVDCVE-2024-35864 at SUSECVE-2024-35864 at NVDCVE-2024-35865 at SUSECVE-2024-35865 at NVDCVE-2024-35866 at SUSECVE-2024-35866 at NVDCVE-2024-35867 at SUSECVE-2024-35867 at NVDCVE-2024-35868 at SUSECVE-2024-35868 at NVDCVE-2024-35869 at SUSECVE-2024-35869 at NVDCVE-2024-35870 at SUSECVE-2024-35870 at NVDCVE-2024-35872 at SUSECVE-2024-35872 at NVDCVE-2024-35875 at SUSECVE-2024-35875 at NVDCVE-2024-35877 at SUSECVE-2024-35877 at NVDCVE-2024-35878 at SUSECVE-2024-35878 at NVDCVE-2024-35879 at SUSECVE-2024-35879 at NVDCVE-2024-35880 at SUSECVE-2024-35880 at NVDCVE-2024-35883 at SUSECVE-2024-35883 at NVDCVE-2024-35884 at SUSECVE-2024-35884 at NVDCVE-2024-35885 at SUSECVE-2024-35885 at NVDCVE-2024-35886 at SUSECVE-2024-35886 at NVDCVE-2024-35887 at SUSECVE-2024-35887 at NVDCVE-2024-35889 at SUSECVE-2024-35889 at NVDCVE-2024-35890 at SUSECVE-2024-35890 at NVDCVE-2024-35891 at SUSECVE-2024-35891 at NVDCVE-2024-35892 at SUSECVE-2024-35892 at NVDCVE-2024-35893 at SUSECVE-2024-35893 at NVDCVE-2024-35895 at SUSECVE-2024-35895 at NVDCVE-2024-35896 at SUSECVE-2024-35896 at NVDCVE-2024-35898 at SUSECVE-2024-35898 at NVDCVE-2024-35899 at SUSECVE-2024-35899 at NVDCVE-2024-35900 at SUSECVE-2024-35900 at NVDCVE-2024-35901 at SUSECVE-2024-35901 at NVDCVE-2024-35903 at SUSECVE-2024-35903 at NVDCVE-2024-35904 at SUSECVE-2024-35904 at NVDCVE-2024-35905 at SUSECVE-2024-35905 at NVDCVE-2024-35907 at SUSECVE-2024-35907 at NVDCVE-2024-35908 at SUSECVE-2024-35908 at NVDCVE-2024-35909 at SUSECVE-2024-35909 at NVDCVE-2024-35911 at SUSECVE-2024-35911 at NVDCVE-2024-35912 at SUSECVE-2024-35912 at NVDCVE-2024-35914 at SUSECVE-2024-35914 at NVDCVE-2024-35915 at SUSECVE-2024-35915 at NVDCVE-2024-35916 at SUSECVE-2024-35916 at NVDCVE-2024-35917 at SUSECVE-2024-35917 at NVDCVE-2024-35921 at SUSECVE-2024-35921 at NVDCVE-2024-35922 at SUSECVE-2024-35922 at NVDCVE-2024-35924 at SUSECVE-2024-35924 at NVDCVE-2024-35925 at SUSECVE-2024-35925 at NVDCVE-2024-35926 at SUSECVE-2024-35926 at NVDCVE-2024-35927 at SUSECVE-2024-35927 at NVDCVE-2024-35928 at SUSECVE-2024-35928 at NVDCVE-2024-35930 at SUSECVE-2024-35930 at NVDCVE-2024-35931 at SUSECVE-2024-35931 at NVDCVE-2024-35932 at SUSECVE-2024-35932 at NVDCVE-2024-35933 at SUSECVE-2024-35933 at NVDCVE-2024-35934 at SUSECVE-2024-35934 at NVDCVE-2024-35935 at SUSECVE-2024-35935 at NVDCVE-2024-35936 at SUSECVE-2024-35936 at NVDCVE-2024-35937 at SUSECVE-2024-35937 at NVDCVE-2024-35938 at SUSECVE-2024-35938 at NVDCVE-2024-35940 at SUSECVE-2024-35940 at NVDCVE-2024-35942 at SUSECVE-2024-35942 at NVDCVE-2024-35943 at SUSECVE-2024-35943 at NVDCVE-2024-35944 at SUSECVE-2024-35944 at NVDCVE-2024-35945 at SUSECVE-2024-35945 at NVDCVE-2024-35946 at SUSECVE-2024-35946 at NVDCVE-2024-35947 at SUSECVE-2024-35947 at NVDCVE-2024-35950 at SUSECVE-2024-35950 at NVDCVE-2024-35951 at SUSECVE-2024-35951 at NVDCVE-2024-35952 at SUSECVE-2024-35952 at NVDCVE-2024-35953 at SUSECVE-2024-35953 at NVDCVE-2024-35954 at SUSECVE-2024-35954 at NVDCVE-2024-35955 at SUSECVE-2024-35955 at NVDCVE-2024-35956 at SUSECVE-2024-35956 at NVDCVE-2024-35957 at SUSECVE-2024-35957 at NVDCVE-2024-35958 at SUSECVE-2024-35958 at NVDCVE-2024-35959 at SUSECVE-2024-35959 at NVDCVE-2024-35960 at SUSECVE-2024-35960 at NVDCVE-2024-35961 at SUSECVE-2024-35961 at NVDCVE-2024-35962 at SUSECVE-2024-35962 at NVDCVE-2024-35963 at SUSECVE-2024-35963 at NVDCVE-2024-35964 at SUSECVE-2024-35964 at NVDCVE-2024-35965 at SUSECVE-2024-35965 at NVDCVE-2024-35966 at SUSECVE-2024-35966 at NVDCVE-2024-35967 at SUSECVE-2024-35967 at NVDCVE-2024-35969 at SUSECVE-2024-35969 at NVDCVE-2024-35970 at SUSECVE-2024-35970 at NVDCVE-2024-35971 at SUSECVE-2024-35971 at NVDCVE-2024-35972 at SUSECVE-2024-35972 at NVDCVE-2024-35973 at SUSECVE-2024-35973 at NVDCVE-2024-35974 at SUSECVE-2024-35974 at NVDCVE-2024-35975 at SUSECVE-2024-35975 at NVDCVE-2024-35976 at SUSECVE-2024-35976 at NVDCVE-2024-35977 at SUSECVE-2024-35977 at NVDCVE-2024-35978 at SUSECVE-2024-35978 at NVDCVE-2024-35979 at SUSECVE-2024-35979 at NVDCVE-2024-35981 at SUSECVE-2024-35981 at NVDCVE-2024-35982 at SUSECVE-2024-35982 at NVDCVE-2024-35984 at SUSECVE-2024-35984 at NVDCVE-2024-35986 at SUSECVE-2024-35986 at NVDCVE-2024-35989 at SUSECVE-2024-35989 at NVDCVE-2024-35990 at SUSECVE-2024-35990 at NVDCVE-2024-35991 at SUSECVE-2024-35991 at NVDCVE-2024-35992 at SUSECVE-2024-35992 at NVDCVE-2024-35995 at SUSECVE-2024-35995 at NVDCVE-2024-35997 at SUSECVE-2024-35997 at NVDCVE-2024-35998 at SUSECVE-2024-35998 at NVDCVE-2024-35999 at SUSECVE-2024-35999 at NVDCVE-2024-36002 at SUSECVE-2024-36002 at NVDCVE-2024-36003 at SUSECVE-2024-36003 at NVDCVE-2024-36004 at SUSECVE-2024-36004 at NVDCVE-2024-36005 at SUSECVE-2024-36005 at NVDCVE-2024-36006 at SUSECVE-2024-36006 at NVDCVE-2024-36007 at SUSECVE-2024-36007 at NVDCVE-2024-36008 at SUSECVE-2024-36008 at NVDCVE-2024-36009 at SUSECVE-2024-36009 at NVDCVE-2024-36010 at SUSECVE-2024-36010 at NVDCVE-2024-36011 at SUSECVE-2024-36011 at NVDCVE-2024-36012 at SUSECVE-2024-36012 at NVDCVE-2024-36013 at SUSECVE-2024-36013 at NVDCVE-2024-36014 at SUSECVE-2024-36014 at NVDCVE-2024-36015 at SUSECVE-2024-36015 at NVDCVE-2024-36016 at SUSECVE-2024-36016 at NVDCVE-2024-36017 at SUSECVE-2024-36017 at NVDCVE-2024-36018 at SUSECVE-2024-36018 at NVDCVE-2024-36019 at SUSECVE-2024-36019 at NVDCVE-2024-36020 at SUSECVE-2024-36020 at NVDCVE-2024-36021 at SUSECVE-2024-36021 at NVDCVE-2024-36024 at SUSECVE-2024-36024 at NVDCVE-2024-36025 at SUSECVE-2024-36025 at NVDCVE-2024-36026 at SUSECVE-2024-36026 at NVDCVE-2024-36029 at SUSECVE-2024-36029 at NVDCVE-2024-36030 at SUSECVE-2024-36030 at NVDCVE-2024-36032 at SUSECVE-2024-36032 at NVDCVE-2024-36281 at SUSECVE-2024-36281 at NVDCVE-2024-36477 at SUSECVE-2024-36477 at NVDCVE-2024-36478 at SUSECVE-2024-36478 at NVDCVE-2024-36479 at SUSECVE-2024-36479 at NVDCVE-2024-36880 at SUSECVE-2024-36880 at NVDCVE-2024-36882 at SUSECVE-2024-36882 at NVDCVE-2024-36885 at SUSECVE-2024-36885 at NVDCVE-2024-36887 at SUSECVE-2024-36887 at NVDCVE-2024-36889 at SUSECVE-2024-36889 at NVDCVE-2024-36890 at SUSECVE-2024-36890 at NVDCVE-2024-36891 at SUSECVE-2024-36891 at NVDCVE-2024-36893 at SUSECVE-2024-36893 at NVDCVE-2024-36894 at SUSECVE-2024-36894 at NVDCVE-2024-36895 at SUSECVE-2024-36895 at NVDCVE-2024-36896 at SUSECVE-2024-36896 at NVDCVE-2024-36897 at SUSECVE-2024-36897 at NVDCVE-2024-36898 at SUSECVE-2024-36898 at NVDCVE-2024-36899 at SUSECVE-2024-36899 at NVDCVE-2024-36900 at SUSECVE-2024-36900 at NVDCVE-2024-36901 at SUSECVE-2024-36901 at NVDCVE-2024-36902 at SUSECVE-2024-36902 at NVDCVE-2024-36903 at SUSECVE-2024-36903 at NVDCVE-2024-36904 at SUSECVE-2024-36904 at NVDCVE-2024-36906 at SUSECVE-2024-36906 at NVDCVE-2024-36909 at SUSECVE-2024-36909 at NVDCVE-2024-36910 at SUSECVE-2024-36910 at NVDCVE-2024-36911 at SUSECVE-2024-36911 at NVDCVE-2024-36912 at SUSECVE-2024-36912 at NVDCVE-2024-36913 at SUSECVE-2024-36913 at NVDCVE-2024-36914 at SUSECVE-2024-36914 at NVDCVE-2024-36915 at SUSECVE-2024-36915 at NVDCVE-2024-36916 at SUSECVE-2024-36916 at NVDCVE-2024-36917 at SUSECVE-2024-36917 at NVDCVE-2024-36918 at SUSECVE-2024-36918 at NVDCVE-2024-36919 at SUSECVE-2024-36919 at NVDCVE-2024-36921 at SUSECVE-2024-36921 at NVDCVE-2024-36922 at SUSECVE-2024-36922 at NVDCVE-2024-36923 at SUSECVE-2024-36923 at NVDCVE-2024-36924 at SUSECVE-2024-36924 at NVDCVE-2024-36926 at SUSECVE-2024-36926 at NVDCVE-2024-36928 at SUSECVE-2024-36928 at NVDCVE-2024-36930 at SUSECVE-2024-36930 at NVDCVE-2024-36931 at SUSECVE-2024-36931 at NVDCVE-2024-36934 at SUSECVE-2024-36934 at NVDCVE-2024-36935 at SUSECVE-2024-36935 at NVDCVE-2024-36936 at SUSECVE-2024-36936 at NVDCVE-2024-36937 at SUSECVE-2024-36937 at NVDCVE-2024-36938 at SUSECVE-2024-36938 at NVDCVE-2024-36940 at SUSECVE-2024-36940 at NVDCVE-2024-36941 at SUSECVE-2024-36941 at NVDCVE-2024-36942 at SUSECVE-2024-36942 at NVDCVE-2024-36944 at SUSECVE-2024-36944 at NVDCVE-2024-36945 at SUSECVE-2024-36945 at NVDCVE-2024-36946 at SUSECVE-2024-36946 at NVDCVE-2024-36947 at SUSECVE-2024-36947 at NVDCVE-2024-36949 at SUSECVE-2024-36949 at NVDCVE-2024-36950 at SUSECVE-2024-36950 at NVDCVE-2024-36951 at SUSECVE-2024-36951 at NVDCVE-2024-36952 at SUSECVE-2024-36952 at NVDCVE-2024-36955 at SUSECVE-2024-36955 at NVDCVE-2024-36957 at SUSECVE-2024-36957 at NVDCVE-2024-36959 at SUSECVE-2024-36959 at NVDCVE-2024-36960 at SUSECVE-2024-36960 at NVDCVE-2024-36962 at SUSECVE-2024-36962 at NVDCVE-2024-36964 at SUSECVE-2024-36964 at NVDCVE-2024-36965 at SUSECVE-2024-36965 at NVDCVE-2024-36967 at SUSECVE-2024-36967 at NVDCVE-2024-36969 at SUSECVE-2024-36969 at NVDCVE-2024-36971 at SUSECVE-2024-36971 at NVDCVE-2024-36972 at SUSECVE-2024-36972 at NVDCVE-2024-36973 at SUSECVE-2024-36973 at NVDCVE-2024-36974 at SUSECVE-2024-36974 at NVDCVE-2024-36975 at SUSECVE-2024-36975 at NVDCVE-2024-36977 at SUSECVE-2024-36977 at NVDCVE-2024-36978 at SUSECVE-2024-36978 at NVDCVE-2024-37021 at SUSECVE-2024-37021 at NVDCVE-2024-37078 at SUSECVE-2024-37078 at NVDCVE-2024-37353 at SUSECVE-2024-37353 at NVDCVE-2024-37354 at SUSECVE-2024-37354 at NVDCVE-2024-38381 at SUSECVE-2024-38381 at NVDCVE-2024-38384 at SUSECVE-2024-38384 at NVDCVE-2024-38385 at SUSECVE-2024-38385 at NVDCVE-2024-38388 at SUSECVE-2024-38388 at NVDCVE-2024-38390 at SUSECVE-2024-38390 at NVDCVE-2024-38391 at SUSECVE-2024-38391 at NVDCVE-2024-38539 at SUSECVE-2024-38539 at NVDCVE-2024-38540 at SUSECVE-2024-38540 at NVDCVE-2024-38541 at SUSECVE-2024-38541 at NVDCVE-2024-38543 at SUSECVE-2024-38543 at NVDCVE-2024-38544 at SUSECVE-2024-38544 at NVDCVE-2024-38545 at SUSECVE-2024-38545 at NVDCVE-2024-38546 at SUSECVE-2024-38546 at NVDCVE-2024-38547 at SUSECVE-2024-38547 at NVDCVE-2024-38548 at SUSECVE-2024-38548 at NVDCVE-2024-38549 at SUSECVE-2024-38549 at NVDCVE-2024-38550 at SUSECVE-2024-38550 at NVDCVE-2024-38551 at SUSECVE-2024-38551 at NVDCVE-2024-38552 at SUSECVE-2024-38552 at NVDCVE-2024-38553 at SUSECVE-2024-38553 at NVDCVE-2024-38554 at SUSECVE-2024-38554 at NVDCVE-2024-38555 at SUSECVE-2024-38555 at NVDCVE-2024-38556 at SUSECVE-2024-38556 at NVDCVE-2024-38557 at SUSECVE-2024-38557 at NVDCVE-2024-38558 at SUSECVE-2024-38558 at NVDCVE-2024-38559 at SUSECVE-2024-38559 at NVDCVE-2024-38560 at SUSECVE-2024-38560 at NVDCVE-2024-38562 at SUSECVE-2024-38562 at NVDCVE-2024-38564 at SUSECVE-2024-38564 at NVDCVE-2024-38565 at SUSECVE-2024-38565 at NVDCVE-2024-38566 at SUSECVE-2024-38566 at NVDCVE-2024-38567 at SUSECVE-2024-38567 at NVDCVE-2024-38568 at SUSECVE-2024-38568 at NVDCVE-2024-38569 at SUSECVE-2024-38569 at NVDCVE-2024-38570 at SUSECVE-2024-38570 at NVDCVE-2024-38571 at SUSECVE-2024-38571 at NVDCVE-2024-38572 at SUSECVE-2024-38572 at NVDCVE-2024-38573 at SUSECVE-2024-38573 at NVDCVE-2024-38575 at SUSECVE-2024-38575 at NVDCVE-2024-38578 at SUSECVE-2024-38578 at NVDCVE-2024-38579 at SUSECVE-2024-38579 at NVDCVE-2024-38580 at SUSECVE-2024-38580 at NVDCVE-2024-38581 at SUSECVE-2024-38581 at NVDCVE-2024-38582 at SUSECVE-2024-38582 at NVDCVE-2024-38583 at SUSECVE-2024-38583 at NVDCVE-2024-38586 at SUSECVE-2024-38586 at NVDCVE-2024-38587 at SUSECVE-2024-38587 at NVDCVE-2024-38588 at SUSECVE-2024-38588 at NVDCVE-2024-38590 at SUSECVE-2024-38590 at NVDCVE-2024-38591 at SUSECVE-2024-38591 at NVDCVE-2024-38592 at SUSECVE-2024-38592 at NVDCVE-2024-38594 at SUSECVE-2024-38594 at NVDCVE-2024-38595 at SUSECVE-2024-38595 at NVDCVE-2024-38597 at SUSECVE-2024-38597 at NVDCVE-2024-38598 at SUSECVE-2024-38598 at NVDCVE-2024-38599 at SUSECVE-2024-38599 at NVDCVE-2024-38600 at SUSECVE-2024-38600 at NVDCVE-2024-38601 at SUSECVE-2024-38601 at NVDCVE-2024-38602 at SUSECVE-2024-38602 at NVDCVE-2024-38603 at SUSECVE-2024-38603 at NVDCVE-2024-38604 at SUSECVE-2024-38604 at NVDCVE-2024-38605 at SUSECVE-2024-38605 at NVDCVE-2024-38608 at SUSECVE-2024-38608 at NVDCVE-2024-38610 at SUSECVE-2024-38610 at NVDCVE-2024-38611 at SUSECVE-2024-38611 at NVDCVE-2024-38615 at SUSECVE-2024-38615 at NVDCVE-2024-38616 at SUSECVE-2024-38616 at NVDCVE-2024-38617 at SUSECVE-2024-38617 at NVDCVE-2024-38618 at SUSECVE-2024-38618 at NVDCVE-2024-38619 at SUSECVE-2024-38619 at NVDCVE-2024-38621 at SUSECVE-2024-38621 at NVDCVE-2024-38622 at SUSECVE-2024-38622 at NVDCVE-2024-38627 at SUSECVE-2024-38627 at NVDCVE-2024-38628 at SUSECVE-2024-38628 at NVDCVE-2024-38629 at SUSECVE-2024-38629 at NVDCVE-2024-38630 at SUSECVE-2024-38630 at NVDCVE-2024-38633 at SUSECVE-2024-38633 at NVDCVE-2024-38634 at SUSECVE-2024-38634 at NVDCVE-2024-38635 at SUSECVE-2024-38635 at NVDCVE-2024-38636 at SUSECVE-2024-38636 at NVDCVE-2024-38659 at SUSECVE-2024-38659 at NVDCVE-2024-38661 at SUSECVE-2024-38661 at NVDCVE-2024-38663 at SUSECVE-2024-38663 at NVDCVE-2024-38664 at SUSECVE-2024-38664 at NVDCVE-2024-38780 at SUSECVE-2024-38780 at NVDCVE-2024-39276 at SUSECVE-2024-39276 at NVDCVE-2024-39277 at SUSECVE-2024-39277 at NVDCVE-2024-39291 at SUSECVE-2024-39291 at NVDCVE-2024-39296 at SUSECVE-2024-39296 at NVDCVE-2024-39301 at SUSECVE-2024-39301 at NVDCVE-2024-39362 at SUSECVE-2024-39362 at NVDCVE-2024-39371 at SUSECVE-2024-39371 at NVDCVE-2024-39463 at SUSECVE-2024-39463 at NVDCVE-2024-39466 at SUSECVE-2024-39466 at NVDCVE-2024-39468 at SUSECVE-2024-39468 at NVDCVE-2024-39469 at SUSECVE-2024-39469 at NVDCVE-2024-39471 at SUSECVE-2024-39471 at NVDCVE-2024-39472 at SUSECVE-2024-39472 at NVDCVE-2024-39473 at SUSECVE-2024-39473 at NVDCVE-2024-39474 at SUSECVE-2024-39474 at NVDCVE-2024-39475 at SUSECVE-2024-39475 at NVDCVE-2024-39479 at SUSECVE-2024-39479 at NVDCVE-2024-39481 at SUSECVE-2024-39481 at NVDCVE-2024-39482 at SUSECVE-2024-39482 at NVDCVE-2024-39487 at SUSECVE-2024-39487 at NVDCVE-2024-39490 at SUSECVE-2024-39490 at NVDCVE-2024-39494 at SUSECVE-2024-39494 at NVDCVE-2024-39496 at SUSECVE-2024-39496 at NVDCVE-2024-39498 at SUSECVE-2024-39498 at NVDCVE-2024-39502 at SUSECVE-2024-39502 at NVDCVE-2024-39504 at SUSECVE-2024-39504 at NVDCVE-2024-39507 at SUSECVE-2024-39507 at NVDCVE-2024-40901 at SUSECVE-2024-40901 at NVDCVE-2024-40906 at SUSECVE-2024-40906 at NVDCVE-2024-40908 at SUSECVE-2024-40908 at NVDCVE-2024-40919 at SUSECVE-2024-40919 at NVDCVE-2024-40923 at SUSECVE-2024-40923 at NVDCVE-2024-40925 at SUSECVE-2024-40925 at NVDCVE-2024-40928 at SUSECVE-2024-40928 at NVDCVE-2024-40931 at SUSECVE-2024-40931 at NVDCVE-2024-40935 at SUSECVE-2024-40935 at NVDCVE-2024-40937 at SUSECVE-2024-40937 at NVDCVE-2024-40940 at SUSECVE-2024-40940 at NVDCVE-2024-40947 at SUSECVE-2024-40947 at NVDCVE-2024-40948 at SUSECVE-2024-40948 at NVDCVE-2024-40953 at SUSECVE-2024-40953 at NVDCVE-2024-40960 at SUSECVE-2024-40960 at NVDCVE-2024-40961 at SUSECVE-2024-40961 at NVDCVE-2024-40966 at SUSECVE-2024-40966 at NVDCVE-2024-40970 at SUSECVE-2024-40970 at NVDCVE-2024-40972 at SUSECVE-2024-40972 at NVDCVE-2024-40975 at SUSECVE-2024-40975 at NVDCVE-2024-40979 at SUSECVE-2024-40979 at NVDCVE-2024-40998 at SUSECVE-2024-40998 at NVDCVE-2024-40999 at SUSECVE-2024-40999 at NVDCVE-2024-41006 at SUSECVE-2024-41006 at NVDCVE-2024-41011 at SUSECVE-2024-41011 at NVDCVE-2024-41013 at SUSECVE-2024-41013 at NVDCVE-2024-41014 at SUSECVE-2024-41014 at NVDCVE-2024-41017 at SUSECVE-2024-41017 at NVDCVE-2024-41090 at SUSECVE-2024-41090 at NVDCVE-2024-41091 at SUSECVE-2024-41091 at NVDcpe:/o:suse:sl-micro:6.0Security update for glib2 (Important)SUSE Linux Micro 6.0
This update for glib2 fixes the following issues:
- CVE-2024-52533: Fix a single byte buffer overflow (bsc#1233282).
ImportantSUSE bug 1233282CVE-2024-52533 at SUSECVE-2024-52533 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-tornado6 (Moderate)SUSE Linux Micro 6.0
This update for python-tornado6 fixes the following issues:
- CVE-2024-52804: Avoid quadratic performance of cookie parsing (bsc#1233668).
ModerateSUSE bug 1233668CVE-2024-52804 at SUSECVE-2024-52804 at NVDcpe:/o:suse:sl-micro:6.0Security update for Mesa (Moderate)SUSE Linux Micro 6.0
This update for Mesa fixes the following issues:
- CVE-2023-45913: Fixed NULL pointer dereference via dri2GetGlxDrawableFromXDrawableId() (bsc#1222040).
- CVE-2023-45919: Fixed buffer over-read in glXQueryServerString() (bsc#1222041).
- CVE-2023-45922: Fixed segmentation violation in __glXGetDrawableAttribute() (bsc#1222042).
ModerateSUSE bug 1222040SUSE bug 1222041SUSE bug 1222042CVE-2023-45913 at SUSECVE-2023-45913 at NVDCVE-2023-45919 at SUSECVE-2023-45919 at NVDCVE-2023-45922 at SUSECVE-2023-45922 at NVDcpe:/o:suse:sl-micro:6.0Security update for skopeo (Moderate)SUSE Linux Micro 6.0
This update for skopeo fixes the following issues:
- CVE-2024-9676: Fixed symlink traversal vulnerability in the containers/storage library that could have let to a denial-of-service attack (bsc#1231698).
ModerateSUSE bug 1231698CVE-2024-9676 at SUSECVE-2024-9676 at NVDcpe:/o:suse:sl-micro:6.0Security update for containerd (Important)SUSE Linux Micro 6.0
This update for containerd fixes the following issues:
- Update to containerd v1.7.21. Upstream release notes:
https://github.com/containerd/containerd/releases/tag/v1.7.21
Fixes CVE-2023-47108. bsc#1217070
Fixes CVE-2023-45142. bsc#1228553
- Update to containerd v1.7.17. Upstream release notes:
https://github.com/containerd/containerd/releases/tag/v1.7.17
- Update to containerd v1.7.16. Upstream release notes:
https://github.com/containerd/containerd/releases/tag/v1.7.16
CVE-2023-45288 bsc#1221400
- Update to containerd v1.7.15. Upstream release notes:
https://github.com/containerd/containerd/releases/tag/v1.7.15
- Update to containerd v1.7.14. Upstream release notes:
https://github.com/containerd/containerd/releases/tag/v1.7.14
- Update to containerd v1.7.13. Upstream release notes:
https://github.com/containerd/containerd/releases/tag/v1.7.13
- Update to containerd v1.7.12. Upstream release notes:
https://github.com/containerd/containerd/releases/tag/v1.7.12
- Update to containerd v1.7.11. Upstream release notes:
https://github.com/containerd/containerd/releases/tag/v1.7.11
GHSA-jq35-85cj-fj4p bsc#1224323
ImportantSUSE bug 1200528SUSE bug 1217070SUSE bug 1221400SUSE bug 1224323SUSE bug 1228553CVE-2022-1996 at SUSECVE-2022-1996 at NVDCVE-2023-45142 at SUSECVE-2023-45142 at NVDCVE-2023-45288 at SUSECVE-2023-45288 at NVDCVE-2023-47108 at SUSECVE-2023-47108 at NVDcpe:/o:suse:sl-micro:6.0Security update for avahi (Moderate)SUSE Linux Micro 6.0
This update for avahi fixes the following issues:
- CVE-2024-52616: Properly randomize query id of DNS packets (bsc#1233420).
Bug fixes:
- No longer supply bogus services to callbacks (bsc#1226586).
- Tag hardening patches as PATCH-FEATURE-OPENSUSE
- Remove dependency on /usr/bin/python3 using %python3_fix_shebang macro (bsc#1212476).
ModerateSUSE bug 1212476SUSE bug 1226586SUSE bug 1233420CVE-2024-52616 at SUSECVE-2024-52616 at NVDcpe:/o:suse:sl-micro:6.0Security update for buildkit (Important)SUSE Linux Micro 6.0
This update for buildkit fixes the following issues:
- Update to version 0.12.5:
* update runc to v1.1.12
* exec: add extra validation for submount sources (fixes CVE-2024-23651, bsc#1219267)
* oci: fix error handling on submount calls
* executor: recheck mount stub path within root after container run (fixes CVE-2024-23652, bsc#1219268)
* llbsolver: make sure interactive container API validates entitlements (fixes CVE-2024-23653, bsc#1219438)
* gateway: pass executor with build and not access worker directly
* pb: add extra validation to protobuf types
* sourcepolicy: add validations for nil values
* exporter: add validation for platforms key value
* exporter: add validation for invalid platorm
* exporter: validate null config metadata from gateway
* ci: disable push if not upstream repo
* hack: use git context only for upstream repo
* hack/test: allow ALPINE_VERSION to be set from env
* hack: align syntax
* vendor: github.com/cyphar/filepath-securejoin v0.2.4
* tracing: allow the `Resource` to be set externally
- Update to version 0.12.4:
* Fix possible concurrent map access on remote cache export
* Fix hang on debug server listener
* Fix possible deadlock in History API under high number of parallel builds
* Fix possible panic on handling deleted records in History API
* Fix possible data corruption in zstd library
- Update to version 0.12.3:
* Fix possible duplicate source files in provenance attestation for chained builds
* Fix possible negative step time in progressbar for step shared with other build request
* Fix properly closing history and cache DB on shutdown to avoid corruption
* Fix incorrect error handling for invalid HTTP source URLs
* Fix fallback cases for ambiguous insecure configuration provided for registry used as push target.
* Fix possible data race with parallel image config resolves
* Fix regression in v0.12 for clients waiting on buildkitd to become available
* Fix Cgroup NS handling for hosts supporting only CgroupV1
- Update to version 0.12.2:
* Fix possible discarded network error when exporting result to client
* Avoid unnecessary memory allocations when writing build progress
- Update to version 0.12.1:
* executor: fix resource sampler goroutine leak
* [v0.11] make tracing socket forward error non-fatal
* integration: missing env var to check feature compat
* test: update pinned busybox image to 1.36
* test: update pinned alpine image to 3.18
* vendor: github.com/docker/docker 8e51b8b59cb8 (master, v25.0.0-dev)
* executor/resource: stub out NewSysSampler on Windows
* vendor: github.com/docker/cli v24.0.4
* testutil: move CheckContainerdVersion to a separate package
* llbsolver: fix policy rule ordering
* filesync: fix backward compatibility with encoding + and %
* hack: allow to set GO_VERSION during tests
* test: always disable tls for dockerd worker
* buildctl: set max backoff delay to 1 second
* contenthash: data race
* filesync: escape special query characters
* applier: add hack to support docker zstd layers
* Fix various nits
* pullprogress data race
* use sampler lock instead
* Fix ResolveImageConfig to evaluate source policy
* sampler data race fix
* update cgroup parent test to work with cgroupns
* Revert "specify a `ResponseHeaderTimeout` value"
* oci: make sure cgroupns is enabled if supported
* bash lint fix
* rename BUILDFLAGS to GOBUILDFLAGS
* allow ENOTSUP for PSI cgroup files
* containerimage: use platform matcher to detect platform to unpack
* exporter: silently skip unpacking unknown reference
* improve error handling in ReadFile
* dockerfile: arg for controlling go build flags
* dockerfile: arg to enable go race detection
* Add support for health start interval
* Re-vendor moby/moby
* filesync: mark if options have been encoded to detect old versions
* dockerfile: heredoc should use 0644 permissions
* docs: update README to reference OpenTelemetry instead of OpenTracing
* gateway: restore original filename in ReadFile error message
* Dockerfile: update containerd to v1.7.2
* Use system.ToSlash() instead of filepath.ToSlash()
* Revert most changes to client/llb
* Remove Architecture
* Default to linux in client
* Ensure we use proper path separators
* Set default platform
* Add nil pointer check in dispatchWorkdir
* Remove nil pointer check and extra NormalizePath
* Rename variable, remove superfluous check
* Use current OS as a default
* Handle file paths base on target platform
* exporter: unlazy references in parallel
* exporter: simplify unlazy references to reduce duplication
* exporter: allow unpack on multi-platform images
* tests: add unpack to scratch export test
* overlay: set whiteout timestamps to 1970-01-01 (not to SOURCE_DATE_EPOCH)
* dockerfile: graduate `ADD --checksum=<checksum>` from labs
* dockerfile: graduate `ADD <git ref>` from labs
* dockerfile: mod-outdated target to check modules updates
* dockerfile: use xx in dnsname stage
* dockerfile: install musl-dev to fix compilation issue
* dockerfile: update Alpine to 3.18
* vendor: update fsutil to 36ef4d8
* export(local): split opt
* buildctl: Provide --wait option
* containerimage: support SOURCE_DATE_EPOCH for CreatedAt
* move flightcontrol to use generics
* containerimage: keep layer labels for exported images
* shell: start shell from cmd, not entrypoint
* sbom: propogate image-resolve-mode for generator image
* client: add extra debug to tests
* handle missing provenance for non-evaluated result
* tests: add provenance test for duplicate platform
* tests: add provenance test for when context directory does not exist
* forward: make BridgeClient public for lint
* gateway: enable named contexts for gateway frontend
* vendor: update vt100 with resize panic fix
* docs: dockerfile: remove "known issues" related to AuFS
* docs: add running instruction to CONTRIBUTING.md
* tests: add worker close method to interface
* add and check for gateway.exec.secretenv cap
* move Secretenv from Meta to InitMessage
* support passing SecretEnv to gateway containers
* Add comment, update from review
* Fix issue with digest merge (inconsistent graph state)
* docs: add helper commands section to CONTRIBUTING.md
* docs: update CONTRIBUTING.md whitespace formatting
* integration: fix not deleting dockerd workdir
* remove uses of deprecated ResolverOptions.Client
* filesync: fix handling non-ascii in file paths
* tests: add test for unicode filenames
* Adding more docs to client/llb
* Add special case for rw bind mounts
* vendor: github.com/docker/cli v24.0.2
* vendor: github.com/docker/docker v24.0.2
* progressui: fix index printing on partial rows
* gateway: wrap ExecProcessServer Send calls with a mutex
* resources: make maxsamples configurable
* llbsolver: add systemusage samples to provenance attestation
* resources: store sys cpu usage per step
* resources: add sampler for periodic stat reads
* resources: CNI network usage sampling support
* resources: add build step resource tracking via cgroups
* solver: lock before using actives
* Emulate "bind" mounts using the bind filter
* Fix mount layers on host
* llbsolver: set temporary lease in Commit context
* Update containerd dependency
* exporter: Add exptypes with Common exporter keys
* exporter/image/exptypes: Make strongly typed
* solver: move AddBuildConfig into llbsolver package
* tests: add test to check url format for image loaded from oci layout
* solver: mark locally loaded images as such
* solver: merge local and remote images into single list
* purl: allow RefToPURL to take a type parameter
* tests: don't use purl code to test itself
* Use linux as a default for inputOS
* Add path handling functions
* response to comments
* containerimage: Export option keys
* vendor: update spdx/tools-golang to v0.5.1
* exporter: remove non dist options from tar exporter
* exporter: move fs opt parsing to method
* tests: fixup attestation tar to not panic when file not found
* git: set umask without reexec
* add language property for sourcemap
* dockerfile/docs: add set -ex to heredoc #3870
* authprovider: fix a bug where registry-1.docker.io auth was always a cache miss
* response to comments
* tracing: fix buildx tracing delegation
* Update continuity and fsutil
* cache: add a few more fields to ref trace logs.
* vendor: github.com/containerd/go-runc v1.1.0
* provenance: fix possible empty digest access
* vendor: fix broken vendoring
* dockerfile: bump up nerdctl to v1.4.0
* bump nydus-snapshotter dependence to v0.8.2
* vendor: github.com/docker/cli v24.0.1
* vendor: github.com/docker/docker v24.0.1
* vendor: github.com/containerd/containerd v1.7.1
* vendor: github.com/Microsoft/hcsshim v0.10.0-rc.8
* vendor: github.com/Microsoft/go-winio v0.6.1
* vendor: golang.org/x/sys v0.7.0
* vendor: github.com/containerd/typeurl/v2 v2.1.1
* chore: bump spdx tools
* Fix typo in attestation-storage.md
* vendor: github.com/docker/cli v24.0.0
* vendor: github.com/docker/docker v24.0.0
* vendor: github.com/opencontainers/runc v1.1.7
* vendor: github.com/opencontainers/runtime-spec v1.1.0-rc.2
* vendor: github.com/klauspost/compress v1.16.3
* Dockerfile: CONTAINERD_VERSION=v1.7.1
* Dockerfile: CONTAINERD_ALT_VERSION_16=v1.6.21
* Dockerfile: RUNC_VERSION=v1.1.7
* session: avoid logging healthcheck error on canceled connection
* session: fix run and close synchronization
* testutil: update ReadImages to fallback to reading manifest
* Add trace logs for cache leaks.
* Add some doc strings for LLB functions
* attestations: move containerd media type warnings
* update generated proto files
* attestations: replace intoto media type with vendored const
* nydus: bump nydus versions in Dockerfile and doc
* feedback changes for moby/buildkit #2251
* testutil: expose underlying docker address for supported workers
* testutil: expose integration workers as public
* remove type aliases for leasemanager/contentstore
* llbsolver: move history blobs to a separate namespace
* build(deps): bump github.com/docker/distribution
* added import/export support for OCI compatible image manifest version of cache manifest (opt-in on export, inferred on import) moby/buildkit #2251
* llb: carry platform from inputs for merge/diff
* llb: don't include platform in fileop
* control: fix possible deadlock on network error
* exporter/containerimage: remove redundant type for var declaration
* Fix not to set the value on empty vertex
* Fix to import as digest
* cache: always release ref when getting size in usage.
* Drop unneeded variable
* ssh: add fallback to ensure conn is closed in all cases.
* vendor: github.com/opencontainers/image-spec v1.1.0-rc3
* vendor: github.com/docker/cli v23.0.5
* vendor: github.com/docker/docker v23.0.5
* nydus: update nydus-snapshotter dependency to v0.8.0
* progressui: fix possible zero prefix numbers in logs
* llbsolver: send active event only to current client
* llbsolver: send delete status event
* llbsolver: filter out records marked deleted from list responses
* Add Windows service support
* docs: fixup build repro doc with updated policy format
* test: use appropriate snapshotter service to walk snapshots
* overlay: use function to check for overlay-based mounts
* Update uses of Image platform fields in OCI image-spec
* allow setting user agent products
* Bump up golangci-lint to v1.52.2
* chore: tidy up duplicated imports
* solver: Release unused refs in LoadWithParents
* Avoid panic on parallel walking on DefinitionOp
* solver: skip sbom post processor if result is nil
* vendor: github.com/docker/docker v23.0.4
* vendor: github.com/docker/cli v23.0.4
* vendor: golang.org/x/time v0.3.0
* vendor: github.com/docker/cli v23.0.2
* vendor: github.com/docker/docker v23.0.2
* test: don't hang if a process doesn't run
* ci: put worker name first for better UX in actions
* go.mod: remove github.com/kr/pretty
* Revert "Problem: can't use anonymous S3 credentials"
* go.mod: bump up runc to v1.1.6
* go.mod: Bump up stargz-snapshotter to v0.14.3
* dockerfile: bump up stargz-snapshotter to v0.14.3
* dockerfile: bump up runc to v1.1.6
* buildkitd: add grpc reflection
* Bump up nerdctl to 1.3.0
* Bump up containerd 1.6.20
* Fix gzip decoding of HTTP sources.
* ci: update runner os to ubuntu 22.04
* Fix bearer token expiration check (fixes #3779)
* docs: update buildkitd.toml with new field info
* buildkitd: allow durations for gc config
* buildkitd: allow multiple units for gc config
* dockerui: expose context detection functions as public
* Prevent overflow of runc exit code.
* Upgrade to latest go-runc.
* runc worker: fix sigkill handling
* Dockerfile: RUNC_VERSION=v1.1.5
* client: add client opts to enable system certificates
* Make ClientOpts type safe
* build(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5
* fileop: create new fileOpSolver instance per Exec call
* Provide CacheManager to Controller instead of CacheKeyManager.
* http: ensure HEAD and GET requests have same headers
* docs: add auto-generated sections to buildctl.md
* client: allow grpc dial option passthrough
* cni: simplify netns creation
* add Bass to list of LLB languages
* llbsolver: fix sorting of history records
* llbsolver: Fix performance of recomputeDigests
* solve: use comparables instead of reflection in result struct
* vendor: github.com/docker/cli v23.0.1
* vendor: github.com/docker/docker v23.0.1
* client: create oci-layout file in StoreIndex
* ci: output annotations for failures
* test: set mod vendor
* test: use gotestsum to generate reports
* fix gateway exec tty cleanup on context.Canceled
* fix process termination handling for runc exec
* Register builds before recording build history
* docs(dockerfile): minimal Dockerfile version support for chmod
* Update builder.md to document newly supported --chmod features in both ADD and COPY statements.
* use bklog.G(ctx) instead of logrus directly
* integration: missing mergeDiff compat check
* chore: `translateLegacySolveRequest` does not need to return error checking.
* integration: split feature compat check for subtests
* integration: missing feature compat check for cache
* dockerfile: fix reproducible digest test for non-amd64
* integration: add FeatureMergeDiff compat
* integration: add FeatureCacheBackend* compat
* integration: enforce features compat through env vars
* ci: upstream docs conformance validation
* dockerfile(docs): fix liquid syntax
* Problem: can't use anonymous S3 credentials
* hack: remove build_ci_first_pass script
* hack: binaries and cross bake targets
* go.mod: update to go 1.20
* Dockerfile: CONTAINERD_VERSION=v1.7.0
* go.mod: github.com/containerd/containerd v1.7.0
* Add Namespace to list of buildkit users.
* remove buildinfo
* buildinfo: add BUILDKIT_BUILDINFO build arg
* buildinfo: mark as deprecated
* docs: deprecated features page
* rootless: guide for Bottlerocket OS (`sysctl -w user.max_user_namespaces=N`)
* rootless: fix up unprivileged mount opts
* Dockerfile: CONTAINERD_VERSION=v1.7.0-rc.3, CONTAINERD_ALT_VERSION_16=v1.6.19
* go.mod: github.com/containerd/containerd v1.7.0-rc.3
* version: add "v" prefix to version for tagging convention consistency
* remove context name validation from kubepod connhelper
* gateway: add hostname option to NewContainer API
* fix error message typo
* provenance: ensure URLs are redacted before written
* test/client: Close buildkit client
* docs: missing security policy markdown file
* diffapply: do chown before xattrs
* Add test for merge of files with capabilities.
* fix a possible panic on cache
* Update cmd/buildkitd/main_windows.go
* ci(validate): use bake
* hack: shfmt bake target
* hack: generated-files bake target
* hack: doctoc bake target
* hack: lint bake target
* hack: authors Dockerfile and bake target
* hack: bake definition with vendor targets
* Fix buildkitd panic when frontend input is nil.
* ci: trigger workflows on push to release branches
* build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0
* ci: create GitHub Release for frontend as well
* ci: make release depends on image job
* lint: fix issues with go 1.20
* remove deprecated golangci-lint linters
* update golangci-lint to v1.51.1
* update to go 1.20
* Allow DefinitionOp to track sources
* specify a `ResponseHeaderTimeout` value
* Ensures that the primary GID is also included in the additional GIDs
* ci: fix missing TESTFLAGS env var in test-os workflow
* Dockerfile: update containerd to v1.7.0-beta.4, v1.6.18
* go.mod: github.com/containerd/containerd v1.7.0-beta.4
* ci: update softprops/action-gh-release to v0.1.15
* ci: remove unused vars in dockerd workflow
* ci: split cross job
* Dockerfile: remove binaries-linux-helper stage
* ci: rename unclear env vars
* readme: fix and update badges
* ci: rename build workflow to buildkit
* ci: reusable test workflow
* ci: move test-os to a dedicated workflow
* ci: move frontend integration tests and build to a dedicated workflow
* stargz-snapshotter: graduate from experimental
* Bump up stargz-snapshotter to v0.14.1
* set osversion in index descriptor from base image
* progress: solve status description
* ci: update buildx to latest
* Dockerfile: update xx to 1.2.1
* integration: make sure registry directory exists
* gha: avoid range requests with too big offset
* ci: merge test-nydus job in test one
* ci: remove branch restriction on pull request event
* client: add tests for layerID in comment field
* exporter: fix sbom supplement core detection
* exporter: fix supplement sboms on empty scratch layer
* exporter: fix file layer finder whiteout detection
* exporter: canonicalize sbom file paths during search
* Add platform tracing socket paths and mounts
* integration: log dockerd cmd
* integration: set custom flags for dockerd worker
* remotecache: proper exporter naming for gha, s3 and azblob
* remotecache: explicit names for registry and local
* exporter: use compression.ParseAttributes func
* remotecache: mutualize compression parsing attrs
* lex: add support for optional colon in variable expansion
* test: rework TestProcessWithMatches to use a matrix
* dockerfile: update to use dockerui pkg
* dockerui: separate docker frontend params to reusable package
* cache: add fallback for snapshotID
* exporter: remove wrappers for oci data types
* vendor: github.com/docker/cli v23.0.0
* vendor: github.com/docker/docker v23.0.0
* hack: do not cache some stages on release
* hack: do not set attest flags when exporting to docker
* git: override the locale to ensure consistent output
* fix support for empty git ref with subdir
* gitutil: use subtests
* source: more tests cases for git identifier
* source: use subtests cases for git identifier
* otel: bump dependencies to v1.11.2/v0.37.0
* hack: treat unset variables as an error
* frontend: fix typo in release script
* ci: create matrix for building frontend image
* inline cache: fix blob indexes by uncompressed digest
* Skip configuring cache exporter if it is nil.
* docs: update syntax for labs channel in examples
* integration: remove wrong compat condition
* integration: fix compat check for CNI DNS test
* cache: don’t link blobonly based on chainid
* do not mount secrets that are optional and missing from solve opts
* SOURCE_DATE_EPOCH: drop timezone
* sbom: create tmp directory for scanner image
* progress: keep color enabled with NO_COLOR empty
* hack: remove azblob_test
* integration: basic azblob cache test
* test: add proxy build args when existed
* vendor: github.com/docker/cli v23.0.0-rc.3
* vendor: github.com/docker/docker v23.0.0-rc.3
* vendor: golang.org/x/net v0.5.0
* vendor: golang.org/x/text v0.6.0
* vendor: golang.org/x/sys v0.4.0
* Dockerfile: CNI plugins v1.2.0
* Dockerfile: CONTAINERD_VERSION=v1.7.0-beta.3, CONTAINERD_ALT_VERSION_16=v1.6.16
* Fix tracing listener on Windows
* go.mod: github.com/containerd/containerd v1.7.0-beta.3
* control: send current timestamp header with event streams
* vendor: update containerd to v1.6.16-0.1709cfe273d9
* buildctl: add ref-file to get history record for a build
* client: make sure ref is configurable for the history API
* history: save completed steps with cache stats
* history: fix exporter key not being passed
* history: fix logs and traces are saving on canceled builds
* hack: add correct entrypoint to shell script
* ci: use moby/buildkit:latest in build action
* dockerfile: add testReproSourceDateEpoch
* Fix cache cannot reuse lazy layers
* Correct manifests_prefix documentation for S3 cache
* Use golang.org/x/sys/windows instead of syscall
* dockerfile: release frontend for i386 platform
* Add get-user-info utility
* optimize --dry-run flag
* fix(tracing): spelling of OTEL_TRACES_EXPORTER value
* Propagate sshforward send side connection close
* buildctl: add `buildctl debug histories, buildctl prune-histories`
* dockerfile: fix panic on warnings with multi-platform
* vendor: github.com/docker/cli v23.0.0-rc.2
* vendor: github.com/docker/docker v23.0.0-rc.2
* vendor: github.com/containerd/containerd v1.6.15
* cache: add registry.insecure option to registry exporter
* Make local cache non-lazy
* docs/build-repro.md: add the SOURCE_DATE_EPOCH section
* docs: clarified build argument example by changing the variable name
* azblob cache: account_name attribute
* docs: master -> 0.11
* ci: fix dockerd workflow with latest changes from moby
* integration: set mirrors and entitlements with dockerd worker
* github: update CI to buildkit version
* exporter: ensure spdx order prioritizes primary sbom
* hack: remove s3_test
* integration: basic s3 cache test
* integration: add runCmd and randomString utils
* integration: expose backend logs in sandbox interface
* azblob_test: pin busybox to avoid "Illegal instruction" error
* docs: add nerdctl container buildkitd address docs
* feat: add namespace support for nerdctl container
* ci: add ci to check README toc
* testutil: pin busybox and alpine used in releases
* exporter: allow configuring inline attestations for image exporters
* exporter: force enabling inline attestations for image export
* docs: change semicolons to double ampersands
* llbsolver: fix panic when requesting provenance on nil result
* vendor: update fsutil to fb43384
* attestation: only supplement file data for the core scan
* docs: add index page for attestations
* docs: move attestation docs to dedicated directory
* docs: rename slsa.md to slsa-provenance.md
* docs: tidy up json examples for slsa definitions
* docs: add cross-linking between slsa pages
* Flakiness in azblob test job
* vendor: update spdx/tools-golang to d6f58551be3f
* feat: add nerdctl-container support for client
* docs: slsa review updates
* docs: moved slsa definitions to a separate page
* docs: slsa editorial fixes
* docs: add filename to provenance attestation
* docs: update hermetic field after it was moved in implementation
* docs: update provenance docs
* docs: add slsa provenance documentation
* progress: fix clean context cancelling
* fix: updated_at -> updated-at
* Solve panic due to concurrent access to ExportSpans
* feat: allow ignoring remote cache-export error if failing
* add cache stats to the build history API
* vendor: github.com/docker/cli v23.0.0-rc.1
* vendor: github.com/docker/docker v23.0.0-rc.1
* vendor: github.com/containerd/containerd v1.6.14
* frontend: fix testMultiStageImplicitFrom to account for busybox changes
* sshforward: skip conn close on stream CloseSend.
* chore: update buildkitd.toml docs with mirror path example
* feat: handle mirror url with path
* provenance: fix the order of the build steps
* provenance: move hermetic field into a correct struct
* add possibility to override filename for provenance
* Fix typo in CapExecMountBindReadWriteNoOutput.
* Use SkipOutput instead of -1 for output indexes to clarify semantics.
* fix indentation for in-toto and traces
* attestation: forbid provenance attestations from frontend
* attestation: validate attestations before unbundling as well
* exporter: make attestation validation public
* result: change reason types to strings
* attestations: ignore spdx parse errors
* attestations: propogate metadata through unbundling
* gateway: add addition check to prevent content func from being forwarded
* ociindex: add utility method for getting a single manifest from the index
* ociindex: refactor to hide implementation internally
* cache: test gha cache exporter
* containerdexecutor: add network namespace callback
* frontend/dockerfile: BFlags.Parse(): use strings.Cut()
* frontend/dockerfile: parseExtraHosts(): use strings.Cut()
* frontend/dockerfile: parseMount() use strings.Cut(), and some minor cleanup
* frontend/dockerfile: move check for cache-sharing
* frontend/dockerfile: provide suggestions for mount share mode
* frontend/dockerfile: define types for enums
* frontend/dockerfile/shell: use strings.Equalfold
* frontend/dockerfile/parser: remove redundant concat
* frontend/dockerfile: parseBuildStageName(): pre-compile regex
* frontend/dockerfile: remove isSSHMountsSupported, isSecretMountsSupported
* docs: Enable rootless for stargz-snapshotter
* executor/oci: GetResolvConf(): simplify handling of resolv.conf
ImportantSUSE bug 1219267SUSE bug 1219268SUSE bug 1219438CVE-2024-23651 at SUSECVE-2024-23651 at NVDCVE-2024-23652 at SUSECVE-2024-23652 at NVDCVE-2024-23653 at SUSECVE-2024-23653 at NVDcpe:/o:suse:sl-micro:6.0Security update for containerized-data-importer (Important)SUSE Linux Micro 6.0
This update for containerized-data-importer fixes the following issues:
- Update to version 1.60.1
Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.60.1
- Add registry path for SLE15 SP7
- Bump to the latest tag 1.60.1-150600.3.9.1
- Use the images based on SLE15 SP6 BCI
- Bump to the latest tag 1.59.0-150600.3.6.1
- Update to version 1.59.0
Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.59.0
Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.58.1
ImportantSUSE bug 1224119CVE-2024-3727 at SUSECVE-2024-3727 at NVDcpe:/o:suse:sl-micro:6.0Security update for haproxy (Moderate)SUSE Linux Micro 6.0
This update for haproxy fixes the following issues:
Update to version 2.8.11+git0.01c1056a4:
- VUL-0: CVE-2024-53008: haproxy: HTTP/3 request smuggling via malformed HTTP headers forwarded to a HTTP/1.1 non-compliant back-end server (bsc#1233973)
- BUG/MINOR: cfgparse-listen: fix option httpslog override warning message
- BUG/MEDIUM: promex: Wait to have the request before sending the response
- BUG/MEDIUM: cache/stats: Wait to have the request before sending the response
- BUG/MEDIUM: queue: implement a flag to check for the dequeuing
- BUG/MINOR: clock: validate that now_offset still applies to the current date
- BUG/MINOR: clock: make time jump corrections a bit more accurate
- BUG/MINOR: polling: fix time reporting when using busy polling
- BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state
- BUG/MEDIUM: pattern: prevent UAF on reused pattern expr
- BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg()
- BUG/MEDIUM: clock: detect and cover jumps during execution
- REGTESTS: fix random failures with wrong_ip_port_logging.vtc under load
- DOC: configuration: place the HAPROXY_HTTP_LOG_FMT example on the correct line
- BUG/MINOR: pattern: do not leave a leading comma on "set" error messages
- BUG/MINOR: pattern: pat_ref_set: return 0 if err was found
- BUG/MINOR: pattern: pat_ref_set: fix UAF reported by coverity
- BUG/MINOR: stconn: Request to send something to be woken up when the pipe is full
- BUG/MEDIUM: mux-pt/mux-h1: Release the pipe on connection error on sending path
- BUG/MEDIUM: clock: also update the date offset on time jumps
- DOC: config: correct the table for option tcplog
- BUG/MINOR: h3: properly reject too long header responses
- BUG/MINOR: proto_uxst: delete fd from fdtab if listen() fails
- BUG/MINOR: mux-quic: do not send too big MAX_STREAMS ID
- REGTESTS: mcli: test the pipelined commands on master CLI
- BUG/MEDIUM: mworker/cli: fix pipelined modes on master CLI
- MINOR: channel: implement ci_insert() function
- BUG/MINOR: proto_tcp: keep error msg if listen() fails
- BUG/MINOR: proto_tcp: delete fd from fdtab if listen() fails
- BUG/MINOR: quic/trace: make quic_conn_enc_level_init() emit NEW not CLOSE
- BUG/MINOR: trace/quic: make "qconn" selectable as a lockon criterion
- BUG/MINOR: trace: automatically start in waiting mode with "start <evt>"
- BUG/MEDIUM: trace: fix null deref in lockon mechanism since TRACE_ENABLED()
- BUG/MINOR: trace/quic: permit to lock on frontend/connect/session etc
- BUG/MINOR: trace/quic: enable conn/session pointer recovery from quic_conn
- BUG/MINOR: fcgi-app: handle a possible strdup() failure
- BUG/MEDIUM: mux-h2: Propagate term flags to SE on error in h2s_wake_one_stream
- BUG/MEDIUM: h2: Only report early HTX EOM for tunneled streams
- BUG/MEDIUM: http-ana: Report error on write error waiting for the response
- BUG/MEDIUM: quic: prevent conn freeze on 0RTT undeciphered content
- BUG/MEDIUM: stconn: Report error on SC on send if a previous SE error was set
- BUG/MEDIUM: mux-h1: Properly handle empty message when an error is triggered
- BUG/MEDIUM: cli: Always release back endpoint between two commands on the mcli
- BUG/MEDIUM: stream: Prevent mux upgrades if client connection is no longer ready
- BUG/MEDIUM: init: fix fd_hard_limit default in compute_ideal_maxconn
- MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD (take #2)
- BUG/MEDIUM: queue: deal with a rare TOCTOU in assign_server_and_queue()
- MINOR: queue: add a function to check for TOCTOU after queueing
- BUG/MEDIUM: jwt: Clear SSL error queue on error when checking the signature
- BUG/MINOR: quic: Lack of precision when computing K (cubic only cc)
- BUG/MINOR: cli: Atomically inc the global request counter between CLI commands
- BUG/MINOR: server: Don't warn fallback IP is used during init-addr resolution
- BUG/MINOR: stick-table: fix crash for src_inc_gpc() without stkcounter
- DOC: config: improve the http-keep-alive section
- DOC: configuration: issuers-chain-path not compatible with OCSP
- BUG/MEDIUM: ssl_sock: fix deadlock in ssl_sock_load_ocsp() on error path
- BUG/MEDIUM: debug/cli: fix "show threads" crashing with low thread counts
- BUG/MINOR: session: Eval L4/L5 rules defined in the default section
- BUG/MEDIUM: bwlim: Be sure to never set the analyze expiration date in past
- BUG/MEDIUM: spoe: Be sure to create a SPOE applet if none on the current thread
- BUG/MEDIUM: h1: Reject empty Transfer-encoding header
- BUG/MINOR: h1: Reject empty coding name as last transfer-encoding value
- BUG/MINOR: h1: Fail to parse empty transfer coding names
- BUG/MINOR: jwt: fix variable initialisation
- DOC: configuration: update maxconn description
- BUG/MINOR: jwt: don't try to load files with HMAC algorithm
- MEDIUM: ssl: initialize the SSL stack explicitely
- DOC: configuration: more details about the master-worker mode
- BUG/MEDIUM: quic: fix possible exit from qc_check_dcid() without unlocking
- BUG/MINOR: quic: fix race-condition on trace for CID retrieval
- BUG/MINOR: quic: fix race condition in qc_check_dcid()
- BUG/MEDIUM: quic: fix race-condition in quic_get_cid_tid()
- BUG/MEDIUM: h3: ensure the ":scheme" pseudo header is totally valid
- BUG/MEDIUM: h3: ensure the ":method" pseudo header is totally valid
- MINOR: activity: make the memory profiling hash size configurable at build time
- BUG/MINOR: hlua: report proper context upon error in hlua_cli_io_handler_fct()
- BUG/MINOR: quic: fix BUG_ON() on Tx pkt alloc failure
- BUG/MINOR: mux-quic: fix crash on qcs SD alloc failure
- BUG/MINOR: h3: fix crash on STOP_SENDING receive after GOAWAY emission
- DOC: api/event_hdl: small updates, fix an example and add some precisions
- SCRIPTS: git-show-backports: do not truncate git-show output
- DOC: configuration: fix alphabetical order of bind options
- DOC: management: rename show stats domain cli "dns" to "resolvers"
- DOC/MINOR: management: add missed -dR and -dv options
- BUG/MINOR: proxy: fix header_unique_id leak on deinit()
- BUG/MINOR: proxy: fix source interface and usesrc leaks on deinit()
- BUG/MINOR: proxy: fix dyncookie_key leak on deinit()
- BUG/MINOR: proxy: fix check_{command,path} leak on deinit()
- BUG/MINOR: proxy: fix log_tag leak on deinit()
- BUG/MINOR: proxy: fix server_id_hdr_name leak on deinit()
- BUG/MINOR: quic: fix computed length of emitted STREAM frames
- [RELEASE] Released version 2.8.10
- BUG/MEDIUM: quic: don't blindly rely on unaligned accesses
- BUG/MAJOR: connection: fix server used_conns with H2 + reuse safe
- BUG/MEDIUM: http_ana: ignore NTLM for reuse aggressive/always and no H1
- BUG/MAJOR: server: do not delete srv referenced by session
- MINOR: session: rename private conns elements
- BUG/MEDIUM: quic: fix connection freeze on post handshake
- BUG/MEDIUM: server: fix dynamic servers initial settings
- BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
- CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume()
- BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path
- BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
- BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
- BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
- CLEANUP: hlua: use hlua_pusherror() where relevant
- BUG/MINOR: quic: prevent crash on qc_kill_conn()
- BUG/MINOR: hlua: use CertCache.set() from various hlua contexts
- BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
- BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
- BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
- BUG/MINOR: activity: fix Delta_calls and Delta_bytes count
- BUG/MINOR: ssl/ocsp: init callback func ptr as NULL
- CLEANUP: ssl/ocsp: readable ifdef in ssl_sock_load_ocsp
- BUILD: fd: errno is also needed without poll()
- CI: scripts: fix build of vtest regarding option -C
- REGTESTS: acl_cli_spaces: avoid a warning caused by undefined logs
- DOC: config: fix incorrect section reference about custom log format
- DOC: quic: specify that connection migration is not supported
- BUG/MINOR: server: Don't reset resolver options on a new default-server line
- BUG/MINOR: http-htx: Support default path during scheme based normalization
- BUG/MINOR: quic: adjust restriction for stateless reset emission
- MEDIUM: config: prevent communication with privileged ports
- BUILD: quic: fix unused variable warning when threads are disabled
- BUG/MEDIUM: mux-quic: Create sedesc in same time of the QUIC stream
- BUG/MEDIUM: quic_tls: prevent LibreSSL < 4.0 from negotiating CHACHA20_POLY1305
- BUG/MAJOR: quic: Crash with TLS_AES_128_CCM_SHA256 (libressl only)
- BUG/MINOR: connection: parse PROXY TLV for LOCAL mode
- DOC: configuration: update the crt-list documentation
- CLEANUP: ssl/cli: remove unused code in dump_crtlist_conf
- BUG/MINOR: stats: Don't state the 303 redirect response is chunked
- BUG/MINOR: htpp-ana/stats: Specify that HTX redirect messages have a C-L header
- BUG/MEDIUM: fd: prevent memory waste in fdtab array
- BUILD: stick-tables: better mark the stktable_data as 32-bit aligned
- BUG/MEDIUM: h1: Reject CONNECT request if the target has a scheme
- BUG/MINOR: h1: Check authority for non-CONNECT methods only if a scheme is found
- BUG/MEDIUM: stick-tables: properly mark stktable_data as packed
- BUG/MEDIUM: htx: mark htx_sl as packed since it may be realigned
- BUG/MINOR: qpack: fix error code reported on QPACK decoding failure
- BUG/MINOR: mux-quic: fix error code on shutdown for non HTTP/3
- BUG/MINOR: log: smp_rgs array issues with inherited global log directives
- BUG/MINOR: log: keep the ref in dup_logger()
- MINOR: log: add dup_logsrv() helper function
- DOC: lua: fix filters.txt file location
- BUG/MINOR: haproxy: only tid 0 must not sleep if got signal
- BUILD: clock: improve check for pthread_getcpuclockid()
- BUG/MINOR: mworker: reintroduce way to disable seamless reload with -x /dev/null
- BUG/MINOR: h1: fix detection of upper bytes in the URI
- BUG/MINOR: backend: use cum_sess counters instead of cum_conn
- BUG/MINOR: fd: my_closefrom() on Linux could skip contiguous series of sockets
- BUG/MINOR: sock: handle a weird condition with connect()
- BUG/MINOR: stconn: Fix sc_mux_strm() return value
- BUG/MEDIUM: cache: Vary not working properly on anything other than accept-encoding
- BUG/MINOR: server: fix slowstart behavior
- BUG/MEDIUM: peers: Fix exit condition when max-updates-at-once is reached
- BUG/MEDIUM: spoe: Always retry when an applet fails to send a frame
- BUG/MEDIUM: applet: Fix applet API to put input data in a buffer
- BUG/MEDIUM: evports: do not clear returned events list on signal
- BUG/MEDIUM: stconn: Don't forward channel data if input data must be filtered
- BUG/MEDIUM: grpc: Fix several unaligned 32/64 bits accesses
- MINOR: net_helper: Add support for floats/doubles.
- CI: revert kernel addr randomization introduced in 3a0fc864
- BUG/MEDIUM: peers/trace: fix crash when listing event types
- BUG/MINOR: debug: make sure DEBUG_STRICT=0 does work as documented
- BUG/MINOR: http-ana: Fix TX_L7_RETRY and TX_D_L7_RETRY values
- BUG/MEDIUM: http-ana: Deliver 502 on keep-alive for fressh server connection
- CLEANUP: log: lf_text_len() returns a pointer not an integer
- BUG/MINOR: log: invalid snprintf() usage in sess_build_logline()
- BUG/MINOR: tools/log: invalid encode_{chunk,string} usage
- BUG/MINOR: log: fix lf_text_len() truncate inconsistency
- BUG/MINOR: listener: always assign distinct IDs to shards
- BUG/MINOR: cli: Report an error to user if command or payload is too big
- [RELEASE] Released version 2.8.9
- BUILD: proxy: Replace free_logformat_list() to manually release log-format
- [RELEASE] Released version 2.8.8
- BUG/MINOR: proxy: fix logformat expression leak in use_backend rules
- BUG/MINOR: backend: properly handle redispatch 0
- BUG/MINOR: server: ignore 'enabled' for dynamic servers
- BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n
- MINOR: cli: Remove useless loop on commands to find unescaped semi-colon
- MINOR: server: allow cookie for dynamic servers
- BUG/MINOR: server: fix persistence cookie for dynamic servers
- BUG/MINOR: ssl: Detect more 'ocsp-update' incompatibilities
- BUG/MINOR: ssl: Wrong ocsp-update "incompatibility" error message
- BUG/MINOR: server: 'source' interface ignored from 'default-server' directive
- OPTIM: http_ext: avoid useless copy in http_7239_extract_{ipv4,ipv6}
- BUG/MEDIUM: mux-fcgi: Properly handle EOM flag on end-of-trailers HTX block
- BUG/MINOR: mux-quic: close all QCS before freeing QCC tasklet
- BUG/MEDIUM: ssl: Fix crash in ocsp-update log function
- BUG/MINOR: session: ensure conn owner is set after insert into session
- BUG/MEDIUM: spoe: Return an invalid frame on recv if size is too small
- CI: temporarily adjust kernel entropy to work with ASAN/clang
- BUG/MINOR: spoe: Be sure to be able to quickly close IDLE applets on soft-stop
- BUG/MEDIUM: spoe: Don't rely on stream's expiration to detect processing timeout
- BUG/MINOR: listener: Don't schedule frontend without task in listener_release()
- BUG/MINOR: listener: Wake proxy's mngmt task up if necessary on session release
- BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread (2nd try)
- MINOR: hlua: use accessors for stream hlua ctx
- DEBUG: lua: precisely identify if stream is stuck inside lua or not
- BUG/MINOR: hlua: fix missing lock in hlua_filter_delete()
- BUG/MINOR: hlua: missing lock in hlua_filter_new()
- BUG/MINOR: hlua: segfault when loading the same filter from different contexts
- BUG/MINOR: ssl: fix possible ctx memory leak in sample_conv_aes_gcm()
- DOC: configuration: clarify ciphersuites usage (V2)
- BUILD: solaris: fix compilation errors
- BUG/MINOR: cfgparse: report proper location for log-format-sd errors
- BUG/MINOR: ssl/cli: typo in new ssl crl-file CLI description
- CI: skip scheduled builds on forks
- BUG/MINOR: sink: fix a race condition in the TCP log forwarding code
- BUG/MINOR: hlua: don't call ha_alert() in hlua_event_subscribe()
- BUG/MAJOR: hlua: improper lock usage with hlua_ctx_resume()
- BUG/MEDIUM: hlua: improper lock usage with SET_SAFE_LJMP()
- BUG/MINOR: hlua: improper lock usage in hlua_filter_new()
- BUG/MINOR: hlua: improper lock usage in hlua_filter_callback()
- BUG/MINOR: hlua: fix possible crash in hlua_filter_new() under load
- BUG/MINOR: hlua: don't use lua_tostring() from unprotected contexts
- BUG/MINOR: hlua: fix unsafe lua_tostring() usage with empty stack
- BUG/MINOR: tools: seed the statistical PRNG slightly better
- MINOR: hlua: Be able to disable logging from lua
- BUG/MINOR: hlua: Fix log level to the right value when set via TXN:set_loglevel
- BUG/MINOR: config/quic: Alert about PROXY protocol use on a QUIC listener
- DOC: configuration: clarify ciphersuites usage
- LICENSE: http_ext: fix GPL license version
- LICENSE: event_hdl: fix GPL license version
- BUG/MINOR: ssl/cli: duplicate cleaning code in cli_parse_del_crtlist
- BUG/MINOR: ist: only store NUL byte on succeeded alloc
- BUG/MINOR: quic: fix output of show quic
- BUG/MAJOR: server: fix stream crash due to deleted server
- BUG/MINOR: stats: drop srv refcount on early release
- BUG/MINOR: ist: allocate nul byte on istdup
- MINOR: quic: warn on bind on multiple addresses if no IP_PKTINFO support
- DOC: quic: fix recommandation for bind on multiple address
- BUG/MEDIUM: quic: fix transient send error with listener socket
- BUG/MEDIUM: hlua: Don't loop if a lua socket does not consume received data
- BUG/MEDIUM: hlua: Be able to garbage collect uninitialized lua sockets
- BUG/MEDIUM: applet: Immediately free appctx on early error
- DOC: quic: Missing tuning setting in "Global parameters"
- BUG/MINOR: qpack: reject invalid dynamic table capacity
- BUG/MINOR: qpack: reject invalid increment count decoding
- BUG/MINOR: quic: reject HANDSHAKE_DONE as server
- BUG/MINOR: quic: reject unknown frame type
- BUG/MAJOR: promex: fix crash on deleted server
- MINOR: connection: add sample fetches to report per-connection glitches
- MINOR: mux-h2: implement MUX_CTL_GET_GLITCHES
- MINOR: connection: add a new mux_ctl to report number of connection glitches
- MEDIUM: mux-h2: allow to set the glitches threshold to kill a connection
- MINOR: mux-h2: always use h2c_report_glitch()
- MINOR: mux-h2: count late reduction of INITIAL_WINDOW_SIZE as a glitch
- MINOR: mux-h2: count excess of CONTINUATION frames as a glitch
- BUG/MINOR: mux-h2: count rejected DATA frames against the connection's flow control
- MINOR: mux-h2: add a counter of "glitches" on a connection
- [RELEASE] Released version 2.8.7
- BUG/MAJOR: ssl/ocsp: crash with ocsp when old process exit or using ocsp CLI
- [RELEASE] Released version 2.8.6
- DEV: makefile: fix POSIX compatibility for "range" target
- DEV: makefile: add a new "range" target to iteratively build all commits
- CI: Update to actions/cache@v4
- DOC: internal: update missing data types in peers-v2.0.txt
- DOC: install: recommend pcre2
- DOC: httpclient: add dedicated httpclient section
- DOC: configuration: clarify http-request wait-for-body
- BUILD: address a few remaining calloc(size, n) cases
- BUG/MINOR: ext-check: cannot use without preserve-env
- MINOR: ext-check: add an option to preserve environment variables
- BUG/MINOR: diag: run the final diags before quitting when using -c
- BUG/MINOR: diag: always show the version before dumping a diag warning
- MINOR: errors: ha_alert() and ha_warning() uses warn_exec_path()
- MINOR: quic: Add a counter for reordered packets
- MINOR: quic: Dynamic packet reordering threshold
- MINOR: quic: Update K CUBIC calculation (RFC 9438)
- BUG/MEDIUM: quic: Wrong K CUBIC calculation.
- MINOR: quic: Stop using 1024th of a second.
- BUG/MINOR: quic: fix possible integer wrap around in cubic window calculation
- CLEANUP: quic: Code clarifications for QUIC CUBIC (RFC 9438)
- BUG/MINOR: quic: Wrong ack ranges handling when reaching the limit.
- BUG/MEDIUM: quic: fix crash on invalid qc_stream_buf_free() BUG_ON
- BUG/MEDIUM: qpack: allow 6xx..9xx status codes
- BUG/MEDIUM: h3: do not crash on invalid response status code
- MINOR: h3: add traces for stream sending function
- BUG/MEDIUM: quic: remove unsent data from qc_stream_desc buf
- MINOR: quic: extract qc_stream_buf free in a dedicated function
- MINOR: quic: Stop hardcoding a scale shifting value (CUBIC_BETA_SCALE_FACTOR_SHIFT)
- CLEANUP: quic: Remove unused CUBIC_BETA_SCALE_FACTOR_SHIFT macro.
- BUG/MEDIUM: mux-quic: report early error on stream
- BUG/MINOR: h3: fix checking on NULL Tx buffer
- BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing
- REGTESTS: ssl: Add OCSP related tests
- REGTESTS: ssl: Fix empty line in cli command input
- BUG/MINOR: ssl: Reenable ocsp auto-update after an "add ssl crt-list"
- BUG/MINOR: ssl: Destroy ckch instances before the store during deinit
- BUG/MEDIUM: ocsp: Separate refcount per instance and per store
- MINOR: ssl: Use OCSP_CERTID instead of ckch_store in ckch_store_build_certid
- BUG/MINOR: ssl: Clear the ckch instance when deleting a crt-list line
- BUG/MINOR: ssl: Duplicate ocsp update mode when dup'ing ckch
- BUG/MINOR: ssl: Fix error message after ssl_sock_load_ocsp call
- BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions
- BUG/MEDIUM: h1: always reject the NUL character in header values
- BUG/MINOR: h1-htx: properly initialize the err_pos field
- BUG/MEDIUM: h1: Don't support LF only to mark the end of a chunk size
- BUG/MINOR: h1: Don't support LF only at the end of chunks
- BUG/MEDIUM: stconn: Don't check pending shutdown to wake an applet up
- BUG/MEDIUM: stconn: Allow expiration update when READ/WRITE event is pending
- BUG/MEDIUM: pool: fix rare risk of deadlock in pool_flush()
- BUG/MINOR: jwt: fix jwt_verify crash on 32-bit archs
- BUG/MEDIUM: cli: fix once for all the problem of missing trailing LFs
- BUG/MINOR: vars/cli: fix missing LF after "get var" output
- BUG/MEDIUM: cli: some err/warn msg dumps add LR into CSV output on stat's CLI
- REGTESTS: add a test to ensure map-ordering is preserved
- MINOR: mux-h2/traces: add a missing trace on connection WU with negative inc
- BUG/MEDIUM: mux-h2: refine connection vs stream error on headers
- MINOR: mux-h2/traces: clarify the "rejected H2 request" event
- MINOR: mux-h2/traces: explicitly show the error/refused stream states
- MINOR: mux-h2/traces: also suggest invalid header upon parsing error
- MINOR: debug: make BUG_ON() catch build errors even without DEBUG_STRICT
- MINOR: debug: make ABORT_NOW() store the caller's line number when using abort
- MINOR: debug: make sure calls to ha_crash_now() are never merged
- MINOR: compiler: add a new DO_NOT_FOLD() macro to prevent code folding
- BUG/MEDIUM: quic: keylog callback not called (USE_OPENSSL_COMPAT)
- BUG/MINOR: mux-h2: also count streams for refused ones
- BUG/MINOR: mux-quic: do not prevent non-STREAM sending on flow control
- DOC: configuration: corrected description of keyword tune.ssl.ocsp-update.mindelay
- MINOR: mux-h2: support limiting the total number of H2 streams per connection
- BUG/MEDIUM: spoe: Never create new spoe applet if there is no server up
- BUG/MEDIUM: stconn: Forward shutdown on write timeout only if it is forwardable
- BUG/MEDIUM: h3: fix incorrect snd_buf return value
- CLEANUP: quic: Remaining useless code into server part
- BUG/MINOR: h3: close connection on sending alloc errors
- BUG/MINOR: h3: properly handle alloc failure on finalize
- BUG/MINOR: h3: close connection on header list too big
- MINOR: h3: check connection error during sending
- BUG/MINOR: quic: Missing call to TLS message callbacks
- BUG/MINOR: quic: Wrong keylog callback setting.
- BUG/MINOR: mux-quic: always report error to SC on RESET_STREAM emission
- BUG/MEDIUM: stats: unhandled switching rules with TCP frontend
- MINOR: stats: store the parent proxy in stats ctx (http)
- DOC: config: Update documentation about local haproxy response
- BUG/MINOR: resolvers: default resolvers fails when network not configured
- BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
- BUG/MEDIUM: quic: QUIC CID removed from tree without locking
- BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
- BUG/MINOR: mworker/cli: fix set severity-output support
- DOC: configuration: typo req.ssl_hello_type
- [RELEASE] Released version 2.8.5
- BUG/MEDIUM: proxy: always initialize the default settings after init
- BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
- BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
- MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
- BUG/MINOR: ssl: Double free of OCSP Certificate ID
- BUG/MINOR: quic: Packet number spaces too lately initialized
- BUG/MINOR: quic: Missing QUIC connection path member initialization
- BUG/MINOR: quic: Possible leak of TX packets under heavy load
- BUG/MEDIUM: quic: Possible crash during retransmissions and heavy load
- BUG/MINOR: cache: Remove incomplete entries from the cache when stream is closed
- BUG/MEDIUM: peers: fix partial message decoding
- DOC: Clarify the differences between field() and word()
- BUG/MINOR: sample: Make the `word` converter compatible with `-m found`
- REGTESTS: sample: Test the behavior of consecutive delimiters for the field converter
- DOC: config: fix monitor-fail typo
- DOC: config: add matrix entry for "max-session-srv-conns"
- DOC: config: specify supported sections for "max-session-srv-conns"
- BUG/MINOR: cfgparse-listen: fix warning being reported as an alert
- BUG/MINOR: config: Stopped parsing upon unmatched environment variables
- BUG/MINOR: quic_tp: fix preferred_address decoding
- DOC: config: fix missing characters in set-spoe-group action
- BUG/MINOR: h3: always reject PUSH_PROMISE
- BUG/MINOR: h3: fix TRAILERS encoding
- BUG/MEDIUM: master/cli: Properly pin the master CLI on thread 1 / group 1
- BUG/MINOR: compression: possible NULL dereferences in comp_prepare_compress_request()
- BUG/MINOR: quic: fix CONNECTION_CLOSE_APP encoding
- DOC: lua: fix Proxy.get_mode() output
- DOC: lua: add sticktable class reference from Proxy.stktable
- REGTESTS: connection: disable http_reuse_be_transparent.vtc if !TPROXY
- DOC: config: fix timeout check inheritance restrictions
- DOC: 51d: updated 51Degrees repo URL for v3.2.10
- BUG/MINOR: server: do not leak default-server in defaults sections
- BUG/MINOR: quic: Possible RX packet memory leak under heavy load
- BUG/MEDIUM: quic: Possible crash for connections to be killed
- BUG/MINOR: sock: mark abns sockets as non-suspendable and always unbind them
- BUG/MINOR: startup: set GTUNE_SOCKET_TRANSFER correctly
- REGTESTS: http: add a test to validate chunked responses delivery
- BUG/MINOR: proxy/stktable: missing frees on proxy cleanup
- MINOR: stktable: add stktable_deinit function
- BUG/MINOR: stream/cli: report correct stream age in "show sess"
- BUG/MEDIUM: mux-fcgi: fail earlier on malloc in takeover()
- BUG/MEDIUM: mux-h1: fail earlier on malloc in takeover()
- BUG/MEDIUM: mux-h2: fail earlier on malloc in takeover()
- BUG/MAJOR: quic: complete thread migration before tcp-rules
- [RELEASE] Released version 2.8.4
- BUG/MINOR: stconn: Report read activity on non-indep streams for partial sends
- BUG/MINOR: stconn/applet: Report send activity only if there was output data
- BUG/MINOR: stconn: Use HTX-aware channel's functions to get info on buffer
- BUG/MINOR: stconn: Fix streamer detection for HTX streams
- MINOR: channel: Add functions to get info on buffers and deal with HTX streams
- MINOR: htx: Use a macro for overhead induced by HTX
- BUG/MEDIUM: stconn: Update fsb date on partial sends
- BUG/MEDIUM: stream: Don't call mux .ctl() callback if not implemented
- BUG/MEDIUM: mworker: set the master variable earlier
- BUG/MEDIUM: applet: Report a send activity everytime data were sent
- BUG/MEDIUM: stconn: Report a send activity everytime data were sent
- REGTESTS: http: Improve script testing abortonclose option
- BUG/MEDIUM: stream: Properly handle abortonclose when set on backend only
- MEDIUM: mux-h1: Handle MUX_SUBS_RECV flag in h1_ctl() and susbscribe for reads
- MINOR: connection: Add a CTL flag to notify mux it should wait for reads again
- BUG/MINOR: stconn: Handle abortonclose if backend connection was already set up
- BUG/MEDIUM: connection: report connection errors even when no mux is installed
- DOC: quic: Wrong syntax for "quic-cc-algo" keyword.
- BUG/MINOR: sink: don't learn srv port from srv addr
- BUG/MEDIUM: applet: Remove appctx from buffer wait list on release
- DOC: config: use the word 'backend' instead of 'proxy' in 'track' description
- BUG/MINOR: quic: fix retry token check inconsistency
- DOC: management: -q is quiet all the time
- BUG/MEDIUM: stconn: Don't update stream expiration date if already expired
- BUG/MEDIUM: quic: Avoid some crashes upon TX packet allocation failures
- BUG/MEDIUM: quic: Possible crashes when sending too short Initial packets
- BUG/MEDIUM: quic: Avoid trying to send ACK frames from an empty ack ranges tree
- BUG/MINOR: quic: idle timer task requeued in the past
- BUG/MEDIUM: pool: fix releasable pool calculation when overloaded
- BUG/MEDIUM: freq-ctr: Don't report overshoot for long inactivity period
- BUG/MINOR: mux-h1: Properly handle http-request and http-keep-alive timeouts
- BUG/MINOR: stick-table/cli: Check for invalid ipv4 key
- BUG/MEDIUM: quic: fix sslconns on quic_conn alloc failure
- BUG/MEDIUM: quic: fix actconn on quic_conn alloc failure
- CLEANUP: htx: Properly indent htx_reserve_max_data() function
- BUG/MINOR: stconn: Sanitize report for read activity
- BUG/MEDIUM: Don't apply a max value on room_needed in sc_need_room()
- BUG/MEDIUM: stconn: Don't report rcv/snd expiration date if SC cannot epxire
- BUG/MEDIUM: pattern: don't trim pools under lock in pat_ref_purge_range()
- BUG/MINOR: cfgparse/stktable: fix error message on stktable_init() failure
- BUG/MINOR: stktable: missing free in parse_stick_table()
- BUG/MINOR: tcpcheck: Report hexstring instead of binary one on check failure
- BUG/MEDIUM: ssl: segfault when cipher is NULL
- BUG/MINOR: mux-quic: fix early close if unset client timeout
- BUG/MINOR: ssl: suboptimal certificate selection with TLSv1.3 and dual ECDSA/RSA
- MEDIUM: quic: count quic_conn for global sslconns
- MEDIUM: quic: count quic_conn instance for maxconn
- MINOR: frontend: implement a dedicated actconn increment function
- BUG/MINOR: ssl: use a thread-safe sslconns increment
- BUG/MINOR: quic: do not consider idle timeout on CLOSING state
- BUG/MEDIUM: server: "proto" not working for dynamic servers
- MINOR: connection: add conn_pr_mode_to_proto_mode() helper func
- DEBUG: mux-h2/flags: fix list of h2c flags used by the flags decoder
- MINOR: lua: Add flags to configure logging behaviour
- BUG/MINOR: ssl: load correctly @system-ca when ca-base is define
- DOC: internal: filters: fix reference to entities.pdf
- BUG/MINOR: mux-h2: update tracked counters with req cnt/req err
- BUG/MINOR: mux-h2: commit the current stream ID even on reject
- BUG/MEDIUM: peers: Fix synchro for huge number of tables
- BUG/MEDIUM: peers: Be sure to always refresh recconnect timer in sync task
- BUG/MINOR: trace: fix trace parser error reporting
- BUG/MINOR: mux-h2: fix http-request and http-keep-alive timeouts again
- BUG/MEDIUM: mux-h2: Don't report an error on shutr if a shutw is pending
- BUG/MINOR: mux-h2: make up other blocked streams upon removal from list
- BUG/MINOR: mux-h1: Send a 400-bad-request on shutdown before the first request
- BUG/MEDIUM: quic-conn: free unsent frames on retransmit to prevent crash
- BUG/MINOR: mux-quic: fix free on qcs-new fail alloc
- BUG/MINOR: h3: strengthen host/authority header parsing
- BUG/MINOR: mux-quic: support initial 0 max-stream-data
- BUG/MEDIUM: mux-quic: fix RESET_STREAM on send-only stream
- BUG/MINOR: quic: reject packet with no frame
- BUG/MINOR: quic: Avoid crashing with unsupported cryptographic algos
- BUG/MEDIUM: stconn: Fix comparison sign in sc_need_room()
- BUG/MINOR: hq-interop: simplify parser requirement
- BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is also set
- BUG/MINOR: mux-h1: Ignore C-L when sending H1 messages if T-E is also set
- BUG/MINOR: mux-h1: Handle read0 in rcv_pipe() only when data receipt was tried
- BUG/MEDIUM: hlua: Initialize appctx used by a lua socket on connect only
- MINOR: hlua: Test the hlua struct first when the lua socket is connecting
- MINOR: hlua: Save the lua socket's server in its context
- MINOR: hlua: Save the lua socket's timeout in its context
- MINOR: hlua: Don't preform operations on a not connected socket
- MINOR: hlua: Set context's appctx when the lua socket is created
- BUG/MEDIUM: http-ana: Try to handle response before handling server abort
- BUG/MEDIUM: quic_conn: let the scheduler kill the task when needed
- BUG/MEDIUM: actions: always apply a longest match on prefix lookup
- BUG/MINOR: mux-quic: remove full demux flag on ncbuf release
- BUG/MEDIUM: server/cli: don't delete a dynamic server that has streams
- MINOR: pattern: fix pat_{parse,match}_ip() function comments
- BUG/MINOR: server: add missing free for server->rdr_pfx
- BUG/MAJOR: mux-h2: Report a protocol error for any DATA frame before headers
- BUG/MINOR: freq_ctr: fix possible negative rate with the scaled API
- BUG/MEDIUM: master/cli: Pin the master CLI on the first thread of the group 1
- BUG/MINOR: promex: fix backend_agg_check_status
- BUG/MEDIUM: mux-fcgi: Don't swap trash and dbuf when handling STDERR records
- BUG/MINOR: hlua/init: coroutine may not resume itself
- BUG/MEDIUM: hlua: don't pass stale nargs argument to lua_resume()
- CI: musl: drop shopt in workflow invocation
- CI: musl: highlight section if there are coredumps
- Revert "BUG/MEDIUM: quic: missing check of dcid for init pkt including a token"
- BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread
- MINOR: hlua: add hlua_stream_ctx_prepare helper function
- BUILD: quic: fix build on centos 8 and USE_QUIC_OPENSSL_COMPAT
- BUG/MINOR: quic: ssl_quic_initial_ctx() uses error count not error code
- BUG/MINOR: quic: allow-0rtt warning must only be emitted with quic bind
- BUILD: Makefile: add USE_QUIC_OPENSSL_COMPAT to make help
- MINOR: quic+openssl_compat: Emit an alert for "allow-0rtt" option
- MINOR: quic+openssl_compat: Do not start without "limited-quic"
- MINOR: quic: Warning for OpenSSL wrapper QUIC bindings without "limited-quic"
- BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels
- DOC: quic: Add "limited-quic" new tuning setting
- MINOR: quic: Add "limited-quic" new tuning setting
- MINOR: quic: SSL context initialization with QUIC OpenSSL wrapper.
- MINOR: quic: Add a quic_openssl_compat struct to quic_conn struct
- MINOR: quic: Call the keylog callback for QUIC openssl wrapper from SSL_CTX_keylog()
- MINOR: quic: Initialize TLS contexts for QUIC openssl wrapper
- MINOR: quic: Export some KDF functions (QUIC-TLS)
- MINOR: quic: Add a compilation option for the QUIC OpenSSL wrapper
- MINOR: quic: Do not enable 0RTT with SSL_set_quic_early_data_enabled()
- MINOR: quic: Set the QUIC connection as extra data before calling SSL_set_quic_method()
- MINOR: quic: Do not enable O-RTT with USE_QUIC_OPENSSL_COMPAT
- MINOR: quic: Include QUIC opensssl wrapper header from TLS stacks compatibility header
- MINOR: quic: QUIC openssl wrapper implementation
- BUG/MINOR: quic: Wrong cluster secret initialization
- BUG/MINOR: quic: Leak of frames to send.
- BUILD: bug: make BUG_ON() void to avoid a rare warning
ModerateSUSE bug 1233973CVE-2024-53008 at SUSECVE-2024-53008 at NVDcpe:/o:suse:sl-micro:6.0Security update for pam (Moderate)SUSE Linux Micro 6.0
This update for pam fixes the following issues:
- CVE-2024-10963: Fixed improper hostname interpretation in pam_access that could lead to access control bypass (bsc#1233078).
ModerateSUSE bug 1233078CVE-2024-10963 at SUSECVE-2024-10963 at NVDcpe:/o:suse:sl-micro:6.0Security update for libsoup (Important)SUSE Linux Micro 6.0
This update for libsoup fixes the following issues:
- CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names (bsc#1233285).
- CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (bsc#1233292).
- CVE-2024-52532: Fixed infinite loop while reading websocket data (bsc#1233287).
ImportantSUSE bug 1233285SUSE bug 1233287SUSE bug 1233292CVE-2024-52530 at SUSECVE-2024-52530 at NVDCVE-2024-52531 at SUSECVE-2024-52531 at NVDCVE-2024-52532 at SUSECVE-2024-52532 at NVDcpe:/o:suse:sl-micro:6.0Security update for curl (Moderate)SUSE Linux Micro 6.0
This update for curl fixes the following issues:
- CVE-2024-11053: Fixed password leak used for the first host to the followed-to host under certain circumstances (bsc#1234068)
ModerateSUSE bug 1234068CVE-2024-11053 at SUSECVE-2024-11053 at NVDcpe:/o:suse:sl-micro:6.0Security update for docker (Critical)SUSE Linux Micro 6.0
This update for docker fixes the following issues:
- Update docker-buildx to v0.19.2. See upstream changelog online at
<https://github.com/docker/buildx/releases/tag/v0.19.2>.
Some notable changelogs from the last update:
* <https://github.com/docker/buildx/releases/tag/v0.19.0>
* <https://github.com/docker/buildx/releases/tag/v0.18.0>
- Add a new toggle file /etc/docker/suse-secrets-enable which allows users to
disable the SUSEConnect integration with Docker (which creates special mounts
in /run/secrets to allow container-suseconnect to authenticate containers
with registries on registered hosts). bsc#1231348 bsc#1232999
In order to disable these mounts, just do
echo 0 > /etc/docker/suse-secrets-enable
and restart Docker. In order to re-enable them, just do
echo 1 > /etc/docker/suse-secrets-enable
and restart Docker. Docker will output information on startup to tell you
whether the SUSE secrets feature is enabled or not.
- Remove DOCKER_NETWORK_OPTS from docker.service. This was removed from
sysconfig a long time ago, and apparently this causes issues with systemd in
some cases.
- Update to docker-buildx v0.17.1 to match standalone docker-buildx package we
are replacing. See upstream changelog online at
<https://github.com/docker/buildx/releases/tag/v0.17.1>
- Add %{_sysconfdir}/audit/rules.d to filelist.
- Update to Docker 26.1.5-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/26.1/#2615>
bsc#1230294
- This update includes fixes for:
* CVE-2024-41110. bsc#1228324
* CVE-2023-47108. bsc#1217070
* CVE-2023-45142. bsc#1228553
CriticalSUSE bug 1217070SUSE bug 1228324SUSE bug 1228553SUSE bug 1229806SUSE bug 1230294SUSE bug 1230331SUSE bug 1230333SUSE bug 1231348SUSE bug 1232999SUSE bug 1233819CVE-2023-45142 at SUSECVE-2023-45142 at NVDCVE-2023-47108 at SUSECVE-2023-47108 at NVDCVE-2024-41110 at SUSECVE-2024-41110 at NVDcpe:/o:suse:sl-micro:6.0Security update for nvidia-open-driver-G06-signed (Important)SUSE Linux Micro 6.0
This update for nvidia-open-driver-G06-signed fixes the following issues:
- Make sure the correct FW package is installed on non-CUDA.
- only obsolete 555 CUDA driver/firmware packages
- For CUDA: update version to 565.57.01
- Add 'dummy' firmware package on SLE to work around update
issues. On SLE, the firmware is installed directly from
an NVIDIA-hosted repo.
- Improve handling of conflicts between different flavors (gfx vs. CUDA) (bsc#1233332).
- Update to 550.135 (bsc#1233673)
- Update to 550.127.05 (bsc#1232057)
* Fixed a bug which could cause applications using GBM to crash
when running with nvidia-drm.modeset=0.
- cuda-flavor
provide also nvidia-open-driver-G06-kmp-$flavor = %version to
workaround broken cuda-drivers
- For CUDA update version to 560.35.03
- nv-prefer-signed-open-driver:
* added specicic versions of cuda-drivers/cuda-drivers-xxx as
preconditions for requiring specific version of
nvidia-compute-G06
- nv-prefer-signed-open-driver:
* no longer require a specific version of
nvidia-open-driver-G06-signed-cuda-kmp, so it can select the
correct open driver KMP matching the cuda-runtime version
- cuda-flavor:
* added nvidia-compute-G06 = %version to preconditions for
requiring kernel-firmware-nvidia-gspx-G06, since
nvidia-compute-utils-G06 does not have a version-specific
requires on nvidia-compute-G06
- cuda-flavor:
* require kernel-firmware-nvidia-gspx-G06 instead of
kernel-firmware-nvidia-gspx-G06-cuda (which provides also
kernel-firmware-nvidia-gspx-G06)
* trigger removal of driver modules also on
kernel-firmware-nvidia-gspx-G06
- no longer hard-require kernel firmware package, but install it
automatically once nvidia-compute-utils-G06 gets installed
- trigger removal of driver modules with non-existing or wrong
firmware when (new) firmware gets installed
- Update to 550.120 (bsc#1230779)
* Fixed a bug that could cause kernel crashes upon attempting
KMS operations through DRM when nvidia_drm was loaded with
modeset=0.
- CUDA build: removed entries from pci_ids-555.42.06 since this is
doing more harm than benefit (bsc#1230368)
- For CUDA (preamble file):
* added: Provides: nvidia-open-driver-G06-signed-cuda-kmp-$flavor = %version
which is needed for 'zypper install <package> = <version>'
* added: Provides/Conflicts: nvidia-open-driver-G06-signed-kmp-$flavor = %version
useful for containers
- reverted CUDA update version to 560.x.y due to changes in CUDA
repository with CUDA 12.6/560.x.y drivers
- For CUDA update version to 560.35.03
- Update to 550.107.02 (bsc#1229716)
- For CUDA update version to 560.28.03
- Update to 550.100 (bsc#1227575)
* Fixed a bug that caused OpenGL triple buffering to behave like
double buffering.
- To avoid issues with missing dependencies when no CUDA repo
is present make the dependecy to nvidia-compute-G06 conditional.
- CUDA is not available for Tumbleweed, exclude the build of the
cuda flavor.
- preamble: let the -cuda flavor KMP require the -cuda flavor
firmware
- Add a second flavor for building the kernel module versions
used by CUDA. The kmp targetting CUDA contains '-cuda' in
its name to track its versions separately from the graphics
kmp. (bsc#1227417)
- Provide the meta package nv-prefer-signed-open-driver to
make sure the latest available SUSE-build open driver is
installed - independent of the latest available open driver
version in he CUDA repository.
Rationale:
The package cuda-runtime provides the link between CUDA and
the kernel driver version through a
Requires: cuda-drivers >= %version
This implies that a CUDA version will run withany kernel driver
version equal or higher than a base version.
nvidia-compute-G06 provides the glue layer between CUDA and
a specific version of he kernel driver both by providing
a set of base libraries and by requiring a specific kernel
version. 'cuda-drivers' (provided by nvidia-compute-utils-G06)
requires an unversioned nvidia-compute-G06. With this, the
resolver will install the latest available and applicable
nvidia-compute-G06.
nv-prefer-signed-open-driver then represents the latest available
open driver version and restricts the nvidia-compute-G06 version
to it. (bsc#1227419)
- Security Update 550.90.07 (bsc#1223356) [CVE-2024-0090,
CVE-2024-0091, CVE-2024-0092]
- Update to 550.78 (bsc#1223454)
- Update to 550.76 (bsc#1222972)
- Update to 550.67
ImportantSUSE bug 1222972SUSE bug 1223356SUSE bug 1223454SUSE bug 1227417SUSE bug 1227419SUSE bug 1227575SUSE bug 1229716SUSE bug 1230368SUSE bug 1230779SUSE bug 1232057SUSE bug 1233332SUSE bug 1233673CVE-2024-0090 at SUSECVE-2024-0090 at NVDCVE-2024-0091 at SUSECVE-2024-0091 at NVDCVE-2024-0092 at SUSECVE-2024-0092 at NVDcpe:/o:suse:sl-micro:6.0Security update for nghttp2 (Important)SUSE Linux Micro 6.0
This update for nghttp2 fixes the following issues:
- CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399)
ImportantSUSE bug 1221399CVE-2024-28182 at SUSECVE-2024-28182 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-Jinja2 (Important)SUSE Linux Micro 6.0
This update for python-Jinja2 fixes the following issues:
- CVE-2024-56201: Fixed sandbox breakout through malicious content and filename of a template (bsc#1234808)
- CVE-2024-56326: Fixed sandbox breakout through indirect reference to format method (bsc#1234809)
ImportantSUSE bug 1234808SUSE bug 1234809CVE-2024-56201 at SUSECVE-2024-56201 at NVDCVE-2024-56326 at SUSECVE-2024-56326 at NVDcpe:/o:suse:sl-micro:6.0Security update for dnsmasq (Important)SUSE Linux Micro 6.0
This update for dnsmasq fixes the following issues:
- Update to 2.90:
* CVE-2023-50387, CVE-2023-50868: Fixed a Denial Of Service while trying
to validate specially crafted DNSSEC responses (bsc#1219823, bsc#1219826).
* Fix reversion in --rev-server introduced in 2.88 which caused
breakage if the prefix length is not exactly divisible by 8
(IPv4) or 4 (IPv6).
* Fix possible SEGV when there server(s) for a particular domain
are configured, but no server which is not qualified for a
particular domain.
* Set the default maximum DNS UDP packet sice to 1232.
* Add --no-dhcpv4-interface and --no-dhcpv6-interface for better
control over which interfaces are providing DHCP service.
* Fix issue with stale caching
* Add configurable caching for arbitrary RR-types.
* Add --filter-rr option, to filter arbitrary RR-types.
- SLP got dropped, remove config (bsc#1214884)
ImportantSUSE bug 1214884SUSE bug 1219823SUSE bug 1219826CVE-2023-28450 at SUSECVE-2023-28450 at NVDCVE-2023-50387 at SUSECVE-2023-50387 at NVDCVE-2023-50868 at SUSECVE-2023-50868 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-dnspython (Moderate)SUSE Linux Micro 6.0
This update for python-dnspython fixes the following issues:
- CVE-2023-29483: Fixed potential DoS via the Tudoor mechanism (bsc#1222693).
ModerateSUSE bug 1222693CVE-2023-29483 at SUSECVE-2023-29483 at NVDcpe:/o:suse:sl-micro:6.0Security update for libxml2 (Important)SUSE Linux Micro 6.0
This update for libxml2 fixes the following issues:
- CVE-2024-40896: Fixed XML external entity vulnerability (bsc#1234812)
ImportantSUSE bug 1234812CVE-2024-40896 at SUSECVE-2024-40896 at NVDcpe:/o:suse:sl-micro:6.0Security update for ucode-intel (Important)SUSE Linux Micro 6.0
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20241112 release (bsc#1233313)
- CVE-2024-21853: Faulty finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially enable denial of service via local access.
- CVE-2024-23918: Improper conditions check in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2024-21820: Incorrect default permissions in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access.
- CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access.
- Update for functional issues.
Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ADL | C0 | 06-97-02/07 | 00000036 | 00000037 | Core Gen12
| ADL | H0 | 06-97-05/07 | 00000036 | 00000037 | Core Gen12
| ADL | L0 | 06-9a-03/80 | 00000434 | 00000435 | Core Gen12
| ADL | R0 | 06-9a-04/80 | 00000434 | 00000435 | Core Gen12
| EMR-SP | A0 | 06-cf-01/87 | 21000230 | 21000283 | Xeon Scalable Gen5
| EMR-SP | A1 | 06-cf-02/87 | 21000230 | 21000283 | Xeon Scalable Gen5
| MTL | C0 | 06-aa-04/e6 | 0000001f | 00000020 | Core™ Ultra Processor
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004122 | 00004123 | Core Gen13
| RPL-HX/S | C0 | 06-bf-02/07 | 00000036 | 00000037 | Core Gen13/Gen14
| RPL-S | H0 | 06-bf-05/07 | 00000036 | 00000037 | Core Gen13/Gen14
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004122 | 00004123 | Core Gen13
| SPR-SP | E3 | 06-8f-06/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4
New Disclosures Updated in Prior Releases:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ICL-D | B0 | 06-6c-01/10 | 010002b0 | N/A | Xeon D-17xx/D-18xx, D-27xx/D-28xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003e7 | N/A | Xeon Scalable Gen3
- Intel CPU Microcode was updated to the 20241029 release
Update for functional issues.
Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| RPL-E/HX/S | B0 | 06-b7-01/32 | 00000129 | 0000012b | Core Gen13/Gen14
ImportantSUSE bug 1233313CVE-2024-21820 at SUSECVE-2024-21820 at NVDCVE-2024-21853 at SUSECVE-2024-21853 at NVDCVE-2024-23918 at SUSECVE-2024-23918 at NVDCVE-2024-23984 at SUSECVE-2024-23984 at NVDCVE-2024-24968 at SUSECVE-2024-24968 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
- CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).
- CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
- CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).
- CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).
- CVE-2024-40925: block: fix request.queuelist usage in flush (bsc#1227789).
- CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866).
- CVE-2024-41011: drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (bsc#1228114).
- CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
- CVE-2024-39496: btrfs: zoned: fix use-after-free due to race with dev replace (bsc#1227719).
- CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
- CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
- CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
- CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
- CVE-2024-40975: platform/x86: x86-android-tablets: Unregister devices in reverse order (bsc#1227926).
- CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
- CVE-2024-40947: ima: Avoid blocking in RCU read-side critical section (bsc#1227803).
- CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).
- CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).
- CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).
- CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).
- CVE-2024-39504: netfilter: nft_inner: validate mandatory meta and payload (bsc#1227757).
- CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).
- CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
- CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
- CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).
- CVE-2024-40928: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() (bsc#1227788).
- CVE-2024-26944: btrfs: zoned: fix lock ordering in btrfs_zone_activate() (bsc#1223731).
- CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
- CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).
- CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779).
- CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
- CVE-2024-35908: tls: get psock ref after taking rxlock to avoid leak (bsc#1224490)
- CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)
- CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
- CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
- CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
- CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).
- CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
- CVE-2024-27404: mptcp: fix data races on remote_id (bsc#1224422)
- CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
- CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
- CVE-2024-40948: mm/page_table_check: fix crash on ZONE_DEVICE (bsc#1227801).
- CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
- CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
- CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).
- CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).
- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103).
- CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).
- CVE-2024-27012: netfilter: nf_tables: restore set elements when delete set fails (bsc#1223804).
- CVE-2024-39498: drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2 (bsc#1227723)
- CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).
- CVE-2024-27016: netfilter: flowtable: validate pppoe header (bsc#1223807).
- CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
- CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
- CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
- CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).
- CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).
- CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).
- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
- CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).
- CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
- CVE-2024-27064: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain (bsc#1223740).
- CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
- CVE-2023-47210: wifi: iwlwifi: bump FW API to 90 for BZ/SC devices (bsc#1225601, bsc#1225600).
- CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
- CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
- CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
- CVE-2024-26826: mptcp: fix data re-injection from stale subflow (bsc#1223010).
- CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
- CVE-2024-35942: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain (bsc#1224589).
- CVE-2024-26691: KVM: arm64: Fix circular locking dependency (bsc#1222463).
- CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744).
- CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
- CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
- CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).
- CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).
- CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).
- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
- CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).
- CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).
- CVE-2024-39474: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL (bsc#1227434).
- CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
- CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
- CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
- CVE-2024-36003: ice: fix LAG and VF lock dependency in ice_reset_vf() (bsc#1224544).
- CVE-2024-38604: block: refine the EOF check in blkdev_iomap_begin (bsc#1226866).
- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
- CVE-2024-26623: pds_core: Prevent race issues involving the adminq (bsc#1221057).
- CVE-2024-26785: iommufd: Fix protection fault in iommufd_test_syz_conv_iova (bsc#1222779).
- CVE-2024-26734: devlink: fix possible use-after-free and memory leaks in devlink_init() (bsc#1222438).
- CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
- CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
- CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758).
- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
- CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).
- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
- CVE-2024-35843: iommu/vt-d: Use device rbtree in iopf reporting path (bsc#1224751).
- CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).
- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
- CVE-2024-36281: net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules (bsc#1226799).
- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
- CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841).
- CVE-2024-38636: f2fs: multidev: fix to recognize valid zero block address (bsc#1226879).
- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
- CVE-2024-38566: bpf: Fix verifier assumptions about socket->sk (bsc#1226790).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
- CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).
- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
- CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).
- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
- CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).
- CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).
- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
- CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).
- CVE-2024-38569: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group (bsc#1226772).
- CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).
- CVE-2024-26814: vfio/fsl-mc: Block calling interrupt handler without trigger (bsc#1222810).
- CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).
- CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).
- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
- CVE-2024-27414: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back (bsc#1224439).
- CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).
- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
- CVE-2024-36024: drm/amd/display: Disable idle reallow as part of command/gpint execution (bsc#1225702).
- CVE-2024-36903: ipv6: Fix potential uninit-value access in __ip6_make_skb() (bsc#1225741).
- CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
- CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
- CVE-2024-36882: mm: use memalloc_nofs_save() in page_cache_ra_order() (bsc#1225723).
- CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).
- CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).
- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).
- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
- CVE-2023-52786: ext4: fix racy may inline data check in dio write (bsc#1224939).
- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
- CVE-2024-36935: ice: ensure the copied buf is NUL terminated (bsc#1225763).
- CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).
- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).
- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
- CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).
- CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).
- CVE-2024-35892: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() (bsc#1224515).
- CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).
- CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).
- CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).
- CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475).
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2024-35926: crypto: iaa - Fix async_disable descriptor leak (bsc#1224655).
- CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).
- CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).
- CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).
- CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).
- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).
- CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762).
- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).
- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
- CVE-2024-36030: Fixed the double free in rvu_npc_freemem() (bsc#1225712)
- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (bsc#1224621)
- CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).
- CVE-2023-52434: Fixed potential OOBs in smb2_parse_contexts() (bsc#1220148).
- CVE-2024-26860: Fixed a memory leak when rechecking the data (bsc#1223077).
- CVE-2023-52772: Fixed use-after-free in unix_stream_read_actor() (bsc#1224989).
- CVE-2024-27431: Fixed Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718).
- CVE-2024-35860: Struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531).
- CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581).
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2024-35895: Fixed lock inversion deadlock in map delete elem (bsc#1224511).
- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
- CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
- CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).
- CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).
- CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464).
- CVE-2024-27036: Fixed writeback data corruption (bsc#1223810).
- CVE-2024-35903: Fixed IP after emitting call depth accounting (bsc#1224493).
- CVE-2024-35931: Fixed PCI error slot reset during RAS recovery (bsc#1224652).
- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
- CVE-2024-35880: io_uring/kbuf: hold io_buffer_list reference over mmap (bsc#1224523).
- CVE-2024-35831: io_uring: Fix release of pinned pages when __io_uaddr_map fails (bsc#1224698).
- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).
- CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502).
- CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541).
- CVE-2024-36007: Fixed warning during rehash (bsc#1224543).
- CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530).
- CVE-2023-52771: Fixed delete_endpoint() vs parent unregistration race (bsc#1225007).
- CVE-2024-35827: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() (bsc#1224606).
- CVE-2024-27408: Fixed race condition in dmaengine w-edma/eDMA (bsc#1224430).
- CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649).
- CVE-2024-35921: Fixed oops when HEVC init fails (bsc#1224477).
- CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936).
- CVE-2024-35991: Fixed kABI workaround for struct idxd_evl (bsc#1224553).
- CVE-2024-27418: Fixed memory leak in mctp_local_output (bsc#1224720)
- CVE-2024-27417: Fixed potential "struct net" leak in inet6_rtm_getaddr() (bsc#1224721)
- CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187).
- CVE-2024-35917: Fixed Fix bpf_plt pointer arithmetic (bsc#1224481).
- CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).
- CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).
- CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628).
- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2023-52659: Fixed to pfn_to_kaddr() not treated as a 64-bit type (bsc#1224442).
- CVE-2023-52699: sysv: don't call sb_bread() with pointers_lock held (bsc#1224659).
- CVE-2024-21823: Fixed safety flag to struct ends (bsc#1223625).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098).
- CVE-2023-52483: mctp: perform route lookups under a RCU read-side lock (bsc#1220738).
- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
- CVE-2024-26632: Fixed iterating over an empty bio with bio_for_each_folio_all (bsc#1221635).
- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).
- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
- CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829).
- CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).
- CVE-2023-6238: Fixed kcalloc() arguments order (bsc#1217384).
- CVE-2024-26946: Fixed copy_from_kernel_nofault() to read from unsafe address (bsc#1223669).
- CVE-2024-26945: Fixed nr_cpus < nr_iaa case (bsc#1223732).
- CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385).
- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
- CVE-2023-52641: Fixed NULL ptr dereference checking at the end of attr_allocate_frame() (bsc#1222303)
- CVE-2024-26939: Fixed UAF on destroy against retire race (bsc#1223679).
- CVE-2024-26865: rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (bsc#1223062).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-26726: Fixed invalid drop extent_map for free space inode on write error (bsc#1222532)
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
- CVE-2024-26991: Fixed overflow lpage_info when checking attributes (bsc#1223695).
- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2024-27022: Fixed linking file vma until vma is fully initialized (bsc#1223774).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
- CVE-2024-26899: Fixed deadlock between bd_link_disk_holder and partition scan (bsc#1223045).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26638: Fixed uninitialize struct msghdr completely (bsc#1221649).
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26909: Fixed drm bridge use-after-free (bsc#1223143).
- CVE-2024-26674: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups (bsc#1222378).
- CVE-2024-26906: Fixed invalid vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).
- CVE-2024-26832: Fixed missing folio cleanup in writeback race path (bsc#1223007).
- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
The following non-security bugs were fixed:
- 9p: add missing locking around taking dentry fid list (git-fixes)
- ACPI: CPPC: Fix access width used for PCC registers (git-fixes).
- ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).
- ACPI: CPPC: Use access_width over bit_width for system memory accesses (stable-fixes).
- ACPI: EC: Abort address space access upon error (stable-fixes).
- ACPI: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes).
- ACPI: EC: Evaluate orphan _REG under EC device (git-fixes).
- ACPI: EC: Install address space handler at the namespace root (stable-fixes).
- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).
- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).
- ACPI: disable -Wstringop-truncation (git-fixes).
- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes).
- ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).
- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (bsc#1217750).
- ACPI: x86: Add PNP_UART1_SKIP quirk for Lenovo Blade2 tablets (stable-fixes).
- ACPI: x86: Force StorageD3Enable on more products (stable-fixes).
- ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (git-fixes).
- ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).
- ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).
- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
- ALSA: PCM: Allow resume only for suspended streams (stable-fixes).
- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).
- ALSA: core: Remove debugfs at disconnection (git-fixes).
- ALSA: dmaengine: Synchronize dma channel after drop() (stable-fixes).
- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes).
- ALSA: emux: improve patch ioctl data validation (stable-fixes).
- ALSA: hda/conexant: Mute speakers at suspend / shutdown (bsc#1228269).
- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).
- ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (bsc#1228269).
- ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318 (stable-fixes).
- ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).
- ALSA: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14AHP9 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ARP8 (stable-fixes).
- ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).
- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
- ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes).
- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).
- ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes).
- ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).
- ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion models (bsc#1223462).
- ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).
- ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7 (stable-fixes).
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes).
- ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).
- ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes).
- ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).
- ALSA: hda/realtek: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).
- ALSA: hda/realtek: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).
- ALSA: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes).
- ALSA: hda/realtek: cs35l41: Fixup remaining asus strix models (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).
- ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo Hera2 Laptop (stable-fixes).
- ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).
- ALSA: hda: clarify Copyright information (stable-fixes).
- ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).
- ALSA: hda: cs35l41: Component should be unbound before deconstruction (git-fixes).
- ALSA: hda: cs35l41: Fix swapped l/r audio channels for Lenovo ThinBook 13x Gen4 (git-fixes).
- ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).
- ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind() (git-fixes).
- ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-fixes).
- ALSA: hda: cs35l41: Remove redundant argument to cs35l41_request_firmware_file() (stable-fixes).
- ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-fixes).
- ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).
- ALSA: hda: cs35l41: Update DSP1RX5/6 Sources for DSP config (stable-fixes).
- ALSA: hda: cs35l56: Component should be unbound before deconstruction (git-fixes).
- ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() (stable-fixes).
- ALSA: hda: cs35l56: Fix lifecycle of codec pointer (stable-fixes).
- ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).
- ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-fixes).
- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).
- ALSA: hda: tas2781: Component should be unbound before deconstruction (git-fixes).
- ALSA: line6: Zero-initialize message buffers (stable-fixes).
- ALSA: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes).
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
- ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
- ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-fixes).
- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
- ALSA: seq: Do not clear bank selection at event -> UMP MIDI2 conversion (git-fixes).
- ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).
- ALSA: seq: Fix missing MSB in MIDI2 SPP conversion (git-fixes).
- ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-fixes).
- ALSA: seq: Fix missing channel at encoding RPN/NRPN MIDI2 messages (git-fixes).
- ALSA: seq: Fix yet another spot for system message conversion (git-fixes).
- ALSA: seq: ump: Fix missing System Reset message handling (git-fixes).
- ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).
- ALSA: seq: ump: Skip useless ports for static blocks (git-fixes).
- ALSA: timer: Set lower bound of start tick time (stable-fixes).
- ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).
- ALSA: ump: Do not clear bank selection after sending a program change (git-fixes).
- ALSA: ump: Do not update FB name for static blocks (git-fixes).
- ALSA: ump: Force 1 Group for MIDI1 FBs (git-fixes).
- ALSA: ump: Set default protocol when not given explicitly (git-fixes).
- ALSA: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes).
- ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).
- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).
- ALSA: usb-audio: Fix microphone sound on HD webcam (stable-fixes).
- ALSA: usb-audio: Move HD Webcam quirk to the right place (git-fixes).
- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
- ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).
- ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).
- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-fixes).
- ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).
- ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).
- ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).
- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).
- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
- ASoC: Intel: avs: Set name of control as in topology (git-fixes).
- ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).
- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).
- ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-fixes).
- ASoC: Intel: common: add ACPI matching tables for Arrow Lake (stable-fixes).
- ASoC: Intel: sof-sdw: really remove FOUR_SPEAKER quirk (git-fixes).
- ASoC: Intel: sof_sdw: add JD2 quirk for HP Omen 14 (stable-fixes).
- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0C0F (stable-fixes).
- ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (git-fixes).
- ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).
- ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3 suspend (stable-fixes).
- ASoC: SOF: Intel: hda-pcm: Limit the maximum number of periods by MAX_BDL_ENTRIES (stable-fixes).
- ASoC: SOF: Intel: hda: fix null deref on system suspend entry (git-fixes).
- ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-fixes).
- ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).
- ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).
- ASoC: SOF: imx8m: Fix DSP control regmap retrieval (git-fixes).
- ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (git-fixes).
- ASoC: SOF: ipc4-topology: Preserve the DMA Link ID for ChainDMA on unprepare (git-fixes).
- ASoC: SOF: ipc4-topology: Use correct queue_id for requesting input pin format (stable-fixes).
- ASoC: SOF: pcm: Restrict DSP D0i3 during S0ix to IPC3 (stable-fixes).
- ASoC: SOF: sof-audio: Skip unprepare for in-use widgets on error rollback (stable-fixes).
- ASoC: TAS2781: Fix tasdev_load_calibrated_data() (git-fixes).
- ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).
- ASoC: amd: Adjust error handling in case of absent codec device (git-fixes).
- ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes).
- ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS M5602RA (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E16 Gen 2 (bsc#1228269).
- ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).
- ASoC: cs35l41: Update DSP1RX5/6 Sources for DSP config (git-fixes).
- ASoC: cs35l56: Accept values greater than 0 as IRQ numbers (git-fixes).
- ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).
- ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).
- ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).
- ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes).
- ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value (git-fixes).
- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
- ASoC: max98088: Check for clk_prepare_enable() error (git-fixes).
- ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-fixes).
- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).
- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: q6apm-lpass-dai: close graph on prepare errors (git-fixes).
- ASoC: qcom: Adjust issues in case of DT error in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ASoC: rockchip: i2s-tdm: Fix trcm mode by setting clock on right mclk (git-fixes).
- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-fixes).
- ASoC: rt711-sdw: add missing readable registers (stable-fixes).
- ASoC: rt715-sdca: volume step modification (git-fixes).
- ASoC: rt715: add vendor clear control register (git-fixes).
- ASoC: rt722-sdca-sdw: add debounce time for type detection (stable-fixes).
- ASoC: rt722-sdca-sdw: add silence detection register as volatile (stable-fixes).
- ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).
- ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).
- ASoC: sof: amd: fix for firmware reload failure in Vangogh platform (git-fixes).
- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).
- ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).
- ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes).
- ASoC: ti: omap-hdmi: Fix too long driver name (stable-fixes).
- ASoC: topology: Do not assign fields that are already set (stable-fixes).
- ASoC: topology: Fix references to freed memory (stable-fixes).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
- ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).
- ASoc: tas2781: Enable RCA-based playback without DSP firmware download (git-fixes).
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).
- Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).
- Bluetooth: ISO: Check socket flag instead of hcon (git-fixes).
- Bluetooth: ISO: Fix BIS cleanup (stable-fixes).
- Bluetooth: Ignore too large handle values in BIG (git-fixes).
- Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes).
- Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).
- Bluetooth: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes).
- Bluetooth: btintel: Refactor btintel_set_ppag() (git-fixes).
- Bluetooth: btnxpuart: Add handling for boot-signature timeout errors (git-fixes).
- Bluetooth: btnxpuart: Enable Power Save feature on startup (stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
- Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-fixes).
- Bluetooth: hci_bcm4377: Fix msgid release (git-fixes).
- Bluetooth: hci_bcm4377: Use correct unit for timeouts (git-fixes).
- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-fixes).
- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
- Bluetooth: hci_event: Fix setting of unicast qos interval (git-fixes).
- Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS (stable-fixes).
- Bluetooth: hci_event: Set QoS encryption from BIGInfo report (git-fixes).
- Bluetooth: hci_sync: Using hci_cmd_sync_submit when removing Adv Monitor (bsc#1219216).
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).
- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).
- Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes).
- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).
- Bluetooth: qca: add missing firmware sanity checks (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
- Bluetooth: qca: fix NVM configuration parsing (git-fixes).
- Bluetooth: qca: fix firmware check error path (git-fixes).
- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).
- Bluetooth: qca: set power_ctrl_enabled on NULL returned by gpiod_get_optional() (git-fixes).
- EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).
- Enable CONFIG_FIPS_SIGNATURE_SELFTEST (bsc#1222771)
- Enable CONFIG_SCHED_CLUSTER=y on arm64 (jsc#PED-8701).
- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_ECDSA.
- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_RSA.
- Fix a potential infinite loop in extract_user_to_sg() (git-fixes).
- Fix build errors due to new UIO_MEM_DMA_COHERENT mess (git-fixes).
- Fix missing CONFIG_SUSE_SUPPORTED for arm64/64kb flavor (bsc#1223357)
- HID: Add quirk for Logitech Casa touchpad (stable-fixes).
- HID: Ignore battery for ELAN touchscreens 2F2C and 4116 (stable-fixes).
- HID: amd_sfh: Handle "no sensors" in PM operations (git-fixes).
- HID: core: remove unnecessary WARN_ON() in implement() (git-fixes).
- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-fixes).
- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
- HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports (git-fixes).
- HID: mcp-2221: cancel delayed_work only when CONFIG_IIO is enabled (stable-fixes).
- HID: wacom: Modify pen IDs (git-fixes).
- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
- Input: ads7846 - use spi_device_id table (stable-fixes).
- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).
- Input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes).
- Input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes).
- Input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes).
- Input: i8042 - add Ayaneo Kun to i8042 quirk table (stable-fixes).
- Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes).
- Input: ims-pcu - fix printf string overflow (git-fixes).
- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).
- Input: qt1050 - handle CHIP_ID reading error (git-fixes).
- Input: silead - Always support 10 fingers (stable-fixes).
- Input: xpad - add support for ASUS ROG RAIKIRI (git-fixes).
- Input: xpad - add support for ASUS ROG RAIKIRI PRO (stable-fixes).
- KEYS: trusted: Do not use WARN when encode fails (git-fixes).
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
- KVM: SEV-ES: Delegate LBR virtualization to the processor (git-fixes).
- KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (git-fixes).
- KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).
- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (git-fixes).
- KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).
- KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (git-fixes).
- KVM: VMX: Disable LBR virtualization if the CPU does not support LBR callstacks (git-fixes).
- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
- KVM: arm64: Use local TLBI on permission relaxation (bsc#1219478).
- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224790).
- KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal slots (git-fixes).
- KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-fixes).
- KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).
- KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (git-fixes).
- KVM: x86/pmu: Allow programming events that match unsupported arch events (git-fixes).
- KVM: x86/pmu: Always treat Fixed counters as available when supported (git-fixes).
- KVM: x86/pmu: Apply "fast" RDPMC only to Intel PMUs (git-fixes).
- KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).
- KVM: x86/pmu: Disallow "fast" RDPMC for architectural Intel PMUs (git-fixes).
- KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).
- KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-fixes).
- KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives (git-fixes).
- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (bsc#1226158).
- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (git-fixes).
- KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at "RESET" (git-fixes).
- KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).
- KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).
- KVM: x86/xen: improve accuracy of Xen timers (git-fixes).
- KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-fixes).
- KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery (git-fixes).
- KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-fixes).
- KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes).
- KVM: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes).
- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-fixes).
- KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).
- KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-fixes).
- KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-fixes).
- KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they're a WIP (git-fixes).
- KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-fixes).
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- NFS: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes).
- NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847).
- NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
- NFS: add barriers when testing for NFS_FSDATA_BLOCKED (git-fixes).
- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).
- NFSD: Fix checksum mismatches in the duplicate reply cache (git-fixes).
- NFSv4.1 enforce rootpath check in fs_location query (git-fixes).
- NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362).
- NFSv4: Fixup smatch warning for ambiguous return (git-fixes).
- Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).
- PCI/ASPM: Update save_state when configuration changes (bsc#1226915)
- PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (git-fixes).
- PCI/DPC: Use FIELD_GET() (stable-fixes).
- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/MSI: Fix UAF in msi_capability_init (git-fixes).
- PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes).
- PCI: Clear Secondary Status errors after enumeration (bsc#1226928)
- PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).
- PCI: Do not wait for disconnected devices when resuming (git-fixes).
- PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).
- PCI: Extend ACS configurability (bsc#1228090).
- PCI: Fix resource double counting on remove & rescan (git-fixes).
- PCI: Fix typos in docs and comments (stable-fixes).
- PCI: Introduce cleanup helpers for device reference counts and locks (stable-fixes).
- PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word() (stable-fixes).
- PCI: dw-rockchip: Fix initial PERST# GPIO value (git-fixes).
- PCI: dwc: Fix index 0 incorrectly being interpreted as a free ATU slot (git-fixes).
- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).
- PCI: endpoint: Clean up error handling in vpci_scan_bus() (git-fixes).
- PCI: endpoint: Fix error handling in epf_ntb_epc_cleanup() (git-fixes).
- PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init() (git-fixes).
- PCI: keystone: Do not enable BAR 0 for AM654x (git-fixes).
- PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (git-fixes).
- PCI: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes).
- PCI: qcom-ep: Disable resources unconditionally during PERST# assert (git-fixes).
- PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() (git-fixes).
- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).
- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes).
- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
- PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).
- PCI: switchtec: Use normal comment style (stable-fixes).
- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
- PCI: tegra194: Set EP alignment restriction for inbound ATU (git-fixes).
- PCI: vmd: Create domain symlink before pci_bus_add_devices() (bsc#1227363).
- PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).
- Port "certs: Add ECDSA signature verification self-test".
- Port "certs: Move RSA self-test data to separate file".
- RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300).
- RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).
- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
- RDMA/bnxt_re: Fix the max msix vectors macro (git-fixes)
- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)
- RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw (git-fixes)
- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)
- RDMA/hns: Fix GMV table pagesize (git-fixes)
- RDMA/hns: Fix UAF for cq async event (git-fixes)
- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
- RDMA/hns: Modify the print level of CQE error (git-fixes)
- RDMA/hns: Use complete parentheses in macros (git-fixes)
- RDMA/mana_ib: Ignore optional access flags for MRs (git-fixes).
- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)
- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
- RDMA/mlx5: Change check for cacheable mkeys (git-fixes)
- RDMA/mlx5: Ensure created mkeys always have a populated rb_key (git-fixes)
- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)
- RDMA/mlx5: Fix unwind flow as part of mlx5_ib_stage_init_init (git-fixes)
- RDMA/mlx5: Follow rb_key.ats when creating new mkeys (git-fixes)
- RDMA/mlx5: Remove extra unlock on error path (git-fixes)
- RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)
- RDMA/restrack: Fix potential invalid address access (git-fixes)
- RDMA/rxe: Allow good work requests to be executed (git-fixes)
- RDMA/rxe: Fix data copy for IB_SEND_INLINE (git-fixes)
- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
- RDMA/rxe: Fix responder length checking for UD request packets (git-fixes)
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
- RDMA/rxe: Fix the problem "mutex_destroy missing" (git-fixes)
- SEV: disable SEV-ES DebugSwap by default (git-fixes).
- SUNRPC: Fix gss_free_in_token_pages() (git-fixes).
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272).
- SUNRPC: return proper error from gss_wrap_req_priv (git-fixes).
- USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes).
- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).
- USB: core: Fix access violation during port device removal (git-fixes).
- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes).
- USB: serial: mos7840: fix crash on resume (git-fixes).
- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
- USB: serial: option: add Fibocom FM350-GL (stable-fixes).
- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
- USB: serial: option: add Netprisma LCUK54 series modules (stable-fixes).
- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
- USB: serial: option: add Rolling RW350-GL variants (stable-fixes).
- USB: serial: option: add Telit FN912 rmnet compositions (stable-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
- USB: serial: option: add Telit generic core-dump composition (stable-fixes).
- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
- USB: serial: option: add support for Foxconn T99W651 (stable-fixes).
- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
- USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes).
- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).
- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).
- X.509: Fix the parser of extended key usage for length (bsc#1218820).
- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).
- amd/amdkfd: sync all devices to wait all processes being evicted (stable-fixes).
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
- arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).
- arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502)
- arm64/io: add constant-argument check (bsc#1226502 git-fixes)
- arm64: Add the arm64.no32bit_el0 command line option (jsc#PED-3184).
- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).
- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
- arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: enable hysteresis on slow input (git-fixes)
- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
- arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)
- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)
- arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)
- arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes)
- arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx93-11x11-evk: Remove the 'no-sdio' property (git-fixes)
- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Add mdio and ethernet-phy nodes to (git-fixes)
- arm64: dts: rockchip: Add missing power-domains for rk356x vop_mmu (git-fixes)
- arm64: dts: rockchip: Add pinctrl for UART0 to rk3308-rock-pi-s (git-fixes)
- arm64: dts: rockchip: Add sdmmc related properties on (git-fixes)
- arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes)
- arm64: dts: rockchip: Drop invalid mic-in-differential on (git-fixes)
- arm64: dts: rockchip: Fix SD NAND and eMMC init on rk3308-rock-pi-s (git-fixes)
- arm64: dts: rockchip: Fix mic-in-differential usage on (git-fixes)
- arm64: dts: rockchip: Fix mic-in-differential usage on rk3566-roc-pc (git-fixes)
- arm64: dts: rockchip: Fix the DCDC_REG2 minimum voltage on Quartz64 (git-fixes)
- arm64: dts: rockchip: Fix the value of `dlg,jack-det-rate` mismatch (git-fixes)
- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- arm64: dts: rockchip: Rename LED related pinctrl nodes on (git-fixes)
- arm64: dts: rockchip: Update WIFi/BT related nodes on (git-fixes)
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes)
- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)
- arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)
- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
- arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8688).
- arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8688).
- arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8688).
- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
- asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-fixes).
- ata,scsi: libata-core: Do not leak memory for ata_port struct members (git-fixes).
- ata: ahci: Clean up sysfs file on error (git-fixes).
- ata: libata-core: Fix double free on error (git-fixes).
- ata: libata-core: Fix null pointer dereference on error (git-fixes).
- ata: libata-scsi: Fix offsets for the fixed format sense data (git-fixes).
- ata: pata_legacy: make legacy_exit() work again (git-fixes).
- ata: sata_gemini: Check clk_enable() result (stable-fixes).
- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).
- auxdisplay: ht16k33: Drop reference after LED registration (git-fixes).
- ax25: Fix netdev refcount issue (git-fixes).
- ax25: Fix refcount imbalance on inbound connections (git-fixes).
- ax25: Fix reference count leak issue of net_device (git-fixes).
- ax25: Fix reference count leak issues of ax25_dev (git-fixes).
- batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).
- batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes).
- bitops: add missing prototype check (git-fixes).
- blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (bsc#1225605).
- blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).
- block: Move checking GENHD_FL_NO_PART to bdev_add_partition() (bsc#1226213).
- block: fix q->blkg_list corruption during disk rebind (bsc#1223591).
- bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX (git-fixes).
- bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).
- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-fixes).
- bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)
- bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).
- bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).
- bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).
- bpf, arm64: Fix incorrect runtime stats (git-fixes)
- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).
- bpf: Remove xdp_do_flush_map() (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- bpf: check bpf_func_state->callback_depth when pruning states (bsc#1225903).
- bpf: correct loop detection for iterators convergence (bsc#1225903).
- bpf: exact states comparison for iterator convergence checks (bsc#1225903).
- bpf: extract __check_reg_arg() utility function (bsc#1225903).
- bpf: extract same_callsites() as utility function (bsc#1225903).
- bpf: extract setup_func_entry() utility function (bsc#1225903).
- bpf: fix precision backtracking instruction iteration (bsc#1225756).
- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
- bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903).
- bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903).
- bpf: print full verifier states on infinite loop detection (bsc#1225903).
- bpf: verify callbacks as if they are called unknown number of times (bsc#1225903).
- bpf: widening for callback iterators (bsc#1225903).
- btrfs: add a helper to read the superblock metadata_uuid (git-fixes)
- btrfs: add and use helper to check if block group is used (bsc#1220120).
- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: add new unused block groups to the list of unused block groups (bsc#1220120).
- btrfs: allow to run delayed refs by bytes to be released instead of count (bsc#1220120).
- btrfs: always clear PERTRANS metadata during commit (git-fixes)
- btrfs: always print transaction aborted messages with an error level (git-fixes)
- btrfs: always reserve space for delayed refs when starting transaction (bsc#1220120).
- btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).
- btrfs: assert delayed node locked when removing delayed item (git-fixes)
- btrfs: avoid start and commit empty transaction when flushing qgroups (bsc#1220120).
- btrfs: avoid start and commit empty transaction when starting qgroup rescan (bsc#1220120).
- btrfs: avoid starting and committing empty transaction when flushing space (bsc#1220120).
- btrfs: avoid starting new transaction when flushing delayed items and refs (bsc#1220120).
- btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)
- btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-fixes)
- btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size (git-fixes)
- btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-fixes)
- btrfs: do not allow non subvolume root targets for snapshot (git-fixes)
- btrfs: do not arbitrarily slow down delalloc if we're committing (git-fixes)
- btrfs: do not delete unused block group if it may be used soon (bsc#1220120).
- btrfs: do not refill whole delayed refs block reserve when starting transaction (bsc#1220120).
- btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-fixes)
- btrfs: do not steal space from global rsv after a transaction abort (bsc#1220120).
- btrfs: do not warn if discard range is not aligned to sector (git-fixes)
- btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is given (bsc#1223285).
- btrfs: error out when COWing block using a stale transaction (git-fixes)
- btrfs: error out when reallocating block for defrag using a stale transaction (git-fixes)
- btrfs: error when COWing block from a root that is being deleted (git-fixes)
- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)
- btrfs: fail priority metadata ticket with real fs error (bsc#1220120).
- btrfs: file_remove_privs needs an exclusive lock in direct io write (git-fixes)
- btrfs: fix 64bit compat send ioctl arguments not initializing version member (git-fixes)
- btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)
- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)
- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)
- btrfs: fix off-by-one when checking chunk map includes logical address (git-fixes)
- btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).
- btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).
- btrfs: fix race when refilling delayed refs block reserve (git-fixes)
- btrfs: fix start transaction qgroup rsv double free (git-fixes)
- btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range() (git-fixes)
- btrfs: free qgroup rsv on io failure (git-fixes)
- btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-fixes)
- btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).
- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)
- btrfs: initialize key where it's used when running delayed data ref (bsc#1220120).
- btrfs: log message if extent item not found when running delayed extent op (bsc#1220120).
- btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).
- btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).
- btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).
- btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).
- btrfs: make error messages more clear when getting a chunk map (git-fixes)
- btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).
- btrfs: make find_free_dev_extent() static (bsc#1220120).
- btrfs: make insert_delayed_ref() return a bool instead of an int (bsc#1220120).
- btrfs: merge find_free_dev_extent() and find_free_dev_extent_start() (bsc#1220120).
- btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).
- btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).
- btrfs: output extra debug info if we failed to find an inline backref (git-fixes)
- btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes() (bsc#1220120).
- btrfs: prevent transaction block reserve underflow when starting transaction (git-fixes)
- btrfs: print available space across all block groups when dumping space info (bsc#1220120).
- btrfs: print available space for a block group when dumping a space info (bsc#1220120).
- btrfs: print block group super and delalloc bytes when dumping space info (bsc#1220120).
- btrfs: print target number of bytes when dumping free space (bsc#1220120).
- btrfs: qgroup: always free reserved space for extent records (bsc#1216196).
- btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-fixes)
- btrfs: record delayed inode root in transaction (git-fixes)
- btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)
- btrfs: release path before inode lookup during the ino lookup ioctl (git-fixes)
- btrfs: remove pointless 'ref_root' variable from run_delayed_data_ref() (bsc#1220120).
- btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release() (bsc#1220120).
- btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_drop argument from __btrfs_free_extent() (bsc#1220120).
- btrfs: remove the refcount warning/check at btrfs_put_delayed_ref() (bsc#1220120).
- btrfs: remove unnecessary logic when running new delayed references (bsc#1220120).
- btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).
- btrfs: remove unused is_head field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: rename add_new_free_space() to btrfs_add_new_free_space() (bsc#1220120).
- btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).
- btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).
- btrfs: reset destination buffer when read_extent_buffer() gets invalid range (git-fixes)
- btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (git-fixes)
- btrfs: return -EUCLEAN if extent item is missing when searching inline backref (bsc#1220120).
- btrfs: return real error when orphan cleanup fails due to a transaction abort (bsc#1220120).
- btrfs: send: do not issue unnecessary zero writes for trailing hole (bsc#1222459).
- btrfs: send: ensure send_fd is writable (git-fixes)
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)
- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
- btrfs: set page extent mapped after read_folio in relocate_one_page (git-fixes)
- btrfs: simplify check for extent item overrun at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: stop doing excessive space reservation for csum deletion (bsc#1220120).
- btrfs: store the error that turned the fs into error state (bsc#1220120).
- btrfs: sysfs: validate scrub_speed_max value (git-fixes)
- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)
- btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).
- btrfs: update documentation for add_new_free_space() (bsc#1220120).
- btrfs: use a bool to track qgroup record insertion when adding ref head (bsc#1220120).
- btrfs: use a single switch statement when initializing delayed ref head (bsc#1220120).
- btrfs: use a single variable for return value at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: use a single variable for return value at run_delayed_extent_op() (bsc#1220120).
- btrfs: use bool type for delayed ref head fields that are used as booleans (bsc#1220120).
- btrfs: use the correct superblock to compare fsid in btrfs_validate_super (git-fixes)
- btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)
- btrfs: zoned: do not skip block groups with 100% zone unusable (bsc#1220120).
- bus: mhi: host: allow MHI client drivers to provide the firmware via a pointer (bsc#1227149).
- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes).
- cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-fixes).
- cachefiles: remove requests from xarray during flushing requests (bsc#1226588).
- can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (git-fixes).
- can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes).
- can: mcp251xfd: fix infinite loop when xmit fails (git-fixes).
- cdrom: rearrange last_media_change check to avoid unintentional overflow (stable-fixes).
- ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022).
- ceph: always check dir caps asynchronously (bsc#1226022).
- ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).
- ceph: break the check delayed cap loop every 5s (bsc#1226022).
- ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228417).
- ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).
- ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022).
- certs: Add ECDSA signature verification self-test (bsc#1222777).
- certs: Move RSA self-test data to separate file (bsc#1222777).
- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (git-fixes).
- checkpatch: really skip LONG_LINE_* when LONG_LINE is ignored (git-fixes).
- cifs: Add a laundromat thread for cached directories (git-fixes, bsc#1225172).
- cifs: Do not use certain unnecessary folio_*() functions (bsc#1225172).
- cifs: account for primary channel in the interface list (bsc#1225172).
- cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1225172).
- cifs: distribute channels across interfaces based on speed (bsc#1225172).
- cifs: do not pass cifs_sb when trying to add channels (bsc#1225172).
- cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1225172).
- cifs: fix charset issue in reconnection (bsc#1225172).
- cifs: fix leak of iface for primary channel (git-fixes, bsc#1225172).
- cifs: handle cases where a channel is closed (bsc#1225172).
- cifs: handle cases where multiple sessions share connection (bsc#1225172).
- cifs: reconnect work should have reference on server struct (bsc#1225172).
- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).
- clk: Get runtime PM before walking tree during disable_unused (git-fixes).
- clk: Get runtime PM before walking tree for clk_summary (git-fixes).
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- clk: Show active consumers of clocks in debugfs (stable-fixes).
- clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (git-fixes).
- clk: mediatek: mt8183: Only enable runtime PM on mt8183-mfgcfg (git-fixes).
- clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).
- clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).
- clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).
- clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-fixes).
- clk: qcom: clk-alpha-pll: set ALPHA_EN bit for Stromer Plus PLLs (git-fixes).
- clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).
- clk: qcom: gcc-sm6350: Fix gpll6* & gpll7 parents (git-fixes).
- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
- clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).
- clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).
- clk: rs9: fix wrong default value for clock amplitude (git-fixes).
- clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).
- clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).
- clkdev: Update clkdev id usage to allow for longer names (stable-fixes).
- config/arm64: Enable CoreSight PMU drivers (bsc#1228289 jsc#PED-7859)
- counter: linux/counter.h: fix Excess kernel-doc description warning (git-fixes).
- counter: ti-eqep: enable clock at probe (git-fixes).
- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
- cpufreq/amd-pstate: Fix the scaling_max_freq setting on shared memory CPPC systems (git-fixes).
- cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).
- cpufreq: amd-pstate: fix memory leak on CPU EPP exit (stable-fixes).
- cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-fixes).
- cpufreq: exit() callback is optional (git-fixes).
- cpufreq: ti-cpufreq: Handle deferred probe with dev_err_probe() (git-fixes).
- cpumask: Add for_each_cpu_from() (bsc#1225053).
- crypto/ecdh: make ecdh_compute_value() to zeroize the public key (bsc#1222768).
- crypto/ecdsa: make ecdsa_ecc_ctx_deinit() to zeroize the public key (bsc#1222768).
- crypto: aead,cipher - zeroize key buffer after use (stable-fixes).
- crypto: bcm - Fix pointer arithmetic (git-fixes).
- crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).
- crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).
- crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked (git-fixes).
- crypto: ccp - drop platform ifdef checks (git-fixes).
- crypto: deflate - Add aliases to deflate (bsc#1227190).
- crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).
- crypto: ecdh - explicitly zeroize private_key (stable-fixes).
- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
- crypto: ecdsa - Fix the public key format description (git-fixes).
- crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).
- crypto: hisilicon/debugfs - Fix debugfs uninit process issue (stable-fixes).
- crypto: hisilicon/qm - Add the err memory release process to qm uninit (stable-fixes).
- crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes).
- crypto: iaa - Account for cpu-less numa nodes (bsc#1227190).
- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).
- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).
- crypto: qat - extend scope of lock in adf_cfg_add_key_value_param() (git-fixes).
- crypto: qat - improve error logging to be consistent across features (git-fixes).
- crypto: qat - specify firmware files for 402xx (git-fixes).
- crypto: rsa - add a check for allocation failure (bsc#1222775).
- crypto: rsa - allow only odd e and restrict value in FIPS mode (bsc#1222775).
- crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c (bsc#1222769).
- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
- cxgb4: Properly lock TX queue for the selftest (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- cxl/region: Fix cxlr_pmem leaks (git-fixes).
- cxl/region: Fix memregion leaks in devm_cxl_add_region() (git-fixes).
- cxl/test: Add missing vmalloc.h for tools/testing/cxl/test/mem.c (git-fixes).
- cxl/trace: Correct DPA field masks for general_media & dram events (git-fixes).
- decompress_bunzip2: fix rare decompression failure (git-fixes).
- devres: Fix devm_krealloc() wasting memory (git-fixes).
- devres: Fix memory leakage caused by driver API devm_free_percpu() (git-fixes).
- dlm: fix user space lock decision to copy lvb (git-fixes).
- dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575).
- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).
- dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).
- dma-mapping: benchmark: fix node id validation (git-fixes).
- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).
- dma: fix call order in dmam_free_coherent (git-fixes).
- dma: xilinx_dpdma: Fix locking (git-fixes).
- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).
- dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes).
- dmaengine: ioatdma: Fix error path in ioat3_dma_probe() (git-fixes).
- dmaengine: ioatdma: Fix kmemleak in ioat_pci_probe() (git-fixes).
- dmaengine: ioatdma: Fix leaking on version mismatch (git-fixes).
- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- dmaengine: ti: k3-udma: Fix BCHAN count with UHC and HC channels (git-fixes).
- docs: crypto: async-tx-api: fix broken code example (git-fixes).
- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).
- docs: netdev: Fix typo in Signed-off-by tag (git-fixes).
- dpll: spec: use proper enum for pin capabilities attribute (git-fixes).
- driver core: Introduce device_link_wait_removal() (stable-fixes).
- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
- drivers/xen: Improve the late XenStore init protocol (git-fixes).
- drivers: core: synchronize really_probe() and dev_uevent() (git-fixes).
- drivers: soc: xilinx: check return status of get_api_version() (git-fixes).
- drm/amd/amdgpu: Fix uninitialized variable warnings (git-fixes).
- drm/amd/display: ASSERT when failing to find index by plane/stream id (stable-fixes).
- drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes).
- drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).
- drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).
- drm/amd/display: Add refresh rate range check (stable-fixes).
- drm/amd/display: Allocate zero bw after bw alloc enable (stable-fixes).
- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).
- drm/amd/display: Check index msg_id before read or write (stable-fixes).
- drm/amd/display: Check pipe offset before setting vblank (stable-fixes).
- drm/amd/display: Disable seamless boot on 128b/132b encoding (stable-fixes).
- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
- drm/amd/display: Enable colorspace property for MST connectors (git-fixes).
- drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/display: Fix DC mode screen flickering on DCN321 (stable-fixes).
- drm/amd/display: Fix array-index-out-of-bounds in dml2/FCLKChangeSupport (stable-fixes).
- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).
- drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).
- drm/amd/display: Fix overlapping copy within dml_core_mode_programming (stable-fixes).
- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).
- drm/amd/display: Fix refresh rate range for some panel (stable-fixes).
- drm/amd/display: Fix uninitialized variables in DM (stable-fixes).
- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).
- drm/amd/display: Move 'struct scaler_data' off stack (git-fixes).
- drm/amd/display: Remove pixle rate limit for subvp (stable-fixes).
- drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate() (git-fixes).
- drm/amd/display: Revert Remove pixle rate limit for subvp (stable-fixes).
- drm/amd/display: Send DP_TOTAL_LTTPR_CNT during detection if LTTPR is present (stable-fixes).
- drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes).
- drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes).
- drm/amd/display: Skip pipe if the pipe idx not set properly (stable-fixes).
- drm/amd/display: Update efficiency bandwidth for dcn351 (stable-fixes).
- drm/amd/display: Workaround register access in idle race with cursor (stable-fixes).
- drm/amd/display: change dram_clock_latency to 34us for dcn35 (stable-fixes).
- drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes).
- drm/amd/pm: Restore config space after reset (stable-fixes).
- drm/amd/pm: remove logically dead code for renoir (git-fixes).
- drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).
- drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).
- drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes).
- drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes).
- drm/amdgpu/mes: fix use-after-free issue (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
- drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).
- drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-fixes).
- drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).
- drm/amdgpu: Fix VRAM memory accounting (stable-fixes).
- drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() (git-fixes).
- drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).
- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
- drm/amdgpu: Fix memory range calculation (git-fixes).
- drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes).
- drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes).
- drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).
- drm/amdgpu: Fix uninitialized variable warnings (stable-fixes).
- drm/amdgpu: Indicate CU havest info to CP (stable-fixes).
- drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes).
- drm/amdgpu: Refine IB schedule error logging (stable-fixes).
- drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes).
- drm/amdgpu: Update BO eviction priorities (stable-fixes).
- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (stable-fixes).
- drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).
- drm/amdgpu: avoid using null object of framebuffer (stable-fixes).
- drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/amdgpu: fix doorbell regression (git-fixes).
- drm/amdgpu: fix locking scope when flushing tlb (stable-fixes).
- drm/amdgpu: fix the warning about the expression (int)size - len (stable-fixes).
- drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
- drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).
- drm/amdgpu: init microcode chip name from ip versions (stable-fixes).
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
- drm/amdgpu: silence UBSAN warning (stable-fixes).
- drm/amdkfd: Add VRAM accounting for SVM migration (stable-fixes).
- drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).
- drm/amdkfd: Fix CU Masking for GFX 9.4.3 (git-fixes).
- drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).
- drm/amdkfd: Let VRAM allocations go to GTT domain on small APUs (stable-fixes).
- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).
- drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).
- drm/arm/komeda: Fix komeda probe failing if there are no links in the secondary pipeline (git-fixes).
- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).
- drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).
- drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-fixes).
- drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: anx7625: Update audio status while detecting (git-fixes).
- drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: it6505: fix hibernate to resume no display issue (git-fixes).
- drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611uxc: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: samsung-dsim: Set P divider based on min/max of fin pll (git-fixes).
- drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).
- drm/ci: update device type for volteer devices (git-fixes).
- drm/connector: Add \n to message about demoting connector force-probes (git-fixes).
- drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes).
- drm/drm_file: Fix pid refcounting race (git-fixes).
- drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes).
- drm/etnaviv: fix tx clock gating on some GC7000 variants (stable-fixes).
- drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).
- drm/exynos: dp: drop driver owner initialization (stable-fixes).
- drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).
- drm/fbdev-dma: Fix framebuffer mode for big endian devices (git-fixes).
- drm/fbdev-dma: Only set smem_start is enable per module option (git-fixes).
- drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).
- drm/fbdev-generic: Fix framebuffer on big endian devices (git-fixes).
- drm/gma500: Remove lid code (git-fixes).
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-fixes).
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-fixes).
- drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).
- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
- drm/i915/dp: Do not switch the LTTPR mode on an active link (git-fixes).
- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
- drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).
- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
- drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes).
- drm/i915/gt: Fix CCS id's calculation for CCS mode setting (git-fixes).
- drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).
- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
- drm/i915/hwmon: Get rid of devm (stable-fixes).
- drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).
- drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).
- drm/i915: Disable live M/N updates when using bigjoiner (stable-fixes).
- drm/i915: Fix audio component initialization (git-fixes).
- drm/komeda: check for error-valued pointer (git-fixes).
- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).
- drm/lima: Mark simple_ondemand governor as softdep (git-fixes).
- drm/lima: add mask irq callback to gp and pp (stable-fixes).
- drm/lima: fix shared irq handling on driver remove (stable-fixes).
- drm/lima: mask irqs in timeout path before hard reset (stable-fixes).
- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
- drm/mediatek: Add DRM_MODE_ROTATE_0 to rotation property (git-fixes).
- drm/mediatek: Add OVL compatible name for MT8195 (git-fixes).
- drm/mediatek: Add missing plane settings when async update (git-fixes).
- drm/mediatek: Call drm_atomic_helper_shutdown() at shutdown time (stable-fixes).
- drm/mediatek: Fix XRGB setting error in Mixer (git-fixes).
- drm/mediatek: Fix XRGB setting error in OVL (git-fixes).
- drm/mediatek: Fix bit depth overwritten for mtk_ovl_set bit_depth() (git-fixes).
- drm/mediatek: Fix destination alpha error in OVL (git-fixes).
- drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).
- drm/mediatek: Remove less-than-zero comparison of an unsigned value (git-fixes).
- drm/mediatek: Set DRM mode configs accordingly (git-fixes).
- drm/mediatek: Support DRM plane alpha in Mixer (git-fixes).
- drm/mediatek: Support DRM plane alpha in OVL (git-fixes).
- drm/mediatek: Support RGBA8888 and RGBX8888 in OVL on MT8195 (git-fixes).
- drm/mediatek: Turn off the layers with zero width or height (git-fixes).
- drm/mediatek: Use 8-bit alpha in ETHDR (git-fixes).
- drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).
- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
- drm/meson: dw-hdmi: power up phy on device init (git-fixes).
- drm/meson: fix canvas release in bind function (git-fixes).
- drm/meson: gate px_clk when setting rate (git-fixes).
- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).
- drm/mgag200: Bind I2C lifetime to DRM device (git-fixes).
- drm/mgag200: Set DDC timeout in milliseconds (git-fixes).
- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-fixes).
- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_generic_write_seq() (git-fixes).
- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
- drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).
- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
- drm/msm/dpu: Add callback function pointer check before its call (git-fixes).
- drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).
- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
- drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-fixes).
- drm/msm/dpu: fix encoder irq wait skip (git-fixes).
- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).
- drm/msm/dsi: set VIDEO_COMPRESSION_MODE_CTRL_WC (git-fixes).
- drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes).
- drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1 (bsc#1223838).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (stable-fixes).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (stable-fixes).
- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).
- drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).
- drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-fixes).
- drm/nouveau: do not attempt to schedule hpd_work on headless cards (git-fixes).
- drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (git-fixes).
- drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-fixes).
- drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).
- drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes).
- drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes).
- drm/panel: himax-hx8394: Handle errors from mipi_dsi_dcs_set_display_on() better (git-fixes).
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes).
- drm/panel: ilitek-ili9882t: Check for errors on the NOP in prepare() (git-fixes).
- drm/panel: ilitek-ili9882t: If prepare fails, disable GPIO before regulators (git-fixes).
- drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-fixes).
- drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init (git-fixes).
- drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes).
- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).
- drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).
- drm/panel: sitronix-st7789v: Add check for of_drm_get_panel_orientation (git-fixes).
- drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes).
- drm/qxl: Add check for drm_cvt_mode (git-fixes).
- drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes).
- drm/radeon: check bo_va->bo is non-NULL before using it (stable-fixes).
- drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).
- drm/radeon: silence UBSAN warning (v3) (stable-fixes).
- drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).
- drm/rockchip: vop2: Fix the port mux of VP2 (git-fixes).
- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).
- drm/sun4i: hdmi: Convert encoder to atomic (stable-fixes).
- drm/sun4i: hdmi: Move mode_set into enable (stable-fixes).
- drm/ttm: Always take the bo delayed cleanup path for imported bos (git-fixes).
- drm/udl: Remove DRM_CONNECTOR_POLL_HPD (git-fixes).
- drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).
- drm/vmwgfx: Do not memcmp equivalent pointers (git-fixes).
- drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).
- drm/vmwgfx: Fix Legacy Display Unit (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
- drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes).
- drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).
- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes).
- drm: vc4: Fix possible null pointer dereference (git-fixes).
- drm: zynqmp_dpsub: Always register bridge (git-fixes).
- drm: zynqmp_dpsub: Fix an error handling path in zynqmp_dpsub_probe() (git-fixes).
- drm: zynqmp_kms: Fix AUX bus not getting unregistered (git-fixes).
- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
- dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).
- dyndbg: fix old BUG_ON in >control parser (stable-fixes).
- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-fixes).
- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (git-fixes).
- ecryptfs: Fix buffer size for tag 66 packet (git-fixes)
- ecryptfs: Reject casefold directory inodes (git-fixes)
- eeprom: at24: Probe for DDR3 thermal sensor in the SPD case (stable-fixes).
- eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes).
- efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory (git-fixes).
- efi/unaccepted: touch soft lockup during memory accept (git-fixes).
- efi/x86: Free EFI memory map only when installing a new one (git-fixes).
- efi: libstub: only free priv.runtime_map when allocated (git-fixes).
- erofs: ensure m_llen is reset to 0 if metadata is invalid (git-fixes).
- exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes).
- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).
- f2fs: fix error path of __f2fs_build_free_nids (git-fixes).
- fast_dput(): handle underflows gracefully (git-fixes)
- fat: fix uninitialized field in nostale filehandles (git-fixes)
- fbdev: fix incorrect address computation in deferred IO (git-fixes).
- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).
- fbdev: sh7760fb: allow modular build (git-fixes).
- fbdev: shmobile: fix snprintf truncation (git-fixes).
- fbdev: sisfb: hide unused variables (git-fixes).
- filelock: fix potential use-after-free in posix_lock_inode (git-fixes).
- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).
- firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes).
- firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes).
- firmware: cs_dsp: Return error if block header overflows file (git-fixes).
- firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes).
- firmware: cs_dsp: Validate payload length before processing block (git-fixes).
- firmware: dmi-id: add a release callback function (git-fixes).
- firmware: dmi: Stop decoding on broken entry (stable-fixes).
- firmware: psci: Fix return value from psci_system_suspend() (git-fixes).
- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).
- firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes).
- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (git-fixes).
- firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes).
- fpga: dfl-pci: add PCI subdevice ID for Intel D5005 card (stable-fixes).
- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)
- fs/9p: translate O_TRUNC into OTRUNC (git-fixes)
- fs/file: fix the check in find_next_fd() (git-fixes).
- fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() (git-fixes).
- fs: Fix error checking for d_hash_and_lookup() (git-fixes)
- fs: indicate request originates from old mount API (git-fixes)
- fs: relax mount_setattr() permission checks (git-fixes)
- fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)
- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
- fuse: do not unhash root (bsc#1223946).
- fuse: fix root lookup with nonzero generation (bsc#1223945).
- fuse: verify {g,u}id mount options correctly (bsc#1228193).
- geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).
- genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() (git-fixes).
- gfs2: Do not forget to complete delayed withdraw (git-fixes).
- gfs2: Fix "ignore unlock failures after withdraw" (git-fixes).
- gfs2: Fix invalid metadata access in punch_hole (git-fixes).
- gfs2: Get rid of gfs2_alloc_blocks generation parameter (git-fixes).
- gfs2: Rename gfs2_lookup_{ simple => meta } (git-fixes).
- gfs2: Use mapping->gfp_mask for metadata inodes (git-fixes).
- gfs2: convert to ctime accessor functions (git-fixes).
- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
- gpio: davinci: Validate the obtained number of IRQs (git-fixes).
- gpio: lpc32xx: fix module autoloading (stable-fixes).
- gpio: mc33880: Convert comma to semicolon (git-fixes).
- gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (stable-fixes).
- gpio: tangier: Use correct type for the IRQ chip data (git-fixes).
- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).
- gpio: tqmx86: fix broken IRQ_TYPE_EDGE_BOTH interrupt type (git-fixes).
- gpio: tqmx86: fix typo in Kconfig label (git-fixes).
- gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).
- gpio: tqmx86: store IRQ trigger type and unmask status separately (git-fixes).
- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
- gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).
- gpiolib: cdev: fix uninitialised kfifo (git-fixes).
- gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-fixes).
- gpiolib: swnode: Remove wrong header inclusion (git-fixes).
- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).
- hfsplus: fix to avoid false alarm of circular locking (git-fixes).
- hfsplus: fix uninit-value in copy_name (git-fixes).
- hpet: Support 32-bit userspace (git-fixes).
- hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes).
- hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes).
- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).
- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).
- hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor (git-fixes).
- hwmon: (lm70) fix links in doc and comments (git-fixes).
- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes).
- hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes).
- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).
- hwmon: (shtc1) Fix property misspelling (git-fixes).
- hwrng: amd - Convert PCIBIOS_* return codes to errnos (git-fixes).
- hwrng: core - Fix wrong quality calculation at hw rng registration (git-fixes).
- i2c: acpi: Unbind mux adapters before delete (git-fixes).
- i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: cadence: Avoid fifo clear after start (git-fixes).
- i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: i801: Annotate apanel_addr as __ro_after_init (stable-fixes).
- i2c: mark HostNotify target address as used (git-fixes).
- i2c: ocores: set IACK bit after core is enabled (git-fixes).
- i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr (git-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- i2c: rcar: bring hardware to known state when probing (git-fixes).
- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-fixes).
- i2c: testunit: avoid re-issued work after read message (git-fixes).
- i2c: testunit: correct Kconfig description (git-fixes).
- i2c: testunit: discard write requests while old command is running (git-fixes).
- i2c: testunit: do not erase registers after STOP (git-fixes).
- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).
- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).
- i40e: Enforce software interrupt during busy-poll exit (git-fixes).
- i40e: Fix VF MAC filter removal (git-fixes).
- i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).
- i40e: fix vf may be used uninitialized in this function warning (git-fixes).
- i40e: fix: remove needless retries of NVM update (bsc#1227736).
- ice: fix enabling RX VLAN filtering (git-fixes).
- ida: make 'ida_dump' static (git-fixes).
- idma64: Do not try to serve interrupts when device is powered off (git-fixes).
- idpf: extend tx watchdog timeout (bsc#1224137).
- idpf: fix kernel panic on unknown packet types (git-fixes).
- iio: Fix the sorting functionality in iio_gts_build_avail_time_table (git-fixes).
- iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- iio: accel: mxc4005: Reset chip on probe() and resume() (stable-fixes).
- iio: accel: mxc4005: allow module autoloading via OF compatible (stable-fixes).
- iio: adc: ad7266: Fix variable checking bug (git-fixes).
- iio: adc: ad9467: fix scan type sign (git-fixes).
- iio: adc: ad9467: use chip_info variables instead of array (stable-fixes).
- iio: adc: ad9467: use spi_get_device_match_data() (stable-fixes).
- iio: adc: stm32: Fixing err code to not indicate success (git-fixes).
- iio: chemical: bme680: Fix calibration data variable (git-fixes).
- iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).
- iio: chemical: bme680: Fix pressure value output (git-fixes).
- iio: chemical: bme680: Fix sensor data read operation (git-fixes).
- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).
- iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).
- iio: frequency: adrf6780: rm clk provider include (git-fixes).
- iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).
- iio: pressure: Fixes BME280 SPI driver data (git-fixes).
- iio: pressure: bmp280: Fix BMP580 temperature reading (stable-fixes).
- iio: pressure: dps310: support negative temperature values (git-fixes).
- iio: pressure: fix some word spelling errors (stable-fixes).
- iio: xilinx-ams: Do not include ams_ctrl_channels in scan_mask (git-fixes).
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- init/main.c: Fix potential static_command_line memory overflow (git-fixes).
- init: open /initrd.image with O_LARGEFILE (stable-fixes).
- input: Add event code for accessibility key (stable-fixes).
- input: Add support for "Do Not Disturb" (stable-fixes).
- intel_th: pci: Add Granite Rapids SOC support (stable-fixes).
- intel_th: pci: Add Granite Rapids support (stable-fixes).
- intel_th: pci: Add Lunar Lake support (stable-fixes).
- intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).
- intel_th: pci: Add Meteor Lake-S support (stable-fixes).
- intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes).
- interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-fixes).
- interconnect: qcom: qcm2290: Fix mas_snoc_bimc RPM master ID (git-fixes).
- io-wq: write next_work before dropping acct_lock (git-fixes).
- io_uring/io-wq: Use set_bit() and test_bit() at worker->flags (git-fixes).
- io_uring/io-wq: avoid garbage value of 'match' in io_wq_enqueue() (git-fixes).
- io_uring/kbuf: get rid of bl->is_ready (git-fixes).
- io_uring/kbuf: get rid of lower BGID lists (git-fixes). Including kabi preservation patch.
- io_uring/kbuf: protect io_buffer_list teardown with a reference (git-fixes).
- io_uring/kbuf: rename is_mapped (git-fixes).
- io_uring/net: correct the type of variable (git-fixes).
- io_uring/net: correctly handle multishot recvmsg retry setup (git-fixes).
- io_uring/net: fix sendzc lazy wake polling (git-fixes).
- io_uring/net: move receive multishot out of the generic msghdr path (git-fixes).
- io_uring/net: restore msg_control on sendzc retry (git-fixes).
- io_uring/net: unify how recvmsg and sendmsg copy in the msghdr (git-fixes).
- io_uring/rsrc: do not lock while !TASK_RUNNING (git-fixes).
- io_uring/rsrc: fix incorrect assignment of iter->nr_segs in io_import_fixed (git-fixes).
- io_uring/rw: do not allow multishot reads without NOWAIT support (git-fixes).
- io_uring/rw: return IOU_ISSUE_SKIP_COMPLETE for multishot retry (git-fixes).
- io_uring/sqpoll: work around a potential audit memory leak (git-fixes).
- io_uring/unix: drop usage of io_uring socket (git-fixes).
- io_uring: Fix io_cqring_wait() not restoring sigmask on get_timespec64() failure (git-fixes).
- io_uring: clean rings on NO_MMAP alloc fail (git-fixes).
- io_uring: clear opcode specific data for an early failure (git-fixes).
- io_uring: do not save/restore iowait state (git-fixes).
- io_uring: fail NOP if non-zero op flags is passed in (git-fixes).
- io_uring: fix io_queue_proc modifying req->flags (git-fixes).
- io_uring: fix mshot io-wq checks (git-fixes).
- io_uring: fix mshot read defer taskrun cqe posting (git-fixes).
- io_uring: fix poll_remove stalled req completion (git-fixes).
- io_uring: kabi cookie remove (bsc#1217384).
- io_uring: remove looping around handling traditional task_work (git-fixes).
- io_uring: remove unconditional looping in local task_work handling (git-fixes).
- io_uring: use private workqueue for exit work (git-fixes).
- io_uring: use the right type for work_llist empty check (git-fixes).
- iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)
- iommu/amd: Enhance def_domain_type to handle untrusted device (git-fixes).
- iommu/amd: Fix panic accessing amd_iommu_enable_faulting (bsc#1224767).
- iommu/amd: Fix sysfs leak in iommu init (git-fixes).
- iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes).
- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)
- iommu/vt-d: Allocate DMAR fault interrupts locally (bsc#1224767).
- iommu/vt-d: Fix WARN_ON in iommu probe path (git-fixes).
- iommu/vt-d: Improve ITE fault handling if target device isn't present (git-fixes).
- iommu/vt-d: Use rbtree to track iommu probed devices (git-fixes).
- iommu: Fix compilation without CONFIG_IOMMU_INTEL (git-fixes).
- iommu: Return right value in iommu_sva_bind_device() (git-fixes).
- iommu: Undo pasid attachment only for the devices that have succeeded (git-fixes).
- iommu: mtk: fix module autoloading (git-fixes).
- iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).
- ipmi: ssif_bmc: prevent integer overflow on 32bit systems (git-fixes).
- ipv4: annotate data-races around fi->fib_dead (git-fixes).
- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
- irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).
- irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).
- irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).
- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes).
- irqchip/gic-v3-its: Prevent double free on error (git-fixes).
- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-fixes).
- irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-fixes).
- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on register's index (stable-fixes).
- irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).
- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register (stable-fixes).
- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type (git-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).
- iwlwifi: fw: fix more kernel-doc warnings (bsc#1227149).
- iwlwifi: mvm: Drop unused fw_trips_index[] from iwl_mvm_thermal_device (bsc#1227149).
- iwlwifi: mvm: Populate trip table before registering thermal zone (bsc#1227149).
- iwlwifi: mvm: Use for_each_thermal_trip() for walking trip points (bsc#1227149).
- jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes).
- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).
- jfs: Fix array-index-out-of-bounds in diFree (git-fixes).
- jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383).
- kABI fix of KVM: x86/pmu: Allow programming events that match unsupported arch events (bsc#1225696).
- kABI fix of KVM: x86/pmu: Prioritize VMX interception over
- kABI fix of KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- kABI workaround for cs35l56 (git-fixes).
- kABI workaround for of driver changes (git-fixes).
- kABI workaround for sof_ipc_pcm_ops (git-fixes).
- kABI workaround for wireless updates (bsc#1227149).
- kABI: bpf: verifier kABI workaround (bsc#1225903).
- kabi fix of perf/x86/intel: Expose existence of callback support to KVM (git fixes).
- kabi/severities: Ignore io_uring internal symbols
- kabi/severities: Remove mitigation-related symbols Those are used by the core kernel to implement CPU vulnerabilities mitigation and are not expected to be consumed by 3rd party users.
- kabi/severities: cleanup and update for WiFi driver entries (bsc#1227149)
- kabi/severities: cover all ath/* drivers (bsc#1227149) All symbols in ath/* network drivers are local and can be ignored
- kabi/severities: cover all mt76 modules (bsc#1227149)
- kabi/severities: ignore IMS functions They were dropped in previous patches. Noone is supposed to use them.
- kabi/severities: ignore TAS2781 symbol drop, it's only locally used
- kabi/severities: ignore amd pds internal symbols
- kabi/severities: ignore kABI changes Realtek WiFi drivers (bsc#1227149) All those symbols are local and used for its own helpers
- kabi/severities: ignore xfrm_bpf_md_dst that depends on CONFIG_DEBUG_* (bsc#1223415)
- kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502)
- kasan, fortify: properly rename memintrinsics (git-fixes).
- kbuild: Fix build target deb-pkg: ln: failed to create hard link (git-fixes).
- kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).
- kbuild: avoid build error when single DTB is turned into composite DTB (git-fixes).
- kbuild: doc: Update default INSTALL_MOD_DIR from extra to updates (git-fixes).
- kconfig: doc: fix a typo in the note about 'imply' (git-fixes).
- kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes).
- kconfig: gconf: give a proper initial state to the Save button (stable-fixes).
- kconfig: remove wrong expr_trans_bool() (stable-fixes).
- kcov: do not lose track of remote references during softirqs (git-fixes).
- kernel-binary: vdso: Own module_dir
- kernel-doc: fix struct_group_tagged() parsing (git-fixes).
- kexec: do syscore_shutdown() in kernel_kexec (git-fixes).
- kheaders: explicitly define file modes for archived headers (stable-fixes).
- knfsd: LOOKUP can return an illegal error value (git-fixes).
- kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes).
- kprobe/ftrace: bail out if ftrace was killed (git-fixes).
- kprobe/ftrace: fix build error due to bad function definition (git-fixes).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- kselftest: Add a ksft_perror() helper (stable-fixes).
- kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).
- kunit: Fix checksum tests on big endian CPUs (git-fixed).
- leds: flash: leds-qcom-flash: Test the correct variable in init (git-fixes).
- leds: mt6360: Fix memory leak in mt6360_init_isnk_properties() (git-fixes).
- leds: pwm: Disable PWM when going to suspend (git-fixes).
- leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes).
- leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes).
- leds: triggers: Flush pending brightness before activating trigger (git-fixes).
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).
- lib: objagg: Fix general protection fault (git-fixes).
- lib: objagg: Fix spelling (git-fixes).
- lib: test_objagg: Fix spelling (git-fixes).
- libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228192).
- libperf evlist: Avoid out-of-bounds access (git-fixes).
- libsubcmd: Fix parse-options memory leak (git-fixes).
- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes)
- lsm: fix the logic in security_inode_getsecctx() (git-fixes).
- mISDN: Fix a use after free in hfcmulti_tx() (git-fixes).
- mISDN: fix MISDN_TIME_STAMP handling (git-fixes).
- mac802154: fix time calculation in ieee802154_configure_durations() (git-fixes).
- mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (git-fixes).
- maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).
- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).
- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).
- media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes).
- media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes).
- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (git-fixes).
- media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-fixes).
- media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes).
- media: dvbdev: Initialize sbuf (stable-fixes).
- media: dw2102: Do not translate i2c read into write (stable-fixes).
- media: dw2102: fix a potential buffer overflow (git-fixes).
- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
- media: i2c: Fix imx412 exposure control (git-fixes).
- media: i2c: et8ek8: Do not strip remove function when driver is builtin (git-fixes).
- media: imon: Fix race getting ictx->lock (git-fixes).
- media: imx-jpeg: Drop initial source change event if capture has been setup (git-fixes).
- media: imx-jpeg: Remove some redundant error logs (git-fixes).
- media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() (git-fixes).
- media: ipu3-cio2: Request IRQ earlier (git-fixes).
- media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).
- media: mc: Fix graph walk in media_pipeline_start (git-fixes).
- media: mc: mark the media devnode as registered from the, start (git-fixes).
- media: mxl5xx: Move xpt structures off stack (stable-fixes).
- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).
- media: pci: ivtv: Add check for DMA map result (git-fixes).
- media: radio-shark2: Avoid led_names truncations (git-fixes).
- media: rcar-vin: Fix YUYV8_1X16 handling for CSI-2 (git-fixes).
- media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).
- media: renesas: vsp1: Fix _irqsave and _irq mix (git-fixes).
- media: renesas: vsp1: Store RPF partition configuration per RPF instance (git-fixes).
- media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-fixes).
- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).
- media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).
- media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).
- media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes).
- media: uvcvideo: Override default flags (git-fixes).
- media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).
- media: v4l2-subdev: Fix stream handling for crop API (git-fixes).
- media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).
- media: v4l: async: Fix NULL pointer dereference in adding ancillary links (git-fixes).
- media: v4l: subdev: Fix typo in documentation (git-fixes).
- media: venus: fix use after free in vdec_close (git-fixes).
- media: venus: flush all buffers in output plane streamoff (git-fixes).
- mei: demote client disconnect warning on suspend to debug (stable-fixes).
- mei: me: add lunar lake point M DID (stable-fixes).
- mei: me: release irq in mei_me_pci_resume error path (git-fixes).
- mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes).
- mfd: pm8008: Fix regmap irq chip initialisation (git-fixes).
- misc: fastrpc: Avoid updating PD type for capability request (git-fixes).
- misc: fastrpc: Copy the complete capability structure to user (git-fixes).
- misc: fastrpc: Fix DSP capabilities request (git-fixes).
- misc: fastrpc: Fix memory leak in audio daemon attach operation (git-fixes).
- misc: fastrpc: Fix ownership reassignment of remote heap (git-fixes).
- misc: fastrpc: Restrict untrusted app to attach to privileged PD (git-fixes).
- misc: microchip: pci1xxxx: Fix a memory leak in the error handling of gp_aux_bus_probe() (git-fixes).
- misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() (git-fixes).
- mlxbf_gige: stop interface during shutdown (git-fixes).
- mlxsw: Use refcount_t for reference counting (git-fixes).
- mm/slab: make __free(kfree) accept error pointers (git-fixes).
- mm: page_owner: fix wrong information in dump_page_owner (git-fixes).
- mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).
- mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes).
- mmc: core: Do not force a retune before RPMB switch (stable-fixes).
- mmc: davinci: Do not strip remove function when driver is builtin (git-fixes).
- mmc: sdhci-acpi: Add quirk to enable pull-up on the card-detect GPIO on Asus T100TA (git-fixes).
- mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).
- mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).
- mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).
- mmc: sdhci-brcmstb: check R1_STATUS for erase/trim/discard (git-fixes).
- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).
- mmc: sdhci: Add support for "Tuning Error" interrupts (stable-fixes).
- mmc: sdhci: Do not invert write-protect twice (git-fixes).
- mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes).
- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).
- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
- module: do not ignore sysfs_create_link() failures (git-fixes).
- mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).
- mptcp: annotate data-races around msk->rmem_fwd_alloc (git-fixes).
- mptcp: fix bogus receive window shrinkage with multiple subflows (git-fixes).
- mptcp: move __mptcp_error_report in protocol.c (git-fixes).
- mptcp: process pending subflow error on close (git-fixes).
- mt76: connac: move more mt7921/mt7915 mac shared code in connac lib (bsc#1227149).
- mt76: mt7996: rely on mt76_sta_stats in mt76_wcid (bsc#1227149).
- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).
- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes).
- mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).
- mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).
- mtd: rawnand: Fix the nand_read_data_op() early check (git-fixes).
- mtd: rawnand: hynix: fixed typo (git-fixes).
- mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).
- net/dcb: check for detached device before executing callbacks (bsc#1215587).
- net/mlx5: Correctly compare pkt reformat ids (git-fixes).
- net/mlx5: E-switch, store eswitch pointer before registering devlink_param (git-fixes).
- net/mlx5: Fix MTMP register capability offset in MCAM register (git-fixes).
- net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).
- net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes).
- net/mlx5: Properly link new fs rules into the tree (git-fixes).
- net/mlx5: Register devlink first under devlink lock (git-fixes).
- net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-fixes).
- net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).
- net/mlx5: offset comp irq index in name by one (git-fixes).
- net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit (git-fixes).
- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).
- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).
- net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).
- net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-fixes).
- net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).
- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (git-fixes).
- net: Remove conditional threaded-NAPI wakeup based on task state (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- net: annotate data-races around sk->sk_bind_phc (git-fixes).
- net: annotate data-races around sk->sk_forward_alloc (git-fixes).
- net: annotate data-races around sk->sk_lingertime (git-fixes).
- net: annotate data-races around sk->sk_tsflags (git-fixes).
- net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes).
- net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes).
- net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).
- net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-fixes).
- net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45() (git-fixes).
- net: ena: Fix incorrect descriptor free behavior (git-fixes).
- net: ena: Fix potential sign extension issue (git-fixes).
- net: ena: Fix redundant device NUMA node override (jsc#PED-8688).
- net: ena: Move XDP code to its new files (git-fixes).
- net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-fixes).
- net: ena: Set tx_info->xdpf value to NULL (git-fixes).
- net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).
- net: ena: Wrong missing IO completions check order (git-fixes).
- net: ethernet: mtk_wed: introduce mtk_wed_buf structure (bsc#1227149).
- net: ethernet: mtk_wed: rename mtk_rxbm_desc in mtk_wed_bm_desc (bsc#1227149).
- net: fec: Set mac_managed_pm during probe (git-fixes).
- net: fill in MODULE_DESCRIPTION()s in kuba@'s modules (bsc#1227149).
- net: hns3: Remove io_stop_wc() calls after __iowrite64_copy() (bsc#1226502)
- net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-fixes).
- net: ks8851: Inline ks8851_rx_skb() (git-fixes).
- net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-fixes).
- net: lan743x: Support WOL at both the PHY and MAC appropriately (git-fixes).
- net: lan743x: disable WOL upon resume to restore full data path operation (git-fixes).
- net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() (stable-fixes).
- net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).
- net: mana: Fix possible double free in error handling path (git-fixes).
- net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).
- net: nfc: remove inappropriate attrs check (stable-fixes).
- net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).
- net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).
- net: phy: micrel: fix KSZ9477 PHY issues after suspend/resume (git-fixes).
- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (git-fixes).
- net: phy: microchip: lan87xx: reinit PHY after cable test (git-fixes).
- net: phy: mxl-gpy: Remove interrupt mask clearing from config_init (git-fixes).
- net: phy: phy_device: Fix PHY LED blinking code comment (git-fixes).
- net: ravb: Always process TX descriptor ring (git-fixes).
- net: ravb: Always update error counters (git-fixes).
- net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).
- net: sparx5: flower: fix fragment flags handling (git-fixes).
- net: stmmac: fix rx queue priority assignment (git-fixes).
- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).
- net: tls: fix returned read length with async decrypt (bsc#1221858).
- net: tls: fix use-after-free with partial reads and async (bsc#1221858).
- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).
- net: usb: ax88179_178a: improve link status logs (git-fixes).
- net: usb: ax88179_178a: improve reset check (git-fixes).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net: usb: qmi_wwan: add Telit FN912 compositions (stable-fixes).
- net: usb: qmi_wwan: add Telit FN920C04 compositions (git-fixes).
- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- net:usb:qmi_wwan: support Rolling modules (stable-fixes).
- netfilter: nf_tables: disable toggling dormant table state more than once (git-fixes).
- netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).
- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).
- nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes).
- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).
- nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).
- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
- nfs: Avoid flushing many pages with NFS_FILE_SYNC (bsc#1218442).
- nfs: Block on write congestion (bsc#1218442).
- nfs: Bump default write congestion size (bsc#1218442).
- nfs: Drop pointless check from nfs_commit_release_pages() (bsc#1218442).
- nfs: Fix up kabi after adding write_congestion_wait (bsc#1218442).
- nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes).
- nfs: Properly initialize server->writeback (bsc#1218442).
- nfs: drop the incorrect assertion in nfs_swap_rw() (git-fixes).
- nfs: fix undefined behavior in nfs_block_bits() (git-fixes).
- nfs: keep server info for remounts (git-fixes).
- nfsd: hold a lighter-weight client reference over CB_RECALL_ANY (git-fixes).
- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).
- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
- nilfs2: add missing check for inode numbers on directory entries (stable-fixes).
- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes).
- nilfs2: convert persistent object allocator to use kmap_local (git-fixes).
- nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes).
- nilfs2: fix inode number range checks (stable-fixes).
- nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (git-fixes).
- nilfs2: fix out-of-range warning (git-fixes).
- nilfs2: fix potential hang in nilfs_detach_log_writer() (git-fixes).
- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).
- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).
- nilfs2: make superblock data array index computation sparse friendly (git-fixes).
- nilfs2: return the mapped address from nilfs_get_page() (stable-fixes).
- nouveau: add an ioctl to report vram usage (stable-fixes).
- nouveau: add an ioctl to return vram bar size (stable-fixes).
- nouveau: report byte usage in VRAM usage (git-fixes).
- nvme-fabrics: short-circuit reconnect retries (bsc#1186716).
- nvme-multipath: fix io accounting on failover (git-fixes).
- nvme-pci: Add quirk for broken MSIs (git-fixes).
- nvme-tcp: Export the nvme_tcp_wq to sysfs (bsc#1224049).
- nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).
- nvme/tcp: Add wq_unbound modparam for nvme_tcp_wq (bsc#1224049).
- nvme: cancel pending I/O if nvme controller is in terminal state (bsc#1226503).
- nvme: do not retry authentication failures (bsc#1186716).
- nvme: find numa distance only if controller has valid numa id (git-fixes).
- nvme: fix multipath batched completion accounting (git-fixes).
- nvme: fix nvme_pr_* status code parsing (git-fixes).
- nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH (git-fixes).
- nvme: return kernel error codes for admin queue connect (bsc#1186716).
- nvmet-auth: replace pr_debug() with pr_err() to report an error (git-fixes).
- nvmet-auth: return the error code to the nvmet_auth_host_hash() callers (git-fixes).
- nvmet-passthru: propagate status from id override functions (git-fixes).
- nvmet-tcp: fix possible memory leak when tearing down a controller (git-fixes).
- nvmet: fix ns enable/disable possible hang (git-fixes).
- nvmet: fix nvme status code when namespace is disabled (git-fixes).
- nvmet: lock config semaphore when accessing DH-HMAC-CHAP key (bsc#1186716).
- nvmet: prevent sprintf() overflow in nvmet_subsys_nsid_exists() (git-fixes).
- nvmet: return DHCHAP status codes from nvmet_setup_auth() (bsc#1186716).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: fix DIO failure due to insufficient transaction credits (git-fixes).
- ocfs2: fix races between hole punching and AIO+DIO (git-fixes).
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- ocfs2: use coarse time for new created files (git-fixes).
- octeontx2-af: Add array index check (git-fixes).
- octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).
- octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).
- octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).
- octeontx2-pf: check negative error code in otx2_open() (git-fixes).
- octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).
- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (git-fixes).
- of: module: add buffer overflow check in of_modalias() (git-fixes).
- of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).
- of: property: Add in-ports/out-ports support to of_graph_get_port_parent() (stable-fixes).
- of: property: Improve finding the consumer of a remote-endpoint property (git-fixes).
- of: property: Improve finding the supplier of a remote-endpoint property (git-fixes).
- of: property: fix typo in io-channels (git-fixes).
- of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-fixes).
- of: unittest: Fix compile in the non-dynamic case (git-fixes).
- orangefs: fix out-of-bounds fsid access (git-fixes).
- pNFS/filelayout: fixup pNfs allocation modes (git-fixes).
- perf annotate: Fix annotation_calc_lines() to pass correct address to get_srcline() (git-fixes).
- perf annotate: Get rid of duplicate --group option item (git-fixes).
- perf auxtrace: Fix multiple use of --itrace option (git-fixes).
- perf bench internals inject-build-id: Fix trap divide when collecting just one DSO (git-fixes).
- perf bench uprobe: Remove lib64 from libc.so.6 binary path (git-fixes).
- perf bpf: Clean up the generated/copied vmlinux.h (git-fixes).
- perf daemon: Fix file leak in daemon_session__control (git-fixes).
- perf docs: Document bpf event modifier (git-fixes).
- perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample() (git-fixes).
- perf expr: Fix "has_event" function for metric style events (git-fixes).
- perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer) (git-fixes).
- perf jevents: Drop or simplify small integer values (git-fixes).
- perf list: fix short description for some cache events (git-fixes).
- perf lock contention: Add a missing NULL check (git-fixes).
- perf metric: Do not remove scale from counts (git-fixes).
- perf pmu: Count sys and cpuid JSON events separately (git fixes).
- perf pmu: Fix a potential memory leak in perf_pmu__lookup() (git-fixes).
- perf pmu: Treat the msr pmu as software (git-fixes).
- perf print-events: make is_event_supported() more robust (git-fixes).
- perf probe: Add missing libgen.h header needed for using basename() (git-fixes).
- perf record: Check conflict between '--timestamp-filename' option and pipe mode before recording (git-fixes).
- perf record: Delete session after stopping sideband thread (git-fixes).
- perf record: Fix debug message placement for test consumption (git-fixes).
- perf record: Fix possible incorrect free in record__switch_output() (git-fixes).
- perf report: Avoid SEGV in report__setup_sample_type() (git-fixes).
- perf sched timehist: Fix -g/--call-graph option failure (git-fixes).
- perf script: Show also errors for --insn-trace option (git-fixes).
- perf srcline: Add missed addr2line closes (git-fixes).
- perf stat: Avoid metric-only segv (git-fixes).
- perf stat: Do not display metric header for non-leader uncore events (git-fixes).
- perf stat: Do not fail on metrics on s390 z/VM systems (git-fixes).
- perf symbols: Fix ownership of string in dso__load_vmlinux() (git-fixes).
- perf test shell arm_coresight: Increase buffer size for Coresight basic tests (git-fixes).
- perf tests: Apply attributes to all events in object code reading test (git-fixes).
- perf tests: Make "test data symbol" more robust on Neoverse N1 (git-fixes).
- perf thread: Fixes to thread__new() related to initializing comm (git-fixes).
- perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() (git-fixes).
- perf top: Uniform the event name for the hybrid machine (git-fixes).
- perf top: Use evsel's cpus to replace user_requested_cpus (git-fixes).
- perf ui browser: Avoid SEGV on title (git fixes).
- perf ui browser: Do not save pointer to stack memory (git-fixes).
- perf vendor events amd: Add Zen 4 memory controller events (git-fixes).
- perf vendor events amd: Fix Zen 4 cache latency events (git-fixes).
- perf/x86/amd/lbr: Discard erroneous branch entries (git-fixes).
- perf/x86/intel/ds: Do not clear ->pebs_data_cfg for the last PEBS event (git-fixes).
- perf/x86/intel: Expose existence of callback support to KVM (git-fixes).
- perf/x86: Fix out of range data (git-fixes).
- perf: Enqueue SIGTRAP always via task_work (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- perf: Move irq_work_queue() where the event is prepared (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- perf: Remove perf_swevent_get_recursion_context() from perf_pending_task() (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- perf: Split __perf_pending_irq() out of perf_pending_irq() (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- phy: cadence-torrent: Check return value on register read (git-fixes).
- phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).
- phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).
- phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).
- phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).
- phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).
- phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).
- phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered (git-fixes).
- pinctrl/meson: fix typo in PDM's pin name (git-fixes).
- pinctrl: armada-37xx: remove an unused variable (git-fixes).
- pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).
- pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).
- pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).
- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes).
- pinctrl: freescale: mxs: Fix refcount of child (git-fixes).
- pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-fixes).
- pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).
- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).
- pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-fixes).
- pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).
- pinctrl: renesas: r8a779g0: FIX PWM suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix (H)SCIF1 suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix (H)SCIF3 suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix CANFD5 suffix (git-fixes).
- pinctrl: renesas: r8a779g0: Fix FXR_TXEN[AB] suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix IRQ suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix TCLK suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix TPU suffixes (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes).
- pinctrl: rockchip: update rk3308 iomux routes (git-fixes).
- pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).
- pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes).
- platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-fixes).
- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).
- platform/x86/intel/tpmi: Handle error from tpmi_process_info() (stable-fixes).
- platform/x86: ISST: Add Grand Ridge to HPM CPU list (stable-fixes).
- platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).
- platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes).
- platform/x86: lg-laptop: Change ACPI device id (stable-fixes).
- platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes).
- platform/x86: lg-laptop: Use ACPI device handle when evaluating WMAB/WMBB (stable-fixes).
- platform/x86: thinkpad_acpi: Take hotkey_mutex during hotkey_exit() (git-fixes).
- platform/x86: toshiba_acpi: Add quirk for buttons on Z830 (stable-fixes).
- platform/x86: toshiba_acpi: Fix array out-of-bounds access (git-fixes).
- platform/x86: toshiba_acpi: Fix quickstart quirk handling (git-fixes).
- platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6" tablet (stable-fixes).
- platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes).
- platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes).
- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).
- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).
- power: supply: ab8500: Fix error handling when calling iio_read_channel_processed() (git-fixes).
- power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes).
- power: supply: ingenic: Fix some error handling paths in ingenic_battery_get_property() (git-fixes).
- power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-fixes).
- powerpc/64s/radix/kfence: map __kfence_pool at page granularity (bsc#1223570 ltc#205770).
- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).
- powerpc/prom: Add CPU info to hardware description string later (bsc#1215199).
- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).
- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).
- powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).
- powerpc/pseries: make max polling consistent for longer H_CALLs (bsc#1215199).
- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
- powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).
- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
- ppdev: Add an error check in register_device (git-fixes).
- prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).
- printk: Add this_cpu_in_panic() (bsc#1225607).
- printk: Adjust mapping for 32bit seq macros (bsc#1225607).
- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).
- printk: Consolidate console deferred printing (bsc#1225607).
- printk: Disable passing console lock owner completely during panic() (bsc#1225607).
- printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).
- printk: For @suppress_panic_printk check for other CPU in panic (bsc#1225607).
- printk: Keep non-panic-CPUs out of console lock (bsc#1225607).
- printk: Let no_printk() use _printk() (bsc#1225618).
- printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).
- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1225607).
- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).
- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).
- printk: Wait for all reserved records with pr_flush() (bsc#1225607).
- printk: nbcon: Relocate 32bit seq macros (bsc#1225607).
- printk: ringbuffer: Clarify special lpos values (bsc#1225607).
- printk: ringbuffer: Cleanup reader terminology (bsc#1225607).
- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1225607).
- printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).
- proc/kcore: do not try to access unaccepted memory (git-fixes).
- pwm: sti: Prepare removing pwm_chip from driver data (stable-fixes).
- pwm: sti: Simplify probe function using devm functions (git-fixes).
- pwm: stm32: Always do lazy disabling (git-fixes).
- qibfs: fix dentry leak (git-fixes)
- regmap-i2c: Subtract reg size from max_write (stable-fixes).
- regmap: Add regmap_read_bypassed() (git-fixes).
- regulator: bd71815: fix ramp values (git-fixes).
- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).
- regulator: change devm_regulator_get_enable_optional() stub to return Ok (git-fixes).
- regulator: change stubbed devm_regulator_get_enable to return Ok (git-fixes).
- regulator: core: Fix modpost error "regulator_get_regmap" undefined (git-fixes).
- regulator: core: fix debugfs creation regression (git-fixes).
- regulator: irq_helpers: duplicate IRQ name (stable-fixes).
- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).
- regulator: tps65132: Add of_match table (stable-fixes).
- regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).
- remoteproc: imx_rproc: Fix refcount mistake in imx_rproc_addr_init (git-fixes).
- remoteproc: imx_rproc: Skip over memory region when node value is NULL (git-fixes).
- remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs (git-fixes).
- remoteproc: k3-r5: Fix IPC-only mode detection (git-fixes).
- remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-fixes).
- remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-fixes).
- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).
- remoteproc: stm32_rproc: Fix mailbox interrupts queuing (git-fixes).
- ring-buffer: Fix a race between readers and resize checks (git-fixes).
- ring-buffer: Only update pages_touched when a new page is touched (git-fixes).
- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes).
- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes).
- rtc: abx80x: Fix return value of nvmem callback on read (git-fixes).
- rtc: cmos: Fix return value of nvmem callbacks (git-fixes).
- rtc: interface: Add RTC offset to alarm after fix-up (git-fixes).
- rtc: isl1208: Fix return value of nvmem callbacks (git-fixes).
- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).
- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).
- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).
- s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227072).
- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).
- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348).
- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225136).
- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225134).
- s390/ism: Properly fix receive message buffer allocation (git-fixes bsc#1223590).
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223872).
- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).
- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223870).
- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223593).
- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223592).
- s390: Implement __iowrite32_copy() (bsc#1226502)
- s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502)
- saa7134: Unchecked i2c_transfer function result fixed (git-fixes).
- sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791).
- sched/debug: Update stale reference to sched_debug.c (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- sched/topology: Optimize topology_span_sane() (bsc#1225053).
- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).
- scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842).
- scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842).
- scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842).
- scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).
- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842).
- scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).
- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).
- sctp: annotate data-races around sk->sk_wmem_queued (git-fixes).
- selftests/binderfs: use the Makefile's rules, not Make's implicit rules (git-fixes).
- selftests/bpf: add edge case backtracking logic test (bsc#1225756).
- selftests/bpf: precision tracking test for BPF_NEG and BPF_END (bsc#1225756).
- selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903).
- selftests/bpf: test if state loops are detected in a tricky case (bsc#1225903).
- selftests/bpf: test widening for iterating callbacks (bsc#1225903).
- selftests/bpf: tests for iterating callbacks (bsc#1225903).
- selftests/bpf: tests with delayed read/precision makrs in loop body (bsc#1225903).
- selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903).
- selftests/bpf: track tcp payload offset as scalar in xdp_synproxy (bsc#1225903).
- selftests/ftrace: Fix event filter target_func selection (stable-fixes).
- selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).
- selftests/kcmp: remove unused open mode (git-fixes).
- selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages (git-fixes).
- selftests/mm: fix build warnings on ppc64 (stable-fixes).
- selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique namespace (stable-fixes).
- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
- selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).
- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).
- selftests/sigaltstack: Fix ppc64 GCC build (git-fixes).
- selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-fixes).
- selftests: default to host arch for LLVM builds (git-fixes).
- selftests: fix OOM in msg_zerocopy selftest (git-fixes).
- selftests: hsr: Extend the testsuite to also cover HSRv1 (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- selftests: hsr: Reorder the testsuite (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- selftests: hsr: Use `let' properly (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- selftests: kselftest: Fix build failure with NOLIBC (git-fixes).
- selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (git-fixes).
- selftests: make order checking verbose in msg_zerocopy selftest (git-fixes).
- selftests: mptcp: add ms units for tc-netem delay (stable-fixes).
- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (git-fixes).
- selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).
- selftests: net: move amt to socat for better compatibility (git-fixes).
- selftests: sud_test: return correct emulated syscall value on RISC-V (stable-fixes).
- selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC (git-fixes).
- selftests: timers: Convert posix_timers test to generate KTAP output (stable-fixes).
- selftests: timers: Fix abs() warning in posix_timers test (git-fixes).
- selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).
- selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior (stable-fixes).
- selinux: introduce an initial SID for early boot processes (bsc#1208593).
- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).
- serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).
- serial: bcm63xx-uart: fix tx after conversion to uart_port_tx_limited() (git-fixes).
- serial: core: introduce uart_port_tx_limited_flags() (git-fixes).
- serial: exar: adding missing CTI and Exar PCI ids (stable-fixes).
- serial: imx: Introduce timeout when waiting on transmitter empty (stable-fixes).
- serial: imx: Raise TX trigger level to 8 (stable-fixes).
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).
- serial: max3100: Fix bitwise types (git-fixes).
- serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes).
- serial: max3100: Update uart_driver_registered on driver removal (git-fixes).
- serial: pch: Do not disable interrupts while acquiring lock in ISR (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- serial: pch: Do not initialize uart_port's spin_lock (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- serial: pch: Invoke handle_rx_to() directly (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- serial: pch: Make push_rx() return void (bsc#1214683 (PREEMPT_RT prerequisite backports)).
- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).
- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).
- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).
- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
- smb3: allow controlling length of time directory entries are cached with dir leases (git-fixes, bsc#1225172).
- smb3: allow controlling maximum number of cached directories (git-fixes, bsc#1225172).
- smb3: do not start laundromat thread when dir leases disabled (git-fixes, bsc#1225172).
- smb3: show beginning time for per share stats (bsc#1225172).
- smb: client: do not start laundromat thread on nohandlecache (git-fixes, bsc#1225172).
- smb: client: ensure to try all targets when finding nested links (bsc#1225172).
- smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1225172).
- smb: client: fix parsing of SMB3.1.1 POSIX create context (git-fixes, bsc#1225172).
- smb: client: get rid of dfs code dep in namespace.c (bsc#1225172).
- smb: client: get rid of dfs naming in automount code (bsc#1225172).
- smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1225172).
- smb: client: make laundromat a delayed worker (git-fixes, bsc#1225172).
- smb: client: prevent new fids from being removed by laundromat (git-fixes, bsc#1225172).
- smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1225172).
- smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1225172).
- smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1225172).
- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
- soc: qcom: pdr: fix parsing of domains lists (git-fixes).
- soc: qcom: pdr: protect locator_addr with the main mutex (git-fixes).
- soc: qcom: pmic_glink: Handle the return value of pmic_glink_init (git-fixes).
- soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).
- soc: qcom: pmic_glink: do not traverse clients list without a lock (git-fixes).
- soc: qcom: pmic_glink: notify clients about the current state (git-fixes).
- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).
- soc: qcom: rpmh-rsc: Ensure irqs are not disabled by rpmh_rsc_send_data() callers (git-fixes).
- soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (stable-fixes).
- soc: xilinx: rename cpu_number1 to dummy_cpu_number (git-fixes).
- soundwire: amd: fix for wake interrupt handling for clockstop mode (git-fixes).
- soundwire: cadence: fix invalid PDI offset (stable-fixes).
- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
- spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).
- spi: atmel-quadspi: Add missing check for clk_prepare (git-fixes).
- spi: cadence: Ensure data lines set to low during dummy-cycle period (stable-fixes).
- spi: fix null pointer dereference within spi_sync (git-fixes).
- spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).
- spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes).
- spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).
- spi: microchip-core: defer asserting chip select until just before write to TX FIFO (git-fixes).
- spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer (git-fixes).
- spi: microchip-core: fix the issues in the isr (git-fixes).
- spi: microchip-core: only disable SPI controller when register value change requires it (git-fixes).
- spi: mux: set ctlr->bits_per_word_mask (stable-fixes).
- spi: spi-microchip-core: Fix the number of chip selects supported (git-fixes).
- spi: spidev: add correct compatible for Rohm BH2228FV (git-fixes).
- spi: stm32: Do not warn about spurious interrupts (git-fixes).
- spi: stm32: qspi: Clamp stm32_qspi_get_mode() output to CCR_BUSWIDTH_4 (git-fixes).
- spi: stm32: qspi: Fix dual flash mode sanity test in stm32_qspi_setup() (git-fixes).
- spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).
- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).
- ssb: Fix potential NULL pointer dereference in ssb_device_uevent() (stable-fixes).
- staging: vt6655: Remove unused declaration of RFbAL7230SelectChannelPostProcess() (git-fixes).
- struct acpi_ec kABI workaround (git-fixes).
- sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)
- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)
- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)
- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331)
- tcp: Dump bound-only sockets in inet_diag (bsc#1204562).
- thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data (stable-fixes).
- thermal/drivers/mediatek/lvts_thermal: Return error in case of invalid efuse data (git-fixes).
- thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).
- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
- thunderbolt: Fix wake configurations after device unplug (stable-fixes).
- thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).
- thunderbolt: Introduce tb_port_reset() (stable-fixes).
- thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4 routers (stable-fixes).
- thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).
- thunderbolt: debugfs: Fix margin debugfs node creation condition (git-fixes).
- tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).
- tls: do not skip over different type records from the rx_list (bsc#1221858).
- tls: fix peeking with sync+async decryption (bsc#1221858).
- tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).
- tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).
- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).
- tools/memory-model: Fix bug in lock.cat (git-fixes).
- tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).
- tools/power turbostat: Remember global max_die_id (stable-fixes).
- tools/power/cpupower: Fix Pstate frequency reporting on AMD Family 1Ah CPUs (stable-fixes).
- tools: ynl: do not leak mcast_groups on init error (git-fixes).
- tools: ynl: fix handling of multiple mcast groups (git-fixes).
- tools: ynl: make sure we always pass yarg to mnl_cb_run (git-fixes).
- tpm_tis: Do *not* flush uninitialized work (git-fixes).
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).
- tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes).
- tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (git-fixes).
- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).
- tracing: Build event generation tests only as modules (git-fixes).
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- tty: mcf: MCF54418 has 10 UARTS (git-fixes).
- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).
- tty: n_tty: Fix buffer offsets when lookahead is used (git-fixes).
- usb-storage: alauda: Check whether the media is initialized (git-fixes).
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (bsc#1220569).
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).
- usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).
- usb: dwc3: core: Add DWC31 version 2.00a controller (stable-fixes).
- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
- usb: dwc3: core: Workaround for CSR read timeout (stable-fixes).
- usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).
- usb: dwc3: pci: Do not set "linux,phy_charger_detect" property on Lenovo Yoga Tab2 1380 (stable-fixes).
- usb: dwc3: pci: add support for the Intel Panther Lake (stable-fixes).
- usb: fotg210: Add missing kernel doc description (git-fixes).
- usb: gadget: aspeed_udc: fix device address configuration (git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
- usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
- usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (git-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
- usb: gadget: function: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- usb: gadget: printer: SS+ support (stable-fixes).
- usb: gadget: printer: fix races against disable (git-fixes).
- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (git-fixes).
- usb: gadget: uvc: configfs: ensure guid to be valid before set (stable-fixes).
- usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-fixes).
- usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes).
- usb: musb: da8xx: fix a resource leak in probe() (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
- usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).
- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
- usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes).
- usb: typec: tcpm: unregister existing source caps before re-registration (git-fixes).
- usb: typec: tipd: fix event checking for tps6598x (git-fixes).
- usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).
- usb: typec: ucsi: Never send a lone connector change ack (stable-fixes).
- usb: typec: ucsi: always register a link to USB PD device (git-fixes).
- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).
- usb: typec: ucsi: glink: fix child node release in probe function (git-fixes).
- usb: typec: ucsi: simplify partner's PD caps registration (git-fixes).
- usb: typec: ucsi_glink: drop special handling for CCI_BUSY (stable-fixes).
- usb: ucsi: stm32: fix command completion handling (git-fixes).
- usb: xhci-plat: Do not include xhci.h (stable-fixes).
- usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB (stable-fixes).
- vboxsf: explicitly deny setlease attempts (stable-fixes).
- vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).
- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).
- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).
- virtio_net: Do not send RSS key if it is not supported (git-fixes).
- virtio_net: avoid data-races on dev->stats fields (git-fixes).
- virtio_net: checksum offloading handling fix (git-fixes).
- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).
- vmlinux.lds.h: catch .bss..L* sections into BSS") (git-fixes).
- vsock/virtio: fix packet delivery to tap device (git-fixes).
- watchdog: bd9576: Drop "always-running" property (git-fixes).
- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).
- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).
- watchdog: rzg2l_wdt: Check return status of pm_runtime_put() (git-fixes).
- watchdog: rzg2l_wdt: Use pm_runtime_resume_and_get() (git-fixes).
- watchdog: rzn1: Convert comma to semicolon (git-fixes).
- watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() (git-fixes).
- wifi: add HAS_IOPORT dependencies (bsc#1227149).
- wifi: ar5523: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ar5523: enable proper endpoint verification (git-fixes).
- wifi: ath10/11/12k: Use alloc_ordered_workqueue() to create ordered workqueues (bsc#1227149).
- wifi: ath10k: Annotate struct ath10k_ce_ring with __counted_by (bsc#1227149).
- wifi: ath10k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath10k: Drop checks that are always false (bsc#1227149).
- wifi: ath10k: Drop cleaning of driver data from probe error path and remove (bsc#1227149).
- wifi: ath10k: Fix a few spelling errors (bsc#1227149).
- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
- wifi: ath10k: Fix enum ath10k_fw_crash_dump_type kernel-doc (bsc#1227149).
- wifi: ath10k: Fix htt_data_tx_completion kernel-doc warning (bsc#1227149).
- wifi: ath10k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath10k: Remove unused struct ath10k_htc_frame (bsc#1227149).
- wifi: ath10k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).
- wifi: ath10k: Use DECLARE_FLEX_ARRAY() for ath10k_htc_record (bsc#1227149).
- wifi: ath10k: Use list_count_nodes() (bsc#1227149).
- wifi: ath10k: add missing wmi_10_4_feature_mask documentation (bsc#1227149).
- wifi: ath10k: add support to allow broadcast action frame RX (bsc#1227149).
- wifi: ath10k: consistently use kstrtoX_from_user() functions (bsc#1227149).
- wifi: ath10k: correctly document enum wmi_tlv_tx_pause_id (bsc#1227149).
- wifi: ath10k: drop HTT_DATA_TX_STATUS_DOWNLOAD_FAIL (bsc#1227149).
- wifi: ath10k: fix QCOM_RPROC_COMMON dependency (git-fixes).
- wifi: ath10k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).
- wifi: ath10k: fix htt_q_state_conf & htt_q_state kernel-doc (bsc#1227149).
- wifi: ath10k: improve structure padding (bsc#1227149).
- wifi: ath10k: indicate to mac80211 scan complete with aborted flag for ATH10K_SCAN_STARTING state (bsc#1227149).
- wifi: ath10k: poll service ready message before failing (git-fixes).
- wifi: ath10k: populate board data for WCN3990 (git-fixes).
- wifi: ath10k: remove ath10k_htc_record::pauload[] (bsc#1227149).
- wifi: ath10k: remove duplicate memset() in 10.4 TDLS peer update (bsc#1227149).
- wifi: ath10k: remove struct wmi_pdev_chanlist_update_event (bsc#1227149).
- wifi: ath10k: remove unused template structs (bsc#1227149).
- wifi: ath10k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath10k: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: ath10k: simplify __ath10k_htt_tx_txq_recalc() (bsc#1227149).
- wifi: ath10k: simplify ath10k_peer_create() (bsc#1227149).
- wifi: ath10k: use flexible array in struct wmi_tdls_peer_capabilities (bsc#1227149).
- wifi: ath10k: use flexible array in struct wmi_host_mem_chunks (bsc#1227149).
- wifi: ath10k: use flexible arrays for WMI start scan TLVs (bsc#1227149).
- wifi: ath11k: Add HTT stats for PHY reset case (bsc#1227149).
- wifi: ath11k: Add coldboot calibration support for QCN9074 (bsc#1227149).
- wifi: ath11k: Allow ath11k to boot without caldata in ftm mode (bsc#1227149).
- wifi: ath11k: Consistently use ath11k_vif_to_arvif() (bsc#1227149).
- wifi: ath11k: Consolidate WMI peer flags (bsc#1227149).
- wifi: ath11k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath11k: Do not directly use scan_flags in struct scan_req_params (bsc#1227149).
- wifi: ath11k: EMA beacon support (bsc#1227149).
- wifi: ath11k: Fix a few spelling errors (bsc#1227149).
- wifi: ath11k: Fix ath11k_htc_record flexible record (bsc#1227149).
- wifi: ath11k: Introduce and use ath11k_sta_to_arsta() (bsc#1227149).
- wifi: ath11k: MBSSID beacon support (bsc#1227149).
- wifi: ath11k: MBSSID configuration during vdev create/start (bsc#1227149).
- wifi: ath11k: MBSSID parameter configuration in AP mode (bsc#1227149).
- wifi: ath11k: Really consistently use ath11k_vif_to_arvif() (bsc#1227149).
- wifi: ath11k: Relocate the func ath11k_mac_bitrate_mask_num_ht_rates() and change hweight16 to hweight8 (bsc#1227149).
- wifi: ath11k: Remove ath11k_base::bd_api (bsc#1227149).
- wifi: ath11k: Remove cal_done check during probe (bsc#1227149).
- wifi: ath11k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).
- wifi: ath11k: Remove scan_flags union from struct scan_req_params (bsc#1227149).
- wifi: ath11k: Remove struct ath11k::ops (bsc#1227149).
- wifi: ath11k: Remove unneeded semicolon (bsc#1227149).
- wifi: ath11k: Remove unused declarations (bsc#1227149).
- wifi: ath11k: Remove unused struct ath11k_htc_frame (bsc#1227149).
- wifi: ath11k: Send HT fixed rate in WMI peer fixed param (bsc#1227149).
- wifi: ath11k: Split coldboot calibration hw_param (bsc#1227149).
- wifi: ath11k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).
- wifi: ath11k: Use device_get_match_data() (bsc#1227149).
- wifi: ath11k: Use list_count_nodes() (bsc#1227149).
- wifi: ath11k: add WMI event debug messages (bsc#1227149).
- wifi: ath11k: add WMI_TLV_SERVICE_EXT_TPC_REG_SUPPORT service bit (bsc#1227149).
- wifi: ath11k: add chip id board name while searching board-2.bin for WCN6855 (bsc#1227149).
- wifi: ath11k: add firmware-2.bin support (bsc#1227149).
- wifi: ath11k: add handler for WMI_VDEV_SET_TPC_POWER_CMDID (bsc#1227149).
- wifi: ath11k: add parse of transmit power envelope element (bsc#1227149).
- wifi: ath11k: add parsing of phy bitmap for reg rules (bsc#1227149).
- wifi: ath11k: add support for QCA2066 (bsc#1227149).
- wifi: ath11k: add support to select 6 GHz regulatory type (bsc#1227149).
- wifi: ath11k: ath11k_debugfs_register(): fix format-truncation warning (bsc#1227149).
- wifi: ath11k: avoid forward declaration of ath11k_mac_start_vdev_delay() (bsc#1227149).
- wifi: ath11k: call ath11k_mac_fils_discovery() without condition (bsc#1227149).
- wifi: ath11k: constify MHI channel and controller configs (bsc#1227149).
- wifi: ath11k: debug: add ATH11K_DBG_CE (bsc#1227149).
- wifi: ath11k: debug: remove unused ATH11K_DBG_ANY (bsc#1227149).
- wifi: ath11k: debug: use all upper case in ATH11k_DBG_HAL (bsc#1227149).
- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).
- wifi: ath11k: do not use %pK (bsc#1227149).
- wifi: ath11k: document HAL_RX_BUF_RBM_SW4_BM (bsc#1227149).
- wifi: ath11k: dp: cleanup debug message (bsc#1227149).
- wifi: ath11k: driver settings for MBSSID and EMA (bsc#1227149).
- wifi: ath11k: drop NULL pointer check in ath11k_update_per_peer_tx_stats() (bsc#1227149).
- wifi: ath11k: drop redundant check in ath11k_dp_rx_mon_dest_process() (bsc#1227149).
- wifi: ath11k: enable 36 bit mask for stream DMA (bsc#1227149).
- wifi: ath11k: factory test mode support (bsc#1227149).
- wifi: ath11k: fill parameters for vdev set tpc power WMI command (bsc#1227149).
- wifi: ath11k: fix CAC running state during virtual interface start (bsc#1227149).
- wifi: ath11k: fix IOMMU errors on buffer rings (bsc#1227149).
- wifi: ath11k: fix RCU documentation in ath11k_mac_op_ipv6_changed() (git-fixes).
- wifi: ath11k: fix WCN6750 firmware crash caused by 17 num_vdevs (bsc#1227149).
- wifi: ath11k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).
- wifi: ath11k: fix a possible dead lock caused by ab->base_lock (bsc#1227149).
- wifi: ath11k: fix ath11k_mac_op_remain_on_channel() stack usage (bsc#1227149).
- wifi: ath11k: fix connection failure due to unexpected peer delete (bsc#1227149).
- wifi: ath11k: fix tid bitmap is 0 in peer rx mu stats (bsc#1227149).
- wifi: ath11k: fix wrong definition of CE ring's base address (git-fixes).
- wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
- wifi: ath11k: hal: cleanup debug message (bsc#1227149).
- wifi: ath11k: htc: cleanup debug messages (bsc#1227149).
- wifi: ath11k: initialize eirp_power before use (bsc#1227149).
- wifi: ath11k: mac: fix struct ieee80211_sband_iftype_data handling (bsc#1227149).
- wifi: ath11k: mhi: add a warning message for MHI_CB_EE_RDDM crash (bsc#1227149).
- wifi: ath11k: move pci.ops registration ahead (bsc#1227149).
- wifi: ath11k: move power type check to ASSOC stage when connecting to 6 GHz AP (bsc#1227149).
- wifi: ath11k: move references from rsvd2 to info fields (bsc#1227149).
- wifi: ath11k: pci: cleanup debug logging (bsc#1227149).
- wifi: ath11k: print debug level in debug messages (bsc#1227149).
- wifi: ath11k: provide address list if chip supports 2 stations (bsc#1227149).
- wifi: ath11k: qmi: refactor ath11k_qmi_m3_load() (bsc#1227149).
- wifi: ath11k: refactor ath11k_wmi_tlv_parse_alloc() (bsc#1227149).
- wifi: ath11k: refactor setting country code logic (stable-fixes).
- wifi: ath11k: refactor vif parameter configurations (bsc#1227149).
- wifi: ath11k: rely on mac80211 debugfs handling for vif (bsc#1227149).
- wifi: ath11k: remove ath11k_htc_record::pauload[] (bsc#1227149).
- wifi: ath11k: remove invalid peer create logic (bsc#1227149).
- wifi: ath11k: remove manual mask names from debug messages (bsc#1227149).
- wifi: ath11k: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath11k: remove unsupported event handlers (bsc#1227149).
- wifi: ath11k: remove unused function ath11k_tm_event_wmi() (bsc#1227149).
- wifi: ath11k: remove unused members of 'struct ath11k_base' (bsc#1227149).
- wifi: ath11k: remove unused scan_events from struct scan_req_params (bsc#1227149).
- wifi: ath11k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1227149).
- wifi: ath11k: rename ath11k_start_vdev_delay() (bsc#1227149).
- wifi: ath11k: rename the sc naming convention to ab (bsc#1227149).
- wifi: ath11k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).
- wifi: ath11k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath11k: restore country code during resume (git-fixes).
- wifi: ath11k: save max transmit power in vdev start response event from firmware (bsc#1227149).
- wifi: ath11k: save power spectral density(PSD) of regulatory rule (bsc#1227149).
- wifi: ath11k: simplify ath11k_mac_validate_vht_he_fixed_rate_settings() (bsc#1227149).
- wifi: ath11k: simplify the code with module_platform_driver (bsc#1227149).
- wifi: ath11k: store cur_regulatory_info for each radio (bsc#1227149).
- wifi: ath11k: support 2 station interfaces (bsc#1227149).
- wifi: ath11k: update proper pdev/vdev id for testmode command (bsc#1227149).
- wifi: ath11k: update regulatory rules when connect to AP on 6 GHz band for station (bsc#1227149).
- wifi: ath11k: update regulatory rules when interface added (bsc#1227149).
- wifi: ath11k: use RCU when accessing struct inet6_dev::ac_list (bsc#1227149).
- wifi: ath11k: use WMI_VDEV_SET_TPC_POWER_CMDID when EXT_TPC_REG_SUPPORT for 6 GHz (bsc#1227149).
- wifi: ath11k: use kstrtoul_from_user() where appropriate (bsc#1227149).
- wifi: ath11k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).
- wifi: ath11k: wmi: add unified command debug messages (bsc#1227149).
- wifi: ath11k: wmi: cleanup error handling in ath11k_wmi_send_init_country_cmd() (bsc#1227149).
- wifi: ath11k: wmi: use common error handling style (bsc#1227149).
- wifi: ath11k: workaround too long expansion sparse warnings (bsc#1227149).
- wifi: ath12k: Add logic to write QRTR node id to scratch (bsc#1227149).
- wifi: ath12k: Add missing qmi_txn_cancel() calls (bsc#1227149).
- wifi: ath12k: Add support to parse new WMI event for 6 GHz regulatory (bsc#1227149).
- wifi: ath12k: Consistently use ath12k_vif_to_arvif() (bsc#1227149).
- wifi: ath12k: Consolidate WMI peer flags (bsc#1227149).
- wifi: ath12k: Correct 6 GHz frequency value in rx status (git-fixes).
- wifi: ath12k: Do not drop tx_status in failure case (git-fixes).
- wifi: ath12k: Do not use scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: Enable Mesh support for QCN9274 (bsc#1227149).
- wifi: ath12k: Fix a few spelling errors (bsc#1227149).
- wifi: ath12k: Fix tx completion ring (WBM2SW) setup failure (git-fixes).
- wifi: ath12k: Fix uninitialized use of ret in ath12k_mac_allocate() (bsc#1227149).
- wifi: ath12k: Introduce and use ath12k_sta_to_arsta() (bsc#1227149).
- wifi: ath12k: Introduce the container for mac80211 hw (bsc#1227149).
- wifi: ath12k: Make QMI message rules const (bsc#1227149).
- wifi: ath12k: Optimize the mac80211 hw data access (bsc#1227149).
- wifi: ath12k: Read board id to support split-PHY QCN9274 (bsc#1227149).
- wifi: ath12k: Refactor the mac80211 hw access from link/radio (bsc#1227149).
- wifi: ath12k: Remove ath12k_base::bd_api (bsc#1227149).
- wifi: ath12k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).
- wifi: ath12k: Remove some dead code (bsc#1227149).
- wifi: ath12k: Remove struct ath12k::ops (bsc#1227149).
- wifi: ath12k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath12k: Remove unnecessary struct qmi_txn initializers (bsc#1227149).
- wifi: ath12k: Remove unused declarations (bsc#1227149).
- wifi: ath12k: Remove unused scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: Set default beacon mode to burst mode (bsc#1227149).
- wifi: ath12k: Use initializers for QMI message buffers (bsc#1227149).
- wifi: ath12k: Use msdu_end to check MCBC (bsc#1227149).
- wifi: ath12k: Use pdev_id rather than mac_id to get pdev (bsc#1227149).
- wifi: ath12k: WMI support to process EHT capabilities (bsc#1227149).
- wifi: ath12k: add 320 MHz bandwidth enums (bsc#1227149).
- wifi: ath12k: add CE and ext IRQ flag to indicate irq_handler (bsc#1227149).
- wifi: ath12k: add EHT PHY modes (bsc#1227149).
- wifi: ath12k: add MAC id support in WBM error path (bsc#1227149).
- wifi: ath12k: add MLO header in peer association (bsc#1227149).
- wifi: ath12k: add P2P IE in beacon template (bsc#1227149).
- wifi: ath12k: add QMI PHY capability learn support (bsc#1227149).
- wifi: ath12k: add WMI support for EHT peer (bsc#1227149).
- wifi: ath12k: add ath12k_qmi_free_resource() for recovery (bsc#1227149).
- wifi: ath12k: add fallback board name without variant while searching board-2.bin (bsc#1227149).
- wifi: ath12k: add firmware-2.bin support (bsc#1227149).
- wifi: ath12k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED (bsc#1227149).
- wifi: ath12k: add keep backward compatibility of PHY mode to avoid firmware crash (bsc#1227149).
- wifi: ath12k: add msdu_end structure for WCN7850 (bsc#1227149).
- wifi: ath12k: add parsing of phy bitmap for reg rules (bsc#1227149).
- wifi: ath12k: add processing for TWT disable event (bsc#1227149).
- wifi: ath12k: add processing for TWT enable event (bsc#1227149).
- wifi: ath12k: add qmi_cnss_feature_bitmap field to hardware parameters (bsc#1227149).
- wifi: ath12k: add rcu lock for ath12k_wmi_p2p_noa_event() (bsc#1227149).
- wifi: ath12k: add read variant from SMBIOS for download board data (bsc#1227149).
- wifi: ath12k: add string type to search board data in board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: add support for BA1024 (bsc#1227149).
- wifi: ath12k: add support for collecting firmware log (bsc#1227149).
- wifi: ath12k: add support for hardware rfkill for WCN7850 (bsc#1227149).
- wifi: ath12k: add support for peer meta data version (bsc#1227149).
- wifi: ath12k: add support one MSI vector (bsc#1227149).
- wifi: ath12k: add support to search regdb data in board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: add wait operation for tx management packets for flush from mac80211 (bsc#1227149).
- wifi: ath12k: advertise P2P dev support for WCN7850 (bsc#1227149).
- wifi: ath12k: allow specific mgmt frame tx while vdev is not up (bsc#1227149).
- wifi: ath12k: ath12k_start_vdev_delay(): convert to use ar (bsc#1227149).
- wifi: ath12k: avoid deadlock by change ieee80211_queue_work for regd_update_work (bsc#1227149).
- wifi: ath12k: avoid duplicated vdev stop (git-fixes).
- wifi: ath12k: avoid explicit HW conversion argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid explicit RBM id argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid explicit mac id argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid repeated hw access from ar (bsc#1227149).
- wifi: ath12k: avoid repeated wiphy access from hw (bsc#1227149).
- wifi: ath12k: call ath12k_mac_fils_discovery() without condition (bsc#1227149).
- wifi: ath12k: change DMA direction while mapping reinjected packets (git-fixes).
- wifi: ath12k: change MAC buffer ring size to 2048 (bsc#1227149).
- wifi: ath12k: change WLAN_SCAN_PARAMS_MAX_IE_LEN from 256 to 512 (bsc#1227149).
- wifi: ath12k: change interface combination for P2P mode (bsc#1227149).
- wifi: ath12k: change to initialize recovery variables earlier in ath12k_core_reset() (bsc#1227149).
- wifi: ath12k: change to treat alpha code na as world wide regdomain (bsc#1227149).
- wifi: ath12k: change to use dynamic memory for channel list of scan (bsc#1227149).
- wifi: ath12k: check M3 buffer size as well whey trying to reuse it (bsc#1227149).
- wifi: ath12k: check hardware major version for WCN7850 (bsc#1227149).
- wifi: ath12k: configure RDDM size to MHI for device recovery (bsc#1227149).
- wifi: ath12k: configure puncturing bitmap (bsc#1227149).
- wifi: ath12k: correct the data_type from QMI_OPT_FLAG to QMI_UNSIGNED_1_BYTE for mlo_capable (bsc#1227149).
- wifi: ath12k: delete the timer rx_replenish_retry during rmmod (bsc#1227149).
- wifi: ath12k: designating channel frequency for ROC scan (bsc#1227149).
- wifi: ath12k: disable QMI PHY capability learn in split-phy QCN9274 (bsc#1227149).
- wifi: ath12k: do not drop data frames from unassociated stations (bsc#1227149).
- wifi: ath12k: do not restore ASPM in case of single MSI vector (bsc#1227149).
- wifi: ath12k: drop NULL pointer check in ath12k_update_per_peer_tx_stats() (bsc#1227149).
- wifi: ath12k: drop failed transmitted frames from metric calculation (git-fixes).
- wifi: ath12k: enable 320 MHz bandwidth for 6 GHz band in EHT PHY capability for WCN7850 (bsc#1227149).
- wifi: ath12k: enable 802.11 power save mode in station mode (bsc#1227149).
- wifi: ath12k: enable IEEE80211_HW_SINGLE_SCAN_ON_ALL_BANDS for WCN7850 (bsc#1227149).
- wifi: ath12k: fetch correct pdev id from WMI_SERVICE_READY_EXT_EVENTID (bsc#1227149).
- wifi: ath12k: fix PCI read and write (bsc#1227149).
- wifi: ath12k: fix WARN_ON during ath12k_mac_update_vif_chan (bsc#1227149).
- wifi: ath12k: fix broken structure wmi_vdev_create_cmd (bsc#1227149).
- wifi: ath12k: fix conf_mutex in ath12k_mac_op_unassign_vif_chanctx() (bsc#1227149).
- wifi: ath12k: fix debug messages (bsc#1227149).
- wifi: ath12k: fix fetching MCBC flag for QCN9274 (bsc#1227149).
- wifi: ath12k: fix firmware assert during insmod in memory segment mode (bsc#1227149).
- wifi: ath12k: fix firmware crash during reo reinject (git-fixes).
- wifi: ath12k: fix invalid m3 buffer address (bsc#1227149).
- wifi: ath12k: fix invalid memory access while processing fragmented packets (git-fixes).
- wifi: ath12k: fix kernel crash during resume (bsc#1227149).
- wifi: ath12k: fix license in p2p.c and p2p.h (bsc#1227149).
- wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).
- wifi: ath12k: fix peer metadata parsing (git-fixes).
- wifi: ath12k: fix potential wmi_mgmt_tx_queue race condition (bsc#1227149).
- wifi: ath12k: fix radar detection in 160 MHz (bsc#1227149).
- wifi: ath12k: fix recovery fail while firmware crash when doing channel switch (bsc#1227149).
- wifi: ath12k: fix the error handler of rfkill config (bsc#1227149).
- wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 (bsc#1227149).
- wifi: ath12k: fix the problem that down grade phy mode operation (bsc#1227149).
- wifi: ath12k: fix wrong definition of CE ring's base address (git-fixes).
- wifi: ath12k: fix wrong definitions of hal_reo_update_rx_queue (bsc#1227149).
- wifi: ath12k: get msi_data again after request_irq is called (bsc#1227149).
- wifi: ath12k: implement handling of P2P NoA event (bsc#1227149).
- wifi: ath12k: implement remain on channel for P2P mode (bsc#1227149).
- wifi: ath12k: increase vdev setup timeout (bsc#1227149).
- wifi: ath12k: indicate NON MBSSID vdev by default during vdev start (bsc#1227149).
- wifi: ath12k: indicate scan complete for scan canceled when scan running (bsc#1227149).
- wifi: ath12k: indicate to mac80211 scan complete with aborted flag for ATH12K_SCAN_STARTING state (bsc#1227149).
- wifi: ath12k: move HE capabilities processing to a new function (bsc#1227149).
- wifi: ath12k: move peer delete after vdev stop of station for WCN7850 (bsc#1227149).
- wifi: ath12k: parse WMI service ready ext2 event (bsc#1227149).
- wifi: ath12k: peer assoc for 320 MHz (bsc#1227149).
- wifi: ath12k: prepare EHT peer assoc parameters (bsc#1227149).
- wifi: ath12k: propagate EHT capabilities to userspace (bsc#1227149).
- wifi: ath12k: refactor DP Rxdma ring structure (bsc#1227149).
- wifi: ath12k: refactor QMI MLO host capability helper function (bsc#1227149).
- wifi: ath12k: refactor ath12k_bss_assoc() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_allocate() and ath12k_mac_destroy() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_ampdu_action() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_conf_tx() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_config() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_configure_filter() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_flush() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_start() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_stop() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_update_vif_offload() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_register() and ath12k_mac_unregister() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_setup_channels_rates() (bsc#1227149).
- wifi: ath12k: refactor ath12k_wmi_tlv_parse_alloc() (bsc#1227149).
- wifi: ath12k: refactor multiple MSI vector implementation (bsc#1227149).
- wifi: ath12k: refactor the rfkill worker (bsc#1227149).
- wifi: ath12k: register EHT mesh capabilities (bsc#1227149).
- wifi: ath12k: relax list iteration in ath12k_mac_vif_unref() (bsc#1227149).
- wifi: ath12k: relocate ath12k_dp_pdev_pre_alloc() call (bsc#1227149).
- wifi: ath12k: remove hal_desc_sz from hw params (bsc#1227149).
- wifi: ath12k: remove redundant memset() in ath12k_hal_reo_qdesc_setup() (bsc#1227149).
- wifi: ath12k: remove the unused scan_events from ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: remove unused ATH12K_BD_IE_BOARD_EXT (bsc#1227149).
- wifi: ath12k: rename HE capabilities setup/copy functions (bsc#1227149).
- wifi: ath12k: rename the sc naming convention to ab (bsc#1227149).
- wifi: ath12k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).
- wifi: ath12k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath12k: send WMI_PEER_REORDER_QUEUE_SETUP_CMDID when ADDBA session starts (bsc#1227149).
- wifi: ath12k: set IRQ affinity to CPU0 in case of one MSI vector (bsc#1227149).
- wifi: ath12k: set PERST pin no pull request for WCN7850 (bsc#1227149).
- wifi: ath12k: split hal_ops to support RX TLVs word mask compaction (bsc#1227149).
- wifi: ath12k: subscribe required word mask from rx tlv (bsc#1227149).
- wifi: ath12k: support default regdb while searching board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: trigger station disconnect on hardware restart (bsc#1227149).
- wifi: ath12k: use ATH12K_PCI_IRQ_DP_OFFSET for DP IRQ (bsc#1227149).
- wifi: ath12k: use correct flag field for 320 MHz channels (bsc#1227149).
- wifi: ath12k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).
- wifi: ath5k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath5k: Remove redundant dev_err() (bsc#1227149).
- wifi: ath5k: ath5k_hw_get_median_noise_floor(): use swap() (bsc#1227149).
- wifi: ath5k: remove phydir check from ath5k_debug_init_device() (bsc#1227149).
- wifi: ath5k: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath5k: remove unused ath5k_eeprom_info::ee_antenna (bsc#1227149).
- wifi: ath5k: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: ath6kl: Remove error checking for debugfs_create_dir() (bsc#1227149).
- wifi: ath6kl: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath6kl: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: ath9k: remove redundant assignment to variable ret (bsc#1227149).
- wifi: ath9k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath9k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath9k: Remove unnecessary ternary operators (bsc#1227149).
- wifi: ath9k: Remove unused declarations (bsc#1227149).
- wifi: ath9k: avoid using uninitialized array (bsc#1227149).
- wifi: ath9k: clean up function ath9k_hif_usb_resume (bsc#1227149).
- wifi: ath9k: consistently use kstrtoX_from_user() functions (bsc#1227149).
- wifi: ath9k: delete some unused/duplicate macros (bsc#1227149).
- wifi: ath9k: fix parameter check in ath9k_init_debug() (bsc#1227149).
- wifi: ath9k: reset survey of current channel after a scan started (bsc#1227149).
- wifi: ath9k: simplify ar9003_hw_process_ini() (bsc#1227149).
- wifi: ath9k: use u32 for txgain indexes (bsc#1227149).
- wifi: ath9k: work around memset overflow warning (bsc#1227149).
- wifi: ath9k_htc: fix format-truncation warning (bsc#1227149).
- wifi: ath: Use is_multicast_ether_addr() to check multicast Ether address (bsc#1227149).
- wifi: ath: dfs_pattern_detector: Use flex array to simplify code (bsc#1227149).
- wifi: ath: remove unused-but-set parameter (bsc#1227149).
- wifi: ath: work around false-positive stringop-overread warning (bsc#1227149).
- wifi: atk10k: Do not opencode ath10k_pci_priv() in ath10k_ahb_priv() (bsc#1227149).
- wifi: atmel: remove unused ioctl function (bsc#1227149).
- wifi: b43: silence sparse warnings (bsc#1227149).
- wifi: brcm80211: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: brcmfmac: Annotate struct brcmf_gscan_config with __counted_by (bsc#1227149).
- wifi: brcmfmac: Detect corner error case earlier with log (bsc#1227149).
- wifi: brcmfmac: add linefeed at end of file (bsc#1227149).
- wifi: brcmfmac: allow per-vendor event handling (bsc#1227149).
- wifi: brcmfmac: do not cast hidden SSID attribute value to boolean (bsc#1227149).
- wifi: brcmfmac: do not pass hidden SSID attribute as value directly (bsc#1227149).
- wifi: brcmfmac: export firmware interface functions (bsc#1227149).
- wifi: brcmfmac: firmware: Annotate struct brcmf_fw_request with __counted_by (bsc#1227149).
- wifi: brcmfmac: fix format-truncation warnings (bsc#1227149).
- wifi: brcmfmac: fix gnu_printf warnings (bsc#1227149).
- wifi: brcmfmac: fweh: Add __counted_by for struct brcmf_fweh_queue_item and use struct_size() (bsc#1227149).
- wifi: brcmfmac: fweh: Fix boot crash on Raspberry Pi 4 (bsc#1227149).
- wifi: brcmfmac: move feature overrides before feature_disable (bsc#1227149).
- wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).
- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes).
- wifi: brcmsmac: cleanup SCB-related data types (bsc#1227149).
- wifi: brcmsmac: fix gnu_printf warnings (bsc#1227149).
- wifi: brcmsmac: phy: Remove unreachable code (bsc#1227149).
- wifi: brcmsmac: remove more unused data types (bsc#1227149).
- wifi: brcmsmac: remove unused data type (bsc#1227149).
- wifi: brcmsmac: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: brcmsmac: silence sparse warnings (bsc#1227149).
- wifi: brcmutil: use helper function pktq_empty() instead of open code (bsc#1227149).
- wifi: carl9170: Remove redundant assignment to pointer super (bsc#1227149).
- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).
- wifi: carl9170: re-fix fortified-memset warning (git-fixes).
- wifi: carl9170: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: cfg80211: Add support for setting TID to link mapping (bsc#1227149).
- wifi: cfg80211: Allow AP/P2PGO to indicate port authorization to peer STA/P2PClient (bsc#1227149).
- wifi: cfg80211: Extend support for scanning while MLO connected (bsc#1227149).
- wifi: cfg80211: Fix typo in documentation (bsc#1227149).
- wifi: cfg80211: Handle specific BSSID in 6GHz scanning (bsc#1227149).
- wifi: cfg80211: Include operating class 137 in 6GHz band (bsc#1227149).
- wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes).
- wifi: cfg80211: OWE DH IE handling offload (bsc#1227149).
- wifi: cfg80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: cfg80211: Schedule regulatory check on BSS STA channel change (bsc#1227149).
- wifi: cfg80211: Update the default DSCP-to-UP mapping (bsc#1227149).
- wifi: cfg80211: add BSS usage reporting (bsc#1227149).
- wifi: cfg80211: add RNR with reporting AP information (bsc#1227149).
- wifi: cfg80211: add a flag to disable wireless extensions (bsc#1227149).
- wifi: cfg80211: add local_state_change to deauth trace (bsc#1227149).
- wifi: cfg80211: add locked debugfs wrappers (bsc#1227149).
- wifi: cfg80211: add support for SPP A-MSDUs (bsc#1227149).
- wifi: cfg80211: address several kerneldoc warnings (bsc#1227149).
- wifi: cfg80211: allow reg update by driver even if wiphy->regd is set (bsc#1227149).
- wifi: cfg80211: annotate iftype_data pointer with sparse (bsc#1227149).
- wifi: cfg80211: avoid double free if updating BSS fails (bsc#1227149).
- wifi: cfg80211: call reg_call_notifier on beacon hints (bsc#1227149).
- wifi: cfg80211: check RTNL when iterating devices (bsc#1227149).
- wifi: cfg80211: check wiphy mutex is held for wdev mutex (bsc#1227149).
- wifi: cfg80211: consume both probe response and beacon IEs (bsc#1227149).
- wifi: cfg80211: detect stuck ECSA element in probe resp (bsc#1227149).
- wifi: cfg80211: ensure cfg80211_bss_update frees IEs on error (bsc#1227149).
- wifi: cfg80211: export DFS CAC time and usable state helper functions (bsc#1227149).
- wifi: cfg80211: expose nl80211_chan_width_to_mhz for wide sharing (bsc#1227149).
- wifi: cfg80211: fix 6 GHz scan request building (stable-fixes).
- wifi: cfg80211: fix CQM for non-range use (bsc#1227149).
- wifi: cfg80211: fix header kernel-doc typos (bsc#1227149).
- wifi: cfg80211: fix kernel-doc for wiphy_delayed_work_flush() (bsc#1227149).
- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).
- wifi: cfg80211: fix spelling & punctutation (bsc#1227149).
- wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes).
- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: fully move wiphy work to unbound workqueue (git-fixes).
- wifi: cfg80211: generate an ML element for per-STA profiles (bsc#1227149).
- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: handle UHB AP and STA power type (bsc#1227149).
- wifi: cfg80211: hold wiphy lock in cfg80211_any_wiphy_oper_chan() (bsc#1227149).
- wifi: cfg80211: hold wiphy mutex for send_interface (bsc#1227149).
- wifi: cfg80211: improve documentation for flag fields (bsc#1227149).
- wifi: cfg80211: introduce cfg80211_ssid_eq() (bsc#1227149).
- wifi: cfg80211: make RX assoc data const (bsc#1227149).
- wifi: cfg80211: make read-only array centers_80mhz static const (bsc#1227149).
- wifi: cfg80211: modify prototype for change_beacon (bsc#1227149).
- wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes).
- wifi: cfg80211: reg: Support P2P operation on DFS channels (bsc#1227149).
- wifi: cfg80211: reg: describe return values in kernel-doc (bsc#1227149).
- wifi: cfg80211: reg: fix various kernel-doc issues (bsc#1227149).
- wifi: cfg80211: reg: hold wiphy mutex for wdev iteration (bsc#1227149).
- wifi: cfg80211: remove scan_width support (bsc#1227149).
- wifi: cfg80211: remove wdev mutex (bsc#1227149).
- wifi: cfg80211: rename UHB to 6 GHz (bsc#1227149).
- wifi: cfg80211: report per-link errors during association (bsc#1227149).
- wifi: cfg80211: report unprotected deauth/disassoc in wowlan (bsc#1227149).
- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes).
- wifi: cfg80211: save power spectral density(psd) of regulatory rule (bsc#1227149).
- wifi: cfg80211: set correct param change count in ML element (bsc#1227149).
- wifi: cfg80211: sme: hold wiphy lock for wdev iteration (bsc#1227149).
- wifi: cfg80211: sort certificates in build (bsc#1227149).
- wifi: cfg80211: split struct cfg80211_ap_settings (bsc#1227149).
- wifi: cfg80211: validate HE operation element parsing (bsc#1227149).
- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes).
- wifi: cfg80211: wext: convert return value to kernel-doc (bsc#1227149).
- wifi: cfg80211: wext: set ssids=NULL for passive scans (git-fixes).
- wifi: cw1200: Avoid processing an invalid TIM IE (bsc#1227149).
- wifi: cw1200: Convert to GPIO descriptors (bsc#1227149).
- wifi: cw1200: fix __le16 sparse warnings (bsc#1227149).
- wifi: cw1200: restore endian swapping (bsc#1227149).
- wifi: drivers: Explicitly include correct DT includes (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for Broadcom WLAN (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for ar5523 (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for mt76 drivers (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for p54spi (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wcn36xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wilc1000 (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wl1251 and wl12xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wl18xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wlcore (bsc#1227149).
- wifi: hostap: Add __counted_by for struct prism2_download_data and use struct_size() (bsc#1227149).
- wifi: hostap: fix stringop-truncations GCC warning (bsc#1227149).
- wifi: hostap: remove unused ioctl function (bsc#1227149).
- wifi: ieee80211: add UL-bandwidth definition of trigger frame (bsc#1227149).
- wifi: ieee80211: add definitions for negotiated TID to Link map (bsc#1227149).
- wifi: ieee80211: check for NULL in ieee80211_mle_size_ok() (stable-fixes).
- wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).
- wifi: iwlmei: do not send SAP messages if AMT is disabled (bsc#1227149).
- wifi: iwlmei: do not send nic info with invalid mac address (bsc#1227149).
- wifi: iwlmei: send HOST_GOES_DOWN message even if wiamt is disabled (bsc#1227149).
- wifi: iwlmei: send driver down SAP message only if wiamt is enabled (bsc#1227149).
- wifi: iwlmvm: fw: Add new OEM vendor to tas approved list (bsc#1227149).
- wifi: iwlwifi: Add rf_mapping of new wifi7 devices (bsc#1227149).
- wifi: iwlwifi: Add support for PPAG cmd v5 and PPAG revision 3 (bsc#1227149).
- wifi: iwlwifi: Add support for new 802.11be device (bsc#1227149).
- wifi: iwlwifi: Do not mark DFS channels as NO-IR (bsc#1227149).
- wifi: iwlwifi: Extract common prph mac/phy regions data dump logic (bsc#1227149).
- wifi: iwlwifi: Fix spelling mistake "SESION" -> "SESSION" (bsc#1227149).
- wifi: iwlwifi: Use request_module_nowait (bsc#1227149).
- wifi: iwlwifi: abort scan when rfkill on but device enabled (bsc#1227149).
- wifi: iwlwifi: add HONOR to PPAG approved list (bsc#1227149).
- wifi: iwlwifi: add Razer to ppag approved list (bsc#1227149).
- wifi: iwlwifi: add mapping of a periphery register crf for WH RF (bsc#1227149).
- wifi: iwlwifi: add new RF support for wifi7 (bsc#1227149).
- wifi: iwlwifi: add support for SNPS DPHYIP region type (bsc#1227149).
- wifi: iwlwifi: add support for a wiphy_work rx handler (bsc#1227149).
- wifi: iwlwifi: add support for activating UNII-1 in WW via BIOS (bsc#1227149).
- wifi: iwlwifi: add support for new ini region types (bsc#1227149).
- wifi: iwlwifi: adjust rx_phyinfo debugfs to MLO (bsc#1227149).
- wifi: iwlwifi: always have 'uats_enabled' (bsc#1227149).
- wifi: iwlwifi: api: clean up some kernel-doc/typos (bsc#1227149).
- wifi: iwlwifi: api: dbg-tlv: fix up kernel-doc (bsc#1227149).
- wifi: iwlwifi: api: fix a small upper/lower-case typo (bsc#1227149).
- wifi: iwlwifi: api: fix center_freq label in PHY diagram (bsc#1227149).
- wifi: iwlwifi: api: fix constant version to match FW (bsc#1227149).
- wifi: iwlwifi: api: fix kernel-doc reference (bsc#1227149).
- wifi: iwlwifi: bump FW API to 84 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 86 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 87 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 88 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: cancel session protection only if there is one (bsc#1227149).
- wifi: iwlwifi: change link id in time event to s8 (bsc#1227149).
- wifi: iwlwifi: check for kmemdup() return value in iwl_parse_tlv_firmware() (bsc#1227149).
- wifi: iwlwifi: cleanup BT Shared Single Antenna code (bsc#1227149).
- wifi: iwlwifi: cleanup sending PER_CHAIN_LIMIT_OFFSET_CMD (bsc#1227149).
- wifi: iwlwifi: cleanup uefi variables loading (bsc#1227149).
- wifi: iwlwifi: clear link_id in time_event (bsc#1227149).
- wifi: iwlwifi: dbg-tlv: avoid extra allocation/copy (bsc#1227149).
- wifi: iwlwifi: dbg-tlv: use struct_size() for allocation (bsc#1227149).
- wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes).
- wifi: iwlwifi: disable 160 MHz based on subsystem device ID (bsc#1227149).
- wifi: iwlwifi: disable eSR when BT is active (bsc#1227149).
- wifi: iwlwifi: disable multi rx queue for 9000 (bsc#1227149).
- wifi: iwlwifi: do not check TAS block list size twice (bsc#1227149).
- wifi: iwlwifi: do not use TRUE/FALSE with bool (bsc#1227149).
- wifi: iwlwifi: drop NULL pointer check in iwl_mvm_tzone_set_trip_temp() (bsc#1227149).
- wifi: iwlwifi: dvm: remove kernel-doc warnings (bsc#1227149).
- wifi: iwlwifi: error-dump: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: fail NIC access fast on dead NIC (bsc#1227149).
- wifi: iwlwifi: fix #ifdef CONFIG_ACPI check (bsc#1227149).
- wifi: iwlwifi: fix iwl_mvm_get_valid_rx_ant() (git-fixes).
- wifi: iwlwifi: fix opmode start/stop race (bsc#1227149).
- wifi: iwlwifi: fix some kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: fix some kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: fix system commands group ordering (bsc#1227149).
- wifi: iwlwifi: fix the rf step and flavor bits range (bsc#1227149).
- wifi: iwlwifi: fw: Add support for UATS table in UHB (bsc#1227149).
- wifi: iwlwifi: fw: Fix debugfs command sending (bsc#1227149).
- wifi: iwlwifi: fw: allow vmalloc for PNVM image (bsc#1227149).
- wifi: iwlwifi: fw: dbg: ensure correct config name sizes (bsc#1227149).
- wifi: iwlwifi: fw: disable firmware debug asserts (bsc#1227149).
- wifi: iwlwifi: fw: file: clean up kernel-doc (bsc#1227149).
- wifi: iwlwifi: fw: file: do not use [0] for variable arrays (bsc#1227149).
- wifi: iwlwifi: fw: fix compiler warning for NULL string print (bsc#1227149).
- wifi: iwlwifi: fw: increase fw_version string size (bsc#1227149).
- wifi: iwlwifi: fw: reconstruct the API/CAPA enum number (bsc#1227149).
- wifi: iwlwifi: fw: replace deprecated strncpy with strscpy_pad (bsc#1227149).
- wifi: iwlwifi: handle per-phy statistics from fw (bsc#1227149).
- wifi: iwlwifi: implement GLAI ACPI table loading (bsc#1227149).
- wifi: iwlwifi: implement can_activate_links callback (bsc#1227149).
- wifi: iwlwifi: implement enable/disable for China 2022 regulatory (bsc#1227149).
- wifi: iwlwifi: iwl-fh.h: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: iwl-trans.h: clean up kernel-doc (bsc#1227149).
- wifi: iwlwifi: iwlmvm: handle unprotected deauth/disassoc in d3 (bsc#1227149).
- wifi: iwlwifi: load b0 version of ucode for HR1/HR2 (bsc#1227149).
- wifi: iwlwifi: make TB reallocation a debug message (bsc#1227149).
- wifi: iwlwifi: make time_events MLO aware (bsc#1227149).
- wifi: iwlwifi: mei: return error from register when not built (bsc#1227149).
- wifi: iwlwifi: mvm: Add basic link selection logic (bsc#1227149).
- wifi: iwlwifi: mvm: Add support for removing responder TKs (bsc#1227149).
- wifi: iwlwifi: mvm: Allow DFS concurrent operation (bsc#1227149).
- wifi: iwlwifi: mvm: Configure the link mapping for non-MLD FW (bsc#1227149).
- wifi: iwlwifi: mvm: Correctly report TSF data in scan complete (bsc#1227149).
- wifi: iwlwifi: mvm: Declare support for secure LTF measurement (bsc#1227149).
- wifi: iwlwifi: mvm: Do not warn if valid link pair was not found (bsc#1227149).
- wifi: iwlwifi: mvm: Do not warn on invalid link on scan complete (bsc#1227149).
- wifi: iwlwifi: mvm: Extend support for P2P service discovery (bsc#1227149).
- wifi: iwlwifi: mvm: Fix FTM initiator flags (bsc#1227149).
- wifi: iwlwifi: mvm: Fix scan abort handling with HW rfkill (stable-fixes).
- wifi: iwlwifi: mvm: Fix unreachable code path (bsc#1227149).
- wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes).
- wifi: iwlwifi: mvm: Keep connection in case of missed beacons during RX (bsc#1227149).
- wifi: iwlwifi: mvm: Return success if link could not be removed (bsc#1227149).
- wifi: iwlwifi: mvm: Use the link ID provided in scan request (bsc#1227149).
- wifi: iwlwifi: mvm: add US/Canada MCC to API (bsc#1227149).
- wifi: iwlwifi: mvm: add a debug print when we get a BAR (bsc#1227149).
- wifi: iwlwifi: mvm: add a debugfs hook to clear the monitor data (bsc#1227149).
- wifi: iwlwifi: mvm: add a per-link debugfs (bsc#1227149).
- wifi: iwlwifi: mvm: add a print when sending RLC command (bsc#1227149).
- wifi: iwlwifi: mvm: add start mac ctdp sum calculation debugfs handler (bsc#1227149).
- wifi: iwlwifi: mvm: add support for TID to link mapping neg request (bsc#1227149).
- wifi: iwlwifi: mvm: add support for new wowlan_info_notif (bsc#1227149).
- wifi: iwlwifi: mvm: advertise MLO only if EHT is enabled (bsc#1227149).
- wifi: iwlwifi: mvm: advertise support for SCS traffic description (bsc#1227149).
- wifi: iwlwifi: mvm: advertise support for protected ranging negotiation (bsc#1227149).
- wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).
- wifi: iwlwifi: mvm: always update keys in D3 exit (bsc#1227149).
- wifi: iwlwifi: mvm: avoid garbage iPN (bsc#1227149).
- wifi: iwlwifi: mvm: calculate EMLSR mode after connection (bsc#1227149).
- wifi: iwlwifi: mvm: check AP supports EMLSR (bsc#1227149).
- wifi: iwlwifi: mvm: check for iwl_mvm_mld_update_sta() errors (bsc#1227149).
- wifi: iwlwifi: mvm: check link more carefully (bsc#1227149).
- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).
- wifi: iwlwifi: mvm: check own capabilities for EMLSR (bsc#1227149).
- wifi: iwlwifi: mvm: cleanup MLO and non-MLO unification code (bsc#1227149).
- wifi: iwlwifi: mvm: combine condition/warning (bsc#1227149).
- wifi: iwlwifi: mvm: consider having one active link (bsc#1227149).
- wifi: iwlwifi: mvm: const-ify chandef pointers (bsc#1227149).
- wifi: iwlwifi: mvm: cycle FW link on chanctx removal (bsc#1227149).
- wifi: iwlwifi: mvm: d3: avoid intermediate/early mutex unlock (bsc#1227149).
- wifi: iwlwifi: mvm: d3: disconnect on GTK rekey failure (bsc#1227149).
- wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes).
- wifi: iwlwifi: mvm: d3: implement suspend with MLO (bsc#1227149).
- wifi: iwlwifi: mvm: debugfs for fw system stats (bsc#1227149).
- wifi: iwlwifi: mvm: define RX queue sync timeout as a macro (bsc#1227149).
- wifi: iwlwifi: mvm: disable MLO for the time being (bsc#1227149).
- wifi: iwlwifi: mvm: disallow puncturing in US/Canada (bsc#1227149).
- wifi: iwlwifi: mvm: disconnect long CSA only w/o alternative (bsc#1227149).
- wifi: iwlwifi: mvm: disconnect station vifs if recovery failed (bsc#1227149).
- wifi: iwlwifi: mvm: do not abort queue sync in CT-kill (bsc#1227149).
- wifi: iwlwifi: mvm: do not add dummy phy context (bsc#1227149).
- wifi: iwlwifi: mvm: do not always disable EMLSR due to BT coex (bsc#1227149).
- wifi: iwlwifi: mvm: do not do duplicate detection for nullfunc packets (bsc#1227149).
- wifi: iwlwifi: mvm: do not initialize csa_work twice (git-fixes).
- wifi: iwlwifi: mvm: do not limit VLP/AFC to UATS-enabled (git-fixes).
- wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).
- wifi: iwlwifi: mvm: do not send BT_COEX_CI command on new devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not send NDPs for new tx devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not send STA_DISABLE_TX_CMD for newer firmware (bsc#1227149).
- wifi: iwlwifi: mvm: do not send the smart fifo command if not needed (bsc#1227149).
- wifi: iwlwifi: mvm: do not set trigger frame padding in AP mode (bsc#1227149).
- wifi: iwlwifi: mvm: do not support reduced tx power on ack for new devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not wake up rx_sync_waitq upon RFKILL (git-fixes).
- wifi: iwlwifi: mvm: enable FILS DF Tx on non-PSC channel (bsc#1227149).
- wifi: iwlwifi: mvm: enable HE TX/RX <242 tone RU on new RFs (bsc#1227149).
- wifi: iwlwifi: mvm: expand queue sync warning messages (bsc#1227149).
- wifi: iwlwifi: mvm: extend alive timeout to 2 seconds (bsc#1227149).
- wifi: iwlwifi: mvm: fix ROC version check (bsc#1227149).
- wifi: iwlwifi: mvm: fix SB CFG check (bsc#1227149).
- wifi: iwlwifi: mvm: fix a battery life regression (bsc#1227149).
- wifi: iwlwifi: mvm: fix a crash on 7265 (bsc#1227149).
- wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).
- wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).
- wifi: iwlwifi: mvm: fix kernel-doc (bsc#1227149).
- wifi: iwlwifi: mvm: fix link ID management (bsc#1227149).
- wifi: iwlwifi: mvm: fix recovery flow in CSA (bsc#1227149).
- wifi: iwlwifi: mvm: fix regdb initialization (bsc#1227149).
- wifi: iwlwifi: mvm: fix the PHY context resolution for p2p device (bsc#1227149).
- wifi: iwlwifi: mvm: fix the TXF mapping for BZ devices (bsc#1227149).
- wifi: iwlwifi: mvm: fix the key PN index (bsc#1227149).
- wifi: iwlwifi: mvm: fix thermal kernel-doc (bsc#1227149).
- wifi: iwlwifi: mvm: fold the ref++ into iwl_mvm_phy_ctxt_add (bsc#1227149).
- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).
- wifi: iwlwifi: mvm: handle BA session teardown in RF-kill (stable-fixes).
- wifi: iwlwifi: mvm: handle debugfs names more carefully (bsc#1227149).
- wifi: iwlwifi: mvm: handle link-STA allocation in restart (bsc#1227149).
- wifi: iwlwifi: mvm: implement ROC version 3 (bsc#1227149).
- wifi: iwlwifi: mvm: implement new firmware API for statistics (bsc#1227149).
- wifi: iwlwifi: mvm: increase session protection after CSA (bsc#1227149).
- wifi: iwlwifi: mvm: init vif works only once (git-fixes).
- wifi: iwlwifi: mvm: introduce PHY_CONTEXT_CMD_API_VER_5 (bsc#1227149).
- wifi: iwlwifi: mvm: introduce esr_disable_reason (bsc#1227149).
- wifi: iwlwifi: mvm: iterate active links for STA queues (bsc#1227149).
- wifi: iwlwifi: mvm: limit EHT 320 MHz MCS for STEP URM (bsc#1227149).
- wifi: iwlwifi: mvm: limit pseudo-D3 to 60 seconds (bsc#1227149).
- wifi: iwlwifi: mvm: log dropped frames (bsc#1227149).
- wifi: iwlwifi: mvm: log dropped packets due to MIC error (bsc#1227149).
- wifi: iwlwifi: mvm: make "pldr_sync" mode effective (bsc#1227149).
- wifi: iwlwifi: mvm: make functions public (bsc#1227149).
- wifi: iwlwifi: mvm: make pldr_sync AX210 specific (bsc#1227149).
- wifi: iwlwifi: mvm: move BA notif messages before action (bsc#1227149).
- wifi: iwlwifi: mvm: move RU alloc B2 placement (bsc#1227149).
- wifi: iwlwifi: mvm: move listen interval to constants (bsc#1227149).
- wifi: iwlwifi: mvm: offload IGTK in AP if BIGTK is supported (bsc#1227149).
- wifi: iwlwifi: mvm: partially support PHY context version 6 (bsc#1227149).
- wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF (bsc#1227149).
- wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes).
- wifi: iwlwifi: mvm: reduce maximum RX A-MPDU size (bsc#1227149).
- wifi: iwlwifi: mvm: refactor TX rate handling (bsc#1227149).
- wifi: iwlwifi: mvm: refactor duplicate chanctx condition (bsc#1227149).
- wifi: iwlwifi: mvm: remove EHT code from mac80211.c (bsc#1227149).
- wifi: iwlwifi: mvm: remove IWL_MVM_STATUS_NEED_FLUSH_P2P (bsc#1227149).
- wifi: iwlwifi: mvm: remove flags for enable/disable beacon filter (bsc#1227149).
- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
- wifi: iwlwifi: mvm: remove one queue sync on BA session stop (bsc#1227149).
- wifi: iwlwifi: mvm: remove set_tim callback for MLD ops (bsc#1227149).
- wifi: iwlwifi: mvm: remove stale STA link data during restart (stable-fixes).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
- wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).
- wifi: iwlwifi: mvm: rework debugfs handling (bsc#1227149).
- wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).
- wifi: iwlwifi: mvm: set properly mac header (git-fixes).
- wifi: iwlwifi: mvm: show dump even for pldr_sync (bsc#1227149).
- wifi: iwlwifi: mvm: show skb_mac_gso_segment() failure reason (bsc#1227149).
- wifi: iwlwifi: mvm: simplify the reorder buffer (bsc#1227149).
- wifi: iwlwifi: mvm: skip adding debugfs symlink for reconfig (bsc#1227149).
- wifi: iwlwifi: mvm: support CSA with MLD (bsc#1227149).
- wifi: iwlwifi: mvm: support SPP A-MSDUs (bsc#1227149).
- wifi: iwlwifi: mvm: support flush on AP interfaces (bsc#1227149).
- wifi: iwlwifi: mvm: support injection antenna control (bsc#1227149).
- wifi: iwlwifi: mvm: support iwl_dev_tx_power_cmd_v8 (bsc#1227149).
- wifi: iwlwifi: mvm: support set_antenna() (bsc#1227149).
- wifi: iwlwifi: mvm: unlock mvm if there is no primary link (bsc#1227149).
- wifi: iwlwifi: mvm: use fast balance scan in case of an active P2P GO (bsc#1227149).
- wifi: iwlwifi: mvm: use the new command to clear the internal buffer (bsc#1227149).
- wifi: iwlwifi: mvm: work around A-MSDU size problem (bsc#1227149).
- wifi: iwlwifi: no power save during transition to D3 (bsc#1227149).
- wifi: iwlwifi: nvm-parse: advertise common packet padding (bsc#1227149).
- wifi: iwlwifi: nvm: parse the VLP/AFC bit from regulatory (bsc#1227149).
- wifi: iwlwifi: pcie: (re-)assign BAR0 on driver bind (bsc#1227149).
- wifi: iwlwifi: pcie: Add new PCI device id and CNVI (bsc#1227149).
- wifi: iwlwifi: pcie: clean up WFPM control bits (bsc#1227149).
- wifi: iwlwifi: pcie: clean up device removal work (bsc#1227149).
- wifi: iwlwifi: pcie: clean up gen1/gen2 TFD unmap (bsc#1227149).
- wifi: iwlwifi: pcie: do not allow hw-rfkill to stop device on gen2 (bsc#1227149).
- wifi: iwlwifi: pcie: dump CSRs before removal (bsc#1227149).
- wifi: iwlwifi: pcie: enable TOP fatal error interrupt (bsc#1227149).
- wifi: iwlwifi: pcie: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: pcie: get_crf_id() can be void (bsc#1227149).
- wifi: iwlwifi: pcie: give up mem read if HW is dead (bsc#1227149).
- wifi: iwlwifi: pcie: move gen1 TB handling to header (bsc#1227149).
- wifi: iwlwifi: pcie: point invalid TFDs to invalid data (bsc#1227149).
- wifi: iwlwifi: pcie: propagate iwl_pcie_gen2_apm_init() error (bsc#1227149).
- wifi: iwlwifi: pcie: rescan bus if no parent (bsc#1227149).
- wifi: iwlwifi: prepare for reading DSM from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading PPAG table from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading SAR tables from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading SPLC from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading TAS table from UEFI (bsc#1227149).
- wifi: iwlwifi: properly check if link is active (bsc#1227149).
- wifi: iwlwifi: properly set WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK (stable-fixes).
- wifi: iwlwifi: queue: fix kernel-doc (bsc#1227149).
- wifi: iwlwifi: queue: improve warning for no skb in reclaim (bsc#1227149).
- wifi: iwlwifi: queue: move iwl_txq_gen2_set_tb() up (bsc#1227149).
- wifi: iwlwifi: read DSM func 2 for specific RF types (bsc#1227149).
- wifi: iwlwifi: read DSM functions from UEFI (bsc#1227149).
- wifi: iwlwifi: read ECKV table from UEFI (bsc#1227149).
- wifi: iwlwifi: read PPAG table from UEFI (bsc#1227149).
- wifi: iwlwifi: read SAR tables from UEFI (bsc#1227149).
- wifi: iwlwifi: read SPLC from UEFI (bsc#1227149).
- wifi: iwlwifi: read WRDD table from UEFI (bsc#1227149).
- wifi: iwlwifi: read WTAS table from UEFI (bsc#1227149).
- wifi: iwlwifi: read mac step from aux register (bsc#1227149).
- wifi: iwlwifi: read txq->read_ptr under lock (stable-fixes).
- wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).
- wifi: iwlwifi: refactor RX tracing (bsc#1227149).
- wifi: iwlwifi: remove 'def_rx_queue' struct member (bsc#1227149).
- wifi: iwlwifi: remove Gl A-step remnants (bsc#1227149).
- wifi: iwlwifi: remove WARN from read_mem32() (bsc#1227149).
- wifi: iwlwifi: remove async command callback (bsc#1227149).
- wifi: iwlwifi: remove dead-code (bsc#1227149).
- wifi: iwlwifi: remove extra kernel-doc (bsc#1227149).
- wifi: iwlwifi: remove memory check for LMAC error address (bsc#1227149).
- wifi: iwlwifi: remove retry loops in start (bsc#1227149).
- wifi: iwlwifi: remove unused function prototype (bsc#1227149).
- wifi: iwlwifi: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: iwlwifi: return negative -EINVAL instead of positive EINVAL (bsc#1227149).
- wifi: iwlwifi: rfi: use a single DSM function for all RFI configurations (bsc#1227149).
- wifi: iwlwifi: send EDT table to FW (bsc#1227149).
- wifi: iwlwifi: separate TAS 'read-from-BIOS' and 'send-to-FW' flows (bsc#1227149).
- wifi: iwlwifi: simplify getting DSM from ACPI (bsc#1227149).
- wifi: iwlwifi: skip affinity setting on non-SMP (bsc#1227149).
- wifi: iwlwifi: skip opmode start retries on dead transport (bsc#1227149).
- wifi: iwlwifi: small cleanups in PPAG table flows (bsc#1227149).
- wifi: iwlwifi: support link command version 2 (bsc#1227149).
- wifi: iwlwifi: support link id in SESSION_PROTECTION_NOTIF (bsc#1227149).
- wifi: iwlwifi: support link_id in SESSION_PROTECTION cmd (bsc#1227149).
- wifi: iwlwifi: take SGOM and UATS code out of ACPI ifdef (bsc#1227149).
- wifi: iwlwifi: take send-DSM-to-FW flows out of ACPI ifdef (bsc#1227149).
- wifi: iwlwifi: trace full frames with TX status request (bsc#1227149).
- wifi: iwlwifi: update context info structure definitions (bsc#1227149).
- wifi: iwlwifi: use system_unbound_wq for debug dump (bsc#1227149).
- wifi: iwlwifi: validate PPAG table when sent to FW (bsc#1227149).
- wifi: lib80211: remove unused variables iv32 and iv16 (bsc#1227149).
- wifi: libertas: Follow renaming of SPI "master" to "controller" (bsc#1227149).
- wifi: libertas: add missing calls to cancel_work_sync() (bsc#1227149).
- wifi: libertas: cleanup SDIO reset (bsc#1227149).
- wifi: libertas: handle possible spu_write_u16() errors (bsc#1227149).
- wifi: libertas: prefer kstrtoX() for simple integer conversions (bsc#1227149).
- wifi: libertas: simplify list operations in free_if_spi_card() (bsc#1227149).
- wifi: libertas: use convenient lists to manage SDIO packets (bsc#1227149).
- wifi: mac80211: Add __counted_by for struct ieee802_11_elems and use struct_size() (bsc#1227149).
- wifi: mac80211: Avoid address calculations via out of bounds array indexing (stable-fixes).
- wifi: mac80211: Check if we had first beacon with relevant links (bsc#1227149).
- wifi: mac80211: Do not force off-channel for management Tx with MLO (bsc#1227149).
- wifi: mac80211: Do not include crypto/algapi.h (bsc#1227149).
- wifi: mac80211: Extend support for scanning while MLO connected (bsc#1227149).
- wifi: mac80211: Fix SMPS handling in the context of MLO (bsc#1227149).
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes).
- wifi: mac80211: Notify the low level driver on change in MLO valid links (bsc#1227149).
- wifi: mac80211: Print local link address during authentication (bsc#1227149).
- wifi: mac80211: Recalc offload when monitor stop (git-fixes).
- wifi: mac80211: Remove unused function declarations (bsc#1227149).
- wifi: mac80211: Rename and update IEEE80211_VIF_DISABLE_SMPS_OVERRIDE (bsc#1227149).
- wifi: mac80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: mac80211: Sanity check tx bitrate if not provided by driver (bsc#1227149).
- wifi: mac80211: Schedule regulatory channels check on bandwith change (bsc#1227149).
- wifi: mac80211: Skip association timeout update after comeback rejection (bsc#1227149).
- wifi: mac80211: add a driver callback to add vif debugfs (bsc#1227149).
- wifi: mac80211: add a driver callback to check active_links (bsc#1227149).
- wifi: mac80211: add a flag to disallow puncturing (bsc#1227149).
- wifi: mac80211: add back SPDX identifier (bsc#1227149).
- wifi: mac80211: add ieee80211_tdls_sta_link_id() (stable-fixes).
- wifi: mac80211: add link id to ieee80211_gtk_rekey_add() (bsc#1227149).
- wifi: mac80211: add link id to mgd_prepare_tx() (bsc#1227149).
- wifi: mac80211: add more ops assertions (bsc#1227149).
- wifi: mac80211: add more warnings about inserting sta info (bsc#1227149).
- wifi: mac80211: add support for SPP A-MSDUs (bsc#1227149).
- wifi: mac80211: add support for mld in ieee80211_chswitch_done (bsc#1227149).
- wifi: mac80211: add support for parsing TID to Link mapping element (bsc#1227149).
- wifi: mac80211: add/remove driver debugfs entries as appropriate (bsc#1227149).
- wifi: mac80211: additions to change_beacon() (bsc#1227149).
- wifi: mac80211: address some kerneldoc warnings (bsc#1227149).
- wifi: mac80211: allow 64-bit radiotap timestamps (bsc#1227149).
- wifi: mac80211: allow for_each_sta_active_link() under RCU (bsc#1227149).
- wifi: mac80211: apply mcast rate only if interface is up (stable-fixes).
- wifi: mac80211: cancel multi-link reconf work on disconnect (git-fixes).
- wifi: mac80211: chanctx emulation set CHANGE_CHANNEL when in_reconfig (git-fixes).
- wifi: mac80211: check EHT/TTLM action frame length (bsc#1227149).
- wifi: mac80211: check wiphy mutex in ops (bsc#1227149).
- wifi: mac80211: clean up assignments to pointer cache (stable-fixes).
- wifi: mac80211: cleanup airtime arithmetic with ieee80211_sta_keep_active() (bsc#1227149).
- wifi: mac80211: cleanup auth_data only if association continues (bsc#1227149).
- wifi: mac80211: convert A-MPDU work to wiphy work (bsc#1227149).
- wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).
- wifi: mac80211: correctly set active links upon TTLM (bsc#1227149).
- wifi: mac80211: correcty limit wider BW TDLS STAs (git-fixes).
- wifi: mac80211: debugfs: lock wiphy instead of RTNL (bsc#1227149).
- wifi: mac80211: describe return values in kernel-doc (bsc#1227149).
- wifi: mac80211: disable softirqs for queued frame handling (git-fixes).
- wifi: mac80211: do not connect to an AP while it's in a CSA process (bsc#1227149).
- wifi: mac80211: do not re-add debugfs entries during resume (bsc#1227149).
- wifi: mac80211: do not select link ID if not provided in scan request (bsc#1227149).
- wifi: mac80211: do not set ESS capab bit in assoc request (bsc#1227149).
- wifi: mac80211: do not use rate mask for scanning (stable-fixes).
- wifi: mac80211: drop robust action frames before assoc (bsc#1227149).
- wifi: mac80211: drop spurious WARN_ON() in ieee80211_ibss_csa_beacon() (bsc#1227149).
- wifi: mac80211: ensure beacon is non-S1G prior to extracting the beacon timestamp field (stable-fixes).
- wifi: mac80211: ethtool: always hold wiphy mutex (bsc#1227149).
- wifi: mac80211: ethtool: hold wiphy mutex (bsc#1227149).
- wifi: mac80211: expand __ieee80211_data_to_8023() status (bsc#1227149).
- wifi: mac80211: extend wiphy lock in interface removal (bsc#1227149).
- wifi: mac80211: fix BA session teardown race (bsc#1227149).
- wifi: mac80211: fix BSS_CHANGED_UNSOL_BCAST_PROBE_RESP (bsc#1227149).
- wifi: mac80211: fix SMPS status handling (bsc#1227149).
- wifi: mac80211: fix TXQ error path and cleanup (bsc#1227149).
- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes).
- wifi: mac80211: fix a expired vs. cancel race in roc (bsc#1227149).
- wifi: mac80211: fix advertised TTLM scheduling (bsc#1227149).
- wifi: mac80211: fix another key installation error path (bsc#1227149).
- wifi: mac80211: fix change_address deadlock during unregister (bsc#1227149).
- wifi: mac80211: fix channel switch link data (bsc#1227149).
- wifi: mac80211: fix driver debugfs for vif type change (bsc#1227149).
- wifi: mac80211: fix error path key leak (bsc#1227149).
- wifi: mac80211: fix header kernel-doc typos (bsc#1227149).
- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).
- wifi: mac80211: fix ieee80211_drop_unencrypted_mgmt return type/value (bsc#1227149).
- wifi: mac80211: fix monitor channel with chanctx emulation (bsc#1227149).
- wifi: mac80211: fix potential key leak (bsc#1227149).
- wifi: mac80211: fix prep_connection error path (stable-fixes).
- wifi: mac80211: fix spelling typo in comment (bsc#1227149).
- wifi: mac80211: fix unaligned le16 access (git-fixes).
- wifi: mac80211: fix unsolicited broadcast probe config (bsc#1227149).
- wifi: mac80211: fix various kernel-doc issues (bsc#1227149).
- wifi: mac80211: fixes in FILS discovery updates (bsc#1227149).
- wifi: mac80211: flush STA queues on unauthorization (bsc#1227149).
- wifi: mac80211: flush wiphy work where appropriate (bsc#1227149).
- wifi: mac80211: handle debugfs when switching to/from MLO (bsc#1227149).
- wifi: mac80211: handle tasklet frames before stopping (stable-fixes).
- wifi: mac80211: hold wiphy lock in netdev/link debugfs (bsc#1227149).
- wifi: mac80211: hold wiphy_lock around concurrency checks (bsc#1227149).
- wifi: mac80211: improve CSA/ECSA connection refusal (bsc#1227149).
- wifi: mac80211: initialize SMPS mode correctly (bsc#1227149).
- wifi: mac80211: lock wiphy for aggregation debugfs (bsc#1227149).
- wifi: mac80211: lock wiphy in IP address notifier (bsc#1227149).
- wifi: mac80211: make mgd_protect_tdls_discover MLO-aware (bsc#1227149).
- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes).
- wifi: mac80211: mesh: Remove unused function declaration mesh_ids_set_default() (bsc#1227149).
- wifi: mac80211: mesh: fix some kdoc warnings (bsc#1227149).
- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes).
- wifi: mac80211: move CSA finalize to wiphy work (bsc#1227149).
- wifi: mac80211: move DFS CAC work to wiphy work (bsc#1227149).
- wifi: mac80211: move TDLS work to wiphy work (bsc#1227149).
- wifi: mac80211: move color change finalize to wiphy work (bsc#1227149).
- wifi: mac80211: move dynamic PS to wiphy work (bsc#1227149).
- wifi: mac80211: move filter reconfig to wiphy work (bsc#1227149).
- wifi: mac80211: move key tailroom work to wiphy work (bsc#1227149).
- wifi: mac80211: move link activation work to wiphy work (bsc#1227149).
- wifi: mac80211: move monitor work to wiphy work (bsc#1227149).
- wifi: mac80211: move tspec work to wiphy work (bsc#1227149).
- wifi: mac80211: process and save negotiated TID to Link mapping request (bsc#1227149).
- wifi: mac80211: purge TX queues in flush_queues flow (bsc#1227149).
- wifi: mac80211: reduce iflist_mtx (bsc#1227149).
- wifi: mac80211: reject MLO channel configuration if not supported (bsc#1227149).
- wifi: mac80211: relax RCU check in for_each_vif_active_link() (bsc#1227149).
- wifi: mac80211: remove RX_DROP_UNUSABLE (bsc#1227149).
- wifi: mac80211: remove ampdu_mlme.mtx (bsc#1227149).
- wifi: mac80211: remove chanctx_mtx (bsc#1227149).
- wifi: mac80211: remove key_mtx (bsc#1227149).
- wifi: mac80211: remove link before AP (git-fixes).
- wifi: mac80211: remove local->mtx (bsc#1227149).
- wifi: mac80211: remove redundant ML element check (bsc#1227149).
- wifi: mac80211: remove shifted rate support (bsc#1227149).
- wifi: mac80211: remove sta_mtx (bsc#1227149).
- wifi: mac80211: remove unnecessary struct forward declaration (bsc#1227149).
- wifi: mac80211: rename ieee80211_tx_status() to ieee80211_tx_status_skb() (bsc#1227149).
- wifi: mac80211: rename struct cfg80211_rx_assoc_resp to cfg80211_rx_assoc_resp_data (bsc#1227149).
- wifi: mac80211: report per-link error during association (bsc#1227149).
- wifi: mac80211: reset negotiated TTLM on disconnect (git-fixes).
- wifi: mac80211: rework RX timestamp flags (bsc#1227149).
- wifi: mac80211: rework ack_frame_id handling a bit (bsc#1227149).
- wifi: mac80211: rx.c: fix sentence grammar (bsc#1227149).
- wifi: mac80211: set wiphy for virtual monitors (bsc#1227149).
- wifi: mac80211: simplify non-chanctx drivers (bsc#1227149).
- wifi: mac80211: split ieee80211_drop_unencrypted_mgmt() return value (bsc#1227149).
- wifi: mac80211: sta_info.c: fix sentence grammar (bsc#1227149).
- wifi: mac80211: support antenna control in injection (bsc#1227149).
- wifi: mac80211: support handling of advertised TID-to-link mapping (bsc#1227149).
- wifi: mac80211: take MBSSID/EHT data also from probe resp (bsc#1227149).
- wifi: mac80211: take wiphy lock for MAC addr change (bsc#1227149).
- wifi: mac80211: tx: clarify conditions in if statement (bsc#1227149).
- wifi: mac80211: update beacon counters per link basis (bsc#1227149).
- wifi: mac80211: update some locking documentation (bsc#1227149).
- wifi: mac80211: update the rx_chains after set_antenna() (bsc#1227149).
- wifi: mac80211: use bandwidth indication element for CSA (bsc#1227149).
- wifi: mac80211: use deflink and fix typo in link ID check (bsc#1227149).
- wifi: mac80211: use wiphy locked debugfs for sdata/link (bsc#1227149).
- wifi: mac80211: use wiphy locked debugfs helpers for agg_status (bsc#1227149).
- wifi: mac80211_hwsim: init peer measurement result (git-fixes).
- wifi: mt7601u: delete dead code checking debugfs returns (bsc#1227149).
- wifi: mt7601u: replace strlcpy() with strscpy() (bsc#1227149).
- wifi: mt76: Annotate struct mt76_rx_tid with __counted_by (bsc#1227149).
- wifi: mt76: Convert to platform remove callback returning void (bsc#1227149).
- wifi: mt76: Remove redundant assignment to variable tidno (bsc#1227149).
- wifi: mt76: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: mt76: Replace strlcpy() with strscpy() (bsc#1227149).
- wifi: mt76: Use PTR_ERR_OR_ZERO() to simplify code (bsc#1227149).
- wifi: mt76: add DMA mapping error check in mt76_alloc_txwi() (bsc#1227149).
- wifi: mt76: add ability to explicitly forbid LED registration with DT (bsc#1227149).
- wifi: mt76: add support for providing eeprom in nvmem cells (bsc#1227149).
- wifi: mt76: add tx_nss histogram to ethtool stats (bsc#1227149).
- wifi: mt76: change txpower init to per-phy (bsc#1227149).
- wifi: mt76: check sta rx control frame to multibss capability (bsc#1227149).
- wifi: mt76: check txs format before getting skb by pid (bsc#1227149).
- wifi: mt76: check vif type before reporting cca and csa (bsc#1227149).
- wifi: mt76: connac: add MBSSID support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add beacon duplicate TX mode support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add beacon protection support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add connac3 mac library (bsc#1227149).
- wifi: mt76: connac: add data field in struct tlv (bsc#1227149).
- wifi: mt76: connac: add eht support for phy mode config (bsc#1227149).
- wifi: mt76: connac: add eht support for tx power (bsc#1227149).
- wifi: mt76: connac: add firmware support for mt7992 (bsc#1227149).
- wifi: mt76: connac: add more unified command IDs (bsc#1227149).
- wifi: mt76: connac: add more unified event IDs (bsc#1227149).
- wifi: mt76: connac: add new definition of tx descriptor (bsc#1227149).
- wifi: mt76: connac: add support for dsp firmware download (bsc#1227149).
- wifi: mt76: connac: add support to set ifs time by mcu command (bsc#1227149).
- wifi: mt76: connac: add thermal protection support for mt7996 (bsc#1227149).
- wifi: mt76: connac: check for null before dereferencing (bsc#1227149).
- wifi: mt76: connac: export functions for mt7925 (bsc#1227149).
- wifi: mt76: connac: introduce helper for mt7925 chipset (bsc#1227149).
- wifi: mt76: connac: set correct muar_idx for mt799x chipsets (bsc#1227149).
- wifi: mt76: connac: set fixed_bw bit in TX descriptor for fixed rate frames (bsc#1227149).
- wifi: mt76: connac: use muar idx 0xe for non-mt799x as well (bsc#1227149).
- wifi: mt76: disable HW AMSDU when using fixed rate (bsc#1227149).
- wifi: mt76: dma: introduce __mt76_dma_queue_reset utility routine (bsc#1227149).
- wifi: mt76: enable UNII-4 channel 177 support (bsc#1227149).
- wifi: mt76: fix race condition related to checking tx queue fill status (bsc#1227149).
- wifi: mt76: fix the issue of missing txpwr settings from ch153 to ch177 (bsc#1227149).
- wifi: mt76: fix typo in mt76_get_of_eeprom_from_nvmem function (bsc#1227149).
- wifi: mt76: increase MT_QFLAG_WED_TYPE size (bsc#1227149).
- wifi: mt76: introduce mt76_queue_is_wed_tx_free utility routine (bsc#1227149).
- wifi: mt76: introduce wed pointer in mt76_queue (bsc#1227149).
- wifi: mt76: limit support of precal loading for mt7915 to MTD only (bsc#1227149).
- wifi: mt76: make mt76_get_of_eeprom static again (bsc#1227149).
- wifi: mt76: mmio: move mt76_mmio_wed_{init,release}_rx_buf in common code (bsc#1227149).
- wifi: mt76: move ampdu_state in mt76_wcid (bsc#1227149).
- wifi: mt76: move mt76_mmio_wed_offload_{enable,disable} in common code (bsc#1227149).
- wifi: mt76: move mt76_net_setup_tc in common code (bsc#1227149).
- wifi: mt76: move rate info in mt76_vif (bsc#1227149).
- wifi: mt76: move wed reset common code in mt76 module (bsc#1227149).
- wifi: mt76: mt7603: add missing register initialization for MT7628 (bsc#1227149).
- wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).
- wifi: mt76: mt7603: disable A-MSDU tx support on MT7628 (bsc#1227149).
- wifi: mt76: mt7603: fix beacon interval after disabling a single vif (bsc#1227149).
- wifi: mt76: mt7603: fix tx filter/flush function (bsc#1227149).
- wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).
- wifi: mt76: mt7603: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7603: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7615: add missing chanctx ops (bsc#1227149).
- wifi: mt76: mt7615: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).
- wifi: mt76: mt7615: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7615: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt76_connac3: move lmac queue enumeration in mt76_connac3_mac.h (bsc#1227149).
- wifi: mt76: mt76x02: fix return value check in mt76x02_mac_process_rx (bsc#1227149).
- wifi: mt76: mt76x2u: add netgear wdna3100v3 to device table (bsc#1227149).
- wifi: mt76: mt7915 add tc offloading support (bsc#1227149).
- wifi: mt76: mt7915: accumulate mu-mimo ofdma muru stats (bsc#1227149).
- wifi: mt76: mt7915: add locking for accessing mapped registers (bsc#1227149).
- wifi: mt76: mt7915: add missing chanctx ops (bsc#1227149).
- wifi: mt76: mt7915: add support for MT7981 (bsc#1227149).
- wifi: mt76: mt7915: also MT7981 is 3T3R but nss2 on 5 GHz band (bsc#1227149).
- wifi: mt76: mt7915: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).
- wifi: mt76: mt7915: drop return in mt7915_sta_statistics (bsc#1227149).
- wifi: mt76: mt7915: fix EEPROM offset of TSSI flag on MT7981 (bsc#1227149).
- wifi: mt76: mt7915: fix error recovery with WED enabled (bsc#1227149).
- wifi: mt76: mt7915: fix monitor mode issues (bsc#1227149).
- wifi: mt76: mt7915: move mib_stats structure in mt76.h (bsc#1227149).
- wifi: mt76: mt7915: move poll_list in mt76_wcid (bsc#1227149).
- wifi: mt76: mt7915: move sta_poll_list and sta_poll_lock in mt76_dev (bsc#1227149).
- wifi: mt76: mt7915: report tx retries/failed counts for non-WED path (bsc#1227149).
- wifi: mt76: mt7915: update mpdu density capability (bsc#1227149).
- wifi: mt76: mt7915: update mt798x_wmac_adie_patch_7976 (bsc#1227149).
- wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-fixes).
- wifi: mt76: mt7921: Support temp sensor (bsc#1227149).
- wifi: mt76: mt7921: add 6GHz power type support for clc (bsc#1227149).
- wifi: mt76: mt7921: convert acpisar and clc pointers to void (bsc#1227149).
- wifi: mt76: mt7921: enable set txpower for UNII-4 (bsc#1227149).
- wifi: mt76: mt7921: fix 6GHz disabled by the missing default CLC config (bsc#1227149).
- wifi: mt76: mt7921: fix CLC command timeout when suspend/resume (bsc#1227149).
- wifi: mt76: mt7921: fix a potential association failure upon resuming (bsc#1227149).
- wifi: mt76: mt7921: fix kernel panic by accessing invalid 6GHz channel info (bsc#1227149).
- wifi: mt76: mt7921: fix suspend issue on MediaTek COB platform (bsc#1227149).
- wifi: mt76: mt7921: fix the unfinished command of regd_notifier before suspend (bsc#1227149).
- wifi: mt76: mt7921: fix wrong 6Ghz power type (bsc#1227149).
- wifi: mt76: mt7921: get regulatory information from the clc event (bsc#1227149).
- wifi: mt76: mt7921: get rid of MT7921_RESET_TIMEOUT marco (bsc#1227149).
- wifi: mt76: mt7921: make mt7921_mac_sta_poll static (bsc#1227149).
- wifi: mt76: mt7921: move acpi_sar code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move common register definition in mt792x_regs.h (bsc#1227149).
- wifi: mt76: mt7921: move connac nic capability handling to mt7921 (bsc#1227149).
- wifi: mt76: mt7921: move debugfs shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move dma shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move hif_ops macro in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move init shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move mac shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move mt7921_dma_init in pci.c (bsc#1227149).
- wifi: mt76: mt7921: move mt7921u_disconnect mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: move mt792x_hw_dev in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move mt792x_mutex_{acquire/release} in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move runtime-pm pci code in mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: move shared runtime-pm code on mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: reduce the size of MCU firmware download Rx queue (bsc#1227149).
- wifi: mt76: mt7921: rely on mib_stats shared definition (bsc#1227149).
- wifi: mt76: mt7921: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7921: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7921: remove macro duplication in regs.h (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_dev in mt792x_dev (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_hif_ops in mt792x_hif_ops (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_phy in mt792x_phy (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_sta in mt792x_sta (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_vif in mt792x_vif (bsc#1227149).
- wifi: mt76: mt7921: support 5.9/6GHz channel config in acpi (bsc#1227149).
- wifi: mt76: mt7921: update the channel usage when the regd domain changed (bsc#1227149).
- wifi: mt76: mt7921e: report tx retries/failed counts in tx free event (bsc#1227149).
- wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (stable-fixes).
- wifi: mt76: mt7925: add Mediatek Wi-Fi7 driver for mt7925 chips (bsc#1227149).
- wifi: mt76: mt7925: add flow to avoid chip bt function fail (bsc#1227149).
- wifi: mt76: mt7925: add support to set ifs time by mcu command (bsc#1227149).
- wifi: mt76: mt7925: ensure 4-byte alignment for suspend & wow command (bsc#1227149).
- wifi: mt76: mt7925: fix SAP no beacon issue in 5Ghz and 6Ghz band (bsc#1227149).
- wifi: mt76: mt7925: fix WoW failed in encrypted mode (bsc#1227149).
- wifi: mt76: mt7925: fix connect to 80211b mode fail in 2Ghz band (bsc#1227149).
- wifi: mt76: mt7925: fix fw download fail (bsc#1227149).
- wifi: mt76: mt7925: fix mcu query command fail (bsc#1227149).
- wifi: mt76: mt7925: fix the wrong data type for scan command (bsc#1227149).
- wifi: mt76: mt7925: fix the wrong header translation config (bsc#1227149).
- wifi: mt76: mt7925: fix typo in mt7925_init_he_caps (bsc#1227149).
- wifi: mt76: mt7925: fix wmm queue mapping (bsc#1227149).
- wifi: mt76: mt7925: remove iftype from mt7925_init_eht_caps signature (bsc#1227149).
- wifi: mt76: mt7925: support temperature sensor (bsc#1227149).
- wifi: mt76: mt7925: update PCIe DMA settings (bsc#1227149).
- wifi: mt76: mt7925e: fix use-after-free in free_irq() (bsc#1227149).
- wifi: mt76: mt792x: add the illegal value check for mtcl table of acpi (bsc#1227149).
- wifi: mt76: mt792x: fix ethtool warning (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x-lib module (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x-usb module (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x_irq_map (bsc#1227149).
- wifi: mt76: mt792x: move MT7921_PM_TIMEOUT and MT7921_HW_SCAN_TIMEOUT in common code (bsc#1227149).
- wifi: mt76: mt792x: move more dma shared code in mt792x_dma (bsc#1227149).
- wifi: mt76: mt792x: move mt7921_load_firmware in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt792x: move mt7921_skb_add_usb_sdio_hdr in mt792x module (bsc#1227149).
- wifi: mt76: mt792x: move shared structure definition in mt792x.h (bsc#1227149).
- wifi: mt76: mt792x: move some common usb code in mt792x module (bsc#1227149).
- wifi: mt76: mt792x: support mt7925 chip init (bsc#1227149).
- wifi: mt76: mt792x: update the country list of EU for ACPI SAR (bsc#1227149).
- wifi: mt76: mt792xu: enable dmashdl support (bsc#1227149).
- wifi: mt76: mt7996: Add mcu commands for getting sta tx statistic (bsc#1227149).
- wifi: mt76: mt7996: Use DECLARE_FLEX_ARRAY() and fix -Warray-bounds warnings (bsc#1227149).
- wifi: mt76: mt7996: add DMA support for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: add TX statistics for EHT mode in debugfs (bsc#1227149).
- wifi: mt76: mt7996: add muru support (bsc#1227149).
- wifi: mt76: mt7996: add sanity checks for background radar trigger (stable-fixes).
- wifi: mt76: mt7996: add support for variants with auxiliary RX path (bsc#1227149).
- wifi: mt76: mt7996: add thermal sensor device support (bsc#1227149).
- wifi: mt76: mt7996: add txpower setting support (bsc#1227149).
- wifi: mt76: mt7996: adjust WFDMA settings to improve performance (bsc#1227149).
- wifi: mt76: mt7996: adjust interface num and wtbl size for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: align the format of fixed rate command (bsc#1227149).
- wifi: mt76: mt7996: check txs format before getting skb by pid (bsc#1227149).
- wifi: mt76: mt7996: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).
- wifi: mt76: mt7996: drop return in mt7996_sta_statistics (bsc#1227149).
- wifi: mt76: mt7996: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).
- wifi: mt76: mt7996: enable PPDU-TxS to host (bsc#1227149).
- wifi: mt76: mt7996: enable VHT extended NSS BW feature (bsc#1227149).
- wifi: mt76: mt7996: ensure 4-byte alignment for beacon commands (bsc#1227149).
- wifi: mt76: mt7996: fix alignment of sta info event (bsc#1227149).
- wifi: mt76: mt7996: fix fortify warning (bsc#1227149).
- wifi: mt76: mt7996: fix fw loading timeout (bsc#1227149).
- wifi: mt76: mt7996: fix mt7996_mcu_all_sta_info_event struct packing (bsc#1227149).
- wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature (bsc#1227149).
- wifi: mt76: mt7996: fix size of txpower MCU command (bsc#1227149).
- wifi: mt76: mt7996: fix uninitialized variable in mt7996_irq_tasklet() (bsc#1227149).
- wifi: mt76: mt7996: fix uninitialized variable in parsing txfree (bsc#1227149).
- wifi: mt76: mt7996: get tx_retries and tx_failed from txfree (bsc#1227149).
- wifi: mt76: mt7996: handle IEEE80211_RC_SMPS_CHANGED (bsc#1227149).
- wifi: mt76: mt7996: increase tx token size (bsc#1227149).
- wifi: mt76: mt7996: introduce mt7996_band_valid() (bsc#1227149).
- wifi: mt76: mt7996: mark GCMP IGTK unsupported (bsc#1227149).
- wifi: mt76: mt7996: move radio ctrl commands to proper functions (bsc#1227149).
- wifi: mt76: mt7996: only set vif teardown cmds at remove interface (bsc#1227149).
- wifi: mt76: mt7996: rely on mib_stats shared definition (bsc#1227149).
- wifi: mt76: mt7996: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7996: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7996: remove TXS queue setting (bsc#1227149).
- wifi: mt76: mt7996: remove periodic MPDU TXS request (bsc#1227149).
- wifi: mt76: mt7996: rework ampdu params setting (bsc#1227149).
- wifi: mt76: mt7996: rework register offsets for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: set DMA mask to 36 bits for boards with more than 4GB of RAM (bsc#1227149).
- wifi: mt76: mt7996: support more options for mt7996_set_bitrate_mask() (bsc#1227149).
- wifi: mt76: mt7996: support mt7992 eeprom loading (bsc#1227149).
- wifi: mt76: mt7996: support per-band LED control (bsc#1227149).
- wifi: mt76: mt7996: switch to mcu command for TX GI report (bsc#1227149).
- wifi: mt76: mt7996: use u16 for val field in mt7996_mcu_set_rro signature (bsc#1227149).
- wifi: mt76: permit to load precal from NVMEM cell for mt7915 (bsc#1227149).
- wifi: mt76: permit to use alternative cell name to eeprom NVMEM load (bsc#1227149).
- wifi: mt76: reduce spin_lock_bh held up in mt76_dma_rx_cleanup (bsc#1227149).
- wifi: mt76: replace skb_put with skb_put_zero (stable-fixes).
- wifi: mt76: report non-binding skb tx rate when WED is active (bsc#1227149).
- wifi: mt76: set page_pool napi pointer for mmio devices (bsc#1227149).
- wifi: mt76: split get_of_eeprom in subfunction (bsc#1227149).
- wifi: mt76: usb: create a dedicated queue for psd traffic (bsc#1227149).
- wifi: mt76: usb: store usb endpoint in mt76_queue (bsc#1227149).
- wifi: mt76: use atomic iface iteration for pre-TBTT work (bsc#1227149).
- wifi: mt76: use chainmask for power delta calculation (bsc#1227149).
- wifi: mwifiex: Drop unused headers (bsc#1227149).
- wifi: mwifiex: Fix interface type change (git-fixes).
- wifi: mwifiex: Refactor 1-element array into flexible array in struct mwifiex_ie_types_chan_list_param_set (bsc#1227149).
- wifi: mwifiex: Replace one-element array with flexible-array member in struct mwifiex_ie_types_rxba_sync (bsc#1227149).
- wifi: mwifiex: Set WIPHY_FLAG_NETNS_OK flag (bsc#1227149).
- wifi: mwifiex: Use default @max_active for workqueues (bsc#1227149).
- wifi: mwifiex: Use helpers to check multicast addresses (bsc#1227149).
- wifi: mwifiex: Use list_count_nodes() (bsc#1227149).
- wifi: mwifiex: cleanup adapter data (bsc#1227149).
- wifi: mwifiex: cleanup private data structures (bsc#1227149).
- wifi: mwifiex: cleanup struct mwifiex_sdio_mpa_rx (bsc#1227149).
- wifi: mwifiex: drop BUG_ON from TX paths (bsc#1227149).
- wifi: mwifiex: fix comment typos in SDIO module (bsc#1227149).
- wifi: mwifiex: followup PCIE and related cleanups (bsc#1227149).
- wifi: mwifiex: handle possible mwifiex_write_reg() errors (bsc#1227149).
- wifi: mwifiex: handle possible sscanf() errors (bsc#1227149).
- wifi: mwifiex: mwifiex_process_sleep_confirm_resp(): remove unused priv variable (bsc#1227149).
- wifi: mwifiex: prefer strscpy() over strlcpy() (bsc#1227149).
- wifi: mwifiex: simplify PCIE write operations (bsc#1227149).
- wifi: mwifiex: use MODULE_FIRMWARE to add firmware files metadata (bsc#1227149).
- wifi: mwifiex: use cfg80211_ssid_eq() instead of mwifiex_ssid_cmp() (bsc#1227149).
- wifi: mwifiex: use is_zero_ether_addr() instead of ether_addr_equal() (bsc#1227149).
- wifi: mwifiex: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).
- wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
- wifi: nl80211: Avoid address calculations via out of bounds array indexing (git-fixes).
- wifi: nl80211: Extend del pmksa support for SAE and OWE security (bsc#1227149).
- wifi: nl80211: Remove unused declaration nl80211_pmsr_dump_results() (bsc#1227149).
- wifi: nl80211: additions to NL80211_CMD_SET_BEACON (bsc#1227149).
- wifi: nl80211: allow reporting wakeup for unprot deauth/disassoc (bsc#1227149).
- wifi: nl80211: do not free NULL coalescing rule (git-fixes).
- wifi: nl80211: fixes to FILS discovery updates (bsc#1227149).
- wifi: nl80211: refactor nl80211_send_mlme_event() arguments (bsc#1227149).
- wifi: p54: Add missing MODULE_FIRMWARE macro (bsc#1227149).
- wifi: p54: Annotate struct p54_cal_database with __counted_by (bsc#1227149).
- wifi: p54: fix GCC format truncation warning with wiphy->fw_version (bsc#1227149).
- wifi: plfxlc: Drop unused include (bsc#1227149).
- wifi: radiotap: add bandwidth definition of EHT U-SIG (bsc#1227149).
- wifi: remove unused argument of ieee80211_get_tdls_action() (bsc#1227149).
- wifi: rsi: fix restricted __le32 degrades to integer sparse warnings (bsc#1227149).
- wifi: rsi: rsi_91x_coex: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_debugfs: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_hal: Remove unnecessary conversions (bsc#1227149).
- wifi: rsi: rsi_91x_mac80211: Remove unnecessary conversions (bsc#1227149).
- wifi: rsi: rsi_91x_main: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_sdio: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_sdio_ops: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_usb: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_usb_ops: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rt2x00: Simplify bool conversion (bsc#1227149).
- wifi: rt2x00: correct MAC_SYS_CTRL register RX mask in R-Calibration (bsc#1227149).
- wifi: rt2x00: disable RTS threshold for rt2800 by default (bsc#1227149).
- wifi: rt2x00: fix MT7620 low RSSI issue (bsc#1227149).
- wifi: rt2x00: fix rt2800 watchdog function (bsc#1227149).
- wifi: rt2x00: fix the typo in comments (bsc#1227149).
- wifi: rt2x00: improve MT7620 register initialization (bsc#1227149).
- wifi: rt2x00: introduce DMA busy check watchdog for rt2800 (bsc#1227149).
- wifi: rt2x00: limit MT7620 TX power based on eeprom calibration (bsc#1227149).
- wifi: rt2x00: make watchdog param per device (bsc#1227149).
- wifi: rt2x00: remove redundant check if u8 array element is less than zero (bsc#1227149).
- wifi: rt2x00: remove useless code in rt2x00queue_create_tx_descriptor() (bsc#1227149).
- wifi: rt2x00: rework MT7620 PA/LNA RF calibration (bsc#1227149).
- wifi: rt2x00: rework MT7620 channel config function (bsc#1227149).
- wifi: rt2x00: silence sparse warnings (bsc#1227149).
- wifi: rt2x00: simplify rt2x00crypto_rx_insert_iv() (bsc#1227149).
- wifi: rtl8xxxu: 8188e: convert usage of priv->vif to priv->vifs[0] (bsc#1227149).
- wifi: rtl8xxxu: 8188f: Limit TX power index (git-fixes).
- wifi: rtl8xxxu: Actually use macid in rtl8xxxu_gen2_report_connect (bsc#1227149).
- wifi: rtl8xxxu: Add TP-Link TL-WN823N V2 (bsc#1227149).
- wifi: rtl8xxxu: Add a description about the device ID 0x7392:0xb722 (bsc#1227149).
- wifi: rtl8xxxu: Add beacon functions (bsc#1227149).
- wifi: rtl8xxxu: Add parameter force to rtl8xxxu_refresh_rate_mask (bsc#1227149).
- wifi: rtl8xxxu: Add parameter macid to update_rate_mask (bsc#1227149).
- wifi: rtl8xxxu: Add parameter role to report_connect (bsc#1227149).
- wifi: rtl8xxxu: Add set_tim() callback (bsc#1227149).
- wifi: rtl8xxxu: Add sta_add() and sta_remove() callbacks (bsc#1227149).
- wifi: rtl8xxxu: Add start_ap() callback (bsc#1227149).
- wifi: rtl8xxxu: Allow creating interface in AP mode (bsc#1227149).
- wifi: rtl8xxxu: Allow setting rts threshold to -1 (bsc#1227149).
- wifi: rtl8xxxu: Clean up filter configuration (bsc#1227149).
- wifi: rtl8xxxu: Declare AP mode support for 8188f (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8192EU (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8710BU (RTL8188GU) (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8723BU (bsc#1227149).
- wifi: rtl8xxxu: Enable hw seq for mgmt/non-QoS data frames (bsc#1227149).
- wifi: rtl8xxxu: Fix LED control code of RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: Fix off by one initial RTS rate (bsc#1227149).
- wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).
- wifi: rtl8xxxu: Put the macid in txdesc (bsc#1227149).
- wifi: rtl8xxxu: Remove usage of ieee80211_get_tx_rate() (bsc#1227149).
- wifi: rtl8xxxu: Remove usage of tx_info->control.rates[0].flags (bsc#1227149).
- wifi: rtl8xxxu: Rename some registers (bsc#1227149).
- wifi: rtl8xxxu: Select correct queue for beacon frames (bsc#1227149).
- wifi: rtl8xxxu: Set maximum number of supported stations (bsc#1227149).
- wifi: rtl8xxxu: Support USB RX aggregation for the newer chips (bsc#1227149).
- wifi: rtl8xxxu: Support new chip RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: add hw crypto support for AP mode (bsc#1227149).
- wifi: rtl8xxxu: add macids for STA mode (bsc#1227149).
- wifi: rtl8xxxu: add missing number of sec cam entries for all variants (bsc#1227149).
- wifi: rtl8xxxu: check vif before using in rtl8xxxu_tx() (bsc#1227149).
- wifi: rtl8xxxu: convert EN_DESC_ID of TX descriptor to le32 type (bsc#1227149).
- wifi: rtl8xxxu: declare concurrent mode support for 8188f (bsc#1227149).
- wifi: rtl8xxxu: do not parse CFO, if both interfaces are connected in STA mode (bsc#1227149).
- wifi: rtl8xxxu: enable MFP support with security flag of RX descriptor (bsc#1227149).
- wifi: rtl8xxxu: enable channel switch support (bsc#1227149).
- wifi: rtl8xxxu: extend check for matching bssid to both interfaces (bsc#1227149).
- wifi: rtl8xxxu: extend wifi connected check to both interfaces (bsc#1227149).
- wifi: rtl8xxxu: fix error messages (bsc#1227149).
- wifi: rtl8xxxu: fix mixed declarations in rtl8xxxu_set_aifs() (bsc#1227149).
- wifi: rtl8xxxu: make instances of iface limit and combination to be static const (bsc#1227149).
- wifi: rtl8xxxu: make supporting AP mode only on port 0 transparent (bsc#1227149).
- wifi: rtl8xxxu: mark TOTOLINK N150UA V5/N150UA-B as tested (bsc#1227149).
- wifi: rtl8xxxu: prepare supporting two virtual interfaces (bsc#1227149).
- wifi: rtl8xxxu: remove assignment of priv->vif in rtl8xxxu_bss_info_changed() (bsc#1227149).
- wifi: rtl8xxxu: remove obsolete priv->vif (bsc#1227149).
- wifi: rtl8xxxu: rtl8xxxu_rx_complete(): remove unnecessary return (bsc#1227149).
- wifi: rtl8xxxu: support multiple interface in start_ap() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in bss_info_changed() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in configure_filter() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in update_beacon_work_callback() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in watchdog_callback() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in {add,remove}_interface() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in set_aifs() (bsc#1227149).
- wifi: rtl8xxxu: support setting bssid register for multiple interfaces (bsc#1227149).
- wifi: rtl8xxxu: support setting linktype for both interfaces (bsc#1227149).
- wifi: rtl8xxxu: support setting mac address register for both interfaces (bsc#1227149).
- wifi: rtl8xxxu: update rate mask per sta (bsc#1227149).
- wifi: rtlwifi: Convert to use PCIe capability accessors (bsc#1227149).
- wifi: rtlwifi: Ignore IEEE80211_CONF_CHANGE_RETRY_LIMITS (bsc#1227149).
- wifi: rtlwifi: Remove bridge vendor/device ids (bsc#1227149).
- wifi: rtlwifi: Remove rtl_intf_ops.read_efuse_byte (bsc#1227149).
- wifi: rtlwifi: Remove unused PCI related defines and struct (bsc#1227149).
- wifi: rtlwifi: Speed up firmware loading for USB (bsc#1227149).
- wifi: rtlwifi: cleanup USB interface (bsc#1227149).
- wifi: rtlwifi: cleanup few rtlxxx_tx_fill_desc() routines (bsc#1227149).
- wifi: rtlwifi: cleanup few rtlxxxx_set_hw_reg() routines (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_hal (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_phy (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_ps_ctl (bsc#1227149).
- wifi: rtlwifi: drop chk_switch_dmdp() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop fill_fake_txdesc() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop pre_fill_tx_bd_desc() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop unused const_amdpci_aspm (bsc#1227149).
- wifi: rtlwifi: remove misused flag from HAL data (bsc#1227149).
- wifi: rtlwifi: remove unreachable code in rtl92d_dm_check_edca_turbo() (bsc#1227149).
- wifi: rtlwifi: remove unused dualmac control leftovers (bsc#1227149).
- wifi: rtlwifi: remove unused timer and related code (bsc#1227149).
- wifi: rtlwifi: rtl8192cu: Fix 2T2R chip type detection (bsc#1227149).
- wifi: rtlwifi: rtl8192cu: Fix TX aggregation (bsc#1227149).
- wifi: rtlwifi: rtl8192de: Do not read register in _rtl92de_query_rxphystatus (bsc#1227149).
- wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).
- wifi: rtlwifi: rtl8723: Remove unused function rtl8723_cmd_send_packet() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Access full PMCS reg and use pci_regs.h (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Add pdev into _rtl8821ae_clear_pci_pme_status() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Remove unnecessary PME_Status bit set (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Reverse PM Capability exists check (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Use pci_find_capability() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: phy: remove some useless code (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: phy: using calculate_bit_shift() (bsc#1227149).
- wifi: rtlwifi: rtl92ee_dm_dynamic_primary_cca_check(): fix typo in function name (bsc#1227149).
- wifi: rtlwifi: rtl_usb: Store the endpoint addresses (bsc#1227149).
- wifi: rtlwifi: rtl_usb: Use sync register writes (bsc#1227149).
- wifi: rtlwifi: set initial values for unexpected cases of USB endpoint priority (bsc#1227149).
- wifi: rtlwifi: simplify LED management (bsc#1227149).
- wifi: rtlwifi: simplify TX command fill callbacks (bsc#1227149).
- wifi: rtlwifi: simplify rtl_action_proc() and rtl_tx_agg_start() (bsc#1227149).
- wifi: rtlwifi: use convenient list_count_nodes() (bsc#1227149).
- wifi: rtlwifi: use eth_broadcast_addr() to assign broadcast address (bsc#1227149).
- wifi: rtlwifi: use helper function rtl_get_hdr() (bsc#1227149).
- wifi: rtlwifi: use unsigned long for bt_coexist_8723 timestamp (bsc#1227149).
- wifi: rtlwifi: use unsigned long for rtl_bssid_entry timestamp (bsc#1227149).
- wifi: rtw88: 8821c: tweak CCK TX filter setting for SRRC regulation (bsc#1227149).
- wifi: rtw88: 8821c: update TX power limit to V67 (bsc#1227149).
- wifi: rtw88: 8822c: update TX power limit to V70 (bsc#1227149).
- wifi: rtw88: 8822ce: refine power parameters for RFE type 5 (bsc#1227149).
- wifi: rtw88: Add support for the SDIO based RTL8723DS chipset (bsc#1227149).
- wifi: rtw88: Fix AP mode incorrect DTIM behavior (bsc#1227149).
- wifi: rtw88: Fix action frame transmission fail before association (bsc#1227149).
- wifi: rtw88: Skip high queue in hci_flush (bsc#1227149).
- wifi: rtw88: Stop high queue during scan (bsc#1227149).
- wifi: rtw88: Use random MAC when efuse MAC invalid (bsc#1227149).
- wifi: rtw88: add missing unwind goto for __rtw_download_firmware() (bsc#1227149).
- wifi: rtw88: debug: add to check if debug mask is enabled (bsc#1227149).
- wifi: rtw88: debug: remove wrapper of rtw_dbg() (bsc#1227149).
- wifi: rtw88: dump firmware debug information in abnormal state (bsc#1227149).
- wifi: rtw88: fix incorrect error codes in rtw_debugfs_copy_from_user (bsc#1227149).
- wifi: rtw88: fix incorrect error codes in rtw_debugfs_set_* (bsc#1227149).
- wifi: rtw88: fix not entering PS mode after AP stops (bsc#1227149).
- wifi: rtw88: fix typo rtw8822cu_probe (bsc#1227149).
- wifi: rtw88: process VO packets without workqueue to avoid PTK rekey failed (bsc#1227149).
- wifi: rtw88: refine register based H2C command (bsc#1227149).
- wifi: rtw88: regd: configure QATAR and UK (bsc#1227149).
- wifi: rtw88: regd: update regulatory map to R64-R42 (bsc#1227149).
- wifi: rtw88: remove unused USB bulkout size set (bsc#1227149).
- wifi: rtw88: remove unused and set but unused leftovers (bsc#1227149).
- wifi: rtw88: rtw8723d: Implement RTL8723DS (SDIO) efuse parsing (bsc#1227149).
- wifi: rtw88: simplify __rtw_tx_work() (bsc#1227149).
- wifi: rtw88: simplify vif iterators (bsc#1227149).
- wifi: rtw88: use cfg80211_ssid_eq() instead of rtw_ssid_equal() (bsc#1227149).
- wifi: rtw88: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).
- wifi: rtw88: use struct instead of macros to set TX desc (bsc#1227149).
- wifi: rtw89: 52c: rfk: disable DPK during MCC (bsc#1227149).
- wifi: rtw89: 52c: rfk: refine MCC channel info notification (bsc#1227149).
- wifi: rtw89: 8851b: add 8851B basic chip_info (bsc#1227149).
- wifi: rtw89: 8851b: add 8851be to Makefile and Kconfig (bsc#1227149).
- wifi: rtw89: 8851b: add BT coexistence support function (bsc#1227149).
- wifi: rtw89: 8851b: add DLE mem and HFC quota (bsc#1227149).
- wifi: rtw89: 8851b: add MAC configurations to chip_info (bsc#1227149).
- wifi: rtw89: 8851b: add NCTL post table (bsc#1227149).
- wifi: rtw89: 8851b: add RF configurations (bsc#1227149).
- wifi: rtw89: 8851b: add TX power related functions (bsc#1227149).
- wifi: rtw89: 8851b: add basic power on function (bsc#1227149).
- wifi: rtw89: 8851b: add set channel function (bsc#1227149).
- wifi: rtw89: 8851b: add set_channel_rf() (bsc#1227149).
- wifi: rtw89: 8851b: add support WoWLAN to 8851B (bsc#1227149).
- wifi: rtw89: 8851b: add to parse efuse content (bsc#1227149).
- wifi: rtw89: 8851b: add to read efuse version to recognize hardware version B (bsc#1227149).
- wifi: rtw89: 8851b: configure CRASH_TRIGGER feature for 8851B (bsc#1227149).
- wifi: rtw89: 8851b: configure GPIO according to RFE type (bsc#1227149).
- wifi: rtw89: 8851b: configure to force 1 TX power value (bsc#1227149).
- wifi: rtw89: 8851b: enable hw_scan support (bsc#1227149).
- wifi: rtw89: 8851b: fill BB related capabilities to chip_info (bsc#1227149).
- wifi: rtw89: 8851b: rfk: Fix spelling mistake KIP_RESOTRE -> KIP_RESTORE (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add AACK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add DACK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add DPK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add IQK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add LCK track (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add RCK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add RX DCK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add TSSI (bsc#1227149).
- wifi: rtw89: 8851b: rfk: update IQK to version 0x8 (bsc#1227149).
- wifi: rtw89: 8851b: update RF radio A parameters to R28 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R28 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R34 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R37 (bsc#1227149).
- wifi: rtw89: 8851be: add 8851BE PCI entry and fill PCI capabilities (bsc#1227149).
- wifi: rtw89: 8852b: fix definition of KIP register number (git-fixes).
- wifi: rtw89: 8852b: update TX power tables to R35 (bsc#1227149).
- wifi: rtw89: 8852b: update TX power tables to R36 (bsc#1227149).
- wifi: rtw89: 8852c: Fix TSSI causes transmit power inaccuracy (bsc#1227149).
- wifi: rtw89: 8852c: Update bandedge parameters for better performance (bsc#1227149).
- wifi: rtw89: 8852c: add quirk to set PCI BER for certain platforms (bsc#1227149).
- wifi: rtw89: 8852c: declare to support two chanctx (bsc#1227149).
- wifi: rtw89: 8852c: read RX gain offset from efuse for 6GHz channels (bsc#1227149).
- wifi: rtw89: 8852c: update RF radio A/B parameters to R63 (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (1 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (2 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (3 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R67 (bsc#1227149).
- wifi: rtw89: 8922a: add 8922A basic chip info (bsc#1227149).
- wifi: rtw89: 8922a: add BTG functions to assist BT coexistence to control TX/RX (bsc#1227149).
- wifi: rtw89: 8922a: add NCTL pre-settings for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: 8922a: add RF read/write v2 (bsc#1227149).
- wifi: rtw89: 8922a: add SER IMR tables (bsc#1227149).
- wifi: rtw89: 8922a: add TX power related ops (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops related to BB init (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops to get thermal value (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::bb_preinit to enable BB before downloading firmware (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::cfg_txrx_path (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::rfk_hw_init (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::rfk_init_late to do initial RF calibrations later (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::{enable,disable}_bb_rf (bsc#1227149).
- wifi: rtw89: 8922a: add coexistence helpers of SW grant (bsc#1227149).
- wifi: rtw89: 8922a: add helper of set_channel (bsc#1227149).
- wifi: rtw89: 8922a: add ieee80211_ops::hw_scan (bsc#1227149).
- wifi: rtw89: 8922a: add more fields to beacon H2C command to support multi-links (bsc#1227149).
- wifi: rtw89: 8922a: add power on/off functions (bsc#1227149).
- wifi: rtw89: 8922a: add register definitions of H2C, C2H, page, RRSR and EDCCA (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel BB part (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel MAC part (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel RF part (bsc#1227149).
- wifi: rtw89: 8922a: configure CRASH_TRIGGER FW feature (bsc#1227149).
- wifi: rtw89: 8922a: correct register definition and merge IO for ctrl_nbtg_bt_tx() (bsc#1227149).
- wifi: rtw89: 8922a: declare to support two chanctx (bsc#1227149).
- wifi: rtw89: 8922a: dump MAC registers when SER occurs (bsc#1227149).
- wifi: rtw89: 8922a: extend and add quota number (bsc#1227149).
- wifi: rtw89: 8922a: hook handlers of TX/RX descriptors to chip_ops (bsc#1227149).
- wifi: rtw89: 8922a: implement AP mode related reg for BE generation (bsc#1227149).
- wifi: rtw89: 8922a: implement {stop,resume}_sch_tx and cfg_ppdu (bsc#1227149).
- wifi: rtw89: 8922a: read efuse content from physical map (bsc#1227149).
- wifi: rtw89: 8922a: read efuse content via efuse map struct from logic map (bsc#1227149).
- wifi: rtw89: 8922a: rfk: implement chip_ops to call RF calibrations (bsc#1227149).
- wifi: rtw89: 8922a: set RX gain along with set_channel operation (bsc#1227149).
- wifi: rtw89: 8922a: set chip_ops FEM and GPIO to NULL (bsc#1227149).
- wifi: rtw89: 8922a: set memory heap address for secure firmware (bsc#1227149).
- wifi: rtw89: 8922a: update BA CAM number to 24 (bsc#1227149).
- wifi: rtw89: 8922a: update the register used in DIG and the DIG flow (bsc#1227149).
- wifi: rtw89: 8922ae: add 8922AE PCI entry and basic info (bsc#1227149).
- wifi: rtw89: 8922ae: add v2 interrupt handlers for 8922AE (bsc#1227149).
- wifi: rtw89: Add EHT rate mask as parameters of RA H2C command (bsc#1227149).
- wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-fixes).
- wifi: rtw89: Fix clang -Wimplicit-fallthrough in rtw89_query_sar() (bsc#1227149).
- wifi: rtw89: Introduce Time Averaged SAR (TAS) feature (bsc#1227149).
- wifi: rtw89: Refine active scan behavior in 6 GHz (bsc#1227149).
- wifi: rtw89: Set default CQM config if not present (bsc#1227149).
- wifi: rtw89: TX power stuffs replace confusing naming of _max with _num (bsc#1227149).
- wifi: rtw89: Update EHT PHY beamforming capability (bsc#1227149).
- wifi: rtw89: acpi: process 6 GHz band policy from DSM (bsc#1227149).
- wifi: rtw89: add C2H RA event V1 to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add C2H event handlers of RFK log and report (bsc#1227149).
- wifi: rtw89: add CFO XTAL registers field to support 8851B (bsc#1227149).
- wifi: rtw89: add DBCC H2C to notify firmware the status (bsc#1227149).
- wifi: rtw89: add EHT capabilities for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add EHT radiotap in monitor mode (bsc#1227149).
- wifi: rtw89: add EVM and SNR statistics to debugfs (bsc#1227149).
- wifi: rtw89: add EVM for antenna diversity (bsc#1227149).
- wifi: rtw89: add H2C RA command V1 to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add H2C command to download beacon frame for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add RSSI based antenna diversity (bsc#1227149).
- wifi: rtw89: add RSSI statistics for the case of antenna diversity to debugfs (bsc#1227149).
- wifi: rtw89: add XTAL SI for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add chip_info::chip_gen to determine chip generation (bsc#1227149).
- wifi: rtw89: add chip_info::txwd_info size to generalize TX WD submit (bsc#1227149).
- wifi: rtw89: add chip_ops::h2c_ba_cam() to configure BA CAM (bsc#1227149).
- wifi: rtw89: add chip_ops::query_rxdesc() and rxd_len as helpers to support newer chips (bsc#1227149).
- wifi: rtw89: add chip_ops::update_beacon to abstract update beacon operation (bsc#1227149).
- wifi: rtw89: add firmware H2C command of BA CAM V1 (bsc#1227149).
- wifi: rtw89: add firmware parser for v1 format (bsc#1227149).
- wifi: rtw89: add firmware suit for BB MCU 0/1 (bsc#1227149).
- wifi: rtw89: add function prototype for coex request duration (bsc#1227149).
- wifi: rtw89: add mac_gen pointer to access mac port registers (bsc#1227149).
- wifi: rtw89: add mlo_dbcc_mode for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add new H2C command to pause/sleep transmitting by MAC ID (bsc#1227149).
- wifi: rtw89: add new H2C for PS mode in 802.11be chip (bsc#1227149).
- wifi: rtw89: add reserved size as factor of DLE used size (bsc#1227149).
- wifi: rtw89: add subband index of primary channel to struct rtw89_chan (bsc#1227149).
- wifi: rtw89: add to display hardware rates v1 histogram in debugfs (bsc#1227149).
- wifi: rtw89: add to fill TX descriptor for firmware command v2 (bsc#1227149).
- wifi: rtw89: add to fill TX descriptor v2 (bsc#1227149).
- wifi: rtw89: add to parse firmware elements of BB and RF tables (bsc#1227149).
- wifi: rtw89: add to query RX descriptor format v2 (bsc#1227149).
- wifi: rtw89: add tx_wake notify for 8851B (bsc#1227149).
- wifi: rtw89: add wait/completion for abort scan (bsc#1227149).
- wifi: rtw89: adjust init_he_cap() to add EHT cap into iftype_data (bsc#1227149).
- wifi: rtw89: advertise missing extended scan feature (bsc#1227149).
- wifi: rtw89: avoid stringop-overflow warning (bsc#1227149).
- wifi: rtw89: call rtw89_chan_get() by vif chanctx if aware of vif (bsc#1227149).
- wifi: rtw89: chan: MCC take reconfig into account (bsc#1227149).
- wifi: rtw89: chan: add sub-entity swap function to cover replacing (bsc#1227149).
- wifi: rtw89: chan: move handling from add/remove to assign/unassign for MLO (bsc#1227149).
- wifi: rtw89: chan: support MCC on Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: chan: tweak bitmap recalc ahead before MLO (bsc#1227149).
- wifi: rtw89: chan: tweak weight recalc ahead before MLO (bsc#1227149).
- wifi: rtw89: change naming of BA CAM from V1 to V0_EXT (bsc#1227149).
- wifi: rtw89: change qutoa to DBCC by default for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: change supported bandwidths of chip_info to bit mask (bsc#1227149).
- wifi: rtw89: cleanup firmware elements parsing (bsc#1227149).
- wifi: rtw89: cleanup private data structures (bsc#1227149).
- wifi: rtw89: cleanup rtw89_iqk_info and related code (bsc#1227149).
- wifi: rtw89: coex: Add Bluetooth RSSI level information (bsc#1227149).
- wifi: rtw89: coex: Add Pre-AGC control to enhance Wi-Fi RX performance (bsc#1227149).
- wifi: rtw89: coex: Add coexistence policy to decrease WiFi packet CRC-ERR (bsc#1227149).
- wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members (bsc#1227149).
- wifi: rtw89: coex: Record down Wi-Fi initial mode information (bsc#1227149).
- wifi: rtw89: coex: Reorder H2C command index to align with firmware (bsc#1227149).
- wifi: rtw89: coex: Set Bluetooth scan low-priority when Wi-Fi link/scan (bsc#1227149).
- wifi: rtw89: coex: Still show hardware grant signal info even Wi-Fi is PS (bsc#1227149).
- wifi: rtw89: coex: To improve Wi-Fi performance while BT is idle (bsc#1227149).
- wifi: rtw89: coex: Translate antenna configuration from ID to string (bsc#1227149).
- wifi: rtw89: coex: Update BTG control related logic (bsc#1227149).
- wifi: rtw89: coex: Update RF parameter control setting logic (bsc#1227149).
- wifi: rtw89: coex: Update coexistence policy for Wi-Fi LPS (bsc#1227149).
- wifi: rtw89: coex: When Bluetooth not available do not set power/gain (bsc#1227149).
- wifi: rtw89: coex: add BTC ctrl_info version 7 and related logic (bsc#1227149).
- wifi: rtw89: coex: add annotation __counted_by() for struct rtw89_btc_btf_set_slot_table (bsc#1227149).
- wifi: rtw89: coex: add annotation __counted_by() to struct rtw89_btc_btf_set_mon_reg (bsc#1227149).
- wifi: rtw89: coex: add init_info H2C command format version 7 (bsc#1227149).
- wifi: rtw89: coex: add return value to ensure H2C command is success or not (bsc#1227149).
- wifi: rtw89: coex: fix configuration for shared antenna for 8922A (bsc#1227149).
- wifi: rtw89: coex: use struct assignment to replace memcpy() to append TDMA content (bsc#1227149).
- wifi: rtw89: configure PPDU max user by chip (bsc#1227149).
- wifi: rtw89: consider RX info for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: consolidate registers of mac port to struct (bsc#1227149).
- wifi: rtw89: correct PHY register offset for PHY-1 (bsc#1227149).
- wifi: rtw89: correct aSIFSTime for 6GHz band (stable-fixes).
- wifi: rtw89: correct the DCFO tracking flow to improve CFO compensation (bsc#1227149).
- wifi: rtw89: debug: add FW log component for scan (bsc#1227149).
- wifi: rtw89: debug: add debugfs entry to disable dynamic mechanism (bsc#1227149).
- wifi: rtw89: debug: add to check if debug mask is enabled (bsc#1227149).
- wifi: rtw89: debug: remove wrapper of rtw89_debug() (bsc#1227149).
- wifi: rtw89: debug: show txpwr table according to chip gen (bsc#1227149).
- wifi: rtw89: debug: txpwr table access only valid page according to chip (bsc#1227149).
- wifi: rtw89: debug: txpwr table supports Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: declare EXT NSS BW of VHT capability (bsc#1227149).
- wifi: rtw89: declare MCC in interface combination (bsc#1227149).
- wifi: rtw89: define hardware rate v1 for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: differentiate narrow_bw_ru_dis setting according to chip gen (bsc#1227149).
- wifi: rtw89: disable RTS when broadcast/multicast (bsc#1227149).
- wifi: rtw89: download firmware with five times retry (bsc#1227149).
- wifi: rtw89: drop TIMING_BEACON_ONLY and sync beacon TSF by self (bsc#1227149).
- wifi: rtw89: enlarge supported length of read_reg debugfs entry (bsc#1227149).
- wifi: rtw89: extend PHY status parser to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fix HW scan not aborting properly (git-fixes).
- wifi: rtw89: fix HW scan timeout due to TSF sync issue (bsc#1227149).
- wifi: rtw89: fix a width vs precision bug (bsc#1227149).
- wifi: rtw89: fix disabling concurrent mode TX hang issue (bsc#1227149).
- wifi: rtw89: fix misbehavior of TX beacon in concurrent mode (bsc#1227149).
- wifi: rtw89: fix not entering PS mode after AP stops (bsc#1227149).
- wifi: rtw89: fix spelling typo of IQK debug messages (bsc#1227149).
- wifi: rtw89: fix typo of rtw89_fw_h2c_mcc_macid_bitmap() (bsc#1227149).
- wifi: rtw89: fw: add H2C command to reset CMAC table for WiFi 7 (bsc#1227149).
- wifi: rtw89: fw: add H2C command to reset DMAC table for WiFi 7 (bsc#1227149).
- wifi: rtw89: fw: add H2C command to update security CAM v2 (bsc#1227149).
- wifi: rtw89: fw: add checking type for variant type of firmware (bsc#1227149).
- wifi: rtw89: fw: add chip_ops to update CMAC table to associated station (bsc#1227149).
- wifi: rtw89: fw: add definition of H2C command and C2H event for MRC series (bsc#1227149).
- wifi: rtw89: fw: add version field to BB MCU firmware element (bsc#1227149).
- wifi: rtw89: fw: consider checksum length of security data (bsc#1227149).
- wifi: rtw89: fw: download firmware with key data for secure boot (bsc#1227149).
- wifi: rtw89: fw: extend JOIN H2C command to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: extend program counter dump for Wi-Fi 7 chip (bsc#1227149).
- wifi: rtw89: fw: fill CMAC table to associated station for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: generalize download firmware flow by mac_gen pointers (bsc#1227149).
- wifi: rtw89: fw: implement MRC H2C command functions (bsc#1227149).
- wifi: rtw89: fw: implement supported functions of download firmware for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: load TX power track tables from fw_element (bsc#1227149).
- wifi: rtw89: fw: move polling function of firmware path ready to an individual function (bsc#1227149).
- wifi: rtw89: fw: parse secure section from firmware file (bsc#1227149).
- wifi: rtw89: fw: propagate an argument include_bb for BB MCU firmware (bsc#1227149).
- wifi: rtw89: fw: read firmware secure information from efuse (bsc#1227149).
- wifi: rtw89: fw: refine download flow to support variant firmware suits (bsc#1227149).
- wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband (bsc#1227149).
- wifi: rtw89: fw: update TX AMPDU parameter to CMAC table (bsc#1227149).
- wifi: rtw89: fw: use struct to fill BA CAM H2C commands (bsc#1227149).
- wifi: rtw89: fw: use struct to fill JOIN H2C command (bsc#1227149).
- wifi: rtw89: get data rate mode/NSS/MCS v1 from RX descriptor (bsc#1227149).
- wifi: rtw89: indicate TX power by rate table inside RFE parameter (bsc#1227149).
- wifi: rtw89: indicate TX shape table inside RFE parameter (bsc#1227149).
- wifi: rtw89: initialize antenna for antenna diversity (bsc#1227149).
- wifi: rtw89: initialize multi-channel handling (bsc#1227149).
- wifi: rtw89: introduce infrastructure of firmware elements (bsc#1227149).
- wifi: rtw89: introduce realtek ACPI DSM method (bsc#1227149).
- wifi: rtw89: introduce v1 format of firmware header (bsc#1227149).
- wifi: rtw89: load BB parameters to PHY-1 (bsc#1227149).
- wifi: rtw89: load RFK log format string from firmware file (bsc#1227149).
- wifi: rtw89: load TX power by rate when RFE parms setup (bsc#1227149).
- wifi: rtw89: load TX power related tables from FW elements (bsc#1227149).
- wifi: rtw89: mac: Fix spelling mistakes "notfify" -> "notify" (bsc#1227149).
- wifi: rtw89: mac: add coexistence helpers {cfg/get}_plt (bsc#1227149).
- wifi: rtw89: mac: add feature_init to initialize BA CAM V1 (bsc#1227149).
- wifi: rtw89: mac: add flags to check if CMAC and DMAC are enabled (bsc#1227149).
- wifi: rtw89: mac: add mac_gen_def::band1_offset to map MAC band1 register address (bsc#1227149).
- wifi: rtw89: mac: add registers of MU-EDCA parameters for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add suffix _ax to MAC functions (bsc#1227149).
- wifi: rtw89: mac: add sys_init and filter option for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add to access efuse for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add to get DLE reserved quota (bsc#1227149).
- wifi: rtw89: mac: check queue empty according to chip gen (bsc#1227149).
- wifi: rtw89: mac: correct MUEDCA setting for MAC-1 (bsc#1227149).
- wifi: rtw89: mac: define internal memory address for WiFi 7 chip (bsc#1227149).
- wifi: rtw89: mac: define register address of rx_filter to generalize code (bsc#1227149).
- wifi: rtw89: mac: do bf_monitor only if WiFi 6 chips (bsc#1227149).
- wifi: rtw89: mac: functions to configure hardware engine and quota for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: generalize code to indirectly access WiFi internal memory (bsc#1227149).
- wifi: rtw89: mac: generalize register of MU-EDCA switch according to chip gen (bsc#1227149).
- wifi: rtw89: mac: get TX power control register according to chip gen (bsc#1227149).
- wifi: rtw89: mac: handle C2H receive/done ACK in interrupt context (bsc#1227149).
- wifi: rtw89: mac: implement MRC C2H event handling (bsc#1227149).
- wifi: rtw89: mac: implement to configure TX/RX engines for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: move code related to hardware engine to individual functions (bsc#1227149).
- wifi: rtw89: mac: refine SER setting during WiFi CPU power on (bsc#1227149).
- wifi: rtw89: mac: reset PHY-1 hardware when going to enable/disable (bsc#1227149).
- wifi: rtw89: mac: return held quota of DLE when changing MAC-1 (bsc#1227149).
- wifi: rtw89: mac: set bf_assoc capabilities according to chip gen (bsc#1227149).
- wifi: rtw89: mac: set bfee_ctrl() according to chip gen (bsc#1227149).
- wifi: rtw89: mac: update RTS threshold according to chip gen (bsc#1227149).
- wifi: rtw89: mac: use mac_gen pointer to access about efuse (bsc#1227149).
- wifi: rtw89: mac: use pointer to access functions of hardware engine and quota (bsc#1227149).
- wifi: rtw89: mcc: consider and determine BT duration (bsc#1227149).
- wifi: rtw89: mcc: deal with BT slot change (bsc#1227149).
- wifi: rtw89: mcc: deal with P2P PS change (bsc#1227149).
- wifi: rtw89: mcc: deal with beacon NoA if GO exists (bsc#1227149).
- wifi: rtw89: mcc: decide pattern and calculate parameters (bsc#1227149).
- wifi: rtw89: mcc: fill fundamental configurations (bsc#1227149).
- wifi: rtw89: mcc: fix NoA start time when GO is auxiliary (bsc#1227149).
- wifi: rtw89: mcc: initialize start flow (bsc#1227149).
- wifi: rtw89: mcc: track beacon offset and update when needed (bsc#1227149).
- wifi: rtw89: mcc: trigger FW to start/stop MCC (bsc#1227149).
- wifi: rtw89: mcc: update role bitmap when changed (bsc#1227149).
- wifi: rtw89: modify the register setting and the flow of CFO tracking (bsc#1227149).
- wifi: rtw89: move software DCFO compensation setting to proper position (bsc#1227149).
- wifi: rtw89: only reset BB/RF for existing WiFi 6 chips while starting up (bsc#1227149).
- wifi: rtw89: packet offload wait for FW response (bsc#1227149).
- wifi: rtw89: parse EHT information from RX descriptor and PPDU status packet (bsc#1227149).
- wifi: rtw89: parse TX EHT rate selected by firmware from RA C2H report (bsc#1227149).
- wifi: rtw89: parse and print out RFK log from C2H events (bsc#1227149).
- wifi: rtw89: pause/proceed MCC for ROC and HW scan (bsc#1227149).
- wifi: rtw89: pci: add LTR v2 for WiFi 7 chip (bsc#1227149).
- wifi: rtw89: pci: add PCI generation information to pci_info for each chip (bsc#1227149).
- wifi: rtw89: pci: add new RX ring design to determine full RX ring efficiently (bsc#1227149).
- wifi: rtw89: pci: add pre_deinit to be called after probe complete (bsc#1227149).
- wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command (git-fixes).
- wifi: rtw89: pci: correct interrupt mitigation register for 8852CE (bsc#1227149).
- wifi: rtw89: pci: define PCI ring address for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: fix interrupt enable mask for HALT C2H of RTL8851B (bsc#1227149).
- wifi: rtw89: pci: generalize code of PCI control DMA IO for WiFi 7 (bsc#1227149).
- wifi: rtw89: pci: generalize interrupt status bits of interrupt handlers (bsc#1227149).
- wifi: rtw89: pci: implement PCI CLK/ASPM/L1SS for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: implement PCI mac_post_init for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: implement PCI mac_pre_init for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: interrupt v2 refine IMR for SER (bsc#1227149).
- wifi: rtw89: pci: reset BDRAM according to chip gen (bsc#1227149).
- wifi: rtw89: pci: stop/start DMA for level 1 recovery according to chip gen (bsc#1227149).
- wifi: rtw89: pci: update SER timer unit and timeout time (bsc#1227149).
- wifi: rtw89: pci: update interrupt mitigation register for 8922AE (bsc#1227149).
- wifi: rtw89: pci: use DBI function for 8852AE/8852BE/8851BE (bsc#1227149).
- wifi: rtw89: pci: use gen_def pointer to configure mac_{pre,post}_init and clear PCI ring index (bsc#1227149).
- wifi: rtw89: pci: validate RX tag for RXQ and RPQ (bsc#1227149).
- wifi: rtw89: phy: add BB wrapper of TX power for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: phy: add parser to support RX gain dynamic setting flow (bsc#1227149).
- wifi: rtw89: phy: add phy_gen_def::cr_base to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: phy: change naming related BT coexistence functions (bsc#1227149).
- wifi: rtw89: phy: dynamically adjust EDCCA threshold (bsc#1227149).
- wifi: rtw89: phy: extend TX power common stuffs for Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: phy: generalize valid bit of BSS color (bsc#1227149).
- wifi: rtw89: phy: ignore special data from BB parameter file (bsc#1227149).
- wifi: rtw89: phy: modify register setting of ENV_MNTR, PHYSTS and DIG (bsc#1227149).
- wifi: rtw89: phy: move bb_gain_info used by WiFi 6 chips to union (bsc#1227149).
- wifi: rtw89: phy: print out RFK log with formatted string (bsc#1227149).
- wifi: rtw89: phy: rate pattern handles HW rate by chip gen (bsc#1227149).
- wifi: rtw89: phy: refine helpers used for raw TX power (bsc#1227149).
- wifi: rtw89: phy: set TX power RU limit according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power by rate according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power limit according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power offset according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set channel_info for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: prepare scan leaf functions for wifi 7 ICs (bsc#1227149).
- wifi: rtw89: process regulatory for 6 GHz power type (bsc#1227149).
- wifi: rtw89: provide functions to configure NoA for beacon update (bsc#1227149).
- wifi: rtw89: recognize log format from firmware file (bsc#1227149).
- wifi: rtw89: reference quota mode when setting Tx power (bsc#1227149).
- wifi: rtw89: refine H2C command that pause transmitting by MAC ID (bsc#1227149).
- wifi: rtw89: refine add_chan H2C command to encode_bits (bsc#1227149).
- wifi: rtw89: refine bandwidth 160MHz uplink OFDMA performance (bsc#1227149).
- wifi: rtw89: refine clearing supported bands to check 2/5 GHz first (bsc#1227149).
- wifi: rtw89: refine element naming used by queue empty check (bsc#1227149).
- wifi: rtw89: refine hardware scan C2H events (bsc#1227149).
- wifi: rtw89: refine packet offload delete flow of 6 GHz probe (bsc#1227149).
- wifi: rtw89: refine packet offload handling under SER (bsc#1227149).
- wifi: rtw89: refine remain on channel flow to improve P2P connection (bsc#1227149).
- wifi: rtw89: refine rtw89_correct_cck_chan() by rtw89_hw_to_nl80211_band() (bsc#1227149).
- wifi: rtw89: refine uplink trigger based control mechanism (bsc#1227149).
- wifi: rtw89: regd: configure Thailand in regulation type (bsc#1227149).
- wifi: rtw89: regd: handle policy of 6 GHz according to BIOS (bsc#1227149).
- wifi: rtw89: regd: judge 6 GHz according to chip and BIOS (bsc#1227149).
- wifi: rtw89: regd: judge UNII-4 according to BIOS and chip (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R64-R40 (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R64-R43 (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R65-R44 (bsc#1227149).
- wifi: rtw89: release bit in rtw89_fw_h2c_del_pkt_offload() (bsc#1227149).
- wifi: rtw89: return failure if needed firmware elements are not recognized (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger DACK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger DPK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger IQK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger RX DCK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger TSSI (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger TXGAPK (bsc#1227149).
- wifi: rtw89: rfk: add a completion to wait RF calibration report from C2H event (bsc#1227149).
- wifi: rtw89: rfk: disable driver tracking during MCC (bsc#1227149).
- wifi: rtw89: rfk: send channel information to firmware for RF calibrations (bsc#1227149).
- wifi: rtw89: sar: let caller decide the center frequency to query (bsc#1227149).
- wifi: rtw89: scan offload wait for FW done ACK (bsc#1227149).
- wifi: rtw89: ser: L1 add pre-M0 and post-M0 states (bsc#1227149).
- wifi: rtw89: ser: reset total_sta_assoc and tdls_peer when L2 (bsc#1227149).
- wifi: rtw89: set TX power without precondition during setting channel (bsc#1227149).
- wifi: rtw89: set capability of TX antenna diversity (bsc#1227149).
- wifi: rtw89: set entry size of address CAM to H2C field by chip (bsc#1227149).
- wifi: rtw89: show EHT rate in debugfs (bsc#1227149).
- wifi: rtw89: support U-NII-4 channels on 5GHz band (bsc#1227149).
- wifi: rtw89: support firmware log with formatted text (bsc#1227149).
- wifi: rtw89: suppress the log for specific SER called CMDPSR_FRZTO (bsc#1227149).
- wifi: rtw89: tweak H2C TX waiting function for SER (bsc#1227149).
- wifi: rtw89: update DMA function with different generation (bsc#1227149).
- wifi: rtw89: update ps_state register for chips with different generation (bsc#1227149).
- wifi: rtw89: update scan C2H messages for wifi 7 IC (bsc#1227149).
- wifi: rtw89: update suspend/resume for different generation (bsc#1227149).
- wifi: rtw89: use PLCP information to match BSS_COLOR and AID (bsc#1227149).
- wifi: rtw89: use chip_info::small_fifo_size to choose debug_mask (bsc#1227149).
- wifi: rtw89: use flexible array member in rtw89_btc_btf_tlv (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits to access RX info (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits() to access RX descriptor (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits() to access received PHY status IEs (bsc#1227149).
- wifi: rtw89: use struct rtw89_phy_sts_ie0 instead of macro to access PHY IE0 status (bsc#1227149).
- wifi: rtw89: use struct to access RA report (bsc#1227149).
- wifi: rtw89: use struct to access firmware C2H event header (bsc#1227149).
- wifi: rtw89: use struct to access register-based H2C/C2H (bsc#1227149).
- wifi: rtw89: use struct to fill H2C command to download beacon frame (bsc#1227149).
- wifi: rtw89: use struct to parse firmware header (bsc#1227149).
- wifi: rtw89: use struct to set RA H2C command (bsc#1227149).
- wifi: rtw89: wow: move release offload packet earlier for WoWLAN mode (bsc#1227149).
- wifi: rtw89: wow: refine WoWLAN flows of HCI interrupts and low power mode (bsc#1227149).
- wifi: rtw89: wow: set security engine options for 802.11ax chips only (bsc#1227149).
- wifi: rtw89: wow: update WoWLAN reason register for different chips (bsc#1227149).
- wifi: rtw89: wow: update WoWLAN status register for different generation (bsc#1227149).
- wifi: rtw89: wow: update config mac function with different generation (bsc#1227149).
- wifi: ti: wlcore: sdio: Drop unused include (bsc#1227149).
- wifi: virt_wifi: avoid reporting connection success with wrong SSID (git-fixes).
- wifi: virt_wifi: do not use strlen() in const context (git-fixes).
- wifi: wcn36xx: Annotate struct wcn36xx_hal_ind_msg with __counted_by (bsc#1227149).
- wifi: wcn36xx: Convert to platform remove callback returning void (bsc#1227149).
- wifi: wcn36xx: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: wext: avoid extra calls to strlen() in ieee80211_bss() (bsc#1227149).
- wifi: wfx: Use devm_kmemdup to replace devm_kmalloc + memcpy (bsc#1227149).
- wifi: wfx: allow to send frames during ROC (bsc#1227149).
- wifi: wfx: fix power_save setting when AP is stopped (bsc#1227149).
- wifi: wfx: implement wfx_remain_on_channel() (bsc#1227149).
- wifi: wfx: introduce hif_scan_uniq() (bsc#1227149).
- wifi: wfx: move wfx_skb_*() out of the header file (bsc#1227149).
- wifi: wfx: relocate wfx_rate_mask_to_hw() (bsc#1227149).
- wifi: wfx: scan_lock is global to the device (bsc#1227149).
- wifi: wfx: simplify exclusion between scan and Rx filters (bsc#1227149).
- wifi: wil6210: fw: Replace zero-length arrays with DECLARE_FLEX_ARRAY() helper (bsc#1227149).
- wifi: wil6210: wmi: Replace zero-length array with DECLARE_FLEX_ARRAY() helper (bsc#1227149).
- wifi: wilc1000: Increase ASSOC response buffer (bsc#1227149).
- wifi: wilc1000: Remove unused declarations (bsc#1227149).
- wifi: wilc1000: add SPI commands retry mechanism (bsc#1227149).
- wifi: wilc1000: add back-off algorithm to balance tx queue packets (bsc#1227149).
- wifi: wilc1000: add missing read critical sections around vif list traversal (bsc#1227149).
- wifi: wilc1000: always release SDIO host in wilc_sdio_cmd53() (bsc#1227149).
- wifi: wilc1000: cleanup struct wilc_conn_info (bsc#1227149).
- wifi: wilc1000: correct CRC7 calculation (bsc#1227149).
- wifi: wilc1000: fix declarations ordering (bsc#1227149).
- wifi: wilc1000: fix driver_handler when committing initial configuration (bsc#1227149).
- wifi: wilc1000: fix ies_len type in connect path (git-fixes).
- wifi: wilc1000: fix incorrect power down sequence (bsc#1227149).
- wifi: wilc1000: remove AKM suite be32 conversion for external auth request (bsc#1227149).
- wifi: wilc1000: remove setting msg.spi (bsc#1227149).
- wifi: wilc1000: remove use of has_thrpt_enh3 flag (bsc#1227149).
- wifi: wilc1000: set preamble size to auto as default in wilc_init_fw_config() (bsc#1227149).
- wifi: wilc1000: simplify remain on channel support (bsc#1227149).
- wifi: wilc1000: simplify wilc_scan() (bsc#1227149).
- wifi: wilc1000: split deeply nested RCU list traversal in dedicated helper (bsc#1227149).
- wifi: wilc1000: use SRCU instead of RCU for vif list traversal (bsc#1227149).
- wifi: wilc1000: validate chip id during bus probe (bsc#1227149).
- wifi: wl1251: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wl18xx: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: boot: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: main: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: sdio: Rate limit wl12xx_sdio_raw_{read,write}() failures warns (bsc#1227149).
- wifi: wlcore: sdio: Use module_sdio_driver macro to simplify the code (bsc#1227149).
- wifi: zd1211rw: fix typo "tranmits" (bsc#1227149).
- wifi: zd1211rw: remove __nocast from zd_addr_t (bsc#1227149).
- wifi: zd1211rw: silence sparse warnings (bsc#1227149).
- wlcore: spi: Remove redundant of_match_ptr() (bsc#1227149).
- work around gcc bugs with 'asm goto' with outputs (git-fixes).
- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).
- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).
- x86/amd_nb: Check for invalid SMN reads (git-fixes).
- x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-fixes).
- x86/asm: Fix build of UML with KASAN (git-fixes).
- x86/asm: Remove the __iomem annotation of movdir64b()'s dst argument (git-fixes).
- x86/bhi: Avoid warning in #DB handler due to BHI mitigation :(git-fixes).
- x86/boot: Ignore NMIs during very early boot (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- x86/bugs: Remove default case for fully switched enums (git-fixes).
- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-fixes).
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).
- x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).
- x86/cpu: Provide default cache line size if not enumerated (git-fixes).
- x86/csum: Fix clang -Wuninitialized in csum_partial() (git-fixes).
- x86/csum: Improve performance of `csum_partial` (git-fixes).
- x86/csum: Remove unnecessary odd handling (git-fixes).
- x86/csum: clean up `csum_partial' further (git-fixes).
- x86/efistub: Add missing boot_params for mixed mode compat entry (git-fixes).
- x86/efistub: Call mixed mode boot services on the firmware's stack (git-fixes).
- x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes).
- x86/head/64: Move the __head definition to <asm/init.h> (git-fixes).
- x86/insn: Add VEX versions of VPDPBUSD, VPDPBUSDS, VPDPWSSD and VPDPWSSDS (git-fixes).
- x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes).
- x86/kconfig: Add as-instr64 macro to properly evaluate AS_WRUSS (git-fixes).
- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (git-fixes).
- x86/kexec: Fix bug with call depth tracking (git-fixes).
- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).
- x86/mce: Dynamically size space for machine check records (bsc#1222241).
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
- x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel (git-fixes).
- x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes).
- x86/nmi: Fix the inverse "in NMI handler" check (git-fixes).
- x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).
- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).
- x86/purgatory: Switch to the position-independent small code model (git-fixes).
- x86/resctrl: Read supported bandwidth sources from CPUID (git-fixes).
- x86/resctrl: Remove redundant variable in mbm_config_write_domain() (git-fixes).
- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).
- x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-fixes).
- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).
- x86/sev: Fix position dependent variable references in startup code (git-fixes).
- x86/shstk: Make return uprobe work with shadow stack (git-fixes).
- x86/speculation, objtool: Use absolute relocations for annotations (git-fixes).
- x86/srso: Disentangle rethunk-dependent options (git-fixes).
- x86/srso: Fix unret validation dependencies (git-fixes).
- x86/srso: Improve i-cache locality for alias mitigation (git-fixes).
- x86/srso: Print actual mitigation if requested mitigation isn't possible (git-fixes).
- x86/srso: Remove 'pred_cmd' label (git-fixes).
- x86/srso: Unexport untraining functions (git-fixes).
- x86/tdx: Preserve shared bit on mprotect() (git-fixes).
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
- x86/uaccess: Fix missed zeroing of ia32 u64 get_user() range checking (git-fixes).
- x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502)
- xen/x86: add extra pages to unpopulated-alloc if available (git-fixes).
- xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228211).
- xfs: add lock protection when remove perag from radix tree (git-fixes).
- xfs: fix perag leak when growfs fails (git-fixes).
- xfs: force all buffers to be written during btree bulk load (git-fixes).
- xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-fixes).
- xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).
- xfs: recompute growfsrtfree transaction reservation while growing rt volume (git-fixes).
- xfs: transfer recovered intent item ownership in ->iop_recover (git-fixes).
- xfs: use roundup_pow_of_two instead of ffs during xlog_find_tail (git-fixes).
- xfs: use xfs_defer_pending objects to recover intent items (git-fixes).
- xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Handle TD clearing for multiple streams case (git-fixes).
- xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes).
- xhci: always resume roothubs if xHC was reset during resume (stable-fixes).
- xsk: Add truesize to skb_add_rx_frag() (bsc#1214683 (PREEMPT_RT prerequisite backports)).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1141539SUSE bug 1181674SUSE bug 1186716SUSE bug 1187716SUSE bug 1193599SUSE bug 1194869SUSE bug 1195775SUSE bug 1204562SUSE bug 1207948SUSE bug 1208593SUSE bug 1209657SUSE bug 1209834SUSE bug 1213573SUSE bug 1214683SUSE bug 1214852SUSE bug 1215199SUSE bug 1215587SUSE bug 1216196SUSE bug 1216358SUSE bug 1216436SUSE bug 1216702SUSE bug 1217169SUSE bug 1217384SUSE bug 1217408SUSE bug 1217481SUSE bug 1217750SUSE bug 1217912SUSE bug 1218442SUSE bug 1218447SUSE bug 1218562SUSE bug 1218730SUSE bug 1218820SUSE bug 1218917SUSE bug 1219104SUSE bug 1219170SUSE bug 1219216SUSE bug 1219224SUSE bug 1219451SUSE bug 1219478SUSE bug 1219485SUSE bug 1219596SUSE bug 1219633SUSE bug 1219832SUSE bug 1219847SUSE bug 1219953SUSE bug 1220021SUSE bug 1220120SUSE bug 1220138SUSE bug 1220148SUSE bug 1220214SUSE bug 1220328SUSE bug 1220427SUSE bug 1220430SUSE bug 1220569SUSE bug 1220738SUSE bug 1220783SUSE bug 1220942SUSE bug 1221044SUSE bug 1221057SUSE bug 1221086SUSE bug 1221097SUSE bug 1221303SUSE bug 1221612SUSE bug 1221615SUSE bug 1221635SUSE bug 1221645SUSE bug 1221647SUSE bug 1221649SUSE bug 1221654SUSE bug 1221656SUSE bug 1221659SUSE bug 1221765SUSE bug 1221777SUSE bug 1221816SUSE bug 1221829SUSE bug 1221858SUSE bug 1221958SUSE bug 1222011SUSE bug 1222015SUSE bug 1222080SUSE bug 1222241SUSE bug 1222294SUSE bug 1222303SUSE bug 1222326SUSE bug 1222328SUSE bug 1222357SUSE bug 1222368SUSE bug 1222378SUSE bug 1222380SUSE bug 1222385SUSE bug 1222426SUSE bug 1222438SUSE bug 1222459SUSE bug 1222463SUSE bug 1222464SUSE bug 1222532SUSE bug 1222559SUSE bug 1222588SUSE bug 1222596SUSE bug 1222608SUSE bug 1222613SUSE bug 1222615SUSE bug 1222617SUSE bug 1222619SUSE bug 1222624SUSE bug 1222627SUSE bug 1222654SUSE bug 1222721SUSE bug 1222768SUSE bug 1222769SUSE bug 1222771SUSE bug 1222775SUSE bug 1222777SUSE bug 1222779SUSE bug 1222780SUSE bug 1222782SUSE bug 1222793SUSE bug 1222809SUSE bug 1222810SUSE bug 1222893SUSE bug 1223007SUSE bug 1223010SUSE bug 1223011SUSE bug 1223016SUSE bug 1223018SUSE bug 1223020SUSE bug 1223021SUSE bug 1223023SUSE bug 1223024SUSE bug 1223035SUSE bug 1223038SUSE bug 1223039SUSE bug 1223041SUSE bug 1223045SUSE bug 1223046SUSE bug 1223051SUSE bug 1223052SUSE bug 1223057SUSE bug 1223058SUSE bug 1223060SUSE bug 1223061SUSE bug 1223062SUSE bug 1223076SUSE bug 1223077SUSE bug 1223084SUSE bug 1223111SUSE bug 1223113SUSE bug 1223137SUSE bug 1223138SUSE bug 1223140SUSE bug 1223143SUSE bug 1223187SUSE bug 1223188SUSE bug 1223189SUSE bug 1223190SUSE bug 1223191SUSE bug 1223192SUSE bug 1223195SUSE bug 1223196SUSE bug 1223197SUSE bug 1223198SUSE bug 1223202SUSE bug 1223203SUSE bug 1223204SUSE bug 1223205SUSE bug 1223207SUSE bug 1223265SUSE bug 1223285SUSE bug 1223315SUSE bug 1223323SUSE bug 1223338SUSE bug 1223357SUSE bug 1223369SUSE bug 1223380SUSE bug 1223384SUSE bug 1223390SUSE bug 1223415SUSE bug 1223439SUSE bug 1223462SUSE bug 1223525SUSE bug 1223532SUSE bug 1223539SUSE bug 1223570SUSE bug 1223575SUSE bug 1223590SUSE bug 1223591SUSE bug 1223592SUSE bug 1223593SUSE bug 1223625SUSE bug 1223626SUSE bug 1223627SUSE bug 1223629SUSE bug 1223631SUSE bug 1223632SUSE bug 1223633SUSE bug 1223634SUSE bug 1223637SUSE bug 1223638SUSE bug 1223641SUSE bug 1223642SUSE bug 1223643SUSE bug 1223644SUSE bug 1223645SUSE bug 1223646SUSE bug 1223648SUSE bug 1223649SUSE bug 1223650SUSE bug 1223651SUSE bug 1223652SUSE bug 1223653SUSE bug 1223654SUSE bug 1223655SUSE bug 1223657SUSE bug 1223660SUSE bug 1223661SUSE bug 1223663SUSE bug 1223664SUSE bug 1223665SUSE bug 1223666SUSE bug 1223667SUSE bug 1223668SUSE bug 1223669SUSE bug 1223670SUSE bug 1223671SUSE bug 1223675SUSE bug 1223677SUSE bug 1223678SUSE bug 1223679SUSE bug 1223686SUSE bug 1223692SUSE bug 1223693SUSE bug 1223695SUSE bug 1223696SUSE bug 1223698SUSE bug 1223699SUSE bug 1223705SUSE bug 1223709SUSE bug 1223711SUSE bug 1223712SUSE bug 1223714SUSE bug 1223715SUSE bug 1223717SUSE bug 1223718SUSE bug 1223723SUSE bug 1223725SUSE bug 1223728SUSE bug 1223731SUSE bug 1223732SUSE bug 1223734SUSE bug 1223735SUSE bug 1223737SUSE bug 1223738SUSE bug 1223739SUSE bug 1223740SUSE bug 1223741SUSE bug 1223744SUSE bug 1223745SUSE bug 1223747SUSE bug 1223748SUSE bug 1223749SUSE bug 1223750SUSE bug 1223752SUSE bug 1223754SUSE bug 1223756SUSE bug 1223757SUSE bug 1223759SUSE bug 1223760SUSE bug 1223761SUSE bug 1223762SUSE bug 1223764SUSE bug 1223765SUSE bug 1223768SUSE bug 1223769SUSE bug 1223770SUSE bug 1223774SUSE bug 1223776SUSE bug 1223778SUSE bug 1223779SUSE bug 1223780SUSE bug 1223781SUSE bug 1223782SUSE bug 1223787SUSE bug 1223788SUSE bug 1223789SUSE bug 1223790SUSE bug 1223802SUSE bug 1223804SUSE bug 1223805SUSE bug 1223806SUSE bug 1223807SUSE bug 1223808SUSE bug 1223810SUSE bug 1223813SUSE bug 1223815SUSE bug 1223816SUSE bug 1223819SUSE bug 1223821SUSE bug 1223822SUSE bug 1223823SUSE bug 1223824SUSE bug 1223826SUSE bug 1223827SUSE bug 1223828SUSE bug 1223829SUSE bug 1223831SUSE bug 1223834SUSE bug 1223836SUSE bug 1223837SUSE bug 1223838SUSE bug 1223842SUSE bug 1223843SUSE bug 1223844SUSE bug 1223847SUSE bug 1223863SUSE bug 1223869SUSE bug 1223870SUSE bug 1223871SUSE bug 1223872SUSE bug 1223874SUSE bug 1223944SUSE bug 1223945SUSE bug 1223946SUSE bug 1223991SUSE bug 1224049SUSE bug 1224076SUSE bug 1224096SUSE bug 1224098SUSE bug 1224099SUSE bug 1224137SUSE bug 1224166SUSE bug 1224174SUSE bug 1224177SUSE bug 1224180SUSE bug 1224181SUSE bug 1224187SUSE bug 1224331SUSE bug 1224348SUSE bug 1224414SUSE bug 1224422SUSE bug 1224423SUSE bug 1224429SUSE bug 1224430SUSE bug 1224432SUSE bug 1224433SUSE bug 1224437SUSE bug 1224438SUSE bug 1224439SUSE bug 1224442SUSE bug 1224443SUSE bug 1224445SUSE bug 1224449SUSE bug 1224477SUSE bug 1224479SUSE bug 1224480SUSE bug 1224481SUSE bug 1224482SUSE bug 1224486SUSE bug 1224487SUSE bug 1224488SUSE bug 1224490SUSE bug 1224491SUSE bug 1224492SUSE bug 1224493SUSE bug 1224494SUSE bug 1224495SUSE bug 1224497SUSE bug 1224498SUSE bug 1224499SUSE bug 1224500SUSE bug 1224501SUSE bug 1224502SUSE bug 1224504SUSE bug 1224505SUSE bug 1224506SUSE bug 1224507SUSE bug 1224508SUSE bug 1224509SUSE bug 1224511SUSE bug 1224512SUSE bug 1224513SUSE bug 1224515SUSE bug 1224516SUSE bug 1224517SUSE bug 1224519SUSE bug 1224520SUSE bug 1224521SUSE bug 1224523SUSE bug 1224524SUSE bug 1224525SUSE bug 1224526SUSE bug 1224530SUSE bug 1224531SUSE bug 1224534SUSE bug 1224537SUSE bug 1224539SUSE bug 1224540SUSE bug 1224541SUSE bug 1224542SUSE bug 1224543SUSE bug 1224544SUSE bug 1224545SUSE bug 1224546SUSE bug 1224549SUSE bug 1224550SUSE bug 1224552SUSE bug 1224553SUSE bug 1224555SUSE bug 1224557SUSE bug 1224558SUSE bug 1224559SUSE bug 1224562SUSE bug 1224565SUSE bug 1224566SUSE bug 1224567SUSE bug 1224568SUSE bug 1224569SUSE bug 1224571SUSE bug 1224572SUSE bug 1224573SUSE bug 1224575SUSE bug 1224576SUSE bug 1224577SUSE bug 1224578SUSE bug 1224579SUSE bug 1224580SUSE bug 1224581SUSE bug 1224582SUSE bug 1224583SUSE bug 1224584SUSE bug 1224585SUSE bug 1224586SUSE bug 1224587SUSE bug 1224588SUSE bug 1224589SUSE bug 1224592SUSE bug 1224596SUSE bug 1224598SUSE bug 1224600SUSE bug 1224601SUSE bug 1224602SUSE bug 1224603SUSE bug 1224604SUSE bug 1224605SUSE bug 1224606SUSE bug 1224607SUSE bug 1224608SUSE bug 1224609SUSE bug 1224611SUSE bug 1224612SUSE bug 1224613SUSE bug 1224614SUSE bug 1224615SUSE bug 1224617SUSE bug 1224618SUSE bug 1224619SUSE bug 1224620SUSE bug 1224621SUSE bug 1224622SUSE bug 1224623SUSE bug 1224624SUSE bug 1224626SUSE bug 1224627SUSE bug 1224628SUSE bug 1224629SUSE bug 1224630SUSE bug 1224632SUSE bug 1224633SUSE bug 1224634SUSE bug 1224636SUSE bug 1224637SUSE bug 1224638SUSE bug 1224639SUSE bug 1224640SUSE bug 1224641SUSE bug 1224643SUSE bug 1224644SUSE bug 1224645SUSE bug 1224646SUSE bug 1224647SUSE bug 1224648SUSE bug 1224649SUSE bug 1224650SUSE bug 1224651SUSE bug 1224652SUSE bug 1224653SUSE bug 1224654SUSE bug 1224655SUSE bug 1224657SUSE bug 1224659SUSE bug 1224660SUSE bug 1224661SUSE bug 1224662SUSE bug 1224663SUSE bug 1224664SUSE bug 1224665SUSE bug 1224666SUSE bug 1224667SUSE bug 1224668SUSE bug 1224670SUSE bug 1224671SUSE bug 1224672SUSE bug 1224673SUSE bug 1224675SUSE bug 1224676SUSE bug 1224677SUSE bug 1224678SUSE bug 1224679SUSE bug 1224680SUSE bug 1224681SUSE bug 1224682SUSE bug 1224683SUSE bug 1224685SUSE bug 1224686SUSE bug 1224687SUSE bug 1224688SUSE bug 1224692SUSE bug 1224696SUSE bug 1224697SUSE bug 1224698SUSE bug 1224699SUSE bug 1224701SUSE bug 1224703SUSE bug 1224704SUSE bug 1224705SUSE bug 1224706SUSE bug 1224707SUSE bug 1224709SUSE bug 1224710SUSE bug 1224712SUSE bug 1224714SUSE bug 1224716SUSE bug 1224717SUSE bug 1224718SUSE bug 1224719SUSE bug 1224720SUSE bug 1224721SUSE bug 1224722SUSE bug 1224723SUSE bug 1224725SUSE bug 1224727SUSE bug 1224728SUSE bug 1224729SUSE bug 1224730SUSE bug 1224731SUSE bug 1224732SUSE bug 1224733SUSE bug 1224735SUSE bug 1224736SUSE bug 1224738SUSE bug 1224739SUSE bug 1224740SUSE bug 1224741SUSE bug 1224742SUSE bug 1224743SUSE bug 1224747SUSE bug 1224749SUSE bug 1224751SUSE bug 1224763SUSE bug 1224764SUSE bug 1224765SUSE bug 1224766SUSE bug 1224767SUSE bug 1224790SUSE bug 1224792SUSE bug 1224793SUSE bug 1224803SUSE bug 1224804SUSE bug 1224866SUSE bug 1224928SUSE bug 1224930SUSE bug 1224932SUSE bug 1224933SUSE bug 1224935SUSE bug 1224936SUSE bug 1224937SUSE bug 1224939SUSE bug 1224941SUSE bug 1224944SUSE bug 1224946SUSE bug 1224947SUSE bug 1224949SUSE bug 1224951SUSE bug 1224988SUSE bug 1224989SUSE bug 1224992SUSE bug 1224998SUSE bug 1225000SUSE bug 1225001SUSE bug 1225004SUSE bug 1225006SUSE bug 1225007SUSE bug 1225008SUSE bug 1225009SUSE bug 1225014SUSE bug 1225015SUSE bug 1225022SUSE bug 1225025SUSE bug 1225028SUSE bug 1225029SUSE bug 1225031SUSE bug 1225036SUSE bug 1225041SUSE bug 1225044SUSE bug 1225049SUSE bug 1225050SUSE bug 1225053SUSE bug 1225076SUSE bug 1225077SUSE bug 1225078SUSE bug 1225081SUSE bug 1225085SUSE bug 1225086SUSE bug 1225088SUSE bug 1225090SUSE bug 1225092SUSE bug 1225096SUSE bug 1225097SUSE bug 1225098SUSE bug 1225101SUSE bug 1225103SUSE bug 1225104SUSE bug 1225105SUSE bug 1225106SUSE bug 1225108SUSE bug 1225120SUSE bug 1225132SUSE bug 1225133SUSE bug 1225134SUSE bug 1225136SUSE bug 1225172SUSE bug 1225180SUSE bug 1225272SUSE bug 1225300SUSE bug 1225391SUSE bug 1225472SUSE bug 1225475SUSE bug 1225476SUSE bug 1225477SUSE bug 1225478SUSE bug 1225485SUSE bug 1225489SUSE bug 1225490SUSE bug 1225502SUSE bug 1225527SUSE bug 1225529SUSE bug 1225530SUSE bug 1225532SUSE bug 1225534SUSE bug 1225548SUSE bug 1225550SUSE bug 1225553SUSE bug 1225554SUSE bug 1225555SUSE bug 1225556SUSE bug 1225557SUSE bug 1225559SUSE bug 1225560SUSE bug 1225564SUSE bug 1225565SUSE bug 1225566SUSE bug 1225568SUSE bug 1225569SUSE bug 1225570SUSE bug 1225571SUSE bug 1225572SUSE bug 1225573SUSE bug 1225577SUSE bug 1225578SUSE bug 1225579SUSE bug 1225580SUSE bug 1225581SUSE bug 1225583SUSE bug 1225584SUSE bug 1225585SUSE bug 1225586SUSE bug 1225587SUSE bug 1225588SUSE bug 1225589SUSE bug 1225590SUSE bug 1225591SUSE bug 1225592SUSE bug 1225593SUSE bug 1225594SUSE bug 1225595SUSE bug 1225599SUSE bug 1225600SUSE bug 1225601SUSE bug 1225602SUSE bug 1225605SUSE bug 1225607SUSE bug 1225609SUSE bug 1225610SUSE bug 1225611SUSE bug 1225616SUSE bug 1225618SUSE bug 1225640SUSE bug 1225642SUSE bug 1225681SUSE bug 1225692SUSE bug 1225694SUSE bug 1225695SUSE bug 1225696SUSE bug 1225698SUSE bug 1225699SUSE bug 1225702SUSE bug 1225704SUSE bug 1225705SUSE bug 1225708SUSE bug 1225710SUSE bug 1225711SUSE bug 1225712SUSE bug 1225714SUSE bug 1225715SUSE bug 1225717SUSE bug 1225719SUSE bug 1225720SUSE bug 1225722SUSE bug 1225723SUSE bug 1225726SUSE bug 1225728SUSE bug 1225731SUSE bug 1225732SUSE bug 1225734SUSE bug 1225735SUSE bug 1225736SUSE bug 1225737SUSE bug 1225741SUSE bug 1225744SUSE bug 1225745SUSE bug 1225746SUSE bug 1225747SUSE bug 1225748SUSE bug 1225749SUSE bug 1225750SUSE bug 1225752SUSE bug 1225753SUSE bug 1225756SUSE bug 1225757SUSE bug 1225758SUSE bug 1225759SUSE bug 1225760SUSE bug 1225761SUSE bug 1225762SUSE bug 1225763SUSE bug 1225765SUSE bug 1225766SUSE bug 1225767SUSE bug 1225769SUSE bug 1225770SUSE bug 1225773SUSE bug 1225775SUSE bug 1225805SUSE bug 1225810SUSE bug 1225815SUSE bug 1225820SUSE bug 1225823SUSE bug 1225827SUSE bug 1225829SUSE bug 1225830SUSE bug 1225834SUSE bug 1225835SUSE bug 1225839SUSE bug 1225840SUSE bug 1225842SUSE bug 1225843SUSE bug 1225847SUSE bug 1225851SUSE bug 1225856SUSE bug 1225866SUSE bug 1225872SUSE bug 1225894SUSE bug 1225895SUSE bug 1225896SUSE bug 1225898SUSE bug 1225903SUSE bug 1225945SUSE bug 1226022SUSE bug 1226131SUSE bug 1226145SUSE bug 1226149SUSE bug 1226155SUSE bug 1226158SUSE bug 1226163SUSE bug 1226202SUSE bug 1226211SUSE bug 1226212SUSE bug 1226213SUSE bug 1226226SUSE bug 1226457SUSE bug 1226502SUSE bug 1226503SUSE bug 1226513SUSE bug 1226514SUSE bug 1226519SUSE bug 1226520SUSE bug 1226582SUSE bug 1226587SUSE bug 1226588SUSE bug 1226592SUSE bug 1226593SUSE bug 1226594SUSE bug 1226595SUSE bug 1226597SUSE bug 1226607SUSE bug 1226608SUSE bug 1226610SUSE bug 1226612SUSE bug 1226613SUSE bug 1226630SUSE bug 1226632SUSE bug 1226633SUSE bug 1226634SUSE bug 1226637SUSE bug 1226657SUSE bug 1226658SUSE bug 1226734SUSE bug 1226735SUSE bug 1226737SUSE bug 1226738SUSE bug 1226739SUSE bug 1226740SUSE bug 1226741SUSE bug 1226742SUSE bug 1226744SUSE bug 1226746SUSE bug 1226747SUSE bug 1226749SUSE bug 1226750SUSE bug 1226754SUSE bug 1226757SUSE bug 1226758SUSE bug 1226760SUSE bug 1226761SUSE bug 1226764SUSE bug 1226767SUSE bug 1226768SUSE bug 1226769SUSE bug 1226771SUSE bug 1226772SUSE bug 1226774SUSE bug 1226775SUSE bug 1226776SUSE bug 1226777SUSE bug 1226780SUSE bug 1226781SUSE bug 1226783SUSE bug 1226785SUSE bug 1226786SUSE bug 1226788SUSE bug 1226789SUSE bug 1226790SUSE bug 1226791SUSE bug 1226796SUSE bug 1226799SUSE bug 1226837SUSE bug 1226839SUSE bug 1226840SUSE bug 1226841SUSE bug 1226842SUSE bug 1226844SUSE bug 1226848SUSE bug 1226852SUSE bug 1226856SUSE bug 1226857SUSE bug 1226859SUSE bug 1226861SUSE bug 1226863SUSE bug 1226864SUSE bug 1226866SUSE bug 1226867SUSE bug 1226868SUSE bug 1226875SUSE bug 1226876SUSE bug 1226878SUSE bug 1226879SUSE bug 1226883SUSE bug 1226886SUSE bug 1226890SUSE bug 1226891SUSE bug 1226894SUSE bug 1226895SUSE bug 1226905SUSE bug 1226908SUSE bug 1226909SUSE bug 1226911SUSE bug 1226915SUSE bug 1226928SUSE bug 1226934SUSE bug 1226938SUSE bug 1226939SUSE bug 1226941SUSE bug 1226948SUSE bug 1226949SUSE bug 1226950SUSE bug 1226962SUSE bug 1226976SUSE bug 1226989SUSE bug 1226990SUSE bug 1226992SUSE bug 1226993SUSE bug 1226994SUSE bug 1226995SUSE bug 1226996SUSE bug 1227066SUSE bug 1227072SUSE bug 1227085SUSE bug 1227089SUSE bug 1227090SUSE bug 1227096SUSE bug 1227101SUSE bug 1227103SUSE bug 1227149SUSE bug 1227190SUSE bug 1227282SUSE bug 1227362SUSE bug 1227363SUSE bug 1227383SUSE bug 1227432SUSE bug 1227433SUSE bug 1227434SUSE bug 1227435SUSE bug 1227443SUSE bug 1227446SUSE bug 1227447SUSE bug 1227487SUSE bug 1227573SUSE bug 1227626SUSE bug 1227716SUSE bug 1227719SUSE bug 1227723SUSE bug 1227730SUSE bug 1227736SUSE bug 1227755SUSE bug 1227757SUSE bug 1227762SUSE bug 1227763SUSE bug 1227779SUSE bug 1227780SUSE bug 1227783SUSE bug 1227786SUSE bug 1227788SUSE bug 1227789SUSE bug 1227797SUSE bug 1227800SUSE bug 1227801SUSE bug 1227803SUSE bug 1227806SUSE bug 1227813SUSE bug 1227814SUSE bug 1227836SUSE bug 1227855SUSE bug 1227862SUSE bug 1227866SUSE bug 1227886SUSE bug 1227899SUSE bug 1227910SUSE bug 1227913SUSE bug 1227926SUSE bug 1228090SUSE bug 1228114SUSE bug 1228192SUSE bug 1228193SUSE bug 1228211SUSE bug 1228269SUSE bug 1228289SUSE bug 1228327SUSE bug 1228328SUSE bug 1228403SUSE bug 1228405SUSE bug 1228408SUSE bug 1228417SUSE bug 1229025CVE-2021-47432 at SUSECVE-2021-47432 at NVDCVE-2022-48669 at SUSECVE-2022-48669 at NVDCVE-2022-48772 at SUSECVE-2022-48772 at NVDCVE-2023-0160 at SUSECVE-2023-0160 at NVDCVE-2023-38417 at SUSECVE-2023-38417 at NVDCVE-2023-47210 at SUSECVE-2023-47210 at NVDCVE-2023-51780 at SUSECVE-2023-51780 at NVDCVE-2023-52434 at SUSECVE-2023-52434 at NVDCVE-2023-52435 at SUSECVE-2023-52435 at NVDCVE-2023-52472 at SUSECVE-2023-52472 at NVDCVE-2023-52483 at SUSECVE-2023-52483 at NVDCVE-2023-52616 at SUSECVE-2023-52616 at NVDCVE-2023-52618 at SUSECVE-2023-52618 at NVDCVE-2023-52622 at SUSECVE-2023-52622 at NVDCVE-2023-52635 at SUSECVE-2023-52635 at NVDCVE-2023-52641 at SUSECVE-2023-52641 at NVDCVE-2023-52647 at SUSECVE-2023-52647 at NVDCVE-2023-52648 at SUSECVE-2023-52648 at NVDCVE-2023-52649 at SUSECVE-2023-52649 at NVDCVE-2023-52650 at SUSECVE-2023-52650 at NVDCVE-2023-52652 at SUSECVE-2023-52652 at NVDCVE-2023-52653 at SUSECVE-2023-52653 at NVDCVE-2023-52654 at SUSECVE-2023-52654 at NVDCVE-2023-52655 at SUSECVE-2023-52655 at NVDCVE-2023-52656 at SUSECVE-2023-52656 at NVDCVE-2023-52657 at SUSECVE-2023-52657 at NVDCVE-2023-52658 at SUSECVE-2023-52658 at NVDCVE-2023-52659 at SUSECVE-2023-52659 at NVDCVE-2023-52660 at SUSECVE-2023-52660 at NVDCVE-2023-52661 at SUSECVE-2023-52661 at NVDCVE-2023-52662 at SUSECVE-2023-52662 at NVDCVE-2023-52663 at SUSECVE-2023-52663 at NVDCVE-2023-52664 at SUSECVE-2023-52664 at NVDCVE-2023-52667 at SUSECVE-2023-52667 at NVDCVE-2023-52669 at SUSECVE-2023-52669 at NVDCVE-2023-52670 at SUSECVE-2023-52670 at NVDCVE-2023-52671 at SUSECVE-2023-52671 at NVDCVE-2023-52672 at SUSECVE-2023-52672 at NVDCVE-2023-52673 at SUSECVE-2023-52673 at NVDCVE-2023-52674 at SUSECVE-2023-52674 at NVDCVE-2023-52675 at SUSECVE-2023-52675 at NVDCVE-2023-52676 at SUSECVE-2023-52676 at NVDCVE-2023-52678 at SUSECVE-2023-52678 at NVDCVE-2023-52679 at SUSECVE-2023-52679 at NVDCVE-2023-52680 at SUSECVE-2023-52680 at NVDCVE-2023-52681 at SUSECVE-2023-52681 at NVDCVE-2023-52683 at SUSECVE-2023-52683 at NVDCVE-2023-52685 at SUSECVE-2023-52685 at NVDCVE-2023-52686 at SUSECVE-2023-52686 at NVDCVE-2023-52687 at SUSECVE-2023-52687 at NVDCVE-2023-52690 at SUSECVE-2023-52690 at NVDCVE-2023-52691 at SUSECVE-2023-52691 at NVDCVE-2023-52692 at SUSECVE-2023-52692 at NVDCVE-2023-52693 at SUSECVE-2023-52693 at NVDCVE-2023-52694 at SUSECVE-2023-52694 at NVDCVE-2023-52695 at SUSECVE-2023-52695 at NVDCVE-2023-52696 at SUSECVE-2023-52696 at NVDCVE-2023-52697 at SUSECVE-2023-52697 at NVDCVE-2023-52698 at SUSECVE-2023-52698 at NVDCVE-2023-52699 at SUSECVE-2023-52699 at NVDCVE-2023-52735 at SUSECVE-2023-52735 at NVDCVE-2023-52749 at SUSECVE-2023-52749 at NVDCVE-2023-52750 at SUSECVE-2023-52750 at NVDCVE-2023-52751 at SUSECVE-2023-52751 at NVDCVE-2023-52753 at SUSECVE-2023-52753 at NVDCVE-2023-52754 at SUSECVE-2023-52754 at NVDCVE-2023-52757 at SUSECVE-2023-52757 at NVDCVE-2023-52759 at SUSECVE-2023-52759 at NVDCVE-2023-52762 at SUSECVE-2023-52762 at NVDCVE-2023-52763 at SUSECVE-2023-52763 at NVDCVE-2023-52764 at SUSECVE-2023-52764 at NVDCVE-2023-52765 at SUSECVE-2023-52765 at NVDCVE-2023-52766 at SUSECVE-2023-52766 at NVDCVE-2023-52767 at SUSECVE-2023-52767 at NVDCVE-2023-52768 at SUSECVE-2023-52768 at NVDCVE-2023-52769 at SUSECVE-2023-52769 at NVDCVE-2023-52771 at SUSECVE-2023-52771 at NVDCVE-2023-52772 at SUSECVE-2023-52772 at NVDCVE-2023-52773 at SUSECVE-2023-52773 at NVDCVE-2023-52774 at SUSECVE-2023-52774 at NVDCVE-2023-52775 at SUSECVE-2023-52775 at NVDCVE-2023-52776 at SUSECVE-2023-52776 at NVDCVE-2023-52777 at SUSECVE-2023-52777 at NVDCVE-2023-52780 at SUSECVE-2023-52780 at NVDCVE-2023-52781 at SUSECVE-2023-52781 at NVDCVE-2023-52782 at SUSECVE-2023-52782 at NVDCVE-2023-52783 at SUSECVE-2023-52783 at NVDCVE-2023-52784 at SUSECVE-2023-52784 at NVDCVE-2023-52786 at SUSECVE-2023-52786 at NVDCVE-2023-52787 at SUSECVE-2023-52787 at NVDCVE-2023-52788 at SUSECVE-2023-52788 at NVDCVE-2023-52789 at SUSECVE-2023-52789 at NVDCVE-2023-52791 at SUSECVE-2023-52791 at NVDCVE-2023-52792 at SUSECVE-2023-52792 at NVDCVE-2023-52794 at SUSECVE-2023-52794 at NVDCVE-2023-52795 at SUSECVE-2023-52795 at NVDCVE-2023-52796 at SUSECVE-2023-52796 at NVDCVE-2023-52798 at SUSECVE-2023-52798 at NVDCVE-2023-52799 at SUSECVE-2023-52799 at NVDCVE-2023-52800 at SUSECVE-2023-52800 at NVDCVE-2023-52801 at SUSECVE-2023-52801 at NVDCVE-2023-52803 at SUSECVE-2023-52803 at NVDCVE-2023-52804 at SUSECVE-2023-52804 at NVDCVE-2023-52805 at SUSECVE-2023-52805 at NVDCVE-2023-52806 at SUSECVE-2023-52806 at NVDCVE-2023-52807 at SUSECVE-2023-52807 at NVDCVE-2023-52808 at SUSECVE-2023-52808 at NVDCVE-2023-52809 at SUSECVE-2023-52809 at NVDCVE-2023-52810 at SUSECVE-2023-52810 at NVDCVE-2023-52811 at SUSECVE-2023-52811 at NVDCVE-2023-52812 at SUSECVE-2023-52812 at NVDCVE-2023-52813 at SUSECVE-2023-52813 at NVDCVE-2023-52814 at SUSECVE-2023-52814 at NVDCVE-2023-52815 at SUSECVE-2023-52815 at NVDCVE-2023-52816 at SUSECVE-2023-52816 at NVDCVE-2023-52817 at SUSECVE-2023-52817 at NVDCVE-2023-52818 at SUSECVE-2023-52818 at NVDCVE-2023-52819 at SUSECVE-2023-52819 at NVDCVE-2023-52821 at SUSECVE-2023-52821 at NVDCVE-2023-52825 at SUSECVE-2023-52825 at NVDCVE-2023-52826 at SUSECVE-2023-52826 at NVDCVE-2023-52827 at SUSECVE-2023-52827 at NVDCVE-2023-52829 at SUSECVE-2023-52829 at NVDCVE-2023-52832 at SUSECVE-2023-52832 at NVDCVE-2023-52833 at SUSECVE-2023-52833 at NVDCVE-2023-52834 at SUSECVE-2023-52834 at NVDCVE-2023-52835 at SUSECVE-2023-52835 at NVDCVE-2023-52836 at SUSECVE-2023-52836 at NVDCVE-2023-52837 at SUSECVE-2023-52837 at NVDCVE-2023-52838 at SUSECVE-2023-52838 at NVDCVE-2023-52840 at SUSECVE-2023-52840 at NVDCVE-2023-52841 at SUSECVE-2023-52841 at NVDCVE-2023-52842 at SUSECVE-2023-52842 at NVDCVE-2023-52843 at SUSECVE-2023-52843 at NVDCVE-2023-52844 at SUSECVE-2023-52844 at NVDCVE-2023-52845 at SUSECVE-2023-52845 at NVDCVE-2023-52846 at SUSECVE-2023-52846 at NVDCVE-2023-52847 at SUSECVE-2023-52847 at NVDCVE-2023-52849 at SUSECVE-2023-52849 at NVDCVE-2023-52850 at SUSECVE-2023-52850 at NVDCVE-2023-52851 at SUSECVE-2023-52851 at NVDCVE-2023-52853 at SUSECVE-2023-52853 at NVDCVE-2023-52854 at SUSECVE-2023-52854 at NVDCVE-2023-52855 at SUSECVE-2023-52855 at NVDCVE-2023-52856 at SUSECVE-2023-52856 at NVDCVE-2023-52857 at SUSECVE-2023-52857 at NVDCVE-2023-52858 at SUSECVE-2023-52858 at NVDCVE-2023-52860 at SUSECVE-2023-52860 at NVDCVE-2023-52861 at SUSECVE-2023-52861 at NVDCVE-2023-52862 at SUSECVE-2023-52862 at NVDCVE-2023-52863 at SUSECVE-2023-52863 at NVDCVE-2023-52864 at SUSECVE-2023-52864 at NVDCVE-2023-52865 at SUSECVE-2023-52865 at NVDCVE-2023-52866 at SUSECVE-2023-52866 at NVDCVE-2023-52867 at SUSECVE-2023-52867 at NVDCVE-2023-52868 at SUSECVE-2023-52868 at NVDCVE-2023-52869 at SUSECVE-2023-52869 at NVDCVE-2023-52870 at SUSECVE-2023-52870 at NVDCVE-2023-52871 at SUSECVE-2023-52871 at NVDCVE-2023-52872 at SUSECVE-2023-52872 at NVDCVE-2023-52873 at SUSECVE-2023-52873 at NVDCVE-2023-52874 at SUSECVE-2023-52874 at NVDCVE-2023-52875 at SUSECVE-2023-52875 at NVDCVE-2023-52876 at SUSECVE-2023-52876 at NVDCVE-2023-52877 at SUSECVE-2023-52877 at NVDCVE-2023-52878 at SUSECVE-2023-52878 at NVDCVE-2023-52879 at SUSECVE-2023-52879 at NVDCVE-2023-52880 at SUSECVE-2023-52880 at NVDCVE-2023-52881 at SUSECVE-2023-52881 at NVDCVE-2023-52882 at SUSECVE-2023-52882 at NVDCVE-2023-52883 at SUSECVE-2023-52883 at NVDCVE-2023-52884 at SUSECVE-2023-52884 at NVDCVE-2023-6238 at SUSECVE-2023-6238 at NVDCVE-2024-0639 at SUSECVE-2024-0639 at NVDCVE-2024-21823 at SUSECVE-2024-21823 at NVDCVE-2024-23848 at SUSECVE-2024-23848 at NVDCVE-2024-25741 at SUSECVE-2024-25741 at NVDCVE-2024-26582 at SUSECVE-2024-26582 at NVDCVE-2024-26611 at SUSECVE-2024-26611 at NVDCVE-2024-26615 at SUSECVE-2024-26615 at NVDCVE-2024-26623 at SUSECVE-2024-26623 at NVDCVE-2024-26625 at SUSECVE-2024-26625 at NVDCVE-2024-26632 at SUSECVE-2024-26632 at NVDCVE-2024-26633 at SUSECVE-2024-26633 at NVDCVE-2024-26635 at SUSECVE-2024-26635 at NVDCVE-2024-26636 at SUSECVE-2024-26636 at NVDCVE-2024-26638 at SUSECVE-2024-26638 at NVDCVE-2024-26641 at SUSECVE-2024-26641 at NVDCVE-2024-26643 at SUSECVE-2024-26643 at NVDCVE-2024-26663 at SUSECVE-2024-26663 at NVDCVE-2024-26665 at SUSECVE-2024-26665 at NVDCVE-2024-26671 at SUSECVE-2024-26671 at NVDCVE-2024-26673 at SUSECVE-2024-26673 at NVDCVE-2024-26674 at SUSECVE-2024-26674 at NVDCVE-2024-26676 at SUSECVE-2024-26676 at NVDCVE-2024-26679 at SUSECVE-2024-26679 at NVDCVE-2024-26691 at SUSECVE-2024-26691 at NVDCVE-2024-26692 at SUSECVE-2024-26692 at NVDCVE-2024-26726 at SUSECVE-2024-26726 at NVDCVE-2024-26734 at SUSECVE-2024-26734 at NVDCVE-2024-26739 at SUSECVE-2024-26739 at NVDCVE-2024-26742 at SUSECVE-2024-26742 at NVDCVE-2024-26750 at SUSECVE-2024-26750 at NVDCVE-2024-26758 at SUSECVE-2024-26758 at NVDCVE-2024-26760 at SUSECVE-2024-26760 at NVDCVE-2024-26761 at SUSECVE-2024-26761 at NVDCVE-2024-26767 at SUSECVE-2024-26767 at NVDCVE-2024-26772 at SUSECVE-2024-26772 at NVDCVE-2024-26775 at SUSECVE-2024-26775 at NVDCVE-2024-26780 at SUSECVE-2024-26780 at NVDCVE-2024-26783 at SUSECVE-2024-26783 at NVDCVE-2024-26785 at SUSECVE-2024-26785 at NVDCVE-2024-26786 at SUSECVE-2024-26786 at NVDCVE-2024-26791 at SUSECVE-2024-26791 at NVDCVE-2024-26794 at SUSECVE-2024-26794 at NVDCVE-2024-26813 at SUSECVE-2024-26813 at NVDCVE-2024-26814 at SUSECVE-2024-26814 at NVDCVE-2024-26816 at SUSECVE-2024-26816 at NVDCVE-2024-26822 at SUSECVE-2024-26822 at NVDCVE-2024-26826 at SUSECVE-2024-26826 at NVDCVE-2024-26828 at SUSECVE-2024-26828 at NVDCVE-2024-26832 at SUSECVE-2024-26832 at NVDCVE-2024-26845 at SUSECVE-2024-26845 at NVDCVE-2024-26846 at SUSECVE-2024-26846 at NVDCVE-2024-26852 at SUSECVE-2024-26852 at NVDCVE-2024-26853 at SUSECVE-2024-26853 at NVDCVE-2024-26854 at SUSECVE-2024-26854 at NVDCVE-2024-26855 at SUSECVE-2024-26855 at NVDCVE-2024-26856 at SUSECVE-2024-26856 at NVDCVE-2024-26857 at SUSECVE-2024-26857 at NVDCVE-2024-26858 at SUSECVE-2024-26858 at NVDCVE-2024-26860 at SUSECVE-2024-26860 at NVDCVE-2024-26861 at SUSECVE-2024-26861 at NVDCVE-2024-26862 at SUSECVE-2024-26862 at NVDCVE-2024-26863 at SUSECVE-2024-26863 at NVDCVE-2024-26865 at SUSECVE-2024-26865 at NVDCVE-2024-26866 at SUSECVE-2024-26866 at NVDCVE-2024-26868 at SUSECVE-2024-26868 at NVDCVE-2024-26870 at SUSECVE-2024-26870 at NVDCVE-2024-26877 at SUSECVE-2024-26877 at NVDCVE-2024-26878 at SUSECVE-2024-26878 at NVDCVE-2024-26880 at SUSECVE-2024-26880 at NVDCVE-2024-26881 at SUSECVE-2024-26881 at NVDCVE-2024-26883 at SUSECVE-2024-26883 at NVDCVE-2024-26884 at SUSECVE-2024-26884 at NVDCVE-2024-26885 at SUSECVE-2024-26885 at NVDCVE-2024-26889 at SUSECVE-2024-26889 at NVDCVE-2024-26890 at SUSECVE-2024-26890 at NVDCVE-2024-26892 at SUSECVE-2024-26892 at NVDCVE-2024-26893 at SUSECVE-2024-26893 at NVDCVE-2024-26895 at SUSECVE-2024-26895 at NVDCVE-2024-26897 at SUSECVE-2024-26897 at NVDCVE-2024-26898 at SUSECVE-2024-26898 at NVDCVE-2024-26899 at SUSECVE-2024-26899 at NVDCVE-2024-26900 at SUSECVE-2024-26900 at NVDCVE-2024-26901 at SUSECVE-2024-26901 at NVDCVE-2024-26903 at SUSECVE-2024-26903 at NVDCVE-2024-26906 at SUSECVE-2024-26906 at NVDCVE-2024-26907 at SUSECVE-2024-26907 at NVDCVE-2024-26909 at SUSECVE-2024-26909 at NVDCVE-2024-26913 at SUSECVE-2024-26913 at NVDCVE-2024-26914 at SUSECVE-2024-26914 at NVDCVE-2024-26915 at SUSECVE-2024-26915 at NVDCVE-2024-26916 at SUSECVE-2024-26916 at NVDCVE-2024-26919 at SUSECVE-2024-26919 at NVDCVE-2024-26920 at SUSECVE-2024-26920 at NVDCVE-2024-26921 at SUSECVE-2024-26921 at NVDCVE-2024-26922 at SUSECVE-2024-26922 at NVDCVE-2024-26923 at SUSECVE-2024-26923 at NVDCVE-2024-26925 at SUSECVE-2024-26925 at NVDCVE-2024-26927 at SUSECVE-2024-26927 at NVDCVE-2024-26928 at SUSECVE-2024-26928 at NVDCVE-2024-26929 at SUSECVE-2024-26929 at NVDCVE-2024-26930 at SUSECVE-2024-26930 at NVDCVE-2024-26931 at SUSECVE-2024-26931 at NVDCVE-2024-26932 at SUSECVE-2024-26932 at NVDCVE-2024-26933 at SUSECVE-2024-26933 at NVDCVE-2024-26934 at SUSECVE-2024-26934 at NVDCVE-2024-26935 at SUSECVE-2024-26935 at NVDCVE-2024-26937 at SUSECVE-2024-26937 at NVDCVE-2024-26938 at SUSECVE-2024-26938 at NVDCVE-2024-26939 at SUSECVE-2024-26939 at NVDCVE-2024-26940 at SUSECVE-2024-26940 at NVDCVE-2024-26943 at SUSECVE-2024-26943 at NVDCVE-2024-26944 at SUSECVE-2024-26944 at NVDCVE-2024-26945 at SUSECVE-2024-26945 at NVDCVE-2024-26946 at SUSECVE-2024-26946 at NVDCVE-2024-26948 at SUSECVE-2024-26948 at NVDCVE-2024-26949 at SUSECVE-2024-26949 at NVDCVE-2024-26950 at SUSECVE-2024-26950 at NVDCVE-2024-26951 at SUSECVE-2024-26951 at NVDCVE-2024-26955 at SUSECVE-2024-26955 at NVDCVE-2024-26956 at SUSECVE-2024-26956 at NVDCVE-2024-26957 at SUSECVE-2024-26957 at NVDCVE-2024-26958 at SUSECVE-2024-26958 at NVDCVE-2024-26959 at SUSECVE-2024-26959 at NVDCVE-2024-26960 at SUSECVE-2024-26960 at NVDCVE-2024-26961 at SUSECVE-2024-26961 at NVDCVE-2024-26962 at SUSECVE-2024-26962 at NVDCVE-2024-26963 at SUSECVE-2024-26963 at NVDCVE-2024-26964 at SUSECVE-2024-26964 at NVDCVE-2024-26965 at SUSECVE-2024-26965 at NVDCVE-2024-26966 at SUSECVE-2024-26966 at NVDCVE-2024-26968 at SUSECVE-2024-26968 at NVDCVE-2024-26969 at SUSECVE-2024-26969 at NVDCVE-2024-26970 at SUSECVE-2024-26970 at NVDCVE-2024-26972 at SUSECVE-2024-26972 at NVDCVE-2024-26973 at SUSECVE-2024-26973 at NVDCVE-2024-26974 at SUSECVE-2024-26974 at NVDCVE-2024-26975 at SUSECVE-2024-26975 at NVDCVE-2024-26977 at SUSECVE-2024-26977 at NVDCVE-2024-26978 at SUSECVE-2024-26978 at NVDCVE-2024-26981 at SUSECVE-2024-26981 at NVDCVE-2024-26982 at SUSECVE-2024-26982 at NVDCVE-2024-26983 at SUSECVE-2024-26983 at NVDCVE-2024-26984 at SUSECVE-2024-26984 at NVDCVE-2024-26986 at SUSECVE-2024-26986 at NVDCVE-2024-26988 at SUSECVE-2024-26988 at NVDCVE-2024-26989 at SUSECVE-2024-26989 at NVDCVE-2024-26990 at SUSECVE-2024-26990 at NVDCVE-2024-26991 at SUSECVE-2024-26991 at NVDCVE-2024-26992 at SUSECVE-2024-26992 at NVDCVE-2024-26993 at SUSECVE-2024-26993 at NVDCVE-2024-26994 at SUSECVE-2024-26994 at NVDCVE-2024-26995 at SUSECVE-2024-26995 at NVDCVE-2024-26996 at SUSECVE-2024-26996 at NVDCVE-2024-26997 at SUSECVE-2024-26997 at NVDCVE-2024-26999 at SUSECVE-2024-26999 at NVDCVE-2024-27000 at SUSECVE-2024-27000 at NVDCVE-2024-27001 at SUSECVE-2024-27001 at NVDCVE-2024-27002 at SUSECVE-2024-27002 at NVDCVE-2024-27003 at SUSECVE-2024-27003 at NVDCVE-2024-27004 at SUSECVE-2024-27004 at NVDCVE-2024-27008 at SUSECVE-2024-27008 at NVDCVE-2024-27009 at SUSECVE-2024-27009 at NVDCVE-2024-27012 at SUSECVE-2024-27012 at NVDCVE-2024-27013 at SUSECVE-2024-27013 at NVDCVE-2024-27014 at SUSECVE-2024-27014 at NVDCVE-2024-27015 at SUSECVE-2024-27015 at NVDCVE-2024-27016 at SUSECVE-2024-27016 at NVDCVE-2024-27019 at SUSECVE-2024-27019 at NVDCVE-2024-27020 at SUSECVE-2024-27020 at NVDCVE-2024-27022 at SUSECVE-2024-27022 at NVDCVE-2024-27023 at SUSECVE-2024-27023 at NVDCVE-2024-27025 at SUSECVE-2024-27025 at NVDCVE-2024-27027 at SUSECVE-2024-27027 at NVDCVE-2024-27028 at SUSECVE-2024-27028 at NVDCVE-2024-27029 at SUSECVE-2024-27029 at NVDCVE-2024-27030 at SUSECVE-2024-27030 at NVDCVE-2024-27031 at SUSECVE-2024-27031 at NVDCVE-2024-27036 at SUSECVE-2024-27036 at NVDCVE-2024-27037 at SUSECVE-2024-27037 at NVDCVE-2024-27038 at SUSECVE-2024-27038 at NVDCVE-2024-27039 at SUSECVE-2024-27039 at NVDCVE-2024-27040 at SUSECVE-2024-27040 at NVDCVE-2024-27041 at SUSECVE-2024-27041 at NVDCVE-2024-27042 at SUSECVE-2024-27042 at NVDCVE-2024-27043 at SUSECVE-2024-27043 at NVDCVE-2024-27044 at SUSECVE-2024-27044 at NVDCVE-2024-27045 at SUSECVE-2024-27045 at NVDCVE-2024-27046 at SUSECVE-2024-27046 at NVDCVE-2024-27047 at SUSECVE-2024-27047 at NVDCVE-2024-27048 at SUSECVE-2024-27048 at NVDCVE-2024-27051 at SUSECVE-2024-27051 at NVDCVE-2024-27052 at SUSECVE-2024-27052 at NVDCVE-2024-27053 at SUSECVE-2024-27053 at NVDCVE-2024-27054 at SUSECVE-2024-27054 at NVDCVE-2024-27056 at SUSECVE-2024-27056 at NVDCVE-2024-27057 at SUSECVE-2024-27057 at NVDCVE-2024-27059 at SUSECVE-2024-27059 at NVDCVE-2024-27060 at SUSECVE-2024-27060 at NVDCVE-2024-27062 at SUSECVE-2024-27062 at NVDCVE-2024-27064 at SUSECVE-2024-27064 at NVDCVE-2024-27065 at SUSECVE-2024-27065 at NVDCVE-2024-27067 at SUSECVE-2024-27067 at NVDCVE-2024-27068 at SUSECVE-2024-27068 at NVDCVE-2024-27071 at SUSECVE-2024-27071 at NVDCVE-2024-27072 at SUSECVE-2024-27072 at NVDCVE-2024-27073 at SUSECVE-2024-27073 at NVDCVE-2024-27074 at SUSECVE-2024-27074 at NVDCVE-2024-27075 at SUSECVE-2024-27075 at NVDCVE-2024-27076 at SUSECVE-2024-27076 at NVDCVE-2024-27077 at SUSECVE-2024-27077 at NVDCVE-2024-27078 at SUSECVE-2024-27078 at NVDCVE-2024-27080 at SUSECVE-2024-27080 at NVDCVE-2024-27388 at SUSECVE-2024-27388 at NVDCVE-2024-27389 at SUSECVE-2024-27389 at NVDCVE-2024-27391 at SUSECVE-2024-27391 at NVDCVE-2024-27393 at SUSECVE-2024-27393 at NVDCVE-2024-27395 at SUSECVE-2024-27395 at NVDCVE-2024-27396 at SUSECVE-2024-27396 at NVDCVE-2024-27398 at SUSECVE-2024-27398 at NVDCVE-2024-27399 at SUSECVE-2024-27399 at NVDCVE-2024-27400 at SUSECVE-2024-27400 at NVDCVE-2024-27401 at SUSECVE-2024-27401 at NVDCVE-2024-27402 at SUSECVE-2024-27402 at NVDCVE-2024-27404 at SUSECVE-2024-27404 at NVDCVE-2024-27405 at SUSECVE-2024-27405 at NVDCVE-2024-27408 at SUSECVE-2024-27408 at NVDCVE-2024-27410 at SUSECVE-2024-27410 at NVDCVE-2024-27411 at SUSECVE-2024-27411 at NVDCVE-2024-27412 at SUSECVE-2024-27412 at NVDCVE-2024-27413 at SUSECVE-2024-27413 at NVDCVE-2024-27414 at SUSECVE-2024-27414 at NVDCVE-2024-27416 at SUSECVE-2024-27416 at NVDCVE-2024-27417 at SUSECVE-2024-27417 at NVDCVE-2024-27418 at SUSECVE-2024-27418 at NVDCVE-2024-27431 at SUSECVE-2024-27431 at NVDCVE-2024-27432 at SUSECVE-2024-27432 at NVDCVE-2024-27434 at SUSECVE-2024-27434 at NVDCVE-2024-27435 at SUSECVE-2024-27435 at NVDCVE-2024-27436 at SUSECVE-2024-27436 at NVDCVE-2024-33619 at SUSECVE-2024-33619 at NVDCVE-2024-34777 at SUSECVE-2024-34777 at NVDCVE-2024-35247 at SUSECVE-2024-35247 at NVDCVE-2024-35784 at SUSECVE-2024-35784 at NVDCVE-2024-35786 at SUSECVE-2024-35786 at NVDCVE-2024-35788 at SUSECVE-2024-35788 at NVDCVE-2024-35789 at SUSECVE-2024-35789 at NVDCVE-2024-35790 at SUSECVE-2024-35790 at NVDCVE-2024-35791 at SUSECVE-2024-35791 at NVDCVE-2024-35794 at SUSECVE-2024-35794 at NVDCVE-2024-35795 at SUSECVE-2024-35795 at NVDCVE-2024-35796 at SUSECVE-2024-35796 at NVDCVE-2024-35799 at SUSECVE-2024-35799 at NVDCVE-2024-35800 at SUSECVE-2024-35800 at NVDCVE-2024-35801 at SUSECVE-2024-35801 at NVDCVE-2024-35803 at SUSECVE-2024-35803 at NVDCVE-2024-35804 at SUSECVE-2024-35804 at NVDCVE-2024-35805 at SUSECVE-2024-35805 at NVDCVE-2024-35806 at SUSECVE-2024-35806 at NVDCVE-2024-35807 at SUSECVE-2024-35807 at NVDCVE-2024-35808 at SUSECVE-2024-35808 at NVDCVE-2024-35809 at SUSECVE-2024-35809 at NVDCVE-2024-35810 at SUSECVE-2024-35810 at NVDCVE-2024-35811 at SUSECVE-2024-35811 at NVDCVE-2024-35812 at SUSECVE-2024-35812 at NVDCVE-2024-35813 at SUSECVE-2024-35813 at NVDCVE-2024-35814 at SUSECVE-2024-35814 at NVDCVE-2024-35815 at SUSECVE-2024-35815 at NVDCVE-2024-35817 at SUSECVE-2024-35817 at NVDCVE-2024-35819 at SUSECVE-2024-35819 at NVDCVE-2024-35821 at SUSECVE-2024-35821 at NVDCVE-2024-35822 at SUSECVE-2024-35822 at NVDCVE-2024-35823 at SUSECVE-2024-35823 at NVDCVE-2024-35824 at SUSECVE-2024-35824 at NVDCVE-2024-35825 at SUSECVE-2024-35825 at NVDCVE-2024-35827 at SUSECVE-2024-35827 at NVDCVE-2024-35828 at SUSECVE-2024-35828 at NVDCVE-2024-35829 at SUSECVE-2024-35829 at NVDCVE-2024-35830 at SUSECVE-2024-35830 at NVDCVE-2024-35831 at SUSECVE-2024-35831 at NVDCVE-2024-35833 at SUSECVE-2024-35833 at NVDCVE-2024-35834 at SUSECVE-2024-35834 at NVDCVE-2024-35835 at SUSECVE-2024-35835 at NVDCVE-2024-35836 at SUSECVE-2024-35836 at NVDCVE-2024-35837 at SUSECVE-2024-35837 at NVDCVE-2024-35838 at SUSECVE-2024-35838 at NVDCVE-2024-35841 at SUSECVE-2024-35841 at NVDCVE-2024-35842 at SUSECVE-2024-35842 at NVDCVE-2024-35843 at SUSECVE-2024-35843 at NVDCVE-2024-35845 at SUSECVE-2024-35845 at NVDCVE-2024-35847 at SUSECVE-2024-35847 at NVDCVE-2024-35848 at SUSECVE-2024-35848 at NVDCVE-2024-35849 at SUSECVE-2024-35849 at NVDCVE-2024-35850 at SUSECVE-2024-35850 at NVDCVE-2024-35851 at SUSECVE-2024-35851 at NVDCVE-2024-35852 at SUSECVE-2024-35852 at NVDCVE-2024-35853 at SUSECVE-2024-35853 at NVDCVE-2024-35854 at SUSECVE-2024-35854 at NVDCVE-2024-35857 at SUSECVE-2024-35857 at NVDCVE-2024-35860 at SUSECVE-2024-35860 at NVDCVE-2024-35861 at SUSECVE-2024-35861 at NVDCVE-2024-35862 at SUSECVE-2024-35862 at NVDCVE-2024-35863 at SUSECVE-2024-35863 at NVDCVE-2024-35864 at SUSECVE-2024-35864 at NVDCVE-2024-35865 at SUSECVE-2024-35865 at NVDCVE-2024-35866 at SUSECVE-2024-35866 at NVDCVE-2024-35867 at SUSECVE-2024-35867 at NVDCVE-2024-35868 at SUSECVE-2024-35868 at NVDCVE-2024-35869 at SUSECVE-2024-35869 at NVDCVE-2024-35870 at SUSECVE-2024-35870 at NVDCVE-2024-35872 at SUSECVE-2024-35872 at NVDCVE-2024-35875 at SUSECVE-2024-35875 at NVDCVE-2024-35877 at SUSECVE-2024-35877 at NVDCVE-2024-35878 at SUSECVE-2024-35878 at NVDCVE-2024-35879 at SUSECVE-2024-35879 at NVDCVE-2024-35880 at SUSECVE-2024-35880 at NVDCVE-2024-35883 at SUSECVE-2024-35883 at NVDCVE-2024-35884 at SUSECVE-2024-35884 at NVDCVE-2024-35885 at SUSECVE-2024-35885 at NVDCVE-2024-35886 at SUSECVE-2024-35886 at NVDCVE-2024-35887 at SUSECVE-2024-35887 at NVDCVE-2024-35889 at SUSECVE-2024-35889 at NVDCVE-2024-35890 at SUSECVE-2024-35890 at NVDCVE-2024-35891 at SUSECVE-2024-35891 at NVDCVE-2024-35892 at SUSECVE-2024-35892 at NVDCVE-2024-35893 at SUSECVE-2024-35893 at NVDCVE-2024-35895 at SUSECVE-2024-35895 at NVDCVE-2024-35896 at SUSECVE-2024-35896 at NVDCVE-2024-35898 at SUSECVE-2024-35898 at NVDCVE-2024-35899 at SUSECVE-2024-35899 at NVDCVE-2024-35900 at SUSECVE-2024-35900 at NVDCVE-2024-35901 at SUSECVE-2024-35901 at NVDCVE-2024-35903 at SUSECVE-2024-35903 at NVDCVE-2024-35904 at SUSECVE-2024-35904 at NVDCVE-2024-35905 at SUSECVE-2024-35905 at NVDCVE-2024-35907 at SUSECVE-2024-35907 at NVDCVE-2024-35908 at SUSECVE-2024-35908 at NVDCVE-2024-35909 at SUSECVE-2024-35909 at NVDCVE-2024-35911 at SUSECVE-2024-35911 at NVDCVE-2024-35912 at SUSECVE-2024-35912 at NVDCVE-2024-35914 at SUSECVE-2024-35914 at NVDCVE-2024-35915 at SUSECVE-2024-35915 at NVDCVE-2024-35916 at SUSECVE-2024-35916 at NVDCVE-2024-35917 at SUSECVE-2024-35917 at NVDCVE-2024-35921 at SUSECVE-2024-35921 at NVDCVE-2024-35922 at SUSECVE-2024-35922 at NVDCVE-2024-35924 at SUSECVE-2024-35924 at NVDCVE-2024-35925 at SUSECVE-2024-35925 at NVDCVE-2024-35926 at SUSECVE-2024-35926 at NVDCVE-2024-35927 at SUSECVE-2024-35927 at NVDCVE-2024-35928 at SUSECVE-2024-35928 at NVDCVE-2024-35930 at SUSECVE-2024-35930 at NVDCVE-2024-35931 at SUSECVE-2024-35931 at NVDCVE-2024-35932 at SUSECVE-2024-35932 at NVDCVE-2024-35933 at SUSECVE-2024-35933 at NVDCVE-2024-35934 at SUSECVE-2024-35934 at NVDCVE-2024-35935 at SUSECVE-2024-35935 at NVDCVE-2024-35936 at SUSECVE-2024-35936 at NVDCVE-2024-35937 at SUSECVE-2024-35937 at NVDCVE-2024-35938 at SUSECVE-2024-35938 at NVDCVE-2024-35940 at SUSECVE-2024-35940 at NVDCVE-2024-35942 at SUSECVE-2024-35942 at NVDCVE-2024-35943 at SUSECVE-2024-35943 at NVDCVE-2024-35944 at SUSECVE-2024-35944 at NVDCVE-2024-35945 at SUSECVE-2024-35945 at NVDCVE-2024-35946 at SUSECVE-2024-35946 at NVDCVE-2024-35947 at SUSECVE-2024-35947 at NVDCVE-2024-35950 at SUSECVE-2024-35950 at NVDCVE-2024-35951 at SUSECVE-2024-35951 at NVDCVE-2024-35952 at SUSECVE-2024-35952 at NVDCVE-2024-35953 at SUSECVE-2024-35953 at NVDCVE-2024-35954 at SUSECVE-2024-35954 at NVDCVE-2024-35955 at SUSECVE-2024-35955 at NVDCVE-2024-35957 at SUSECVE-2024-35957 at NVDCVE-2024-35958 at SUSECVE-2024-35958 at NVDCVE-2024-35959 at SUSECVE-2024-35959 at NVDCVE-2024-35960 at SUSECVE-2024-35960 at NVDCVE-2024-35961 at SUSECVE-2024-35961 at NVDCVE-2024-35962 at SUSECVE-2024-35962 at NVDCVE-2024-35963 at SUSECVE-2024-35963 at NVDCVE-2024-35964 at SUSECVE-2024-35964 at NVDCVE-2024-35965 at SUSECVE-2024-35965 at NVDCVE-2024-35966 at SUSECVE-2024-35966 at NVDCVE-2024-35967 at SUSECVE-2024-35967 at NVDCVE-2024-35969 at SUSECVE-2024-35969 at NVDCVE-2024-35970 at SUSECVE-2024-35970 at NVDCVE-2024-35971 at SUSECVE-2024-35971 at NVDCVE-2024-35972 at SUSECVE-2024-35972 at NVDCVE-2024-35973 at SUSECVE-2024-35973 at NVDCVE-2024-35974 at SUSECVE-2024-35974 at NVDCVE-2024-35975 at SUSECVE-2024-35975 at NVDCVE-2024-35976 at SUSECVE-2024-35976 at NVDCVE-2024-35977 at SUSECVE-2024-35977 at NVDCVE-2024-35978 at SUSECVE-2024-35978 at NVDCVE-2024-35979 at SUSECVE-2024-35979 at NVDCVE-2024-35981 at SUSECVE-2024-35981 at NVDCVE-2024-35982 at SUSECVE-2024-35982 at NVDCVE-2024-35984 at SUSECVE-2024-35984 at NVDCVE-2024-35986 at SUSECVE-2024-35986 at NVDCVE-2024-35989 at SUSECVE-2024-35989 at NVDCVE-2024-35990 at SUSECVE-2024-35990 at NVDCVE-2024-35991 at SUSECVE-2024-35991 at NVDCVE-2024-35992 at SUSECVE-2024-35992 at NVDCVE-2024-35995 at SUSECVE-2024-35995 at NVDCVE-2024-35997 at SUSECVE-2024-35997 at NVDCVE-2024-35998 at SUSECVE-2024-35998 at NVDCVE-2024-35999 at SUSECVE-2024-35999 at NVDCVE-2024-36002 at SUSECVE-2024-36002 at NVDCVE-2024-36003 at SUSECVE-2024-36003 at NVDCVE-2024-36004 at SUSECVE-2024-36004 at NVDCVE-2024-36005 at SUSECVE-2024-36005 at NVDCVE-2024-36006 at SUSECVE-2024-36006 at NVDCVE-2024-36007 at SUSECVE-2024-36007 at NVDCVE-2024-36008 at SUSECVE-2024-36008 at NVDCVE-2024-36009 at SUSECVE-2024-36009 at NVDCVE-2024-36010 at SUSECVE-2024-36010 at NVDCVE-2024-36011 at SUSECVE-2024-36011 at NVDCVE-2024-36012 at SUSECVE-2024-36012 at NVDCVE-2024-36013 at SUSECVE-2024-36013 at NVDCVE-2024-36014 at SUSECVE-2024-36014 at NVDCVE-2024-36015 at SUSECVE-2024-36015 at NVDCVE-2024-36016 at SUSECVE-2024-36016 at NVDCVE-2024-36017 at SUSECVE-2024-36017 at NVDCVE-2024-36018 at SUSECVE-2024-36018 at NVDCVE-2024-36019 at SUSECVE-2024-36019 at NVDCVE-2024-36020 at SUSECVE-2024-36020 at NVDCVE-2024-36021 at SUSECVE-2024-36021 at NVDCVE-2024-36024 at SUSECVE-2024-36024 at NVDCVE-2024-36025 at SUSECVE-2024-36025 at NVDCVE-2024-36026 at SUSECVE-2024-36026 at NVDCVE-2024-36029 at SUSECVE-2024-36029 at NVDCVE-2024-36030 at SUSECVE-2024-36030 at NVDCVE-2024-36032 at SUSECVE-2024-36032 at NVDCVE-2024-36281 at SUSECVE-2024-36281 at NVDCVE-2024-36477 at SUSECVE-2024-36477 at NVDCVE-2024-36478 at SUSECVE-2024-36478 at NVDCVE-2024-36479 at SUSECVE-2024-36479 at NVDCVE-2024-36880 at SUSECVE-2024-36880 at NVDCVE-2024-36882 at SUSECVE-2024-36882 at NVDCVE-2024-36885 at SUSECVE-2024-36885 at NVDCVE-2024-36887 at SUSECVE-2024-36887 at NVDCVE-2024-36889 at SUSECVE-2024-36889 at NVDCVE-2024-36890 at SUSECVE-2024-36890 at NVDCVE-2024-36891 at SUSECVE-2024-36891 at NVDCVE-2024-36893 at SUSECVE-2024-36893 at NVDCVE-2024-36894 at SUSECVE-2024-36894 at NVDCVE-2024-36895 at SUSECVE-2024-36895 at NVDCVE-2024-36896 at SUSECVE-2024-36896 at NVDCVE-2024-36897 at SUSECVE-2024-36897 at NVDCVE-2024-36898 at SUSECVE-2024-36898 at NVDCVE-2024-36899 at SUSECVE-2024-36899 at NVDCVE-2024-36900 at SUSECVE-2024-36900 at NVDCVE-2024-36901 at SUSECVE-2024-36901 at NVDCVE-2024-36902 at SUSECVE-2024-36902 at NVDCVE-2024-36903 at SUSECVE-2024-36903 at NVDCVE-2024-36904 at SUSECVE-2024-36904 at NVDCVE-2024-36906 at SUSECVE-2024-36906 at NVDCVE-2024-36909 at SUSECVE-2024-36909 at NVDCVE-2024-36910 at SUSECVE-2024-36910 at NVDCVE-2024-36911 at SUSECVE-2024-36911 at NVDCVE-2024-36912 at SUSECVE-2024-36912 at NVDCVE-2024-36913 at SUSECVE-2024-36913 at NVDCVE-2024-36914 at SUSECVE-2024-36914 at NVDCVE-2024-36915 at SUSECVE-2024-36915 at NVDCVE-2024-36916 at SUSECVE-2024-36916 at NVDCVE-2024-36917 at SUSECVE-2024-36917 at NVDCVE-2024-36918 at SUSECVE-2024-36918 at NVDCVE-2024-36919 at SUSECVE-2024-36919 at NVDCVE-2024-36921 at SUSECVE-2024-36921 at NVDCVE-2024-36922 at SUSECVE-2024-36922 at NVDCVE-2024-36923 at SUSECVE-2024-36923 at NVDCVE-2024-36924 at SUSECVE-2024-36924 at NVDCVE-2024-36926 at SUSECVE-2024-36926 at NVDCVE-2024-36928 at SUSECVE-2024-36928 at NVDCVE-2024-36930 at SUSECVE-2024-36930 at NVDCVE-2024-36931 at SUSECVE-2024-36931 at NVDCVE-2024-36934 at SUSECVE-2024-36934 at NVDCVE-2024-36935 at SUSECVE-2024-36935 at NVDCVE-2024-36936 at SUSECVE-2024-36936 at NVDCVE-2024-36937 at SUSECVE-2024-36937 at NVDCVE-2024-36938 at SUSECVE-2024-36938 at NVDCVE-2024-36940 at SUSECVE-2024-36940 at NVDCVE-2024-36941 at SUSECVE-2024-36941 at NVDCVE-2024-36942 at SUSECVE-2024-36942 at NVDCVE-2024-36944 at SUSECVE-2024-36944 at NVDCVE-2024-36945 at SUSECVE-2024-36945 at NVDCVE-2024-36946 at SUSECVE-2024-36946 at NVDCVE-2024-36947 at SUSECVE-2024-36947 at NVDCVE-2024-36949 at SUSECVE-2024-36949 at NVDCVE-2024-36950 at SUSECVE-2024-36950 at NVDCVE-2024-36951 at SUSECVE-2024-36951 at NVDCVE-2024-36952 at SUSECVE-2024-36952 at NVDCVE-2024-36955 at SUSECVE-2024-36955 at NVDCVE-2024-36957 at SUSECVE-2024-36957 at NVDCVE-2024-36959 at SUSECVE-2024-36959 at NVDCVE-2024-36960 at SUSECVE-2024-36960 at NVDCVE-2024-36962 at SUSECVE-2024-36962 at NVDCVE-2024-36964 at SUSECVE-2024-36964 at NVDCVE-2024-36965 at SUSECVE-2024-36965 at NVDCVE-2024-36967 at SUSECVE-2024-36967 at NVDCVE-2024-36969 at SUSECVE-2024-36969 at NVDCVE-2024-36971 at SUSECVE-2024-36971 at NVDCVE-2024-36972 at SUSECVE-2024-36972 at NVDCVE-2024-36973 at SUSECVE-2024-36973 at NVDCVE-2024-36974 at SUSECVE-2024-36974 at NVDCVE-2024-36975 at SUSECVE-2024-36975 at NVDCVE-2024-36977 at SUSECVE-2024-36977 at NVDCVE-2024-36978 at SUSECVE-2024-36978 at NVDCVE-2024-37021 at SUSECVE-2024-37021 at NVDCVE-2024-37078 at SUSECVE-2024-37078 at NVDCVE-2024-37353 at SUSECVE-2024-37353 at NVDCVE-2024-37354 at SUSECVE-2024-37354 at NVDCVE-2024-38381 at SUSECVE-2024-38381 at NVDCVE-2024-38384 at SUSECVE-2024-38384 at NVDCVE-2024-38385 at SUSECVE-2024-38385 at NVDCVE-2024-38388 at SUSECVE-2024-38388 at NVDCVE-2024-38390 at SUSECVE-2024-38390 at NVDCVE-2024-38391 at SUSECVE-2024-38391 at NVDCVE-2024-38539 at SUSECVE-2024-38539 at NVDCVE-2024-38540 at SUSECVE-2024-38540 at NVDCVE-2024-38541 at SUSECVE-2024-38541 at NVDCVE-2024-38543 at SUSECVE-2024-38543 at NVDCVE-2024-38544 at SUSECVE-2024-38544 at NVDCVE-2024-38545 at SUSECVE-2024-38545 at NVDCVE-2024-38546 at SUSECVE-2024-38546 at NVDCVE-2024-38547 at SUSECVE-2024-38547 at NVDCVE-2024-38548 at SUSECVE-2024-38548 at NVDCVE-2024-38549 at SUSECVE-2024-38549 at NVDCVE-2024-38550 at SUSECVE-2024-38550 at NVDCVE-2024-38551 at SUSECVE-2024-38551 at NVDCVE-2024-38552 at SUSECVE-2024-38552 at NVDCVE-2024-38553 at SUSECVE-2024-38553 at NVDCVE-2024-38554 at SUSECVE-2024-38554 at NVDCVE-2024-38555 at SUSECVE-2024-38555 at NVDCVE-2024-38556 at SUSECVE-2024-38556 at NVDCVE-2024-38557 at SUSECVE-2024-38557 at NVDCVE-2024-38558 at SUSECVE-2024-38558 at NVDCVE-2024-38559 at SUSECVE-2024-38559 at NVDCVE-2024-38560 at SUSECVE-2024-38560 at NVDCVE-2024-38562 at SUSECVE-2024-38562 at NVDCVE-2024-38564 at SUSECVE-2024-38564 at NVDCVE-2024-38565 at SUSECVE-2024-38565 at NVDCVE-2024-38566 at SUSECVE-2024-38566 at NVDCVE-2024-38567 at SUSECVE-2024-38567 at NVDCVE-2024-38568 at SUSECVE-2024-38568 at NVDCVE-2024-38569 at SUSECVE-2024-38569 at NVDCVE-2024-38570 at SUSECVE-2024-38570 at NVDCVE-2024-38571 at SUSECVE-2024-38571 at NVDCVE-2024-38572 at SUSECVE-2024-38572 at NVDCVE-2024-38573 at SUSECVE-2024-38573 at NVDCVE-2024-38575 at SUSECVE-2024-38575 at NVDCVE-2024-38578 at SUSECVE-2024-38578 at NVDCVE-2024-38579 at SUSECVE-2024-38579 at NVDCVE-2024-38580 at SUSECVE-2024-38580 at NVDCVE-2024-38581 at SUSECVE-2024-38581 at NVDCVE-2024-38582 at SUSECVE-2024-38582 at NVDCVE-2024-38583 at SUSECVE-2024-38583 at NVDCVE-2024-38586 at SUSECVE-2024-38586 at NVDCVE-2024-38587 at SUSECVE-2024-38587 at NVDCVE-2024-38588 at SUSECVE-2024-38588 at NVDCVE-2024-38590 at SUSECVE-2024-38590 at NVDCVE-2024-38591 at SUSECVE-2024-38591 at NVDCVE-2024-38592 at SUSECVE-2024-38592 at NVDCVE-2024-38594 at SUSECVE-2024-38594 at NVDCVE-2024-38595 at SUSECVE-2024-38595 at NVDCVE-2024-38597 at SUSECVE-2024-38597 at NVDCVE-2024-38598 at SUSECVE-2024-38598 at NVDCVE-2024-38599 at SUSECVE-2024-38599 at NVDCVE-2024-38600 at SUSECVE-2024-38600 at NVDCVE-2024-38601 at SUSECVE-2024-38601 at NVDCVE-2024-38602 at SUSECVE-2024-38602 at NVDCVE-2024-38603 at SUSECVE-2024-38603 at NVDCVE-2024-38604 at SUSECVE-2024-38604 at NVDCVE-2024-38605 at SUSECVE-2024-38605 at NVDCVE-2024-38608 at SUSECVE-2024-38608 at NVDCVE-2024-38610 at SUSECVE-2024-38610 at NVDCVE-2024-38611 at SUSECVE-2024-38611 at NVDCVE-2024-38615 at SUSECVE-2024-38615 at NVDCVE-2024-38616 at SUSECVE-2024-38616 at NVDCVE-2024-38617 at SUSECVE-2024-38617 at NVDCVE-2024-38618 at SUSECVE-2024-38618 at NVDCVE-2024-38619 at SUSECVE-2024-38619 at NVDCVE-2024-38621 at SUSECVE-2024-38621 at NVDCVE-2024-38622 at SUSECVE-2024-38622 at NVDCVE-2024-38627 at SUSECVE-2024-38627 at NVDCVE-2024-38628 at SUSECVE-2024-38628 at NVDCVE-2024-38629 at SUSECVE-2024-38629 at NVDCVE-2024-38630 at SUSECVE-2024-38630 at NVDCVE-2024-38633 at SUSECVE-2024-38633 at NVDCVE-2024-38634 at SUSECVE-2024-38634 at NVDCVE-2024-38635 at SUSECVE-2024-38635 at NVDCVE-2024-38636 at SUSECVE-2024-38636 at NVDCVE-2024-38659 at SUSECVE-2024-38659 at NVDCVE-2024-38661 at SUSECVE-2024-38661 at NVDCVE-2024-38663 at SUSECVE-2024-38663 at NVDCVE-2024-38664 at SUSECVE-2024-38664 at NVDCVE-2024-38780 at SUSECVE-2024-38780 at NVDCVE-2024-39276 at SUSECVE-2024-39276 at NVDCVE-2024-39277 at SUSECVE-2024-39277 at NVDCVE-2024-39291 at SUSECVE-2024-39291 at NVDCVE-2024-39296 at SUSECVE-2024-39296 at NVDCVE-2024-39301 at SUSECVE-2024-39301 at NVDCVE-2024-39362 at SUSECVE-2024-39362 at NVDCVE-2024-39371 at SUSECVE-2024-39371 at NVDCVE-2024-39463 at SUSECVE-2024-39463 at NVDCVE-2024-39466 at SUSECVE-2024-39466 at NVDCVE-2024-39468 at SUSECVE-2024-39468 at NVDCVE-2024-39469 at SUSECVE-2024-39469 at NVDCVE-2024-39471 at SUSECVE-2024-39471 at NVDCVE-2024-39472 at SUSECVE-2024-39472 at NVDCVE-2024-39473 at SUSECVE-2024-39473 at NVDCVE-2024-39474 at SUSECVE-2024-39474 at NVDCVE-2024-39475 at SUSECVE-2024-39475 at NVDCVE-2024-39479 at SUSECVE-2024-39479 at NVDCVE-2024-39481 at SUSECVE-2024-39481 at NVDCVE-2024-39482 at SUSECVE-2024-39482 at NVDCVE-2024-39487 at SUSECVE-2024-39487 at NVDCVE-2024-39490 at SUSECVE-2024-39490 at NVDCVE-2024-39494 at SUSECVE-2024-39494 at NVDCVE-2024-39496 at SUSECVE-2024-39496 at NVDCVE-2024-39498 at SUSECVE-2024-39498 at NVDCVE-2024-39502 at SUSECVE-2024-39502 at NVDCVE-2024-39504 at SUSECVE-2024-39504 at NVDCVE-2024-39507 at SUSECVE-2024-39507 at NVDCVE-2024-40901 at SUSECVE-2024-40901 at NVDCVE-2024-40906 at SUSECVE-2024-40906 at NVDCVE-2024-40908 at SUSECVE-2024-40908 at NVDCVE-2024-40919 at SUSECVE-2024-40919 at NVDCVE-2024-40923 at SUSECVE-2024-40923 at NVDCVE-2024-40925 at SUSECVE-2024-40925 at NVDCVE-2024-40928 at SUSECVE-2024-40928 at NVDCVE-2024-40931 at SUSECVE-2024-40931 at NVDCVE-2024-40935 at SUSECVE-2024-40935 at NVDCVE-2024-40937 at SUSECVE-2024-40937 at NVDCVE-2024-40940 at SUSECVE-2024-40940 at NVDCVE-2024-40947 at SUSECVE-2024-40947 at NVDCVE-2024-40948 at SUSECVE-2024-40948 at NVDCVE-2024-40953 at SUSECVE-2024-40953 at NVDCVE-2024-40960 at SUSECVE-2024-40960 at NVDCVE-2024-40961 at SUSECVE-2024-40961 at NVDCVE-2024-40966 at SUSECVE-2024-40966 at NVDCVE-2024-40970 at SUSECVE-2024-40970 at NVDCVE-2024-40972 at SUSECVE-2024-40972 at NVDCVE-2024-40975 at SUSECVE-2024-40975 at NVDCVE-2024-40979 at SUSECVE-2024-40979 at NVDCVE-2024-40998 at SUSECVE-2024-40998 at NVDCVE-2024-40999 at SUSECVE-2024-40999 at NVDCVE-2024-41006 at SUSECVE-2024-41006 at NVDCVE-2024-41011 at SUSECVE-2024-41011 at NVDCVE-2024-41013 at SUSECVE-2024-41013 at NVDCVE-2024-41014 at SUSECVE-2024-41014 at NVDCVE-2024-41017 at SUSECVE-2024-41017 at NVDCVE-2024-41090 at SUSECVE-2024-41090 at NVDCVE-2024-41091 at SUSECVE-2024-41091 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-firmware (Moderate)SUSE Linux Micro 6.0
This update for kernel-firmware fixes the following issues:
Update to version 20240712:
* amdgpu: update DMCUB to v0.0.225.0 for Various AMDGPU Asics
* qcom: add gpu firmwares for x1e80100 chipset (bsc#1219458)
* linux-firmware: add firmware for qat_402xx devices
* amdgpu: update raven firmware
* amdgpu: update SMU 13.0.10 firmware
* amdgpu: update SDMA 6.0.3 firmware
* amdgpu: update PSP 13.0.10 firmware
* amdgpu: update GC 11.0.3 firmware
* amdgpu: update vega20 firmware
* amdgpu: update PSP 13.0.5 firmware
* amdgpu: update PSP 13.0.8 firmware
* amdgpu: update vega12 firmware
* amdgpu: update vega10 firmware
* amdgpu: update VCN 4.0.0 firmware
* amdgpu: update SDMA 6.0.0 firmware
* amdgpu: update PSP 13.0.0 firmware
* amdgpu: update GC 11.0.0 firmware
* amdgpu: update picasso firmware
* amdgpu: update beige goby firmware
* amdgpu: update vangogh firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update navy flounder firmware
* amdgpu: update PSP 13.0.11 firmware
* amdgpu: update GC 11.0.4 firmware
* amdgpu: update green sardine firmware
* amdgpu: update VCN 4.0.2 firmware
* amdgpu: update SDMA 6.0.1 firmware
* amdgpu: update PSP 13.0.4 firmware
* amdgpu: update GC 11.0.1 firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update VPE 6.1.1 firmware
* amdgpu: update VCN 4.0.6 firmware
* amdgpu: update SDMA 6.1.1 firmware
* amdgpu: update PSP 14.0.1 firmware
* amdgpu: update GC 11.5.1 firmware
* amdgpu: update VCN 4.0.5 firmware
* amdgpu: update SDMA 6.1.0 firmware
* amdgpu: update PSP 14.0.0 firmware
* amdgpu: update GC 11.5.0 firmware
* amdgpu: update navi14 firmware
* amdgpu: update renoir firmware
* amdgpu: update navi12 firmware
* amdgpu: update PSP 13.0.6 firmware
* amdgpu: update GC 9.4.3 firmware
* amdgpu: update yellow carp firmware
* amdgpu: update VCN 4.0.4 firmware
* amdgpu: update SMU 13.0.7 firmware
* amdgpu: update SDMA 6.0.2 firmware
* amdgpu: update PSP 13.0.7 firmware
* amdgpu: update GC 11.0.2 firmware
* amdgpu: update navi10 firmware
* amdgpu: update raven2 firmware
* amdgpu: update aldebaran firmware
* linux-firmware: Update AMD cpu microcode
* linux-firmware: Add ISH firmware file for Intel Lunar Lake platform
* amdgpu: update DMCUB to v0.0.224.0 for Various AMDGPU Asics
* cirrus: cs35l41: Update various firmware for ASUS laptops using CS35L41
* amdgpu: Update ISP FW for isp v4.1.1
ModerateSUSE bug 1219458SUSE bug 1222319SUSE bug 1225600SUSE bug 1225601CVE-2023-38417 at SUSECVE-2023-38417 at NVDCVE-2023-47210 at SUSECVE-2023-47210 at NVDcpe:/o:suse:sl-micro:6.0Security update for openssl-3 (Important)SUSE Linux Micro 6.0
This update for openssl-3 fixes the following issues:
- CVE-2024-41996: Fixed a denial of service in the Diffie-Hellman Key Agreement Protocol (bsc#1230698).
- CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262)
ImportantSUSE bug 1220262SUSE bug 1230698CVE-2023-50782 at SUSECVE-2023-50782 at NVDCVE-2024-41996 at SUSECVE-2024-41996 at NVDcpe:/o:suse:sl-micro:6.0Security update for rsync (Critical)SUSE Linux Micro 6.0
This update for rsync fixes the following issues:
- CVE-2024-12084: Fixed Heap Buffer Overflow in Checksum Parsing (bsc#1234100).
- CVE-2024-12085: Fixed Info Leak via uninitialized Stack contents defeating ASLR (bsc#1234101).
- CVE-2024-12086: Fixed server leaking arbitrary client files (bsc#1234102).
- CVE-2024-12087: Fixed server use of symbolic links to make client write files outside of destination directory (bsc#1234103).
- CVE-2024-12088: Fixed --safe-links bypass (bsc#1234104).
- CVE-2024-12747: Fixed Race Condition in rsync Handling Symbolic Links (bsc#1235475).
CriticalSUSE bug 1234100SUSE bug 1234101SUSE bug 1234102SUSE bug 1234103SUSE bug 1234104SUSE bug 1235475CVE-2024-12084 at SUSECVE-2024-12084 at NVDCVE-2024-12085 at SUSECVE-2024-12085 at NVDCVE-2024-12086 at SUSECVE-2024-12086 at NVDCVE-2024-12087 at SUSECVE-2024-12087 at NVDCVE-2024-12088 at SUSECVE-2024-12088 at NVDCVE-2024-12747 at SUSECVE-2024-12747 at NVDcpe:/o:suse:sl-micro:6.0Security update for skopeo (Important)SUSE Linux Micro 6.0
This update for skopeo fixes the following issues:
- Update to version 1.14.4:
* CVE-2024-3727: digest type does not guarantee valid type (bsc#1224123)
* Packit: update packit targets
* Bump gopkg.in/go-jose to v2.6.3
* Bump ocicrypt and go-jose CVE-2024-28180
* Freeze the fedora-minimal image reference at Fedora 38
* Bump c/common to v0.57.4
* Bump google.golang.org/protobuf to v1.33.0
* Bump Skopeo to v1.14.3-dev
- Update to version 1.14.2:
* Bump c/image to v5.29.2, c/common to v0.57.3 (fixes bsc#1219563)
- Update to version 1.14.1:
* fix(deps): update module github.com/containers/common to v0.57.2
* fix(deps): update module github.com/containers/image/v5 to v5.29.1
* chore(deps): update dependency containers/automation_images to v20240102
* Fix libsubid detection
* fix(deps): update module golang.org/x/term to v0.16.0
* fix(deps): update golang.org/x/exp digest to 02704c9
* chore(deps): update dependency containers/automation_images to v20231208
* [skip-ci] Update actions/stale action to v9
* fix(deps): update module github.com/containers/common to v0.57.1
* fix(deps): update golang.org/x/exp digest to 6522937
* fix(deps): update module golang.org/x/term to v0.15.0
ImportantSUSE bug 1219563SUSE bug 1224123CVE-2024-28180 at SUSECVE-2024-28180 at NVDCVE-2024-3727 at SUSECVE-2024-3727 at NVDcpe:/o:suse:sl-micro:6.0Security update for cloud-regionsrv-client (Moderate)SUSE Linux Micro 6.0
This update for cloud-regionsrv-client contains the following fixes:
- Update to 10.3.11 (bsc#1234050)
+ Send registration code for the extensions, not only base product
- Update to 10.3.9: (bsc#1234050)
+ Send registration code for the extensions, not only base product
- Update to 10.3.8: (bsc#1233333)
+ Fix the package requirements for cloud-regionsrv-client
+ Follow changes to suseconnect error reporting from stdout to stderr
- Update to 10.3.7: (bsc#1232770)
+ Fix the product triplet for LTSS, it is always SLES-LTSS, not
$BASEPRODUCT-LTSS
- Update to 10.3.6: (jsc#PCT-471, bsc#1230615)
+ Fix sudo setup
~ permissions cloudguestregistryauth
~ directory ownership /etc/sudoers.d
+ spec file
~ Remove traces of registry related entries on SLE 12
+ Forward port
~ fix for sles12 disable registry
~ fix for sles12 no trans_update
+ Deregister non free extensions at registercloudguest --clean
+ Fix registry cleanup at registercloudguest --clean, don't remove files
+ Prevent duplicate search entries in registry setup
- Update EC2 plugin to 1.0.5
+ Switch to using the region endpoint from IMDS to determine the region
instead of deriving the data from the availability zone
- Update to 10.3.5:
+ Update spec file to build in all code streams and have proper dependencies.
- Update to 10.3.4:
+ Modify the message when network access over a specific IP version does
not work. This is an informational message and should not look like
an error
+ Inform the user that LTSS registration takes a little longer
+ fix for sles12 no transactional update:
+ SLE 12 family has no products with transactional-update we do not
need to look for this condition
- From 10.3.3: (bsc#1229472)
+ Handle changes in process structure to properly identify the running
zypper parent process and only check for 1 PID
- From 10.3.2:
+ Remove rgnsrv-clnt-fix-docker-setup patch included upstream
- From 10.3.1: (jsc#PCT-400)
+ Add support for LTSS registration
+ Add fix for sles12 disable registry issue:
~ No container support in SLE 12
- Add fix for docker setup: (bsc#1229137)
+ The entry for the update infrastructure registry mirror was written
incorrectly causing docker daemon startup to fail.
- Update to version 10.3.0: (bsc#1227308, bsc#1222985)
+ Add support for sidecar registry
Podman and rootless Docker support to set up the necessary
configuration for the container engines to run as defined
+ Add running command as root through sudoers file
ModerateSUSE bug 1222985SUSE bug 1227308SUSE bug 1229137SUSE bug 1229472SUSE bug 1230615SUSE bug 1232770SUSE bug 1233333SUSE bug 1234050cpe:/o:suse:sl-micro:6.0Security update for SUSE Manager Client Tools (Moderate)SUSE Linux Micro 6.0
This update fixes the following issues:
salt:
- Revert setting SELinux context for minion service (bsc#1233667)
- Removed System V init support
- Fix the condition of alternatives for Tumbleweed and Leap 16
- Build all python bindings for all flavors
- Make minion reconnecting on changing master IP (bsc#1228182)
- Handle logger exception when flushing already closed file
- Include passlib as a recommended dependency
- Make Salt Bundle more tolerant to long running jobs (bsc#1228690)
uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:
- Security issues fixed:
* CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497)
- Other changes and bugs fixed:
* Version 0.1.27-0
+ Bump the default image tag to 5.0.3
+ IsInstalled function fix
+ Run systemctl daemon-reload after changing the container image config (bsc#1233279)
+ Coco-replicas-upgrade
+ Persist search server indexes (bsc#1231759)
+ Sync deletes files during migration (bsc#1233660)
+ Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
+ Add --registry back to mgrpxy (bsc#1233202)
+ Only add java.hostname on migrated server if not present
+ Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
+ Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
+ Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
* Version 0.1.26-0
+ Ignore all zypper caches during migration (bsc#1232769)
+ Use the uyuni network for all podman containers (bsc#1232817)
* Version 0.1.25-0
+ Don't migrate enabled systemd services, recreate them (bsc#1232575)
* Version 0.1.24-0
+ Redact JSESSIONID and pxt-session-cookie values from logs and
console output (bsc#1231568)
venv-salt-minion:
- Included D-Bus python module for SUSE distros (bsc#1231618)
- Reverted setting SELinux context for minion service (bsc#1233667)
- Make minion reconnecting on changing master IP (bsc#1228182)
- Fixed post_start_cleanup.sh shebang to work on all systems
- Handle logger exception when flushing already closed file
- Made Salt Bundle more tolerant to long running jobs (bsc#1228690)
- Modified:
* include-rpm
* filter-requires.sh
ModerateSUSE bug 1228182SUSE bug 1228690SUSE bug 1229079SUSE bug 1229104SUSE bug 1231497SUSE bug 1231568SUSE bug 1231618SUSE bug 1231759SUSE bug 1232575SUSE bug 1232769SUSE bug 1232817SUSE bug 1233202SUSE bug 1233279SUSE bug 1233630SUSE bug 1233660SUSE bug 1233667SUSE bug 1234123CVE-2024-22037 at SUSECVE-2024-22037 at NVDcpe:/o:suse:sl-micro:6.0Security update for unbound (Moderate)SUSE Linux Micro 6.0
This update for unbound fixes the following issues:
- Update to 1.22.0:
Features:
* Add iter-scrub-ns, iter-scrub-cname and max-global-quota
configuration options.
* Merge patch to fix for glue that is outside of zone, with
`harden-unverified-glue`, from Karthik Umashankar (Microsoft).
Enabling this option protects the Unbound resolver against bad
glue, that is unverified out of zone glue, by resolving them.
It uses the records as last resort if there is no other working
glue.
* Add redis-command-timeout: 20 and redis-connect-timeout: 200,
that can set the timeout separately for commands and the
connection set up to the redis server. If they are not
specified, the redis-timeout value is used.
* Log timestamps in ISO8601 format with timezone. This adds the
option `log-time-iso: yes` that logs in ISO8601 format.
* DNS over QUIC. This adds `quic-port: 853` and `quic-size: 8m`
that enable dnsoverquic, and the counters `num.query.quic` and
`mem.quic` in the statistics output. The feature needs to be
enabled by compiling with libngtcp2, with
`--with-libngtcp2=path` and libngtcp2 needs openssl+quic, pass
that with `--with-ssl=path` to compile unbound as well.
Bug Fixes:
* unbound-control-setup hangs while testing for openssl presence
starting from version 1.21.0.
* Fix error: "memory exhausted" when defining more than 9994
local-zones.
* Fix documentation for cache_fill_missing function.
* Fix Loads of logs: "validation failure: key for validation
<domain>. is marked as invalid because of a previous" for
non-DNSSEC signed zone.
* Fix that when rpz is applied the message does not get picked up
by the validator. That stops validation failures for the
message.
* Fix that stub-zone and forward-zone clauses do not exhaust
memory for long content.
* Fix to print port number in logs for auth zone transfer
activities.
* b.root renumbering.
* Add new IANA trust anchor.
* Fix config file read for dnstap-sample-rate.
* Fix alloc-size and calloc-transposed-args compiler warnings.
* Fix to limit NSEC and NSEC3 TTL when aggressive nsec is enabled
(RFC9077).
* Fix dns64 with prefetch that the prefetch is stored in cache.
* Attempt to further fix doh_downstream_buffer_size.tdir
flakiness.
* More clear text for prefetch and minimal-responses in the
unbound.conf man page.
* Fix cache update when serve expired is used. Expired records
are favored over resolution and validation failures when
serve-expired is used.
* Fix negative cache NSEC3 parameter compares for zero length
NSEC3 salt.
* Fix unbound-control-setup hangs sometimes depending on the
openssl version.
* Fix Cannot override tcp-upstream and tls-upstream with
forward-tcp-upstream and forward-tls-upstream.
* Fix to limit NSEC TTL for messages from cachedb. Fix to limit
the prefetch ttl for messages after a CNAME with short TTL.
* Fix to disable detection of quic configured ports when quic is
not compiled in.
* Fix harden-unverified-glue for AAAA cache_fill_missing lookups.
* Fix contrib/aaaa-filter-iterator for change in call
signature for cache_fill_missing.
* Fix to display warning if quic-port is set but dnsoverquic is
not enabled when compiled.
* Fix dnsoverquic to extend the number of streams when one is
closed.
* Fix for dnstap with dnscrypt and dnstap without dnsoverquic.
* Fix for dnsoverquic and dnstap to use the correct dnstap
environment.
- Update to 1.21.1:
Security Fixes:
* CVE-2024-8508: unbounded name compression could lead to
denial of service. (bsc#1231284)
ModerateSUSE bug 1231284CVE-2024-8508 at SUSECVE-2024-8508 at NVDcpe:/o:suse:sl-micro:6.0Security update for vim (Important)SUSE Linux Micro 6.0
This update for vim fixes the following issues:
vim was updated to 9.1.1101:
- CVE-2024-43374: Fixed use-after-free in alist_add() (bsc#1229238)
- CVE-2024-43790: Fixed Out of bounds read when performing a search command (bsc#1229685)
- CVE-2024-43802: Fixed heap-buffer-overflow in ins_typebuf() (bsc#1229822)
- CVE-2024-45306: Fixed heap-buffer-overflow in Vim (bsc#1230078)
- CVE-2024-47814: Fixed use-after-free when closing buffers in Vim (bsc#1231373)
- CVE-2025-1215: Fixed manipulation of the argument --log leads to memory corruption (bsc#1237137)
- CVE-2025-22134: Fixed heap-buffer-overflow in Vim < 9.1.1003 (bsc#1235695)
- CVE-2025-24014: Fixed segmentation fault in win_line() in Vim < 9.1.1043 (bsc#1236151)
Update to 9.1.1101:
* insexpand.c hard to read
* tests: Test_log_nonexistent only works on Linux
* Update base-syntax, improve variable matching
* Vim9: import with extends may crash
* leaking memory with completing multi lines
* --log with non-existent path causes a crash
* if_perl: Perl 5.38 adds new symbols causing link failure
* tests: matchparen plugin test wrongly named
* Vim9: problem finding implemented method in type hierarchy
* runtime(qf): Update syntax file, match second delimiter
* tests: output of test ...win32_ctrl_z depends on python version
* tests: fix expected return code for python 3.13 on Windows
* tests: timeout might be a bit too small
* tests: test_terminwscroll_topline2 unreliable
* tests: No check when tests are run under Github actions
* tests: plugin tests are named inconsistently
* Vim9: import with extends may crash
* completion doesn't work with multi lines
* filetype: cmmt files are not recognized
* Unable to persistently ignore events in a window and its buffers
* improve syntax highlighting
* setreg() doesn't correctly handle mbyte chars in blockwise mode
* unexpected DCS responses may cause out of bounds reads
* has('bsd') is true for GNU/Hurd
* filetype: Mill files are not recognized
* GUI late startup leads to uninitialized scrollbars
* Add support for lz4 to tar & gzip plugin
* Terminal ansi colors off by one after tgc reset
* included syntax items do not understand contains=TOP
* vim_strnchr() is strange and unnecessary
* Vim9: len variable not used in compile_load()
* runtime(vim): Update base-syntax, match :debuggreedy count prefix
* Strange error when heredoc marker starts with "trim"
* tests: test_compiler fails on Windows without Maven
* 'diffopt' "linematch" cannot be used with {n} less than 10
* args missing after failing to redefine a function
* Cannot control cursor positioning of getchar()
* preinsert text completions not deleted with <C-W>/<C-U>
* getchar() can't distinguish between C-I and Tab
* tests: Test_termwinscroll_topline2 fails on MacOS
* heap-use-after-free and stack-use-after-scope with :14verbose
* no digraph for "Approaches the limit"
* not possible to use plural forms with gettext()
* too many strlen() calls in userfunc.c
* terminal: E315 when dragging the terminal with the mouse
* runtime(openPlugin): fix unclosed parenthesis in GetWordUnderCursor()
* runtime(doc): Tweak documentation style a bit
* tests: test_glvs fails when unarchiver not available
* Vim always enables 'termguicolors' in a terminal
* completion: input text deleted with preinsert when adding leader
* translation(sr): Missing Serbian translation for the tutor
* Superfluous cleanup steps in test_ins_complete.vim
* runtime(netrw): correct wrong version check
* Vim doesn't highlight to be inserted text when completing
* runtime(netrw): upstream snapshot of v176
* runtime(dist/vim9): fix regressions in dist#vim9#Open
* runtime(hyprlang): fix string recognition
* make install fails because of a missing dependency
* runtime(asm): add byte directives to syntax script
* Vim doesn't work well with TERM=xterm-direct
* runtime(filetype): commit 99181205c5f8284a3 breaks V lang detection
* runtime: decouple Open and Launch commands and gx mapping from netrw
* "nosort" enables fuzzy filtering even if "fuzzy" isn't in 'completeopt'
* runtime(just): fix typo in syntax file
* runtime(filetype): Improve Verilog detection by checking for modules definition
* tests: off-by-one error in CheckCWD in test_debugger.vim
* tests: no support for env variables when running Vim in terminal
* too many strlen() calls in os_unix.c
* insert-completed items are always sorted
* crash after scrolling and pasting in silent Ex mode
* Makefiles uses non-portable syntax
* fuzzymatching doesn't prefer matching camelcase
* filetype: N-Tripels and TriG files are not recognized
* Vim9: Patch 9.1.1014 causes regressions
* translation(sr): Update Serbian messages translation
Update to 9.1.1043:
* [security]: segfault in win_line()
* update helptags
* filetype: just files are not recognized
* Update base-syntax, match ternary and falsy operators
* Vim9: out-of-bound access when echoing an enum
* Vim9: imported type cannot be used as func return type
* runtime(kconfig): updated ftplugin and syntax script
* runtime(doc): rename last t_BG reference to t_RB
* Vim9: comments are outdated
* tests: test_channel.py fails with IPv6
* runtime(vim): Update base-syntax, fix is/isnot operator matching
* Vim9: confusing error when using abstract method via super
* make install fails when using shadowdir
* Vim9: memory leak with blob2str()
* runtime(tex): add texEmphStyle to texMatchGroup in syntax script
* runtime(netrw): upstream snapshot of v175
* Vim9: compiling abstract method fails without return
* runtime(c): add new constexpr keyword to syntax file (C23)
* tests: shaderslang was removed from test_filetype erroneously
* link error when FEAT_SPELL not defined
* Coverity complains about insecure data handling
* runtime(sh): update syntax script
* runtime(c): Add missing syntax test files
* filetype: setting bash filetype is backwards incompatible
* runtime(c): Update syntax and ftplugin files
* the installer can be improved
* too many strlen() calls in screen.c
* no sanitize check when running linematch
* filetype: swc configuration files are not recognized
* runtime(netrw): change netrw maintainer
* wrong return type of blob2str()
* blob2str/str2blob() do not support list of strings
* runtime(doc): fix typo in usr_02.txt
* Coverity complains about dereferencing NULL pointer
* linematch option value not completed
* string might be used without a trailing NUL
* no way to get current selected item in a async context
* filetype: fd ignore files are not recognized
* v9.1.0743 causes regression with diff mode
* runtime(doc): fix base64 encode/decode examples
* Vim9: Patch 9.1.1013 causes a few problems
* Not possible to convert string2blob and blob2string
* Coverity complains about dereferencing NULL value
* Vim9: variable not found in transitive import
* runtime(colors): Update colorschemes, include new unokai colorscheme
* runtime(lyrics): support milliseconds in syntax script
* runtime(vim): Split Vim legacy and Vim9 script indent tests
* Vim9: class interface inheritance not correctly working
* popupmenu internal error with some abbr in completion item
* filetype: VisualCode setting file not recognized
* diff feature can be improved
* filetype: various ignore are not recognized
* tests: Load screendump files with "git vimdumps"
* PmenuMatch completion highlight can be combined
* completion text is highlighted even with no pattern found
* tests: a few termdebug tests are flaky
* [security]: heap-buffer-overflow with visual mode
* runtime(doc): add package-<name> helptags for included packages
* Vim9: unknown func error with interface declaring func var
* runtime(filetype): don't detect string interpolation as angular
* ComplMatchIns highlight hard to read on light background
* runtime(vim): Update base-syntax, highlight literal string quote escape
* runtime(editorconfig): set omnifunc to syntaxcomplete func
* tests: ruby tests fail with Ruby 3.4
* Vim9: leaking finished exception
* runtime(tiasm): use correct syntax name tiasm in syntax script
* filetype: TI assembly files are not recognized
* too many strlen() calls in drawscreen.c
* runtime(xf86conf): add section name OutputClass to syntax script
* ComplMatchIns may highlight wrong text
* runtime(vim): Update base-syntax, improve ex-bang matching
* runtime(doc): clarify buffer deletion on popup_close()
* filetype: shaderslang files are not detected
* Vim9: not able to use comment after opening curly brace
Update to 9.1.0993:
* 9.1.0993: New 'cmdheight' behavior may be surprising
* runtime(sh): fix typo in Last Change header
* 9.1.0992: Vim9: double-free after v9.1.0988
* 9.1.0991: v:stacktrace has wrong type in Vim9 script
* runtime(sh): add PS0 to bashSpecialVariables in syntax script
* runtime(vim): Remove trailing comma from match_words
* runtime(zsh): sync syntax script with upstream repo
* runtime(doc): Capitalise the mnemonic "Zero" for the 'z' flag of search()
* 9.1.0990: Inconsistent behavior when changing cmdheight
* 9.1.0989: Vim9: Whitespace after the final enum value causes a syntax error
* runtime(java): Quietly opt out for unsupported markdown.vim versions
* runtime(vim): fix failing vim syntax test
* 9.1.0988: Vim9: no error when using uninitialized var in new()
* runtime(doc): update index.txt
* 9.1.0987: filetype: cake files are not recognized
* 9.1.0986: filetype: 'jj' filetype is a bit imprecise
* runtime(jj): Support diffs in jj syntax
* runtime(vim): Update matchit pattern, no Vim9 short names
* 9.1.0985: Vim9: some ex commands can be shortened
* 9.1.0984: exception handling can be improved
* runtime(doc): update doc for :horizontal
* runtime(doc): update index.txt, windows.txt and version9.txt
* runtime(doc): Tweak documentation about base64 function
* runtime(chordpro): update syntax script
* 9.1.0983: not able to get the displayed items in complete_info()
* runtime(doc): use standard SGR format at :h xterm-true-color
* 9.1.0982: TI linker files are not recognized
* runtime(vim): update vim generator syntax script
* 9.1.0981: tests: typo in test_filetype.vim
* 9.1.0980: no support for base64 en-/decoding functions in Vim Script
* syntax(sh): Improve the recognition of bracket expressions
* runtime(doc): mention how NUL bytes are handled
* 9.1.0979: VMS: type warning with $XDG_VIMRC_FILE
* 9.1.0978: GUI tests sometimes fail when setting 'scroll' options
* 9.1.0977: filetype: msbuild filetypes are not recognized
* 9.1.0976: Vim9: missing return statement with throw
* 9.1.0975: Vim9: interpolated string expr not working in object methods
* 9.1.0974: typo in change of commit v9.1.0873
* 9.1.0973: too many strlen() calls in fileio.c
* runtime(sh): set shellcheck as the compiler for supported shells
* runtime(doc): Fix enum example syntax
* 9.1.0972: filetype: TI linker map files are not recognized
* runtime(vim): Improve syntax script generator for Vim Script
* 9.1.0971: filetype: SLNX files are not recognized
* 9.1.0970: VMS: build errors on VMS architecture
* runtime(doc): Fix documentation typos
* runtime(doc): update for new keyprotocol option value (after v9.1.0969)
* 9.1.0969: ghostty not using kitty protocol by default
* 9.1.0968: tests: GetFileNameChecks() isn't fully sorted by filetype name
* runtime(doc): update version9.txt for bash filetype
* runtime(netrw): update last change header for #16265
* runtime(doc): fix doc error in :r behaviour
* 9.1.0967: SpotBugs compiler setup can be further improved
* 9.1.0966: Vim9: :enum command can be shortened
* runtime(compiler): include a basic bash syntax checker compiler
* 9.1.0965: filetype: sh filetype set when detecting the use of bash
* runtime(doc): clarify ARCH value for 32-bit in INSTALLpc.txt
* 9.1.0963: fuzzy-matching does not prefer full match
* 9.1.0962: filetype: bun.lock file is not recognized
* runtime(vim): update indentation plugin for Vim script
* runtime(doc): tweak documentation style in helphelp.txt
* runtime(vim): Update base-syntax, allow parens in default arguments
* runtime(doc): mention auto-format using clang-format for sound.c/sign.c
* runtime(help): fix typo s/additional/arbitrary/
* runtime(help): Add better support for language annotation highlighting
* 9.1.0961: filetype: TI gel files are not recognized
* 9.1.0960: filetype: hy history files are not recognized
* translation(fi): Fix typoes in Finish menu translation
* 9.1.0959: Coverity complains about type conversion
* runtime(vim): Use supported syntax in indent tests
* 9.1.0958: filetype: supertux2 config files detected as lisp
* 9.1.0956: completion may crash, completion highlight wrong with preview window
* 9.1.0955: Vim9: vim9compile.c can be further improved
* runtime(doc): move help tag E1182
* runtime(graphql): contribute vim-graphql to Vim core
* 9.1.0954: popupmenu.c can be improved
* 9.1.0953: filetype: APKBUILD files not correctly detected
* 9.1.0952: Vim9: missing type checking for any type assignment
* 9.1.0951: filetype: jshell files are not recognized
* runtime(dockerfile): do not set commentstring in syntax script
* 9.1.0950: filetype: fennelrc files are not recognized
* runtime(netrw): do not double escape Vim special characters
* git: ignore reformatting change of netrw plugin
* runtime(netrw): more reformating #16248
* runtime(doc): Add a note about handling symbolic links in starting.txt
* 9.1.0949: popups inconsistently shifted to the left
* git: ignore reformatting change of netrw plugin
* runtime(netrw): change indent size from 1 to 2
* 9.1.0948: Missing cmdline completion for :pbuffer
* runtime(tutor): Reformat tutor1
* 9.1.0947: short-description
* 9.1.0946: cross-compiling fails on osx-arm64
* 9.1.0945: ComplMatchIns highlight doesn't end after inserted text
* translation(sv): re-include the change from #16240
* 9.1.0944: tests: test_registers fails when not run under X11
* 9.1.0943: Vim9: vim9compile.c can be further improved
* runtime(doc): Update README and mention make check to verify
* translation(sv): partly revert commit 98874dca6d0b60ccd6fc3a140b3ec
* runtime(vim): update base-syntax after v9.1.0936
* 9.1.0942: a few typos were found
* 9.1.0941: ComplMatchIns doesn't work after multibyte chars
* runtime(doc): Fix style in fold.txt
* translation(sv): Fix typo in Swedish translation
* 9.1.0940: Wrong cursor shape with "gq" and 'indentexpr' executes :normal
* runtime(doc): fix some small errors
* 9.1.0939: make installtutor fails
* 9.1.0938: exclusive selection not respected when re-selecting block mode
* 9.1.0937: test_undolist() is flaky
* 9.1.0936: cannot highlight completed text
* 9.1.0935: SpotBugs compiler can be improved
* 9.1.0934: hard to view an existing buffer in the preview window
* runtime(doc): document how to minimize fold computation costs
* 9.1.0933: Vim9: vim9compile.c can be further improved
* 9.1.0932: new Italian tutor not installed
* runtime(doc): fix a few minor errors from the last doc updates
* translation(it): add Italian translation for the interactive tutor
* runtime(doc): update the change.txt help file
* runtime(help): Add Vim lang annotation support for codeblocks
* 9.1.0931: ml_get error in terminal buffer
* 9.1.0930: tests: test_terminal2 may hang in GUI mode
* 9.1.0929: filetype: lalrpop files are not recognized
* 9.1.0928: tests: test_popupwin fails because the filter command fails
* editorconfig: set trim_trailing_whitespace = false for src/testdir/test*.vim
* 9.1.0927: style issues in insexpand.c
* 9.1.0926: filetype: Pixi lock files are not recognized
* runtime(doc): Add a reference to |++opt| and |+cmd| at `:h :pedit`
* runtime(doc): add a note about inclusive motions and exclusive selection
* 9.1.0925: Vim9: expression compiled when not necessary
* 9.1.0923: too many strlen() calls in filepath.c
* 9.1.0923: wrong MIN macro in popupmenu.c
* 9.1.0921: popupmenu logic is a bit convoluted
* 9.1.0920: Vim9: compile_assignment() too long
* 9.1.0919: filetype: some assembler files are not recognized
* runtime(netrw): do not pollute search history with symlinks
* 9.1.0918: tiny Vim crashes with fuzzy buffer completion
* 9.1.0917: various vartabstop and shiftround bugs when shifting lines
* runtime(typst): add definition lists to formatlistpat, update maintainer
* 9.1.0916: messages.c is exceeding 80 columns
* runtime(proto): include filetype plugin for protobuf
* 9.1.0915: GVim: default font size a bit too small
* 9.1.0914: Vim9: compile_assignment() is too long
* 9.1.0913: no error check for neg values for 'messagesopt'
* runtime(netrw): only check first arg of netrw_browsex_viewer for being executable
* 9.1.0912: xxd: integer overflow with sparse files and -autoskip
* 9.1.0911: Variable name for 'messagesopt' doesn't match short name
* 9.1.0910: 'messagesopt' does not check max wait time
* runtime(doc): update wrong Vietnamese localization tag
* 9.1.0909: Vim9: crash when calling instance method
Update to 9.1.0908:
* 9.1.0908: not possible to configure :messages
* 9.1.0907: printoptions:portrait does not change postscript Orientation
* runtime(doc): Add vietnamese.txt to helps main TOC
* 9.1.0906: filetype: Nvidia PTX files are not recognized
* runtime(doc): updated version9.txt with changes from v9.1.0905
* 9.1.0905: Missing information in CompleteDone event
* 9.1.0904: Vim9: copy-paste error in class_defining_member()
* 9.1.0903: potential overflow in spell_soundfold_wsal()
* runtime(netrw): do not detach when launching external programs in gvim
* runtime(doc): make tag alignment more consistent in filetype.txt
* runtime(doc): fix wrong syntax and style of vietnamese.txt
* translation(it): update Italian manpage for vimtutor
* runtime(lua): add optional lua function folding
* Filelist: include translations for Chapter 2 tutor
* translation(vi): Update Vietnamese translation
* runtime(doc): include vietnamese.txt
* runtime(tutor): fix another typo in tutor2
* runtime(doc): fix typo in vimtutor manpage
* translation(it): update Italian manpage for vimtutor
* translation(it): include Italian version of tutor chapter 2
* runtime(tutor): regenerated some translated tutor1 files
* runtime(tutor): fix typo in Chapter 2
* 9.1.0902: filetype: Conda configuration files are not recognized
* runtime(doc): Tweak documentation style a bit
* runtime(tutor): update the tutor files and re-number the chapters
* runtime(tutor): Update the makefiles for tutor1 and tutor2 files
* 9.1.0901: MS-Windows: vimtutor batch script can be improved
* runtime(doc): remove buffer-local completeopt todo item
* 9.1.0900: Vim9: digraph_getlist() does not accept bool arg
* runtime(typst): provide a formatlistpat in ftplugin
* runtime(doc): Update documentation for "noselect" in 'completeopt'
* 9.1.0899: default for 'backspace' can be set in C code
* runtime(helptoc): reload cached g:helptoc.shell_prompt when starting toc
* translation(ru): Updated messages translation
* 9.1.0898: runtime(compiler): pytest compiler not included
* 9.1.0897: filetype: pyrex files are not detected
* runtime(compiler): update eslint compiler
* 9.1.0896: completion list wrong after v9.1.0891
* runtime(doc): document changed default value for 'history'
* 9.1.0895: default history value is too small
* 9.1.0894: No test for what the spotbug compiler parses
* 9.1.0893: No test that undofile format does not regress
* translation(de): update German manpages
* runtime(compiler): include spotbugs Java linter
* 9.1.0892: the max value of 'tabheight' is limited by other tabpages
* runtime(po): remove poDiffOld/New, add po-format flags to syntax file
* 9.1.0891: building the completion list array is inefficient
* patch 9.1.0890: %! item not allowed for 'rulerformat'
* runtime(gzip): load undofile if there exists one
* 9.1.0889: Possible unnecessary redraw after adding/deleting lines
* 9.1.0888: leftcol property not available in getwininfo()
* 9.1.0887: Wrong expression in sign.c
* 9.1.0886: filetype: debian control file not detected
* runtime(c3): include c3 filetype plugin
* 9.1.0885: style of sign.c can be improved
* 9.1.0884: gcc warns about uninitialized variable
* runtime(apache): Update syntax directives for apache server 2.4.62
* translation(ru): updated vimtutor translation, update MAINTAINERS file
* 9.1.0883: message history cleanup is missing some tests
* runtime(doc): Expand docs on :! vs. :term
* runtime(netrw): Fixing powershell execution issues on Windows
* 9.1.0882: too many strlen() calls in insexpand.c
* 9.1.0881: GUI: message dialog may not get focus
* runtime(netrw): update netrw's decompress logic
* runtime(apache): Update syntax keyword definition
* runtime(misc): add Italian LICENSE and (top-level) README file
* 9.1.0880: filetype: C3 files are not recognized
* runtime(doc): add helptag for :HelpToc command
* 9.1.0879: source is not consistently formatted
* Add clang-format config file
* runtime(compiler): fix escaping of arguments passed to :CompilerSet
* 9.1.0878: termdebug: cannot enable DEBUG mode
* 9.1.0877: tests: missing test for termdebug + decimal signs
* 9.1.0876: filetype: openCL files are not recognized
* 9.1.0875: filetype: hyprlang detection can be improved
* 9.1.0874: filetype: karel files are not detected
* 9.1.0873: filetype: Vivado files are not recognized
* 9.1.0872: No test for W23 message
* 9.1.0871: getcellpixels() can be further improved
* 9.1.0870: too many strlen() calls in eval.c
* 9.1.0869: Problem: curswant not set on gm in folded line
* 9.1.0868: the warning about missing clipboard can be improved
* runtime(doc): Makefile does not clean up all temporary files
* 9.1.0867: ins_compl_add() has too many args
* editorconfig: don't trim trailing whitespaces in runtime/doc
* translation(am): Remove duplicate keys in desktop files
* runtime(doc): update helptags
* runtime(filetype): remove duplicated *.org file pattern
* runtime(cfg): only consider leading // as starting a comment
* 9.1.0866: filetype: LLVM IR files are not recognized
* 9.1.0865: filetype: org files are not recognized
* 9.1.0864: message history is fixed to 200
* 9.1.0863: getcellpixels() can be further improved
* runtime(sh): better function support for bash/zsh in indent script
* runtime(netrw): small fixes to netrw#BrowseX
* 9.1.0862: 'wildmenu' not enabled by default in nocp mode
* runtime(doc): update how to report issues for mac Vim
* runtime(doc): mention option-backslash at :h CompilerSet
* runtime(compiler): include a Java Maven compiler plugin
* runtime(racket): update Racket runtime files
* runtime(doc): improve indentation in examples for netrw-handler
* runtime(doc): improve examples for netrw-handler functions
* runtime(idris2): include filetype,indent+syntax plugins for (L)Idris2 + ipkg
* runtime(doc): clarify the use of filters and external commands
* 9.1.0861: Vim9: no runtime check for object member access of any var
* runtime(compiler): update pylint linter
* 9.1.0860: tests: mouse_shape tests use hard code sleep value
* 9.1.0859: several problems with the GLVS plugin
* 9.1.0858: Coverity complains about dead code
* runtime(tar): Update tar.vim to support permissions
* 9.1.0857: xxd: --- is incorrectly recognized as end-of-options
* 9.1.0851: too many strlen() calls in getchar.c
* 9.1.0850: Vim9: cannot access nested object inside objects
* runtime(tex): extra Number highlighting causes issues
* runtime(vim): Fix indent after :silent! function
* 9.1.0849: there are a few typos in the source
* runtime(netrw): directory symlink not resolved in tree view
* runtime(doc): add a table of supported Operating Systems
* runtime(tex): update Last Change header in syntax script
* runtime(doc): fix typo in g:termdebug_config
* runtime(vim): Update base-syntax, improve :normal highlighting
* runtime(tex): add Number highlighting to syntax file
* runtime(doc): Tweak documentation style a bit
* 9.1.0848: if_lua: v:false/v:true are not evaluated to boolean
* runtime(dune): use :setl instead of :set in ftplugin
* runtime(termdebug): allow to use decimal signs
* translation(it): Updated Italian vimtutor
* runtime(compiler): improve cppcheck
* git: git-blame-ignore-revs shown as an error on Github
* 9.1.0847: tests: test_popupwin fails because of updated help file
* 9.1.0846: debug symbols for xxd are not cleaned in Makefile
* runtime(structurizr): Update structurizr syntax
* runtime(8th): updated 8th syntax
* runtime(doc): Add pi_tutor.txt to help TOC
* runtime(compiler): add mypy and ruff compiler; update pylint linter
* runtime(netrw): fix several bugs in netrw tree listing
* runtime(netrw): prevent polluting the search history
* 9.1.0845: vimtutor shell script can be improved
* 9.1.0844: if_python: no way to pass local vars to python
* 9.1.0843: too many strlen() calls in undo.c
* runtime(doc): update default value for fillchars option
* runtime(compiler): fix typo in cppcheck compiler plugin
* runtime(doc): simplify vimtutor manpage a bit more
* runtime(matchparen): Add matchparen_disable_cursor_hl config option
* 9.1.0842: not checking for the sync() systemcall
* 9.1.0841: tests: still preferring python2 over python3
* 9.1.0840: filetype: idris2 files are not recognized
* 9.1.0839: filetype: leo files are not recognized
* runtime(cook): include cook filetype plugin
* runtime(debversions): Update Debian versions
* patch 9.1.0838: vimtutor is bash-specific
* runtime(doc): add help specific modeline to pi_tutor.txt
* Filelist: vimtutor chapter 2 is missing in Filelist
* 9.1.0837: cross-compiling has some issues
* runtime(vimtutor): Add a second chapter
- update to 9.1.0836
* 9.1.0836: The vimtutor can be improved
* 9.1.0835: :setglobal doesn't work properly for 'ffu' and 'tsrfu'
* 9.1.0834: tests: 2html test fails
* 9.1.0833: CI: recent ASAN changes do not work for indent tests
* 9.1.0832: :set doesn't work for 'cot' and 'bkc' after :setlocal
* runtime(doc): update help-toc description
* runtime(2html): Make links use color scheme colors in TOhtml
* 9.1.0831: 'findexpr' can't be used as lambad or Funcref
* Filelist: include helptoc package
* runtime(doc): include a TOC Vim9 plugin
* Filelist: ignore .git-blame-ignore-revs
* 9.1.0830: using wrong highlight group for spaces for popupmenu
* runtime(typst): synchronize updates from the upstream typst.vim
* git: ignore reformatting commit for git-blame (after v9.1.0829)
* 9.1.0829: Vim source code uses a mix of tabs and spaces
* 9.1.0828: string_T struct could be used more often
* 9.1.0827: CI: tests can be improved
* runtime(doc): remove stray sentence in pi_netrw.txt
* 9.1.0826: filetype: sway files are not recognized
* runtime(doc): Include netrw-gp in TOC
* runtime(doc): mention 'iskeyword' at :h charclass()
* runtime(doc): update help tags
* 9.1.0825: compile error for non-diff builds
* runtime(netrw): fix E874 when browsing remote directory which contains `~` character
* runtime(doc): update coding style documentation
* runtime(debversions): Add plucky (25.04) as Ubuntu release name
* 9.1.0824: too many strlen() calls in register.c
* 9.1.0823: filetype: Zephyr overlay files not recognized
* runtime(doc): Clean up minor formatting issues for builtin functions
* runtime(netrw): make :Launch/Open autoloadable
* runtime(netrw): fix regression with x mapping on Cygwin
* runtime(netrw): fix filetype detection for remote files
* 9.1.0822: topline might be changed in diff mode unexpectedly
* CI: huge linux builds should also run syntax & indent tests
* 9.1.0821: 'findexpr' completion doesn't set v:fname to cmdline argument
* 9.1.0820: tests: Mac OS tests are too flaky
* runtime(awk): Highlight more awk comments in syntax script
* runtime(netrw): add missing change for s:redir()
* 9.1.0819: tests: using findexpr and imported func not tested
* runtime(netrw): improve netrw's open-handling further
* runtime(netrw): fix syntax error in netrwPlugin.vim
* runtime(netrw): simplify gx file handling
* 9.1.0818: some global functions are only used in single files
* 9.1.0817: termdebug: cannot evaluate expr in a popup
* runtime(defaults): Detect putty terminal and switch to dark background
* 9.1.0816: tests: not clear what tests cause asan failures
* runtime(doc): Remove some completed items from todo.txt
* 9.1.0815: "above" virtual text causes wrong 'colorcolumn' position
* runtime(syntax-tests): tiny vim fails because of line-continuation
* 9.1.0814: mapset() may remove unrelated mapping
* 9.1.0813: no error handling with setglobal and number types
* 9.1.0812: Coverity warns about dereferencing NULL ptr
* 9.1.0811: :find expansion does not consider 'findexpr'
* 9.1.0810: cannot easily adjust the |:find| command
* 9.1.0809: filetype: petalinux config files not recognized
* 9.1.0808: Terminal scrollback doesn't shrink when decreasing 'termwinscroll'
* 9.1.0807: tests: having 'nolist' in modelines isn't always desired
* 9.1.0806: tests: no error check when setting global 'briopt'
* 9.1.0805: tests: minor issues in gen_opt_test.vim
* 9.1.0804: tests: no error check when setting global 'cc'
* 9.1.0803: tests: no error check when setting global 'isk'
* 9.1.0802: tests: no error check when setting global 'fdm' to empty value
* 9.1.0801: tests: no error check when setting global 'termwinkey'
* 9.1.0800: tests: no error check when setting global 'termwinsize'
* runtime(doc): :ownsyntax also resets 'spelloptions'
* 9.1.0799: tests: gettwinvar()/gettabwinvar() tests are not comprehensive
* runtime(doc): Fix wrong Mac default options
* 9.1.0798: too many strlen() calls in cmdhist.c
* 9.1.0797: testing of options can be further improved
* 9.1.0796: filetype: libtool files are not recognized
* (typst): add folding to typst ftplugin
* runtime(netrw): deprecate and remove netrwFileHandlers#Invoke()
* 9.1.0795: filetype: Vivado memory info file are not recognized
* 9.1.0794: tests: tests may fail on Windows environment
* runtime(doc): improve the :colorscheme documentation
* 9.1.0793: xxd: -e does add one extra space
* 9.1.0792: tests: Test_set_values() is not comprehensive enough
* runtime(swayconfig): add flag for bindsym/bindcode to syntax script
* 9.1.0791: tests: errors in gen_opt_test.vim are not shown
* runtime(compiler): check for compile_commands in build dirs for cppcheck
* 9.1.0790: Amiga: AmigaOS4 build should use default runtime (newlib)
* runtime(help): Update help syntax
* runtime(help): fix end of sentence highlight in code examples
* runtime(jinja): Support jinja syntax as secondary filetype
* 9.1.0789: tests: ':resize + 5' has invalid space after '+'
* 9.1.0788: <CSI>27;<mod>u is not decoded to literal Escape in kitty/foot
* 9.1.0787: cursor position changed when using hidden terminal
* 9.1.0786: tests: quickfix update test does not test location list
* runtime(doc): add some docs for file-watcher programs
* CI: uploading failed screendumps still fails on Cirrus CI
* 9.1.0785: cannot preserve error position when setting quickfix list
* 9.1.0784: there are several problems with python 3.13
* 9.1.0783: 'spell' option setting has problems
* 9.1.0782: tests: using wrong neomuttlog file name
* runtime(doc): add preview flag to statusline example
* 9.1.0781: tests: test_filetype fails
* 9.1.0780: MS-Windows: incorrect Win32 error checking
* 9.1.0779: filetype: neomuttlog files are not recognized
* 9.1.0778: filetype: lf config files are not recognized
* runtime(comment): fix commment toggle with mixed tabs & spaces
* runtime(misc): Use consistent "Vim script" spelling
* runtime(gleam): add ftplugin for gleam files
* runtime(doc): link help-writing from write-local-help
* 9.1.0777: filetype: Some upstream php files are not recognized
* runtime(java): Define javaBlockStart and javaBlockOtherStart hl groups
* runtime(doc): mention conversion rules for remote_expr()
* runtime(tutor): Fix missing :s command in spanish translation section 4.4
* 9.1.0776: test_strftime may fail because of missing TZ data
* translation(am): Add Armenian language translation
* 9.1.0775: tests: not enough tests for setting options
* 9.1.0774: "shellcmdline" doesn't work with getcompletion()
* 9.1.0773: filetype: some Apache files are not recognized
* 9.1.0772: some missing changes from v9.1.0771
* 9.1.0771: completion attribute hl_group is confusing
* 9.1.0770: current command line completion is a bit limited
* 9.1.0769: filetype: MLIR files are not recognized
* 9.1.0768: MS-Windows: incorrect cursor position when restoring screen
* runtime(nasm): Update nasm syntax script
* 9.1.0767: A condition is always true in ex_getln.c
* runtime(skill): Update syntax file to fix string escapes
* runtime(help): highlight CTRL-<Key> correctly
* runtime(doc): add missing usr_52 entry to toc
* 9.1.0766: too many strlen() calls in ex_getln.c
* runtime(doc): correct `vi` registers 1-9 documentation error
* 9.1.0765: No test for patches 6.2.418 and 7.3.489
* runtime(spec): set comments and commentstring options
* NSIS: Include libgcc_s_sjlj-1.dll again
* runtime(doc): clarify the effect of 'startofline' option
* 9.1.0764: [security]: use-after-free when closing a buffer
* runtime(vim): Update base-syntax file, improve class, enum and interface highlighting
* 9.1.0763: tests: cannot run single syntax tests
* 9.1.0762: 'cedit', 'termwinkey' and 'wildchar' may not be parsed correctly
* 9.1.0761: :cd completion fails on Windows with backslash in path
* 9.1.0760: tests: no error reported, if gen_opt_test.vim fails
* 9.1.0759: screenpos() may return invalid position
* runtime(misc): unset compiler in various ftplugins
* runtime(doc): update formatting and syntax
* runtime(compiler): add cppcheck linter compiler plugin
* runtime(doc): Fix style in documents
* runtime(doc): Fix to two-space convention in user manual
* runtime(comment): consider &tabstop in lines after whitespace indent
* 9.1.0758: it's possible to set an invalid key to 'wildcharm'
* runtime(java): Manage circularity for every :syn-included syntax file
* 9.1.0757: tests: messages files contains ANSI escape sequences
* 9.1.0756: missing change from patch v9.1.0754
* 9.1.0755: quickfix list does not handle hardlinks well
* runtime(doc): 'filetype', 'syntax' and 'keymap' only allow alphanumeric + some characters
* runtime(systemd): small fixes to &keywordprg in ftplugin
* CI: macos-12 runner is being sunset, switch to 13
* 9.1.0754: fixed order of items in insert-mode completion menu
* runtime(comment): commenting might be off by one column
* 9.1.0753: Wrong display when typing in diff mode with 'smoothscroll'
* 9.1.0752: can set 'cedit' to an invalid value
* runtime(doc): add `usr` tag to usr_toc.txt
* 9.1.0751: Error callback for term_start() not used
* 9.1.0750: there are some Win9x legacy references
* runtime(java): Recognise the CommonMark form (///) of Javadoc comments
* 9.1.0749: filetype: http files not recognized
* runtime(comment): fix syntax error
* CI: uploading failed screendump tests does not work Cirrus
* 9.1.0748: :keep* commmands are sometimes misidentified as :k
* runtime(indent): allow matching negative numbers for gnu indent config file
* runtime(comment): add gC mapping to (un)comment rest of line
* 9.1.0747: various typos in repo found
* 9.1.0746: tests: Test_halfpage_longline() fails on large terminals
* runtime(doc): reformat gnat example
* runtime(doc): reformat ada_standard_types section
* 9.1.0745: filetype: bun and deno history files not recognized
* runtime(glvs): Correct the tag name of glvs-autoinstal
* runtime(doc): include short form for :earlier/:later
* runtime(doc): remove completed TODO
* 9.1.0744: filetype: notmuch configs are not recognised
* 9.1.0743: diff mode does not handle overlapping diffs correctly
* runtime(glvs): fix a few issues
* runtime(doc): Fix typo in :help :command-modifiers
* 9.1.0742: getcmdprompt() implementation can be improved
* runtime(docs): update `:set?` command behavior table
* runtime(doc): update vim90 to vim91 in docs
* runtime(doc): fix typo in :h dos-colors
* 9.1.0741: No way to get prompt for input()/confirm()
* runtime(doc): fix typo in version9.txt nrformat -> nrformats
* runtime(rmd,rrst): 'fex' option not properly restored
* runtime(netrw): remove extraneous closing bracket
* 9.1.0740: incorrect internal diff with empty file
* 9.1.0739: [security]: use-after-free in ex_getln.c
* runtime(filetype): tests: Test_filetype_detection() fails
* runtime(dist): do not output a message if executable is not found
* 9.1.0738: filetype: rapid files are not recognized
* runtime(modconf): remove erroneous :endif in ftplugin
* runtime(lyrics): support multiple timestamps in syntax script
* runtime(java): Optionally recognise _module_ import declarations
* runtime(vim): Update base-syntax, improve folding function matches
* CI: upload failed screendump tests also for Cirrus
* 9.1.0737: tests: screendump tests may require a bit more time
* runtime(misc): simplify keywordprg in various ftplugins
* runtime(java): Optionally recognise all primitive constants in _switch-case_ labels
* runtime(zsh,sh): set and unset compiler in ftplugin
* runtime(netrw): using inefficient highlight pattern for 'mf'
* 9.1.0736: Unicode tables are outdated
* 9.1.0735: filetype: salt files are not recognized
* 9.1.0734: filetype: jinja files are not recognized
* runtime(zathurarc): add double-click-follow to syntax script
* translation(ru): Updated messages translation
* translation(it): updated xxd man page
* translation(ru): updated xxd man page
* 9.1.0733: keyword completion does not work with fuzzy
* 9.1.0732: xxd: cannot use -b and -i together
* runtime(java): Highlight javaConceptKind modifiers with StorageClass
* runtime(doc): reword and reformat how to use defaults.vim
* 9.1.0731: inconsistent case sensitive extension matching
* runtime(vim): Update base-syntax, match Vim9 bool/null literal args to :if/:while/:return
* runtime(netrw): delete confirmation not strict enough
* 9.1.0730: Crash with cursor-screenline and narrow window
* 9.1.0729: Wrong cursor-screenline when resizing window
* 9.1.0728: [security]: heap-use-after-free in garbage collection with location list user data
* runtime(doc): clarify the effect of the timeout for search()-functions
* runtime(idlang): update syntax script
* runtime(spec): Recognize epoch when making spec changelog in ftplugin
* runtime(spec): add file triggers to syntax script
* 9.1.0727: too many strlen() calls in option.c
* runtime(make): add compiler/make.vim to reset compiler plugin settings
* runtime(java): Recognise all available standard doclet tags
* 9.1.0726: not using correct python3 API with dynamic linking
* runtime(dosini): Update syntax script, spellcheck comments only
* runtime(doc): Revert outdated comment in completeopt's fuzzy documentation
* 9.1.0725: filetype: swiftinterface files are not recognized
* runtime(pandoc): Update compiler plugin to use actual 'spelllang'
* runtime(groff): Add compiler plugin for groff
* 9.1.0724: if_python: link error with python 3.13 and stable ABI
* 9.1.0723: if_python: dynamic linking fails with python3 >= 3.13
* 9.1.0722: crash with large id in text_prop interface
* 9.1.0721: tests: test_mksession does not consider XDG_CONFIG_HOME
* runtime(glvs): update GetLatestVimScripts plugin
* runtime(doc): Fix typo in :help :hide text
* runtime(doc): buffers can be re-used
* 9.1.0720: Wrong breakindentopt=list:-1 with multibyte or TABs
* 9.1.0719: Resetting cell widths can make 'listchars' or 'fillchars' invalid
* runtime(doc): Update version9.txt and mention $MYVIMDIR
- Update to 9.1.0718:
* v9.1.0718: hard to know the users personal Vim Runtime Directory
* v9.1.0717: Unnecessary nextcmd NULL checks in parse_command_modifiers()
Maintainers: fix typo in author name
* v9.1.0716: resetting setcellwidth( doesn't update the screen
runtime(hcl,terraform): Add runtime files for HCL and Terraform
runtime(tmux): Update syntax script
* v9.1.0715: Not correctly parsing color names (after v9.1.0709)
* v9.1.0714: GuiEnter_Turkish test may fail
* v9.1.0713: Newline causes E749 in Ex mode
* v9.1.0712: missing dependency of Test_gettext_makefile
* v9.1.0711: test_xxd may file when using different xxd
* v9.1.0710: popup window may hide part of Command line
runtime(vim): Update syntax, improve user-command matching
* v9.1.0709: GUIEnter event not found in Turkish locale
runtime(sudoers): improve recognized Runas_Spec and Tag_Spec items
* v9.1.0708: Recursive window update does not account for reset skipcol
runtime(nu): include filetype plugin
* v9.1.0707: invalid cursor position may cause a crash
* v9.1.0706: test_gettext fails when using shadow dir
CI: Install locales-all package
* v9.1.0705: Sorting of fuzzy filename completion is not stable
translation(pt): update Portuguese/Brazilian menu translation
runtime(vim): Update base-syntax, match bracket mark ranges
runtime(doc): Update :help :command-complete list
* v9.1.0704: inserting with a count is inefficient
runtime(doc): use mkdir -p to save a command
* v9.1.0703: crash with 2byte encoding and glob2regpat()
runtime(hollywood): update syn highlight for If-Then statements
and For-In-Loops
* v9.1.0702: Patch 9.1.0700 broke CI
* v9.1.0701: crash with NFA regex engine when searching for
composing chars
* v9.1.0700: crash with 2byte encoding and glob2regpat()
* v9.1.0699: "dvgo" is not always an inclusive motion
runtime(java): Provide support for syntax preview features
* v9.1.0698: "Untitled" file not removed when running Test_crash1_3
alone
* v9.1.0697: heap-buffer-overflow in ins_typebuf
* v9.1.0696: installing runtime files fails when using SHADOWDIR
runtime(doc): fix typo
* v9.1.0695: test_crash leaves Untitled file around
translation(br): Update Brazilian translation
translation(pt): Update menu_pt_br
* v9.1.0694: matchparen is slow on a long line
* v9.1.0693: Configure doesn't show result when not using python3
stable abi
* v9.1.0692: Wrong patlen value in ex_substitute()
* v9.1.0691: stable-abi may cause segfault on Python 3.11
runtime(vim): Update base-syntax, match :loadkeymap after colon and bar
runtime(mane): Improve <Plug>ManBS mapping
* v9.1.0690: cannot set special highlight kind in popupmenu
translation(pt): Revert and fix wrong Portuguese menu translation
files
translation(pt): revert Portuguese menu translation
translation(br): Update Brazilian translations
runtime(vim): Update base-syntax, improve :let-heredoc highlighting
* v9.1.0689: buffer-overflow in do_search( with 'rightleft'
runtime(vim): Improve heredoc handling for all embedded scripts
* v9.1.0688: dereferences NULL pointer in check_type_is_value()
* v9.1.0687: Makefile may not install desktop files
runtime(man): Fix <Plug>ManBS
runtime(java): Make the bundled &foldtext function optional
runtime(netrw): Change line on `mx` if command output exists
runtime(netrw): Fix `mf`-selected entry highlighting
runtime(htmlangular): add html syntax highlighting
translation(it): Fix filemode of Italian manpages
runtime(doc): Update outdated man.vim plugin information
runtime(zip): simplify condition to detect MS-Windows
* v9.1.0686: zip-plugin has problems with special characters
runtime(pandoc): escape quotes in &errorformat for pandoc
translation(it): updated Italian manpage
* v9.1.0685: too many strlen( calls in usercmd.c
runtime(doc): fix grammar in :h :keeppatterns
runtime(pandoc): refine pandoc compiler settings
* v9.1.0684: completion is inserted on Enter with "noselect"
translation(ru): update man pages
* v9.1.0683: mode( returns wrong value with <Cmd> mapping
runtime(doc): remove trailing whitespace in cmdline.txt
* v9.1.0682: Segfault with uninitialized funcref
* v9.1.0681: Analyzing failed screendumps is hard
runtime(doc): more clarification for the :keeppatterns needed
* v9.1.0680: VMS does not have defined uintptr_t
runtime(doc): improve typedchar documentation for KeyInputPre autocmd
runtime(dist): verify that executable is in $PATH
translation(it): update Italian manpages
runtime(doc): clarify the effect of :keeppatterns after * v9.1.0677
runtime(doc): update Makefile and make it portable between GNU and BSD
* v9.1.0679: Rename from w_closing to w_locked is incomplete
runtime(colors): update colorschemes
runtime(vim): Update base-syntax, improve :let-heredoc highlighting
runtime(doc): Updating the examples in the xxd manpage
translation(ru): Updated uganda.rux
runtime(yaml): do not re-indent when commenting out lines
* v9.1.0678: use-after-free in alist_add()
* v9.1.0677 :keepp does not retain the substitute pattern
translation(ja): Update Japanese translations to latest release
runtime(netrw): Drop committed trace lines
runtime(netrw): Error popup not always used
runtime(netrw): ErrorMsg( may throw E121
runtime(tutor): update Makefile and make it portable between GNU and BSD
translation: improve the po/cleanup.vim script
runtime(lang): update Makefile and make it portable between GNU and BSD
* v9.1.0676: style issues with man pages
* v9.1.0675: Patch v9.1.0674 causes problems
runtime(dosbatch): Show %%i as an argument in syntax file
runtime(dosbatch): Add syn-sync to syntax file
runtime(sql, mysql): fix E169: Command too recursive with
sql_type_default = "mysql"
* v9.1.0674: compiling abstract method fails because of missing return
runtime(javascript): fix a few issues with syntax higlighting
runtime(mediawiki): fix typo in doc, test for b:did_ftplugin var
runtime(termdebug): Fix wrong test for balloon feature
runtime(doc): Remove mentioning of the voting feature
runtime(doc): add help tags for json + markdown global variables
* v9.1.0673: too recursive func calls when calling super-class method
runtime(syntax-tests): Facilitate the viewing of rendered screendumps
runtime(doc): fix a few style issues
* v9.1.0672: marker folds may get corrupted on undo
* v9.1.0671 Problem: crash with WinNewPre autocommand
* v9.1.0670: po file encoding fails on *BSD during make
translation(it): Update Italian translation
translation: Stop using msgconv
* v9.1.0669: stable python ABI not used by default
Update .gitignore and .hgignore files
* v9.1.0668: build-error with python3.12 and stable ABI
translations: Update generated po files
* v9.1.0667: Some other options reset curswant unnecessarily when set
* v9.1.0666: assert_equal( doesn't show multibyte string correctly
runtime(doc): clarify directory of Vim's executable vs CWD
* v9.1.0665 :for loop
runtime(proto): Add indent script for protobuf filetype
* v9.1.0664: console vim did not switch back to main screen on exit
runtime(zip): zip plugin does not work with Vim 9.0
* v9.1.0663: zip test still resets 'shellslash' option
runtime(zip): use defer to restore old settings
runtime(zip): add a generic Message function
runtime(zip): increment base version of zip plugin
runtime(zip): raise minimum Vim version to * v9.0
runtime(zip): refactor save and restore of options
runtime(zip): remove test for fnameescape
runtime(zip): use :echomsg instead of :echo
runtime(zip): clean up and remove comments
* v9.1.0662: filecopy( may return wrong value when readlink( fails
* v9.1.0661: the zip plugin is not tested.
runtime(zip): Fix for FreeBSD's unzip command
runtime(doc): capitalize correctly
* v9.1.0660: Shift-Insert does work on old conhost
translation(it): update Italian manpage
runtime(lua): add/subtract a 'shiftwidth' after '('/')' in indentexpr
runtime(zip): escape '[' on Unix as well
* v9.1.0659: MSVC Makefile is a bit hard to read
runtime(doc): fix typo in syntax.txt
runtime(doc): -x is only available when compiled with crypt feature
* v9.1.0658: Coverity warns about dereferencing NULL pointer.
runtime(colors): update Todo highlight in habamax colorscheme
* v9.1.0657: MSVC build time can be optimized
* v9.1.0656: MSVC Makefile CPU handling can be improved
* v9.1.0655: goaccess config file not recognized
CI: update clang compiler to version 20
runtime(netrw): honor `g:netrw_alt{o,v}` for `:{S,H,V}explore`
* v9.1.0654: completion does not respect completeslash with fuzzy
* v9.1.0653: Patch v9.1.0648 not completely right
* v9.1.0652: too many strlen( calls in syntax.c
* v9.1.0651 :append
* v9.1.0650: Coverity warning in cstrncmp()
* v9.1.0649: Wrong comment for "len" argument of call_simple_func()
* v9.1.0648: [security] double-free in dialog_changed()
* v9.1.0647: [security] use-after-free in tagstack_clear_entry
runtime(doc): re-format tag example lines, mention ctags --list-kinds
* v9.1.0646: imported function may not be found
runtime(java): Document "g:java_space_errors" and "g:java_comment_strings"
runtime(java): Cluster optional group definitions and their group links
runtime(java): Tidy up the syntax file
runtime(java): Tidy up the documentation for "ft-java-syntax"
runtime(colors): update habamax scheme - tweak diff/search/todo colors
runtime(nohlsearch): add missing loaded_hlsearch guard
runtime(kivy): Updated maintainer info for syntax script
Maintainers: Add maintainer for ondir ftplugin + syntax files
runtime(netrw): removing trailing slash when copying files in same
directory
* v9.1.0645: wrong match when searching multi-byte char case-insensitive
runtime(html): update syntax script to sync by 250 minlines by default
* v9.1.0644: Unnecessary STRLEN( when applying mapping
runtime(zip): Opening a remote zipfile don't work
runtime(cuda): source c and cpp ftplugins
* v9.1.0643: cursor may end up on invalid position
* v9.1.0642: Check that mapping rhs starts with lhs fails if not
simplified
* v9.1.0641: OLE enabled in console version
runtime(thrift): add ftplugin, indent and syntax scripts
* v9.1.0640: Makefile can be improved
* v9.1.0639: channel timeout may wrap around
* v9.1.0638: E1510 may happen when formatting a message for smsg()
* v9.1.0637: Style issues in MSVC Makefile
- Update apparmor.vim to latest version (from AppArmor 4.0.2)
- add support for "all" and "userns" rules, and new profile flags
- Update to 9.1.0636:
* 9.1.0636: filetype: ziggy files are not recognized
* 9.1.0635: filetype: SuperHTML template files not recognized
* 9.1.0634: Ctrl-P not working by default
* 9.1.0633: Compilation warnings with `-Wunused-parameter`
* 9.1.0632: MS-Windows: Compiler Warnings
Add support for Files-Included in syntax script
tweak documentation style a bit
* 9.1.0631: wrong completion list displayed with non-existing dir + fuzzy completion
* 9.1.0630: MS-Windows: build fails with VIMDLL and mzscheme
* 9.1.0629: Rename of pum hl_group is incomplete
* 9.1.0628: MinGW: coverage files are not cleaned up
* 9.1.0627: MinGW: build-error when COVERAGE is enabled
* 9.1.0626: Vim9: need more tests with null objects
include initial filetype plugin
* 9.1.0625: tests: test output all translated messages for all translations
* 9.1.0624: ex command modifiers not found
* 9.1.0623: Mingw: errors when trying to delete non-existing files
* 9.1.0622: MS-Windows: mingw-build can be optimized
* 9.1.0621: MS-Windows: startup code can be improved
* 9.1.0620: Vim9: segfauls with null objects
* 9.1.0619: tests: test_popup fails
* 9.1.0618: cannot mark deprecated attributes in completion menu
* 9.1.0617: Cursor moves beyond first line of folded end of buffer
* 9.1.0616: filetype: Make syntax highlighting off for MS Makefiles
* 9.1.0615: Unnecessary STRLEN() in make_percent_swname()
Add single-line comment syntax
Add syntax test for comments
Update maintainer info
* 9.1.0614: tests: screendump tests fail due to recent syntax changes
* 9.1.0613: tests: termdebug test may fail and leave file around
Update base-syntax, improve :set highlighting
Optionally highlight the :: token for method references
* 9.1.0612: filetype: deno.lock file not recognized
Use delete() for deleting directory
escape filename before trying to delete it
* 9.1.0611: ambiguous mappings not correctly resolved with modifyOtherKeys
correctly extract file from zip browser
* 9.1.0610: filetype: OpenGL Shading Language files are not detected
Fix endless recursion in netrw#Explore()
* 9.1.0609: outdated comments in Makefile
update syntax script
Fix flow mapping key detection
Remove orphaned YAML syntax dump files
* 9.1.0608: Coverity warns about a few potential issues
Update syntax script and remove syn sync
* 9.1.0607: termdebug: uses inconsistent style
* 9.1.0606: tests: generated files may cause failure in test_codestyle
* 9.1.0605: internal error with fuzzy completion
* 9.1.0604: popup_filter during Press Enter prompt seems to hang
translation: Update Serbian messages translation
* 9.1.0603: filetype: use correct extension for Dracula
* 9.1.0602: filetype: Prolog detection can be improved
fix more inconsistencies in assert function docs
* 9.1.0601: Wrong cursor position with 'breakindent' when wide char doesn't fit
Update base-syntax, improve :map highlighting
* 9.1.0600: Unused function and unused error constants
* 9.1.0599: Termdebug: still get E1023 when specifying arguments
correct wrong comment options
fix typo "a xterm" -> "an xterm"
* 9.1.0598: fuzzy completion does not work with default completion
* 9.1.0597: KeyInputPre cannot get the (unmapped typed) key
* 9.1.0596: filetype: devscripts config files are not recognized
gdb file/folder check is now performed only in CWD.
quote filename arguments using double quotes
update syntax to SDC-standard 2.1
minor updates.
Cleanup :match and :loadkeymap syntax test files
Update base-syntax, match types in Vim9 variable declarations
* 9.1.0595: make errors out with the po Makefile
* 9.1.0594: Unnecessary redraw when setting 'winfixbuf'
using wrong highlight for UTF-8
include simple syntax plugin
* 9.1.0593: filetype: Asymptote files are not recognized
add recommended indent options to ftplugin
add recommended indent options to ftplugin
add recommended indent options to ftplugin
* 9.1.0592: filetype: Mediawiki files are not recognized
* 9.1.0591: filetype: *.wl files are not recognized
* 9.1.0590: Vim9: crash when accessing getregionpos() return value
'cpoptions': Include "z" in the documented default
* 9.1.0589: vi: d{motion} and cw work differently than expected
update included colorschemes
grammar fixes in options.txt
- Update to 9.1.0588:
* 9.1.0588: The maze program no longer compiles on newer clang
runtime(typst): Add typst runtime files
* 9.1.0587: tests: Test_gui_lowlevel_keyevent is still flaky
* 9.1.0586: ocaml runtime files are outdated
runtime(termdebug): fix a few issues
* 9.1.0585: tests: test_cpoptions leaves swapfiles around
* 9.1.0584: Warning about redeclaring f_id() non-static
runtime(doc): Add hint how to load termdebug from vimrc
runtime(doc): document global insert behavior
* 9.1.0583: filetype: *.pdf_tex files are not recognized
* 9.1.0582: Printed line doesn't overwrite colon when pressing Enter in Ex mode
* 9.1.0581: Various lines are indented inconsistently
* 9.1.0580: :lmap mapping for keypad key not applied when typed in Select mode
* 9.1.0579: Ex command is still executed after giving E1247
* 9.1.0578: no tests for :Tohtml
* 9.1.0577: Unnecessary checks for v:sizeoflong in test_put.vim
* 9.1.0576: tests: still an issue with test_gettext_make
* 9.1.0575: Wrong comments in alt_tabpage()
* 9.1.0574: ex: wrong handling of commands after bar
runtime(doc): add a note for netrw bug reports
* 9.1.0573: ex: no implicit print for single addresses
runtime(vim): make &indentexpr available from the outside
* 9.1.0572: cannot specify tab page closing behaviour
runtime(doc): remove obsolete Ex insert behavior
* 9.1.0571: tests: Test_gui_lowlevel_keyevent is flaky
runtime(logindefs): update syntax with new keywords
* 9.1.0570: tests: test_gettext_make can be improved
runtime(filetype): Fix Prolog file detection regex
* 9.1.0569: fnamemodify() treats ".." and "../" differently
runtime(mojo): include mojo ftplugin and indent script
* 9.1.0568: Cannot expand paths from 'cdpath' setting
* 9.1.0567: Cannot use relative paths as findfile() stop directories
* 9.1.0566: Stop dir in findfile() doesn't work properly w/o trailing slash
* 9.1.0565: Stop directory doesn't work properly in 'tags'
* 9.1.0564: id() can be faster
* 9.1.0563: Cannot process any Key event
* 9.1.0562: tests: inconsistency in test_findfile.vim
runtime(fstab): Add missing keywords to fstab syntax
* 9.1.0561: netbeans: variable used un-initialized (Coverity)
* 9.1.0560: bindtextdomain() does not indicate an error
* 9.1.0559: translation of vim scripts can be improved
* 9.1.0558: filetype: prolog detection can be improved
* 9.1.0557: moving in the buffer list doesn't work as documented
runtime(doc): fix inconsistencies in :h file-searching
* 9.1.0556: :bwipe doesn't remove file from jumplist of other tabpages
runtime(htmlangular): correct comment
* 9.1.0555: filetype: angular ft detection is still problematic
* 9.1.0554: :bw leaves jumplist and tagstack data around
* 9.1.0553: filetype: *.mcmeta files are not recognized
* 9.1.0552: No test for antlr4 filetype
* 9.1.0551: filetype: htmlangular files are not properly detected
* 9.1.0550: filetype: antlr4 files are not recognized
* 9.1.0549: fuzzycollect regex based completion not working as expected
runtime(doc): autocmd_add() accepts a list not a dict
* 9.1.0548: it's not possible to get a unique id for some vars
runtime(tmux): Update syntax script
* 9.1.0547: No way to get the arity of a Vim function
* 9.1.0546: vim-tiny fails on CTRL-X/CTRL-A
runtime(hlsplaylist): include hlsplaylist ftplugin file
runtime(doc): fix typo in :h ft-csv-syntax
runtime(doc): Correct shell command to get $VIMRUNTIME into
shell
* 9.1.0545: MSVC conversion warning
* 9.1.0544: filetype: ldapconf files are not recognized
runtime(cmakecache): include cmakecache ftplugin file
runtime(lex): include lex ftplugin file
runtime(yacc): include yacc ftplugin file
runtime(squirrel): include squirrel ftplugin file
runtime(objcpp): include objcpp ftplugin file
runtime(tf): include tf ftplugin file
runtime(mysql): include mysql ftplugin file
runtime(javacc): include javacc ftplugin file
runtime(cabal): include cabal ftplugin file
runtime(cuda): include CUDA ftplugin file
runtime(editorconfig): include editorconfig ftplugin file
runtime(kivy): update kivy syntax, include ftplugin
runtime(syntax-tests): Stop generating redundant "*_* 99.dump"
files
* 9.1.0543: Behavior of CursorMovedC is strange
runtime(vim): Update base-syntax, improve :match command
highlighting
* 9.1.0542: Vim9: confusing string() output for object functions
* 9.1.0541: failing test with Vim configured without channel
* 9.1.0540: Unused assignment in sign_define_cmd()
runtime(doc): add page-scrolling keys to index.txt
runtime(doc): add reference to xterm-focus-event from
FocusGained/Lost
* 9.1.0539: Not enough tests for what v9.1.0535 fixed
runtime(doc): clarify how to re-init csv syntax file
* 9.1.0538: not possible to assign priority when defining a sign
* 9.1.0537: signed number detection for CTRL-X/A can be improved
* 9.1.0536: filetype: zone files are not recognized
* 9.1.0535: newline escape wrong in ex mode
runtime(man): honor cmd modifiers before `g:ft_man_open_mode`
runtime(man): use `nnoremap` to map to Ex commands
* 9.1.0534: completion wrong with fuzzy when cycling back to original
runtime(syntax-tests): Abort and report failed cursor progress
runtime(syntax-tests): Introduce self tests for screen dumping
runtime(syntax-tests): Clear and redraw the ruler line with
the shell info
runtime(syntax-tests): Allow for folded and wrapped lines in
syntax test files
* 9.1.0533: Vim9: need more tests for nested objects equality
CI: Pre-v* 9.0.0110 versions generate bogus documentation tag entries
runtime(doc): Remove wrong help tag CTRL-SHIFT-CR
* 9.1.0532: filetype: Cedar files not recognized
runtime(doc): document further keys that scroll page up/down
* 9.1.0531: resource leak in mch_get_random()
runtime(tutor): Fix wrong spanish translation
runtime(netrw): fix remaining case of register clobber
* 9.1.0530: xxd: MSVC warning about non-ASCII character
* 9.1.0529: silent! causes following try/catch to not work
runtime(rust): use shiftwidth() in indent script
* 9.1.0528: spell completion message still wrong in translations
* 9.1.0527: inconsistent parameter in Makefiles for Vim executable
* 9.1.0526: Unwanted cursor movement with pagescroll at start of buffer
runtime(doc): mention $XDG_CONFIG_HOME instead of $HOME/.config
* 9.1.0525: Right release selects immediately when pum is truncated.
* 9.1.0524: the recursive parameter in the *_equal functions can be removed
runtime(termdebug): Add Deprecation warnings
* 9.1.0523: Vim9: cannot downcast an object
* 9.1.0522: Vim9: string(object) hangs for recursive references
* 9.1.0521: if_py: _PyObject_CallFunction_SizeT is dropped in Python 3.13
* 9.1.0520: Vim9: incorrect type checking for modifying lists
runtime(manpager): avoid readonly prompt
* 9.1.0519: MS-Windows: libvterm compilation can be optimized
* 9.1.0518: initialize the random buffer can be improved
* 9.1.0517: MS-Windows: too long lines in Make_mvc.mak
runtime(terraform): Add filetype plugin for terraform
runtime(dockerfile): enable spellchecking of comments in
syntax script
runtime(doc): rename variable for pandoc markdown support
runtime(doc): In builtin overview use {buf} as param for
appendbufline/setbufline
runtime(doc): clarify, that register 1-* 9 will always be shifted
runtime(netrw): save and restore register 0-* 9, a and unnamed
runtime(termdebug): Refactored StartDebug_term and EndDebug
functions
runtime(java): Compose "g:java_highlight_signature" and
"g:java_highlight_functions"
* 9.1.0516: need more tests for nested dicts and list comparision
* 9.1.0515: Vim9: segfault in object_equal()
* 9.1.0514: Vim9: issue with comparing objects recursively
runtime(termdebug): Change some variables to Enums
runtime(vim): Update base-syntax, fix function tail comments
* 9.1.0513: Vim9: segfault with object comparison
- Update to 9.1.0512:
* Mode message for spell completion doesn't match allowed keys
* CursorMovedC triggered wrongly with setcmdpos()
* update runtime files
* CI: test_gettext fails on MacOS14 + MSVC Win
* not possible to translate Vim script messages
* termdebug plugin can be further improved
* add gomod filetype plugin
* hard to detect cursor movement in the command line
* Optionally highlight parameterised types
* filetype: .envrc & .prettierignore not recognized
* filetype: Faust files are not recognized
* inner-tag textobject confused about ">" in attributes
* cannot use fuzzy keyword completion
* Remove the group exclusion list from @javaTop
* wrong return type for execute() function
* MS-Windows: too much legacy code
* too complicated mapping restore in termdebug
* simplify mapping
* cannot switch buffer in a popup
* MS-Windows: doesn't handle symlinks properly
* getcmdcompltype() interferes with cmdline completion
* termdebug can be further improved
* update htmldjango detection
* Improve Turkish documentation
* include a simple csv filetype and syntax plugin
* include the the simple nohlsearch package
* matched text is highlighted case-sensitively
* Matched text isn't highlighted in cmdline pum
* Fix typos in several documents
* clarify when text properties are cleared
* improve the vim-shebang example
* revert unintended formatting changes for termdebug
* Add a config variable for commonly used compiler options
* Wrong matched text highlighted in pum with 'rightleft'
* bump length of character references in syntax script
* properly check mapping variables using null_dict
* fix KdlIndent and kdlComment in indent script
* Test for patch 9.1.0489 doesn't fail without the fix
* Fold multi-line comments with the syntax kind of &fdm
* using wrong type for PlaceSign()
* filetype: Vim-script files not detected by shebang line
* revert unintended change to zip#Write()
* add another tag for vim-shebang feature
* Cmdline pum doesn't work properly with 'rightleft'
* minor style problems with patch 9.1.0487
* default completion may break with fuzzy
* Wrong padding for pum "kind" with 'rightleft'
* Update base-syntax, match shebang lines
* MS-Windows: handle files with spaces properly
* Restore HTML syntax file tests
* completed item not update on fuzzy completion
* filetype: Snakemake files are not recognized
* make TermDebugSendCommand() a global function again
* close all buffers in the same way
* Matched text shouldn't be highlighted in "kind" and "menu"
* fix wrong helptag for :defer
* Update base-syntax, match :sleep arg
* include Georgian keymap
* Sorting of completeopt+=fuzzy is not stable
* correctly test for windows in NetrwGlob()
* glob() on windows fails with [] in directory name
* rewrite mkdir() doc and simplify {flags} meaning
* glob() not sufficiently tested
* update return type for job_info()
* termdebug plugin needs more love
* correct return types for job_start() and job_status()
* Update base-syntax, match :catch and :throw args
* Include element values in non-marker annotations
* Vim9: term_getjob() throws an exception on error
* fuzzy string matching executed when not needed
* fuzzy_match_str_with_pos() does unnecessary list operations
* restore description of "$" in col() and virtcol()
* deduplicate getpos(), line(), col(), virtcol()
* Update g:vimsyn_comment_strings dump file tests
* Use string interpolation instead of string concat
* potential deref of NULL pointer in fuzzy_match_str_with_pos
* block_editing errors out when using <enter>
* Update base-syntax, configurable comment string highlighting
* fix typos in syntax.txt
* Cannot see matched text in popup menu
* Update base-syntax, match multiline continued comments
* clarify documentation for "v" position at line()
* cmod_split modifier is always reset in term_start()
* remove line-continuation characters
* use shiftwidth() instead of &tabstop in indent script
* Remove orphaned screen dump files
* include syntax, indent and ftplugin files
* CI: Test_ColonEight() fails on github runners
* add missing Enabled field in syntax script
* basic svelte ftplugin file
* term_start() does not clear vertical modifier
* fix mousemodel restoration by comparing against null_string
* Added definitions of Vim scripts and plugins
* Exclude lambda expressions from _when_ _switch-case_ label clauses
* Fix saved_mousemodel check
* Inconsistencies between functions for option flags
* Crash when using autocmd_get() after removing event inside autocmd
* Fix small style issues
* add return type info for Vim function descriptions
* Update Italian Vim manpage
* disable the q mapping
* Change 'cms' for C++ to '// %s'
* fix type mismatch error
* Fix wrong email address
* convert termdebug plugin to Vim9 script
- Update to 9.1.0470:
* tests Test_ColonEight_MultiByte() fails sporadically
* Cannot have buffer-local value for 'completeopt'
* GvimExt does not consult HKEY_CURRENT_USER
* typos in some comments
* runtime(vim): Update base-syntax, allow whitespace before
:substitute pattern
* Missing comments for fuzzy completion
* runtime(man): update Vim manpage
* runtime(comment): clarify the usage of 'commentstring' option
value
* runtime(doc): clarify how fuzzy 'completeopt' should work
* runtime(netrw): prevent accidental data loss
* missing filecopy() function
* no whitespace padding in commentstring option in ftplugins
* no fuzzy-matching support for insert-completion
* eval5() and eval7 are too complex
* too many strlen() calls in drawline.c
* filetype lintstagedrc files are not recognized
* Vim9 import autoload does not work with symlink
* Coverity complains about division by zero
* tests test_gui fails on Wayland
* Left shift is incorrect with vartabstop and shiftwidth=0
* runtime(doc): clarify 'shortmess' flag "S"
* MS-Windows compiler warning for size_t to int conversion
* runtime(doc): include some vim9 script examples in the help
* minor issues in test_filetype with rasi test
* filetype rasi files are not recognized
* runtime(java): Improve the matching of lambda expressions
* Configure checks for libelf unnecessarily
* No test for escaping '<' with shellescape()
* check.vim complains about overlong comment lines
* translation(it): Update Italian translation
* evalc. code too complex
* MS-Windows Compiler warnings
- Update to 9.1.0448:
* compiler warning in eval.c
* remove remaining css code
* Add ft_hare.txt to Reference Manual TOC
* re-generate vim syntax from generator
* fix syntax vim bug
* completion may be wrong when deleting all chars
* getregionpos() inconsistent for partly-selected multibyte char
* fix highlighting nested and escaped quotes in string props
* remove the indent plugin since it has too many issues
* update Debian runtime files
* Coverity warning after 9.1.0440
* Not enough tests for getregion() with multibyte chars
* Can't use blockwise selection with width for getregion()
* update outdated syntax files
* fix floating_modifier highlight
* hare runtime files outdated
* getregionpos() can't properly indicate positions beyond eol
* function get_lval() is too long
* Cannot filter the history
* Wrong Ex command executed when :g uses '?' as delimiter
* support floating_modifier none; revert broken highlighting
* Motif requires non-const char pointer for XPM data
* Crash when using '?' as separator for :s
* filetype: cygport files are not recognized
* make errors trying to access autoload/zig
* Wrong yanking with exclusive selection and ve=all
* add missing help tags file
* Ancient XPM preprocessor hack may cause build errors
* include basic rescript ftplugin file
* eval.c is too long
* getregionpos() doesn't handle one char selection
* check for gdb file/dir before using as buffer name
* refactor zig ftplugin, remove auto format
* Coverity complains about eval.c refactor
* Tag guessing leaves wrong search history with very short names
* some issues with termdebug mapping test
* update matchit plugin to v1.20
* too many strlen() calls in search.c
* set commentstring option
* update vb indent plugin as vim9script
* filetype: purescript files are not recognized
* filetype: slint files are not recognized
* basic nim ftplugin file for comments
* Add Arduino ftplugin and indent files
* include basic typst ftplugin file
* include basic prisma ftplugin file
* include basic v ftplugin for comment support
* getregionpos() wrong with blockwise mode and multibyte
* function echo_string_core() is too long
* hyprlang files are not recognized
* add basic dart ftplugin file
* basic ftplugin file for graphql
* mention comment plugin at :h 'commentstring'
* set commentstring for sql files in ftplugin
* :browse oldfiles prompts even with single entry
* eval.c not sufficiently tested
* clarify why E195 is returned
* clarify temporary file clean up
* fix :NoMatchParen not working
* Cannot move to previous/next rare word
* add basic ftplugin file for sshdconfig
* if_py: find_module has been removed in Python 3.12.0a7
* some screen dump tests can be improved
* Some functions are not tested
* clarify instal instructions for comment package
* Unable to leave long line with 'smoothscroll' and 'scrolloff'
* fix typo in vim9script help file
* Remove trailing spaces
* clarify {special} argument for shellescape()
update to 9.1.0413:
* smoothscroll may cause infinite loop
* add missing entries for the keys CTRL-W g<Tab> and <C-Tab>
* update vi_diff.txt: add default value for 'flash'
* typo in regexp_bt.c in DEBUG code
* allow indented commands
* Fix wrong define regex in ftplugin
* Filter out non-Latin-1 characters for syntax tests
* prefer scp over pscp
* fix typo in usr_52.txt
* too long functions in eval.c
* warning about uninitialized variable
* too many strlen() calls in the regexp engine
* E16 fix, async keyword support for define
* Stuck with long line and half-page scrolling
* Divide by zero with getmousepos() and 'smoothscroll'
* update and remove some invalid links
* update translation of xxd manpage
* Recursively delete directories by default with netrw delete command
* Strive to remain compatible for at least Vim 7.0
* tests: xxd buffer overflow fails on 32-bit
* Stop handpicking syntax groups for @javaTop
* [security] xxd: buffer-overflow with specific flags
* Vim9: not able to import file from start dir
* filetype: mdd files detected as zsh filetype
* filetype: zsh module files are not recognized
* Remove hardcoded private.ppk logic from netrw
* Vim9: confusing error message for unknown type
* block_editing errors out when using del
* add new items to scripts section in syntax plugin
* Vim9: imported vars are not properly type checked
* Wrong display with 'smoothscroll' when changing quickfix list
* filetype: jj files are not recognized
* getregionpos() may leak memory on error
* The CODEOWNERS File is not useful
* Remove and cleanup Win9x legacy from netrw
* add MsgArea to 'highlight' option description
* Cannot get a list of positions describing a region
* Fix digit separator in syntax script for octals and floats
* Update link to Wikipedia Vi page
* clear $MANPAGER in ftplugin before shelling out
* Fix typos in help documents
* 'viewdir' not respecting $XDG_CONFIG_HOME
* tests: Vim9 debug tests may be flaky
* correct getscriptinfo() example
* Vim9: could improve testing
* test_sound fails on macos-12
* update Serbian menu
* update Slovak menu
* update Slovenian menu
* update Portuguese menu
* update Dutch menu
* update Korean menu
* update Icelandic menu
* update Czech menu
* update Afrikaans menu
* update German menu
* filetype: inko files are not recognized
* filetype: templ files are not recognized
* cursor() and getregion() don't handle v:maxcol well
* Vim9: null value tests not sufficient
* update Catalan menu
* filetype: stylus files not recognized
* update spanish menu localization
* regenerate helptags
* Vim9: crash with null_class and null_object
* Add tags about lazyloading of menu
* tests: vt420 terminfo entry may not be found
* filetype: .out files recognized as tex files
* filetype: Kbuild files are not recognized
* cbuffer and similar commands don't accept a range
* Improve the recognition of the "indent" method declarations
* Fix a typo in usr_30.txt
* remove undefined var s:save_cpoptions and add include setting
* missing setlocal in indent plugin
* Calculating line height for unnecessary amount of lines
* improve syntax file performance
* There are a few typos
* Vim9: no comments allowed after class vars
* CI: remove trailing white space in documentation
* Formatting text wrong when 'breakindent' is set
* Add oracular (24.10) as Ubuntu release name
* Vim9: Trailing commands after class/enum keywords ignored
* tests: 1-second delay after Test_BufEnter_botline()
* update helptags for jq syntax
* include syntax, ftplugin and compiler plugin
* fix typo synconcealend -> synconcealed
* include a simple comment toggling plugin
* wrong botline in BufEnter
* clarify syntax vs matching mechanism
* fix undefined variable in indent plugin
* ops.c code uses too many strlen() calls
* Calling CLEAR_FIELD() on the same struct twice
* Vim9: compile_def_function() still too long
* Update Serbian messages
* clarify the effect of setting the shell to powershell
* Improve the recognition of the "style" method declarations
* Vim9: problem when importing autoloaded scripts
* compile_def_function is too long
* filetype: ondir files are not recognized
* Crash when typing many keys with D- modifier
* tests: test_vim9_builtin is a bit slow
* update documentation
* change the download URL of "libsodium"
* tests: test_winfixbuf is a bit slow
* Add filetype, syntax and indent plugin for Astro
* expanding rc config files does not work well
* Vim9: vim9type.c is too complicated
* Vim9: does not handle autoloaded variables well
* minor spell fix in starting.txt
* wrong drawing in GUI with setcellwidth()
* Add include and suffixesadd
* Page scrolling should place cursor at window boundaries
* align command line table
* minor fixes to starting.txt
* fix comment definition in filetype plugin
* filetype: flake.lock files are not recognized
* runtime(uci): No support for uci file types
* Support "g:ftplugin_java_source_path" with archived files
* tests: Test_autoload_import_relative_compiled fails on Windows
* Finding cmd modifiers and cmdline-specials is inefficient
* No test that completing a partial mapping clears 'showcmd'
* tests: test_vim9_dissamble may fail
* Vim9: need static type for typealias
* X11 does not ignore smooth scroll event
* A few typos in test_xdg when testing gvimrc
* Patch v9.1.0338 fixed sourcing a script with import
* Problem: gvimrc not sourced from XDG_CONFIG_HOME
* Cursor wrong after using setcellwidth() in terminal
* 'showcmd' wrong for partial mapping with multibyte
* tests: test_taglist fails when 'helplang' contains non-english
* Problem: a few memory leaks are found
* Problem: Error with matchaddpos() and empty list
* tests: xdg test uses screen dumps
* Vim9: import through symlinks not correctly handled
* Missing entry for XDG vimrc file in :version
* tests: typo in test_xdg
* runtime(i3config/swayconfig): update syntax scripts
* document pandoc compiler and enable configuring arguments
* String interpolation fails for List type
* No test for highlight behavior with 'ambiwidth'
* tests: test_xdg fails on the appimage repo
* tests: some assert_equal() calls have wrong order of args
* make install does not install all files
* runtime(doc): fix typos in starting.txt
- Updated to version 9.1 with patch level 0330, fixes the following problems
* Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1
For the complete list of changes see https://github.com/vim/vim/compare/v9.1.0111...v9.1.0330
ImportantSUSE bug 1220763SUSE bug 1229238SUSE bug 1229685SUSE bug 1229822SUSE bug 1230078SUSE bug 1231373SUSE bug 1235695SUSE bug 1236151SUSE bug 1237137CVE-2024-43374 at SUSECVE-2024-43374 at NVDCVE-2024-43790 at SUSECVE-2024-43790 at NVDCVE-2024-43802 at SUSECVE-2024-43802 at NVDCVE-2024-45306 at SUSECVE-2024-45306 at NVDCVE-2024-47814 at SUSECVE-2024-47814 at NVDCVE-2025-1215 at SUSECVE-2025-1215 at NVDCVE-2025-22134 at SUSECVE-2025-22134 at NVDCVE-2025-24014 at SUSECVE-2025-24014 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-firmware (Important)SUSE Linux Micro 6.0
This update for kernel-firmware fixes the following issues:
- Update to version 20241128 (git commit ea71da6f0690):
* i915: Update Xe2LPD DMC to v2.24
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops
* iwlwifi: add Bz-gf FW for core89-91 release
* amdgpu: update smu 13.0.10 firmware
* amdgpu: update sdma 6.0.3 firmware
* amdgpu: update psp 13.0.10 firmware
* amdgpu: update gc 11.0.3 firmware
* amdgpu: add smu 13.0.14 firmware
* amdgpu: add sdma 4.4.5 firmware
* amdgpu: add psp 13.0.14 firmware
* amdgpu: add gc 9.4.4 firmware
* amdgpu: update vcn 3.1.2 firmware
* amdgpu: update psp 13.0.5 firmware
* amdgpu: update psp 13.0.8 firmware
* amdgpu: update vega20 firmware
* amdgpu: update vega12 firmware
* amdgpu: update psp 14.0.4 firmware
* amdgpu: update gc 11.5.2 firmware
* amdgpu: update vega10 firmware
* amdgpu: update vcn 4.0.0 firmware
* amdgpu: update smu 13.0.0 firmware
* amdgpu: update psp 13.0.0 firmware
* amdgpu: update gc 11.0.0 firmware
* amdgpu: update beige goby firmware
* amdgpu: update vangogh firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update navy flounder firmware
* amdgpu: update psp 13.0.11 firmware
* amdgpu: update gc 11.0.4 firmware
* amdgpu: update vcn 4.0.2 firmware
* amdgpu: update psp 13.0.4 firmware
* amdgpu: update gc 11.0.1 firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update vpe 6.1.1 firmware
* amdgpu: update vcn 4.0.6 firmware
* amdgpu: update psp 14.0.1 firmware
* amdgpu: update gc 11.5.1 firmware
* amdgpu: update vcn 4.0.5 firmware
* amdgpu: update psp 14.0.0 firmware
* amdgpu: update gc 11.5.0 firmware
* amdgpu: update navi14 firmware
* amdgpu: update arcturus firmware
* amdgpu: update renoir firmware
* amdgpu: update navi12 firmware
* amdgpu: update sdma 4.4.2 firmware
* amdgpu: update psp 13.0.6 firmware
* amdgpu: update gc 9.4.3 firmware
* amdgpu: update vcn 4.0.4 firmware
* amdgpu: update psp 13.0.7 firmware
* amdgpu: update gc 11.0.2 firmware
* amdgpu: update navi10 firmware
* amdgpu: update aldebaran firmware
- Update to version 20241125 (git commit 508d770ee6f3):
* ice: update ice DDP wireless_edge package to 1.3.20.0
* ice: update ice DDP comms package to 1.3.52.0
* ice: update ice DDP package to ice-1.3.41.0
* amdgpu: update DMCUB to v9.0.10.0 for DCN314
* amdgpu: update DMCUB to v9.0.10.0 for DCN351
- Update to version 20241121 (git commit 48bb90cceb88):
* linux-firmware: Update AMD cpu microcode
* xe: Update GUC to v70.36.0 for BMG, LNL
* i915: Update GUC to v70.36.0 for ADL-P, DG1, DG2, MTL, TGL
- Update to version 20241119 (git commit 60cdfe1831e8):
* iwlwifi: add Bz-gf FW for core91-69 release
- Update to version 20241113 (git commit 1727aceef4d2):
* qcom: venus-5.4: add venus firmware file for qcs615
* qcom: update venus firmware file for SC7280
* QCA: Add 22 bluetooth firmware nvm files for QCA2066
- Update to version 20241112 (git commit c57a0a42468b):
* mediatek MT7922: update bluetooth firmware to 20241106163512
* mediatek MT7921: update bluetooth firmware to 20241106151414
* linux-firmware: update firmware for MT7922 WiFi device
* linux-firmware: update firmware for MT7921 WiFi device
* qcom: Add QDU100 firmware image files.
* qcom: Update aic100 firmware files
* dedup-firmware.sh: fix infinite loop for --verbose
* rtl_bt: Update RTL8852BT/RTL8852BE-VT BT USB FW to 0x04D7_63F7
* cnm: update chips&media wave521c firmware.
* mediatek MT7920: update bluetooth firmware to 20241104091246
* linux-firmware: update firmware for MT7920 WiFi device
* copy-firmware.sh: Run check_whence.py only if in a git repo
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops
* amdgpu: update DMCUB to v9.0.10.0 for DCN351
* rtw89: 8852a: update fw to v0.13.36.2
* rtw88: Add firmware v52.14.0 for RTL8812AU
* i915: Update Xe2LPD DMC to v2.23
* linux-firmware: update firmware for mediatek bluetooth chip (MT7925)
* linux-firmware: update firmware for MT7925 WiFi device
* WHENCE: Add sof-tolg for mt8195
* linux-firmware: Update firmware file for Intel BlazarI core
* qcom: Add link for QCS6490 GPU firmware
* qcom: update gpu firmwares for qcs615 chipset
* cirrus: cs35l56: Update firmware for Cirrus Amps for some HP laptops
* mediatek: Add sof-tolg for mt8195
- Update to version 20241029 (git commit 048795eef350):
* ath11k: move WCN6750 firmware to the device-specific subdir
* xe: Update LNL GSC to v104.0.0.1263
* i915: Update MTL/ARL GSC to v102.1.15.1926
- Update to version 20241028 (git commit 987607d681cb):
* amdgpu: DMCUB updates for various AMDGPU ASICs
* i915: Add Xe3LPD DMC
* cnm: update chips&media wave521c firmware.
* linux-firmware: Add firmware for Cirrus CS35L41
* linux-firmware: Update firmware file for Intel BlazarU core
* Makefile: error out of 'install' if COPYOPTS is set
- Update to version 20241018 (git commit 2f0464118f40):
* check_whence.py: skip some validation if git ls-files fails
* qcom: Add Audio firmware for X1E80100 CRD/QCPs
* amdgpu: DMCUB updates forvarious AMDGPU ASICs
* brcm: replace NVRAM for Jetson TX1
* rtlwifi: Update firmware for RTL8192FU to v7.3
* make: separate installation and de-duplication targets
* check_whence.py: check the permissions
* Remove execute bit from firmware files
* configure: remove unused file
* rtl_nic: add firmware rtl8125d-1
- Update to version 20241014 (git commit 99f9c7ed1f4a):
* iwlwifi: add gl/Bz FW for core91-69 release
* iwlwifi: update ty/So/Ma firmwares for core91-69 release
* iwlwifi: update cc/Qu/QuZ firmwares for core91-69 release
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for a Lenovo Laptop
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for some ASUS laptops
* cirrus: cs35l56: Add firmware for Cirrus Amps for some HP laptops
* linux-firmware: update firmware for en8811h 2.5G ethernet phy
* QCA: Add Bluetooth firmwares for WCN785x with UART transport
- Update to version 20241011 (git commit 808cba847c70):
* mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher
* ath12k: WCN7850 hw2.0: update board-2.bin (bsc#1230596)
* ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1
* ath12k: QCN9274 hw2.0: add board-2.bin
* copy-firmware.sh: rename variables in symlink hanlding
* copy-firmware.sh: remove no longer reachable test -L
* copy-firmware.sh: remove no longer reachable test -f
* copy-firmware.sh: call ./check_whence.py before parsing the file
* copy-firmware.sh: warn if the destination folder is not empty
* copy-firmware.sh: add err() helper
* copy-firmware.sh: fix indentation
* copy-firmware.sh: reset and consistently handle destdir
* Revert "copy-firmware: Support additional compressor options"
* copy-firmware.sh: flesh out and fix dedup-firmware.sh
* Style update yaml files
* editorconfig: add initial config file
* check_whence.py: annotate replacement strings as raw
* check_whence.py: LC_ALL=C sort -u the filelist
* check_whence.py: ban link-to-a-link
* check_whence.py: use consistent naming
* Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin
* tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31
- Update to version 20241010 (git commit d4e688aa74a0):
* rtlwifi: Add firmware v39.0 for RTL8192DU
* Revert "ath12k: WCN7850 hw2.0: update board-2.bin"
(replaced with a newer firmware in this package instead)
- Update to version 20241004 (git commit bbb77872a8a7):
* amdgpu: DMCUB DCN35 update
* brcm: Add BCM4354 NVRAM for Jetson TX1
* brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram
- Update to version 20241001 (git commit 51e5af813eaf):
* linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920)
* linux-firmware: add firmware for MT7920
* amdgpu: update raven firmware
* amdgpu: update SMU 13.0.10 firmware
* amdgpu: update PSP 13.0.10 firmware
* amdgpu: update GC 11.0.3 firmware
* amdgpu: update VCN 3.1.2 firmware
* amdgpu: update PSP 13.0.5 firmware
* amdgpu: update PSP 13.0.8 firmware
* amdgpu: update vega12 firmware
* amdgpu: update PSP 14.0.4 firmware
* amdgpu: update GC 11.5.2 firmware
* amdgpu: update vega10 firmware
* amdgpu: update VCN 4.0.0 firmware
* amdgpu: update PSP 13.0.0 firmware
* amdgpu: update GC 11.0.0 firmware
* amdgpu: update picasso firmware
* amdgpu: update beige goby firmware
* amdgpu: update vangogh firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update navy flounder firmware
* amdgpu: update green sardine firmware
* amdgpu: update VCN 4.0.2 firmware
* amdgpu: update PSP 13.0.4 firmware
* amdgpu: update GC 11.0.1 firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update VCN 4.0.6 firmware
* amdgpu: update PSP 14.0.1 firmware
* amdgpu: update GC 11.5.1 firmware
* amdgpu: update VCN 4.0.5 firmware
* amdgpu: update PSP 14.0.0 firmware
* amdgpu: update GC 11.5.0 firmware
* amdgpu: update navi14 firmware
* amdgpu: update renoir firmware
* amdgpu: update navi12 firmware
* amdgpu: update SMU 13.0.6 firmware
* amdgpu: update SDMA 4.4.2 firmware
* amdgpu: update PSP 13.0.6 firmware
* amdgpu: update GC 9.4.3 firmware
* amdgpu: update yellow carp firmware
* amdgpu: update VCN 4.0.4 firmware
* amdgpu: update PSP 13.0.7 firmware
* amdgpu: update GC 11.0.2 firmware
* amdgpu: update navi10 firmware
* amdgpu: update aldebaran firmware
* qcom: update gpu firmwares for qcm6490 chipset
* mt76: mt7996: add firmware files for mt7992 chipset
* mt76: mt7996: add firmware files for mt7996 chipset variants
* qcom: add gpu firmwares for sa8775p chipset
* rtw89: 8922a: add fw format-2 v0.35.42.1
- Update to version 20240913 (git commit bcbdd1670bc3):
* amdgpu: update DMCUB to v0.0.233.0 DCN351
* copy-firmware: Handle links to uncompressed files
* WHENCE: Fix battmgr.jsn entry type
- Update to version 20240912 (git commit 47c72fee8fe3):
* amdgpu: Add VPE 6.1.3 microcode
* amdgpu: add SDMA 6.1.2 microcode
* amdgpu: Add support for PSP 14.0.4
* amdgpu: add GC 11.5.2 microcode
* qcom: qcm6490: add ADSP and CDSP firmware
* linux-firmware: Update firmware file for Intel Bluetooth Magnetor core
* linux-firmware: Update firmware file for Intel BlazarU core
* linux-firmware: Update firmware file for Intel Bluetooth Solar core
- Update to version 20240911 (git commit 59def907425d):
* rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 (bsc#1229272)
- Update to version 20240910 (git commit 2a7b69a3fa30):
* realtek: rt1320: Add patch firmware of MCU
* i915: Update MTL DMC v2.23
* cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops
- Update to version 20240903 (git commit 96af55bd3d0b):
* amdgpu: Revert sienna cichlid dmcub firmware update (bsc#1230007)
* iwlwifi: add Bz FW for core89-58 release
* rtl_nic: add firmware rtl8126a-3
* linux-firmware: update firmware for MT7921 WiFi device
* linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
- Update to version 20240830 (git commit d6c600d46981):
* amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351
* qcom: vpu: restore compatibility with kernels before 6.6
- Update to version 20240826 (git commit bec4fd18cc57):
(including ath11k f/w updates for bsc#1234027)
* amdgpu: DMCUB updates forvarious AMDGPU ASICs
* rtw89: 8922a: add fw format-1 v0.35.41.0
* linux-firmware: update firmware for MT7925 WiFi device
* linux-firmware: update firmware for mediatek bluetooth chip (MT7925)
* rtl_bt: Add firmware and config files for RTL8922A
* rtl_bt: Add firmware file for the the RTL8723CS Bluetooth part
* rtl_bt: de-dupe identical config.bin files
* rename rtl8723bs_config-OBDA8723.bin -> rtl_bt/rtl8723bs_config.bin
* linux-firmware: Update AMD SEV firmware
* linux-firmware: update firmware for MT7996
* Revert "i915: Update MTL DMC v2.22"
* ath12k: WCN7850 hw2.0: update board-2.bin
* ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.41
* ath11k: WCN6855 hw2.0: update board-2.bin
* ath11k: QCA2066 hw2.1: add to WLAN.HSP.1.1-03926.13-QCAHSPSWPL_V2_SILICONZ_CE-2.52297.3
* ath11k: QCA2066 hw2.1: add board-2.bin
* ath11k: IPQ5018 hw1.0: update to WLAN.HK.2.6.0.1-01291-QCAHKSWPL_SILICONZ-1
* qcom: vpu: add video firmware for sa8775p
* amdgpu: DMCUB updates for various AMDGPU ASICs
- Update to version 20240809 (git commit 36db650dae03):
* qcom: update path for video firmware for vpu-1/2/3.0
* QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00642
* rtw89: 8852c: add fw format-1 v0.27.97.0
* rtw89: 8852bt: add firmware 0.29.91.0
* amdgpu: Update ISP FW for isp v4.1.1
* mediatek: Update mt8195 SOF firmware
* amdgpu: DMCUB updates for DCN314
* xe: First GuC release v70.29.2 for BMG
* xe: Add GuC v70.29.2 for LNL
* i915: Add GuC v70.29.2 for ADL-P, DG1, DG2, MTL, and TGL
* i915: Update MTL DMC v2.22
* i915: update MTL GSC to v102.0.10.1878
* xe: Add BMG HuC 8.2.10
* xe: Add GSC 104.0.0.1161 for LNL
* xe: Add LNL HuC 9.4.13
* i915: update DG2 HuC to v7.10.16
* amdgpu: Update ISP FW for isp v4.1.1
* QCA: Update Bluetooth QCA2066 firmware to 2.1.0-00641
ImportantSUSE bug 1219458SUSE bug 1229069SUSE bug 1229272SUSE bug 1230007SUSE bug 1230596SUSE bug 1234027CVE-2023-31315 at SUSECVE-2023-31315 at NVDcpe:/o:suse:sl-micro:6.0Security update for pam_pkcs11 (Critical)SUSE Linux Micro 6.0
This update for pam_pkcs11 fixes the following issues:
- CVE-2025-24531: Fixed regression in version 0.6.12 returning PAM_IGNORE in many situations with possible authentication bypass (bsc#1236314).
CriticalSUSE bug 1236314CVE-2025-24531 at SUSECVE-2025-24531 at NVDcpe:/o:suse:sl-micro:6.0Security update for ucode-intel (Moderate)SUSE Linux Micro 6.0
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20240514 release (bsc#1224277)
- CVE-2023-45733: Security updates for INTEL-SA-01051
- CVE-2023-46103: Security updates for INTEL-SA-01052
- CVE-2023-45745,CVE-2023-47855: Security updates for INTEL-SA-01036
- Updated to Intel CPU Microcode 20240312 release. (bsc#1221323)
- Security updates for INTEL-SA-INTEL-SA-00972
- CVE-2023-39368: Protection mechanism failure of bus lock regulator
for some Intel Processors may allow an unauthenticated user to
potentially enable denial of service via network access
- Security updates for INTEL-SA-INTEL-SA-00982
- CVE-2023-38575: Non-transparent sharing of return predictor targets
between contexts in some Intel Processors may allow an authorized
user to potentially enable information disclosure via local access.
- Security updates for INTEL-SA-INTEL-SA-00898
- CVE-2023-28746: Information exposure through microarchitectural
state after transient execution from some register files for some
Intel Atom Processors may allow an authenticated user to potentially
enable information disclosure via local access.
- Security updates for INTEL-SA-INTEL-SA-00960
- CVE-2023-22655 Protection mechanism failure in some 3rd and 4th
Generation Intel Xeon Processors when using Intel SGX or Intel TDX
may allow a privileged user to potentially enable escalation of
privilege via local access.
- Security updates for INTEL-SA-INTEL-SA-01045
- CVE-2023-43490: Incorrect calculation in microcode keying mechanism
for some Intel Xeon D Processors with Intel SGX may allow a
privileged user to potentially enable information disclosure via
local access.
ModerateSUSE bug 1221323SUSE bug 1224277CVE-2023-22655 at SUSECVE-2023-22655 at NVDCVE-2023-28746 at SUSECVE-2023-28746 at NVDCVE-2023-38575 at SUSECVE-2023-38575 at NVDCVE-2023-39368 at SUSECVE-2023-39368 at NVDCVE-2023-43490 at SUSECVE-2023-43490 at NVDCVE-2023-45733 at SUSECVE-2023-45733 at NVDCVE-2023-45745 at SUSECVE-2023-45745 at NVDCVE-2023-46103 at SUSECVE-2023-46103 at NVDCVE-2023-47855 at SUSECVE-2023-47855 at NVDcpe:/o:suse:sl-micro:6.0Security update for sssd (Important)SUSE Linux Micro 6.0
This update for sssd fixes the following issues:
- CVE-2023-3758: Fixed race condition during authorization leading to GPO policies functioning inconsistently (bsc#1223100).
ImportantSUSE bug 1223100CVE-2023-3758 at SUSECVE-2023-3758 at NVDcpe:/o:suse:sl-micro:6.0Security update for pam_u2f (Moderate)SUSE Linux Micro 6.0
This update for pam_u2f fixes the following issues:
- update to 1.3.2:
* Relax authfile permission check to a warning instead of an error to prevent
a breaking change locking existing users out of their systems.
- update to 1.3.1:
* CVE-2025-23013: Fixed problematic PAM_IGNORE return values in `pam_sm_authenticate()`(bsc#1233517).
* Changed return value when nouserok is enabled and the user has no
credentials, PAM_IGNORE is used instead of PAM_SUCCESS.
* Hardened checks of authfile permissions.
* Hardened checks for nouserok.
* Improved debug messages.
* Improved documentation.
ModerateSUSE bug 1233517CVE-2025-23013 at SUSECVE-2025-23013 at NVDcpe:/o:suse:sl-micro:6.0Security update for pcp (Important)SUSE Linux Micro 6.0
This update for pcp fixes the following issues:
- CVE-2024-45770: Fixed `pmpost` symlink attack allowing escalating `pcp` to `root` user (bsc#1230552).
- CVE-2024-45769: Fixed `pmcd` heap corruption through metric pmstore operations (bsc#1230551).
- CVE-2024-3019: Fixed exposure of the redis backend server allowing remote command execution via pmproxy (bsc#1222121).
- CVE-2023-6917: Fixed Local privilege escalation from pcp user to root in /usr/libexec/pcp/lib/pmproxy (bsc#1217826).
Other fixes:
- Updated to version 6.2.0
ImportantSUSE bug 1069468SUSE bug 1217783SUSE bug 1217826SUSE bug 1222121SUSE bug 1222815SUSE bug 1230551SUSE bug 1230552CVE-2023-6917 at SUSECVE-2023-6917 at NVDCVE-2024-3019 at SUSECVE-2024-3019 at NVDCVE-2024-45769 at SUSECVE-2024-45769 at NVDCVE-2024-45770 at SUSECVE-2024-45770 at NVDcpe:/o:suse:sl-micro:6.0Security update for gstreamer-plugins-base (Important)SUSE Linux Micro 6.0
This update for gstreamer-plugins-base fixes the following issues:
- CVE-2024-47538: Fixed stack-buffer overflow in vorbis_handle_identification_packet (bsc#1234415).
- CVE-2024-47835: Fixed NULL-pointer dereference in LRC subtitle parser (bsc#1234450).
- CVE-2024-47600: Fixed Out-of-bounds read in gst-discoverer-1.0 commandline tool (bsc#1234453).
- CVE-2024-47607: Fixed Stack buffer-overflow in Opus decoder (bsc#1234455).
- CVE-2024-47615: Fixed Out-of-bounds write in Ogg demuxer (bsc#1234456).
- CVE-2024-47541: Fixed out-of-bounds write in SSA subtitle parser (bsc#1234459).
- CVE-2024-47542: Fixed ID3v2 parser out-of-bounds read and NULL-pointer dereference (bsc#1234460).
ImportantSUSE bug 1234415SUSE bug 1234450SUSE bug 1234453SUSE bug 1234455SUSE bug 1234456SUSE bug 1234459SUSE bug 1234460CVE-2024-47538 at SUSECVE-2024-47538 at NVDCVE-2024-47541 at SUSECVE-2024-47541 at NVDCVE-2024-47542 at SUSECVE-2024-47542 at NVDCVE-2024-47600 at SUSECVE-2024-47600 at NVDCVE-2024-47607 at SUSECVE-2024-47607 at NVDCVE-2024-47615 at SUSECVE-2024-47615 at NVDCVE-2024-47835 at SUSECVE-2024-47835 at NVDcpe:/o:suse:sl-micro:6.0Security update for glibc (Important)SUSE Linux Micro 6.0
This update for glibc fixes the following issues:
- CVE-2025-0395: Fixed buffer overflow in the assert() function (bsc#1236282).
Other fixes:
- Fix underallocation of abort_msg_s struct
- Correctly determine livepatching support
- Remove nss-systemd from default nsswitch.conf (bsc#1233699)
ImportantSUSE bug 1233699SUSE bug 1234665SUSE bug 1236282CVE-2025-0395 at SUSECVE-2025-0395 at NVDcpe:/o:suse:sl-micro:6.0Security update for pcr-oracle, shim (Important)SUSE Linux Micro 6.0
This update for pcr-oracle, shim fixes the following issues:
pcr-oracle:
- predict SbatLevelRT for the next boot (bsc#1230316)
shim was updated to version 15.8:
- Update shim-install to use the 'removable' way for encrypted
SL-Micro images (bsc#1230316)
* Always use the removable way for SL-Micro
* Limit the removable option to encrypted SL-Micro
Security issues fixed:
- mok: fix LogError() invocation (bsc#1215099,CVE-2023-40546)
- avoid incorrectly trusting HTTP headers (bsc#1215098,CVE-2023-40547)
- Fix integer overflow on SBAT section size on 32-bit system (bsc#1215100,CVE-2023-40548)
- Authenticode: verify that the signature header is in bounds (bsc#1215101,CVE-2023-40549)
- pe: Fix an out-of-bound read in verify_buffer_sbat() (bsc#1215102,CVE-2023-40550)
- pe-relocate: Fix bounds check for MZ binaries (bsc#1215103,CVE-2023-40551)
ImportantSUSE bug 1215098SUSE bug 1215099SUSE bug 1215100SUSE bug 1215101SUSE bug 1215102SUSE bug 1215103SUSE bug 1230316CVE-2023-40546 at SUSECVE-2023-40546 at NVDCVE-2023-40547 at SUSECVE-2023-40547 at NVDCVE-2023-40548 at SUSECVE-2023-40548 at NVDCVE-2023-40549 at SUSECVE-2023-40549 at NVDCVE-2023-40550 at SUSECVE-2023-40550 at NVDCVE-2023-40551 at SUSECVE-2023-40551 at NVDcpe:/o:suse:sl-micro:6.0Security update for python311, python-rpm-macros (Important)SUSE Linux Micro 6.0
This update for python311, python-rpm-macros fixes the following issues:
python311:
- CVE-2024-0450: Fixed zipfile module vulnerability with "quoted-overlap" zipbomb (bsc#1221854)
- CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private ranges (bsc#1226448)
- CVE-2024-0397: Fixed memory race condition in ssl.SSLContext certificate store methods (bsc#1226447)
- CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780)
- Fixed executable bits for /usr/bin/idle* (bsc#1227378).
python-rpm-macros:
- Update to version 20240618.c146b29:
* Add %FLAVOR_pytest and %FLAVOR_pyunittest variants
- Update to version 20240618.1e386da:
* Fix python_clone sed regex
- Update to version 20240614.02920b8:
* Make sure that RPM_BUILD_ROOT env is set
* don't eliminate any cmdline arguments in the shebang line
* Create python313 macros
- Update to version 20240415.c664b45:
* Fix typo 310 -> 312 in default-prjconf
- Update to version 20240202.501440e:
* SPEC0: Drop python39, add python312 to buildset (#169)
- Update to version 20231220.98427f3:
* fix python2_compile macro
- Update to version 20231207.46c2ec3:
* make FLAVOR_compile compatible with python2
- Update to version 20231204.dd64e74:
* Combine fix_shebang in one line
* New macro FLAVOR_fix_shebang_path
* Use realpath in %python_clone macro shebang replacement
* Compile and fix_shebang in %python_install macros
- Update to version 20231010.0a1f0d9:
* Revert "Compile and fix_shebang in %python_install macros"
* gh#openSUSE/python-rpm-macros#163
- Update to version 20231010.a32e110:
* Compile and fix_shebang in %python_install macros
- Update to version 20231005.bf2d3ab:
* Fix shebang also in sbin with macro _fix_shebang
ImportantSUSE bug 1174091SUSE bug 1189495SUSE bug 1221854SUSE bug 1226447SUSE bug 1226448SUSE bug 1227378SUSE bug 1228780SUSE bug 831629CVE-2019-20907 at SUSECVE-2019-20907 at NVDCVE-2019-9947 at SUSECVE-2019-9947 at NVDCVE-2020-15523 at SUSECVE-2020-15523 at NVDCVE-2020-15801 at SUSECVE-2020-15801 at NVDCVE-2022-25236 at SUSECVE-2022-25236 at NVDCVE-2023-52425 at SUSECVE-2023-52425 at NVDCVE-2024-0397 at SUSECVE-2024-0397 at NVDCVE-2024-0450 at SUSECVE-2024-0450 at NVDCVE-2024-4032 at SUSECVE-2024-4032 at NVDCVE-2024-6923 at SUSECVE-2024-6923 at NVDcpe:/o:suse:sl-micro:6.0Security update for podman (Important)SUSE Linux Micro 6.0
This update for podman fixes the following issues:
- CVE-2025-27144: Fixed gopkg.in/square/go-jose.v2,gopkg.in/go-jose/go-jose.v2,github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: Go JOSE's Parsing Vulnerable to Denial of Service (bsc#1237641):
- CVE-2024-11218: Fixed github.com/containers/buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile (bsc#1236270):
- CVE-2023-45288: Fixed golang.org/x/net/http2: close connections when receiving too many headers (bsc#1236507):
- CVE-2024-6104: Fixed hashicorp/go-retryablehttp: url might write sensitive information to log file (bsc#1227052):
ImportantSUSE bug 1227052SUSE bug 1236270SUSE bug 1236507SUSE bug 1237641CVE-2023-45288 at SUSECVE-2023-45288 at NVDCVE-2024-11218 at SUSECVE-2024-11218 at NVDCVE-2024-6104 at SUSECVE-2024-6104 at NVDCVE-2024-9407 at SUSECVE-2024-9407 at NVDCVE-2025-27144 at SUSECVE-2025-27144 at NVDcpe:/o:suse:sl-micro:6.0Security update for curl (Moderate)SUSE Linux Micro 6.0
This update for curl fixes the following issues:
Security issues fixed:
- CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
- CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)
Other issues fixed:
- Make sure the TLS handshake after a successful STARTTLS command
is fully done before further sending/receiving on the connection. (bsc#1235151)
ModerateSUSE bug 1235151SUSE bug 1236588SUSE bug 1236590CVE-2025-0167 at SUSECVE-2025-0167 at NVDCVE-2025-0725 at SUSECVE-2025-0725 at NVDcpe:/o:suse:sl-micro:6.0Security update for ca-certificates-mozilla (Important)SUSE Linux Micro 6.0
This update for ca-certificates-mozilla fixes the following issues:
- Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525)
- Added: FIRMAPROFESIONAL CA ROOT-A WEB
- Distrust: GLOBALTRUST 2020
- Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356)
Added:
- CommScope Public Trust ECC Root-01
- CommScope Public Trust ECC Root-02
- CommScope Public Trust RSA Root-01
- CommScope Public Trust RSA Root-02
- D-Trust SBR Root CA 1 2022
- D-Trust SBR Root CA 2 2022
- Telekom Security SMIME ECC Root 2021
- Telekom Security SMIME RSA Root 2023
- Telekom Security TLS ECC Root 2020
- Telekom Security TLS RSA Root 2023
- TrustAsia Global Root CA G3
- TrustAsia Global Root CA G4
Removed:
- Autoridad de Certificacion Firmaprofesional CIF A62634068
- Chambers of Commerce Root - 2008
- Global Chambersign Root - 2008
- Security Communication Root CA
- Symantec Class 1 Public Primary Certification Authority - G6
- Symantec Class 2 Public Primary Certification Authority - G6
- TrustCor ECA-1
- TrustCor RootCert CA-1
- TrustCor RootCert CA-2
- VeriSign Class 1 Public Primary Certification Authority - G3
- VeriSign Class 2 Public Primary Certification Authority - G3
ImportantSUSE bug 1199079SUSE bug 1220356SUSE bug 1227525cpe:/o:suse:sl-micro:6.0Security update for gnutls (Important)SUSE Linux Micro 6.0
This update for gnutls fixes the following issues:
- CVE-2024-28835: certtool crash when verifying a certificate chain (bsc#1221747)
- CVE-2024-28834: Fixed side-channel in the deterministic ECDSA (bsc#1221746)
- jitterentropy: Release the memory of the entropy collector when using jitterentropy
with phtreads as there is also a pre-initialization done in the main thread. (bsc#1221242)
ImportantSUSE bug 1221242SUSE bug 1221746SUSE bug 1221747CVE-2024-28834 at SUSECVE-2024-28834 at NVDCVE-2024-28835 at SUSECVE-2024-28835 at NVDcpe:/o:suse:sl-micro:6.0Security update for tpm2.0-tools, tpm2-0-tss (Moderate)SUSE Linux Micro 6.0
This update for tpm2.0-tools, tpm2-0-tss fixes the following issues:
tpm2-0-tss:
Update to version 4.1:
+ Security
- CVE-2024-29040: arbitrary quote data may go undetected by Fapi_VerifyQuote (bsc#1223690)
+ Fixed
- fapi: Fix length check on FAPI auth callbacks
- mu: Correct error message for errors
- tss2-rc: fix unknown laer handler dropping bits.
- fapi: Fix deviation from CEL specification (template_value was used instead of template_data).
- fapi: Fix json syntax error in FAPI profiles which was ignored by json-c.
- build: fix build fail after make clean.
- mu: Fix unneeded size check in TPM2B unmarshaling.
- fapi: Fix missing parameter encryption.
- build: Fix failed build with --disable-vendor.
- fapi: Fix flush of persistent handles.
- fapi: Fix test provisioning with template with self generated certificate disabled.
- fapi: Fix error in Fapi_GetInfo it TPM supports SHA3 hash algs.
- fapi: Revert pcr extension for EV_NO_ACTION events.
- fapi: Fix strange error messages if nv, ext, or policy path does not exits.
- fapi: Fix segfault caused by wrong allocation of pcr policy.
- esys: Fix leak in Esys_EvictControl for persistent handles.
- tss2-tcti: tcti-libtpms: fix test failure on big-endian platform.
- esys: Add reference counting for Esys_TR_FromTPMPublic.
- esys: Fix HMAC error if session bind key has an auth value with a trailing 0.
- fapi: fix usage of self signed certificates in TPM.
- fapi: Usage of self signed certificates.
- fapi: A segfault after the error handling of non existing keys.
- fapi: Fix several leaks.
- fapi: Fix error handling for policy execution.
- fapi: Fix usage of persistent handles (should not be flushed)
- fapi: Fix test provisioning with template (skip test without self generated certificate).
- fapi: Fix pcr extension for EV_NO_ACTION
- test: Fix fapi-key-create-policy-signed-keyedhash with P_ECC384 profile
- tcti_spi_helper_transmit: ensure FIFO is accessed only after TPM reports commandReady bit is set
- fapi: Fix read large system eventlog (> UINT16_MAX).
- esys tests: Fix layer check for TPM2_RC_COMMAND_CODE (for /dev/tpmrm0)
- test: unit: tcti-libtpms: fix test failed at 32-bit platforms.
- fapi: Fix possible null pointer dereferencing in Fapi_List.
- sys: Fix size check in Tss2_Sys_GetCapability.
- esys: Fix leak in Esys_TR_FromTPMPublic.
- esys: fix unchecked return value in esys crypto.
- fapi: Fix wrong usage of local variable in provisioning.
- fapi: Fix memset 0 in ifapi_json_TPMS_POLICYNV_deserialize.
- fapi: Fix possible out of bound array access in IMA parser.
- tcti device: Fix possible unmarshalling from uninitialized variable.
- fapi: Fix error checking authorization of signing key.
- fapi: Fix cleanup of policy sessions.
- fapi: Eventlog H-CRTM events and different localities.
- fapi: Fix missing synchronization of quote and eventlog.
- faii: Fix invalid free in Fapi_Quote with empty eventlog.
+ Added
- tcti: LetsTrust-TPM2Go TCTI module spi-ltt2go.
- mbedtls: add sha512 hmac.
- fapi: Enable usage of external keys for Fapi_Encrypt.
- fapi: Support download of AMD certificates.
- tcti: Add USB TPM (FTDI MPSSE USB to SPI bridge) TCTI module.
- fapi: The recreation of primaries (except EK) in the owner hierarchy instead the endorsement hierarchy is fixed.
- rc: New TPM return codes added.
- fapi: Further Nuvoton certificates added.
- tpm_types/esys: Add support for Attestable TPM changes in latest TPM spec.
- tcti: Add '/dev/tcm0' to default conf
- fapi: New Nuvoton certificates added.
- esys: Fix leak in Esys_TR_FromTPMPublic.
+ Removed
- Testing on Ubuntu 18.04 as it's near EOL (May 2023).
tpm2.0-tools:
Update to version 5.7:
+ Security
- CVE-2024-29038: arbitrary quote data may go undetected by tpm2_checkquote (bsc#1223687)
- CVE-2024-29039: pcr selection value is not compared with the attest (bsc#1223689)
+ Fixed
- Fix eventlog test
- Fix issues with reading NV indexes
- Fix context save error on tpm2_create
- tpm2_sessionconfig: fix handling of --disable-continue session so that the subsequent command will not fail
- when attempting to context save a flushed session.
- detection of functions within libcrypto when CRYPTO_LIBS is set and system has install libcrypto.
- tpm2_send: fix EOF detection on input stream.
- tpm2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems.
- tpm2_nvread: fix input handling no nv index.
- Auth file: Ensure 0-termination when reading auths from a file.
- configure.ac: fix bashisms. configure scripts need to be runnable with a POSIX-compliant /bin/sh.
- cirrus.yml fix tss compilation with libtpms for FreeBSD.
- tpm2_tool.c Fix missing include for basename to enable compilation on netbsd.
- options: fix TCTI handling to avoid failures for commands that should work with no options.
- tpm2_getekcertificate.c Fix leak. ek_uri was not freed if get_ek_server_address failed.
+ Added
- Add the possibility for autoflush (environment variable "TPM2TOOLS_AUTOFLUSH", or -R option)
+ Removed
- Testing on Ubuntu 18.04 as it's near EOL (May 2023).m2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems.
- tpm2_nvread: fix input handling no nv index.
- Update to version 5.6
+ tpm2_eventlog:
* add H-CRTM event support
* add support of efivar versions less than 38
* Add support to check for efivar/efivar.h manually
* Minor formatting fixes
* tpm2_eventlog: add support for replay with different StartupLocality
* Fix pcr extension for EV_NO_ACTION
* Extend test of yaml string representation
* Use helper for printing a string dump
* Fix upper bound on unique data size
* Fix YAML string formatting
+ tpm2_policy:
* Add support for parsing forward seal TPM values
* Use forward seal values in creating policies
* Move dgst_size in evaluate_populate_pcr_digests()
* Allow more than 8 PCRs for sealing
* Move dgst_size in evaluate_populate_pcr_digests
* Allow more than 8 PCRs for sealing
* Make __wrap_Esys_PCR_Read() more dynamic to enable testing more PCRs
+ tpm2_encryptdecrypt: Fix pkcs7 padding stripping
+ tpm2_duplicate:
* Support -a option for attributes
* Add --key-algorithm option
+ tpm2_encodeobject: Use the correct -O option instead of -C
+ tpm2_unseal: Add qualifier static to enhance the privacy of unseal
function
+ tpm2_sign:
* Remove -m option which was added mistakenly
* Revert sm2 sign and verifysignature
+ tpm2_createek:
* Correct man page example
* Fix usage of nonce
* Fix integrating nonce
+ tpm2_clear: add more details about the action
+ tpm2_startauthsession: allow the file attribute for policy
authorization.
+ tpm2_getekcertificate: Add AMD EK support
+ tpm2_ecdhzgen: Add public-key parameter
+ tpm2_nvreadpublic: Prevent free of unallocated pointers on failure
+ Bug-fixes:
* The readthedocs build failed with module 'jinja2' has no
attribute 'contextfilter' a requirement file was added to fix
this problem
* An error caused by the flags -flto -_FORTIFY_SOURCE=3 in kdfa
implementation. This error can be avoided by switching off the
optimization with pragma
* Changed wrong function name of "Esys_Load" to "Esys_Load"
* Function names beginning with Esys_ are wrongly written as Eys_
* Reading and writing a serialized persistent ESYS_TR handles
* cirrus-ci update image-family to freebsd-13-2 from 13-1
+ misc:
* Change the default Python version to Python3 in the helper's code
* Skip test which uses the sign operator for comparison in
abrmd_policynv.sh
* tools/tr_encode: Add a tool that can encode serialized ESYS_TR
for persistent handles from the TPM2B_PUBLIC and the raw
persistent TPM2_HANDLE
* Add safe directory in config
ModerateSUSE bug 1223687SUSE bug 1223689SUSE bug 1223690CVE-2024-29038 at SUSECVE-2024-29038 at NVDCVE-2024-29039 at SUSECVE-2024-29039 at NVDCVE-2024-29040 at SUSECVE-2024-29040 at NVDcpe:/o:suse:sl-micro:6.0Security update for krb5 (Moderate)SUSE Linux Micro 6.0
This update for krb5 fixes the following issues:
- CVE-2025-24528: Prevent overflow when calculating ulog block size.
An authenticated attacker can cause kadmind to write beyond the end
of the mapped region for the iprop log file, likely causing a process
crash (bsc#1236619).
ModerateSUSE bug 1236619CVE-2025-24528 at SUSECVE-2025-24528 at NVDcpe:/o:suse:sl-micro:6.0Security update for orc (Important)SUSE Linux Micro 6.0
This update for orc fixes the following issues:
- CVE-2024-40897: Fixed a stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files (bsc#1228184)
ImportantSUSE bug 1228184CVE-2024-40897 at SUSECVE-2024-40897 at NVDcpe:/o:suse:sl-micro:6.0Security update for python311 (Important)SUSE Linux Micro 6.0
This update for python311 fixes the following issues:
- Skip PGO with %want_reproducible_builds (bsc#1239210)
- CVE-2025-0938: Disallows square brackets ([ and ]) in domain names for parsed
URLs (bsc#1236705).
- Configure externally_managed with a bcond (bsc#1228165).
- Update to 3.11.11:
- Tools/Demos
- gh-123418: Update GitHub CI workflows to use OpenSSL 3.0.15
and multissltests to use 3.0.15, 3.1.7, and 3.2.3.
- Tests
- gh-125041: Re-enable skipped tests for zlib on the
s390x architecture: only skip checks of the compressed
bytes, which can be different between zlib’s software
implementation and the hardware-accelerated implementation.
- Security
- gh-126623: Upgrade libexpat to 2.6.4
- gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to
consistently use the mapped IPv4 address value for deciding
properties. Properties which have their behavior fixed are
is_multicast, is_reserved, is_link_local, is_global, and
is_unspecified.
- Library
- gh-124651: Properly quote template strings in venv
activation scripts (bsc#1232241, CVE-2024-9287).
- Remove -IVendor/ from python-config (bsc#1231795)
- CVE-2024-9287: Properly quote path names provided when creating a
virtual environment (bsc#1232241)
- Drop .pyc files from docdir for reproducible builds
(bsc#1230906).
- Update to 3.11.10:
- Security
- gh-123678: Upgrade libexpat to 2.6.3
- gh-121957: Fixed missing audit events around interactive
use of Python, now also properly firing for ``python -i``,
as well as for ``python -m asyncio``. The event in question
is ``cpython.run_stdin``.
- gh-122133: Authenticate the socket connection for the
``socket.socketpair()`` fallback on platforms where
``AF_UNIX`` is not available like Windows. Patch by
Gregory P. Smith <greg@krypto.org> and Seth Larson
<seth@python.org>. Reported by Ellie <el@horse64.org>
- gh-121285: Remove backtracking from tarfile header parsing
for ``hdrcharset``, PAX, and GNU sparse headers
(bsc#1230227, CVE-2024-6232).
- gh-118486: :func:`os.mkdir` on Windows now accepts
*mode* of ``0o700`` to restrict the new directory to
the current user. This fixes CVE-2024-4030 affecting
:func:`tempfile.mkdtemp` in scenarios where the base
temporary directory is more permissive than the default.
- gh-116741: Update bundled libexpat to 2.6.2
- Library
- gh-123270: Applied a more surgical fix for malformed
payloads in :class:`zipfile.Path` causing infinite loops
(gh-122905) without breaking contents using legitimate
characters (bsc#1229704, CVE-2024-8088).
- gh-123067: Fix quadratic complexity in parsing ``"``-quoted
cookie values with backslashes by :mod:`http.cookies`
(bsc#1229596, CVE-2024-7592).
- gh-122905: :class:`zipfile.Path` objects now sanitize names
from the zipfile.
- gh-121650: :mod:`email` headers with embedded newlines are
now quoted on output. The :mod:`~email.generator` will now
refuse to serialize (write) headers that are unsafely folded
or delimited; see :attr:`~email.policy.Policy.verify_generated_headers`.
(Contributed by Bas Bloemsaat and Petr Viktorin in
:gh:`121650`; CVE-2024-6923, bsc#1228780).
- gh-119506: Fix :meth:`!io.TextIOWrapper.write` method
breaks internal buffer when the method is called again
during flushing internal buffer.
- gh-118643: Fix an AttributeError in the :mod:`email` module
when re-fold a long address list. Also fix more cases of
incorrect encoding of the address separator in the address
list.
- gh-113171: Fixed various false positives and false
negatives in * :attr:`ipaddress.IPv4Address.is_private`
(see these docs for details) *
:attr:`ipaddress.IPv4Address.is_global` *
:attr:`ipaddress.IPv6Address.is_private` *
:attr:`ipaddress.IPv6Address.is_global` Also in the
corresponding :class:`ipaddress.IPv4Network` and
:class:`ipaddress.IPv6Network` attributes.
Fixes bsc#1226448 (CVE-2024-4032).
- gh-102988: :func:`email.utils.getaddresses` and
:func:`email.utils.parseaddr` now return ``('', '')``
2-tuples in more situations where invalid email addresses
are encountered instead of potentially inaccurate
values. Add optional *strict* parameter to these two
functions: use ``strict=False`` to get the old behavior,
accept malformed inputs. ``getattr(email.utils,
'supports_strict_parsing', False)`` can be use to check if
the *strict* paramater is available. Patch by Thomas Dwyer
and Victor Stinner to improve the CVE-2023-27043 fix
(bsc#1210638).
- gh-67693: Fix :func:`urllib.parse.urlunparse` and
:func:`urllib.parse.urlunsplit` for URIs with path starting
with multiple slashes and no authority. Based on patch by
Ashwin Ramaswami.
- Core and Builtins
- gh-112275: A deadlock involving ``pystate.c``'s
``HEAD_LOCK`` in ``posixmodule.c`` at fork is now
fixed. Patch by ChuBoning based on previous Python 3.12 fix
by Victor Stinner.
- gh-109120: Added handle of incorrect star expressions, e.g
``f(3, *)``. Patch by Grigoryev Semyon
- CVE-2024-8088: Prevent malformed payload to cause infinite loops in
zipfile.Path (bsc#1229704).
- Make pip and modern tools install directly in /usr/local when used by the user.
(bsc#1225660).
- CVE-2024-4032: Fix rearranging definition of private v global IP addresses (bsc#1226448).
- Update to 3.11.9:
* Security
- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
(CVE-2023-52425, bsc#1219559) by adding five new methods:
xml.etree.ElementTree.XMLParser.flush()
xml.etree.ElementTree.XMLPullParser.flush()
xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
xml.sax.expatreader.ExpatParser.flush()
- gh-115399: Update bundled libexpat to 2.6.0
- gh-115243: Fix possible crashes in collections.deque.index()
when the deque is concurrently modified.
- gh-114572: ssl.SSLContext.cert_store_stats() and
ssl.SSLContext.get_ca_certs() now correctly lock access to the
certificate store, when the ssl.SSLContext is shared across
multiple threads (bsc#1226447, CVE-2024-0397).
* Core and Builtins
- gh-116296: Fix possible refleak in object.__reduce__() internal
error handling.
- gh-116034: Fix location of the error on a failed assertion.
- gh-115823: Properly calculate error ranges in the parser when
raising SyntaxError exceptions caused by invalid byte sequences.
Patch by Pablo Galindo
- gh-112087: For an empty reverse iterator for list will be
reduced to reversed(). Patch by Donghee Na.
- gh-115011: Setters for members with an unsigned integer type now
support the same range of valid values for objects that has a
__index__() method as for int.
- gh-96497: Fix incorrect resolution of mangled class variables
used in assignment expressions in comprehensions.
* Library
- gh-117310: Fixed an unlikely early & extra Py_DECREF triggered
crash in ssl when creating a new _ssl._SSLContext if CPython was
built implausibly such that the default cipher list is empty or
the SSL library it was linked against reports a failure from its
C SSL_CTX_set_cipher_list() API.
- gh-117178: Fix regression in lazy loading of self-referential
modules, introduced in gh-114781.
- gh-117084: Fix zipfile extraction for directory entries with the
name containing backslashes on Windows.
- gh-117110: Fix a bug that prevents subclasses of typing.Any to
be instantiated with arguments. Patch by Chris Fu.
- gh-90872: On Windows, subprocess.Popen.wait() no longer calls
WaitForSingleObject() with a negative timeout: pass 0 ms if the
timeout is negative. Patch by Victor Stinner.
- gh-116957: configparser: Don’t leave ConfigParser values in an
invalid state (stored as a list instead of a str) after an
earlier read raised DuplicateSectionError or
DuplicateOptionError.
- gh-90095: Ignore empty lines and comments in .pdbrc
- gh-116764: Restore support of None and other false values in
urllib.parse functions parse_qs() and parse_qsl(). Also, they
now raise a TypeError for non-zero integers and non-empty
sequences.
- gh-116811: In PathFinder.invalidate_caches, delegate to
MetadataPathFinder.invalidate_caches.
- gh-116600: Fix repr() for global Flag members.
- gh-116484: Change automatically generated tkinter.Checkbutton
widget names to avoid collisions with automatically generated
tkinter.ttk.Checkbutton widget names within the same parent
widget.
- gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on
opening named pipe.
- gh-116143: Fix a race in pydoc _start_server, eliminating a
window in which _start_server can return a thread that is
“serving” but without a docserver set.
- gh-116325: typing: raise SyntaxError instead of AttributeError
on forward references as empty strings.
- gh-90535: Fix support of interval values > 1 in
logging.TimedRotatingFileHandler for when='MIDNIGHT' and
when='Wx'.
- gh-115978: Disable preadv(), readv(), pwritev(), and writev() on
WASI.
- Under wasmtime for WASI 0.2, these functions don’t pass
test_posix
(https://github.com/bytecodealliance/wasmtime/issues/7830).
- gh-88352: Fix the computation of the next rollover time in the
logging.TimedRotatingFileHandler handler. computeRollover() now
always returns a timestamp larger than the specified time and
works correctly during the DST change. doRollover() no longer
overwrite the already rolled over file, saving from data loss
when run at midnight or during repeated time at the DST change.
- gh-87115: Set __main__.__spec__ to None when running a script
with pdb
- gh-76511: Fix UnicodeEncodeError in email.Message.as_string()
that results when a message that claims to be in the ascii
character set actually has non-ascii characters. Non-ascii
characters are now replaced with the U+FFFD replacement
character, like in the replace error handler.
- gh-75988: Fixed unittest.mock.create_autospec() to pass the call
through to the wrapped object to return the real result.
- gh-115881: Fix issue where ast.parse() would incorrectly flag
conditional context managers (such as with (x() if y else z()):
...) as invalid syntax if feature_version=(3, 8) was passed.
This reverts changes to the grammar made as part of gh-94949.
- gh-115886: Fix silent truncation of the name with an embedded
null character in multiprocessing.shared_memory.SharedMemory.
- gh-115809: Improve algorithm for computing which rolled-over log
files to delete in logging.TimedRotatingFileHandler. It is now
reliable for handlers without namer and with arbitrary
deterministic namer that leaves the datetime part in the file
name unmodified.
- gh-74668: urllib.parse functions parse_qs() and parse_qsl() now
support bytes arguments containing raw and percent-encoded
non-ASCII data.
- gh-67044: csv.writer() now always quotes or escapes '\r' and
'\n', regardless of lineterminator value.
- gh-115712: csv.writer() now quotes empty fields if delimiter is
a space and skipinitialspace is true and raises exception if
quoting is not possible.
- gh-115618: Fix improper decreasing the reference count for None
argument in property methods getter(), setter() and deleter().
- gh-115570: A DeprecationWarning is no longer omitted on access
to the __doc__ attributes of the deprecated typing.io and
typing.re pseudo-modules.
- gh-112006: Fix inspect.unwrap() for types with the __wrapper__
data descriptor.
- gh-101293: Support callables with the __call__() method and
types with __new__() and __init__() methods set to class
methods, static methods, bound methods, partial functions, and
other types of methods and descriptors in
inspect.Signature.from_callable().
- gh-115392: Fix a bug in doctest where incorrect line numbers
would be reported for decorated functions.
- gh-114563: Fix several format() bugs when using the C
implementation of Decimal: * memory leak in some rare cases when
using the z format option (coerce negative 0) * incorrect output
when applying the z format option to type F (fixed-point with
capital NAN / INF) * incorrect output when applying the # format
option (alternate form)
- gh-115197: urllib.request no longer resolves the hostname before
checking it against the system’s proxy bypass list on macOS and
Windows.
- gh-115198: Fix support of Docutils >= 0.19 in distutils.
- gh-115165: Most exceptions are now ignored when attempting to
set the __orig_class__ attribute on objects returned when
calling typing generic aliases (including generic aliases
created using typing.Annotated). Previously only AttributeError
was ignored. Patch by Dave Shawley.
- gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.
- gh-115059: io.BufferedRandom.read1() now flushes the underlying
write buffer.
- gh-79382: Trailing ** no longer allows to match files and
non-existing paths in recursive glob().
- gh-114763: Protect modules loaded with importlib.util.LazyLoader
from race conditions when multiple threads try to access
attributes before the loading is complete.
- gh-97959: Fix rendering class methods, bound methods, method and
function aliases in pydoc. Class methods no longer have “method
of builtins.type instance” note. Corresponding notes are now
added for class and unbound methods. Method and function aliases
now have references to the module or the class where the origin
was defined if it differs from the current. Bound methods are
now listed in the static methods section. Methods of builtin
classes are now supported as well as methods of Python classes.
- gh-112281: Allow creating union of types for typing.Annotated
with unhashable metadata.
- gh-111775: Fix importlib.resources.simple.ResourceHandle.open()
for text mode, added missed stream argument.
- gh-90095: Make .pdbrc and -c work with any valid pdb commands.
- gh-107155: Fix incorrect output of help(x) where x is a lambda
function, which has an __annotations__ dictionary attribute with
a "return" key.
- gh-105866: Fixed _get_slots bug which caused error when defining
dataclasses with slots and a weakref_slot.
- gh-60346: Fix ArgumentParser inconsistent with parse_known_args.
- gh-100985: Update HTTPSConnection to consistently wrap IPv6
Addresses when using a proxy.
- gh-100884: email: fix misfolding of comma in address-lists
over multiple lines in combination with unicode encoding
(bsc#1238450 CVE-2025-1795)
- gh-95782: Fix io.BufferedReader.tell(),
io.BufferedReader.seek(), _pyio.BufferedReader.tell(),
io.BufferedRandom.tell(), io.BufferedRandom.seek() and
_pyio.BufferedRandom.tell() being able to return negative
offsets.
- gh-96310: Fix a traceback in argparse when all options in a
mutually exclusive group are suppressed.
- gh-93205: Fixed a bug in
logging.handlers.TimedRotatingFileHandler where multiple
rotating handler instances pointing to files with the same name
but different extensions would conflict and not delete the
correct files.
- bpo-44865: Add missing call to localization function in
argparse.
- bpo-43952: Fix multiprocessing.connection.Listener.accept() to
accept empty bytes as authkey. Not accepting empty bytes as key
causes it to hang indefinitely.
- bpo-42125: linecache: get module name from __spec__ if
available. This allows getting source code for the __main__
module when a custom loader is used.
- gh-66543: Make mimetypes.guess_type() properly parsing of URLs
with only a host name, URLs containing fragment or query, and
filenames with only a UNC sharepoint on Windows. Based on patch
by Dong-hee Na.
- bpo-33775: Add ‘default’ and ‘version’ help text for
localization in argparse.
* Documentation
- gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML
vulnerabilities”.
- gh-115233: Fix an example for LoggerAdapter in the Logging
Cookbook.
* Tests
- gh-83434: Disable JUnit XML output (--junit-xml=FILE command
line option) in regrtest when hunting for reference leaks (-R
option). Patch by Victor Stinner.
- gh-117187: Fix XML tests for vanilla Expat <2.6.0.
- gh-115979: Update test_importlib so that it passes under WASI
SDK 21.
- gh-116307: Added import helper isolated_modules as CleanImport
does not remove modules imported during the context.
- gh-115720: Leak tests (-R, --huntrleaks) now show a summary of
the number of leaks found in each iteration.
- gh-115122: Add --bisect option to regrtest test runner: run
failed tests with test.bisect_cmd to identify failing tests.
Patch by Victor Stinner.
- gh-115596: Fix ProgramPriorityTests in test_os permanently
changing the process priority.
- gh-115198: Fix test_check_metadata_deprecate in distutils tests
with a newer Docutils.
* Build
- gh-116313: Get WASI builds to work under wasmtime 18 w/ WASI
0.2/preview2 primitives.
- gh-115167: Avoid vendoring vcruntime140_threads.dll when
building with Visual Studio 2022 version 17.8.
* Windows
- gh-116773: Fix instances of <_overlapped.Overlapped object at
0xXXX> still has pending operation at deallocation, the process
may crash.
- gh-91227: Fix the asyncio ProactorEventLoop implementation so
that sending a datagram to an address that is not listening does
not prevent receiving any more datagrams.
- gh-115554: The installer now has more strict rules about
updating the Python Launcher for Windows. In general, most users
only have a single launcher installed and will see no
difference. When multiple launchers have been installed, the
option to install the launcher is disabled until all but one
have been removed. Downgrading the launcher (which was never
allowed) is now more obviously blocked.
- gh-115543: Python Launcher for Windows can now detect Python
3.13 when installed from the Microsoft Store, and will install
Python 3.12 by default when PYLAUNCHER_ALLOW_INSTALL is set.
- gh-115009: Update Windows installer to use SQLite 3.45.1.
* IDLE
- gh-88516: On macOS show a proxy icon in the title bar of editor
windows to match platform behaviour.
* Tools/Demos
- gh-113516: Don’t set LDSHARED when building for WASI.
* C API
- gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows
64-bit platforms.
- Add reference to CVE-2024-0450 (bsc#1221854) to changelog.
ImportantSUSE bug 1174091SUSE bug 1210638SUSE bug 1219559SUSE bug 1219666SUSE bug 1221854SUSE bug 1225660SUSE bug 1226447SUSE bug 1226448SUSE bug 1227378SUSE bug 1227999SUSE bug 1228165SUSE bug 1228780SUSE bug 1229596SUSE bug 1229704SUSE bug 1230227SUSE bug 1230906SUSE bug 1231795SUSE bug 1232241SUSE bug 1236705SUSE bug 1238450SUSE bug 1239210SUSE bug 831629CVE-2019-20907 at SUSECVE-2019-20907 at NVDCVE-2019-9947 at SUSECVE-2019-9947 at NVDCVE-2020-15523 at SUSECVE-2020-15523 at NVDCVE-2020-15801 at SUSECVE-2020-15801 at NVDCVE-2022-25236 at SUSECVE-2022-25236 at NVDCVE-2023-27043 at SUSECVE-2023-27043 at NVDCVE-2023-52425 at SUSECVE-2023-52425 at NVDCVE-2023-6597 at SUSECVE-2023-6597 at NVDCVE-2024-0397 at SUSECVE-2024-0397 at NVDCVE-2024-0450 at SUSECVE-2024-0450 at NVDCVE-2024-4030 at SUSECVE-2024-4030 at NVDCVE-2024-4032 at SUSECVE-2024-4032 at NVDCVE-2024-6232 at SUSECVE-2024-6232 at NVDCVE-2024-6923 at SUSECVE-2024-6923 at NVDCVE-2024-7592 at SUSECVE-2024-7592 at NVDCVE-2024-8088 at SUSECVE-2024-8088 at NVDCVE-2024-9287 at SUSECVE-2024-9287 at NVDCVE-2025-0938 at SUSECVE-2025-0938 at NVDCVE-2025-1795 at SUSECVE-2025-1795 at NVDcpe:/o:suse:sl-micro:6.0Security update for protobuf (Important)SUSE Linux Micro 6.0
This update for protobuf fixes the following issues:
- CVE-2024-2410: Fixed use after free when parsing JSON from a stream (bsc#1223947).
ImportantSUSE bug 1223947CVE-2024-2410 at SUSECVE-2024-2410 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-Jinja2 (Moderate)SUSE Linux Micro 6.0
This update for python-Jinja2 fixes the following issues:
- CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method (bsc#1238879).
ModerateSUSE bug 1238879CVE-2025-27516 at SUSECVE-2025-27516 at NVDcpe:/o:suse:sl-micro:6.0Security update for gnutls (Moderate)SUSE Linux Micro 6.0
This update for gnutls fixes the following issues:
- CVE-2024-12243: Fixed inefficient DER decoding in libtasn1 which could lead to a remote denial-of-service (bsc#1236974).
ModerateSUSE bug 1236974CVE-2024-12243 at SUSECVE-2024-12243 at NVDcpe:/o:suse:sl-micro:6.0Security update for ucode-intel (Important)SUSE Linux Micro 6.0
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20250211 release (bsc#1237096)
- Security updates for INTEL-SA-01166
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01166.html
* CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware
Logic for some Intel Processors may allow privileged user to
potentially enable denial of service via local access.
- Security updates for INTEL-SA-01213
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01213.html
* CVE-2024-36293: A potential security vulnerability in some Intel
Software Guard Extensions (Intel SGX) Platforms may allow denial
of service. Intel is releasing microcode updates to mitigate this
potential vulnerability.
- Security updates for INTEL-SA-01139
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html
* not clear which CVEs are fixed here, and which are in UEFI BIOS updates.
- Security updates for INTEL-SA-01228
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01228.html
* CVE-2024-39355: A potential security vulnerability in some
13th and 14th Generation Intel Core Processors may allow denial
of service. Intel is releasing microcode and UEFI reference code
updates to mitigate this potential vulnerability.
- Security updates for INTEL-SA-01194
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01194.html
* CVE-2024-37020: A potential security vulnerability in the Intel
Data Streaming Accelerator (Intel DSA) for some Intel Xeon Processors
may allow denial of service. Intel is releasing software updates to
mitigate this potential vulnerability.
- Update for functional issues. Refer to Intel Core Ultra Processor
https://cdrdv2.intel.com/v1/dl/getContent/792254 for details.
- Update for functional issues. Refer to 13th/14th
Generation Intel Core Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/740518 for details.
- Update for functional issues. Refer to 12th Generation Intel Core
Processor Family https://cdrdv2.intel.com/v1/dl/getContent/682436
for details.
- Update for functional issues. Refer to 11th Gen Intel Core Processor
Specification Update https://cdrdv2.intel.com/v1/dl/getContent/631123
for details.
- Update for functional issues. Refer to 8th and 9th
Generation Intel Core Processor Family Spec Update
https://cdrdv2.intel.com/v1/dl/getContent/337346 for details.
- Update for functional issues. Refer to 5th Gen
Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/793902 for details.
- Update for functional issues. Refer to 4th Gen
Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/772415 for details.
- Update for functional issues. Refer to 3rd Generation
Intel Xeon Processor Scalable Family Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/637780 for details.
- Update for functional issues. Refer to Intel Xeon D-2700 Processor
Specification Update https://cdrdv2.intel.com/v1/dl/getContent/714071
for details.
- Update for functional issues. Refer to Intel Xeon E-2300 Processor
Specification Update https://cdrdv2.intel.com/v1/dl/getContent/709192
for details.
- Update for functional issues. Refer to Intel
Xeon 6700-Series Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/820922 for details.
- Update for functional issues. Refer to Intel Processors and Intel Core
i3 N-Series https://cdrdv2.intel.com/v1/dl/getContent/764616 for details
### New Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| SRF-SP | C0 | 06-af-03/01 | | 03000330 |
Xeon 6700-Series Processors with E-Cores
### Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ADL | C0 | 06-97-02/07 | 00000037 | 00000038 | Core Gen12
| ADL | H0 | 06-97-05/07 | 00000037 | 00000038 | Core Gen12
| ADL | L0 | 06-9a-03/80 | 00000435 | 00000436 | Core Gen12
| ADL | R0 | 06-9a-04/80 | 00000435 | 00000436 | Core Gen12
| ADL-N | N0 | 06-be-00/19 | 0000001a | 0000001c |
Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E
| AZB | A0/R0 | 06-9a-04/40 | 00000007 | 00000009 | Intel(R) Atom(R) C1100
| CFL-H | R0 | 06-9e-0d/22 | 00000100 | 00000102 | Core Gen9 Mobile
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000f8 | 000000fa |
Core Gen8 Desktop, Mobile, Xeon E
| EMR-SP | A0 | 06-cf-01/87 | 21000283 | 21000291 | Xeon Scalable Gen5
| EMR-SP | A1 | 06-cf-02/87 | 21000283 | 21000291 | Xeon Scalable Gen5
| ICL-D | B0 | 06-6c-01/10 | 010002b0 | 010002c0 | Xeon D-17xx, D-27xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003e7 | 0d0003f5 | Xeon Scalable Gen3
| RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012b | 0000012c | Core Gen13/Gen14
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004123 | 00004124 | Core Gen13
| RPL-HX/S | C0 | 06-bf-02/07 | 00000037 | 00000038 | Core Gen13/Gen14
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004123 | 00004124 | Core Gen13
| RPL-S | H0 | 06-bf-05/07 | 00000037 | 00000038 | Core Gen13/Gen14
| RKL-S | B0 | 06-a7-01/02 | 00000062 | 00000063 | Core Gen11
| SPR-HBM | Bx | 06-8f-08/10 | 2c000390 | 2c0003e0 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4
| TWL | N0 | 06-be-00/19 | 0000001a | 0000001c |
Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E
### New Disclosures Updated in Prior Releases
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CFL-H/S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9
ImportantSUSE bug 1237096CVE-2024-31068 at SUSECVE-2024-31068 at NVDCVE-2024-36293 at SUSECVE-2024-36293 at NVDCVE-2024-37020 at SUSECVE-2024-37020 at NVDCVE-2024-39355 at SUSECVE-2024-39355 at NVDcpe:/o:suse:sl-micro:6.0Security update for openssh (Important)SUSE Linux Micro 6.0
This update for openssh fixes the following issues:
- CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (bsc#1237040).
- CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server (bsc#1237041).
Other bugfixes:
- Fix ssh client segfault with GSSAPIKeyExchange=yes in ssh_kex2 due to gssapi proposal not being correctly initialized (bsc#1236826).
- Add #include <stdlib.h> in some files added by the ldap patch to fix build with gcc14 (bsc#1225904).
- Added missing struct initializer, added missing parameter (bsc#1222840).
- Remove OPENSSL_HAVE_EVPGCM-ifdef, which is no longer supported by upstream (bsc#1221928).
- Use %config(noreplace) for sshd_config. In any case, it's recommended to drop a file in sshd_config.d instead of editing sshd_config (bsc#1221063).
- Add a patch to fix a regression introduced in 9.6 that makes X11 forwarding very slow (bsc#1229449).
- Drop keycat binary that is not supported, except of the code that is used by other SELinux patches (bsc#1229072).
- Fix RFC4256 implementation that keyboard-interactive authentication method can send instructions and sshd shows them to users (bsc#1229010).
- Add attempts to mitigate instances of secrets lingering in memory after a session exits (bsc#1186673, bsc#1213004, bsc#1213008).
- Remove empty line at the end of sshd-sle.pamd (bsc#1227456)
ImportantSUSE bug 1186673SUSE bug 1213004SUSE bug 1213008SUSE bug 1221063SUSE bug 1221928SUSE bug 1222840SUSE bug 1225904SUSE bug 1227456SUSE bug 1229010SUSE bug 1229072SUSE bug 1229449SUSE bug 1236826SUSE bug 1237040SUSE bug 1237041CVE-2025-26465 at SUSECVE-2025-26465 at NVDCVE-2025-26466 at SUSECVE-2025-26466 at NVDcpe:/o:suse:sl-micro:6.0Security update for libX11 (Moderate)SUSE Linux Micro 6.0
This update for libX11 fixes the following issues:
- CVE-2025-26597: Fixed buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
ModerateSUSE bug 1237431CVE-2025-26597 at SUSECVE-2025-26597 at NVDcpe:/o:suse:sl-micro:6.0Security update for libtasn1 (Important)SUSE Linux Micro 6.0
This update for libtasn1 fixes the following issues:
- CVE-2024-12133: Fixed potential DoS in handling of numerous SEQUENCE OF or SET OF elements (bsc#1236878).
ImportantSUSE bug 1236878CVE-2024-12133 at SUSECVE-2024-12133 at NVDcpe:/o:suse:sl-micro:6.0Security update for glib2 (Low)SUSE Linux Micro 6.0
This update for glib2 fixes the following issues:
- Fixed a possible use after free regression introduced by CVE-2024-34397 patch (bsc#1224044).
LowSUSE bug 1224044CVE-2024-34397 at SUSECVE-2024-34397 at NVDcpe:/o:suse:sl-micro:6.0Security update for libxml2 (Important)SUSE Linux Micro 6.0
This update for libxml2 fixes the following issues:
- CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363).
- CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c (bsc#1237370).
- CVE-2025-27113: Fixed NULL Pointer Dereference in xmlPatMatch (bsc#1237418).
ImportantSUSE bug 1237363SUSE bug 1237370SUSE bug 1237418CVE-2024-56171 at SUSECVE-2024-56171 at NVDCVE-2025-24928 at SUSECVE-2025-24928 at NVDCVE-2025-27113 at SUSECVE-2025-27113 at NVDcpe:/o:suse:sl-micro:6.0Security update for skopeo (Important)SUSE Linux Micro 6.0
This update for skopeo fixes the following issues:
- CVE-2025-22870: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs (bsc#1238685)
- CVE-2025-27144: gopkg.in/square/go-jose.v2,gopkg.in/go-jose/go-jose.v2,github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: Go JOSE's Parsing Vulnerable to Denial of Service (bsc#1237613)
- CVE-2024-6104: hashicorp/go-retryablehttp: url might write sensitive information to log file (bsc#1227056)
- CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers (bsc#1236483)
ImportantSUSE bug 1227056SUSE bug 1236483SUSE bug 1237613SUSE bug 1238685CVE-2023-45288 at SUSECVE-2023-45288 at NVDCVE-2024-6104 at SUSECVE-2024-6104 at NVDCVE-2025-22870 at SUSECVE-2025-22870 at NVDCVE-2025-27144 at SUSECVE-2025-27144 at NVDcpe:/o:suse:sl-micro:6.0Security update for procps (Moderate)SUSE Linux Micro 6.0
This update for procps fixes the following issues:
- Fixed regression introduced with the CVE-2023-4016 fix. The ps command
segfaults when pid argument has a leading space (bsc#1236842).
ModerateSUSE bug 1236842CVE-2023-4016 at SUSECVE-2023-4016 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-requests (Moderate)SUSE Linux Micro 6.0
This update for python-requests fixes the following issues:
- Update to 2.32.2
* To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0,
we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing
custom HTTPAdapters will need to migrate their code to use this new API. get_connection is
considered deprecated in all versions of Requests>=2.32.0.
- Update to 2.32.1
* Fixed an issue where setting verify=False on the first request from a Session
will cause subsequent requests to the same origin to also ignore cert verification,
regardless of the value of verify. (bsc#1224788, CVE-2024-35195)
* verify=True now reuses a global SSLContext which should improve request time
variance between first and subsequent requests.
* Requests now supports optional use of character detection (chardet or charset_normalizer)
when repackaged or vendored. This enables pip and other projects to minimize their
vendoring surface area.
* Requests has officially added support for CPython 3.12 and dropped support for CPython 3.7.
* Starting in Requests 2.33.0, Requests will migrate to a PEP 517 build system using hatchling.
ModerateSUSE bug 1224788CVE-2024-35195 at SUSECVE-2024-35195 at NVDcpe:/o:suse:sl-micro:6.0Security update for elemental-operator (Important)SUSE Linux Micro 6.0
This update for elemental-operator fixes the following issues:
- Updated to version 1.6.8:
* Deactivated e2e workflow
* Updated header year
* CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238700)
* CVE-2025-22869: golang.org/x/crypto/ssh: Fixed Denial of Service in the Key Exchange (bsc#1239335)
ImportantSUSE bug 1238700SUSE bug 1239335CVE-2025-22869 at SUSECVE-2025-22869 at NVDCVE-2025-22870 at SUSECVE-2025-22870 at NVDcpe:/o:suse:sl-micro:6.0Security update for git (Moderate)SUSE Linux Micro 6.0
This update for git fixes the following issues:
- CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites (bsc#1235600).
- CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers (bsc#1235601).
ModerateSUSE bug 1235600SUSE bug 1235601CVE-2024-50349 at SUSECVE-2024-50349 at NVDCVE-2024-52006 at SUSECVE-2024-52006 at NVDcpe:/o:suse:sl-micro:6.0Security update for helm (Important)SUSE Linux Micro 6.0
This update for helm fixes the following issues:
- Update to version 3.17.2 (bsc#1238688, CVE-2025-22870):
* Updating to 0.37.0 for x/net
* build(deps): bump the k8s-io group with 7 updates
- Update to version 3.17.1:
* merge null child chart objects
* build(deps): bump the k8s-io group with 7 updates
* fix: check group for resource info match
- Update to 3.17.0 (bsc#1235318, CVE-2024-45338):
Full changelog:
https://github.com/helm/helm/releases/tag/v3.17.0
* Notable Changes
- Allow pulling and installation by OCI digest
- Annotations and dependencies are now in chart metadata output
- New --take-ownership flag for install and upgrade commands
- SDK: Authorizer and registry authorizer are now configurable
- Removed the Kubernetes configuration file permissions check
- Added username/password to helm push and dependency
build/update subcommands
- Added toYamlPretty template function
- Update to version 3.16.4 (bsc#1234482, CVE-2024-45337):
* Bump golang.org/x/crypto from 0.30.0 to 0.31.0
* Bump the k8s-io group with 7 updates
ImportantSUSE bug 1219969SUSE bug 1220207SUSE bug 1234482SUSE bug 1235318SUSE bug 1238688CVE-2024-25620 at SUSECVE-2024-25620 at NVDCVE-2024-26147 at SUSECVE-2024-26147 at NVDCVE-2024-45337 at SUSECVE-2024-45337 at NVDCVE-2024-45338 at SUSECVE-2024-45338 at NVDCVE-2025-22870 at SUSECVE-2025-22870 at NVDcpe:/o:suse:sl-micro:6.0Security update for podman (Important)SUSE Linux Micro 6.0
This update for podman fixes the following issues:
- CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239330).
ImportantSUSE bug 1239330CVE-2024-6104 at SUSECVE-2024-6104 at NVDCVE-2025-22869 at SUSECVE-2025-22869 at NVDCVE-2025-27144 at SUSECVE-2025-27144 at NVDcpe:/o:suse:sl-micro:6.0Security update for pam_pkcs11 (Important)SUSE Linux Micro 6.0
This update for pam_pkcs11 fixes the following issues:
- CVE-2025-24031: Fixed segmentation fault on ctrl-c/ctrl-d when asked for PIN (bsc#1237058).
- CVE-2025-24032: Fixed authentication bypass with default value for `cert_policy` (`none`) (bsc#1237062).
ImportantSUSE bug 1237058SUSE bug 1237062CVE-2025-24031 at SUSECVE-2025-24031 at NVDCVE-2025-24032 at SUSECVE-2025-24032 at NVDcpe:/o:suse:sl-micro:6.0Security update for libxslt (Important)SUSE Linux Micro 6.0
This update for libxslt fixes the following issues:
* CVE-2025-24855: Fix use-after-free of XPath context node (bsc#1239625)
* CVE-2024-55549: Fix UAF related to excluded namespaces (bsc#1239637)
* CVE-2023-40403: Make generate-id() deterministic (bsc#1238591)
ImportantSUSE bug 1238591SUSE bug 1239625SUSE bug 1239637CVE-2023-40403 at SUSECVE-2023-40403 at NVDCVE-2024-55549 at SUSECVE-2024-55549 at NVDCVE-2025-24855 at SUSECVE-2025-24855 at NVDcpe:/o:suse:sl-micro:6.0Security update for curl (Moderate)SUSE Linux Micro 6.0
This update for curl fixes the following issues:
Security issues fixed:
- CVE-2024-7264: ASN.1 date parser overread (bsc#1228535)
- CVE-2024-6197: Freeing stack buffer in utf8asn1str (bsc#1227888)
- CVE-2024-2379: QUIC certificate check bypass with wolfSSL (bsc#1221666)
- CVE-2024-2466: TLS certificate check bypass with mbedTLS (bsc#1221668)
- CVE-2024-2004: Usage of disabled protocol (bsc#1221665)
- CVE-2024-2398: HTTP/2 push headers memory-leak (bsc#1221667)
Non-security issue fixed:
- Fixed various TLS related issues including FTP over SSL transmission timeouts.
ModerateSUSE bug 1221665SUSE bug 1221666SUSE bug 1221667SUSE bug 1221668SUSE bug 1227888SUSE bug 1228535CVE-2024-2004 at SUSECVE-2024-2004 at NVDCVE-2024-2379 at SUSECVE-2024-2379 at NVDCVE-2024-2398 at SUSECVE-2024-2398 at NVDCVE-2024-2466 at SUSECVE-2024-2466 at NVDCVE-2024-6197 at SUSECVE-2024-6197 at NVDCVE-2024-7264 at SUSECVE-2024-7264 at NVDcpe:/o:suse:sl-micro:6.0Security update for freetype2 (Important)SUSE Linux Micro 6.0
This update for freetype2 fixes the following issues:
Update to 2.13.2:
* Some fields in the `FT_Outline` structure have been changed
from signed to unsigned type, which better reflects the actual
usage. It is also an additional means to protect against
malformed input.
* Rare double-free crashes in the cache subsystem have been fixed.
* Excessive stack allocation in the autohinter has been fixed.
* The B/W rasterizer has received a major upkeep that results in
large performance improvements. The rendering speed has
increased and even doubled for very complex glyphs.
ImportantSUSE bug 1035807SUSE bug 1036457SUSE bug 1079600SUSE bug 1198823SUSE bug 1198830SUSE bug 1198832SUSE bug 867620CVE-2014-2240 at SUSECVE-2014-2240 at NVDCVE-2014-2241 at SUSECVE-2014-2241 at NVDCVE-2017-8105 at SUSECVE-2017-8105 at NVDCVE-2017-8287 at SUSECVE-2017-8287 at NVDCVE-2022-27404 at SUSECVE-2022-27404 at NVDCVE-2022-27405 at SUSECVE-2022-27405 at NVDCVE-2022-27406 at SUSECVE-2022-27406 at NVDcpe:/o:suse:sl-micro:6.0Security update for docker (Important)SUSE Linux Micro 6.0
This update for docker fixes the following issues:
- Updated to docker-buildx v0.22.0.
- Updated to Docker 27.5.1-ce.
- CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints (bsc#1239765)
- CVE-2025-22868: Fixed golang.org/x/oauth2/jws: Unexpected memory
consumption during token parsing in golang.org/x/oauth2 (bsc#1239185)
- CVE-2025-22869: Fixed golang.org/x/crypto/ssh: Denial of Service in
the Key Exchange of golang.org/x/crypto/ssh (bsc#1239322).
- CVE-2024-29018:moby: external DNS requests from 'internal' networks could lead to data exfiltration (bsc#1234089)
- Make container-selinux requirement conditional on selinux-policy (bsc#1237367)
ImportantSUSE bug 1223409SUSE bug 1234089SUSE bug 1237335SUSE bug 1237367SUSE bug 1239185SUSE bug 1239322SUSE bug 1239765CVE-2024-29018 at SUSECVE-2024-29018 at NVDCVE-2025-0495 at SUSECVE-2025-0495 at NVDCVE-2025-22868 at SUSECVE-2025-22868 at NVDCVE-2025-22869 at SUSECVE-2025-22869 at NVDcpe:/o:suse:sl-micro:6.0Security update for u-boot (Moderate)SUSE Linux Micro 6.0
This update for u-boot fixes the following issues:
- CVE-2024-57256: Fixed integer overflow in U-Boot's ext4 symlink resolution function (bsc#1237284)
- CVE-2024-57258: Fixed multiple integer overflows in U-Boot's memory allocator (bsc#1237287)
ModerateSUSE bug 1237284SUSE bug 1237287CVE-2024-57256 at SUSECVE-2024-57256 at NVDCVE-2024-57258 at SUSECVE-2024-57258 at NVDcpe:/o:suse:sl-micro:6.0Security update for expat (Important)SUSE Linux Micro 6.0
This update for expat fixes the following issues:
Version update to 2.7.1:
* Bug fixes:
* Restore event pointer behavior from Expat 2.6.4 (that the fix to CVE-2024-8176 changed in 2.7.0);
affected API functions are:
- XML_GetCurrentByteCount
- XML_GetCurrentByteIndex
- XML_GetCurrentColumnNumber
- XML_GetCurrentLineNumber
- XML_GetInputContext
* Other changes:
#976 #977 Autotools: Integrate files "fuzz/xml_lpm_fuzzer.{cpp,proto}"
with Automake that were missing from 2.7.0 release tarballs
#983 #984 Fix printf format specifiers for 32bit Emscripten
#992 docs: Promote OpenSSF Best Practices self-certification
#978 tests/benchmark: Resolve mistaken double close
#986 Address compiler warnings
#990 #993 Version info bumped from 11:1:10 (libexpat*.so.1.10.1)
to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/
for what these numbers do
Infrastructure:
#982 CI: Start running Perl XML::Parser integration tests
#987 CI: Enforce Clang Static Analyzer clean code
#991 CI: Re-enable warning clang-analyzer-valist.Uninitialized
for clang-tidy
#981 CI: Cover compilation with musl
#983 #984 CI: Cover compilation with 32bit Emscripten
#976 #977 CI: Protect against fuzzer files missing from future
release archives
Version update to 2.7.0 (CVE-2024-8176 [bsc#1239618])
* Security fixes:
* CVE-2024-8176 -- Fix crash from chaining a large number
of entities caused by stack overflow by resolving use of
recursion, for all three uses of entities:
- general entities in character data ("<e>&g1;</e>")
- general entities in attribute values ("<e k1='&g1;'/>")
- parameter entities ("%p1;")
Known impact is (reliable and easy) denial of service:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C
(Base Score: 7.5, Temporal Score: 7.2)
Please note that a layer of compression around XML can
significantly reduce the minimum attack payload size.
* Other changes:
* Document changes since the previous release
* Version info bumped from 11:0:10 (libexpat*.so.1.10.0)
to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/
for what these numbers do
Version update to 2.6.4:
* Security fixes: [bsc#1232601][bsc#1232579]
* CVE-2024-50602 -- Fix crash within function XML_ResumeParser
from a NULL pointer dereference by disallowing function
XML_StopParser to (stop or) suspend an unstarted parser.
A new error code XML_ERROR_NOT_STARTED was introduced to
properly communicate this situation. // CWE-476 CWE-754
* Other changes:
* Version info bumped from 10:3:9 (libexpat*.so.1.9.3)
to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/
for what these numbers do
Update to 2.6.3:
* Security fixes:
- CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with
len < 0 without noticing and then calling XML_GetBuffer
will have XML_ParseBuffer fail to recognize the problem
and XML_GetBuffer corrupt memory.
With the fix, XML_ParseBuffer now complains with error
XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse
has been doing since Expat 2.2.1, and now documented.
Impact is denial of service to potentially artitrary code
execution.
- CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an
integer overflow for nDefaultAtts on 32-bit platforms
(where UINT_MAX equals SIZE_MAX).
Impact is denial of service to potentially artitrary code
execution.
- CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can
have an integer overflow for m_groupSize on 32-bit
platforms (where UINT_MAX equals SIZE_MAX).
Impact is denial of service to potentially artitrary code
execution.
* Other changes:
- Version info bumped from 10:2:9 (libexpat*.so.1.9.2)
to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/
for what these numbers do
Update to 2.6.2:
* CVE-2024-28757 -- Prevent billion laughs attacks with isolated
use of external parsers (bsc#1221289)
* Reject direct parameter entity recursion and avoid the related
undefined behavior
Update to 2.6.1:
* Expose billion laughs API with XML_DTD defined and XML_GE
undefined, regression from 2.6.0
* Make tests independent of CPU speed, and thus more robust
Update to 2.6.0:
* Security fixes:
- CVE-2023-52425 (bsc#1219559)
Fix quadratic runtime issues with big tokens
that can cause denial of service, in partial where
dealing with compressed XML input. Applications
that parsed a document in one go -- a single call to
functions XML_Parse or XML_ParseBuffer -- were not affected.
The smaller the chunks/buffers you use for parsing
previously, the bigger the problem prior to the fix.
Backporters should be careful to no omit parts of
pull request #789 and to include earlier pull request #771,
in order to not break the fix.
- CVE-2023-52426 (bsc#1219561)
Fix billion laughs attacks for users
compiling *without* XML_DTD defined (which is not common).
Users with XML_DTD defined have been protected since
Expat >=2.4.0 (and that was CVE-2013-0340 back then).
* Bug fixes:
- Fix parse-size-dependent "invalid token" error for
external entities that start with a byte order mark
- Fix NULL pointer dereference in setContext via
XML_ExternalEntityParserCreate for compilation with
XML_DTD undefined
- Protect against closing entities out of order
* Other changes:
- Improve support for arc4random/arc4random_buf
- Improve buffer growth in XML_GetBuffer and XML_Parse
- xmlwf: Support --help and --version
- xmlwf: Support custom buffer size for XML_GetBuffer and read
- xmlwf: Improve language and URL clickability in help output
- examples: Add new example "element_declarations.c"
- Be stricter about macro XML_CONTEXT_BYTES at build time
- Make inclusion to expat_config.h consistent
- Autotools: configure.ac: Support --disable-maintainer-mode
- Autotools: Sync CMake templates with CMake 3.26
- Autotools: Make installation of shipped man page doc/xmlwf.1
independent of docbook2man availability
- Autotools|CMake: Add missing -DXML_STATIC to pkg-config file
section "Cflags.private" in order to fix compilation
against static libexpat using pkg-config on Windows
- Autotools|CMake: Require a C99 compiler
(a de-facto requirement already since Expat 2.2.2 of 2017)
- Autotools|CMake: Fix PACKAGE_BUGREPORT variable
- Autotools|CMake: Make test suite require a C++11 compiler
- CMake: Require CMake >=3.5.0
- CMake: Lowercase off_t and size_t to help a bug in Meson
- CMake: Sort xmlwf sources alphabetically
- CMake|Windows: Fix generation of DLL file version info
- CMake: Build tests/benchmark/benchmark.c as well for
a build with -DEXPAT_BUILD_TESTS=ON
- docs: Document the importance of isFinal + adjust tests
accordingly
- docs: Improve use of "NULL" and "null"
- docs: Be specific about version of XML (XML 1.0r4)
and version of C (C99); (XML 1.0r5 will need a sponsor.)
- docs: reference.html: Promote function XML_ParseBuffer more
- docs: reference.html: Add HTML anchors to XML_* macros
- docs: reference.html: Upgrade to OK.css 1.2.0
- docs: Fix typos
- docs|CI: Use HTTPS URLs instead of HTTP at various places
- Address compiler warnings
- Address clang-tidy warnings
- Version info bumped from 9:10:8 (libexpat*.so.1.8.10)
to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/
for what these numbers do
ImportantSUSE bug 1219559SUSE bug 1219561SUSE bug 1221289SUSE bug 1229930SUSE bug 1229931SUSE bug 1229932SUSE bug 1232579SUSE bug 1232601SUSE bug 1239618CVE-2013-0340 at SUSECVE-2013-0340 at NVDCVE-2019-15903 at SUSECVE-2019-15903 at NVDCVE-2023-52425 at SUSECVE-2023-52425 at NVDCVE-2023-52426 at SUSECVE-2023-52426 at NVDCVE-2024-28757 at SUSECVE-2024-28757 at NVDCVE-2024-45490 at SUSECVE-2024-45490 at NVDCVE-2024-45491 at SUSECVE-2024-45491 at NVDCVE-2024-45492 at SUSECVE-2024-45492 at NVDCVE-2024-50602 at SUSECVE-2024-50602 at NVDCVE-2024-8176 at SUSECVE-2024-8176 at NVDcpe:/o:suse:sl-micro:6.0Security update for elemental-toolkit (Important)SUSE Linux Micro 6.0
This update for elemental-toolkit fixes the following issues:
- Updated to version 2.1.3:
* Simplify podman calls in CI steup
* Switched GHA runners to Ubuntu 24.04
* Updated year in headers
* Updated to go1.23, required by the new x/crypto module
* CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs (bsc#1238700)
* CVE-2025-22869: golang.org/x/crypto/ssh: Fixed Denial of Service in the Key Exchange (bsc#1239335)
ImportantSUSE bug 1238700SUSE bug 1239335CVE-2025-22869 at SUSECVE-2025-22869 at NVDCVE-2025-22870 at SUSECVE-2025-22870 at NVDcpe:/o:suse:sl-micro:6.0Security update for gpg2 (Low)SUSE Linux Micro 6.0
This update for gpg2 fixes the following issues:
- CVE-2025-30258: Fixed DoS due to a malicious subkey in the keyring (bsc#1239119)
LowSUSE bug 1239119CVE-2025-30258 at SUSECVE-2025-30258 at NVDcpe:/o:suse:sl-micro:6.0Security update for containerd (Moderate)SUSE Linux Micro 6.0
This update for containerd fixes the following issues:
- Updated containerd to v1.7.27.
- CVE-2024-40635: Fixed integer overflow in User ID handling (bsc#1239749).
ModerateSUSE bug 1239749CVE-2024-40635 at SUSECVE-2024-40635 at NVDcpe:/o:suse:sl-micro:6.0Security update for unbound (Important)SUSE Linux Micro 6.0
This update for unbound fixes the following issues:
- Update to 1.20.0:
Features:
* The config for discard-timeout, wait-limit, wait-limit-cookie,
wait-limit-netblock and wait-limit-cookie-netblock was added,
for the fix to the DNSBomb issue.
* Merge GH#1027: Introduce 'cache-min-negative-ttl' option.
* Merge GH#1043 from xiaoxiaoafeifei: Add loongarch support;
updates config.guess(2024-01-01) and config.sub(2024-01-01),
verified with upstream.
* Implement cachedb-check-when-serve-expired: yes option, default
is enabled. When serve expired is enabled with cachedb, it
first checks cachedb before serving the expired response.
* Fix GH#876: [FR] can unbound-checkconf be silenced when
configuration is valid?
Bug Fixes:
* Fix for the DNSBomb vulnerability CVE-2024-33655. Thanks to
Xiang Li from the Network and Information Security Lab of
Tsinghua University for reporting it.
* Update doc/unbound.doxygen with 'doxygen -u'. Fixes option
deprecation warnings and updates with newer defaults.
* Remove unused portion from iter_dname_ttl unit test.
* Fix validator classification of qtype DNAME for positive and
redirection answers, and fix validator signature routine for
dealing with the synthesized CNAME for a DNAME without
previously encountering it and also for when the qtype is
DNAME.
* Fix qname minimisation for reply with a DNAME for qtype CNAME
that answers it.
* Fix doc test so it ignores but outputs unsupported doxygen
options.
* Fix GH#1021 Inconsistent Behavior with Changing
rpz-cname-override and doing a unbound-control reload.
* Merge GH#1028: Clearer documentation for tcp-idle-timeout and
edns-tcp-keepalive-timeout.
* Fix GH#1029: rpz trigger clientip and action rpz-passthru not
working as expected.
* Fix rpz that the rpz override is taken in case of clientip
triggers. Fix that the clientip passthru action is logged. Fix
that the clientip localdata action is logged. Fix rpz override
action cname for the clientip trigger.
* Fix to unify codepath for local alias for rpz cname action
override.
* Fix rpz for cname override action after nsdname and nsip
triggers.
* Fix that addrinfo is not kept around but copied and freed, so
that log-destaddr uses a copy of the information, much like NSD
does.
* Merge GH#1030: Persist the openssl and expat directories for
repeated Windows builds.
* Fix that rpz CNAME content is limited to the max number of
cnames.
* Fix rpz, it follows iterator CNAMEs for nsip and nsdname and
sets the reply query_info values, that is better for debug
logging.
* Fix rpz that copies the cname override completely to the temp
region, so there are no references to the rpz region.
* Add rpz unit test for nsip action override.
* Fix rpz for qtype CNAME after nameserver trigger.
* Fix rpz so that rpz CNAME can apply after rpz CNAME. And fix
that clientip and nsip can give a CNAME.
* Fix localdata and rpz localdata to match CNAME only if no
direct type match is available.
* Merge GH#831 from Pierre4012: Improve Windows NSIS installer
script (setup.nsi).
* For GH#831: Format text, use exclamation icon and explicit label
names.
* Fix name of unit test for subnet cache response.
* Fix GH#1032: The size of subnet_msg_cache calculation mistake
cause memory usage increased beyond expectations.
* Fix for GH#1032, add safeguard to make table space positive.
* Fix comment in lruhash space function.
* Fix to add unit test for lruhash space that exercises the
routines.
* Fix that when the server truncates the pidfile, it does not
follow symbolic links.
* Fix that the server does not chown the pidfile.
* Fix GH#1034: DoT forward-zone via unbound-control.
* Fix for crypto related failures to have a better error string.
* Fix GH#1035: Potential Bug while parsing port from the
"stub-host" string; also affected forward-zones and
remote-control host directives.
* Fix GH#369: dnstap showing extra responses; for client responses
right from the cache when replying with expired data or
prefetching.
* Fix GH#1040: fix heap-buffer-overflow issue in function
cfg_mark_ports of file util/config_file.c.
* For GH#1040: adjust error text and disallow negative ports in
other parts of cfg_mark_ports.
* Fix comment syntax for view function views_find_view.
* Fix GH#595: unbound-anchor cannot deal with full disk; it will
now first write out to a temp file before replacing the
original one, like Unbound already does for
auto-trust-anchor-file.
* Fixup compile without cachedb.
* Add test for cachedb serve expired.
* Extended test for cachedb serve expired.
* Fix makefile dependencies for fake_event.c.
* Fix cachedb for serve-expired with serve-expired-reply-ttl.
* Fix to not reply serve expired unless enabled for cachedb.
* Fix cachedb for serve-expired with
serve-expired-client-timeout.
* Fixup unit test for cachedb server expired client timeout with
a check if response if from upstream or from cachedb.
* Fixup cachedb to not refetch when serve-expired-client-timeout
is used.
* Merge GH#1049 from Petr Menš?k: Py_NoSiteFlag is not needed since
Python 3.8
* Fix GH#1048: Update ax_pkg_swig.m4 and ax_pthread.m4.
* Fix configure, autoconf for GH#1048.
* Add checklock feature verbose_locking to trace locks and
unlocks.
* Fix edns subnet to sort rrset references when storing messages
in the cache. This fixes a race condition in the rrset locks.
* Merge GH#1053: Remove child delegations from cache when
grandchild delegations are returned from parent.
* Fix ci workflow for macos for moved install locations.
* Fix configure flto check error, by finding grep for it.
* Merge GH#1041: Stub and Forward unshare. This has one structure
for them and fixes GH#1038: fatal error: Could not initialize
thread / error: reading root hints.
* Fix to disable fragmentation on systems with IP_DONTFRAG, with
a nonzero value for the socket option argument.
* Fix doc unit test for out of directory build.
* Fix cachedb with serve-expired-client-timeout disabled. The
edns subnet module deletes global cache and cachedb cache when
it stores a result, and serve-expired is enabled, so that the
global reply, that is older than the ecs reply, does not return
after the ecs reply expires.
* Add unit tests for cachedb and subnet cache expired data.
* Man page entry for unbound-checkconf -q.
* Cleanup unnecessary strdup calls for EDE strings.
* Fix doxygen comment for errinf_to_str_bogus.
- Update to 1.19.3:
* Features:
- Merge PR #973: Use the origin (DNAME) TTL for synthesized
CNAMEs as per RFC 6672.
* Bug Fixes
- Fix unit test parse of origin syntax.
- Use 127.0.0.1 explicitly in tests to avoid delays and errors
on newer systems.
- Fix #964: config.h.in~ backup file in release tar balls.
- Merge #968: Replace the obsolescent fgrep with grep -F in
tests.
- Merge #971: fix 'WARNING: Message has 41 extra bytes at end'.
- Fix #969: [FR] distinguish Do53, DoT and DoH in the logs.
- Fix dnstap that assertion failed on logging other than UDP
and TCP traffic. It lists it as TCP traffic.
- Fix to sync the tests script file common.sh.
- iana portlist update.
- Updated IPv4 and IPv6 address for b.root-servers.net in root
hints.
- Update test script file common.sh.
- Fix tests to use new common.sh functions, wait_logfile and
kill_from_pidfile.
- Fix #974: doc: default number of outgoing ports without
libevent.
- Merge #975: Fixed some syntax errors in rpl files.
- Fix root_zonemd unit test, it checks that the root ZONEMD
verifies, now that the root has a valid ZONEMD.
- Update example.conf with cookie options.
- Merge #980: DoH: reject non-h2 early. To fix #979: Improve
errors for non-HTTP/2 DoH clients.
- Merge #985: Add DoH and DoT to dnstap message.
- Fix #983: Sha1 runtime insecure change was incomplete.
- Remove unneeded newlines and improve indentation in remote
control code.
- Merge #987: skip edns frag retry if advertised udp payload
size is not smaller.
- Fix unit test for #987 change in udp1xxx retry packet send.
- Merge #988: Fix NLnetLabs#981: dump_cache truncates large
records.
- Fix to link with -lcrypt32 for OpenSSL 3.2.0 on Windows.
- Fix to link with libssp for libcrypto and getaddrinfo check
for only header. Also update crosscompile to remove ssp for
32bit.
- Merge #993: Update b.root-servers.net also in example config
file.
- Update workflow for ports to use newer openssl on windows
compile.
- Fix warning for windres on resource files due to
redefinition.
- Fix for #997: Print details for SSL certificate failure.
- Update error printout for duplicate trust anchors to include
the trust anchor name (relates to #920).
- Update message TTL when using cached RRSETs. It could result
in non-expired messages with expired RRSETs (non-usable
messages by Unbound).
- Merge #999: Search for protobuf-c with pkg-config.
- Fix #1006: Can't find protobuf-c package since #999.
- Fix documentation for access-control in the unbound.conf man
page.
- Merge #1010: Mention REFUSED has the TC bit set with
unmatched allow_cookie acl in the manpage. It also fixes the
code to match the documentation about clients with a valid
cookie that bypass the ratelimit regardless of the
allow_cookie acl.
- Document the suspend argument for process_ds_response().
- Move github workflows to use checkoutv4.
- Fix edns subnet replies for scope zero answers to not get
stored in the global cache, and in cachedb, when the upstream
replies without an EDNS record.
- Fix for #1022: Fix ede prohibited in access control refused
answers.
- Fix unbound-control-setup.cmd to use 3072 bits so that
certificates are long enough for newer OpenSSL versions.
- Fix TTL of synthesized CNAME when a DNAME is used from cache.
- Fix unbound-control-setup.cmd to have CA v3 basicConstraints,
like unbound-control-setup.sh has.
- Update to 1.19.2:
* Bug Fixes:
- Fix CVE-2024-1931, Denial of service when trimming EDE text
on positive replies.
[bsc#1221164]
- Update to 1.19.1:
* Bug Fixes: [bsc#1219823, CVE-2023-50387][bsc#1219826, CVE-2023-50868]
- Fix CVE-2023-50387, DNSSEC verification complexity can be
exploited to exhaust CPU resources and stall DNS resolvers.
- Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU.
- as we use --disable-explicit-port-randomisation, also disable
outgoing-port-permit and outgoing-port-avoid in config file to
suppress the related unbound-checkconf warnings on every start
- Update to 1.19.0:
* Features:
- Fix #850: [FR] Ability to use specific database in Redis, with
new redis-logical-db configuration option.
- Merge #944: Disable EDNS DO. Disable the EDNS DO flag in upstream
requests. This can be helpful for devices that cannot handle
DNSSEC information. But it should not be enabled otherwise, because
that would stop DNSSEC validation. The DNSSEC validation would not
work for Unbound itself, and also not for downstream users. Default
is no. The option is disable-edns-do: no
- Expose the script filename in the Python module environment 'mod_env'
instead of the config_file structure which includes the linked list
of scripts in a multi Python module setup; fixes #79.
- Expose the configured listening and outgoing interfaces, if any, as
a list of strings in the Python 'config_file' class instead of the
current Swig object proxy; fixes #79.
- Mailing list patches from Daniel Gr?ber for DNS64 fallback to plain
AAAA when no A record exists for synthesis, and minor DNS64 code
refactoring for better readability.
- Merge #951: Cachedb no store. The cachedb-no-store: yes option is
used to stop cachedb from writing messages to the backend storage.
It reads messages when data is available from the backend.
The default is no.
* Bug Fixes:
- Fix for version generation race condition that ignored changes.
- Fix #942: 1.18.0 libunbound DNS regression when built without OpenSSL.
- Fix for WKS call to getservbyname that creates allocation on exit in
unit test by testing numbers first and testing from the services list later.
- Fix autoconf 2.69 warnings in configure.
- Fix #927: unbound 1.18.0 make test error. Fix make test without SHA1.
- Merge #931: Prevent warnings from -Wmissing-prototypes.
- Fix to scrub resource records of type A and AAAA that have an
inappropriate size. They are removed from responses.
- Fix to move msgparse_rrset_remove_rr code to util/msgparse.c.
- Fix to add EDE text when RRs have been removed due to length.
- Fix to set ede match in unit test for rr length removal.
- Fix to print EDE text in readable form in output logs.
- Fix send of udp retries when ENOBUFS is returned. It stops looping
and also waits for the condition to go away. Reported by Florian Obser.
- Fix authority zone answers for obscured DNAMEs and delegations.
- Merge #936: Check for c99 with autoconf versions prior to 2.70.
- Fix to remove two c99 notations.
- Fix rpz tcp-only action with rpz triggers nsdname and nsip.
- Fix misplaced comment.
- Merge #881: Generalise the proxy protocol code.
- Fix #946: Forwarder returns servfail on upstream response noerror no data.
- Fix edns subnet so that queries with a source prefix of zero cause the
recursor send no edns subnet option to the upstream.
- Fix that printout of EDNS options shows the EDNS cookie option by name.
- Fix infinite loop when reading multiple lines of input on a broken remote
control socket. Addesses #947 and #948.
- Fix #949: "could not create control compt".
- Fix that cachedb does not warn when serve-expired is disabled about use
of serve-expired-reply-ttl and serve-expired-client-timeout.
- Fix for #949: Fix pythonmod/ubmodule-tst.py for Python 3.x.
- Better fix for infinite loop when reading multiple lines of input on a
broken remote control socket, by treating a zero byte line the same as
transmission end. Addesses #947 and #948.
- For multi Python module setups, clean previously parsed module functions
in __main__'s dictionary, if any, so that only current module functions
are registered.
- Fix #954: Inconsistent RPZ handling for A record returned along with CNAME.
- Fixes for the DNS64 patches.
- Update the dns64_lookup.rpl test for the DNS64 fallback patch.
- Merge #955 from buevsan: fix ipset wrong behavior.
- Update testdata/ipset.tdir test for ipset fix.
- Fix to print detailed errors when an SSL IO routine fails via SSL_get_error.
- Clearer configure text for missing protobuf-c development libraries.
- autoconf.
- Merge #930 from Stuart Henderson: add void to log_ident_revert_to_default
declaration.
- Fix #941: dnscrypt doesn't work after upgrade to 1.18 with suggestion by
dukeartem to also fix the udp_ancil with dnscrypt.
- Fix SSL compile failure for definition in log_crypto_err_io_code_arg.
- Fix SSL compile failure for other missing definitions in log_crypto_err_io_code_arg.
- Fix compilation without openssl, remove unused function warning.
- Mention flex and bison in README.md when building from repository source.
- Update to 1.18.0:
* Features:
- Аdd a metric about the maximum number of collisions in lrushah.
- Set max-udp-size default to 1232. This is the same default value
as the default value for edns-buffer-size. It restricts client
edns buffer size choices, and makes unbound behave similar to
other DNS resolvers.
- Add harden-unknown-additional option. It removes unknown records
from the authority section and additional section.
- Added new static zone type block_a to suppress all A queries for
specific zones.
- [FR] Ability to use Redis unix sockets.
- [FR] Ability to set the Redis password.
- Features/dropqueuedpackets, with sock-queue-timeout option that
drops packets that have been in the socket queue for too long.
Added statistics num.queries_timed_out and query.queue_time_us.max
that track the socket queue timeouts.
- 'eqvinox' Lamparter: NAT64 support.
- [FR] Use kernel timestamps for dnstap.
- Add cachedb hit stat. Introduces 'num.query.cachedb' as a new
statistical counter.
- Add SVCB dohpath support.
- Add validation EDEs to queries where the CD bit is set.
- Add prefetch support for subnet cache entries.
- Add EDE (RFC8914) caching.
- Add support for EDE caching in cachedb and subnetcache.
- Downstream DNS Server Cookies a la RFC7873 and RFC9018. Create server
cookies for clients that send client cookies. This needs to be explicitly
turned on in the config file with: `answer-cookie: yes`.
* Bug Fixes
- Response change to NODATA for some ANY queries since 1.12.
- Fix not following cleared RD flags potentially enables
amplification DDoS attacks.
- Set default for harden-unknown-additional to no. So that it
does not hamper future protocol developments.
- Fix to ignore entirely empty responses, and try at another authority.
This turns completely empty responses, a type of noerror/nodata into
a servfail, but they do not conform to RFC2308, and the retry can fetch
improved content.
- Allow TTL refresh of expired error responses.
- Fix: Unexpected behavior with client-subnet-always-forward and serve-expired
- Fix unbound-dnstap-socket test program to reply the finish frame over
a TLS connection correctly.
- Fix: reserved identifier violation
- Fix: Unencrypted query is sent when forward-tls-upstream: yes is used
without tls-cert-bundle
- Extra consistency check to make sure that when TLS is requested,
either we set up a TLS connection or we return an error.
- Fix: NXDOMAIN instead of NOERROR rcode when asked for existing CNAME record.
- Fix: Bad interaction with 0 TTL records and serve-expired
- Fix RPZ IP responses with trigger rpz-drop on cache entries.
- Fix RPZ removal of client-ip, nsip, nsdname triggers from IXFR.
- Fix dereference of NULL variable warning in mesh_do_callback.
- Fix ip_ratelimit test to work with dig that enables DNS cookies.
- Fix for iter_dec_attempts that could cause a hang, part of capsforid
and qname minimisation, depending on the settings.
- Fix uninitialized memory passed in padding bytes of cmsg to sendmsg.
- Fix stat_values test to work with dig that enables DNS cookies.
- unbound.service: Main process exited, code=killed, status=11/SEGV.
Fixes cachedb configuration handling.
- Fix: processQueryResponse() THROWAWAY should be mindful of fail_reply.
- Update to 1.20.0:
Features:
* The config for discard-timeout, wait-limit, wait-limit-cookie,
wait-limit-netblock and wait-limit-cookie-netblock was added,
for the fix to the DNSBomb issue.
* Merge GH#1027: Introduce 'cache-min-negative-ttl' option.
* Merge GH#1043 from xiaoxiaoafeifei: Add loongarch support;
updates config.guess(2024-01-01) and config.sub(2024-01-01),
verified with upstream.
* Implement cachedb-check-when-serve-expired: yes option, default
is enabled. When serve expired is enabled with cachedb, it
first checks cachedb before serving the expired response.
* Fix GH#876: [FR] can unbound-checkconf be silenced when
configuration is valid?
Bug Fixes:
* Fix for the DNSBomb vulnerability CVE-2024-33655. Thanks to
Xiang Li from the Network and Information Security Lab of
Tsinghua University for reporting it.
* Update doc/unbound.doxygen with 'doxygen -u'. Fixes option
deprecation warnings and updates with newer defaults.
* Remove unused portion from iter_dname_ttl unit test.
* Fix validator classification of qtype DNAME for positive and
redirection answers, and fix validator signature routine for
dealing with the synthesized CNAME for a DNAME without
previously encountering it and also for when the qtype is
DNAME.
* Fix qname minimisation for reply with a DNAME for qtype CNAME
that answers it.
* Fix doc test so it ignores but outputs unsupported doxygen
options.
* Fix GH#1021 Inconsistent Behavior with Changing
rpz-cname-override and doing a unbound-control reload.
* Merge GH#1028: Clearer documentation for tcp-idle-timeout and
edns-tcp-keepalive-timeout.
* Fix GH#1029: rpz trigger clientip and action rpz-passthru not
working as expected.
* Fix rpz that the rpz override is taken in case of clientip
triggers. Fix that the clientip passthru action is logged. Fix
that the clientip localdata action is logged. Fix rpz override
action cname for the clientip trigger.
* Fix to unify codepath for local alias for rpz cname action
override.
* Fix rpz for cname override action after nsdname and nsip
triggers.
* Fix that addrinfo is not kept around but copied and freed, so
that log-destaddr uses a copy of the information, much like NSD
does.
* Merge GH#1030: Persist the openssl and expat directories for
repeated Windows builds.
* Fix that rpz CNAME content is limited to the max number of
cnames.
* Fix rpz, it follows iterator CNAMEs for nsip and nsdname and
sets the reply query_info values, that is better for debug
logging.
* Fix rpz that copies the cname override completely to the temp
region, so there are no references to the rpz region.
* Add rpz unit test for nsip action override.
* Fix rpz for qtype CNAME after nameserver trigger.
* Fix rpz so that rpz CNAME can apply after rpz CNAME. And fix
that clientip and nsip can give a CNAME.
* Fix localdata and rpz localdata to match CNAME only if no
direct type match is available.
* Merge GH#831 from Pierre4012: Improve Windows NSIS installer
script (setup.nsi).
* For GH#831: Format text, use exclamation icon and explicit label
names.
* Fix name of unit test for subnet cache response.
* Fix GH#1032: The size of subnet_msg_cache calculation mistake
cause memory usage increased beyond expectations.
* Fix for GH#1032, add safeguard to make table space positive.
* Fix comment in lruhash space function.
* Fix to add unit test for lruhash space that exercises the
routines.
* Fix that when the server truncates the pidfile, it does not
follow symbolic links.
* Fix that the server does not chown the pidfile.
* Fix GH#1034: DoT forward-zone via unbound-control.
* Fix for crypto related failures to have a better error string.
* Fix GH#1035: Potential Bug while parsing port from the
"stub-host" string; also affected forward-zones and
remote-control host directives.
* Fix GH#369: dnstap showing extra responses; for client responses
right from the cache when replying with expired data or
prefetching.
* Fix GH#1040: fix heap-buffer-overflow issue in function
cfg_mark_ports of file util/config_file.c.
* For GH#1040: adjust error text and disallow negative ports in
other parts of cfg_mark_ports.
* Fix comment syntax for view function views_find_view.
* Fix GH#595: unbound-anchor cannot deal with full disk; it will
now first write out to a temp file before replacing the
original one, like Unbound already does for
auto-trust-anchor-file.
* Fixup compile without cachedb.
* Add test for cachedb serve expired.
* Extended test for cachedb serve expired.
* Fix makefile dependencies for fake_event.c.
* Fix cachedb for serve-expired with serve-expired-reply-ttl.
* Fix to not reply serve expired unless enabled for cachedb.
* Fix cachedb for serve-expired with
serve-expired-client-timeout.
* Fixup unit test for cachedb server expired client timeout with
a check if response if from upstream or from cachedb.
* Fixup cachedb to not refetch when serve-expired-client-timeout
is used.
* Merge GH#1049 from Petr Menš?k: Py_NoSiteFlag is not needed since
Python 3.8
* Fix GH#1048: Update ax_pkg_swig.m4 and ax_pthread.m4.
* Fix configure, autoconf for GH#1048.
* Add checklock feature verbose_locking to trace locks and
unlocks.
* Fix edns subnet to sort rrset references when storing messages
in the cache. This fixes a race condition in the rrset locks.
* Merge GH#1053: Remove child delegations from cache when
grandchild delegations are returned from parent.
* Fix ci workflow for macos for moved install locations.
* Fix configure flto check error, by finding grep for it.
* Merge GH#1041: Stub and Forward unshare. This has one structure
for them and fixes GH#1038: fatal error: Could not initialize
thread / error: reading root hints.
* Fix to disable fragmentation on systems with IP_DONTFRAG, with
a nonzero value for the socket option argument.
* Fix doc unit test for out of directory build.
* Fix cachedb with serve-expired-client-timeout disabled. The
edns subnet module deletes global cache and cachedb cache when
it stores a result, and serve-expired is enabled, so that the
global reply, that is older than the ecs reply, does not return
after the ecs reply expires.
* Add unit tests for cachedb and subnet cache expired data.
* Man page entry for unbound-checkconf -q.
* Cleanup unnecessary strdup calls for EDE strings.
* Fix doxygen comment for errinf_to_str_bogus.
- Update to 1.19.3:
* Features:
- Merge PR #973: Use the origin (DNAME) TTL for synthesized
CNAMEs as per RFC 6672.
* Bug Fixes
- Fix unit test parse of origin syntax.
- Use 127.0.0.1 explicitly in tests to avoid delays and errors
on newer systems.
- Fix #964: config.h.in~ backup file in release tar balls.
- Merge #968: Replace the obsolescent fgrep with grep -F in
tests.
- Merge #971: fix 'WARNING: Message has 41 extra bytes at end'.
- Fix #969: [FR] distinguish Do53, DoT and DoH in the logs.
- Fix dnstap that assertion failed on logging other than UDP
and TCP traffic. It lists it as TCP traffic.
- Fix to sync the tests script file common.sh.
- iana portlist update.
- Updated IPv4 and IPv6 address for b.root-servers.net in root
hints.
- Update test script file common.sh.
- Fix tests to use new common.sh functions, wait_logfile and
kill_from_pidfile.
- Fix #974: doc: default number of outgoing ports without
libevent.
- Merge #975: Fixed some syntax errors in rpl files.
- Fix root_zonemd unit test, it checks that the root ZONEMD
verifies, now that the root has a valid ZONEMD.
- Update example.conf with cookie options.
- Merge #980: DoH: reject non-h2 early. To fix #979: Improve
errors for non-HTTP/2 DoH clients.
- Merge #985: Add DoH and DoT to dnstap message.
- Fix #983: Sha1 runtime insecure change was incomplete.
- Remove unneeded newlines and improve indentation in remote
control code.
- Merge #987: skip edns frag retry if advertised udp payload
size is not smaller.
- Fix unit test for #987 change in udp1xxx retry packet send.
- Merge #988: Fix NLnetLabs#981: dump_cache truncates large
records.
- Fix to link with -lcrypt32 for OpenSSL 3.2.0 on Windows.
- Fix to link with libssp for libcrypto and getaddrinfo check
for only header. Also update crosscompile to remove ssp for
32bit.
- Merge #993: Update b.root-servers.net also in example config
file.
- Update workflow for ports to use newer openssl on windows
compile.
- Fix warning for windres on resource files due to
redefinition.
- Fix for #997: Print details for SSL certificate failure.
- Update error printout for duplicate trust anchors to include
the trust anchor name (relates to #920).
- Update message TTL when using cached RRSETs. It could result
in non-expired messages with expired RRSETs (non-usable
messages by Unbound).
- Merge #999: Search for protobuf-c with pkg-config.
- Fix #1006: Can't find protobuf-c package since #999.
- Fix documentation for access-control in the unbound.conf man
page.
- Merge #1010: Mention REFUSED has the TC bit set with
unmatched allow_cookie acl in the manpage. It also fixes the
code to match the documentation about clients with a valid
cookie that bypass the ratelimit regardless of the
allow_cookie acl.
- Document the suspend argument for process_ds_response().
- Move github workflows to use checkoutv4.
- Fix edns subnet replies for scope zero answers to not get
stored in the global cache, and in cachedb, when the upstream
replies without an EDNS record.
- Fix for #1022: Fix ede prohibited in access control refused
answers.
- Fix unbound-control-setup.cmd to use 3072 bits so that
certificates are long enough for newer OpenSSL versions.
- Fix TTL of synthesized CNAME when a DNAME is used from cache.
- Fix unbound-control-setup.cmd to have CA v3 basicConstraints,
like unbound-control-setup.sh has.
- Update to 1.19.2:
* Bug Fixes:
- Fix CVE-2024-1931, Denial of service when trimming EDE text
on positive replies.
[bsc#1221164]
- Update to 1.19.1:
* Bug Fixes: [bsc#1219823, CVE-2023-50387][bsc#1219826, CVE-2023-50868]
- Fix CVE-2023-50387, DNSSEC verification complexity can be
exploited to exhaust CPU resources and stall DNS resolvers.
- Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU.
- as we use --disable-explicit-port-randomisation, also disable
outgoing-port-permit and outgoing-port-avoid in config file to
suppress the related unbound-checkconf warnings on every start
- Use prefixes instead of sudo in unbound.service (bsc#1215628)
- Update to 1.19.0:
* Features:
- Fix #850: [FR] Ability to use specific database in Redis, with
new redis-logical-db configuration option.
- Merge #944: Disable EDNS DO. Disable the EDNS DO flag in upstream
requests. This can be helpful for devices that cannot handle
DNSSEC information. But it should not be enabled otherwise, because
that would stop DNSSEC validation. The DNSSEC validation would not
work for Unbound itself, and also not for downstream users. Default
is no. The option is disable-edns-do: no
- Expose the script filename in the Python module environment 'mod_env'
instead of the config_file structure which includes the linked list
of scripts in a multi Python module setup; fixes #79.
- Expose the configured listening and outgoing interfaces, if any, as
a list of strings in the Python 'config_file' class instead of the
current Swig object proxy; fixes #79.
- Mailing list patches from Daniel Gr?ber for DNS64 fallback to plain
AAAA when no A record exists for synthesis, and minor DNS64 code
refactoring for better readability.
- Merge #951: Cachedb no store. The cachedb-no-store: yes option is
used to stop cachedb from writing messages to the backend storage.
It reads messages when data is available from the backend.
The default is no.
* Bug Fixes:
- Fix for version generation race condition that ignored changes.
- Fix #942: 1.18.0 libunbound DNS regression when built without OpenSSL.
- Fix for WKS call to getservbyname that creates allocation on exit in
unit test by testing numbers first and testing from the services list later.
- Fix autoconf 2.69 warnings in configure.
- Fix #927: unbound 1.18.0 make test error. Fix make test without SHA1.
- Merge #931: Prevent warnings from -Wmissing-prototypes.
- Fix to scrub resource records of type A and AAAA that have an
inappropriate size. They are removed from responses.
- Fix to move msgparse_rrset_remove_rr code to util/msgparse.c.
- Fix to add EDE text when RRs have been removed due to length.
- Fix to set ede match in unit test for rr length removal.
- Fix to print EDE text in readable form in output logs.
- Fix send of udp retries when ENOBUFS is returned. It stops looping
and also waits for the condition to go away. Reported by Florian Obser.
- Fix authority zone answers for obscured DNAMEs and delegations.
- Merge #936: Check for c99 with autoconf versions prior to 2.70.
- Fix to remove two c99 notations.
- Fix rpz tcp-only action with rpz triggers nsdname and nsip.
- Fix misplaced comment.
- Merge #881: Generalise the proxy protocol code.
- Fix #946: Forwarder returns servfail on upstream response noerror no data.
- Fix edns subnet so that queries with a source prefix of zero cause the
recursor send no edns subnet option to the upstream.
- Fix that printout of EDNS options shows the EDNS cookie option by name.
- Fix infinite loop when reading multiple lines of input on a broken remote
control socket. Addesses #947 and #948.
- Fix #949: "could not create control compt".
- Fix that cachedb does not warn when serve-expired is disabled about use
of serve-expired-reply-ttl and serve-expired-client-timeout.
- Fix for #949: Fix pythonmod/ubmodule-tst.py for Python 3.x.
- Better fix for infinite loop when reading multiple lines of input on a
broken remote control socket, by treating a zero byte line the same as
transmission end. Addesses #947 and #948.
- For multi Python module setups, clean previously parsed module functions
in __main__'s dictionary, if any, so that only current module functions
are registered.
- Fix #954: Inconsistent RPZ handling for A record returned along with CNAME.
- Fixes for the DNS64 patches.
- Update the dns64_lookup.rpl test for the DNS64 fallback patch.
- Merge #955 from buevsan: fix ipset wrong behavior.
- Update testdata/ipset.tdir test for ipset fix.
- Fix to print detailed errors when an SSL IO routine fails via SSL_get_error.
- Clearer configure text for missing protobuf-c development libraries.
- autoconf.
- Merge #930 from Stuart Henderson: add void to log_ident_revert_to_default
declaration.
- Fix #941: dnscrypt doesn't work after upgrade to 1.18 with suggestion by
dukeartem to also fix the udp_ancil with dnscrypt.
- Fix SSL compile failure for definition in log_crypto_err_io_code_arg.
- Fix SSL compile failure for other missing definitions in log_crypto_err_io_code_arg.
- Fix compilation without openssl, remove unused function warning.
- Mention flex and bison in README.md when building from repository source.
- Update to 1.18.0:
* Features:
- Аdd a metric about the maximum number of collisions in lrushah.
- Set max-udp-size default to 1232. This is the same default value
as the default value for edns-buffer-size. It restricts client
edns buffer size choices, and makes unbound behave similar to
other DNS resolvers.
- Add harden-unknown-additional option. It removes unknown records
from the authority section and additional section.
- Added new static zone type block_a to suppress all A queries for
specific zones.
- [FR] Ability to use Redis unix sockets.
- [FR] Ability to set the Redis password.
- Features/dropqueuedpackets, with sock-queue-timeout option that
drops packets that have been in the socket queue for too long.
Added statistics num.queries_timed_out and query.queue_time_us.max
that track the socket queue timeouts.
- 'eqvinox' Lamparter: NAT64 support.
- [FR] Use kernel timestamps for dnstap.
- Add cachedb hit stat. Introduces 'num.query.cachedb' as a new
statistical counter.
- Add SVCB dohpath support.
- Add validation EDEs to queries where the CD bit is set.
- Add prefetch support for subnet cache entries.
- Add EDE (RFC8914) caching.
- Add support for EDE caching in cachedb and subnetcache.
- Downstream DNS Server Cookies a la RFC7873 and RFC9018. Create server
cookies for clients that send client cookies. This needs to be explicitly
turned on in the config file with: `answer-cookie: yes`.
* Bug Fixes
- Response change to NODATA for some ANY queries since 1.12.
- Fix not following cleared RD flags potentially enables
amplification DDoS attacks.
- Set default for harden-unknown-additional to no. So that it
does not hamper future protocol developments.
- Fix to ignore entirely empty responses, and try at another authority.
This turns completely empty responses, a type of noerror/nodata into
a servfail, but they do not conform to RFC2308, and the retry can fetch
improved content.
- Allow TTL refresh of expired error responses.
- Fix: Unexpected behavior with client-subnet-always-forward and serve-expired
- Fix unbound-dnstap-socket test program to reply the finish frame over
a TLS connection correctly.
- Fix: reserved identifier violation
- Fix: Unencrypted query is sent when forward-tls-upstream: yes is used
without tls-cert-bundle
- Extra consistency check to make sure that when TLS is requested,
either we set up a TLS connection or we return an error.
- Fix: NXDOMAIN instead of NOERROR rcode when asked for existing CNAME record.
- Fix: Bad interaction with 0 TTL records and serve-expired
- Fix RPZ IP responses with trigger rpz-drop on cache entries.
- Fix RPZ removal of client-ip, nsip, nsdname triggers from IXFR.
- Fix dereference of NULL variable warning in mesh_do_callback.
- Fix ip_ratelimit test to work with dig that enables DNS cookies.
- Fix for iter_dec_attempts that could cause a hang, part of capsforid
and qname minimisation, depending on the settings.
- Fix uninitialized memory passed in padding bytes of cmsg to sendmsg.
- Fix stat_values test to work with dig that enables DNS cookies.
- unbound.service: Main process exited, code=killed, status=11/SEGV.
Fixes cachedb configuration handling.
- Fix: processQueryResponse() THROWAWAY should be mindful of fail_reply.
ImportantSUSE bug 1215628SUSE bug 1219823SUSE bug 1219826SUSE bug 1221164CVE-2023-50387 at SUSECVE-2023-50387 at NVDCVE-2023-50868 at SUSECVE-2023-50868 at NVDCVE-2024-1931 at SUSECVE-2024-1931 at NVDCVE-2024-33655 at SUSECVE-2024-33655 at NVDcpe:/o:suse:sl-micro:6.0Security update for gdk-pixbuf (Moderate)SUSE Linux Micro 6.0
This update for gdk-pixbuf fixes the following issues:
Update to version 2.42.12:
+ Fix a build failure,
+ Fix occasional build failures,
+ ani: Reject files with multiple INA or IART chunks,
+ ani: Reject files with multiple anih chunks (CVE-2022-48622 bsc#1219276),
+ ani: validate chunk size,
+ Updated translations.
- Enable other image loaders (most notably needed seems xpm,xbm).
(boo#1223903, glgo#GNOME/gdk-pixbuf!169).
Update to version 2.42.11:
+ Disable fringe loaders by default.
+ Introspection fixes.
+ Updated translations.
ModerateSUSE bug 1219276SUSE bug 1223903CVE-2022-48622 at SUSECVE-2022-48622 at NVDcpe:/o:suse:sl-micro:6.0Security update for glib2 (Moderate)SUSE Linux Micro 6.0
This update for glib2 fixes the following issues:
- CVE-2025-3360: Fixed integer overflow and buffer underread when
parsing a very long and invalid ISO 8601 timestamp with
g_date_time_new_from_iso8601() (bsc#1240897).
ModerateSUSE bug 1240897CVE-2025-3360 at SUSECVE-2025-3360 at NVDcpe:/o:suse:sl-micro:6.0Security update for glibc (Important)SUSE Linux Micro 6.0
This update for glibc fixes the following issues:
Fixed security issues:
- CVE-2024-33602: Use time_t for return type of addgetnetgrentX (bsc#1223425)
- CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bsc#1223423)
- CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bsc#1223424)
- CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bsc#1223424)
- CVE-2024-33601, CVE-2024-33602: netgroup: Use two buffers in addgetnetgrentX (bsc#1223425)
- CVE-2024-2961: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (bsc#1222992)
Fixed non-security issues:
- Add workaround for invalid use of libc_nonshared.a with non-SUSE libc (bsc#1221482)
- Fix segfault in wcsncmp (bsc#1228041)
- Also include stat64 in the 32-bit libc_nonshared.a workaround (bsc#1221482)
- Avoid creating ULP prologue for _start routine (bsc#1221940)
- Also add libc_nonshared.a workaround to 32-bit x86 compat package (bsc#1221482)
- malloc: Use __get_nprocs on arena_get2
- linux: Use rseq area unconditionally in sched_getcpu
ImportantSUSE bug 1221482SUSE bug 1221940SUSE bug 1222992SUSE bug 1223423SUSE bug 1223424SUSE bug 1223425SUSE bug 1228041CVE-2024-2961 at SUSECVE-2024-2961 at NVDCVE-2024-33599 at SUSECVE-2024-33599 at NVDCVE-2024-33600 at SUSECVE-2024-33600 at NVDCVE-2024-33601 at SUSECVE-2024-33601 at NVDCVE-2024-33602 at SUSECVE-2024-33602 at NVDcpe:/o:suse:sl-micro:6.0Security update for sqlite3 (Moderate)SUSE Linux Micro 6.0
This update for sqlite3 fixes the following issues:
- Update to release 3.49.1:
* Improve portability of makefiles and configure scripts.
* CVE-2025-29087, bsc#1241020: Fix a bug in the concat_ws()
function, introduced in version 3.44.0, that could lead to a
memory error if the separator string is very large (hundreds
of megabytes).
* CVE-2025-29088, bsc#1241078: Enhanced the
SQLITE_DBCONFIG_LOOKASIDE interface to make it more robust
against misuse.
- Update to release 3.49.0:
* Enhancements to the query planner:
- Improve the query-time index optimization so that it works on
WITHOUT ROWID tables.
- Better query plans for large star-query joins. This fixes
three different performance regressions that were reported
on the SQLite Forum.
- When two or more queries have the same estimated cost, use
the one with the fewer bytes per row.
* Enhance the iif() SQL function so that it can accept any number
of arguments greater than or equal to two.
* Enhance the session extension so that it works on databases
that make use of generated columns.
* Omit the SQLITE_USE_STDIO_FOR_CONSOLE compile-time option which
was not implemented correctly and never worked right. In its place
add the SQLITE_USE_W32_FOR_CONSOLE_IO compile-time option. This
option applies to command-line tools like the CLI only, not to the
SQLite core. It causes Win32 APIs to be used for console I/O
instead of stdio. This option affects Windows builds only.
* Three new options to sqlite3_db_config(). All default "on".
SQLITE_DBCONFIG_ENABLE_ATTACH_CREATE
SQLITE_DBCONFIG_ENABLE_ATTACH_WRITE
SQLITE_DBCONFIG_ENABLE_COMMENTS
- Re-enable SONAME which got disabled by default in 3.48.0.
* https://www.sqlite.org/src/forumpost/5a3b44f510df8ded
* https://sqlite.org/forum/forumpost/ab8f15697a
- Update to release 3.48.0:
* Improved EXPLAIN QUERY PLAN output for covering indexes.
* Allow a two-argument version of the iif() SQL function.
* Also allow if() as an alternative spelling for iif().
* Add the ".dbtotxt" command to the CLI.
* Add the SQLITE_IOCAP_SUBPAGE_READ property to the
xDeviceCharacteristics method of the sqlite3_io_methods object.
* Add the SQLITE_PREPARE_DONT_LOG option to sqlite3_prepare_v3()
that prevents warning messages being sent to the error log if
the SQL is ill-formed. This allows sqlite3_prepare_v3() to be
used to do test compiles of SQL to check for validity without
polluting the error log with false messages.
* Increase the minimum allowed value of SQLITE_LIMIT_LENGTH from
1 to 30.
* Added the SQLITE_FCNTL_NULL_IO file control.
* Extend the FTS5 auxiliary API xInstToken() to work with prefix
queries via the insttoken configuration option and the
fts5_insttoken() SQL function.
* Increase the maximum number of arguments to an SQL function
from 127 to 1000.
- Update to release 3.47.2:
* Fix a problem in text-to-floating-point conversion that affects
text values where the first 16 significant digits are
'1844674407370955'. This issue was introduced in 3.47.0 and
only arises on x64 and i386 hardware.
* Other minor bug fixes.
- Enable the session extension, because NodeJS 22 needs it.
- Update to release 3.47.1:
* Fix the makefiles so that they once again honored DESTDIR for
the "install" target.
* Add the SQLITE_IOCAP_SUBPAGE_READ capability to the VFS, to
work around issues on some non-standard VFSes caused by making
SQLITE_DIRECT_OVERFLOW_READ the default in version 3.45.0.
* Fix incorrect answers to certain obscure IN queries caused by
new query optimizations added in the 3.47.0 release.
* Other minor bug fixes.
- Update to release 3.47.0:
* Allow arbitrary expressions in the second argument to the RAISE
function.
* If the RHS of the ->> operator is negative, then access array
elements counting from the right.
* Fix a problem with rolling back hot journal files in the
seldom-used unix-dotfile VFS.
* FTS5 tables can now be dropped even if they use a non-standard
tokenizer that has not been registered.
* Fix the group_concat() aggregate function so that it returns an
empty string, not a NULL, if it receives a single input value
which is an empty string.
* Enhance the generate_series() table-valued function so that it
is able to recognize and use constraints on its output value.
Preupdate hooks now recognize when a column added by ALTER
TABLE ADD COLUMN has a non-null default value.
* Improved reuse of subqueries associated with the IN operator,
especially when the IN operator has been duplicated due to
predicate push-down.
* Use a Bloom filter on subqueries on the right-hand side of the
IN operator, in cases where that seems likely to improve
performance.
* Ensure that queries like "SELECT func(a) FROM tab GROUP BY 1"
only invoke the func() function once per row.
* No attempt is made to create automatic indexes on a column
that is known to be non-selective because of its use in other
indexes that have been analyzed.
* Adjustments to the query planner so that it produces better
plans for star queries with a large number of dimension
tables.
* Add the "order-by-subquery" optimization, that seeks to
disable sort operations in outer queries if the desired order
is obtained naturally due to ORDER BY clauses in subqueries.
* The "indexed-subtype-expr" optimization strives to use
expressions that are part of an index rather than recomputing
the expression based on table values, as long as the query
planner can prove that the subtype of the expression will
never be used.
* Miscellaneous coding tweaks for faster runtimes.
* Add the experimental sqlite3_rsync program.
* Add extension functions median(), percentile(),
percentile_cont(), and percentile_disc() to the CLI.
* Add the .www dot-command to the CLI.
* The sqlite3_analyzer utility now provides a break-out of
statistics for WITHOUT ROWID tables.
* The sqldiff utility avoids creating an empty database if its
second argument does not exist.
* Enhance the sqlite_dbpage table-valued function such that
INSERT can be used to increase or decrease the size of the
database file.
* SQLite no longer makes any use of the "long double" data type,
as hardware support for long double is becoming less common
and long double creates challenges for some compiler tool
chains. Instead, SQLite uses Dekker's algorithm when extended
precision is needed.
* The TCL Interface for SQLite supports TCL9. Everything
probably still works for TCL 8.5 and later, though this is not
guaranteed. Users are encouraged to upgrade to TCL9.
* Fix a corruption-causing bug in the JavaScript "opfs" VFS.
Correct "mode=ro" handling for the "opfs" VFS. Work around a
couple of browser-specific OPFS quirks.
* Add the fts5_tokenizer_v2 API and the locale=1 option, for
creating custom locale-aware tokenizers and fts5 tables that
may take advantage of them.
* Add the contentless_unindexed=1 option, for creating
contentless fts5 tables that store the values of any UNINDEXED
columns persistently in the database.
* Allow an FTS5 table to be dropped even if it uses a custom
tokenizer whose implementation is not available.
- Update to release 3.46.1:
* Improved robustness while parsing the tokenize= arguments in
FTS5.
* Enhancements to covering index prediction in the query planner.
* Do not let the number of terms on a VALUES clause be limited by
SQLITE_LIMIT_COMPOUND_SELECT, even if the VALUES clause
contains elements that appear to be variables due to
double-quoted string literals.
* Fix the window function version of group_concat() so that it
returns an empty string if it has one or more empty string
inputs.
* In FTS5 secure-delete mode, fix false-positive integrity-check
reports about corrupt indexes.
* Syntax errors in ALTER TABLE should always return SQLITE_ERROR.
In some cases, they were formerly returning SQLITE_INTERNAL.
* Other minor fixes.
- Update to release 3.46.0:
* https://sqlite.org/releaselog/3_46_0.html
* Enhance PRAGMA optimize in multiple ways.
* Enhancements to the date and time functions.
* Add support for underscore ("_") characters between digits in
numeric literals.
* Add the json_pretty() SQL function.
* Query planner improvements.
* Allocate additional memory from the heap for the SQL parser
stack if that stack overflows, rather than reporting a "parser
stack overflow" error.
* Allow ASCII control characters within JSON5 string literals.
* Fix the -> and ->> JSON operators so that when the right-hand
side operand is a string that looks like an integer it is still
treated as a string, because that is what PostgreSQL does.
- Update to release 3.45.3:
* Fix a long-standing bug (going back to version 3.24.0) that
might (rarely) cause the "old.*" values of an UPDATE trigger
to be incorrect if that trigger fires in response to an UPSERT.
* Reduce the scope of the NOT NULL strength reduction
optimization that was added as item 8e in version 3.35.0. The
optimization was being attempted in some contexts where it did
not work, resulting in incorrect query results.
- Add SQLITE_STRICT_SUBTYPE=1 as recommended by upstream.
- Update to release 3.45.2:
* Added the SQLITE_RESULT_SUBTYPE property for application-
defined SQL functions.
* Enhancements to the JSON SQL functions
* Add the FTS5 tokendata option to the FTS5 virtual table.
* The SQLITE_DIRECT_OVERFLOW_READ optimization is now enabled by
default.
* Query planner improvements
* Increase the default value for SQLITE_MAX_PAGE_COUNT from
1073741824 to 4294967294.
* Enhancements to the CLI
* Restore the JSON BLOB input bug, and promise to support the
anomaly in subsequent releases, for backward compatibility.
* Fix the PRAGMA integrity_check command so that it works on
read-only databases that contain FTS3 and FTS5 tables.
* Fix issues associated with processing corrupt JSONB inputs.
* Fix a long-standing bug in which a read of a few bytes past the
end of a memory-mapped segment might occur when accessing a
craftily corrupted database using memory-mapped database.
* Fix a long-standing bug in which a NULL pointer dereference
might occur in the bytecode engine due to incorrect bytecode
being generated for a class of SQL statements that are
deliberately designed to stress the query planner but which
are otherwise pointless.
* Fix an error in UPSERT, introduced in version 3.35.0.
* Reduce the scope of the NOT NULL strength reduction
optimization that was added in version 3.35.0.
ModerateSUSE bug 1241020SUSE bug 1241078CVE-2025-29087 at SUSECVE-2025-29087 at NVDCVE-2025-29088 at SUSECVE-2025-29088 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-httpcore, python-h11 (Critical)SUSE Linux Micro 6.0
This update for python-httpcore, python-h11 fixes the following issues:
python-h11:
- Update 0.16.0:
* CVE-2025-43859: Fixed accepting of malformed Chunked-Encoding bodies (bsc#1241872)
- 0.15.0:
* Reject Content-Lengths >= 1 zettabyte (1 billion terabytes) early,
without attempting to parse the integer (#181)
python-httpcore:
- CVE-2025-43859: Fixed accepting of malformed Chunked-Encoding bodies (bsc#1241872)
CriticalSUSE bug 1241872CVE-2025-43859 at SUSECVE-2025-43859 at NVDcpe:/o:suse:sl-micro:6.0Security update for glibc (Critical)SUSE Linux Micro 6.0
This update for glibc fixes the following issues:
- CVE-2025-4802: Fixed local root exploits when using static built setuid root applications. (elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static) (bsc#1243317)
- pthreads NPTL: lost wakeup fix 2 (bsc#1234128, BZ #25847)
- Mark functions in libc_nonshared.a as hidden (bsc#1239883)
CriticalSUSE bug 1234128SUSE bug 1239883SUSE bug 1243317CVE-2025-4802 at SUSECVE-2025-4802 at NVDcpe:/o:suse:sl-micro:6.0Security update for libxml2 (Moderate)SUSE Linux Micro 6.0
This update for libxml2 fixes the following issues:
- CVE-2025-32414: Fixed out-of-bounds read when parsing text via the Python API (bsc#1241551)
- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read (bsc#1241453)
ModerateSUSE bug 1241453SUSE bug 1241551CVE-2025-32414 at SUSECVE-2025-32414 at NVDCVE-2025-32415 at SUSECVE-2025-32415 at NVDcpe:/o:suse:sl-micro:6.0Security update for perl (Important)SUSE Linux Micro 6.0
This update for perl fixes the following issues:
- CVE-2024-56406: Fixed heap buffer overflow with tr// [bsc#1241083]
ImportantSUSE bug 1241083CVE-2024-56406 at SUSECVE-2024-56406 at NVDcpe:/o:suse:sl-micro:6.0Security update for ca-certificates-mozilla (Moderate)SUSE Linux Micro 6.0
This update for ca-certificates-mozilla fixes the following issues:
- test for a concretely missing certificate rather than
just the directory, as the latter is now also provided by
openssl-3
- Re-create java-cacerts with SOURCE_DATE_EPOCH set
for reproducible builds (bsc#1229003)
- explicit remove distrusted certs, as the distrust does not get exported
correctly and the SSL certs are still trusted. (bsc#1240343)
- Entrust.net Premium 2048 Secure Server CA
- Entrust Root Certification Authority
- AffirmTrust Commercial
- AffirmTrust Networking
- AffirmTrust Premium
- AffirmTrust Premium ECC
- Entrust Root Certification Authority - G2
- Entrust Root Certification Authority - EC1
- GlobalSign Root E46
- GLOBALTRUST 2020
- pass file argument to awk (bsc#1240009)
- update to 2.74 state of Mozilla SSL root CAs:
Removed:
* SwissSign Silver CA - G2
Added:
* D-TRUST BR Root CA 2 2023
* D-TRUST EV Root CA 2 2023
- remove extensive signature printing in comments of the cert
bundle
- Define two macros to break a build cycle with p11-kit.
- Updated to 2.72 state of Mozilla SSL root CAs (bsc#1234798)
Removed:
- SecureSign RootCA11
- Security Communication RootCA3
Added:
- TWCA CYBER Root CA
- TWCA Global Root CA G2
- SecureSign Root CA12
- SecureSign Root CA14
- SecureSign Root CA15
ModerateSUSE bug 1010996SUSE bug 1199079SUSE bug 1229003SUSE bug 1234798SUSE bug 1240009SUSE bug 1240343SUSE bug 441356cpe:/o:suse:sl-micro:6.0Security update for runc (Moderate)SUSE Linux Micro 6.0
This update for runc fixes the following issues:
- Update to runc v1.2.6. Upstream changelog is available from
https://github.com/opencontainers/runc/releases/tag/v1.2.6
- CVE-2024-45310: Fixed runc can be tricked into creating empty files/directories on host (bsc#1230092)
ModerateSUSE bug 1214960SUSE bug 1230092CVE-2024-45310 at SUSECVE-2024-45310 at NVDcpe:/o:suse:sl-micro:6.0Security update for s390-tools (Moderate)SUSE Linux Micro 6.0
This update for s390-tools fixes the following issues:
- CVE-2025-3416: s390-tools: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242622)
- Amended the .spec file
- Updated the '_service' file
- Removed the obsolete file 'cargo_config'
- Updated 'cputype' and 'read_value.c'
* Added the new IBM z17 (9175) processor type
ModerateSUSE bug 1242622CVE-2025-3416 at SUSECVE-2025-3416 at NVDcpe:/o:suse:sl-micro:6.0Security update for python311 (Moderate)SUSE Linux Micro 6.0
This update for python311 fixes the following issues:
- Updated to 3.11.12:
- gh-131809: Updated bundled libexpat to 2.7.1
- gh-131261: Upgraded to libexpat 2.7.0
- CVE-2025-0938: Fixed functions `urllib.parse.urlsplit` and `urlparse`
accepting domain names including square brackets (bsc#1236705)
- gh-121284: Fixed bug in the folding of rfc2047 encoded-words
when flattening an email message using a modern email
policy. Previously when an encoded-word was too long for
a line, it would be decoded, split across lines, and
re-encoded. But commas and other special characters in the
original text could be left unencoded and unquoted. This
could theoretically be used to spoof header lines using a
carefully constructed encoded-word if the resulting rendered
email was transmitted or re-parsed.
- gh-80222: Fixed bug in the folding of quoted strings
when flattening an email message using a modern email
policy. Previously when a quoted string was folded so that
it spanned more than one line, the surrounding quotes and
internal escapes would be omitted. This could theoretically
be used to spoof header lines using a carefully constructed
quoted string if the resulting rendered email was transmitted
or re-parsed.
- gh-119511: Fixed a potential denial of service in the imaplib
module. When connecting to a malicious server, it could
cause an arbitrary amount of memory to be allocated. On many
systems this is harmless as unused virtual memory is only
a mapping, but if this hit a virtual address size limit
it could lead to a MemoryError or other process crash. On
unusual systems or builds where all allocated memory is
touched and backed by actual ram or storage it could’ve
consumed resources doing so until similarly crashing.
- gh-127257: In ssl, system call failures that OpenSSL reports
using ERR_LIB_SYS are now raised as OSError.
- gh-121277: Writers of CPython’s documentation can now use
next as the version for the versionchanged, versionadded,
deprecated directives.
- gh-106883: Disabled GC during the _PyThread_CurrentFrames()
and _PyThread_CurrentExceptions() calls to avoid the
interpreter to deadlock.
ModerateSUSE bug 1236705SUSE bug 1241067CVE-2025-0938 at SUSECVE-2025-0938 at NVDcpe:/o:suse:sl-micro:6.0Security update for augeas (Moderate)SUSE Linux Micro 6.0
This update for augeas fixes the following issues:
- CVE-2025-2588: Fixed check for NULL pointers when calling re_case_expand in function fa_expand_nocase (bsc#1239909)
ModerateSUSE bug 1239909CVE-2025-2588 at SUSECVE-2025-2588 at NVDcpe:/o:suse:sl-micro:6.0Security update for libsoup (Important)SUSE Linux Micro 6.0
This update for libsoup fixes the following issues:
- CVE-2025-2784: Fixed Heap buffer over-read in `skip_insignificant_space` when sniffing content (bsc#1240750)
- CVE-2025-32050: Fixed Integer overflow in append_param_quoted (bsc#1240752)
- CVE-2025-32051: Fixed Segmentation fault when parsing malformed data URI (bsc#1240754)
- CVE-2025-32052: Fixed Heap buffer overflow in sniff_unknown() (bsc#1240756)
- CVE-2025-32053: Fixed Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757)
- CVE-2025-32913: Fixed NULL pointer dereference in soup_message_headers_get_content_disposition (bsc#1241162)
- CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164)
- CVE-2025-32912: Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214)
- CVE-2025-32907: Fixed xcessive memory consumption in server when client requests a large amount of overlapping
ranges in a single HTTP request (bsc#1241222)
- CVE-2025-32906: Fixed Out of bounds reads in soup_headers_parse_request() (bsc#1241263)
- CVE-2025-32908: Fixed HTTP request may lead to server crash due to HTTP/2 server not fully validating the values
of pseudo-headers (bsc#1241223)
- CVE-2025-32909: Fixed NULL pointer dereference in the sniff_mp4 function in soup-content-sniffer.c (bsc#1241226)
- CVE-2025-32911: Fixed Double free on soup_message_headers_get_content_disposition() via "params" (bsc#1241238)
- CVE-2025-32910: Fixed null pointer deference on client when server omits the 'realm' parameter in an Unauthorized
response with Digest authentication (bsc#1241252)
- CVE-2025-46420: Fixed Memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686)
- CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688)
ImportantSUSE bug 1240750SUSE bug 1240752SUSE bug 1240754SUSE bug 1240756SUSE bug 1240757SUSE bug 1241162SUSE bug 1241164SUSE bug 1241214SUSE bug 1241222SUSE bug 1241223SUSE bug 1241226SUSE bug 1241238SUSE bug 1241252SUSE bug 1241263SUSE bug 1241686SUSE bug 1241688CVE-2025-2784 at SUSECVE-2025-2784 at NVDCVE-2025-32050 at SUSECVE-2025-32050 at NVDCVE-2025-32051 at SUSECVE-2025-32051 at NVDCVE-2025-32052 at SUSECVE-2025-32052 at NVDCVE-2025-32053 at SUSECVE-2025-32053 at NVDCVE-2025-32906 at SUSECVE-2025-32906 at NVDCVE-2025-32907 at SUSECVE-2025-32907 at NVDCVE-2025-32908 at SUSECVE-2025-32908 at NVDCVE-2025-32909 at SUSECVE-2025-32909 at NVDCVE-2025-32910 at SUSECVE-2025-32910 at NVDCVE-2025-32911 at SUSECVE-2025-32911 at NVDCVE-2025-32912 at SUSECVE-2025-32912 at NVDCVE-2025-32913 at SUSECVE-2025-32913 at NVDCVE-2025-32914 at SUSECVE-2025-32914 at NVDCVE-2025-46420 at SUSECVE-2025-46420 at NVDCVE-2025-46421 at SUSECVE-2025-46421 at NVDcpe:/o:suse:sl-micro:6.0Security update for docker (Moderate)SUSE Linux Micro 6.0
This update for docker fixes the following issues:
Always clear SUSEConnect suse_* secrets when starting containers regardless
of whether the daemon was built with SUSEConnect support. Not doing this
causes containers from SUSEConnect-enabled daemons to fail to start when
running with SUSEConnect-disabled (i.e. upstream) daemons. (bsc#1244035)
ModerateSUSE bug 1244035CVE-2025-22868 at SUSECVE-2025-22868 at NVDCVE-2025-22869 at SUSECVE-2025-22869 at NVDcpe:/o:suse:sl-micro:6.0Security update for open-vm-tools (Moderate)SUSE Linux Micro 6.0
This update for open-vm-tools fixes the following issues:
- Updated to 12.5.2:
* CVE-2025-22247: Fixed insecure file handling (bsc#1243106)
- Fixed gcc15 compile time error (bsc#1241938)
ModerateSUSE bug 1237147SUSE bug 1241938SUSE bug 1243106CVE-2025-22247 at SUSECVE-2025-22247 at NVDcpe:/o:suse:sl-micro:6.0Security update for iputils (Moderate)SUSE Linux Micro 6.0
This update for iputils fixes the following issues:
- CVE-2025-47268: Fixed integer overflow in RTT calculation leading to undefined behavior (bsc#1242300)
ModerateSUSE bug 1242300CVE-2025-47268 at SUSECVE-2025-47268 at NVDcpe:/o:suse:sl-micro:6.0Security update for docker-compose (Moderate)SUSE Linux Micro 6.0
This update for docker-compose fixes the following issues:
Update to version 2.33.1:
* Improvements
- Add support for gw_priority, enable_ipv4 (requires docker
v28.0) by @thaJeztah in #12570
* Fixes
- Run watch standalone if menu fails to start by @ndeloof in
#12536
- Report error using non-file secret|config with read-only
service by @ndeloof in #12531
- Don't display bake suggestion when using --progress with
quiet or json option by @glours in #12561
- Fix pull --parallel and --no-parallel deprecation warnings
missing by @maxproske in #12555
- Fix error message when detach is implied by wait by @ndeloof
in #12566
* Dependencies
- build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1
by @dependabot in #12556
- build(deps): bump google.golang.org/grpc from 1.68.1 to
1.70.0 by @dependabot in #12494
- go.mod: update to docker v28.0.0 by @thaJeztah in #12545
Update to version 2.33.0:
* Important
- This release introduce support for Bake to manage builds as
an alternative to the internal buildkit client. This new
feature can be enabled by setting COMPOSE_BAKE=1 variable.
Bake will become the default builder in a future release.
* Improvements
- let user know bake is now supported by @ndeloof in #12524
- support additional_context reference to another service by
@ndeloof in #12485
- add support for BUILDKIT_PROGRESS by @ndeloof in #12458
- add --with-env flag to publish command by @glours in #12482
- Update ls --quiet help description by @maxproske in #12541
- Publish warn display env vars by @glours in #12486
* Fixes
- Fix bake support by @ndeloof in #12507
- Update link in stats --help output by @maxproske in #12523
- Properly handle "builtin" seccomp profile by @r-bk in #12478
- manage watch applied to mulitple services by @ndeloof in
#12469
* Internal
- use main branch for docs upstream validation workflow by
@crazy-max in #12487
- fix provenance for binaries and generate sbom by @crazy-max
in #12479
- add codeowners file by @glours in #12480
- remove exit code per error type used by legacy metrics system
by @ndeloof in #12502
- Dockerfile: update golangci-lint to v1.63.4 by @thaJeztah in
#12546
- Full test coverage for compatibility cmd by @maxproske in
#12528
- don't send raw os.Args to opentelemetry but a pseudo command
line by @ndeloof in #12530
- add docker engine v28.x to the test-matrix by @thaJeztah in
#12539
- enable copyloopvar linter by @thaJeztah in #12542
- go.mod: remove toolchain directive by @thaJeztah in #12551
* Dependencies
- bump buildx v0.20.1 by @ndeloof in #12488
- bump docker to v27.5.1 by @ndeloof in #12491
- bump compose-go v2.4.8 by @ndeloof in #12543
- bump golang.org/x/sys from 0.28.0 to 0.30.0 by @dependabot in
#12529
- bump github.com/moby/term v0.5.2 by @thaJeztah in #12540
- bump github.com/otiai10/copy from 1.14.0 to 1.14.1 by
@dependabot in #12493
- bump github.com/jonboulle/clockwork from 0.4.0 to 0.5.0 by
@dependabot in #12430
- bump github.com/spf13/pflag from 1.0.5 to 1.0.6 by
@dependabot in #12548
- bump golang.org/x/sync from 0.10.0 to 0.11.0 by @dependabot
in #12547
- bump gotest.tools/v3 from 3.5.1 to 3.5.2 by @dependabot in
#12549
Update to version 2.32.4:
* add missing tag for build during merge workflow
* ci: re-use local source to build binary images
* ci: use local source for binary builds
Update to version 2.32.3:
* ci: update bake-action to v6
* simplification
* image can be set to a local ID, that isn't a valid docker ref
* can't render progress concurrently with buildkit
* exclude one-off container running convergence
* Only override service mac if set on the main network.
Update to version 2.32.2:
* remove engine v25 from e2e test matrix The 1st version
available for Ubuntu 24.x is Docker Engine v26
* fix relative path in compose file
* bump compose-go to v2.4.7
* replace tibdex/github-app-token by official GitHub
create-github-app-token
* bump golang.org/x/net to v0.33.0 to fix potential security
issue https://github.com/golang/go/issues/70906
* checkExpectedVolumes must ignore anonymous volumes
* When retrying to resolveOrCreateNetwork, retry with a valid
network name
* only check bind mount conflict if sync action is involved
* use the 3 latest major versions of the engine to run e2e step
* bump Golang version to v1.22.10 and update CI actions
* add --pull to run command
* CI to validate fmt
* `make fmt` so any contributor can enforce formatting
* format code with gofumpt
Update to version 2.32.1:
* e2e test to prevent future regression
* only check volume mounts for updated config
Update to version 2.32.0:
* e2e test for recreate volume
* build(deps): bump google.golang.org/grpc from 1.68.0 to 1.68.1
* build(deps): bump golang.org/x/crypto from 0.27.0 to 0.31.0
* build(deps): bump golang.org/x/sys from 0.27.0 to 0.28.0
* prompt user to confirm volume recreation
* Recreate container on volume configuration change
* introduce watch restart action
* bump otel dependencies to v1.28.0 and v0.53.0 to align with
buildx, buildkit and engine versions
* bump docker/buildx to latest release
* fix support for service.mac_address
* update xx to v1.6.1 for compatibility with alpine 3.21 and file
5.46+
* build(deps): bump golang.org/x/sync from 0.9.0 to 0.10.0
* Update pkg/e2e/watch_test.go
* first watch action for a file event wins
* fix
* revisit TestDebounceBatching
* introduce sync+exec watch action
* log configuration error as a watch log event
* do not require a build section but for `rebuild` action
* pull --quiet should not drop status message, only progress
* use latest engine tags
* Bump buildx to 0.19.1
* be sure everything has been cleanup at the end of each tests
* add local config.json to test configuration dir if exists
* disable failing TestBuildSSH test
* fix build with bake
Update to version 2.31.0:
* bump containerd to v1.7,24
* bump google.golang.org/grpc to v1.68.0
* build(deps): bump github.com/moby/buildkit from 0.17.1 to
0.17.2
* build(deps): bump github.com/compose-spec/compose-go/v2
* only stop dependent containers ... if there's some
* disable TestNetworkConfigChanged which is unstable on CI
* only check attached networks on running containers
* fix: commit tests
* feat: add commit command
* run build tests against bake
* delegate build to buildx bake
* build(deps): bump github.com/stretchr/testify from 1.9.0 to
1.10.0
* use service.stop to stop dependent containers
* Update wait-timeout flag usage to include the unit
* go.mod: github.com/docker/cli v27.4.0-rc.2
* go.mod: github.com/docker/docker v27.4.0-rc.2
* go.mod: github.com/docker/cli 8d1bacae3e49 (v27.4.0-rc.2-dev)
* go.mod: github.com/docker/cli v27.4.0-rc.1
* go.mod: github.com/docker/docker v27.4.0-rc.1
* Update pkg/compose/convergence.go
* detect network config changes and recreate if needed
* go.mod: github.com/docker/buildx v0.18.0
* go.mod: github.com/moby/buildkit v0.17.1
* gha: test against docker engine v27.4.0
* push empty descriptor layer when using OCI version 1.1 for
Compose artifact it fixes a repository creation issue when
pushing the 1st time a Compose OCI artifact on the Hub
* remove ddev e2e tests
* implement remove-orphans on run
* ci: enable testifylint linter
* Emit events for building images
* Fix compose images that reutn a different image with the same
ID
* remove obsolete containers first on scale down
* pass stal bot inactivity limit from 6 to 3 months
* fix(config): Print service names with --no-interpolate
* build(deps): bump golang.org/x/sys from 0.26.0 to 0.27.0
* build(deps): bump golang.org/x/sync from 0.8.0 to 0.9.0
Update to version 2.30.3:
* bump compose-go v2.4.4
* Avoid starting all services on rebuild
Update to version 2.30.2:
* remove ArtifactType from Config in OCI v1.1 definition of the
artifact
* build(deps): bump github.com/compose-spec/compose-go/v2
* Service being declared in a profile must not trigger
re-creation
* Add profile e2e test case to document in compose
* Update `MAINTAINERS` file
Update to version 2.30.1:
* bump compose-go to version v2.4.2
Update to version 2.30.0:
* Improvements
- Introduce service hooks by @ndeloof (12166)
- Introduce generate command as alpha command by @glours
(12209)
- Add export command by @jarqvi (12120)
- Add support for CDI device request using devices by @ndeloof
(12184)
- Add support for bind recursive by @ndeloof (12210)
- Allow usage of -f flag with OCI Compose artifacts by @glours
(12220)
* Fixes
- Append unix-style relative path when computing container
target path by @ndeloof (12145)
- Wait for dependent service up to delay set by --wait-timeout
by @ndeloof (12156)
- Check secret source exists, as bind mount would create target
by @ndeloof (12151)
- After container restart register printer consumer by @jhrotko
(12158)
- Fix(down): Fix down command if specified services are not
running by @idsulik (12164)
- Show watch error message and open DD only when w is pressed
by @jhrotko (12165)
- Fix(push): Fix unexpected EOF on alpha publish by @idsulik
(12169)
- Fix(convergence): Serialize access to observed state by
@anantadwi13 (12150)
- Remove feature flag integration with Docker Desktop for
ComposeUI and ComposeNav by @jhrotko (12192)
- Support Dockerfile-specific ignore-file with watch by
@ndeloof (12193)
- Add support for raw env_file format by @ndeloof (12179)
- Convert GPUs to DeviceRequests with implicit "gpu" capability
by @ndeloof (12197)
- Improve error message to include expected network label by
@divinity76 (12213)
- Don't use progress to render restart, which hides logs by
@ndeloof (12226)
- One-off containers are not indexed, and must be ignored by
exec --index command by @ndeloof (12224)
- Don't warn about uid/gid not being supported while ... they
are by @ndeloof (12232)
- Connect to external networks by name by @ndeloof (12234)
- Fix push error message typo by @chris-crone (12237)
- Fix(dockerignore): Add wildcard support to dockerignore.go by
@idsulik (12239)
* Internal
- Remove bind options when creating a volume type by @jhrotko
(12177)
- pass device.options to engine by @ndeloof (12183)
- Add security policy by @thaJeztah (12194)
- Gha: set default permissions to "contents: read" by
@thaJeztah (12195)
- Desktop: allow this client to be identified via user-agent by
@djs55 (12212)
- Compose-go clean volume target to avoid ambiguous comparisons
by @ndeloof (12208)
* Dependencies
- Bump docker v27.3.1 by @ndeloof (12178)
- Build(deps): bump golang.org/x/sys from 0.25.0 to 0.26.0 by
@dependabot (12189)
- Bump compose-go to v2.3.0 by @glours (12198)
- Bump compose-go to v2.4.0 by @glours (12231)
- Bump compose-go to v2.4.1 by @glours (12243)
- Build(deps): bump github.com/containerd/containerd from
1.7.22 to 1.7.23 by @dependabot (12211)
- Bump golang minimal version to 1.22 in go.mod by @glours
(12246)
- Bump go.uber.org/mock to v0.5.0 and google.golang.org/grpc to
v1.67.1 by @glours (12245)
Update to version 2.29.7:
* revert commits link to mount API over bind changes
Update to version 2.29.6:
* don't set propagation if target engine isn't linux
* build(deps): bump github.com/docker/docker v27.3.0-rc.2
* build(deps): bump github.com/docker/cli v27.3.0-rc.2
Update to version 2.29.5:
* set propagation default
* Remove custom codeql workflow
Update to version 2.29.4:
* fix import
* chore(watch): Add debug log when skipping service without build
context
* stop dependent containers before recreating diverged service
* Fixed possible `nil` pointer dereference
* bump github.com/docker/buildx v0.17.1
* build(deps): bump docker, docker/cli to v27.3.0-rc.1
* gha: test against docker engine v27.3.0
Update to version 2.29.3:
* show sync files only in debug level
* chore(watch): Add changed files path/count to log
* build(deps): bump golang.org/x/sync from 0.7.0 to 0.8.0
* bump compose-go to version v2.2.0
* Restore compose v1 behavior to recreate containers when ran
with -V
* fix linting issues with golangci-lint 1.60.2
* bump golang to version 1.22.7
* bump dependencies versions, engine and cli v27.2.1 containerd
v1.7.22 buildx v0.17.0 buildkit v0.16.0
* build(deps): bump golang.org/x/sys from 0.22.0 to 0.25.0
* Fix typos
* Use logrus instead of direct output to stderr.
* attach: close streams when done
* Fix typo in pull.go
* Allow combination of bind mounts and 'rebuild' watches
* service hash must exlude depends_on
* prefer mount API over bind
* docs: duplicate documentation for root cmd
* docs(wait): Fix wait command description
* allow to add empty line in the logs when nav menu activated
* upgrade docker versions
Update to version 2.29.2:
* initial sync files that modified after image creation
* initial sync for root directory
* Removes redundant condition from toAPIBuildOptions in build.go
* docs: Update docker compose kill usage
* Fix stop on file chane for sync-restart action
* bump engine and cli to v27.1.1, buildx to v0.16.1
* remove all dependabot update PRs for OTel dependencies
* gp.mod: github.com/gofrs/flock v0.12.1
* go.mod: golang.org/x/sys v0.22.0
* update to go1.21.12
Update to version 2.29.1:
* Enhance JSON progress events with more fields.
* bump compose-go v2.1.5
* bump github.com/docker/cli v27.1.0
* bump github.com/docker/docker v27.1.0
* bump github.com/containerd/containerd v1.7.20
* gha: add docker 27.1.0
* fix(containers): fix sorting logic by adding secondary sorting
for one-off containers
Update to version 2.29.0:
* update docs generation to avoid man pages generation
* bump compose-go to v2.1.4, buildx to v0.16.0, containerd to
v1.7.19 and buildx to v0.15.0
* restore setEnvWithDotEnv
* empty env variable with no value must be unset in container
* exclude unnecessary resources after services have been selected
* change time for stale bot
* Remove debug mode and run twice a week
* Add stale workflow
* update docs
* feat(watch): Add --prune option to docker-compose watch command
* Remove COMPOSE_MENU env from e2e tests
* Use rawjson for the build backend.
* Set logging format to JSON.
* Format errors as JSON when in JSON progress mode.
* Pass 'plain' instead of 'json' to build backend
* Add JSON stream progress writer
* go.mod: docker/cli, docker/docker v27.0.3
* gha: test against docker v27.0.3
* go.mod: docker/cli, docker/docker v27.0.2
Update to version 2.28.1:
* Remove `console.Terminal` check and use `IsTerminal` from
`streams.Out`
Update to version 2.28.0:
* go.mod: github.com/compose-spec/compose-go v2.1.3
* go.mod: docker/docker and docker/cli v27.0.1-rc.1
Update to version 2.27.3:
* build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1
* build(deps): bump github.com/docker/buildx from 0.15.0 to
0.15.1
Update to version 2.27.2:
* using as flag of the up command, watch was blocking process
shutdown This happened when sunsetting the application from
docker compose down command
* Add open watch docs in up menu
* bump buildkit to v0.14.0 and buildx to v0.15.0
* stop watch process when associated up process is stopped
* build(deps): bump github.com/docker/docker
* build(deps): bump github.com/containerd/containerd from 1.7.17
to 1.7.18
* build(deps): bump golang.org/x/sys from 0.20.0 to 0.21.0
* build(deps): bump github.com/hashicorp/go-version from 1.6.0 to
1.7.0
* build: replace uses of archive.CanonicalTarNameForPath
* update gh actions versions, update engine matrix, bump golang
to 1.21.11
* enforce keyboard.Close is always executed to restore terminal
* config --environment
* Readd event
* remove unreachable code
* Fix dot env file to define COMPOSE_* variables
* return an error when --detach and --watch are used together in
up command
* Correct 'cancellation' typo in comment
* Fix: change append to use slice index in ps.go
* COMPOSE_PROFILES can be set by .env file
* prevent concurrent map write relying on project immutability
Update to version 2.27.1:
* build(deps): bump github.com/containerd/containerd from 1.7.16
to 1.7.17
* build(deps): bump github.com/docker/buildx from 0.14.0 to
0.14.1
* drop COMPOSE_EXPERIMENTAL_OTEL as docker/cli has opentelemetry
in
* add gui/composeview as part of available commands
* fix opentelemetry
* bump compose-go to version v2.1.1
* Set endpoint-specific DriverOpts
* Bump compose-go version to latest main
* Backport OpenBSD patches
* add new navigation menu to open Compose app configuration in
Docker Desktop
* build(deps): bump github.com/fsnotify/fsevents from 0.1.1 to
0.2.0
* build(deps): bump golang.org/x/sys from 0.19.0 to 0.20.0
* fix --resolve-image-digests
* allow a local .env file to override compose.yaml sibling .env
* Bump docker engine and cli to version 26.1.3
* Bump docker to v26.1.2
* Add documentation for --menu up option and COMPOSE_MENU
environemnt variable
* chore(deps): bump docker to v26.1.1 (#11794)
Update to version 2.27.0:
* fix: overlapping logs and menu navigation (#11765)
* build(deps): bump github.com/moby/buildkit
* chore(e2e): fix flaky cascade failure test
* use v2.26.1 tag for moby and Docker cli
* chore(deps): update to Moby v26.1 & buildx v0.14
* bump compose-go version to v2.1.0
* fix support for --context=foo
* Fix #11710: Avoid to try to close channel twice after hitting
Ctrl-C on compose up (#11719)
* fix(desktop): remove overly-aggressive feature flag check
(#11748)
* chore: fix typo in comment
* bump dependencies
* fix: do not try to create file shares for non-directories
* check container_name is not in use by another service we will
create
* don't clear line when navigation is disabled
* fix: return correct exit code with `--exit-code-from` (#11715)
* progress for resource can be restarted after more Working event
comes
* Revert "Stop the resource timer after last expected event"
* Revert change to allow trying to kill again if a kill fails
* Handle errors and allow to send multiple kills if one failed
* Ignore errors when killing on second Ctrl-C
* docker compose up always kills the containers on second Ctrl-C
* read COMPOSE_REMOVE_ORPHANS from .env
* Set Required false to depends_on containers for compose -p
stop/down
* Ignore missing containers when compose stop -p
* Ignore missing containers when compose down -p
* Introduce support for build.entitlements
* Remove dead url reference.
* e2e test for --all-resources
* introduce --all-resources to _not_ exclude resources not used
by services
* Introduce --abort-on-container-failure
* bump golang version to 1.21.9
* don't use ansi espace sequence when disabled
Update to version 2.26.1:
* Does not start keyboard manager if there is no tty
* Change menu information text to dim
* Handle --no-build and --watch args
* build(deps): bump github.com/opencontainers/image-spec
* Unwrap error message.
* Include error message in pull warning/errors
Update to version 2.26.0:
* chore(desktop): revised feature detection for file shares
* Add Navigation Menu to compose up
* Add support for volume Subpath option
* Bump docker v26.0.0
* introduce config --variables to list compose model variables
* Fix docs on default build image name
* Bump compose-go to v2.0.2
* add support for annotations
* Revert "Bump compose-go to v2.0.1"
* Bump compose-go to v2.0.1
* feat(desktop): synchronized file share integration (#11614)
* feat(experiments): add experimental feature state (#11633)
* reduce timeout of the Otel tracing command
* fix `compose config --format json`
Update to version 2.25.0:
* Bump compose-go v2.0.0
* services shell completion bugfix
* fix TestBuildPlatformsWithCorrectBuildxConfig
* only use ToModel when --no-interpolate is set
* feat(desktop): add Docker Desktop detection and client skeleton
(#11593)
Update to version 2.24.7:
* chore(deps): upgrade go to 1.21.8 (#11578)
* ci(deps): bump moby/moby & docker/cli to v25.0.4 (#11566)
* Add test summary for test jobs in ci
* make code simpler
* avoid duplicated "xx exited with code 0" message
* introduce --watch
* move code into small functions for better readability
* restore support for `config --no-interpolate`
* remove docker cli step in ci.yml
* get log to manage `attach`
* bump compose-go to version v2.0.0-rc.8
* use an dedicated compose file --quiet-pull e2e test
* Add a fallback check of Watch pid on Windows False positives
were detected when checking the previous watch process state
* add support of QuietOption to create command
* pass QuietOption when starting dependencies from run command
* when ran with ANSI disabled, force progress=plain
* Issue-11374: Modified compose up command to respect
COMPOSE_REMOVE_ORPHANS environment variable
* ci: bump engine version to `25.0.3`
* sort containers to optimize scale down
* discard stdout for laaarge log test
Update to version 2.24.6:
* use listeners to collect include metrics
* docs: update cli reference link
* docs: unify no trailing dots in docstrings and help (#11301)
* Use listener for file metadata
* fix deadlock collecting large logs
* chore(watch): remove old `docker cp` implementation
* ci(deps): bump docker/cli to v25.0.3 (#11481)
* pass All option to backend api.Service when length statuses is
not equal to zero
* Add OTEL specs: build, depends_on, capabilities (gpu/tpu)
* build(deps): bump github.com/opencontainers/image-spec
* feat(tracing): add project hash attr
* chore(load): ensure context passed to load
* Include all networks in ContainerCreate call if API >= 1.44
* bump compose-go to v2.0.0-rc.4
* CI: docker engine version matrix
* build(deps): bump github.com/docker/cli
* Fix load .env from project directory when project file is set
by COMPOSE_FILE
ModerateSUSE bug 1217070CVE-2023-47108 at SUSECVE-2023-47108 at NVDcpe:/o:suse:sl-micro:6.0Security update for avahi (Moderate)SUSE Linux Micro 6.0
This update for avahi fixes the following issues:
Security issues fixed:
- CVE-2023-38471: Extract host name using avahi_unescape_label (bsc#1216594).
- CVE-2023-38469: Reject overly long TXT resource records (bsc#1216598).
Non-security issue fixed:
- no longer supply bogus services to callbacks (bsc#1226586).
ModerateSUSE bug 1216594SUSE bug 1216598SUSE bug 1226586CVE-2023-38469 at SUSECVE-2023-38469 at NVDCVE-2023-38471 at SUSECVE-2023-38471 at NVDcpe:/o:suse:sl-micro:6.0Security update for systemd (Moderate)SUSE Linux Micro 6.0
This update for systemd fixes the following issues:
- coredump: use %d in kernel core pattern (CVE-2025-4598)
- Revert "macro: terminate the temporary VA_ARGS_FOREACH() array with a sentinel" (SUSE specific)
- umount: do not move busy network mounts (bsc#1236177)
- man/pstore.conf: pstore.conf template is not always installed in /etc
- man: coredump.conf template is not always installed in /etc (bsc#1237496)
- Don't write messages sent from users with UID falling into the container UID
range to the system journal. Daemons in the container don't talk to the
outside journald as they talk to the inner one directly, which does its
journal splitting based on shifted uids. (bsc#1242938)
- This re-adds back the support for the persistent net name rules as well as
their generator since predictable naming scheme is still disabled by default
on Micro (via the `net.ifnames=0` boot option). (bsc#1241190)
ModerateSUSE bug 1236177SUSE bug 1237496SUSE bug 1241190SUSE bug 1242938CVE-2025-4598 at SUSECVE-2025-4598 at NVDcpe:/o:suse:sl-micro:6.0Security update for openssl-3 (Moderate)SUSE Linux Micro 6.0
This update for openssl-3 fixes the following issues:
- CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 on PPC arch (bsc#1240366)
- CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation (bsc#1236136)
ModerateSUSE bug 1236136SUSE bug 1240366CVE-2024-13176 at SUSECVE-2024-13176 at NVDCVE-2025-27587 at SUSECVE-2025-27587 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-cryptography (Moderate)SUSE Linux Micro 6.0
This update for python-cryptography fixes the following issues:
- CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242631)
ModerateSUSE bug 1242631CVE-2025-3416 at SUSECVE-2025-3416 at NVDcpe:/o:suse:sl-micro:6.0Security update for ucode-intel (Important)SUSE Linux Micro 6.0
This update for ucode-intel fixes the following issues:
Intel CPU Microcode was updated to the 20250512 release (bsc#1243123)
- Security updates for INTEL-SA-01153
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01153.html)
- CVE-2024-28956: Exposure of Sensitive Information in Shared
Microarchitectural Structures during Transient Execution for some
Intel Processors may allow an authenticated user to potentially
enable information disclosure via local access.
- Security updates for INTEL-SA-01244
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01244.html)
- CVE-2025-20103: Insufficient resource pool in the core management
mechanism for some Intel Processors may allow an authenticated user
to potentially enable denial of service via local access.
- CVE-2025-20054: Uncaught exception in the core management
mechanism for some Intel Processors may allow an authenticated user
to potentially enable denial of service via local access.
- Security updates for INTEL-SA-01247
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html)
- CVE-2024-43420: Exposure of sensitive information caused by
shared microarchitectural predictor state that influences transient
execution for some Intel Atom processors may allow an authenticated
user to potentially enable information disclosure via local access.
- CVE-2025-20623: Exposure of sensitive information caused by
shared microarchitectural predictor state that influences transient
execution for some Intel Core processors (10th Generation) may allow
an authenticated user to potentially enable information disclosure
via local access.
- CVE-2024-45332: Exposure of sensitive information caused by shared
microarchitectural predictor state that influences transient execution
in the indirect branch predictors for some Intel Processors may allow
an authenticated user to potentially enable information disclosure
via local access.
- Security updates for INTEL-SA-01322
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01322.html)
- CVE-2025-24495: Incorrect initialization of resource in the branch
prediction unit for some Intel Core Ultra Processors may allow an
authenticated user to potentially enable information disclosure via
local access.
- CVE-2025-20012: Incorrect behavior order for some Intel Core Ultra
Processors may allow an unauthenticated user to potentially enable
information disclosure via physical access.
- Update for functional issues. Refer to Intel Core Ultra 200 V Series
Processor (Series2) https://cdrdv2.intel.com/v1/dl/getContent/834774)
for details.
- Update for functional issues. Refer to Intel Core Ultra 200 V Series
Processor https://cdrdv2.intel.com/v1/dl/getContent/827538) for details.
- Update for functional issues. Refer to Intel Core Ultra Processor
https://cdrdv2.intel.com/v1/dl/getContent/792254) for details.
- Update for functional issues. Refer to 14th/13th
Generation Intel Core Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/740518) for details.
- Update for functional issues. Refer to 12th Generation Intel Core
Processor Family https://cdrdv2.intel.com/v1/dl/getContent/682436)
for details.
- Update for functional issues. Refer to 11th Gen Intel Core Processor
Specification Update https://cdrdv2.intel.com/v1/dl/getContent/631123)
for details.
- Update for functional issues. Refer to 10th Gen
Intel Core Processor Families Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/341079) for details.
- Update for functional issues. Refer to 10th Gen
Intel Core Processor Families Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/615213) for details.
- Update for functional issues. Refer to 8th and 9th
Generation Intel Core Processor Family Spec Update
https://cdrdv2.intel.com/v1/dl/getContent/337346) for details.
- Update for functional issues. Refer to 6th Gen
Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/835486) for details.
- Update for functional issues. Refer to 5th Gen Intel Xeon Processor
Scalable Family https://cdrdv2.intel.com/v1/dl/getContent/793902)
for details.
- Update for functional issues. Refer to 4th Gen
Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/772415) for details.
- Update for functional issues. Refer to 3rd Generation
Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/634897) for details.
- Update for functional issues. Refer to 3rd Generation
Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/637780) for details.
- Update for functional issues. Refer to 2nd Generation
Intel Xeon Processor Scalable Family Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to Intel
Xeon 6700-Series Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/820922) for details.
- Update for functional issues. Refer to Intel Xeon E-2300 Processor
Specification Update https://cdrdv2.intel.com/v1/dl/getContent/709192)
for details.
- Update for functional issues. Refer to Intel Xeon D-2700 Processor
Specification Update https://cdrdv2.intel.com/v1/dl/getContent/714071)
for details.
- Update for functional issues. Refer to Intel Processors and Intel
Core i3 N-Series https://cdrdv2.intel.com/v1/dl/getContent/764616)
for details.
- Update for functional issues. Refer to Intel Pentium
Silver and Intel Celeron Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/336562) for details.
### New Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ARL-U | A1 | 06-b5-00/80 | | 0000000a | Core Ultra Processor (Series2)
| ARL-S/HX (8P) | B0 | 06-c6-02/82 | | 00000118 | Core Ultra Processor (Series2)
| ARL-H | A1 | 06-c5-02/82 | | 00000118 | Core Ultra Processor (Series2)
| GNR-AP/SP | B0 | 06-ad-01/95 | | 010003a2 | Xeon Scalable Gen6
| GNR-AP/SP | H0 | 06-ad-01/20 | | 0a0000d1 | Xeon Scalable Gen6
| LNL | B0 | 06-bd-01/80 | | 0000011f | Core Ultra 200 V Series Processor
### Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ADL | C0 | 06-97-02/07 | 00000038 | 0000003a | Core Gen12
| ADL | H0 | 06-97-05/07 | 00000038 | 0000003a | Core Gen12
| ADL | L0 | 06-9a-03/80 | 00000436 | 00000437 | Core Gen12
| ADL | R0 | 06-9a-04/80 | 00000436 | 00000437 | Core Gen12
| ADL-N | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300,
N50/N97/N100/N200,
Atom x7211E/x7213E/x7425E
| AML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile
| AZB | A0/R0 | 06-9a-04/40 | 00000009 | 0000000a | Intel(R) Atom(R) C1100
| CFL-H | R0 | 06-9e-0d/22 | 00000102 | 00000104 | Core Gen9 Mobile
| CLX-SP | B1 | 06-55-07/bf | 05003707 | 05003901 | Xeon Scalable Gen2
| CML-H | R1 | 06-a5-02/20 | 000000fc | 00000100 | Core Gen10 Mobile
| CML-S102 | Q0 | 06-a5-05/22 | 000000fc | 00000100 | Core Gen10
| CML-S62 | G1 | 06-a5-03/22 | 000000fc | 00000100 | Core Gen10
| CML-U42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile
| CML-U62 V1 | A0 | 06-a6-00/80 | 000000fe | 00000102 | Core Gen10 Mobile
| CML-U62 V2 | K1 | 06-a6-01/80 | 000000fc | 00000100 | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile
| CPX-SP | A1 | 06-55-0b/bf | 07002904 | 07002b01 | Xeon Scalable Gen3
| EMR-SP | A1 | 06-cf-02/87 | 21000291 | 210002a9 | Xeon Scalable Gen5
| GLK-R | R0 | 06-7a-08/01 | 00000024 | 00000026 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-D | B0 | 06-6c-01/10 | 010002c0 | 010002d0 | Xeon D-17xx, D-27xx
| ICL-U/Y | D1 | 06-7e-05/80 | 000000c6 | 000000ca | Core Gen10 Mobile
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003f5 | 0d000404 | Xeon Scalable Gen3
| MTL | C0 | 06-aa-04/e6 | 00000020 | 00000024 | Core Ultra Processor
| RKL-S | B0 | 06-a7-01/02 | 00000063 | 00000064 | Core Gen11
| RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012c | 0000012f | Core Gen13/Gen14
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004124 | 00004128 | Core Gen13
| RPL-HX/S | C0 | 06-bf-02/07 | 00000038 | 0000003a | Core Gen13/Gen14
| RPL-S | H0 | 06-bf-05/07 | 00000038 | 0000003a | Core Gen13/Gen14
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004124 | 00004128 | Core Gen13
| SPR-HBM | Bx | 06-8f-08/10 | 2c0003e0 | 2c0003f7 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4
| SRF-SP | C0 | 06-af-03/01 | 03000330 | 03000341 | Xeon 6700-Series Processors with E-Cores
| TGL | B0/B1 | 06-8c-01/80 | 000000b8 | 000000bc | Core Gen11 Mobile
| TGL-H | R0 | 06-8d-01/c2 | 00000052 | 00000056 | Core Gen11 Mobile
| TGL-R | C0 | 06-8c-02/c2 | 00000038 | 0000003c | Core Gen11 Mobile
| TWL | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200,
Atom x7211E/x7213E/x7425E
| WHL-U | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen8 Mobile
ImportantSUSE bug 1243123CVE-2024-28956 at SUSECVE-2024-28956 at NVDCVE-2024-43420 at SUSECVE-2024-43420 at NVDCVE-2024-45332 at SUSECVE-2024-45332 at NVDCVE-2025-20012 at SUSECVE-2025-20012 at NVDCVE-2025-20054 at SUSECVE-2025-20054 at NVDCVE-2025-20103 at SUSECVE-2025-20103 at NVDCVE-2025-20623 at SUSECVE-2025-20623 at NVDCVE-2025-24495 at SUSECVE-2025-24495 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-setuptools (Important)SUSE Linux Micro 6.0
This update for python-setuptools fixes the following issues:
- CVE-2025-47273: Fixed a path traversal vulnerability. (bsc#1243313, gh#pypa/setuptools@250a6d17978f)
ImportantSUSE bug 1243313CVE-2025-47273 at SUSECVE-2025-47273 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-urllib3 (Moderate)SUSE Linux Micro 6.0
This update for python-urllib3 fixes the following issues:
- CVE-2024-37891: Fixed issue where proxy-authorization request header was not stripped during cross-origin redirects (bsc#1226469)
ModerateSUSE bug 1226469CVE-2024-37891 at SUSECVE-2024-37891 at NVDcpe:/o:suse:sl-micro:6.0Security update for libblockdev (Moderate)SUSE Linux Micro 6.0
This update for libblockdev fixes the following issues:
- CVE-2025-6019: Suppress privilege escalation during xfs fs resize ( (bsc#1243226)
ModerateSUSE bug 1243226CVE-2025-6019 at SUSECVE-2025-6019 at NVDcpe:/o:suse:sl-micro:6.0Security update for pam (Important)SUSE Linux Micro 6.0
This update for pam fixes the following issues:
- CVE-2025-6020: pam_namespace: convert functions that may operate
on a user-controlled path to operate on file descriptors instead of
absolute path. And keep the bind-mount protection from protect_mount()
as a defense in depthmeasure. (bsc#1244509)
ImportantSUSE bug 1244509CVE-2025-6020 at SUSECVE-2025-6020 at NVDcpe:/o:suse:sl-micro:6.0Security update for afterburn (Moderate)SUSE Linux Micro 6.0
This update for afterburn fixes the following issues:
Update to version 5.8.2:
* cargo: Afterburn release 5.8.2
* docs/release-notes: update for release 5.8.2
* cargo: update dependencies
* cargo: Afterburn release 5.8.1
* cargo: Afterburn release 5.8.0
* docs/release-notes: update for release 5.8.0
* cargo: update dependencies
* packit: add initial support
Update to version 5.7.0.git103.bae893c:
* Sync repo templates ⚙
fixes RUSTSEC-2025-0022 AKA CVE-2025-3416
* mod.rs: Fix clippy lint errors
* release-notes.md: add release notes for rust version update
* Cargo.toml: bump MSRV to 1.84.1
* Fix clippy lint issues
* Sync repo templates ⚙
* Update release notes.
* proxmoxve: Add more context to log messages.
* proxmoxve: Remove unneeded fields
* proxmoxve: Add tests for static network configuration from cloud-init.
* proxmoxve: Add support for static network configuration from cloud-init.
* Sync repo templates ⚙
* release notes: add notes for tempfile bump from 3.16.0 to 3.17.1
* add makefile targets for fmt,lint and test
* providers/openstack: ignore ec2 metadata if not present
* Sync repo templates ⚙
* docs: add changelog entry
* proxmox: use noop provider if no configdrive
* add noop provider
* release-notes: remove "upcoming"
Update to version 5.7.0:
* cargo: Afterburn release 5.7.0
* docs/release-notes: update for release 5.7.0
* cargo: update dependencies
* dhcp: replace dbus_proxy with proxy, and zbus traits
* providers/hetzner: private ipv4 addresses in attributes
* openstack: Document the two platforms
* microsoft/azure: allow empty certificate chain in PKCS12 file
* proxmoxve: implement proxmoxve provider
* providers/hetzner: fix duplicate attribute prefix
* cargo: Afterburn release 5.6.0
* docs/release-notes: update for release 5.6.0
* cargo: update dependencies
* lint: silence deadcode warnings
* lint: address latest lint's from msrv update
* workflows/rust: directly update toolchain to 1.75.0
* cargo: update msrv to 1.75
* Sync repo templates ⚙
* providers: Add "akamai" provider
* Sync repo templates ⚙
* cargo: Afterburn release 5.5.1
* docs/release-notes: update for release 5.5.1
* cargo: update dependencies
* providers/vmware: add missing public functions for non-amd64
* cargo: Afterburn release 5.5.0
* Sync repo templates ⚙
* docs/release-notes: update for release 5.5.0
* cargo: update dependencies
* ci: cancel previous build on PR update
* providers/vmware: Process guestinfo.metadata netplan configuration
* kubevirt: Run afterburn-hostname service
* providers: add support for scaleway
* Move away from deprecated `users` to `uzers`
* Sync repo templates ⚙
* providers/hetzner: add support for Hetzner Cloud
* cargo: update MSRV to 1.71
* chore: Get rid of Clippy warnings
* cargo: specify required features for nix dependency
* Sync repo templates ⚙
* openstack: Add attribute OPENSTACK_INSTANCE_UUID
* cargo: Afterburn release 5.4.3
* docs/release-notes: update for release 5.4.3
* cargo: update dependencies
* cargo: allow openssl 0.10.46
* ci: strip debug symbols
* Sync repo templates ⚙
* build-sys: Use new tier = 2 for cargo-vendor-filterer
* Sync repo templates ⚙
* cargo: Afterburn release 5.4.2
* docs/release-notes: update for release
* docs/release-notes: note Azure SSH regression fix with new openssl
* cargo: fix minimum version of openssl crate
* microsoft/crypto/mod: replace deprecated function `parse` with `parse2`
* Update mockito to 1.0.1
* cli: switch to clap derive
* cli: add descriptive value names for option arguments in --help
* cli: have clap require exactly one of --cmdline/--provider
* providers/*: move endpoint mocking into retry::Client
* retry/client: move URL parsing into helper function
* providers/microsoft: import crate::retry
* providers/microsoft: use stored client for all fetches
* providers/packet: use stored client for boot checkin
* Sync repo templates ⚙
* docs: Use upstream theme & update to 0.4.1
* initrd: remember to write trailing newline to network kargs file
* util: drop obsolete "OEM" terminology
* Update to clap 4
* workflows: update clippy to 1.67
* Fix clippy lints
* Inline variables into format strings
ModerateSUSE bug 1244675CVE-2025-3416 at SUSECVE-2025-3416 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-tornado6 (Important)SUSE Linux Micro 6.0
This update for python-tornado6 fixes the following issues:
- CVE-2025-47287: Fixed denial of service via generation of
an extremely high volume of logs due to multipart/form-data
parser (bsc#1243268).
ImportantSUSE bug 1243268CVE-2025-47287 at SUSECVE-2025-47287 at NVDcpe:/o:suse:sl-micro:6.0Security update for libsoup (Important)SUSE Linux Micro 6.0
This update for libsoup fixes the following issues:
- CVE-2025-4476: Fixed null pointer dereference that may lead to denial of service (bsc#1243422)
- CVE-2025-4948: Fixed Integer Underflow in
soup_multipart_new_from_message() Leading to Denial of Service in libsoup
(bsc#1243332)
- CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak (bsc#1243423)
- CVE-2025-4945: Fixed Integer Overflow in Cookie Expiration Date Handling in libsoup (bsc#1243314)
ImportantSUSE bug 1243314SUSE bug 1243332SUSE bug 1243422SUSE bug 1243423SUSE bug 528882SUSE bug 553466CVE-2025-4476 at SUSECVE-2025-4476 at NVDCVE-2025-4945 at SUSECVE-2025-4945 at NVDCVE-2025-4948 at SUSECVE-2025-4948 at NVDCVE-2025-4969 at SUSECVE-2025-4969 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-Jinja2 (Moderate)SUSE Linux Micro 6.0
This update for python-Jinja2 fixes the following issues:
- CVE-2024-34064, CVE-2024-22195: HTML attribute injection when passing user input as keys to xmlattr filter (bsc#1223980, bsc#1218722)
ModerateSUSE bug 1218722SUSE bug 1223980CVE-2024-22195 at SUSECVE-2024-22195 at NVDCVE-2024-34064 at SUSECVE-2024-34064 at NVDcpe:/o:suse:sl-micro:6.0Security update for gpg2 (Moderate)SUSE Linux Micro 6.0
This update for gpg2 fixes the following issues:
* Fix regression for the recent malicious subkey DoS fix in CVE-2025-30258. [bsc#1236931, bsc#1239119, CVE-2025-30258]
ModerateSUSE bug 1236931SUSE bug 1239119CVE-2025-30258 at SUSECVE-2025-30258 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-requests (Important)SUSE Linux Micro 6.0
This update for python-requests fixes the following issues:
- CVE-2024-47081: Fixed incorrect URL processing leading to .netrc credential leak (bsc#1244039)
ImportantSUSE bug 1244039CVE-2024-47081 at SUSECVE-2024-47081 at NVDcpe:/o:suse:sl-micro:6.0Security update for perl (Moderate)SUSE Linux Micro 6.0
This update for perl fixes the following issues:
- CVE-2025-40909: Fixed a working directory race condition causing
file operations to target unintended paths (bsc#1244079)
ModerateSUSE bug 1244079CVE-2025-40909 at SUSECVE-2025-40909 at NVDcpe:/o:suse:sl-micro:6.0Security update for openssl-3 (Moderate)SUSE Linux Micro 6.0
This update for openssl-3 fixes the following issues:
- CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation (bsc#1236136)
ModerateSUSE bug 1236136CVE-2024-13176 at SUSECVE-2024-13176 at NVDcpe:/o:suse:sl-micro:6.0Security update for gpg2 (Moderate)SUSE Linux Micro 6.0
This update for gpg2 fixes the following issues:
- gpg: Allow the use of an ADSK subkey as ADSK subkey. (bsc#1239119 CVE-2025-30258)
- Don't install expired sks certificate [bsc#1243069]
ModerateSUSE bug 1236931SUSE bug 1239119SUSE bug 1243069CVE-2025-30258 at SUSECVE-2025-30258 at NVDcpe:/o:suse:sl-micro:6.0Security update for sudo (Important)SUSE Linux Micro 6.0
This update for sudo fixes the following issues:
- CVE-2025-32462: Fix a possible local privilege escalation via the --host option (bsc#1245274)
- CVE-2025-32463: Fix a possible local privilege Escalation via chroot option (bsc#1245275)
ImportantSUSE bug 1245274SUSE bug 1245275CVE-2025-32462 at SUSECVE-2025-32462 at NVDCVE-2025-32463 at SUSECVE-2025-32463 at NVDcpe:/o:suse:sl-micro:6.0Security update for python311 (Important)SUSE Linux Micro 6.0
This update for python311 fixes the following issues:
- CVE-2025-6069: Avoid worst case quadratic complexity when processing
certain crafted malformed inputs with HTMLParser (bsc#1244705).
Update to 3.11.13:
- Security
- gh-135034: Fixes multiple issues that allowed tarfile
extraction filters (filter="data" and filter="tar")
to be bypassed using crafted symlinks and hard links.
Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138
(bsc#1244059), CVE-2025-4330 (bsc#1244060), and
CVE-2025-4517 (bsc#1244032). Also addresses CVE-2025-4435
(gh#135034, bsc#1244061).
- gh-133767: Fix use-after-free in the “unicode-escape”
decoder with a non-“strict” error handler (CVE-2025-4516,
bsc#1243273).
- gh-128840: Short-circuit the processing of long IPv6
addresses early in ipaddress to prevent excessive memory
consumption and a minor denial-of-service.
- Library
- gh-128840: Fix parsing long IPv6 addresses with embedded
IPv4 address.
- gh-134062: ipaddress: fix collisions in __hash__() for
IPv4Network and IPv6Network objects.
- gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output
according to RFC 3596, ?2.5. Patch by B?n?dikt Tran.
- bpo-43633: Improve the textual representation of
IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2)
in ipaddress. Patch by Oleksandr Pavliuk.
- CVE-2025-4516: Fixed blocking DecodeError handling
vulnerability, which could lead to DoS. (bsc#1243273)
ImportantSUSE bug 1174091SUSE bug 1227378SUSE bug 1243155SUSE bug 1243273SUSE bug 1244032SUSE bug 1244056SUSE bug 1244059SUSE bug 1244060SUSE bug 1244061SUSE bug 1244705SUSE bug 831629CVE-2019-20907 at SUSECVE-2019-20907 at NVDCVE-2019-9947 at SUSECVE-2019-9947 at NVDCVE-2020-15523 at SUSECVE-2020-15523 at NVDCVE-2020-15801 at SUSECVE-2020-15801 at NVDCVE-2024-12718 at SUSECVE-2024-12718 at NVDCVE-2025-4138 at SUSECVE-2025-4138 at NVDCVE-2025-4330 at SUSECVE-2025-4330 at NVDCVE-2025-4435 at SUSECVE-2025-4435 at NVDCVE-2025-4516 at SUSECVE-2025-4516 at NVDCVE-2025-4517 at SUSECVE-2025-4517 at NVDCVE-2025-6069 at SUSECVE-2025-6069 at NVDcpe:/o:suse:sl-micro:6.0Security update for rust-keylime (Moderate)SUSE Linux Micro 6.0
This update for rust-keylime fixes the following issues:
- CVE-2024-12224: idna: Fixed improper validation in punycode (bsc#1243861)
- Update to version 0.2.7+70:
* build(deps): bump wiremock from 0.6.2 to 0.6.3
* build(deps): bump uuid from 1.16.0 to 1.17.0
* lib: Introduce AgentIdentity structure
* gitignore: Add *.swp and *.orig to be ignored
* build(deps): bump clap from 4.5.38 to 4.5.39
* build(deps): bump tokio from 1.45.0 to 1.45.1
* Unify Push Model structures time formats to UTC (#1016)
* Add Quote related structures to Keylime library
* Remove configuration file trailing whitespaces (#1012)
* keylime-agent.conf: add all accepted TPM encryption algs
* tpm: add policy auth for EK to activate crendential
* Enable non standard key sizes and curves for EK and AK
* config: Use next_back() instead of last() for iterators
* Update to tss-esapi v7.6.0
* Avoid duplicated call to ctx.create_ek
* build(deps): bump clap from 4.5.23 to 4.5.38
* Add registration for Push Model client
* build(deps): bump tokio from 1.44.2 to 1.45.0
* build(deps): bump chrono from 0.4.40 to 0.4.41
* build(deps): bump tempfile from 3.17.1 to 3.20.0
* Refactor code: move error, registration to lib
* Move structure filling and URL selection code (#999)
* build(deps): bump pest_derive from 2.7.15 to 2.8.0
* build(deps): bump pest from 2.7.15 to 2.8.0
* build(deps): bump libc from 0.2.169 to 0.2.172
* Add Evidence/Authentication messages to prototype
* build(deps): bump uuid from 1.15.1 to 1.16.0
* build(deps): bump thiserror from 2.0.11 to 2.0.12
* build(deps): bump signal-hook from 0.3.17 to 0.3.18
* build(deps): bump log from 0.4.25 to 0.4.27
* build(deps): bump assert_cmd from 2.0.16 to 2.0.17
* build(deps): bump actix-web from 4.9.0 to 4.10.2
* build(deps): bump reqwest from 0.12.12 to 0.12.15
* build(deps): bump serde from 1.0.217 to 1.0.219
* Add unit tests for sessions.rs structures
* Add auth(sessions) structures
* Fix minor README.md issue (#988)
* Define EvidenceHandling structures (#971)
* Add mockoon test scenario
* Add client certificates to push-attestation prototype
* Cargo: bump url crate to version 2.5.4
* Add logging to the push attestation prototype
* Do not use certificate on insecure mode
* common: Move the EncryptedData structure from common to the library
* common: Move AuthTag from common to the library
* build(deps): bump openssl from 0.10.71 to 0.10.72
* common: Move Symmkey to library as crypto::symmkey
* common: Remove unused constants and static values
* build(deps): bump tokio from 1.43.0 to 1.44.2
* Refactor code: Include AgentIdentity structure
* Push model prototype
* Add support for ek certificate chain, stored in TPM NVRAM.
* Recover key_class field and set it as "asymmetric"
* Update push model structures to latest values
* build(deps): bump serde_json from 1.0.138 to 1.0.140
* packit: Add identifier for each copr_build job
* keylime-agent.conf: only mention ecdsa and rsassa for signing
* build(deps): bump openssl from 0.10.70 to 0.10.71
* build(deps): bump uuid from 1.13.2 to 1.15.1
* Add capabilities_negotiation structures
* packit: Add compatibility/api_version_compatibility test
* build(deps): bump uuid from 1.11.0 to 1.13.2
* build(deps): bump serde_json from 1.0.135 to 1.0.138
* build(deps): bump thiserror from 2.0.9 to 2.0.11
* build(deps): bump tempfile from 3.14.0 to 3.17.1
* Allow agent to start as non-root
* scripts: Fix coverage information downloading script
* build(deps): bump openssl from 0.10.68 to 0.10.70
* build(deps): bump tokio from 1.42.0 to 1.43.0
- Update to version 0.2.7+1:
* dist: Enable logging for keylime library in the service
* Bump version to 0.2.7
* scripts: Download coverage data from Testing Farm directly
* main: Remove unnecessary lifetime
* cargo: Bump pretty_env_logger to version 0.5.0
* scripts: Fix regex in download_packit_coverage.sh
* cargo: Bump clap crate to version 4.5.23
* cargo: Bump base64 crate to version 0.22.1
* build(deps): bump log from 0.4.22 to 0.4.25
* build(deps): bump serde_json from 1.0.133 to 1.0.135
* cargo: Bump tokio crate to version 1.42.0
* packit: Fix RPM builds on copr
* cargo: Bump thiserror crate to version 0.2.9
* cargo: Update reqwest to version 0.12.12
* build(deps): bump libc from 0.2.168 to 0.2.169
* build(deps): bump glob from 0.3.1 to 0.3.2
* version: Implement API version validation and ordering
* main: Support using multiple API versions for registration
* keylime: Introduce the registrar_client module
* Provide endpoints under multiple API versions
* Move 'serialization' module to the keylime library
* Drop unnecessary dependency on common::API_VERSION
* keylime-agent.conf: Bump version to 2.3
* build(deps): bump serde from 1.0.210 to 1.0.217
* build(deps): bump pest_derive from 2.7.14 to 2.7.15
* build(deps): bump pest from 2.7.14 to 2.7.15
* build(deps): bump libc from 0.2.167 to 0.2.168
* config: Make IAK and IDevID certificates optional
* Fix warnings reported by clippy
* workflows: Run job in the CI container directly
* tests: Add unit test for device ID builder
* main: Move IAK/IDevID related code to dedicated module
* tests: Add script to generate IAK and IDevID certificates
* build(deps): bump openssl from 0.10.66 to 0.10.68
* build(deps): bump uuid from 1.10.0 to 1.11.0
* build(deps): bump serde_json from 1.0.128 to 1.0.133
* build(deps): bump actix-web from 4.5.1 to 4.9.0
* build(deps): bump reqwest from 0.12.7 to 0.12.9
* tests/setup_swtpm.sh: Add script to setup temporary TPM
* Use a single TPM context and avoid race conditions during tests
* config: Enable passing a hostname instead of IP
* build(deps): bump clap from 4.3.11 to 4.5.21
* build(deps): bump tempfile from 3.10.1 to 3.14.0
* build(deps): bump pest_derive from 2.7.6 to 2.7.14
* build(deps): bump pest from 2.7.6 to 2.7.14
* build(deps): bump codecov/codecov-action from 4 to 5
* workflows: Submit the coverage for merged PR from Fedora 41
* tests: Use Fedora 41 to generate code coverage
* api: Make API configuration modular
* agent_handler: Move the /agent scope configuration
* notifications_handler: Move the /notifications scope configuration
* quotes_handler: Move the /quotes scope configuration to quotes_handler
* keys_handler: Move /keys scope configuration to keys_handler
* Use ${DESTDIR} for config
* Fix showing wrong UUID
* build(deps): bump actix-rt from 2.9.0 to 2.10.0
* config: Refactor AgentConfig Source trait implementation
* build(deps): bump log from 0.4.21 to 0.4.22
* build(deps): bump serde_json from 1.0.120 to 1.0.128
* tpm: check if EK certificate has valid ASN.1 DER encoding
* build(deps): bump futures from 0.3.27 to 0.3.31
* cargo: Bump reqwest to version 0.12.7
* build(deps): bump serde from 1.0.203 to 1.0.210
* tests: Add more tests to Packit CI
* build(deps): bump docker/build-push-action from 5 to 6
* tests: apply workarounds to known bugs
ModerateSUSE bug 1243861CVE-2024-12224 at SUSECVE-2024-12224 at NVDcpe:/o:suse:sl-micro:6.0Security update for libgcrypt (Moderate)SUSE Linux Micro 6.0
This update for libgcrypt fixes the following issues:
- CVE-2024-2236: Fixed timing based side-channel in RSA implementation (bsc#1221107)
ModerateSUSE bug 1221107CVE-2024-2236 at SUSECVE-2024-2236 at NVDcpe:/o:suse:sl-micro:6.0Security update for pam_pkcs11 (Important)SUSE Linux Micro 6.0
This update for pam_pkcs11 fixes the following issues:
- Removes pam_env from auth stack for security reason [bsc#1243226]
ImportantSUSE bug 1243226CVE-2025-6018 at SUSECVE-2025-6018 at NVDcpe:/o:suse:sl-micro:6.0Security update for iputils (Moderate)SUSE Linux Micro 6.0
This update for iputils fixes the following issues:
- CVE-2025-48964: Fixed integer overflow in ping statistics via zero timestamp (bsc#1243772)
ModerateSUSE bug 1243772CVE-2025-48964 at SUSECVE-2025-48964 at NVDcpe:/o:suse:sl-micro:6.0Security update 5.0.5 for Multi-Linux Manager Client Tools, Salt and Salt Bundle (Important)SUSE Linux Micro 6.0
This update fixes the following issues:
golang-github-prometheus-node_exporter:
- Security issues fixed:
- CVE-2025-22870: Prevent a matching of hosts against proxy patterns to improperly treat an IPv6 zone ID as a
hostname component (bsc#1238686)
- Other bugs fixed:
- Fixed Darwin memory leak
- pressure: Fix missing IRQ on older kernels
salt, venv-salt-minion:
- Security issues fixed:
- CVE-2024-38822: Fixed Minion token validation (bsc#1244561)
- CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport (bsc#1244564)
- CVE-2024-38824: Fixed directory traversal vulnerability in recv_file method (bsc#1244565)
- CVE-2024-38825: Fixed salt.auth.pki module authentication issue (bsc#1244566)
- CVE-2025-22240: Fixed arbitrary directory creation or file deletion with GitFS (bsc#1244567)
- CVE-2025-22236: Fixed Minion event bus authorization bypass (bsc#1244568)
- CVE-2025-22241: Fixed the use of un-validated input in the VirtKey class (bsc#1244570)
- CVE-2025-22237: Fixed exploitation of the 'on demand' pillar functionality (bsc#1244571)
- CVE-2025-22238: Fixed the master's default cache vulnerability to a directory traversal attack (bsc#1244572)
- CVE-2025-22239: Fixed the arbitrary event injection on the Salt Master (bsc#1244574)
- CVE-2025-22242: Fixed a Denial of Service vulnerability through file read operation (bsc#1244575)
- CVE-2025-47287: Fixed a Denial of Service vulnerability in Tornado logging behavior (bsc#1243268)
- Other bugs fixed:
- Added subsystem filter to udev.exportdb (bsc#1236621)
- Added `minion_legacy_req_warnings` option to avoid noisy warnings
- Fixed Ubuntu 24.04 edge-case test failures
- Fixed refresh of osrelease and related grains on Python 3.10+
- Fixed issue requiring proper Python flavor for dependencies
- Require M2Crypto version 0.44.0 or higher
- venv-salt-minion: Fixed bundle path in pyvenv.cfg
uyuni-tools:
- Version 0.1.31-0:
- Added the info message about End User License Agreement
- Don't migrate py2*-compat-salt.conf files (bsc#1240626)
- Check for restorecon before using it (bsc#1240698)
- Adjust the distro path in cobbler files after migration
(bsc#1238929)
- Added mgradm support ptf podman --pullPolicy flag (bsc#1236877)
- Support: don't dump files in bound folders (bsc#1243297)
- Cleanup host supportconfig files (bsc#1242174)
- During migration, check if backup already exists (bsc#1243105)
- Removed SHM size limits from all containers (bsc#1243274)
- Don't migrate /etc/apache2/vhosts.d/cobbler.conf
- Fixed migration --prepare for autoinstallable distributions (bsc#1243802)
- Skip instalation if the server is already set up (bsc#1238849)
- Bumped the default image tag to 5.0.5
ImportantSUSE bug 1236621SUSE bug 1236877SUSE bug 1238686SUSE bug 1238849SUSE bug 1238929SUSE bug 1240626SUSE bug 1240698SUSE bug 1242174SUSE bug 1243105SUSE bug 1243268SUSE bug 1243274SUSE bug 1243297SUSE bug 1243802SUSE bug 1244561SUSE bug 1244564SUSE bug 1244565SUSE bug 1244566SUSE bug 1244567SUSE bug 1244568SUSE bug 1244570SUSE bug 1244571SUSE bug 1244572SUSE bug 1244574SUSE bug 1244575CVE-2024-38822 at SUSECVE-2024-38822 at NVDCVE-2024-38823 at SUSECVE-2024-38823 at NVDCVE-2024-38824 at SUSECVE-2024-38824 at NVDCVE-2024-38825 at SUSECVE-2024-38825 at NVDCVE-2025-22236 at SUSECVE-2025-22236 at NVDCVE-2025-22237 at SUSECVE-2025-22237 at NVDCVE-2025-22238 at SUSECVE-2025-22238 at NVDCVE-2025-22239 at SUSECVE-2025-22239 at NVDCVE-2025-22240 at SUSECVE-2025-22240 at NVDCVE-2025-22241 at SUSECVE-2025-22241 at NVDCVE-2025-22242 at SUSECVE-2025-22242 at NVDCVE-2025-22870 at SUSECVE-2025-22870 at NVDCVE-2025-47287 at SUSECVE-2025-47287 at NVDcpe:/o:suse:sl-micro:6.0Security update for jq (Moderate)SUSE Linux Micro 6.0
This update for jq fixes the following issues:
- CVE-2024-23337: Fixed signed integer overflow in jv.c:jvp_array_write (bsc#1243450)
ModerateSUSE bug 1243450CVE-2024-23337 at SUSECVE-2024-23337 at NVDcpe:/o:suse:sl-micro:6.0Security update for gstreamer-plugins-base (Moderate)SUSE Linux Micro 6.0
This update for gstreamer-plugins-base fixes the following issues:
- CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser (bsc#1244403)
- CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser (bsc#1244404)
- CVE-2025-47806: Fixed Stack buffer overflow in SubRip subtitle parser (bsc#1244407)
ModerateSUSE bug 1244403SUSE bug 1244404SUSE bug 1244407CVE-2025-47806 at SUSECVE-2025-47806 at NVDCVE-2025-47807 at SUSECVE-2025-47807 at NVDCVE-2025-47808 at SUSECVE-2025-47808 at NVDcpe:/o:suse:sl-micro:6.0Security update for glib2 (Important)SUSE Linux Micro 6.0
This update for glib2 fixes the following issues:
- CVE-2025-4373: Fixed buffer underflow through glib/gstring.c via
function g_string_insert_unichar (bsc#1242844)
- CVE-2025-6052: Fixed integer overflow in g_string_maybe_expand()
leads to potential buffer overflow in GString (bsc#1244596)
ImportantSUSE bug 1242844SUSE bug 1244596CVE-2025-4373 at SUSECVE-2025-4373 at NVDCVE-2025-6052 at SUSECVE-2025-6052 at NVDcpe:/o:suse:sl-micro:6.0Security update for jbigkit (Moderate)SUSE Linux Micro 6.0
This update for jbigkit fixes the following issues:
- Updated to version 2.1:
* CVE-2022-1210: Fixed denial of service in TIFF File Handler (bsc#1198146)
ModerateSUSE bug 1198146CVE-2022-1210 at SUSECVE-2022-1210 at NVDcpe:/o:suse:sl-micro:6.0Security update for docker (Moderate)SUSE Linux Micro 6.0
This update for docker fixes the following issues:
- Update to Go 1.24 for builds, to match upstream.
- Update to Docker 28.3.2-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2832>
- Update to Docker 28.3.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2831>
- Update to Docker 28.3.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2830>
bsc#1246556
- Update to docker-buildx v0.25.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.25.0>
- CVE-2025-22872: golang.org/x/net/html: Fixed incorrectly interpreted tags
causing content to be placed wrong scope during DOM construction (bsc#1241830)
- Do not try to inject SUSEConnect secrets when in Rootless Docker mode, as
Docker does not have permission to access the host zypper credentials in this
mode (and unprivileged users cannot disable the feature using
/etc/docker/suse-secrets-enable.) bsc#1240150
- Always clear SUSEConnect suse_* secrets when starting containers regardless
of whether the daemon was built with SUSEConnect support. Not doing this
causes containers from SUSEConnect-enabled daemons to fail to start when
running with SUSEConnect-disabled (i.e. upstream) daemons.
This was a long-standing issue with our secrets support but until recently
this would've required migrating from SLE packages to openSUSE packages
(which wasn't supported). However, as SLE Micro 6.x and SLES 16 will move
away from in-built SUSEConnect support, this is now a practical issue users
will run into. bsc#1244035
ModerateSUSE bug 1240150SUSE bug 1241830SUSE bug 1242114SUSE bug 1243833SUSE bug 1244035SUSE bug 1246556CVE-2025-22872 at SUSECVE-2025-22872 at NVDcpe:/o:suse:sl-micro:6.0Security update for grub2 (Important)SUSE Linux Micro 6.0
This update for grub2 fixes the following issues:
- CVE-2025-4382: Fixed TPM auto-decryption data exposure (bsc#1242971)
- Filter out the non-subvolume btrfs mount points when creating the
relative path (bsc#1239674)
- CVE-2024-45781: Fixed ufs strcpy overflow (bsc#1233617)
- CVE-2024-56737: Fixed heap-based buffer overflow in fs/hfs.c via
crafted sblock data in an HFS filesystem (bsc#1234958)
- CVE-2024-45782: Fixed hfs strcpy overflow (bsc#1233615)
- CVE-2024-45780: Fixed overflow in tar/cpio(bsc#1233614)
- CVE-2024-45783: Fixed hfsplus refcount overflow (bsc#1233616)
- CVE-2025-0624: Fixed out-of-bounds write in grub_net_search_config_file() (bsc#1236316)
- CVE-2024-45774: Fixed heap overflows in JPEG parser (bsc#1233609)
- CVE-2024-45775: Fixed missing NULL check in extcmd parser (bsc#1233610)
- CVE-2025-0622: Fixed command/gpg: Use-after-free due to hooks not being removed on module unload (bsc#1236317)
- CVE-2024-45776: Fixed overflow in .MO file (gettext) handling (bsc#1233612)
- CVE-2024-45777: Fixed integer overflow in gettext (bsc#1233613)
- CVE-2025-0690: Fixed integer overflow in read that may lead to out-of-bounds write (bsc#1237012)
- CVE-2025-1118: Fixed commands/dump: The dump command is not in lockdown when secure boot is enabled(bsc#1237013)
- CVE-2024-45778: Fixed bfs filesystem not fuzzing stable (bsc#1233606)
- CVE-2024-45779: Fixed bfs heap overflow (bsc#1233608)
- CVE-2025-0677: Fixed integer overflow that may lead to heap based
out-of-bounds write when handling symlinks in ufs (bsc#1237002)
- CVE-2025-0684: Fixed reiserfs: Integer overflow when handling symlinks
may lead to heap based out-of-bounds write when reading data (bsc#1237008)
- CVE-2025-0685: Fixed jfs: Integer overflow when handling symlinks may
lead to heap based out-of-bounds write when reading data (bsc#1237009)
- CVE-2025-0686: Fixed romfs: Integer overflow when handling symlinks
may lead to heap based out-of-bounds write when reading data (bsc#1237010)
- CVE-2025-0689: Fixed udf: Heap based buffer overflow in
grub_udf_read_block() may lead to arbitrary code execution (bsc#1237011)
- CVE-2025-1125: Fixed fs/hfs: Interger overflow may lead to heap based out-of-bounds write (bsc#1237014)
- CVE-2025-0678: Fixed squash4: Integer overflow may lead to heap based out-of-bounds write when reading data (bsc#1237006)
- Bump upstream SBAT generation to 5 to block older grub2 versions.
- CVE-2024-49504: Fixed Bypassing TPM-bound disk encryption on SL(E)M encrypted Images (bsc#1229163) (bsc#1229164)
- Restrict CLI access if the encrypted root device is automatically unlocked by
the TPM. LUKS password authentication is required for access to be granted
- Obsolete, as CLI access is now locked and granted access no longer requires
the previous restrictions
ImportantSUSE bug 1229163SUSE bug 1229164SUSE bug 1233606SUSE bug 1233608SUSE bug 1233609SUSE bug 1233610SUSE bug 1233612SUSE bug 1233613SUSE bug 1233614SUSE bug 1233615SUSE bug 1233616SUSE bug 1233617SUSE bug 1234958SUSE bug 1236316SUSE bug 1236317SUSE bug 1237002SUSE bug 1237006SUSE bug 1237008SUSE bug 1237009SUSE bug 1237010SUSE bug 1237011SUSE bug 1237012SUSE bug 1237013SUSE bug 1237014SUSE bug 1239674SUSE bug 1242971CVE-2024-45774 at SUSECVE-2024-45774 at NVDCVE-2024-45775 at SUSECVE-2024-45775 at NVDCVE-2024-45776 at SUSECVE-2024-45776 at NVDCVE-2024-45777 at SUSECVE-2024-45777 at NVDCVE-2024-45778 at SUSECVE-2024-45778 at NVDCVE-2024-45779 at SUSECVE-2024-45779 at NVDCVE-2024-45780 at SUSECVE-2024-45780 at NVDCVE-2024-45781 at SUSECVE-2024-45781 at NVDCVE-2024-45782 at SUSECVE-2024-45782 at NVDCVE-2024-45783 at SUSECVE-2024-45783 at NVDCVE-2024-49504 at SUSECVE-2024-49504 at NVDCVE-2024-56737 at SUSECVE-2024-56737 at NVDCVE-2025-0622 at SUSECVE-2025-0622 at NVDCVE-2025-0624 at SUSECVE-2025-0624 at NVDCVE-2025-0677 at SUSECVE-2025-0677 at NVDCVE-2025-0678 at SUSECVE-2025-0678 at NVDCVE-2025-0684 at SUSECVE-2025-0684 at NVDCVE-2025-0685 at SUSECVE-2025-0685 at NVDCVE-2025-0686 at SUSECVE-2025-0686 at NVDCVE-2025-0689 at SUSECVE-2025-0689 at NVDCVE-2025-0690 at SUSECVE-2025-0690 at NVDCVE-2025-1118 at SUSECVE-2025-1118 at NVDCVE-2025-1125 at SUSECVE-2025-1125 at NVDCVE-2025-4382 at SUSECVE-2025-4382 at NVDcpe:/o:suse:sl-micro:6.0Security update for libvirt (Important)SUSE Linux Micro 6.0
This update for libvirt fixes the following issues:
Security issue fixed:
- CVE-2024-4418: rpc: ensure temporary GSource is removed from client event loop (bsc#1223849)
Non-security issue fixed:
- libxl: Fix domxml-to-native conversion (bsc#1222584)
- qemu: Fix migration with custom XML (bsc#1226492)
ImportantSUSE bug 1222584SUSE bug 1223849SUSE bug 1226492CVE-2024-4418 at SUSECVE-2024-4418 at NVDcpe:/o:suse:sl-micro:6.0Security update for pam-config (Important)SUSE Linux Micro 6.0
This update for pam-config fixes the following issues:
- CVE-2025-6018: Stop adding pam_env in AUTH stack, and be sure to put this module at the
really end of the SESSION stack. (bsc#1243226)
ImportantSUSE bug 1243226CVE-2025-6018 at SUSECVE-2025-6018 at NVDcpe:/o:suse:sl-micro:6.0Security update for protobuf (Important)SUSE Linux Micro 6.0
This update for protobuf fixes the following issues:
- CVE-2025-4565: Fixed a crash due to RecursionError (bsc#1244663)
ImportantSUSE bug 1244663CVE-2025-4565 at SUSECVE-2025-4565 at NVDcpe:/o:suse:sl-micro:6.0Security update for ignition (Important)SUSE Linux Micro 6.0
This update for ignition fixes the following issues:
- CVE-2025-22870: golang.org/x/net/http/httpproxy: Fixed proxy bypass
using IPv6 zone IDs (bsc#1238681)
- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory
consumption during token parsing (bsc#1239192)
ImportantSUSE bug 1238681SUSE bug 1239192CVE-2025-22868 at SUSECVE-2025-22868 at NVDCVE-2025-22870 at SUSECVE-2025-22870 at NVDcpe:/o:suse:sl-micro:6.0Security update for helm (Important)SUSE Linux Micro 6.0
This update for helm fixes the following issues:
Update to version 3.18.4 (bsc#1246152, CVE-2025-53547):
* Disabling linter due to unknown issue f20a4ad (Matt Farina)
* build(deps): bump the k8s-io group with 7 updates 563b094
(dependabot[bot])
* Updating link handling 00de613 (Matt Farina)
Update to version 3.18.3:
* build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
6838ebc (dependabot[bot])
* fix: user username password for login 5b9e2f6 (Terry Howe)
* Update pkg/registry/transport.go 2782412 (Terry Howe)
* Update pkg/registry/transport.go e66cf6a (Terry Howe)
* fix: add debug logging to oci transport 191f05c (Terry Howe)
Update to version 3.18.2:
* fix: legacy docker support broken for login 04cad46 (Terry
Howe)
* Handle an empty registry config file. bc9f8a2 (Matt Farina)
Update to version 3.18.1:
* Notes:
- This release fixes regressions around template generation and
OCI registry interaction in 3.18.0
- There are at least 2 known regressions unaddressed in this
release. They are being worked on.
- Empty registry configuration files. When the file exists
but it is empty.
- Login to Docker Hub on some domains fails.
* Changelog
- fix(client): skipnode utilization for PreCopy
- fix(client): layers now returns manifest - remove duplicate
from descriptors
- fix(client): return nil on non-allowed media types
- Prevent fetching newReference again as we have in calling
method
- Prevent failure when resolving version tags in oras memory
store
- Update pkg/plugin/plugin.go
- Update pkg/plugin/plugin.go
- Wait for Helm v4 before raising when platformCommand and
Command are set
- Fix 3.18.0 regression: registry login with scheme
- Revert "fix (helm) : toToml` renders int as float [ backport
to v3 ]"
Update to version 3.18.0 (bsc#1241802, CVE-2025-22872):
* Notable Changes:
- Add support for JSON Schema 2020
- Enabled cpu and memory profiling
- Add hook annotation to output hook logs to client on error
* Changelog:
- build(deps): bump the k8s-io group with 7 updates
- fix: govulncheck workflow
- bump version to v3.18.0
- fix:add proxy support when mTLS configured
- docs: Note about http fallback for OCI registries
- Bump net package to avoid CVE on dev-v3
- Bump toml
- backport #30677to dev3
- build(deps): bump github.com/rubenv/sql-migrate from 1.7.2 to
1.8.0
- Add install test for TakeOwnership flag
- Fix --take-ownership
- build(deps): bump github.com/rubenv/sql-migrate from 1.7.1 to
1.7.2
- build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0
- build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0
- Testing text bump
- Permit more Go version and not only 1.23.8
- Bumps github.com/distribution/distribution/v3 from 3.0.0-rc.3
to 3.0.0
- Unarchiving fix
- Fix typo
- Report as debug log, the time spent waiting for resources
- build(deps): bump github.com/containerd/containerd from
1.7.26 to 1.7.27
- Update pkg/registry/fallback.go
- automatic fallback to http
- chore(oci): upgrade to ORAS v2
- Updating to 0.37.0 for x/net
- build(deps): bump the k8s-io group with 7 updates
- build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0
- build(deps): bump github.com/opencontainers/image-spec
- build(deps): bump github.com/containerd/containerd from
1.7.25 to 1.7.26
- build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0
- Fix cherry-pick helm.sh/helm/v4 -> helm.sh/helm/v3
- Refactor based on review comment
- Refactor based on review comment
- Add HookOutputFunc and generic yaml unmarshaller
- clarify fix error message
- fix err check
- remove comments about previous functionality
- add short circuit return
- Update based on review comments
- Update based on review comments
- Fix lint
- Tidy up imports
- Add hook annotations to output pod logs to client on success
and fail
- chore: use []error instead of []string
- Update cmd/helm/profiling.go
- chore: update profiling doc in CONTRIBUTING.md
- Update CONTRIBUTING guide
- Prefer environment variables to CLI flags
- Fix linter warning
- Move pprof paths to HELM_PPROF env variable
- Update CONTRIBUTING.md
- Update CONTRIBUTING.md
- Additional review fixes from PR
- feat: Add flags to enable CPU and memory profiling
- build(deps): bump github.com/distribution/distribution/v3
- build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1
- Moving to SetOut and SetErr for Cobra
- build(deps): bump the k8s-io group with 7 updates
- build(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0
- build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0
- build(deps): bump golang.org/x/text from 0.21.0 to 0.22.0
- build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
- build(deps): bump github.com/cyphar/filepath-securejoin
- build(deps): bump github.com/evanphx/json-patch
- build(deps): bump the k8s-io group with 7 updates
- fix: check group for resource info match
- Bump github.com/cyphar/filepath-securejoin from 0.3.6 to
0.4.0
- add test for nullifying nested global value
- Ensuring the file paths are clean prior to passing to
securejoin
- Bump github.com/containerd/containerd from 1.7.24 to 1.7.25
- Bump golang.org/x/crypto from 0.31.0 to 0.32.0
- Bump golang.org/x/term from 0.27.0 to 0.28.0
- bump version to v3.17.0
- Bump github.com/moby/term from 0.5.0 to 0.5.2
- Add test case for removing an entire object
- Tests for bugfix: Override subcharts with null values #12879
- feat: Added multi-platform plugin hook support to v3
- This commit fixes the issue where the yaml.Unmarshaller
converts all int values into float64, this passes in option
to decoder, which enables conversion of int into .
- merge null child chart objects
Update to version 3.17.3:
Helm v3.17.3 is a security (patch) release. Users are strongly
recommended to update to this release.
* Changelog
- Unarchiving fix e4da497 (Matt Farina)
ImportantSUSE bug 1241802SUSE bug 1246152CVE-2025-22872 at SUSECVE-2025-22872 at NVDCVE-2025-53547 at SUSECVE-2025-53547 at NVDcpe:/o:suse:sl-micro:6.0Security update for coreutils (Moderate)SUSE Linux Micro 6.0
This update for coreutils fixes the following issues:
- CVE-2025-5278: Fixed heap buffer under-read ledaing to a
crash or leak sensitive data (bsc#1243767)
ModerateSUSE bug 1243767CVE-2025-5278 at SUSECVE-2025-5278 at NVDcpe:/o:suse:sl-micro:6.0Security update for opensc (Moderate)SUSE Linux Micro 6.0
This update for opensc fixes the following issues:
- CVE-2023-5992: Fixed side-channel leaks while stripping
encryption PKCS#1 padding (bsc#1219386)
ModerateSUSE bug 1219386CVE-2023-5992 at SUSECVE-2023-5992 at NVDcpe:/o:suse:sl-micro:6.0Security update for xz (Important)SUSE Linux Micro 6.0
This update for xz fixes the following issues:
- CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset (bsc#1240414)
ImportantSUSE bug 1240414CVE-2025-31115 at SUSECVE-2025-31115 at NVDcpe:/o:suse:sl-micro:6.0Security update for systemd (Moderate)SUSE Linux Micro 6.0
This update for systemd fixes the following issues:
- Remove the script used to help migrating the language and locale settings
located in /etc/sysconfig/language on old systems to the systemd default
locations (bsc#1247074)
The script was introduced more than 7 years ago and all systems running TW
should have been migrated since then. Moreover the installer supports the
systemd default locations since approximately SLE15.
- triggers.systemd: skip update of hwdb, journal-catalog if executed during an
offline update.
- logs-show: get timestamp and boot ID only when necessary (bsc#1242827)
- sd-journal: drop to use Hashmap to manage journal files per boot ID
- tree-wide: set SD_JOURNAL_ASSUME_IMMUTABLE where appropriate
- sd-journal: introduce SD_JOURNAL_ASSUME_IMMUTABLE flag
- sd-journal: make journal_file_read_tail_timestamp() notify to the caller that some new journal entries added
- sd-journal: cache last entry offset and journal file state
- sd-journal: fix typo in function name
- coredump: use %d in kernel core pattern (bsc#1243935 CVE-2025-4598)
ModerateSUSE bug 1242827SUSE bug 1243935SUSE bug 1247074CVE-2025-4598 at SUSECVE-2025-4598 at NVDcpe:/o:suse:sl-micro:6.0Security update for libxslt (Important)SUSE Linux Micro 6.0
This update for libxslt fixes the following issues:
- CVE-2025-7424: Fixed type confusion in xmlNode.psvi between
stylesheet and source nodes (bsc#1246360)
ImportantSUSE bug 1246360CVE-2025-7424 at SUSECVE-2025-7424 at NVDcpe:/o:suse:sl-micro:6.0Security update for libssh (Important)SUSE Linux Micro 6.0
This update for libssh fixes the following issues:
- CVE-2025-5372: ssh_kdf() returns a success code on certain failures (bsc#1245314)
- CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend (bsc#1245317)
- CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions (bsc#1245309)
- CVE-2025-4878: Use of uninitialized variable in privatekey_from_file() (bsc#1245310)
- CVE-2025-5318: Likely read beyond bounds in sftp server handle management (bsc#1245311)
- CVE-2025-5351: Double free in functions exporting keys (bsc#1245312)
ImportantSUSE bug 1245309SUSE bug 1245310SUSE bug 1245311SUSE bug 1245312SUSE bug 1245314SUSE bug 1245317CVE-2025-4877 at SUSECVE-2025-4877 at NVDCVE-2025-4878 at SUSECVE-2025-4878 at NVDCVE-2025-5318 at SUSECVE-2025-5318 at NVDCVE-2025-5351 at SUSECVE-2025-5351 at NVDCVE-2025-5372 at SUSECVE-2025-5372 at NVDCVE-2025-5987 at SUSECVE-2025-5987 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-urllib3 (Moderate)SUSE Linux Micro 6.0
This update for python-urllib3 fixes the following issues:
- CVE-2025-50181: * Pool managers now properly control redirects when retries is passed (GHSA-pq67-6m6q-mj2v, bsc#1244925)
ModerateSUSE bug 1244925CVE-2025-50181 at SUSECVE-2025-50181 at NVDcpe:/o:suse:sl-micro:6.0Security update for dpkg (Moderate)SUSE Linux Micro 6.0
This update for dpkg fixes the following issues:
- CVE-2025-6297: Fixed improper sanitization of directory permissions leading to
DoS via disk quota exhaustion due to files left behind on cleanup (bsc#1245573)
ModerateSUSE bug 1245573CVE-2025-6297 at SUSECVE-2025-6297 at NVDcpe:/o:suse:sl-micro:6.0Security update for polkit (Important)SUSE Linux Micro 6.0
This update for polkit fixes the following issues:
- CVE-2025-7519: Fixed that a XML policy file with a large number of
nested elements may lead to out-of-bounds write (bsc#1246472)
ImportantSUSE bug 1246472CVE-2025-7519 at SUSECVE-2025-7519 at NVDcpe:/o:suse:sl-micro:6.0Security update for gnutls (Important)SUSE Linux Micro 6.0
This update for gnutls fixes the following issues:
- CVE-2025-32988: Fixed double-free due to incorrect ownership handling (bsc#1246232)
- CVE-2025-32989: Fixed heap buffer overread during X.509 certificate parsing (bsc#1246233)
- CVE-2025-32990: Fixed 1-byte heap buffer overflow when parsing templates with certtool (bsc#1246267)
- CVE-2025-6395: Fixed NULL pointer dereference when 2nd Client Hello omits PSK (bsc#1246299)
ImportantSUSE bug 1246232SUSE bug 1246233SUSE bug 1246267SUSE bug 1246299CVE-2025-32988 at SUSECVE-2025-32988 at NVDCVE-2025-32989 at SUSECVE-2025-32989 at NVDCVE-2025-32990 at SUSECVE-2025-32990 at NVDCVE-2025-6395 at SUSECVE-2025-6395 at NVDcpe:/o:suse:sl-micro:6.0Security update for libarchive (Moderate)SUSE Linux Micro 6.0
This update for libarchive fixes the following issues:
- CVE-2025-5914: Fixed double free due to an integer overflow in
the archive_read_format_rar_seek_data() function (bsc#1244272)
- CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window()
at archive_read_support_format_rar.c (bsc#1244273)
- CVE-2025-5916: Fixed integer overflow while reading warc files at
archive_read_support_format_warc.c (bsc#1244270)
- CVE-2025-5917: Fixed off by one error in build_ustar_entry_name()
at archive_write_set_format_pax.c (bsc#1244336)
- CVE-2025-5918: Fixed past EOF read triggered for piped file
streams (bsc#1244279)
ModerateSUSE bug 1244270SUSE bug 1244272SUSE bug 1244273SUSE bug 1244279SUSE bug 1244336CVE-2025-5914 at SUSECVE-2025-5914 at NVDCVE-2025-5915 at SUSECVE-2025-5915 at NVDCVE-2025-5916 at SUSECVE-2025-5916 at NVDCVE-2025-5917 at SUSECVE-2025-5917 at NVDCVE-2025-5918 at SUSECVE-2025-5918 at NVDcpe:/o:suse:sl-micro:6.0Security update for sqlite3 (Important)SUSE Linux Micro 6.0
This update for sqlite3 fixes the following issues:
- Update to 3.50.2:
* Fix the concat_ws() SQL function so that it includes empty
strings in the concatenation.
* Avoid writing frames with no checksums into the wal file if a
savepoint is rolled back after dirty pages have already been
spilled into the wal file.
* Fix the Bitvec object to avoid stack overflow when the
database is within 60 pages of its maximum size.
* Fix a problem with UPDATEs on fts5 tables that contain BLOB
values.
* Fix an issue with transitive IS constraints on a RIGHT JOIN.
* CVE-2025-6965: Fixed Integer Truncation in SQLite (bsc#1246597)
* Ensure that sqlite3_setlk_timeout() holds the database mutex.
- Update to 3.50 (3.50.1):
* Improved handling and robust output of control characters
* sqlite3_rsync no longer requires WAL mode and needs less
bandwidth
* Bug fixes and optimized JSON handling
* Performance optimizations and developer visible fixes
- Update to release 3.49.2:
* Fix a bug in the NOT NULL optimization of version 3.40.0 that
can lead to a memory error if abused.
* Fix the count-of-view optimization so that it does not give an
incorrect answer for a DISTINCT query.
* Fix a possible incorrect answer that can result if a UNIQUE
constraint of a table contains the PRIMARY KEY column and that
UNIQUE constraint is used by an IN operator.
* Fix obscure problems with the generate_series() extension
function.
* Incremental improvements to the configure/make.
- Add subpackage for the lemon parser generator.
ImportantSUSE bug 1246597CVE-2025-6965 at SUSECVE-2025-6965 at NVDcpe:/o:suse:sl-micro:6.0Security update for libxml2 (Important)SUSE Linux Micro 6.0
This update for libxml2 fixes the following issues:
- CVE-2025-6021: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 [bsc#1244580]
- CVE-2025-6170: stack buffer overflow may lead to a crash [bsc#1244700]
- CVE-2025-7425: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr [bsc#1246296]
- CVE-2025-49794: heap use after free (UAF) can lead to Denial of service (DoS) [bsc#1244554]
- CVE-2025-49795: null pointer dereference may lead to Denial of service (DoS) [bsc#1244555]
- CVE-2025-49796: type confusion may lead to Denial of service (DoS) [bsc#1244557]
ImportantSUSE bug 1244554SUSE bug 1244555SUSE bug 1244557SUSE bug 1244580SUSE bug 1244700SUSE bug 1246296CVE-2025-49794 at SUSECVE-2025-49794 at NVDCVE-2025-49795 at SUSECVE-2025-49795 at NVDCVE-2025-49796 at SUSECVE-2025-49796 at NVDCVE-2025-6021 at SUSECVE-2025-6021 at NVDCVE-2025-6170 at SUSECVE-2025-6170 at NVDCVE-2025-7425 at SUSECVE-2025-7425 at NVDcpe:/o:suse:sl-micro:6.0Security update for selinux-policy (Important)SUSE Linux Micro 6.0
This update for selinux-policy fixes the following issues:
Update to version 20230523+git25.ad22dd7f:
* Backport wtmpdb label change to have the same wtmpdb label
as in SL Micro 6.1 (bsc#1229132)
* Add auth_rw_wtmpdb_login_records to domains using auth_manage_login_records
* Add auth_rw_wtmpdb_login_records to modules
* Allow xdm_t to read-write to wtmpdb (bsc#1225984)
* Introduce types for wtmpdb and rw interface
* Introduce wtmp_file_type attribute
* Revert "Add policy for wtmpdb (bsc#1210717)"
Update to version 20230523+git18.f44daf8a:
* Provide type for sysstat lock files (bsc#1228247)
Update to version 20230523+git16.0849f54c:
* allow firewalld access to /dev/random and write HW acceleration logs
(bsc#1215405, bsc#1227930)
ImportantSUSE bug 1210717SUSE bug 1215405SUSE bug 1225984SUSE bug 1227930SUSE bug 1228247SUSE bug 1229132cpe:/o:suse:sl-micro:6.0Security update for docker (Moderate)SUSE Linux Micro 6.0
This update for docker fixes the following issues:
- Update to Docker 28.3.3-ce:
* CVE-2025-54388: firewalld reload can make published container
ports accessible from remote hosts (bsc#1247367)
- Update to docker-buildx v0.26.1.
ModerateSUSE bug 1247367CVE-2025-54388 at SUSECVE-2025-54388 at NVDcpe:/o:suse:sl-micro:6.0Security update for net-tools (Moderate)SUSE Linux Micro 6.0
This update for net-tools fixes the following issues:
- Provide more readable error for interface name size checking (bsc#1243581)
- Perform bound checks when parsing interface labels in
/proc/net/dev (bsc#1243581, bsc#1246608. CVE-2025-46836)
ModerateSUSE bug 1243581SUSE bug 1246608CVE-2025-46836 at SUSECVE-2025-46836 at NVDcpe:/o:suse:sl-micro:6.0Security update for python311 (Important)SUSE Linux Micro 6.0
This update for python311 fixes the following issues:
- CVE-2025-8194: Fixed infinite loop and deadlock caused by tar
archives with negative offsets (bsc#1247249)
ImportantSUSE bug 1247249CVE-2025-8194 at SUSECVE-2025-8194 at NVDcpe:/o:suse:sl-micro:6.0Security update for expat (Important)SUSE Linux Micro 6.0
This update for expat fixes the following issues:
- CVE-2024-45492: detect integer overflow in function nextScaffoldPart (bsc#1229932)
- CVE-2024-45491: detect integer overflow in dtdCopy (bsc#1229931)
- CVE-2024-45490: reject negative len for XML_ParseBuffer (bsc#1229930)
- CVE-2024-28757: XML Entity Expansion attack when there is isolated use of external parsers (bsc#1221289)
ImportantSUSE bug 1221289SUSE bug 1229930SUSE bug 1229931SUSE bug 1229932CVE-2024-28757 at SUSECVE-2024-28757 at NVDCVE-2024-45490 at SUSECVE-2024-45490 at NVDCVE-2024-45491 at SUSECVE-2024-45491 at NVDCVE-2024-45492 at SUSECVE-2024-45492 at NVDcpe:/o:suse:sl-micro:6.0Security update for grub2 (Moderate)SUSE Linux Micro 6.0
This update for grub2 fixes the following issues:
- CVE-2024-56738: Side-channel attack due to not constant-timealgorithm in grub_crypto_memcmp (bsc#1234959).
ModerateSUSE bug 1234959CVE-2024-56738 at SUSECVE-2024-56738 at NVDcpe:/o:suse:sl-micro:6.0Security update for jq (Moderate)SUSE Linux Micro 6.0
This update for jq fixes the following issues:
- CVE-2025-48060: Fixed stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (bsc#1244116).
ModerateSUSE bug 1244116CVE-2025-48060 at SUSECVE-2025-48060 at NVDcpe:/o:suse:sl-micro:6.0Security update for cloud-init (Important)SUSE Linux Micro 6.0
This update for cloud-init fixes the following issues:
Update to version 25.1.3:
- CVE-2024-6174: Unpriveleged user could trigger hotplug-hook commands (bsc#1245403).
None security fixes:
- Rebase cloud-init to 24.4 or higher (bsc#1239715, jsc#PED-8680).
- Fixed cloud-init --debug status (bsc#1228414).
- Using ssh_pwauth: True in cloud-init breaks ssh for root (bsc#1237764).
- Fixed FileNotFoundError (bsc#1236720).
- Fixed python 3.13 support (bsc#1233649).
ImportantSUSE bug 1228414SUSE bug 1233649SUSE bug 1236720SUSE bug 1237764SUSE bug 1239715SUSE bug 1245403CVE-2023-1786 at SUSECVE-2023-1786 at NVDCVE-2024-11584 at SUSECVE-2024-11584 at NVDCVE-2024-6174 at SUSECVE-2024-6174 at NVDcpe:/o:suse:sl-micro:6.0Security update for aide (Moderate)SUSE Linux Micro 6.0
This update for aide fixes the following issues:
- CVE-2025-54389: Escape control characters in report and log output (bsc#1247884).
- CVE-2025-54409: Fix null pointer dereference after reading incorrectly encoded xattr attributes from database (bsc#1247885).
ModerateSUSE bug 1247884SUSE bug 1247885CVE-2025-54389 at SUSECVE-2025-54389 at NVDCVE-2025-54409 at SUSECVE-2025-54409 at NVDcpe:/o:suse:sl-micro:6.0Security update for libxml2 (Moderate)SUSE Linux Micro 6.0
This update for libxml2 fixes the following issues:
- CVE-2024-34459: Fixed buffer over-read in (bsc#1224282)
ModerateSUSE bug 1224282CVE-2024-34459 at SUSECVE-2024-34459 at NVDcpe:/o:suse:sl-micro:6.0Security update for podman (Critical)SUSE Linux Micro 6.0
This update for podman fixes the following issues:
- CVE-2025-6032: Machine init command fails to verify TLS certificate when downloading VM images from an OCI registry (bsc#1245320).
CriticalSUSE bug 1245320CVE-2025-6032 at SUSECVE-2025-6032 at NVDcpe:/o:suse:sl-micro:6.0Security update for gstreamer (Important)SUSE Linux Micro 6.0
This update for gstreamer fixes the following issues:
- CVE-2024-47606: Avoid integer overflow when allocating sysmem (bsc#1234449).
ImportantSUSE bug 1234449CVE-2024-47606 at SUSECVE-2024-47606 at NVDcpe:/o:suse:sl-micro:6.0Security update for gdk-pixbuf (Important)SUSE Linux Micro 6.0
This update for gdk-pixbuf fixes the following issues:
- CVE-2025-7345: Uninitialized memory could lead to leak arbitrary memory contents (bsc#1246114).
- CVE-2025-6199: Heap buffer overflow within the gdk_pixbuf__jpeg_image_load_increment function (bsc#1245227).
ImportantSUSE bug 1245227SUSE bug 1246114CVE-2025-6199 at SUSECVE-2025-6199 at NVDCVE-2025-7345 at SUSECVE-2025-7345 at NVDcpe:/o:suse:sl-micro:6.0Security update for vim (Moderate)SUSE Linux Micro 6.0
This update for vim fixes the following issues:
- CVE-2025-53906: Fixed malicious zip archive causing path traversal (bsc#1246602)
- CVE-2025-53905: Fixed malicious tar archive causing path traversal (bsc#1246604)
- CVE-2025-55157: Fixed use-after-free in internal tuple reference management (bsc#1247938)
- CVE-2025-55158: Fixed double-free in internal typed value (typval_T) management (bsc#1247939)
- Update to 9.1.1629:
9.1.1629: Vim9: Not able to use more than 10 type arguments in a generic function
9.1.1628: fuzzy.c has a few issues
9.1.1627: fuzzy matching can be improved
9.1.1626: cindent: does not handle compound literals
9.1.1625: Autocompletion slow with include- and tag-completion
9.1.1624: Cscope not enabled on MacOS
9.1.1623: Buffer menu does not handle unicode names correctly
9.1.1622: Patch v9.1.1432 causes performance regressions
9.1.1621: flicker in popup menu during cmdline autocompletion
9.1.1620: filetype: composer.lock and symfony.lock files not recognized
9.1.1619: Incorrect E535 error message
9.1.1618: completion: incorrect selected index returned from complete_info()
9.1.1617: Vim9: some error messages can be improved
9.1.1616: xxd: possible buffer overflow with bitwise output
9.1.1615: diff format erroneously detected
9.1.1614: Vim9: possible variable type change
9.1.1613: tests: test_search leaves a few swapfiles behind
9.1.1612: Ctrl-G/Ctrl-T do not ignore the end search delimiter
9.1.1611: possible undefined behaviour in mb_decompose()
9.1.1610: completion: hang or E684 when 'tagfunc' calls complete()
9.1.1609: complete: Heap-buffer overflow with complete function
9.1.1608: No command-line completion for :unsilent {command}
9.1.1607: :apple command detected as :append
9.1.1606: filetype: a few more files are not recognized
9.1.1605: cannot specify scope for chdir()
9.1.1604: completion: incsearch highlight might be lost
9.1.1603: completion: cannot use autoloaded funcs in 'complete' F{func}
9.1.1602: filetype: requirements-*.txt files are not recognized
9.1.1601: Patch v8.1.0425 was wrong
9.1.1600: using diff anchors with hidden buffers fails silently
9.1.1599: :bnext doesn't go to unlisted help buffers
9.1.1598: filetype: waybar config file is not recognized
9.1.1597: CI reports leaks in libgtk3 library
9.1.1596: tests: Test_search_wildmenu_iminsert() depends on help file
9.1.1595: Wayland: non-portable use of select()
9.1.1594: completion: search completion throws errors
9.1.1593: Confusing error when compiling incomplete try block
9.1.1592: Vim9: crash with classes and garbage collection
9.1.1591: VMS support can be improved
9.1.1590: cannot perform autocompletion
9.1.1589: Cannot disable cscope interface using configure
9.1.1588: Vim9: cannot split dict inside command block
9.1.1587: Wayland: timeout not updated before select()
9.1.1586: Vim9: can define an enum/interface in a function
9.1.1585: Wayland: gvim still needs GVIM_ENABLE_WAYLAND
9.1.1584: using ints as boolean type
9.1.1583: gvim window lost its icons
9.1.1582: style issue in vim9type.c and vim9generics.c
9.1.1581: possible memory leak in vim9generics.c
9.1.1580: possible memory leak in vim9type.c
9.1.1579: Coverity complains about unchecked return value
9.1.1578: configure: comment still mentions autoconf 2.71
9.1.1577: Vim9: no generic support yet
9.1.1576: cannot easily trigger wildcard expansion
9.1.1575: tabpanel not drawn correctly with wrapped lines
9.1.1574: Dead code in mbyte.c
9.1.1573: Memory leak when pressing Ctrl-D in cmdline mode
9.1.1572: expanding $var does not escape whitespace for 'path'
9.1.1571: CmdlineChanged triggered to often
9.1.1570: Copilot suggested some improvements in cmdexpand.c
9.1.1569: tests: Vim9 tests can be improved
9.1.1568: need a few more default highlight groups
9.1.1567: crash when using inline diff mode
9.1.1566: self-referenced enum may not get freed
9.1.1565: configure: does not consider tiny version for wayland
9.1.1564: crash when opening popup to closing buffer
9.1.1563: completion: ruler may disappear
9.1.1562: close button always visible in the 'tabline'
9.1.1561: configure: wayland test can be improved
9.1.1560: configure: uses $PKG_CONFIG before it is defined
9.1.1559: tests: Test_popup_complete_info_01() fails when run alone
9.1.1558: str2blob() treats NULL string and empty string differently
9.1.1557: not possible to anchor specific lines in difff mode
9.1.1556: string handling in cmdexpand.c can be improved
9.1.1555: completion: repeated insertion of leader
9.1.1554: crash when omni-completion opens command-line window
9.1.1553: Vim9: crash when accessing a variable in if condition
9.1.1552: [security]: path traversal issue in tar.vim
9.1.1551: [security]: path traversal issue in zip.vim
9.1.1550: defaults: 'showcmd' is not enabled in non-compatible mode on Unix
9.1.1549: filetype: pkl files are not recognized
9.1.1548: filetype: OpenFGA files are not recognized
9.1.1547: Wayland: missing ifdef
9.1.1546: Vim9: error with has() and short circuit evaluation
9.1.1545: typo in os_unix.c
9.1.1544: :retab cannot be limited to indentation only
9.1.1543: Wayland: clipboard appears to not be working
9.1.1542: Coverity complains about uninitialized variable
9.1.1541: Vim9: error when last enum value ends with a comma
9.1.1540: completion: menu state wrong on interruption
9.1.1539: completion: messages don't respect 'shm' setting
9.1.1537: helptoc: still some issues when markdown code blocks
9.1.1536: tests: test_plugin_comment uses wrong :Check command
9.1.1535: the maximum search count uses hard-coded value 99
9.1.1534: unnecessary code in tabpanel.c
9.1.1533: helptoc: does not handle code sections in markdown well
9.1.1532: termdebug: not enough ways to configure breakpoints
9.1.1531: confusing error with nested legacy function
9.1.1530: Missing version change in v9.1.1529
9.1.1529: Win32: the toolbar in the GUI is old and dated
9.1.1528: completion: crash with getcompletion()
9.1.1527: Vim9: Crash with string compound assignment
9.1.1526: completion: search completion match may differ in case
9.1.1525: tests: testdir/ is a bit messy
9.1.1524: tests: too many imports in the test suite
9.1.1523: tests: test_clipmethod fails in non X11 environment
9.1.1522: tests: still some ANSI escape sequences in test output
9.1.1521: completion: pum does not reset scroll pos on reopen with 'noselect'
9.1.1520: completion: search completion doesn't handle 'smartcase' well
9.1.1519: tests: Test_termdebug_decimal_breakpoints() may fail
9.1.1518: getcompletiontype() may crash
9.1.1517: filetype: autopkgtest files are not recognized
9.1.1516: tests: no test that 'incsearch' is updated after search completion
9.1.1515: Coverity complains about potential unterminated strings
9.1.1514: Coverity complains about the use of tmpfile()
9.1.1513: resizing Vim window causes unexpected internal window width
9.1.1512: completion: can only complete from keyword characters
9.1.1511: tests: two edit tests change v:testing from 1 to 0
9.1.1510: Search completion may use invalid memory
9.1.1509: patch 9.1.1505 was not good
9.1.1508: string manipulation can be improved in cmdexpand.c
9.1.1507: symlinks are resolved on :cd commands
9.1.1506: tests: missing cleanup in Test_search_cmdline_incsearch_highlight()
9.1.1505: not possible to return completion type for :ex command
9.1.1504: filetype: numbat files are not recognized
9.1.1503: filetype: haxe files are not recognized
9.1.1502: filetype: quickbms files are not recognized
9.1.1501: filetype: flix files are not recognized
9.1.1500: if_python: typo in python error variable
9.1.1499: MS-Windows: no indication of ARM64 architecture
9.1.1498: completion: 'complete' funcs behave different to 'omnifunc'
9.1.1497: Link error with shm_open()
9.1.1496: terminal: still not highlighting empty cells correctly
9.1.1495: Wayland: uses $XDG_SEAT to determine seat
9.1.1494: runtime(tutor): no French translation for Chapter 2
9.1.1493: manually comparing positions on buffer
9.1.1492: tests: failure when Wayland compositor fails to start
9.1.1491: missing out-of-memory checks in cmdexpand.c
9.1.1490: 'wildchar' does not work in search contexts
9.1.1489: terminal: no visual highlight of empty cols with empty 'listchars'
9.1.1488: configure: using obsolete macro AC_PROG_GCC_TRADITIONAL
9.1.1487: :cl doesn't invoke :clist
9.1.1486: documentation issues with Wayland
9.1.1485: missing Wayland clipboard support
9.1.1484: tests: Turkish locale tests fails on Mac
9.1.1483: not possible to translation position in buffer
9.1.1482: scrolling with 'splitkeep' and line()
9.1.1481: gcc complains about uninitialized variable
9.1.1480: Turkish translation outdated
9.1.1479: regression when displaying localized percentage position
9.1.1478: Unused assignment in ex_uniq()
9.1.1476: no easy way to deduplicate text
9.1.1476: missing out-of-memory checks in cmdexpand.c
9.1.1475: completion: regression when "nearest" in 'completeopt'
9.1.1474: missing out-of-memory check in mark.c
9.1.1473: inconsistent range arg for :diffget/diffput
9.1.1472: if_python: PySequence_Fast_{GET_SIZE,GET_ITEM} removed
9.1.1471: completion: inconsistent ordering with CTRL-P
9.1.1470: use-after-free with popup callback on error
9.1.1469: potential buffer-underflow with invalid hl_id
9.1.1468: filetype: bright(er)script files are not recognized
9.1.1467: too many strlen() calls
9.1.1466: filetype: not all lex files are recognized
9.1.1465: tabpanel: not correctly drawn with 'equalalways'
9.1.1464: gv does not work in operator-pending mode
9.1.1463: Integer overflow in getmarklist() after linewise operation
9.1.1462: missing change from patch v9.1.1461
9.1.1461: tabpanel: tabpanel vanishes with popup menu
9.1.1460: MS-Windows: too many strlen() calls in os_win32.c
9.1.1459: xxd: coloring output is inefficient
9.1.1458: tabpanel: tabs not properly updated with 'stpl'
9.1.1457: compile warning with tabpanelopt
9.1.1456: comment plugin fails toggling if 'cms' contains \
9.1.1455: Haiku: dailog objects created with no reference
9.1.1454: tests: no test for pum at line break position
9.1.1453: tests: Test_geometry() may fail
9.1.1452: completion: redundant check for completion flags
9.1.1451: tabpanel rendering artifacts when scrolling
9.1.1450: Session has wrong arglist with :tcd and :arglocal
9.1.1449: typo in pum_display()
9.1.1448: tabpanel is not displayed correctly when msg_scrolled
9.1.1447: completion: crash when backspacing with fuzzy completion
9.1.1446: filetype: cuda-gdb config files are not recognized
9.1.1445: negative matchfuzzy scores although there is a match
9.1.1444: Unused assignment in set_fuzzy_score()
9.1.1443: potential buffer underflow in insertchar()
9.1.1442: tests: Test_diff_fold_redraw() is insufficient
9.1.1441: completion: code can be improved
9.1.1440: too many strlen() calls in os_win32.c
9.1.1439: Last diff folds not merged
9.1.1438: tests: Test_breakindent_list_split() fails
9.1.1437: MS-Windows: internal compile error in uc_list()
9.1.1436: GUI control code is displayed on the console on startup
9.1.1435: completion: various flaws in fuzzy completion
9.1.1434: MS-Windows: missing out-of-memory checks in os_win32.c
9.1.1433: Unnecessary :if when writing session
9.1.1432: GTK GUI: Buffer menu does not handle unicode correctly
9.1.1431: Hit-Enter Prompt when loading session files
9.1.1430: tabpanel may flicker in the GUI
9.1.1429: dragging outside the tabpanel changes tabpagenr
9.1.1428: completion: register completion needs cleanup
9.1.1427: rendering artifacts with the tabpanel
9.1.1426: completion: register contents not completed
9.1.1425: tabpanel: there are still some problems with the tabpanel
9.1.1424: PMenu selection broken with multi-line selection and limits
9.1.1423: :tag command not working correctly using Vim9 Script
9.1.1422: scheduling of complete function can be improved
9.1.1421: tests: need a test for the new-style tutor.tutor
9.1.1420: tests: could need some more tests for shebang lines
9.1.1419: It is difficult to ignore all but some events
9.1.1418: configures GUI auto detection favors GTK2
9.1.1417: missing info about register completion in complete_info()
9.1.1416: completion limits not respected for fuzzy completions
9.1.1415: potential use-after free when there is an error in 'tabpanel'
9.1.1414: MS-Windows: compile warnings in os_win32.c
9.1.1413: spurious CursorHold triggered in GUI on startup
9.1.1412: tests: Test_tabpanel_tabonly() fails on larger screens
9.1.1411: crash when calling non-existing function for tabpanel
9.1.1410: out-of-bounds access with 'completefunc'
9.1.1409: using f-flag in 'complete' conflicts with Neovim
9.1.1408: not easily possible to complete from register content
9.1.1407: Can't use getpos('v') in OptionSet when using setbufvar()
9.1.1406: crash when importing invalid tuple
9.1.1405: tests: no test for mapping with special keys in session file
9.1.1404: wrong link to Chapter 2 in new-tutor
9.1.1403: expansion of 'tabpanelopt' value adds wrong values
9.1.1402: multi-byte mappings not properly stored in session file
9.1.1401: list not materialized in prop_list()
9.1.1400: [security]: use-after-free when evaluating tuple fails
9.1.1399: tests: test_codestyle fails for auto-generated files
9.1.1398: completion: trunc does not follow Pmenu highlighting attributes
9.1.1397: tabpanel not correctly updated on :tabonly
9.1.1396: 'errorformat' is a global option
9.1.1395: search_stat not reset when pattern differs in case
9.1.1394: tabpanel not correctly redrawn on tabonly
9.1.1393: missing test for switching buffers and reusing curbuf
9.1.1392: missing patch number
9.1.1391: Vim does not have a vertical tabpanel
9.1.1390: style: more wrong indentation
9.1.1389: completion: still some issue when 'isexpand' contains a space
9.1.1388: Scrolling one line too far with 'nosmoothscroll' page scrolling
9.1.1387: memory leak when buflist_new() fails to reuse curbuf
9.1.1386: MS-Windows: some minor problems building on AARCH64
9.1.1385: inefficient loop for 'nosmoothscroll' scrolling
9.1.1384: still some problem with the new tutors filetype plugin
9.1.1383: completion: 'isexpand' option does not handle space char correct
9.1.1382: if_ruby: unused compiler warnings from ruby internals
9.1.1381: completion: cannot return to original text
9.1.1380: 'eventignorewin' only checked for current buffer
9.1.1379: MS-Windows: error when running evim when space in path
9.1.1378: sign without text overwrites number option
9.1.1377: patch v9.1.1370 causes some GTK warning messages
9.1.1376: quickfix dummy buffer may remain as dummy buffer
9.1.1375: [security]: possible heap UAF with quickfix dummy buffer
9.1.1374: completion: 'smartcase' not respected when filtering matches
9.1.1373: 'completeopt' checking logic can be simplified
9.1.1372: style: braces issues in various files
9.1.1371: style: indentation and brace issues in insexpand.c
9.1.1370: CI Tests favor GTK2 over GTK3
9.1.1369: configure still using autoconf 2.71
9.1.1368: GTK3 and GTK4 will drop numeric cursor support.
9.1.1367: too many strlen() calls in gui.c
9.1.1366: v9.1.1364 unintentionally changed sign.c and sound.c
9.1.1365: MS-Windows: compile warnings and too many strlen() calls
9.1.1364: style: more indentation issues
9.1.1363: style: inconsistent indentation in various files
9.1.1362: Vim9: type ignored when adding tuple to instance list var
9.1.1361: [security]: possible use-after-free when closing a buffer
9.1.1360: filetype: GNU Radio companion files are not recognized
9.1.1359: filetype: GNU Radio config files are not recognized
9.1.1358: if_lua: compile warnings with gcc15
9.1.1357: Vim incorrectly escapes tags with "[" in a help buffer
9.1.1356: Vim9: crash when unletting variable
9.1.1355: The pum_redraw() function is too complex
9.1.1354: tests: Test_terminalwinscroll_topline() fails on Windows
9.1.1353: missing change from v9.1.1350
9.1.1352: style: inconsistent indent in insexpand.c
9.1.1351: Return value of getcmdline() inconsistent in CmdlineLeavePre
9.1.1350: tests: typo in Test_CmdlineLeavePre_cabbr()
9.1.1349: CmdlineLeavePre may trigger twice
9.1.1348: still E315 with the terminal feature
9.1.1347: small problems with gui_w32.c
9.1.1346: missing out-of-memory check in textformat.c
9.1.1345: tests: Test_xxd_color2() test failure dump diff is misleading
9.1.1344: double free in f_complete_match() (after v9.1.1341)
9.1.1343: filetype: IPython files are not recognized
9.1.1342: Shebang filetype detection can be improved
9.1.1341: cannot define completion triggers
9.1.1340: cannot complete :filetype arguments
9.1.1339: missing out-of-memory checks for enc_to_utf16()/utf16_to_enc()
9.1.1338: Calling expand() interferes with cmdcomplete_info()
9.1.1337: Undo corrupted with 'completeopt' "preinsert" when switching buffer
9.1.1336: comment plugin does not support case-insensitive 'commentstring'
9.1.1335: Coverity complains about Null pointer dereferences
9.1.1334: Coverity complains about unchecked return value
9.1.1333: Coverity: complains about unutilized variable
9.1.1332: Vim9: segfault when using super within a lambda
9.1.1331: Leaking memory with cmdcomplete()
9.1.1330: may receive E315 in terminal
9.1.1329: cannot get information about command line completion
9.1.1328: too many strlen() calls in indent.c
9.1.1327: filetype: nroff detection can be improved
9.1.1326: invalid cursor position after 'tagfunc'
9.1.1325: tests: not checking error numbers properly
9.1.1324: undefined behaviour if X11 connection dies
9.1.1323: b:undo_ftplugin not executed when re-using buffer
9.1.1322: small delete register cannot paste multi-line correctly
9.1.1321: filetype: MS ixx and mpp files are not recognized
9.1.1320: filetype: alsoft config files are not recognized
9.1.1319: Various typos in the code, issue with test_inst_complete.vim
9.1.1318: tests: test_format fails
9.1.1317: noisy error when restoring folds from session fails
9.1.1316: missing memory allocation failure in os_mswin.c
9.1.1315: completion: issue with fuzzy completion and 'completefuzzycollect'
9.1.1314: max allowed string width too small
9.1.1313: compile warning about uninitialized value
9.1.1312: tests: Test_backupskip() fails when HOME is defined
9.1.1311: completion: not possible to limit number of matches
9.1.1310: completion: redundant check for preinsert effect
9.1.1309: tests: no test for 'pummaxwidth' with non-truncated "kind"
9.1.1308: completion: cannot order matches by distance to cursor
9.1.1307: make syntax does not reliably detect different flavors
9.1.1306: completion menu rendering can be improved
9.1.1305: completion menu active after switching windows/tabs
9.1.1304: filetype: some man files are not recognized
9.1.1303: missing out-of-memory check in linematch.c
9.1.1302: Coverity warns about using uninitialized value
9.1.1301: completion: cannot configure completion functions with 'complete'
9.1.1300: wrong detection of -inf
9.1.1299: filetype: mbsyncrc files are not recognized
9.1.1298: define_function() is too long
9.1.1297: Ctrl-D scrolling can get stuck
9.1.1296: completion: incorrect truncation logic
9.1.1295: clientserver: does not handle :stopinsert correctly
9.1.1294: gui tabline menu does not use confirm when closing tabs
9.1.1293: comment plugin does not handle 'exclusive' selection for comment object
9.1.1292: statusline not correctly evaluated
9.1.1291: too many strlen() calls in buffer.c
9.1.1290: tests: missing cleanup in test_filetype.vim
9.1.1289: tests: no test for matchparen plugin with WinScrolled event
9.1.1288: Using wrong window in ll_resize_stack()
9.1.1287: quickfix code can be further improved
9.1.1286: filetype: help files not detected when 'iskeyword' includes ":"
9.1.1285: Vim9: no error message for missing method after "super."
9.1.1284: not possible to configure pum truncation char
9.1.1283: quickfix stack is limited to 10 items
9.1.1282: Build and test failure without job feature
9.1.1281: extra newline output when editing stdin
9.1.1280: trailing additional semicolon in get_matches_in_str()
9.1.1279: Vim9: null_object and null_class are no reserved names
9.1.1278: Vim9: too long functions in vim9type.c
9.1.1277: tests: trailing comment char in test_popupwin
9.1.1276: inline word diff treats multibyte chars as word char
9.1.1275: MS-Windows: Not possible to pass additional flags to Make_mvc
9.1.1274: Vim9: no support for object<type> as variable type
9.1.1273: Coverity warns about using uninitialized value
9.1.1272: completion: in keyword completion Ctrl_P cannot go back after Ctrl_N
9.1.1271: filetype: Power Query files are not recognized
9.1.1270: missing out-of-memory checks in buffer.c
9.1.1269: completion: compl_shown_match is updated when starting keyword completion
9.1.1268: filetype: dax files are not recognized
9.1.1267: Vim9: no support for type list/dict<object<any>>
9.1.1266: MS-Windows: type conversion warnings
9.1.1265: tests: no tests for typing normal char during completion
9.1.1264: Vim9: error when comparing objects
9.1.1263: string length wrong in get_last_inserted_save()
9.1.1262: heap-buffer-overflow with narrow 'pummaxwidth' value
9.1.1261: No test for 'pummaxwidth' non-truncated items
9.1.1260: Hang when filtering buffer with NUL bytes
9.1.1259: some issues with comment package and tailing spaces
9.1.1258: regexp: max \U and \%U value is limited by INT_MAX
9.1.1257: Mixing vim_strsize() with mb_ptr2cells() in pum_redraw()
9.1.1256: if_python: duplicate tuple data entries
9.1.1255: missing test condition for 'pummaxwidth' setting
9.1.1254: need more tests for the comment plugin
9.1.1253: abort when closing window with attached quickfix data
9.1.1252: typos in code and docs related to 'diffopt' "inline:"
9.1.1251: if_python: build error with tuples and dynamic python
9.1.1250: cannot set the maximum popup menu width
9.1.1249: tests: no test that 'listchars' "eol" doesn't affect "gM"
9.1.1248: compile error when building without FEAT_QUICKFIX
9.1.1247: fragile setup to get (preferred) keys from key_name_entry
9.1.1246: coverity complains about some changes in v9.1.1243
9.1.1245: need some more tests for curly braces evaluation
9.1.1244: part of patch v9.1.1242 was wrong
9.1.1243: diff mode is lacking for changes within lines
9.1.1242: Crash when evaluating variable name
9.1.1241: wrong preprocessort indentation in term.c
9.1.1240: Regression with ic/ac text objects and comment plugin
9.1.1239: if_python: no tuple data type support
9.1.1238: wrong cursor column with 'set splitkeep=screen'
9.1.1237: Compile error with C89 compiler in term.c
9.1.1236: tests: test_comments leaves swapfiles around
9.1.1235: cproto files are outdated
9.1.1234: Compile error when SIZE_MAX is not defined
9.1.1233: Coverity warns about NULL pointer when triggering WinResized
9.1.1232: Vim script is missing the tuple data type
9.1.1231: filetype: SPA JSON files are not recognized
9.1.1230: inconsistent CTRL-C behaviour for popup windows
9.1.1229: the comment plugin can be improved
9.1.1228: completion: current position column wrong after got a match
9.1.1227: no tests for the comment package
9.1.1226: "shellcmdline" completion doesn't work with input()
9.1.1225: extra NULL check in VIM_CLEAR()
9.1.1224: cannot :put while keeping indent
9.1.1223: wrong translation used for encoding failures
9.1.1222: using wrong length for last inserted string
9.1.1221: Wrong cursor pos when leaving Insert mode just after 'autoindent'
9.1.1220: filetype: uv.lock file not recognized
9.1.1219: Strange error with wrong type for matchfuzzy() "camelcase"
9.1.1218: missing out-of-memory check in filepath.c
9.1.1217: tests: typos in test_matchfuzzy.vim
9.1.1216: Pasting the '.' register multiple times may not work
9.1.1215: Patch 9.1.1213 has some issues
9.1.1214: matchfuzzy() can be improved for camel case matches
9.1.1213: cannot :put while keeping indent
9.1.1212: too many strlen() calls in edit.c
9.1.1212: filetype: logrotate'd pacmanlogs are not recognized
9.1.1211: TabClosedPre is triggered just before the tab is being freed
9.1.1210: translation(ru): missing Russian translation for the new tutor
9.1.1209: colorcolumn not drawn after virtual text lines
9.1.1208: MS-Windows: not correctly restoring alternate screen on Win 10
9.1.1207: MS-Windows: build warning in filepath.c
9.1.1206: tests: test_filetype fails when a file is a directory
9.1.1205: completion: preinserted text not removed when closing pum
9.1.1204: MS-Windows: crash when passing long string to expand()
9.1.1203: matchparen keeps cursor on case label in sh filetype
9.1.1202: Missing TabClosedPre autocommand
9.1.1201: 'completefuzzycollect' does not handle dictionary correctly
9.1.1200: cmdline pum not cleared for input() completion
9.1.1199: gvim uses hardcoded xpm icon file
9.1.1198: [security]: potential data loss with zip.vim
9.1.1197: process_next_cpt_value() uses wrong condition
9.1.1196: filetype: config files for container tools are not recognized
9.1.1195: inside try-block: fn body executed with default arg undefined
9.1.1194: filetype: false positive help filetype detection
9.1.1193: Unnecessary use of STRCAT() in au_event_disable()
9.1.1192: Vim crashes with term response debug logging enabled
9.1.1191: tests: test for patch 9.1.1186 doesn't fail without the patch
9.1.1190: C indentation does not detect multibyte labels
9.1.1189: if_python: build error due to incompatible pointer types
9.1.1188: runtime(tera): tera support can be improved
9.1.1187: matchparen plugin wrong highlights shell case statement
9.1.1186: filetype: help files in git repos are not detected
9.1.1185: endless loop with completefuzzycollect and no match found
9.1.1184: Unnecessary use of vim_tolower() in vim_strnicmp_asc()
9.1.1083: "above" virtual text breaks cursorlineopt=number
9.1.1182: No cmdline completion for 'completefuzzycollect'
9.1.1181: Unnecessary STRLEN() calls in insexpand.c
9.1.1180: short-description
9.1.1179: too many strlen() calls in misc2.c
9.1.1178: not possible to generate completion candidates using fuzzy matching
9.1.1177: filetype: tera files not detected
ModerateSUSE bug 1246602SUSE bug 1246604SUSE bug 1247938SUSE bug 1247939CVE-2025-53905 at SUSECVE-2025-53905 at NVDCVE-2025-53906 at SUSECVE-2025-53906 at NVDCVE-2025-55157 at SUSECVE-2025-55157 at NVDCVE-2025-55158 at SUSECVE-2025-55158 at NVDcpe:/o:suse:sl-micro:6.0Security update for ucode-intel (Important)SUSE Linux Micro 6.0
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)
- CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access
- CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
- CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- Update for functional issues.
- Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5
| GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6
| GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6
| ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3
| LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor
| MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13
| SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores
New Disclosures Updated in Prior Releases:
All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.
ImportantSUSE bug 1248438CVE-2025-20053 at SUSECVE-2025-20053 at NVDCVE-2025-20109 at SUSECVE-2025-20109 at NVDCVE-2025-22839 at SUSECVE-2025-22839 at NVDCVE-2025-22840 at SUSECVE-2025-22840 at NVDCVE-2025-22889 at SUSECVE-2025-22889 at NVDCVE-2025-26403 at SUSECVE-2025-26403 at NVDCVE-2025-32086 at SUSECVE-2025-32086 at NVDcpe:/o:suse:sl-micro:6.0Security update for sevctl (Moderate)SUSE Linux Micro 6.0
This update for sevctl fixes the following issues:
- CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch (bsc#1242618)
- CVE-2024-12224: idna: Fixed Punycode labels not producing any non-ASCII when decode (bsc#1243860)
ModerateSUSE bug 1242618SUSE bug 1243860CVE-2024-12224 at SUSECVE-2024-12224 at NVDCVE-2025-3416 at SUSECVE-2025-3416 at NVDcpe:/o:suse:sl-micro:6.0Security update for podman (Moderate)SUSE Linux Micro 6.0
This update for podman fixes the following issues:
- CVE-2024-6104: Fixed dependency issue with go-retryablehttp: url might write sensitive information to log file (bsc#1227052).
- Update to version 4.9.5:
* Bump to v4.9.5
* Update release notes for v4.9.5
* fix "concurrent map writes" in network ls compat endpoint
* [v4.9] Fix for CVE-2024-3727
* Disable failing bud test
* CI Maintenance: Disable machine tests
* [CI:DOCS] Allow downgrade of WiX
* [CI:DOCS] Force WiX 3.11
* [CI:DOCS] Fix windows installer action
* Bump to v4.9.5-dev
* Bump to v4.9.4
* Update release notes for v4.9.4
* [v4.9] Bump Buildah to v1.33.7, CVE-2024-1753, CVE-2024-24786
* Add farm command to commands list
* Bump to FreeBSD 13.3 (13.2 vanished)
* Update health-start-periods docs
* Don't update health check status during initialDelaySeconds
* image scp: don't require port for ssh URL
* Ignore docker's end point config when the final network mode isn't bridge.
* Fix running container from docker client with rootful in rootless podman.
* [skip-ci] Packit: remove koji and bodhi tasks for v4.9
* Bump to v4.9.4-dev
* Remove gitleaks scanning
ModerateSUSE bug 1227052CVE-2024-1753 at SUSECVE-2024-1753 at NVDCVE-2024-24786 at SUSECVE-2024-24786 at NVDCVE-2024-3727 at SUSECVE-2024-3727 at NVDCVE-2024-6104 at SUSECVE-2024-6104 at NVDcpe:/o:suse:sl-micro:6.0Security update for rust-keylime (Moderate)SUSE Linux Micro 6.0
This update for rust-keylime fixes the following issues:
- Update vendored crate slab to version 0.4.11
* CVE-2025-55159: Fixed incorrect bounds check in get_disjoint_mut function
leading to undefined behavior or potential crash due to out-of-bounds
access (bsc#1248006)
- Update to version 0.2.8+12:
* build(deps): bump actions/checkout from 4 to 5
* build(deps): bump cfg-if from 1.0.0 to 1.0.1
* build(deps): bump openssl from 0.10.72 to 0.10.73
* build(deps): bump clap from 4.5.39 to 4.5.45
* build(deps): bump pest from 2.8.0 to 2.8.1
* Fix clippy warnings
* Use verifier-provided interval for continuous attestation timing
* Add meta object with seconds_to_next_attestation to evidence response
* Fix boot time retrieval
* Fix IMA log format (it must be ['text/plain']) (#1073)
* Remove unnecessary configuration fields
* cargo: Bump retry-policies to version 0.4.0
- Update vendored crate shlex to version 1.3.0
* CVE-2024-58266: Fixed command injection (bsc#1247193)
- Update to version 0.2.7+141:
* service: Use WantedBy=multi-user.target
* rpm: Add subpackage for push-attestation agent
* push-model: implement continuous attestation with configurable intervals
* Retry registration forever in the state machine
* Add Verifier URL to configuration
* Align exp.backoff to current configuration format
* Increase coverage of state machine (using Context)
* Increase coverage of struct_filler.rs
* Groom code (remove dead code)
* Fix exponential backoff (10secs, 4xx accepted)
* test: Add documentation test to tests/run.sh
* tpm: Avoid running code example during documentation tests
* state_machine: Always start the agent from the Unregistered state
* Add fixes for the URL construction
* Refactor evidences collection in push attestation agent
* push-model: refactor attestation logic into a state machine
* Fix body sending by allowing serializing strings (#1057)
* Log ResilientClient errors/response status codes (#1055)
* Add AK signing scheme and hash algorithm to negotiation
* tpm: Add method to extract signing scheme and hash algorithm from AK
* Allow custom content-type/accept headers
* Integrate exponential backoff to registration (#1052)
* keylime/structures: Rename ShaValues to PcrBanks
* Add resilient_client for exponential backoff (#1048)
- Update vendored crate openssl 0.10.73:
* CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch (bsc#1242623)
- Update to version 0.2.7+117:
* Increase coverage in evidence handling structure
* Add Capabilities Negotiations resp. missing fields
* Fix UEFI test to check file access in all cases
* context_info_handler: Do not assume /var/lib/keylime exists
* Fix clippy warnings about uninlined format arguments
* attestation: Allow unwrap() in tests
* Increase coverage (groom code, extend unit tests)
* Include IMA/UEFI logs in Evidence Handling request
* Include method to get all IMA entries as string
* Send correct list of pcr banks and sign algorithms
* Try to fix TPM tests related issues
* Define attestation perform asynchronous
* Perform attestation in push model agent binary
* Refactor code to use new attestation.rs
* Create attestation.rs for Attestation stuff
* Move ContextInfo management to its own handler
* Adjust context_info.rs after rebase
* Add attestation function to ContextInfo structure
* Add prohibited signing algorithms, avoid ecschnorr
* keylime/config: Use macro to implement PushModelConfigTrait
* Introduce keylime-macros and define_view_trait
* config: Remove KeylimeConfig structure
* config: Remove unnecessary options and lazy initialization
* Fix pcr_bank function to send all possible slots
* Send Content-Type:application/json on request (#1039)
* Send correct 'key_algorithm' in certification_keys (#1035)
* Push Model: Persist Attestation Key to file
* Add Keylime push model binary to root GNUmakefile
* Use singleton to avoid multiple Context allocation
* tests: Do not assume `/var/lib/keylime` exists (#1030)
* lib/cert: Fix race condition due to use of same file path
* payloads: Fix race condition in tests
* Add uefi_log_handler.rs to parse UEFI binary
* Use IMA log parser to send correct entry count
* Add IMA log parser
* build(deps): bump once_cell from 1.19.0 to 1.21.3
* lib/config/base.rs: Add more unit tests
* lib/permissions: Add unit tests
* keylime-agent: move JsonWrapper from common.rs to the library
* lib/agent_data: Move agent_data related tests from common
* common: Replace APIVersion with the library Version structure
* keylime_agent: Move secure_mount.rs to the library
* lib: Rename keylime_error.rs as error.rs
* config: Move config to keylime library
* config: Rename push_model_config to push_model
* lib: Move permissions.rs from keylime-agent to the lib
* Extract Capabilities Negotiation info from TPM (#1014)
ModerateSUSE bug 1242623SUSE bug 1247193SUSE bug 1248006CVE-2024-58266 at SUSECVE-2024-58266 at NVDCVE-2025-3416 at SUSECVE-2025-3416 at NVDCVE-2025-55159 at SUSECVE-2025-55159 at NVDcpe:/o:suse:sl-micro:6.0Security update for udisks2 (Important)SUSE Linux Micro 6.0
This update for udisks2 fixes the following issues:
- CVE-2025-8067: Fixed missing bounds check leading to out-of-bounds read (bsc#1248502)
ImportantSUSE bug 1248502CVE-2025-8067 at SUSECVE-2025-8067 at NVDcpe:/o:suse:sl-micro:6.0Security update for krb5 (Moderate)SUSE Linux Micro 6.0
This update for krb5 fixes the following issues:
- CVE-2025-3576: Fixed Kerberos RC4-HMAC-MD5 Checksum Vulnerability (bsc#1241219)
ModerateSUSE bug 1241219CVE-2025-3576 at SUSECVE-2025-3576 at NVDcpe:/o:suse:sl-micro:6.0Security update for libarchive (Important)SUSE Linux Micro 6.0
This update for libarchive fixes the following issues:
- CVE-2024-20696: Fixed out-of-bounds access in in copy_from_lzss_window_to_unp() (bsc#1225971)
- CVE-2024-20697: Fixed heap based buffer overflow in rar e8 filter (bsc#1225972)
ImportantSUSE bug 1225971SUSE bug 1225972CVE-2024-20696 at SUSECVE-2024-20696 at NVDCVE-2024-20697 at SUSECVE-2024-20697 at NVDcpe:/o:suse:sl-micro:6.0Security update for git (Critical)SUSE Linux Micro 6.0
This update for git fixes the following issues:
- Update to 2.51.0
- UI, Workflows & Features
- Userdiff patterns for the R language have been added.
- Documentation for "git send-email" has been updated with a
bit more credential helper and OAuth information.
- "git cat-file --batch" learns to understand %(objectmode)
atom to allow the caller to tell missing objects (due to
repository corruption) and submodules (whose commit objects
are OK to be missing) apart.
- "git diff --no-index dirA dirB" can limit the comparison with
pathspec at the end of the command line, just like normal
"git diff".
- "git subtree" (in contrib/) learned to grok GPG signing its
commits.
- "git whatchanged" that is longer to type than "git log --raw"
which is its modern rough equivalent has outlived its
usefulness more than 10 years ago. Plan to deprecate and
remove it.
- An interchange format for stash entries is defined, and
subcommand of "git stash" to import/export has been added.
- "git merge/pull" has been taught the "--compact-summary"
option to use the compact-summary format, intead of diffstat,
when showing the summary of the incoming changes.
- "git imap-send" has been broken for a long time, which has
been resurrected and then taught to talk OAuth2.0 etc.
- Some error messages from "git imap-send" has been updated.
- When "git daemon" sees a signal while attempting to accept()
a new client, instead of retrying, it skipped it by mistake,
which has been corrected.
- The reftable ref backend has matured enough; Git 3.0 will
make it the default format in a newly created repositories by
default.
- "netrc" credential helper has been improved to understand
textual service names (like smtp) in addition to the numeric
port numbers (like 25).
- Lift the limitation to use changed-path filter in "git log"
so that it can be used for a pathspec with multiple literal
paths.
- Clean up the way how signature on commit objects are exported
to and imported from fast-import stream.
- Remove unsupported, unused, and unsupportable old option from
"git log".
- Document recently added "git imap-send --list" with an
example.
- "git pull" learned to pay attention to pull.autostash
configuration variable, which overrides
rebase/merge.autostash.
- "git for-each-ref" learns "--start-after" option to help
applications that want to page its output.
- "git switch" and "git restore" are declared to be no longer
experimental.
- "git -c alias.foo=bar foo -h baz" reported "'foo' is aliased
to 'bar'" and then went on to run "git foo -h baz", which was
unexpected. Tighten the rule so that alias expansion is
reported only when "-h" is the sole option.
- Performance, Internal Implementation, Development Support etc.
- "git pack-objects" learned to find delta bases from blobs at
the same path, using the --path-walk API.
- CodingGuidelines update.
- Add settings for Solaris 10 & 11.
- Meson-based build/test framework now understands TAP output
generated by our tests.
- "Do not explicitly initialize to zero" rule has been
clarified in the CodingGuidelines document.
- A test helper "test_seq" function learned the "-f <fmt>"
option, which allowed us to simplify a lot of test scripts.
- A lot of stale stuff has been removed from the contrib/
hierarchy.
- "git push" and "git fetch" are taught to update refs in
batches to gain performance.
- Some code paths in "git prune" used to ignore the passed-in
repository object and used the `the_repository` singleton
instance instead, which has been corrected.
- Update ".clang-format" and ".editorconfig" to match our style
guide a bit better.
- "make coccicheck" succeeds even when spatch made suggestions,
which has been updated to fail in such a case.
- Code clean-up around object access API.
- Define .precision to more canned parse-options type to avoid
bugs coming from using a variable with a wrong type to
capture the parsed values.
- Flipping the default hash function to SHA-256 at Git 3.0
boundary is planned.
- Declare weather-balloon we raised for "bool" type 18 months
ago a success and officially allow using the type in our
codebase.
- GIT_TEST_INSTALLED was not honored in the recent topic
related to SHA256 hashes, which has been corrected.
- The pop_most_recent_commit() function can have quite
expensive worst case performance characteristics, which has
been optimized by using prio-queue data structure.
- Move structure definition from unrelated header file to where
it belongs.
- To help our developers, document what C99 language features
are being considered for adoption, in addition to what past
experiments have already decided.
- The reftable unit tests are now ported to the "clar" unit
testing framework.
- Redefine where the multi-pack-index sits in the object
subsystem, which recently was restructured to allow multiple
backends that support a single object source that belongs to
one repository. A MIDX does span multiple "object sources".
- Reduce implicit assumption and dependence on the_repository
in the object-file subsystem.
- Fixes since v2.50 Unless otherwise noted, all the changes in
2.50.X maintenance track, including security updates, are
included in this release.
- A memory-leak in an error code path has been plugged.
- Some leftover references to documentation source files that
no longer exist, due to recent ".txt" -> ".adoc" renaming,
have been corrected.
- "git stash -p <pathspec>" improvements.
- "git send-email" incremented its internal message counter
when a message was edited, which made logic that treats the
first message specially misbehave, which has been corrected.
- "git stash" recorded a wrong branch name when submodules are
present in the current checkout, which has been corrected.
- When asking to apply mailmap to both author and committer
field while showing a commit object, the field that appears
later was not correctly parsed and replaced, which has been
corrected.
- "git maintenance" lacked the care "git gc" had to avoid
holding onto the repository lock for too long during packing
refs, which has been remedied.
- Avoid regexp_constraint and instead use comparison_constraint
when listing functions to exclude from application of
coccinelle rules, as spatch can be built with different
regexp engine X-<.
- Updating submodules from the upstream did not work well when
submodule's HEAD is detached, which has been improved.
- Remove unnecessary check from "git daemon" code. (merge
0c856224d2 cb/daemon-fd-check-fix later to maint).
- Use of sysctl() system call to learn the total RAM size used
on BSDs has been corrected.
- Drop FreeBSD 4 support and declare that we support only
FreeBSD 12 or later, which has memmem() supported.
- A diff-filter with negative-only specification like "git log
--diff-filter=d" did not trigger correctly, which has been
fixed.
- A failure to open the index file for writing due to
conflicting access did not state what went wrong, which has
been corrected.
- Tempfile removal fix in the codepath to sign commits with SSH
keys.
- Code and test clean-up around string-list API.
- "git apply -N" should start from the current index and
register only new files, but it instead started from an empty
index, which has been corrected.
- Leakfix with a new and a bit invasive test on pack-bitmap
files.
- "git fetch --prune" used to be O(n^2) expensive when there
are many refs, which has been corrected.
- When a ref creation at refs/heads/foo/bar fails, the files
backend now removes refs/heads/foo/ if the directory is
otherwise not used.
- "pack-objects" has been taught to avoid pointing into objects
in cruft packs from midx.
- "git remote" now detects remote names that overlap with each
other (e.g., remote nickname "outer" and "outer/inner" are
used at the same time), as it will lead to overlapping
remote-tracking branches.
- The gpg.program configuration variable, which names a
pathname to the (custom) GPG compatible program, can now be
spelled with ~tilde expansion.
- Our <sane-ctype.h> header file relied on that the
system-supplied <ctype.h> header is not later included, which
would override our macro definitions, but "amazon linux"
broke this assumption. Fix this by preemptively including
<ctype.h> near the beginning of <sane-ctype.h> ourselves.
(merge 9d3b33125f ps/sane-ctype-workaround later to maint).
- Clean-up compat/bswap.h mess. (merge f4ac32c03a
ss/compat-bswap-revamp later to maint).
- Meson-based build did not handle libexecdir setting
correctly, which has been corrected. (merge 056dbe8612
rj/meson-libexecdir-fix later to maint).
- Document that we do not require "real" name when signing your
patches off. (merge 1f0fed312a
bc/contribution-under-non-real-names later to maint).
- "git commit" that concludes a conflicted merge failed to
notice and remove existing comment added automatically (like
"# Conflicts:") when the core.commentstring is set to 'auto'.
(merge 92b7c7c9f5 ac/auto-comment-char-fix later to maint).
- "git rebase -i" with bogus rebase.instructionFormat
configuration failed to produce the todo file after recording
the state files, leading to confused "git status"; this has
been corrected. (merge ade14bffd7
ow/rebase-verify-insn-fmt-before-initializing-state later to
maint).
- A few file descriptors left unclosed upon program completion
in a few test helper programs are now closed. (merge
0f1b33815b hl/test-helper-fd-close later to maint).
- Interactive prompt code did not correctly strip CRLF from the
end of line on Windows. (merge 711a20827b js/prompt-crlf-fix
later to maint).
- The config API had a set of convenience wrapper functions
that implicitly use the_repository instance; they have been
removed and inlined at the calling sites.
- "git add/etc -p" now honor the diff.context configuration
variable, and also they learn to honor the -U<n> command-line
option. (merge 2b3ae04011 lm/add-p-context later to maint).
- The case where a new submodule takes a path where there used
to be a completely different subproject is now dealt with a
bit better than before. (merge 5ed8c5b465
kj/renamed-submodule later to maint).
- The deflate codepath in "git archive --format=zip" had a
longstanding bug coming from misuse of zlib API, which has
been corrected.
- Update to 2.50.1:
* CVE-2025-27613: Fixed arbitrary writable file creation and
truncation in Gitk (bsc#1245938)
* CVE-2025-27614: Fixed arbitrary script execution via repo
clonation in gitk (bsc#1245939)
* CVE-2025-46835: Fixed untrusted repository cloning leading
to arbitrary writable file creation in Git GUI (bsc#1245942)
* CVE-2025-48384: Fixed CRLF transforming (bsc#1245943)
* CVE-2025-48385: Fixed arbitrary code execution due to protocol
injection (bsc#1245946)
* CVE-2025-48386: Fixed buffer overflow in static buffer (bsc#1245947)
- Update to 2.48.1:
* CVE-2024-50349: Fixed password leak (bsc#1235600)
* CVE-2024-52006: Fixed Carriage Returns via the credential
protocol to credential helpers (bsc#1235601)
- Update to 2.48.0:
* Reference consistency checks: git refs verify
* Reflogs can now be migrated with git refs migrate
* git is free of memory leaks as covered by the test suite
* Performance improvements
- Update to 2.47.1:
* Use after free and double freeing at the end in
"git log -L... -p" had been identified and fixed.
* "git maintenance start" crashed due to an uninitialized
variable reference, which has been corrected.
* Fail gracefully instead of crashing when attempting to write
the contents of a corrupt in-core index as a tree object.
* A "git fetch" from the superproject going down to a submodule
used a wrong remote when the default remote names are set
differently between them.
* The "gitk" project tree has been synchronized again
- Update to 2.47.0:
* A few descriptions in "git show-ref -h" have been clarified.
* A 'P' command to "git add -p" that passes the patch hunk to the
pager has been added.
* "git grep -W" omits blank lines that follow the found function at
the end of the file, just like it omits blank lines before the next
function.
* The value of http.proxy can have "path" at the end for a socks
proxy that listens to a unix-domain socket, but we started to
discard it when we taught proxy auth code path to use the
credential helpers, which has been corrected.
* The code paths to compact multiple reftable files have been updated
to correctly deal with multiple compaction triggering at the same
time.
* Support to specify ref backend for submodules has been enhanced.
* "git svn" has been taught about svn:global-ignores property
recent versions of Subversion has.
* The default object hash and ref backend format used to be settable
only with explicit command line option to "git init" and
environment variables, but now they can be configured in the user's
global and system wide configuration.
* "git send-email" learned "--translate-aliases" option that reads
addresses from the standard input and emits the result of applying
aliases on them to the standard output.
* 'git for-each-ref' learned a new "--format" atom to find the branch
that the history leading to a given commit "%(is-base:<commit>)" is
likely based on.
* The command line prompt support used to be littered with bash-isms,
which has been corrected to work with more shells.
* Support for the RUNTIME_PREFIX feature has been added to z/OS port.
* "git send-email" learned "--mailmap" option to allow rewriting the
recipient addresses.
* "git mergetool" learned to use VSCode as a merge backend.
* "git pack-redundant" has been marked for removal in Git 3.0.
* One-line messages to "die" and other helper functions will get LF
added by these helper functions, but many existing messages had an
unnecessary LF at the end, which have been corrected.
* The "scalar clone" command learned the "--no-tags" option.
* The environment GIT_ADVICE has been intentionally kept undocumented
to discourage its use by interactive users. Add documentation to
help tool writers.
* "git apply --3way" learned to take "--ours" and other options.
- Update to version 2.46.2:
* Revert the "git patch-id" change that went into 2.46.1,
as it seems to have got a regression reported (I haven't verified,
but it is better to keep a known breakage than adding an unintended
regression).
* In a few corner cases "git diff --exit-code" failed to report
"changes" (e.g., renamed without any content change), which has
been corrected.
* The interpret-trailers command failed to recognise the end of the
message when the commit log ends in an incomplete line.
- Update to version 2.46.1;
* "git checkout --ours" (no other arguments) complained that the
option is incompatible with branch switching, which is technically
correct, but found confusing by some users. It now says that the
user needs to give pathspec to specify what paths to checkout.
* It has been documented that we avoid "VAR=VAL shell_func" and why.
* "git add -p" by users with diff.suppressBlankEmpty set to true
failed to parse the patch that represents an unmodified empty line
with an empty line (not a line with a single space on it), which
has been corrected.
* "git rebase --help" referred to "offset" (the difference between
the location a change was taken from and the change gets replaced)
incorrectly and called it "fuzz", which has been corrected.
* "git notes add -m '' --allow-empty" and friends that take prepared
data to create notes should not invoke an editor, but it started
doing so since Git 2.42, which has been corrected.
* An expensive operation to prepare tracing was done in re-encoding
code path even when the tracing was not requested, which has been
corrected.
* Perforce tests have been updated.
* The credential helper to talk to OSX keychain sometimes sent
garbage bytes after the username, which has been corrected.
* A recent update broke "git ls-remote" used outside a repository,
which has been corrected.
* "git config --value=foo --fixed-value section.key newvalue" barfed
when the existing value in the configuration file used the
valueless true syntax, which has been corrected.
* "git reflog expire" failed to honor annotated tags when computing
reachable commits.
* A flakey test and incorrect calls to strtoX() functions have been
fixed.
* Follow-up on 2.45.1 regression fix.
* "git rev-list ... | git diff-tree -p --remerge-diff --stdin" should
behave more or less like "git log -p --remerge-diff" but instead it
crashed, forgetting to prepare a temporary object store needed.
* The patch parser in "git patch-id" has been tightened to avoid
getting confused by lines that look like a patch header in the log
message.
* "git bundle unbundle" outside a repository triggered a BUG()
unnecessarily, which has been corrected.
* The code forgot to discard unnecessary in-core commit buffer data
for commits that "git log --skip=<number>" traversed but omitted
from the output, which has been corrected.
* "git verify-pack" and "git index-pack" started dying outside a
repository, which has been corrected.
* A corner case bug in "git stash" was fixed.
- Change less requirement to path to allow for use with BusyBox
- Update to 2.46.0
UI, Workflows & Features
* The "--rfc" option of "git format-patch" learned to take an
optional string value to be used in place of "RFC" to tweak the
"[PATCH]" on the subject header.
* The credential helper protocol, together with the HTTP layer, have
been enhanced to support authentication schemes different from
username & password pair, like Bearer and NTLM.
* Command line completion script (in contrib/) learned to complete
"git symbolic-ref" a bit better (you need to enable plumbing
commands to be completed with GIT_COMPLETION_SHOW_ALL_COMMANDS).
* When the user responds to a prompt given by "git add -p" with an
unsupported command, list of available commands were given, which
was too much if the user knew what they wanted to type but merely
made a typo. Now the user gets a much shorter error message.
* The color parsing code learned to handle 12-bit RGB colors, spelled
as "#RGB" (in addition to "#RRGGBB" that is already supported).
* The operation mode options (like "--get") the "git config" command
uses have been deprecated and replaced with subcommands (like "git
config get").
* "git tag" learned the "--trailer" option to futz with the trailers
in the same way as "git commit" does.
* A new global "--no-advice" option can be used to disable all advice
messages, which is meant to be used only in scripts.
* Updates to symbolic refs can now be made as a part of ref
transaction.
* The trailer API has been reshuffled a bit.
* Terminology to call various ref-like things are getting
straightened out.
* The command line completion script (in contrib/) has been adjusted
to the recent update to "git config" that adopted subcommand based
UI.
* The knobs to tweak how reftable files are written have been made
available as configuration variables.
* When "git push" notices that the commit at the tip of the ref on
the other side it is about to overwrite does not exist locally, it
used to first try fetching it if the local repository is a partial
clone. The command has been taught not to do so and immediately
fail instead.
* The promisor.quiet configuration knob can be set to true to make
lazy fetching from promisor remotes silent.
* The inter/range-diff output has been moved to the end of the patch
when format-patch adds it to a single patch, instead of writing it
before the patch text, to be consistent with what is done for a
cover letter for a multi-patch series.
* A new command has been added to migrate a repository that uses the
files backend for its ref storage to use the reftable backend, with
limitations.
* "git diff --exit-code --ext-diff" learned to take the exit status
of the external diff driver into account when deciding the exit
status of the overall "git diff" invocation when configured to do
so.
* "git update-ref --stdin" learned to handle transactional updates of
symbolic-refs.
* "git format-patch --interdiff" for multi-patch series learned to
turn on cover letters automatically (unless told never to enable
cover letter with "--no-cover-letter" and such).
* The "--heads" option of "ls-remote" and "show-ref" has been been
deprecated; "--branches" replaces "--heads".
* For over a year, setting add.interactive.useBuiltin configuration
variable did nothing but giving a "this does not do anything"
warning. The warning has been removed.
* The http transport can now be told to send request with
authentication material without first getting a 401 response.
* A handful of entries are added to the GitFAQ document.
* "git var GIT_SHELL_PATH" should report the path to the shell used
to spawn external commands, but it didn't do so on Windows, which
has been corrected.
Performance, Internal Implementation, Development Support etc.
* Advertise "git contacts", a tool for newcomers to find people to
ask review for their patches, a bit more in our developer
documentation.
* In addition to building the objects needed, try to link the objects
that are used in fuzzer tests, to make sure at least they build
without bitrot, in Linux CI runs.
* Code to write out reftable has seen some optimization and
simplification.
* Tests to ensure interoperability between reftable written by jgit
and our code have been added and enabled in CI.
* The singleton index_state instance "the_index" has been eliminated
by always instantiating "the_repository" and replacing references
to "the_index" with references to its .index member.
* Git-GUI has a new maintainer, Johannes Sixt.
* The "test-tool" has been taught to run testsuite tests in parallel,
bypassing the need to use the "prove" tool.
* The "whitespace check" task that was enabled for GitHub Actions CI
has been ported to GitLab CI.
* The refs API lost functions that implicitly assumes to work on the
primary ref_store by forcing the callers to pass a ref_store as an
argument.
* Code clean-up to reduce inter-function communication inside
builtin/config.c done via the use of global variables.
* The pack bitmap code saw some clean-up to prepare for a follow-up topic.
* Preliminary code clean-up for "git send-email".
* The default "creation-factor" used by "git format-patch" has been
raised to make it more aggressively find matching commits.
* Before discovering the repository details, We used to assume SHA-1
as the "default" hash function, which has been corrected. Hopefully
this will smoke out codepaths that rely on such an unwarranted
assumptions.
* The project decision making policy has been documented.
* The strcmp-offset tests have been rewritten using the unit test
framework.
* "git add -p" learned to complain when an answer with more than one
letter is given to a prompt that expects a single letter answer.
* The alias-expanded command lines are logged to the trace output.
* A new test was added to ensure git commands that are designed to
run outside repositories do work.
* A few tests in reftable library have been rewritten using the
unit test framework.
* A pair of test helpers that essentially are unit tests on hash
algorithms have been rewritten using the unit-tests framework.
* A test helper that essentially is unit tests on the "decorate"
logic has been rewritten using the unit-tests framework.
* Many memory leaks in the sparse-checkout code paths have been
plugged.
* "make check-docs" noticed problems and reported to its output but
failed to signal its findings with its exit status, which has been
corrected.
* Building with "-Werror -Wwrite-strings" is now supported.
* To help developers, the build procedure now allows builders to use
CFLAGS_APPEND to specify additional CFLAGS.
* "oidtree" tests were rewritten to use the unit test framework.
* The structure of the document that records longer-term project
decisions to deprecate/remove/update various behaviour has been
outlined.
* The pseudo-merge reachability bitmap to help more efficient storage
of the reachability bitmap in a repository with too many refs has
been added.
* When "git merge" sees that the index cannot be refreshed (e.g. due
to another process doing the same in the background), it died but
after writing MERGE_HEAD etc. files, which was useless for the
purpose to recover from the failure.
* The output from "git cat-file --batch-check" and "--batch-command
(info)" should not be unbuffered, for which some tests have been
added.
* A CPP macro USE_THE_REPOSITORY_VARIABLE is introduced to help
transition the codebase to rely less on the availability of the
singleton the_repository instance.
* "git version --build-options" reports the version information of
OpenSSL and other libraries (if used) in the build.
* Memory ownership rules for the in-core representation of
remote.*.url configuration values have been straightened out, which
resulted in a few leak fixes and code clarification.
* When bundleURI interface fetches multiple bundles, Git failed to
take full advantage of all bundles and ended up slurping duplicated
objects, which has been corrected.
* The code to deal with modified paths that are out-of-cone in a
sparsely checked out working tree has been optimized.
* An existing test of oidmap API has been rewritten with the
unit-test framework.
* The "ort" merge backend saw one bugfix for a crash that happens
when inner merge gets killed, and assorted code clean-ups.
* A new warning message is issued when a command has to expand a
sparse index to handle working tree cruft that are outside of the
sparse checkout.
* The test framework learned to take the test body not as a single
string but as a here-document.
* "git push '' HEAD:there" used to hit a BUG(); it has been corrected
to die with "fatal: bad repository ''".
* What happens when http.cookieFile gets the special value "" has
been clarified in the documentation.
Fixes
* "git rebase --signoff" used to forget that it needs to add a
sign-off to the resulting commit when told to continue after a
conflict stops its operation.
* The procedure to build multi-pack-index got confused by the
replace-refs mechanism, which has been corrected by disabling the
latter.
* The "-k" and "--rfc" options of "format-patch" will now error out
when used together, as one tells us not to add anything to the
title of the commit, and the other one tells us to add "RFC" in
addition to "PATCH".
* "git stash -S" did not handle binary files correctly, which has
been corrected.
* A scheduled "git maintenance" job is expected to work on all
repositories it knows about, but it stopped at the first one that
errored out. Now it keeps going.
* zsh can pretend to be a normal shell pretty well except for some
glitches that we tickle in some of our scripts. Work them around
so that "vimdiff" and our test suite works well enough with it.
* Command line completion support for zsh (in contrib/) has been
updated to stop exposing internal state to end-user shell
interaction.
* Tests that try to corrupt in-repository files in chunked format did
not work well on macOS due to its broken "mv", which has been
worked around.
* The maximum size of attribute files is enforced more consistently.
* Unbreak CI jobs so that we do not attempt to use Python 2 that has
been removed from the platform.
* Git 2.43 started using the tree of HEAD as the source of attributes
in a bare repository, which has severe performance implications.
For now, revert the change, without ripping out a more explicit
support for the attr.tree configuration variable.
* The "--exit-code" option of "git diff" command learned to work with
the "--ext-diff" option.
* Windows CI running in GitHub Actions started complaining about the
order of arguments given to calloc(); the imported regex code uses
the wrong order almost consistently, which has been corrected.
* Expose "name conflict" error when a ref creation fails due to D/F
conflict in the ref namespace, to improve an error message given by
"git fetch".
(merge 9339fca23e it/refs-name-conflict later to maint).
* The SubmittingPatches document now refers folks to manpages
translation project.
* The documentation for "git diff --name-only" has been clarified
that it is about showing the names in the post-image tree.
* The credential helper that talks with osx keychain learned to avoid
storing back the authentication material it just got received from
the keychain.
(merge e1ab45b2da kn/osxkeychain-skip-idempotent-store later to maint).
* The chainlint script (invoked during "make test") did nothing when
it failed to detect the number of available CPUs. It now falls
back to 1 CPU to avoid the problem.
* Revert overly aggressive "layered defence" that went into 2.45.1
and friends, which broke "git-lfs", "git-annex", and other use
cases, so that we can rebuild necessary counterparts in the open.
* "git init" in an already created directory, when the user
configuration has includeif.onbranch, started to fail recently,
which has been corrected.
* Memory leaks in "git mv" has been plugged.
* The safe.directory configuration knob has been updated to
optionally allow leading path matches.
* An overly large ".gitignore" files are now rejected silently.
* Upon expiration event, the credential subsystem forgot to clear
in-core authentication material other than password (whose support
was added recently), which has been corrected.
* Fix for an embarrassing typo that prevented Python2 tests from running
anywhere.
* Varargs functions that are unannotated as printf-like or execl-like
have been annotated as such.
* "git am" has a safety feature to prevent it from starting a new
session when there already is a session going. It reliably
triggers when a mbox is given on the command line, but it has to
rely on the tty-ness of the standard input. Add an explicit way to
opt out of this safety with a command line option.
(merge 62c71ace44 jk/am-retry later to maint).
* A leak in "git imap-send" that somehow escapes LSan has been
plugged.
* Setting core.abbrev too early before the repository set-up
(typically in "git clone") caused segfault, which as been
corrected.
* When the user adds to "git rebase -i" instruction to "pick" a merge
commit, the error experience is not pleasant. Such an error is now
caught earlier in the process that parses the todo list.
* We forgot to normalize the result of getcwd() to NFC on macOS where
all other paths are normalized, which has been corrected. This still
does not address the case where core.precomposeUnicode configuration
is not defined globally.
* Earlier we stopped using the tree of HEAD as the default source of
attributes in a bare repository, but failed to document it. This
has been corrected.
* "git update-server-info" and "git commit-graph --write" have been
updated to use the tempfile API to avoid leaving cruft after
failing.
* An unused extern declaration for mingw has been removed to prevent
it from causing build failure.
* A helper function shared between two tests had a copy-paste bug,
which has been corrected.
* "git fetch-pack -k -k" without passing "--lock-pack" (which we
never do ourselves) did not work at all, which has been corrected.
* CI job to build minimum fuzzers learned to pass NO_CURL=NoThanks to
the build procedure, as its build environment does not offer, or
the rest of the build needs, anything cURL.
(merge 4e66b5a990 jc/fuzz-sans-curl later to maint).
* "git diff --no-ext-diff" when diff.external is configured ignored
the "--color-moved" option.
(merge 0f4b0d4cf0 rs/diff-color-moved-w-no-ext-diff-fix later to maint).
* "git archive --add-virtual-file=<path>:<contents>" never paid
attention to the --prefix=<prefix> option but the documentation
said it would. The documentation has been corrected.
(merge 72c282098d jc/archive-prefix-with-add-virtual-file later to maint).
* When GIT_PAGER failed to spawn, depending on the code path taken,
we failed immediately (correct) or just spew the payload to the
standard output (incorrect). The code now always fail immediately
when GIT_PAGER fails.
(merge 78f0a5d187 rj/pager-die-upon-exec-failure later to maint).
* date parser updates to be more careful about underflowing epoch
based timestamp.
(merge 9d69789770 db/date-underflow-fix later to maint).
* The Bloom filter used for path limited history traversal was broken
on systems whose "char" is unsigned; update the implementation and
bump the format version to 2.
(merge 9c8a9ec787 tb/path-filter-fix later to maint).
* Typofix.
(merge 231cf7370e as/pathspec-h-typofix later to maint).
* Code clean-up.
(merge 4b837f821e rs/simplify-submodule-helper-super-prefix-invocation later to maint).
* "git describe --dirty --broken" forgot to refresh the index before
seeing if there is any chang, ("git describe --dirty" correctly did
so), which has been corrected.
(merge b8ae42e292 as/describe-broken-refresh-index-fix later to maint).
* Test suite has been taught not to unnecessarily rely on DNS failing
a bogus external name.
(merge 407cdbd271 jk/tests-without-dns later to maint).
* GitWeb update to use committer date consistently in rss/atom feeds.
(merge cf6ead095b am/gitweb-feed-use-committer-date later to maint).
* Custom control structures we invented more recently have been
taught to the clang-format file.
(merge 1457dff9be rs/clang-format-updates later to maint).
* Developer build procedure fix.
(merge df32729866 tb/dev-build-pedantic-fix later to maint).
* "git push" that pushes only deletion gave an unnecessary and
harmless error message when push negotiation is configured, which
has been corrected.
(merge 4d8ee0317f jc/disable-push-nego-for-deletion later to maint).
* Address-looking strings found on the trailer are now placed on the
Cc: list after running through sanitize_address by "git send-email".
(merge c852531f45 cb/send-email-sanitize-trailer-addresses later to maint).
* Tests that use GIT_TEST_SANITIZE_LEAK_LOG feature got their exit
status inverted, which has been corrected.
(merge 8c1d6691bc rj/test-sanitize-leak-log-fix later to maint).
* The http.cookieFile and http.saveCookies configuration variables
have a few values that need to be avoided, which are now ignored
with warning messages.
(merge 4f5822076f jc/http-cookiefile later to maint).
* Repacking a repository with multi-pack index started making stupid
pack selections in Git 2.45, which has been corrected.
(merge 8fb6d11fad ds/midx-write-repack-fix later to maint).
* Fix documentation mark-up regression in 2.45.
(merge 6474da0aa4 ja/doc-markup-updates-fix later to maint).
* Work around asciidoctor's css that renders `monospace` material
in the SYNOPSIS section of manual pages as block elements.
(merge d44ce6ddd5 js/doc-markup-updates-fix later to maint).
- CVE-2024-24577: Fixed arbitrary code execution due to heap corruption
in git_index_add (bsc#1219660)
- Update to 2.45.2:
* Revert "defense in depth" fixes from 2.45.1 broke 'git lfs' and
'git annex'
- remove dependency on /usr/bin/python3 using
%python3_fix_shebang_path macro, [bsc#1212476]
CriticalSUSE bug 1212476SUSE bug 1219660SUSE bug 1235600SUSE bug 1235601SUSE bug 1239989SUSE bug 1245938SUSE bug 1245939SUSE bug 1245942SUSE bug 1245943SUSE bug 1245946SUSE bug 1245947CVE-2024-24577 at SUSECVE-2024-24577 at NVDCVE-2024-50349 at SUSECVE-2024-50349 at NVDCVE-2024-52006 at SUSECVE-2024-52006 at NVDCVE-2025-27613 at SUSECVE-2025-27613 at NVDCVE-2025-27614 at SUSECVE-2025-27614 at NVDCVE-2025-46334 at SUSECVE-2025-46334 at NVDCVE-2025-46835 at SUSECVE-2025-46835 at NVDCVE-2025-48384 at SUSECVE-2025-48384 at NVDCVE-2025-48385 at SUSECVE-2025-48385 at NVDCVE-2025-48386 at SUSECVE-2025-48386 at NVDcpe:/o:suse:sl-micro:6.0Security update for curl (Important)SUSE Linux Micro 6.0
This update for curl fixes the following issues:
- CVE-2025-9086: Fixed Out of bounds read for cookie path (bsc#1249191)
- CVE-2025-10148: Predictable WebSocket mask (bsc#1249348)
- Fix the --ftp-pasv option in curl v8.14.1 [bsc#1246197]
- tool_operate: fix return code when --retry is used but not
triggered [bsc#1249367]
- Updated to 8.14.1: [jsc#PED-13055, jsc#PED-13056]
* Add _multibuild
* Bugfixes:
- asyn-thrdd: fix cleanup when RR fails due to OOM
- ftp: fix teardown of DATA connection in done
- http: fail early when rewind of input failed when following redirects
- multi: fix add_handle resizing
- tls BIOs: handle BIO_CTRL_EOF correctly
- tool_getparam: make --no-anyauth not be accepted
- wolfssl: fix sending of early data
- ws: handle blocked sends better
- ws: tests and fixes
- Sync spec file with SLE codestreams: [jsc#PED-13055, jsc#PED-13056]
* Add curl-mini.rpmlintrc to avoid rpmlint shlib-policy-name-error
when building the curl-mini package in SLE.
* Add libssh minimum version requirements.
* Use ldconfig_scriptlets when available.
* Remove unused option --disable-ntlm-wb.
- Update to 8.14.0:
* Changes:
- mqtt: send ping at upkeep interval
- schannel: handle pkcs12 client certificates containing CA certificates
- TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs
- vquic: ngtcp2 + openssl support
- wcurl: import v2025.04.20 script + docs
- websocket: add option to disable auto-pong reply
* Bugfixes:
- asny-thrdd: fix detach from running thread
- async-threaded resolver: use ref counter
- async: DoH improvements
- build: enable gcc-12/13+, clang-10+ picky warnings
- build: enable gcc-15 picky warnings
- certs: drop unused `default_bits` from `.prm` files
- cf-https-connect: use the passed in dns struct pointer
- cf-socket: fix FTP accept connect
- cfilters: remove assert
- cmake: fix nghttp3 static linking with `USE_OPENSSL_QUIC=ON`
- cmake: prefer `COMPILE_OPTIONS` over `CMAKE_C_FLAGS` for custom C options
- cmake: revert `CURL_LTO` behavior for multi-config generators
- configure: fix --disable-rt
- CONTRIBUTE: add project guidelines for AI use
- cpool/cshutdown: force close connections under pressure
- curl: fix memory leak when -h is used in config file
- curl_get_line: handle lines ending on the buffer boundary
- headers: enforce a max number of response header to accept
- http: fix HTTP/2 handling of TE request header using "trailers"
- lib: include files using known path
- lib: unify conversions to/from hex
- libssh: add NULL check for Curl_meta_get()
- libssh: fix memory leak
- mqtt: use conn/easy meta hash
- multi: do transfer book keeping using mid
- multi: init_do(): check result
- netrc: avoid NULL deref on weird input
- netrc: avoid strdup NULL
- netrc: deal with null token better
- openssl-quic: avoid potential `-Wnull-dereference`, add assert
- openssl-quic: fix shutdown when stream not open
- openssl: enable builds for *both* engines and providers
- openssl: set the cipher string before doing private cert
- progress: avoid integer overflow when gathering total transfer size
- rand: update comment on Curl_rand_bytes weak random
- rustls: make max size of cert and key reasonable
- smb: avoid integer overflow on weird input date
- urlapi: redirecting to "" is considered fine
- Update to 8.13.0:
* Changes:
- curl: add write-out variable 'tls_earlydata'
- curl: make --url support a file with URLs
- gnutls: set priority via --ciphers
- IMAP: add CURLOPT_UPLOAD_FLAGS and --upload-flags
- lib: add CURLFOLLOW_OBEYCODE and CURLFOLLOW_FIRSTONLY
- OpenSSL/quictls: add support for TLSv1.3 early data
- rustls: add support for CERTINFO
- rustls: add support for SSLKEYLOGFILE
- rustls: support ECH w/ DoH lookup for config
- rustls: support native platform verifier
- var: add a '64dec' function that can base64 decode a string
* Bugfixes:
- conn: fix connection reuse when SSL is optional
- hash: use single linked list for entries
- http2: detect session being closed on ingress handling
- http2: reset stream on response header error
- http: remove a HTTP method size restriction
- http: version negotiation
- httpsrr: fix port detection
- libssh: fix freeing of resources in disconnect
- libssh: fix scp large file upload for 32-bit size_t systems
- openssl-quic: do not iterate over multi handles
- openssl: check return value of X509_get0_pubkey
- openssl: drop support for old OpenSSL/LibreSSL versions
- openssl: fix crash on missing cert password
- openssl: fix pkcs11 URI checking for key files.
- openssl: remove bad `goto`s into other scope
- setopt: illegal CURLOPT_SOCKS5_AUTH should return error
- setopt: setting PROXYUSERPWD after PROXYUSERNAME/PASSWORD is fine
- sshserver.pl: adjust `AuthorizedKeysFile2` cutoff version
- sshserver: fix excluding obsolete client config lines
- SSLCERTS: list support for SSL_CERT_FILE and SSL_CERT_DIR
- tftpd: prefix TFTP protocol error `E*` constants with `TFTP_`
- tool_operate: fail SSH transfers without server auth
- url: call protocol handler's disconnect in Curl_conn_free
- urlapi: remove percent encoded dot sequences from the URL path
- urldata: remove 'hostname' from struct Curl_async
- Update to 8.12.1:
* Bugfixes:
- asyn-thread: fix build with 'CURL_DISABLE_SOCKETPAIR'
- asyn-thread: fix HTTPS RR crash
- asyn-thread: fix the returned bitmask from Curl_resolver_getsock
- asyn-thread: survive a c-ares channel set to NULL
- cmake: always reference OpenSSL and ZLIB via imported targets
- cmake: respect 'GNUTLS_CFLAGS' when detected via 'pkg-config'
- cmake: respect 'GNUTLS_LIBRARY_DIRS' in 'libcurl.pc' and 'curl-config'
- content_encoding: #error on too old zlib
- imap: TLS upgrade fix
- ldap: drop support for legacy Novell LDAP SDK
- libssh2: comparison is always true because rc <= -1
- libssh2: raise lowest supported version to 1.2.8
- libssh: drop support for libssh older than 0.9.0
- openssl-quic: ignore ciphers for h3
- pop3: TLS upgrade fix
- runtests: fix the disabling of the memory tracking
- runtests: quote commands to support paths with spaces
- scache: add magic checks
- smb: silence '-Warray-bounds' with gcc 13+
- smtp: TLS upgrade fix
- tool_cfgable: sort struct fields by size, use bitfields for booleans
- tool_getparam: add "TLS required" flag for each such option
- vtls: fix multissl-init
- wakeup_write: make sure the eventfd write sends eight bytes
- Update to 8.12.0:
* Changes:
- curl: add byte range support to --variable reading from file
- curl: make --etag-save acknowledge --create-dirs
- getinfo: fix CURLINFO_QUEUE_TIME_T and add 'time_queue' var
- getinfo: provide info which auth was used for HTTP and proxy
- hyper: drop support
- openssl: add support to use keys and certificates from PKCS#11 provider
- QUIC: 0RTT for gnutls via CURLSSLOPT_EARLYDATA
- vtls: feature ssls-export for SSL session im-/export
* Bugfixes:
- altsvc: avoid integer overflow in expire calculation
- asyn-ares: acknowledge CURLOPT_DNS_SERVERS set to NULL
- asyn-ares: fix memory leak
- asyn-ares: initial HTTPS resolve support
- asyn-thread: use c-ares to resolve HTTPS RR
- async-thread: avoid closing eventfd twice
- cd2nroff: do not insist on quoted <> within backticks
- cd2nroff: support "none" as a TLS backend
- conncache: count shutdowns against host and max limits
- content_encoding: drop support for zlib before 1.2.0.4
- content_encoding: namespace GZIP flag constants
- content_encoding: put the decomp buffers into the writer structs
- content_encoding: support use of custom libzstd memory functions
- cookie: cap expire times to 400 days
- cookie: parse only the exact expire date
- curl: return error if etag options are used with multiple URLs
- curl_multi_fdset: include the shutdown connections in the set
- curl_sha512_256: rename symbols to the curl namespace
- curl_url_set.md: adjust the added-in to 7.62.0
- doh: send HTTPS RR requests for all HTTP(S) transfers
- easy: allow connect-only handle reuse with easy_perform
- easy: make curl_easy_perform() return error if connection still there
- easy_lock: use Sleep(1) for thread yield on old Windows
- ECH: update APIs to those agreed with OpenSSL maintainers
- GnuTLS: fix 'time_appconnect' for early data
- HTTP/2: strip TE request header
- http2: fix data_pending check
- http2: fix value stored to 'result' is never read
- http: ignore invalid Retry-After times
- http_aws_sigv4: Fix invalid compare function handling zero-length pairs
- https-connect: start next immediately on failure
- lib: redirect handling by protocol handler
- multi: fix curl_multi_waitfds reporting of fd_count
- netrc: 'default' with no credentials is not a match
- netrc: fix password-only entries
- netrc: restore _netrc fallback logic
- ngtcp2: fix memory leak on connect failure
- openssl: define `HAVE_KEYLOG_CALLBACK` before use
- openssl: fix ECH logic
- osslq: use SSL_poll to determine writeability of QUIC streams
- sectransp: free certificate on error
- select: avoid a NULL deref in cwfds_add_sock
- src: omit hugehelp and ca-embed from libcurltool
- ssl session cache: change cache dimensions
- system.h: add 64-bit curl_off_t definitions for NonStop
- telnet: handle single-byte input option
- TLS: check connection for SSL use, not handler
- tool_formparse.c: make curlx_uztoso a static in here
- tool_formparse: accept digits in --form type= strings
- tool_getparam: ECH param parsing refix
- tool_getparam: fail --hostpubsha256 if libssh2 is not used
- tool_getparam: fix "Ignored Return Value"
- tool_getparam: fix memory leak on error in parse_ech
- tool_getparam: fix the ECH parser
- tool_operate: make --etag-compare always accept a non-existing file
- transfer: fix CURLOPT_CURLU override logic
- urlapi: fix redirect to a new fragment or query (only)
- vquic: make vquic_send_packets not return without setting psent
- vtls: fix default SSL backend as a fallback
- vtls: only remember the expiry timestamp in session cache
- websocket: fix message send corruption
- x509asn1: add parse recursion limit
ImportantSUSE bug 1246197SUSE bug 1249191SUSE bug 1249348SUSE bug 1249367CVE-2025-10148 at SUSECVE-2025-10148 at NVDCVE-2025-9086 at SUSECVE-2025-9086 at NVDcpe:/o:suse:sl-micro:6.0Security update for net-tools (Moderate)SUSE Linux Micro 6.0
This update for net-tools fixes the following issues:
- Fixed stack buffer overflow in parse_hex, proc_gen_fmt, ax25 and netrom (bsc#1248687)
- Fixed stack overflow in ax25 and netrom (bsc#1248687)
- CVE-2025-46836: Fixed stack buffer overflow caused by the absence of bound checks (bsc#1243581)
ModerateSUSE bug 1243581SUSE bug 1248410SUSE bug 1248687SUSE bug 142461SUSE bug 544339CVE-2025-46836 at SUSECVE-2025-46836 at NVDcpe:/o:suse:sl-micro:6.0Security update for git (Important)SUSE Linux Micro 6.0
This update for git fixes the following issues:
git was updated to 2.45.1:
* CVE-2024-32002: recursive clones on case-insensitive
filesystems that support symbolic links are susceptible to case
confusion (bsc#1224168)
* CVE-2024-32004: arbitrary code execution during local clones
(bsc#1224170)
* CVE-2024-32020: file overwriting vulnerability during local
clones (bsc#1224171)
* CVE-2024-32021: git may create hardlinks to arbitrary user-
readable files (bsc#1224172)
* CVE-2024-32465: arbitrary code execution during clone operations
(bsc#1224173)
Update to 2.45.0:
* Improved efficiency managing repositories with many references
("git init --ref-format=reftable")
* "git checkout -p" and friends learned that that "@" is a
synonym for "HEAD"
* cli improvements handling refs
* Expanded a number of commands and options, UI improvements
* status.showUntrackedFiles now accepts "true"
* git-cherry-pick(1) now automatically drops redundant commits
with new --empty option
* The userdiff patterns for C# has been updated.
Update to 2.44.0:
* "git checkout -B <branch>" now longer allows switching to a
branch that is in use on another worktree. The users need to
use "--ignore-other-worktrees" option.
* Faster server-side rebases with git replay
* Faster pack generation with multi-pack reuse
* rebase auto-squashing now works in non-interactive mode
* pathspec now understands attr, e.g. ':(attr:~binary) for
selecting non-binaries, or builtin_objectmode for selecting
items by file mode or other properties
* Many other cli UI and internal improvements and extensions
- Do not replace apparmor configuration, fixes bsc#1216545
Update to 2.43.2:
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.2.txt
* Update to a new feature recently added, "git show-ref --exists".
* Rename detection logic ignored the final line of a file if it
is an incomplete line.
* "git diff --no-rename A B" did not disable rename detection but
did not trigger an error from the command line parser.
* "git diff --no-index file1 file2" segfaulted while invoking the
external diff driver, which has been corrected.
* A failed "git tag -s" did not necessarily result in an error
depending on the crypto backend, which has been corrected.
* "git stash" sometimes was silent even when it failed due to
unwritable index file, which has been corrected.
* Recent conversion to allow more than 0/1 in GIT_FLUSH broke the
mechanism by flipping what yes/no means by mistake, which has
been corrected.
Update to 2.43.1:
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.1.txt
- gitweb AppArmor profile: allow reading etc/gitweb-common.conf
(bsc#1218664)
- git moved to /usr/libexec/git/git, update AppArmor profile
accordingly (bsc#1218588)
Update to 2.43.0:
* The "--rfc" option of "git format-patch" used to be a valid way to
override an earlier "--subject-prefix=<something>" on the command
line and replace it with "[RFC PATCH]", but from this release, it
merely prefixes the string "RFC " in front of the given subject
prefix. If you are negatively affected by this change, please use
"--subject-prefix=PATCH --rfc" as a replacement.
* In Git 2.42, "git rev-list --stdin" learned to take non-revisions
(like "--not") from the standard input, but the way such a "--not" was
handled was quite confusing, which has been rethought. The updated
rule is that "--not" given from the command line only affects revs
given from the command line that comes but not revs read from the
standard input, and "--not" read from the standard input affects
revs given from the standard input and not revs given from the
command line.
* A message written in olden time prevented a branch from getting
checked out, saying it is already checked out elsewhere. But these
days, we treat a branch that is being bisected or rebased just like
a branch that is checked out and protect it from getting modified
with the same codepath. The message has been rephrased to say that
the branch is "in use" to avoid confusion.
* Hourly and other schedules of "git maintenance" jobs are randomly
distributed now.
* "git cmd -h" learned to signal which options can be negated by
listing such options like "--[no-]opt".
* The way authentication related data other than passwords (e.g.,
oauth token and password expiration data) are stored in libsecret
keyrings has been rethought.
* Update the libsecret and wincred credential helpers to correctly
match which credential to erase; they erased the wrong entry in
some cases.
* Git GUI updates.
* "git format-patch" learned a new "--description-file" option that
lets cover letter description to be fed; this can be used on
detached HEAD where there is no branch description available, and
also can override the branch description if there is one.
* Use of the "--max-pack-size" option to allow multiple packfiles to
be created is now supported even when we are sending unreachable
objects to cruft packs.
* "git format-patch --rfc --subject-prefix=<foo>" used to ignore the
"--subject-prefix" option and used "[RFC PATCH]"; now we will add
"RFC" prefix to whatever subject prefix is specified.
* "git log --format" has been taught the %(decorate) placeholder for
further customization over what the "--decorate" option offers.
* The default log message created by "git revert", when reverting a
commit that records a revert, has been tweaked, to encourage people
to describe complex "revert of revert of revert" situations better in
their own words.
* The command-line completion support (in contrib/) learned to
complete "git commit --trailer=" for possible trailer keys.
* "git update-index" learned the "--show-index-version" option to
inspect the index format version used by the on-disk index file.
* "git diff" learned the "diff.statNameWidth" configuration variable,
to give the default width for the name part in the "--stat" output.
* "git range-diff --notes=foo" compared "log --notes=foo --notes" of
the two ranges, instead of using just the specified notes tree,
which has been corrected to use only the specified notes tree.
* The command line completion script (in contrib/) can be told to
complete aliases by including ": git <cmd> ;" in the alias to tell
it that the alias should be completed in a similar way to how "git
<cmd>" is completed. The parsing code for the alias has been
loosened to allow ';' without an extra space before it.
* "git for-each-ref" and friends learned to apply mailmap to
authorname and other fields in a more flexible way than using
separate placeholder letters like %a[eElL] every time we want to
come up with small variants.
* "git repack" machinery learned to pay attention to the "--filter="
option.
* "git repack" learned the "--max-cruft-size" option to prevent cruft
packs from growing without bounds.
* "git merge-tree" learned to take strategy backend specific options
via the "-X" option, like "git merge" does.
* "git log" and friends learned the "--dd" option that is a
short-hand for "--diff-merges=first-parent -p".
* The attribute subsystem learned to honor the "attr.tree"
configuration variable that specifies which tree to read the
.gitattributes files from.
* "git merge-file" learns a mode to read three variants of the
contents to be merged from blob objects.
* see https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.0.txt
Update 2.42.1:
* Fix "git diff" exit code handling
ImportantSUSE bug 1042640SUSE bug 1061041SUSE bug 1069468SUSE bug 1082023SUSE bug 1216545SUSE bug 1218588SUSE bug 1218664SUSE bug 1224168SUSE bug 1224170SUSE bug 1224171SUSE bug 1224172SUSE bug 1224173SUSE bug 779536CVE-2005-4900 at SUSECVE-2005-4900 at NVDCVE-2017-14867 at SUSECVE-2017-14867 at NVDCVE-2024-32002 at SUSECVE-2024-32002 at NVDCVE-2024-32004 at SUSECVE-2024-32004 at NVDCVE-2024-32020 at SUSECVE-2024-32020 at NVDCVE-2024-32021 at SUSECVE-2024-32021 at NVDCVE-2024-32465 at SUSECVE-2024-32465 at NVDcpe:/o:suse:sl-micro:6.0Security update for aaa_base (Moderate)SUSE Linux Micro 6.0
This update for aaa_base fixes the following issues:
Update to version 84.87+git20240906.742565b:
* yama-enable-ptrace: enforce changed behavior upon installation (bsc#1221763)
* Avoid unnecessary /bin/bash dependency
* sysctl: Fixup of not setting kernel.pid_max on 32b archs (bsc#1227117)
Update to version 84.87+git20240821.fbabe1d:
* Add helper service for soft-reboot
Update to version 84.87+git20240809.5d13eb4:
* cleanup aaa_base.post and fold back into specfile
Update to version 84.87+git20240805.7513b28:
* Remove obsolete resolv+ manual page
* Remove obsolete defaultdomain.5 manual page
* Move /etc/skel to /usr/etc/skel (hermetic-usr)
* Remove obsolete refresh_initrd
* Add deprecation notice for service [jsc#PED-266]
Update to version 84.87+git20240801.75f05dd:
* sysctl: Don't set kernel.pid_max on 32b archs (bsc#1227117)
Update to version 84.87+git20240620.57ee9e1:
* Remove legacy-actions support [jsc#PED-264]
Update to version 84.87+git20240617.f5ff27f:
* add /usr/bin/nu to etc/shells for nushell
Update to version 84.87+git20240614.332933e:
* Do not save/restore cursor for foot at status line
* Add tmux and others to DIR_COLORS (Issue #116)
* Remove kernel.pid_max limit (bsc#1219038)
* Add subpackge to enable ptrace
Update to version 84.87+git20240523.10a5692:
* Add tmpfiles.d/soft-reboot-cleanup.conf
Update to version 84.87+git20240415.e6815bf:
* drop obsolete 50-default-s390.conf (bsc#1211721)
* fix typo in alljava.csh and drop stderr redirection
Update to version 84.87+git20240402.16596d1:
* add alacritty to DIR_COLORS
* Make sure tput it present before resetting TERM
* Add mc helpers for both tcsh and bash resources
* Do not overwrite escape sequences for xterm like
* Check for valid TERM
Update to version 84.87+git20240202.9526d46:
* properly shorten the variable when setting JAVA_HOME and JRE_HOME
* silence output of alljava
* Restrict ptrace with Yama LSM by default
* patch alljava.sh and alljava.csh, use the links from update alternatives
Update to version 84.87+git20231023.f347d36:
* Remove %ghost lastlog entry, lastlog is long gone
* Remove shaky safe-rm and safe-rmdir helpers (bsc#1159103)
ModerateSUSE bug 1159103SUSE bug 1211721SUSE bug 1219038SUSE bug 1221763SUSE bug 1227117cpe:/o:suse:sl-micro:6.0Security update for kubevirt (Moderate)SUSE Linux Micro 6.0
This update for kubevirt fixes the following issues:
- Update to version 1.3.1
Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.3.1
Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.3.0
- Fix DV error report via VM printable status
- Fix permission error in storage migration tests
- Add registry path for SLE15 SP7
- Bump to the latest tag 1.3.1-150600.5.9.1
- Use the images based on SLE15 SP6 BCI
- Bump to the latest tag 1.2.2-150600.5.6.1
bsc#1221538; bsc#1220512; bsc#1223965
- Update to version 1.2.2
Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.2
Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.1
Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.0
- Pack configuration files for libvirt
ModerateSUSE bug 1220512SUSE bug 1221538SUSE bug 1223965cpe:/o:suse:sl-micro:6.0Security update for chrony (Moderate)SUSE Linux Micro 6.0
This update for chrony fixes the following issues:
- Update to version 4.8:
* Add maxunreach option to limit selection of unreachable sources
* Add -u option to chronyc to drop root privileges (default
chronyc user is set by configure script)
* Fix refclock extpps option to work on Linux >= 6.15
* Validate refclock samples for reachability updates
- Fix racy socket creation allowing privilege escalation to root (bsc#1246544)
- Update to version 4.7:
* Add opencommands directive to select remote monitoring
commands
* Add interval option to driftfile directive
* Add waitsynced and waitunsynced options to local directive
* Add sanity checks for integer values in configuration
* Add support for systemd Type=notify service
* Add RTC refclock driver
* Allow PHC refclock to be specified with network interface name
* Don’t require multiple refclock samples per poll to simplify
filter configuration
* Keep refclock reachable when dropping samples with large delay
* Improve quantile-based filtering to adapt faster to larger
delay
* Improve logging of selection failures
* Detect clock interference from other processes
* Try to reopen message log (-l option) on cyclelogs command
* Fix sourcedir reloading to not multiply sources
* Fix tracking offset after failed clock step
* Drop support for NTS with Nettle < 3.6 and GnuTLS < 3.6.14
* Drop support for building without POSIX threads
- Update to version 4.6.1:
* Add ntsaeads directive to enable only selected AEAD algorithms
for NTS.
* Negotiate use of compliant NTS keys with AES-128-GCM-SIV AEAD
algorithm.
* Switch to compliant NTS keys if first response from server is
NTS NAK.
- Drop rcFOO symlinks for CODE16 (PED-266).
- Update to version 4.6:
* Add activate option to local directive to set activation threshold
* Add ipv4 and ipv6 options to server/pool/peer directive
* Add kod option to ratelimit directive for server KoD RATE support
* Add leapseclist directive to read NIST/IERS leap-seconds.list file
* Add ptpdomain directive to set PTP domain for NTP over PTP
* Allow disabling pidfile
* Improve copy server option to accept unsynchronised status instantly
* Log one selection failure on start
* Add offset command to modify source offset correction
* Add timestamp sources to ntpdata report
* Fix crash on sources reload during initstepslew or RTC initialisation
* Fix source refreshment to not repeat failed name resolving attempts
- Update to version 4.5:
* Add support for AES-GCM-SIV in GnuTLS
* Add support for corrections from PTP transparent clocks
* Add support for systemd socket activation
* Fix presend in interleaved mode
* Fix reloading of modified sources from sourcedir
ModerateSUSE bug 1246544cpe:/o:suse:sl-micro:6.0Security update for libssh (Moderate)SUSE Linux Micro 6.0
This update for libssh fixes the following issues:
- CVE-2025-8114: Fixed NULL pointer dereference when calculating the session ID
during the key exchange (KEX) process (bsc#1246974)
- CVE-2025-8277: Fixed Memory Exhaustion via Repeated Key Exchange (bsc#1249375)
ModerateSUSE bug 1246974SUSE bug 1249375CVE-2025-8114 at SUSECVE-2025-8114 at NVDCVE-2025-8277 at SUSECVE-2025-8277 at NVDcpe:/o:suse:sl-micro:6.0Security update for open-vm-tools (Important)SUSE Linux Micro 6.0
This update for open-vm-tools fixes the following issues:
Update to open-vm-tools 13.0.5 based on build 24915695. (bsc#1250692):
Please refer to the Release Notes at https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/ReleaseNotes.md.
The granular changes that have gone into the open-vm-tools 13.0.5 release are in the ChangeLog at
https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/open-vm-tools/ChangeLog.
There are no new features in the open-vm-tools 13.0.5 release. This is
primarily a maintenance release that addresses a security issue.
This release resolves and includes the patch for CVE-2025-41244. For more
information on this vulnerability and its impact on Broadcom products,
see VMSA-2025-0015.
A minor enhancement has been made for Guest OS Customization. The
DeployPkg plugin has been updated to use "systemctl reboot", if available.
For a more complete list of issues addressed in this release, see the
What's New and Resolved Issues section of the Release Notes.
ImportantSUSE bug 1250373SUSE bug 1250692CVE-2025-41244 at SUSECVE-2025-41244 at NVDcpe:/o:suse:sl-micro:6.0Security update for openssl-3 (Moderate)SUSE Linux Micro 6.0
This update for openssl-3 fixes the following issues:
- CVE-2025-9230: Fix out-of-bounds read & write in RFC 3211 KEK unwrap (bsc#1250232)
- Disable LTO for userspace livepatching [jsc#PED-13245]
ModerateSUSE bug 1250232CVE-2025-9230 at SUSECVE-2025-9230 at NVDcpe:/o:suse:sl-micro:6.0Security update for libpcap (Moderate)SUSE Linux Micro 6.0
This update for libpcap fixes the following issues:
- CVE-2024-8006: Fixed NULL pointer dereference in pcap_findalldevs_ex() (bsc#1230034)
- CVE-2023-7256: Fixed double free via addrinfo in sock_initaddress() (bsc#1230020)
ModerateSUSE bug 1230020SUSE bug 1230034CVE-2023-7256 at SUSECVE-2023-7256 at NVDCVE-2024-8006 at SUSECVE-2024-8006 at NVDcpe:/o:suse:sl-micro:6.0Security update for expat (Important)SUSE Linux Micro 6.0
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations
by submitting crafted XML input (bsc#1249584).
ImportantSUSE bug 1249584CVE-2025-59375 at SUSECVE-2025-59375 at NVDcpe:/o:suse:sl-micro:6.0Security update for podman (Important)SUSE Linux Micro 6.0
This update for podman fixes the following issues:
- CVE-2025-9566: Fixed kube play command overwriting host files (bsc#1249154)
ImportantSUSE bug 1249154CVE-2024-6104 at SUSECVE-2024-6104 at NVDCVE-2025-22869 at SUSECVE-2025-22869 at NVDCVE-2025-27144 at SUSECVE-2025-27144 at NVDCVE-2025-6032 at SUSECVE-2025-6032 at NVDCVE-2025-9566 at SUSECVE-2025-9566 at NVDcpe:/o:suse:sl-micro:6.0Security update for haproxy (Moderate)SUSE Linux Micro 6.0
This update for haproxy fixes the following issues:
- CVE-2025-11230: Fixed mjson JSON decoder excessive resource consumption (bsc#1250983)
ModerateSUSE bug 1250983CVE-2025-11230 at SUSECVE-2025-11230 at NVDcpe:/o:suse:sl-micro:6.0Security update for libxslt (Moderate)SUSE Linux Micro 6.0
This update for libxslt fixes the following issues:
- CVE-2025-11731: type confusion in exsltFuncResultCompfunction leading to denial of service (bsc#1251979)
- CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553)
ModerateSUSE bug 1250553SUSE bug 1251979CVE-2025-10911 at SUSECVE-2025-10911 at NVDCVE-2025-11731 at SUSECVE-2025-11731 at NVDcpe:/o:suse:sl-micro:6.0Security update for colord (Moderate)SUSE Linux Micro 6.0
This update for colord fixes the following issues:
- CVE-2021-42523: Fixed information disclosure in cd-device-db.c
and cd-profile-db.c (bsc#1250750).
ModerateSUSE bug 1250750CVE-2021-42523 at SUSECVE-2021-42523 at NVDcpe:/o:suse:sl-micro:6.0Security update for libsoup (Important)SUSE Linux Micro 6.0
This update for libsoup fixes the following issues:
- CVE-2025-11021: Ignore invalid date when processing cookies to prevent out-of-bounds read (bsc#1250562).
ImportantSUSE bug 1250562CVE-2025-11021 at SUSECVE-2025-11021 at NVDcpe:/o:suse:sl-micro:6.0Security update for runc (Important)SUSE Linux Micro 6.0
This update for runc fixes the following issues:
Update to runc v1.3.3. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.3>. bsc#1252232
* CVE-2025-31133
* CVE-2025-52565
* CVE-2025-52881
Update to runc v1.3.2. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.2> bsc#1252110
- Includes an important fix for the CPUSet translation for cgroupv2.
ImportantSUSE bug 1252110SUSE bug 1252232CVE-2025-31133 at SUSECVE-2025-31133 at NVDCVE-2025-52565 at SUSECVE-2025-52565 at NVDCVE-2025-52881 at SUSECVE-2025-52881 at NVDcpe:/o:suse:sl-micro:6.0Security update for podman (Moderate)SUSE Linux Micro 6.0
This update for podman fixes the following issues:
- CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: Fixed various container breakouts (bsc#1252376):
- Fixed podman & buildah with runc 1.3.2 fail with lots of warnings as rootless (bsc#1252543)
ModerateSUSE bug 1252376SUSE bug 1252543CVE-2025-31133 at SUSECVE-2025-31133 at NVDCVE-2025-52565 at SUSECVE-2025-52565 at NVDCVE-2025-52881 at SUSECVE-2025-52881 at NVDcpe:/o:suse:sl-micro:6.0Security update for tiff (Important)SUSE Linux Micro 6.0
This update for tiff fixes the following issues:
tiff was updated to 4.7.1:
Software configuration changes:
* Define HAVE_JPEGTURBO_DUAL_MODE_8_12 and LERC_STATIC in tif_config.h.
* CMake: define WORDS_BIGENDIAN via tif_config.h
* doc/CMakeLists.txt: remove useless cmake_minimum_required()
* CMake: fix build with LLVM/Clang 17 (fixes issue #651)
* CMake: set CMP0074 new policy
* Set LINKER_LANGUAGE for C targets with C deps
* Export tiffxx cmake target (fixes issue #674)
* autogen.sh: Enable verbose wget.
* configure.ac: Syntax updates for Autoconf 2.71
* autogen.sh: Re-implement based on autoreconf. Failure to update
config.guess/config.sub does not return error (fixes issue #672)
* CMake: fix CMake 4.0 warning when minimum required version is < 3.10.
* CMake: Add build option tiff-static (fixes issue #709)
Library changes:
* Add TIFFOpenOptionsSetWarnAboutUnknownTags() for explicit control
about emitting warnings for unknown tags. No longer emit warnings
about unknown tags by default
* tif_predict.c: speed-up decompression in some cases.
Bug fixes:
* tif_fax3: For fax group 3 data if no EOL is detected, reading is
retried without synchronisation for EOLs. (fixes issue #54)
* Updating TIFFMergeFieldInfo() with read_count=write_count=0 for
FIELD_IGNORE. Updating TIFFMergeFieldInfo() with read_count=write_count=0 for
FIELD_IGNORE. Improving handling when field_name = NULL. (fixes issue #532)
* tiff.h: add COMPRESSION_JXL_DNG_1_7=52546 as used for JPEGXL compression in
the DNG 1.7 specification
* TIFFWriteDirectorySec: Increment string length for ASCII tags for codec tags
defined with FIELD_xxx bits, as it is done for FIELD_CUSTOM tags. (fixes issue #648)
* Do not error out on a tag whose tag count value is zero, just issue a warning.
Fix parsing a private tag 0x80a6 (fixes issue #647)
* TIFFDefaultTransferFunction(): give up beyond td_bitspersample = 24
Fixes https://github.com/OSGeo/gdal/issues/10875)
* tif_getimage.c: Remove unnecessary calls to TIFFRGBAImageOK() (fixes issue #175)
* Fix writing a Predictor=3 file with non-native endianness
* _TIFFVSetField(): fix potential use of unallocated memory (out-of-bounds
* read / nullptr dereference) in case of out-of-memory situation when dealing with
custom tags (fixes issue #663)
* tif_fax3.c: Error out for CCITT fax encoding if SamplesPerPixel is not equal 1 and
PlanarConfiguration = Contiguous (fixes issue #26)
* tif_fax3.c: error out after a number of times end-of-line or unexpected bad code
words have been reached. (fixes issue #670)
* Fix memory leak in TIFFSetupStrips() (fixes issue #665)
* tif_zip.c: Provide zlib allocation functions. Otherwise for zlib built with
-DZ_SOLO inflating will fail.
* Fix memory leak in _TIFFSetDefaultCompressionState. (fixes issue #676)
* tif_predict.c: Don’t overwrite input buffer of TIFFWriteScanline() if "prediction"
is enabled. Use extra working buffer in PredictorEncodeRow(). (fixes issue #5)
* tif_getimage.c: update some integer overflow checks (fixes issue #79)
* tif_getimage.c: Fix buffer underflow crash for less raster rows at
TIFFReadRGBAImageOriented() (fixes issue #704, bsc#1250413, CVE-2025-9900)
* TIFFReadRGBAImage(): several fixes to avoid buffer overflows.
* Correct passing arguments to TIFFCvtIEEEFloatToNative() and TIFFCvtIEEEDoubleToNative()
if HAVE_IEEEFP is not defined. (fixes issue #699)
* LZWDecode(): avoid nullptr dereference when trying to read again after EOI marker
has been found with remaining output bytes (fixes issue #698)
* TIFFSetSubDirectory(): check _TIFFCheckDirNumberAndOffset() return.
* TIFFUnlinkDirectory() and TIFFWriteDirectorySec(): clear tif_rawcp when clearing
tif_rawdata (fixes issue #711)
* JPEGEncodeRaw(): error out if a previous scanline failed to be written, to avoid
out-of-bounds access (fixes issue #714)
* tif_jpeg: Fix bug in JPEGDecodeRaw() if JPEG_LIB_MK1_OR_12BIT is defined for 8/12bit
dual mode, introduced in libjpeg-turbo 2.2, which was actually released as 3.0.
Fixes issue #717
* add assert for TIFFReadCustomDirectory infoarray check.
* ppm2tiff: Fix bug in pack_words trailing bytes, where last two bytes of each line
were written wrongly. (fixes issue #467)
* fax2ps: fix regression of commit 28c38d648b64a66c3218778c4745225fe3e3a06d where
TIFFTAG_FAXFILLFUNC is being used rather than an output buffer (fixes issue #649)
* tiff2pdf: Check TIFFTAG_TILELENGTH and TIFFTAGTILEWIDTH (fixes issue #650)
* tiff2pdf: check h_samp and v_samp for range 1 to 4 to avoid division by zero.
Fixes issue #654
* tiff2pdf: avoid null pointer dereference. (fixes issue #741)
* Improve non-secure integer overflow check (comparison of division result with
multiplicant) at compiler optimisation in tiffcp, rgb2ycbcr and tiff2rgba.
Fixes issue #546
* tiff2rgba: fix some "a partial expression can generate an overflow before it is
assigned to a broader type" warnings. (fixes issue #682)
* tiffdither/tiffmedian: Don't skip the first line of the input image. (fixes issue #703)
* tiffdither: avoid out-of-bounds read identified in issue #733
* tiffmedian: error out if TIFFReadScanline() fails (fixes issue #707)
* tiffmedian: close input file. (fixes issue #735)
* thumbail: avoid potential out of bounds access (fixes issue #715)
* tiffcrop: close open TIFF files and release allocated buffers before exiting in case
of error to avoid memory leaks. (fixes issue #716)
* tiffcrop: fix double-free and memory leak exposed by issue #721
* tiffcrop: avoid buffer overflow. (fixes issue #740)
* tiffcrop: avoid nullptr dereference. (fixes issue #734)
* tiffdump: Fix coverity scan issue CID 1373365: Passing tainted expression *datamem
to PrintData, which uses it as a divisor or modulus.
* tiff2ps: check return of TIFFGetFiled() for TIFFTAG_STRIPBYTECOUNTS and
TIFFTAG_TILEBYTECOUNTS to avoid NULL pointer dereference. (fixes issue #718)
* tiffcmp: fix memory leak when second file cannot be opened. (fixes issue #718 and issue #729)
* tiffcp: fix setting compression level for lossless codecs. (fixes issue #730)
* raw2tiff: close input file before exit (fixes issue #742)
Tools changes:
* tiffinfo: add a -W switch to warn about unknown tags.
* tiffdither: process all pages in input TIFF file.
Documentation:
* TIFFRGBAImage.rst note added for incorrect saving of images with TIFF orientation
from 5 (LeftTop) to 8 (LeftBottom) in the raster.
* TIFFRGBAImage.rst note added about un-associated alpha handling (fixes issue #67)
* Update "Defining New TIFF Tags" description. (fixes issue #642)
* Fix return type of TIFFReadEncodedTile()
* Update the documentation to reflect deprecated typedefs.
* TIFFWriteDirectory.rst: Clarify TIFFSetWriteOffset() only sets offset for image
data and not for IFD data.
* Update documentation on re-entrancy and thread safety.
* Remove dead links to no more existing Awaresystems web-site.
* Updating BigTIFF specification and some miscelaneous editions.
* Replace some last links and remove last todos.
* Added hints for correct allocation of TIFFYCbCrtoRGB structure and its
associated buffers. (fixes issue #681)
* Added chapter to "Using the TIFF Library" with links to handling multi-page TIFF
and custom directories. (fixes issue #43)
* update TIFFOpen.rst with the return values of mapproc and unmapproc. (fixes issue #12)
* CVE-2025-8961: Fix segmentation fault via main function of tiffcrop utility [bsc#1248117]
* CVE-2025-8534: Fix null pointer dereference in function PS_Lvl2page [bsc#1247582]
* CVE-2025-9165: Fix local execution manipulation can lead to memory leak [bsc#1248330]
* CVE-2024-13978: Fix null pointer dereference in tiff2pdf [bsc#1247581]
Fix TIFFMergeFieldInfo() read_count=write_count=0 (bsc#1243503)
* CVE-2025-8176: Fix heap use-after-free in tools/tiffmedian.c [bsc#1247108]
* CVE-2025-8177: Fix possible buffer overflow in tools/thumbnail.c:setrow() [bsc#1247106]
*Fix memory leaks (bsc#1236834)
Update to 4.7.0:
* This version restores in the default build the availability of
the tools that had been dropped in v4.6.0
See https://libtiff.gitlab.io/libtiff/rfcs/rfc2_restoring_needed_tools.html#rfc2-restoring-needed-tools
* Software configuration changes:
+ autoconf build: configure.ac: avoid -Werror passed to CFLAGS to interfere with feature detection
+ autoconf build: fix error when running make clean (fixes issue #630)
+ autoconf build: back off the minimum required automake version to 1.11
+ autoconf.ac: fix detection of windows.h for mingw (fixes issue #605)
+ libtiff-4.pc: Fix Requires.private missing Lerc. It provides a .pc file
starting from version 4 (in autoconf builds, we assume that liblerc is at least version 4)
+ CMake: Fix TIFF_INCLUDE_DIRS
+ CMake: MinGW compilers don't need a .def file for shared library
+ CMake: move libdeflate and Lerc to Requires.private
+ CMake: enable resource compilation on all Windows.
* Library changes:
+ Add TIFFOpenOptionsSetMaxCumulatedMemAlloc(). This function complements
TIFFOpenOptionsSetMaxSingleMemAlloc() to define the maximum cumulated memory
allocations in byte, for a given TIFF handle, that libtiff internal memory
allocation functions are allowed.
+ TIFFWriteDirectory(): Avoid overwriting following data if an IFD is enlarged.
+ TIFFXYZToRGB: avoid integer overflow (fixes issue #644)
+ uv_decode() and uv_encode(): avoid potential out-of-bounds array index (fixes issue #645)
+ Fix cases where tif_curdir is set incorrectly. Fix cases where the current directory number (tif_curdir)
is set inconsistently or incorrectly, depending on the previous history.
+ TIFFRead[Scanline/EncodedStrip/EncodeTile]: 0-initialize output buffer if setupdecode fails ;
most codecs: zero-initialize (not-yet-written parts of) output buffer if failure (fixes issue #375)
+ OJPEG: reset subsampling_convert_state=0 in OJPEGPreDecode (fixes issue #183)
+ ThunderRLE: fix failure when decoding last run. Bug seen with GhostPDL
+ LERC codec: deal with issues with multi-band PlanarConfig=Contig and NaN values
+ tif_fax3.c: error out after a number of times end-of-file has been reached (fixes issue #583)
+ LZW: avoid warning about misaligned address with UBSAN (fixes issue #616)
+ TIFFReadRGBAStrip/TIFFReadRGBATile: add more validation of col/row (fixes issue #622, CVE-2023-52356)
+ tif_dirread.c: only issue TIFFGetFileSize() for large enough RAM requests
+ Avoid FPEs (division by zero) in tif_getimage.c.
+ Avoiding FPE (division by zero) for TIFFhowmany_32() and TIFFhowmany_64() macros by checking for
denominator not zero before macros are executed. (fixes issue #628)
+ Add non-zero check before division in TIFFComputeStrip()
+ Fix wrong return of TIFFIsBigTIFF() in case byte-swapping is active
+ Setting the TIFFFieldInfo field set_field_type should consider field_writecount not field_readcount
+ Avoid memory leaks when using TIFFCreateDirectory() by releasing the allocated memory in the tif-structure.
+ For non-terminated ASCII arrays, the buffer is first enlarged before a NULL is set at the end to
avoid deleting the last character. (fixes issue #579)
+ Check return value of _TIFFCreateAnonField(). (fixes issue #624, CVE-2024-7006)
+ Prevent some out-of-memory attacks (https://gitlab.com/libtiff/libtiff/-/issues/614#note_1602683857)
+ Ensure absolute seeking is forced independent of TIFFReadDirectory success. (fixes issue #618)
+ tif_dirinfo.c: re-enable TIFFTAG_EP_CFAREPEATPATTERNDIM and TIFFTAG_EP_CFAPATTERN tags (fixes issue #608)
+ Fix warnings with GCC 14
+ tif_dir.c: Log source file, line number, and input tif for directory count error (fixes issue #627)
+ Last usage of get_field_type of TIFFField structure at TIFFWriteDirectorySec() changed to using set_field_type.
+ tif_jpeg.c/tif_ojpeg.c: remove likely ifdef tricks related to old compilers or unusual setups
+ Remove _TIFFUInt64ToFloat() and _TIFFUInt64ToDouble()
+ Remove support for _MSC_VER < 1500.
+ Use #ifdef _WIN32 to test for Windows, and tiffio.h: remove definition of __WIN32__
* Documentation:
+ Amend manpages for changes in current directory index behaviour
+ Note on using TIFFFlush() before TIFFClose() to check that the data has been successfully written to the file. (fixes issue #506)
+ Update TIFF documentation about TIFFOpenOptions.rst and TIFFOpenOptionsSetMaxSingleMemAlloc() usage and some other small fixes (relates to CVE-2024-7006)
* Re-added tools:
+ fax2ps
+ fax2tiff
+ pal2rgb
+ ppm2tiff
+ raw2tiff
+ rgb2ycbcr (not installed)
+ thumbnail (not installed)
+ tiff2bw
+ tiff2rgba
+ tiffcmp
+ tiffcrop
+ tiffdither
+ tiffgt
+ tiffmedian
+ tiff2ps
+ tiff2pdf
* New/improved functionality:
+ tiff2rgba: Add background gradient option for alpha compositing
+ tiffcp: -i flag restored
* Bug fixes for tools:
+ tiffcrop: address Coverity scan issues 1605444, 1605445, and 16054
+ tiffcrop: Apply "Fix heap-buffer-overflow in function extractImageSection"
+ tiffcrop: fix buffer overflows, use after free (fixes issue #542, issue #550, issue #552)
+ tiff2pdf: address Coverity scan issues
+ tiff2pdf: fix inconsistent PLANARCONFIG value for the input and output TIFF
+ tiff2pdf: fix issue with JPEG restart-interval marker when converting from JPEG-compressed files (fixes issue #539)
+ tiff2pdf: red and blue were being swapped for RGBA decoding (fixes issue #253)
+ tiff2pdf: fixes issue #596
+ thumbnail: address Coverity scan issues
+ tiffcp: Add check for limitMalloc return to fix Coverity 1603334
+ tiffcp: preserve TIFFTAG_REFERENCEBLACKWHITE when doing YCbCr JPEG -> YCbCr JPEG
+ tiffcp: replace PHOTOMETRIC_YCBCR with PHOTOMETRIC_RGB when outputing to compression != JPEG (refs issue #571)
+ tiffcp: do not copy tags YCBCRCOEFFICIENTS, YCBCRSUBSAMPLING, YCBCRPOSITIONING, REFERENCEBLACKWHITE. Only set YCBCRSUBSAMPLING when generating YCbCr JPEG
+ tiffcp: Check also codec of input image, not only from output image (fixes issue #606)
+ Add some basic sanity checks for tiffcp and tiffcrop RGB->YCbCr JPEG conversions.
+ fax2ps and fax2tiff: memory leak fixes (fixes issue #476)
+ tiffmedian: memory leak fixes (fixes issue #599)
+ fax2tiff: fix EOFB interpretation (fixes issue #191)
+ fax2tiff: fix issue with unreasonable width input (fixes issue #249)
+ tiffcp and tiffcrop: fixes issue #228
+ tiff2rgba: fixes issue #469
+ tiffdither: fixes issue #473
+ tiffdump: fix wrong printf formatter in error message (Coverity 1472932)
+ tiffset: avoid false positive Coverity Scan warning on 64-bit builds (Coverity 1518997)
+ tifcp/tiffset: use correct format specifiers
ImportantSUSE bug 1236834SUSE bug 1243503SUSE bug 1247106SUSE bug 1247108SUSE bug 1247581SUSE bug 1247582SUSE bug 1248117SUSE bug 1248330SUSE bug 1250413CVE-2023-52356 at SUSECVE-2023-52356 at NVDCVE-2024-13978 at SUSECVE-2024-13978 at NVDCVE-2024-7006 at SUSECVE-2024-7006 at NVDCVE-2025-8176 at SUSECVE-2025-8176 at NVDCVE-2025-8177 at SUSECVE-2025-8177 at NVDCVE-2025-8534 at SUSECVE-2025-8534 at NVDCVE-2025-8961 at SUSECVE-2025-8961 at NVDCVE-2025-9165 at SUSECVE-2025-9165 at NVDCVE-2025-9900 at SUSECVE-2025-9900 at NVDcpe:/o:suse:sl-micro:6.0Security update for containerd (Important)SUSE Linux Micro 6.0
This update for containerd fixes the following issues:
Update to containerd v1.7.29:
- CVE-2024-25621: Fixed overly broad default permission vulnerability (bsc#1253126).
- CVE-2025-64329: Fixed goroutine leaks that could have led to memory exhaustion on the host (bsc#1253132).
ImportantSUSE bug 1253126SUSE bug 1253132CVE-2024-25621 at SUSECVE-2024-25621 at NVDCVE-2025-64329 at SUSECVE-2025-64329 at NVDcpe:/o:suse:sl-micro:6.0Security update for orc (Important)SUSE Linux Micro 6.0
This update for orc fixes the following issues:
- CVE-2024-40897: Fixed a stack-based buffer overflow when formatting error messages (bsc#1228184)
ImportantSUSE bug 1228184CVE-2024-40897 at SUSECVE-2024-40897 at NVDcpe:/o:suse:sl-micro:6.0Security update for helm (Moderate)SUSE Linux Micro 6.0
This update for helm fixes the following issues:
Update to version 3.19.1 (bsc#1251649, CVE-2025-58190, bsc#1251442, CVE-2025-47911):
* chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29
* jsonschema: warn and ignore unresolved URN $ref to match v3.18.4
* Avoid "panic: interface conversion: interface {} is nil"
* Fix `helm pull` untar dir check with repo urls
* chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10
* Add timeout flag to repo add and update flags
* chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.43.0
Update to version 3.19.0:
* fix: use username and password if provided
* chore(deps): bump the k8s-io group with 7 updates
* chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1
* chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1
* chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0
* fix(helm-lint): fmt
* fix(helm-lint): Add TLSClientConfig
* fix(helm-lint): Add HTTP/HTTPS URL support for json schema references
* chore(deps): bump the k8s-io group with 7 updates
* fix: go mod tidy for v3
* chore(deps): bump golang.org/x/crypto from 0.40.0 to 0.41.0
* chore(deps): bump golang.org/x/term from 0.33.0 to 0.34.0
* fix Chart.yaml handling
* Handle messy index files
* chore(deps): bump github.com/containerd/containerd from 1.7.27 to 1.7.28
* json schema fix
* fix: k8s version parsing to match original
* chore(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0
* Do not explicitly set SNI in HTTPGetter
* chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7
* chore(deps): bump the k8s-io group with 7 updates
* chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0
* chore(deps): bump golang.org/x/term from 0.32.0 to 0.33.0
* chore(deps): bump golang.org/x/text from 0.26.0 to 0.27.0
* Disabling linter due to unknown issue
* Updating link handling
* Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1
* build(deps): bump the k8s-io group with 7 updates
* build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0
* fix: user username password for login
* Update pkg/registry/transport.go
* Update pkg/registry/transport.go
* fix: add debug logging to oci transport
* build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
* build(deps): bump golang.org/x/text from 0.25.0 to 0.26.0
* fix: legacy docker support broken for login
* fix: plugin installer test with no Internet
* Handle an empty registry config file.
* Prevent fetching newReference again as we have in calling method
* Prevent failure when resolving version tags in oras memory store
* fix(client): skipnode utilization for PreCopy
* test: Skip instead of returning early. looks more intentional
* test: tests repo stripping functionality
* test: include tests for Login based on different protocol prefixes
* fix(client): layers now returns manifest - remove duplicate from descriptors
* fix(client): return nil on non-allowed media types
* Fix 3.18.0 regression: registry login with scheme
* Update pkg/plugin/plugin.go
* Update pkg/plugin/plugin.go
* Wait for Helm v4 before raising when platformCommand and Command are set
* Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]"
* build(deps): bump the k8s-io group with 7 updates
* chore: update generalization warning message
* build(deps): bump oras.land/oras-go/v2 from 2.5.0 to 2.6.0
* build(deps): bump the k8s-io group with 7 updates
* build(deps): bump golang.org/x/crypto from 0.37.0 to 0.38.0
* fix: move warning to top of block
* fix: govulncheck workflow
* fix: replace fmt warning with slog
* fix: add warning when ignore repo flag
* bump version to v3.18.0
* backport #30673 to dev-v3
* feat: add httproute from gateway-api to create chart template
Update to version 3.18.6:
* fix(helm-lint): Add TLSClientConfig
* fix(helm-lint): Add HTTP/HTTPS URL support for json schema
references
Update to version 3.18.5:
* fix Chart.yaml handling 7799b48 (Matt Farina)
* Handle messy index files dd8502f (Matt Farina)
* json schema fix cb8595b (Robert Sirchia)
Fix shell completion dependencies
* Add BuildRequires to prevent inclusion of folders owned by shells.
* Add Requires because installing completions without appropriate
shell is questionable.
- Fix zsh completion location
ModerateSUSE bug 1251442SUSE bug 1251649CVE-2025-47911 at SUSECVE-2025-47911 at NVDCVE-2025-58190 at SUSECVE-2025-58190 at NVDcpe:/o:suse:sl-micro:6.0Security update for openssh (Moderate)SUSE Linux Micro 6.0
This update for openssh fixes the following issues:
- CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198).
- CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used (bsc#1251199).
ModerateSUSE bug 1251198SUSE bug 1251199CVE-2025-61984 at SUSECVE-2025-61984 at NVDCVE-2025-61985 at SUSECVE-2025-61985 at NVDcpe:/o:suse:sl-micro:6.0Recommended update for afterburn (Moderate)SUSE Linux Micro 6.0
This update for afterburn fixes the following issues:
- Update to version 5.9.0.git21.a73f509:
* docs/release-notes: update for release 5.10.0
* cargo: update dependencies
* microsoft/azure: Add XML attribute alias for serde-xml-rs Fedora compat
* docs/release-notes: Add entry for Azure SharedConfig XML parsing fix
* microsoft/azure: Fix SharedConfig parsing of XML attributes
* microsoft/azure: Mock goalstate.SharedConfig output in tests
* providers/azure: switch SSH key retrieval from certs endpoint to IMDS
as azure stopped providing keys in the old one (bsc#1250471)
* build(deps): bump the build group with 8 updates
* build(deps): bump slab from 0.4.10 to 0.4.11
* build(deps): bump actions/checkout from 4 to 5
* upcloud: implement UpCloud provider
* build(deps): bump the build group with 4 updates
* Sync repo templates ⚙
- Update to version 5.9.0:
* cargo: Afterburn release 5.9.0
* docs/release-notes: update for release 5.9.0
* cargo: update dependencies
* Add TMT test structure and basic smoke test
* build(deps): bump openssl from 0.10.72 to 0.10.73
* build(deps): bump reqwest from 0.12.15 to 0.12.18
* docs/release-notes: Update changelog entry
* dracut: Return 255 in module-setup
* oraclecloud: add release note and move base URL to constant
* oraclecloud: implement oraclecloud provider
* build(deps): bump nix from 0.29.0 to 0.30.1
* build(deps): bump zbus from 5.7.0 to 5.7.1
* build(deps): bump serde-xml-rs from 0.6.0 to 0.8.1
* build(deps): bump ipnetwork from 0.20.0 to 0.21.1
* build(deps): bump clap from 4.5.38 to 4.5.39
ModerateSUSE bug 1250471CVE-2025-5791 at SUSECVE-2025-5791 at NVDcpe:/o:suse:sl-micro:6.0Security update for unbound (Important)SUSE Linux Micro 6.0
This update for unbound fixes the following issues:
- CVE-2025-11411: Fixed promiscuous records leading to domain hijacking (bsc#1252525)
ImportantSUSE bug 1252525CVE-2025-11411 at SUSECVE-2025-11411 at NVDcpe:/o:suse:sl-micro:6.0Security update for sssd (Important)SUSE Linux Micro 6.0
This update for sssd fixes the following issues:
- CVE-2025-11561: Fixed default Kerberos configuration allowing
privilege escalation on AD-joined Linux systems (bsc#1251827)
Other fixes:
- Install file in krb5.conf.d to include sssd krb5 config snippets
(bsc#1244325)
ImportantSUSE bug 1244325SUSE bug 1251827CVE-2025-11561 at SUSECVE-2025-11561 at NVDcpe:/o:suse:sl-micro:6.0Security update for curl (Moderate)SUSE Linux Micro 6.0
This update for curl fixes the following issues:
- CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes (bsc#1253757).
ModerateSUSE bug 1253757CVE-2025-11563 at SUSECVE-2025-11563 at NVDcpe:/o:suse:sl-micro:6.0Security update for python311 (Moderate)SUSE Linux Micro 6.0
This update for python311 fixes the following issues:
Update to 3.11.14:
- CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory (EOCD) is not checked by the 'zipfile'
module (bsc#1251305).
- CVE-2025-6075: Fixed the value passed to os.path.expandvars() is user-controlled a performance degradation
is possible when expanding environment variables (bsc#1252974).
ModerateSUSE bug 1251305SUSE bug 1252974CVE-2025-6075 at SUSECVE-2025-6075 at NVDCVE-2025-8291 at SUSECVE-2025-8291 at NVDcpe:/o:suse:sl-micro:6.0Security update for libmicrohttpd (Important)SUSE Linux Micro 6.0
This update for libmicrohttpd fixes the following issues:
- CVE-2025-59777: Fixed NULL pointer dereference (bsc#1253177).
- CVE-2025-62689: Fixed heap-based buffer overflow(bsc#1253178).
ImportantSUSE bug 1253177SUSE bug 1253178CVE-2025-59777 at SUSECVE-2025-59777 at NVDCVE-2025-62689 at SUSECVE-2025-62689 at NVDcpe:/o:suse:sl-micro:6.0Security update for glib2 (Moderate)SUSE Linux Micro 6.0
This update for glib2 fixes the following issues:
- CVE-2025-7039: Fixed Buffer Under-read in gfileutils.c (bsc#1249055)
ModerateSUSE bug 1249055CVE-2025-7039 at SUSECVE-2025-7039 at NVDcpe:/o:suse:sl-micro:6.0Security update for gnutls (Moderate)SUSE Linux Micro 6.0
This update for gnutls fixes the following issues:
- CVE-2025-9820: Fixed buffer overflow in gnutls_pkcs11_token_init (bsc#1254132).
ModerateSUSE bug 1254132CVE-2025-9820 at SUSECVE-2025-9820 at NVDcpe:/o:suse:sl-micro:6.0Security update 5.0.6 for Multi-Linux Manager Client Tools, Salt and Salt Bundle (Important)SUSE Linux Micro 6.0
This update fixes the following issues:
salt:
- Security issues fixed:
- CVE-2025-62349: Added minimum_auth_version to enforce security (bsc#1254257)
- CVE-2025-62348: Fixed Junos module yaml loader (bsc#1254256)
- Backport security fixes for vendored tornado
* BDSA-2024-3438
* BDSA-2024-3439
* BDSA-2024-9026
- Other changes and bugs fixed:
- Fixed TLS and x509 modules for OSes with older cryptography module
- Fixed Salt for Python > 3.11 (bsc#1252285) (bsc#1252244)
* Use external tornado on Python > 3.11
* Make tls and x509 to use python-cryptography
* Remove usage of spwd
- Fixed payload signature verification on Tumbleweed (bsc#1251776)
- Fixed broken symlink on migration to Leap 16.0 (bsc#1250755)
- Fixed known_hosts error on gitfs (bsc#1250520) (bsc#1227207)
- Fixed functional.states.test_user for SLES 16 and Micro systems
- Fixed the tests failing on AlmaLinux 10 and other clones
- Improved SL Micro 6.2 detection with grains
- Require Python dependencies only for used Python version
- Reverted requirement of M2Crypto >= 0.44.0 for SUSE Family distros
- Set python-CherryPy as required for python-salt-testsuite
uyuni-tools:
- Version 0.1.37-0
* Added --registry-host, --registry-user and --registry-password to pull images from an authenticate registry
* Added a lowercase version of --logLevel (bsc#1243611)
* Added migration for server monitoring configuration (bsc#1247688)
* Added SLE15SP7 to buildin productmap
* Adjusted traefik exposed configuration for chart v27+ (bsc#1247721)
* Automatically get up-to-date systemid file on salt based proxy hosts (bsc#1246789)
* Check for restorecon presence before calling (bsc#1246925)
* Convert the traefik install time to local time (bsc#1251138)
* Deprecated --registry
* Do not require backups to be at the same location for restoring (bsc#1246906)
* Do not use sudo when running as a root user (bsc#1246882)
* Fixed channel override for distro copy
* Fixed loading product map from mgradm configuration file (bsc#1246068)
* Fixed recomputing proxy images when installing a ptf or test (bsc#1246553)
* Handle CA files with symlinks during migration (bsc#1251044)
* Migrate custom auto installation snippets (bsc#1246320)
* Run smdba and reindex only during migration (bsc#1244534)
* Stop executing scripts in temporary folder (bsc#1243704)
* Support config: collect podman inspect for hub container(bsc#1245099)
* Use new dedicated path for Cobbler settings (bsc#1244027)
- Version 0.1.36-0
* Bump the default image tag to 5.0.5.1
- Version 0.1.35-0
* Restore SELinux contexts for restored backup volumes (bsc#1244127)
- Version 0.1.34-0
* Fixed mgradm backup create handling of images and systemd files (bsc#1246738)
- Version 0.1.33-0
* Restore volumes using tar instead of podman import (bsc#1244127)
- Version 0.1.32-0
* Fixed version compare by backport from main (bsc#1246662)
venv-salt-minion:
- Security issues fixed:
- CVE-2025-62349: Added minimum_auth_version to enforce security (bsc#1254257)
- CVE-2025-62348: Fixed Junos module yaml loader (bsc#1254256)
- Backport security fixes for vendored tornado
* BDSA-2024-3438
* BDSA-2024-3439
* BDSA-2024-9026
- Other changes and bugs fixed:
- Added `minion_legacy_req_warnings` option to avoid noisy warnings
- Fixed TLS and x509 modules for OSes with older cryptography module
- Fixed Salt for Python > 3.11 (bsc#1252285) (bsc#1252244)
* Use external tornado on Python > 3.11
* Make tls and x509 to use python-cryptography
* Remove usage of spwd
- Filter out zero-length check as the empty files are expected there
- Filter out env-script-interpreter for ssh-id-wrapper as not used
with the Salt Bundle, but present inside the salt module
- Fixed functional.states.test_user for SLES 16 and Micro systems
- Fixed known_hosts error on gitfs (bsc#1250520) (bsc#1227207)
- Fixed payload signature verification on Tumbleweed (bsc#1251776)
- Fixed the tests failing on AlmaLinux 10 and other clones
- Improve SL Micro 6.2 detection with grains
- Removed unused activate script (bsc#1245740)
- Use more strict way to Fixed shebang in the bundle scripts
- Use versioned python interpreter for salt-ssh
ImportantSUSE bug 1227207SUSE bug 1243611SUSE bug 1243704SUSE bug 1244027SUSE bug 1244127SUSE bug 1244534SUSE bug 1245099SUSE bug 1245740SUSE bug 1246068SUSE bug 1246320SUSE bug 1246553SUSE bug 1246662SUSE bug 1246738SUSE bug 1246789SUSE bug 1246882SUSE bug 1246906SUSE bug 1246925SUSE bug 1247688SUSE bug 1247721SUSE bug 1250520SUSE bug 1250755SUSE bug 1251044SUSE bug 1251138SUSE bug 1251776SUSE bug 1252244SUSE bug 1252285SUSE bug 1254256SUSE bug 1254257CVE-2025-62348 at SUSECVE-2025-62348 at NVDCVE-2025-62349 at SUSECVE-2025-62349 at NVDcpe:/o:suse:sl-micro:6.0Security update for libpng16 (Important)SUSE Linux Micro 6.0
This update for libpng16 fixes the following issues:
- CVE-2025-66293: Fixed out-of-bounds read in png_image_read_composite (bsc#1254480).
- CVE-2025-64505: Fixed heap buffer over-read in `png_do_quantize` via malformed palette index (bsc#1254157).
- CVE-2025-64506: Fixed heap buffer over-read in `png_write_image_8bit` with 8-bit input and `convert_to_8bit` enabled (bsc#1254158).
- CVE-2025-64720: Fixed buffer overflow in `png_image_read_composite` via incorrect palette premultiplication (bsc#1254159).
- CVE-2025-65018: Fixed heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` (bsc#1254160).
ImportantSUSE bug 1254157SUSE bug 1254158SUSE bug 1254159SUSE bug 1254160SUSE bug 1254480CVE-2025-64505 at SUSECVE-2025-64505 at NVDCVE-2025-64506 at SUSECVE-2025-64506 at NVDCVE-2025-64720 at SUSECVE-2025-64720 at NVDCVE-2025-65018 at SUSECVE-2025-65018 at NVDCVE-2025-66293 at SUSECVE-2025-66293 at NVDcpe:/o:suse:sl-micro:6.0Security update for ucode-intel (Moderate)SUSE Linux Micro 6.0
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20240910 release (bsc#1230400)
- CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access.
- CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access
### New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| TWL | N0 | 06-be-00/19 | | 0000001a | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E
### Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ADL | C0 | 06-97-02/07 | 00000035 | 00000036 | Core Gen12
| ADL | H0 | 06-97-05/07 | 00000035 | 00000036 | Core Gen12
| ADL | L0 | 06-9a-03/80 | 00000433 | 00000434 | Core Gen12
| ADL | R0 | 06-9a-04/80 | 00000433 | 00000434 | Core Gen12
| ADL-N | N0 | 06-be-00/11 | 00000017 | 0000001a | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E
| MTL | C0 | 06-aa-04/e6 | 0000001e | 0000001f | Core Ultra Processor
| RPL-E/HX/S | B0 | 06-b7-01/32 | 00000123 | 00000129 | Core Gen13/Gen14
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004121 | 00004122 | Core Gen13
| RPL-HX/S | C0 | 06-bf-02/07 | 00000035 | 00000036 | Core Gen13/Gen14
| RPL-S | H0 | 06-bf-05/07 | 00000035 | 00000036 | Core Gen13/Gen14
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004121 | 00004122 | Core Gen13
ModerateSUSE bug 1230400CVE-2024-23984 at SUSECVE-2024-23984 at NVDCVE-2024-24968 at SUSECVE-2024-24968 at NVDcpe:/o:suse:sl-micro:6.0Recommended update for shim (Important)SUSE Linux Micro 6.0
This update for shim fixes the following issues:
This update for shim fixes the following issues:
shim is updated to version 16.1:
- shim_start_image(): fix guid/handle pairing when uninstalling protocols
- Fix uncompressed ipv6 netboot
- fix test segfaults caused by uninitialized memory
- SbatLevel_Variable.txt: minor typo fix.
- Realloc() needs to allocate one more byte for sprintf()
- IPv6: Add more check to avoid multiple double colon and illegal char
- Loader proto v2
- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages
- Generate Authenticode for the entire PE file
- README: mention new loader protocol and interaction with UKIs
- shim: change automatically enable MOK_POLICY_REQUIRE_NX
- Save var info
- add SbatLevel entry 2025051000 for PSA-2025-00012-1
- Coverity fixes 20250804
- fix http boot
- Fix double free and leak in the loader protocol
shim is updated to version 16.0:
- Validate that a supplied vendor cert is not in PEM format
- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)
- sbat: Also bump latest for grub,4 (and to todays date)
- undo change that limits certificate files to a single file
- shim: don't set second_stage to the empty string
- Fix SBAT.md for today's consensus about numbers
- Update Code of Conduct contact address
- make-certs: Handle missing OpenSSL installation
- Update MokVars.txt
- export DEFINES for sub makefile
- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition
- Null-terminate 'arguments' in fallback
- Fix "Verifiying" typo in error message
- Update Fedora CI targets
- Force gcc to produce DWARF4 so that gdb can use it
- Minor housekeeping 2024121700
- Discard load-options that start with WINDOWS
- Fix the issue that the gBS->LoadImage pointer was empty.
- shim: Allow data after the end of device path node in load options
- Handle network file not found like disks
- Update gnu-efi submodule for EFI_HTTP_ERROR
- Increase EFI file alignment
- avoid EFIv2 runtime services on Apple x86 machines
- Improve shortcut performance when comparing two boolean expressions
- Provide better error message when MokManager is not found
- tpm: Boot with a warning if the event log is full
- MokManager: remove redundant logical constraints
- Test import_mok_state() when MokListRT would be bigger than available size
- test-mok-mirror: minor bug fix
- Fix file system browser hang when enrolling MOK from disk
- Ignore a minor clang-tidy nit
- Allow fallback to default loader when encountering errors on network boot
- test.mk: don't use a temporary random.bin
- pe: Enhance debug report for update_mem_attrs
- Multiple certificate handling improvements
- Generate SbatLevel Metadata from SbatLevel_Variable.txt
- Apply EKU check with compile option
- Add configuration option to boot an alternative 2nd stage
- Loader protocol (with Device Path resolution support)
- netboot cleanup for additional files
- Document how revocations can be delivered
- post-process-pe: add tests to validate NX compliance
- regression: CopyMem() in ad8692e copies out of bounds
- Save the debug and error logs in mok-variables
- Add features for the Host Security ID program
- Mirror some more efi variables to mok-variables
- This adds DXE Services measurements to HSI and uses them for NX
- Add shim's current NX_COMPAT status to HSIStatus
- README.tpm: reflect that vendor_db is in fact logged as "vendor_db"
- Reject HTTP message with duplicate Content-Length header fields
- Disable log saving
- fallback: don't add new boot order entries backwards
- README.tpm: Update MokList entry to MokListRT
- SBAT Level update for February 2025 GRUB CVEs
ImportantSUSE bug 1205588SUSE bug 1247432SUSE bug 1254336SUSE bug 1254679CVE-2024-2312 at SUSECVE-2024-2312 at NVDcpe:/o:suse:sl-micro:6.0Security update for dpdk (Moderate)SUSE Linux Micro 6.0
This update for dpdk fixes the following issues:
Update to version 22.11.10.
Security issues fixed:
- CVE-2025-23259: issue in the Poll Mode Driver (PMD) allows an attacker on a VM in the system to leak information and
cause a denial of service on the network interface (bsc#1254161).
Other updates and bugfixes:
- Fix SUSE provided DPDK modules tainting the kernel as unsupported (bsc#1214724).
Upstream release notes:
- Version 22.11.9
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id24
- Version 22.11.8
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id21
- Version 22.11.7
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id18
- Version 22.11.6
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id15
- Version 22.11.5
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id12
- Version 22.11.4
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id8
- Version 22.11.3
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id4
- Version 22.11.2
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id2
ModerateSUSE bug 1214724SUSE bug 1234718SUSE bug 1254161CVE-2024-11614 at SUSECVE-2024-11614 at NVDCVE-2025-23259 at SUSECVE-2025-23259 at NVDcpe:/o:suse:sl-micro:6.0Security update for podman (Important)SUSE Linux Micro 6.0
This update for podman fixes the following issues:
- CVE-2025-47914: lack of message size validation when SSH Agent server is processing new identity requests can lead to
out-of-bounds read and an application panic (bsc#1253993).
- CVE-2025-47913: receiving an `SSH_AGENT_SUCCESS` reply when the SSH client is expecting a typed response can lead to
the early termination of the client process (bsc#1253542).
ImportantSUSE bug 1253542SUSE bug 1253993CVE-2025-47913 at SUSECVE-2025-47913 at NVDCVE-2025-47914 at SUSECVE-2025-47914 at NVDcpe:/o:suse:sl-micro:6.0Security update for ovmf (Important)SUSE Linux Micro 6.0
This update for ovmf fixes the following issues:
- CVE-2023-45229: integer underflow and out-of-bounds read when processing IA_NA/IA_TA options in a DHCPv6 Advertise
message (bsc#1218879).
- CVE-2023-45230: out-of-bounds write in the DHCPv6 client through a long Server ID option (bsc#1218880).
ImportantSUSE bug 1218879SUSE bug 1218880CVE-2023-45229 at SUSECVE-2023-45229 at NVDCVE-2023-45230 at SUSECVE-2023-45230 at NVDcpe:/o:suse:sl-micro:6.0Security update for qemu (Important)SUSE Linux Micro 6.0
This update for qemu fixes the following issues:
Update to version 8.2.10.
Security issues fixed:
- CVE-2025-12464: stack-based buffer overflow in the e1000 network device operations can be exploited by a malicious
guest user to crash the QEMU process on the host (bsc#1253002).
- CVE-2025-11234: use-after-free in WebSocket handshake operations can be exploited by a malicious client with network
access to the VNC WebSocket port to cause a denial-of-service (bsc#1250984).
Other updates and bugfixes:
- [openSUSE][RPM] spec: require qemu-hw-display-virtio-gpu-pci for x86 too.
- [openSUSE][RPM]: really fix *-virtio-gpu-pci dependency on ARM (bsc#1254286).
- block/curl: fix curl internal handles handling (bsc#1252768).
- [openSUSE][RPM]: spec: qemu-vgabios is required on ppc (bsc#1230042).
- [roms] seabios: include "pciinit: don't misalign large BARs" (bsc#1246566).
- [openSUSE][RPM] spec: Require ipxe and virtio-gpu packages for more arch-es (bsc#1240157).
- [openSUSE][RPM]: disable LTO for userspace emulation on 15.6 (bsc#1243013).
- Version 8.2.10 changes:
* Full changelog: https://lore.kernel.org/qemu-devel/7dd1fbc7-a58f-4b2c-82b9-735840246ab2@tls.msk.ru/
* Some backports:
- hw/misc/aspeed_hace: Fix buffer overflow in has_padding function
- target/ppc: Fix e200 duplicate SPRs
- linux-user/riscv: Fix handling of cpu mask in riscv_hwprobe syscall
- docs/about/emulation: Fix broken link
- vdpa: Allow vDPA to work on big-endian machine
- vdpa: Fix endian bugs in shadow virtqueue
- target/loongarch: Fix vldi inst
- target/arm: Simplify pstate_sm check in sve_access_check
- target/arm: Make DisasContext.{fp, sve}_access_checked tristate
- util/cacheflush: Make first DSB unconditional on aarch64
- ui/cocoa: Temporarily ignore annoying deprecated declaration warnings
- docs: Rename default-configs to configs
- block: Zero block driver state before reopening
- hw/xen/hvm: Fix Aarch64 typo
- hw/net/smc91c111: Don't allow data register access to overrun buffer
- hw/net/smc91c111: Sanitize packet length on tx
- hw/net/smc91c111: Sanitize packet numbers
- hw/net/smc91c111: Ignore attempt to pop from empty RX fifo
- ppc/pnv/occ: Fix common area sensor offsets
- net: move backend cleanup to NIC cleanup
- net: parameterize the removing client from nc list
- util/qemu-timer.c: Don't warp timer from timerlist_rearm()
- target/arm: Correct STRD atomicity
- target/arm: Correct LDRD atomicity and fault behaviour
ImportantSUSE bug 1230042SUSE bug 1240157SUSE bug 1243013SUSE bug 1246566SUSE bug 1250984SUSE bug 1252768SUSE bug 1253002SUSE bug 1254286CVE-2025-11234 at SUSECVE-2025-11234 at NVDCVE-2025-12464 at SUSECVE-2025-12464 at NVDcpe:/o:suse:sl-micro:6.0Security update for curl (Moderate)SUSE Linux Micro 6.0
This update for curl fixes the following issues:
- CVE-2025-14524: bearer token leak on cross-protocol redirect (bsc#1255731).
- CVE-2025-14819: libssh global knownhost override (bsc#1255732).
- CVE-2025-15079: libssh key passphrase bypass without agent set (bsc#1255733).
- CVE-2025-15224: OpenSSL partial chain store policy bypass (bsc#1255734).
ModerateSUSE bug 1255731SUSE bug 1255732SUSE bug 1255733SUSE bug 1255734CVE-2025-14524 at SUSECVE-2025-14524 at NVDCVE-2025-14819 at SUSECVE-2025-14819 at NVDCVE-2025-15079 at SUSECVE-2025-15079 at NVDCVE-2025-15224 at SUSECVE-2025-15224 at NVDcpe:/o:suse:sl-micro:6.0Security update for bluez (Moderate)SUSE Linux Micro 6.0
This update for bluez fixes the following issues:
- CVE-2023-45866: keystroke injection and arbitrary command execution via HID device connections (bsc#1217877).
ModerateSUSE bug 1217877CVE-2023-45866 at SUSECVE-2023-45866 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-tornado6 (Important)SUSE Linux Micro 6.0
This update for python-tornado6 fixes the following issues:
- CVE-2025-67724: Fixed missing validation of the supplied reason phrase (bsc#1254903)
- CVE-2025-67725: Fixed inefficient algorithm when parsing parameters for HTTP header values (bsc#1254905)
- CVE-2025-67726: Fixed Denial of Service (DoS) via maliciously crafted HTTP request caused by the HTTPHeaders.add method (bsc#1254904)
ImportantSUSE bug 1254903SUSE bug 1254904SUSE bug 1254905CVE-2025-67724 at SUSECVE-2025-67724 at NVDCVE-2025-67725 at SUSECVE-2025-67725 at NVDCVE-2025-67726 at SUSECVE-2025-67726 at NVDcpe:/o:suse:sl-micro:6.0Security update for glib2 (Important)SUSE Linux Micro 6.0
This update for glib2 fixes the following issues:
- CVE-2025-13601: Fixed Integer overflow in in g_escape_uri_string() (bsc#1254297)
- CVE-2025-14087: Fixed buffer underflow in GVariant parser leads to heap corruption (bsc#1254662)
- CVE-2025-14512: Fixed Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow (bsc#1254878)
ImportantSUSE bug 1254297SUSE bug 1254662SUSE bug 1254878CVE-2025-13601 at SUSECVE-2025-13601 at NVDCVE-2025-14087 at SUSECVE-2025-14087 at NVDCVE-2025-14512 at SUSECVE-2025-14512 at NVDcpe:/o:suse:sl-micro:6.0Security update for rsync (Moderate)SUSE Linux Micro 6.0
This update for rsync fixes the following issues:
- CVE-2025-10158: Fixed out of bounds array access via negative index (bsc#1254441)
ModerateSUSE bug 1254441CVE-2025-10158 at SUSECVE-2025-10158 at NVDcpe:/o:suse:sl-micro:6.0Security update for python311 (Moderate)SUSE Linux Micro 6.0
This update for python311 fixes the following issues:
- CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service (bsc#1254997)
- CVE-2025-13836: Fixed default Content-Lenght read amount from HTTP response (bsc#1254400)
- CVE-2025-13837: Fixed plistlib module denial of service (bsc#1254401)
ModerateSUSE bug 1254400SUSE bug 1254401SUSE bug 1254997CVE-2025-12084 at SUSECVE-2025-12084 at NVDCVE-2025-13836 at SUSECVE-2025-13836 at NVDCVE-2025-13837 at SUSECVE-2025-13837 at NVDcpe:/o:suse:sl-micro:6.0Security update for libpcap (Low)SUSE Linux Micro 6.0
This update for libpcap fixes the following issues:
- CVE-2025-11961: missing validation of provided MAC-48 address string in `pcap_ether_aton()` can lead to out-of-bounds
read and write (bsc#1255765).
LowSUSE bug 1255765CVE-2025-11961 at SUSECVE-2025-11961 at NVDcpe:/o:suse:sl-micro:6.0Security update for openvswitch (Important)SUSE Linux Micro 6.0
This update for openvswitch fixes the following issues:
Update OpenvSwitch to v3.1.7 and OVN to v23.03.3.
Security issues fixed:
- CVE-2023-3966: ovs: invalid memory access and potential denial of service via specially crafted Geneve packets
(bsc#1219465).
- CVE-2023-5366: ovs: OpenFlow rules may be bypassed via specially crafted ICMPv6 Neighbor Advertisement packets sent
between virtual machines t(bsc#1216002).
- CVE-2024-2182: ovn: denial of service via injection of specially crafted BFD packets from inside unprivileged
workloads (bsc#1255435).
- CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet (bsc#1236353).
Other updates and bugfixes:
- OpenvSwitch:
* https://www.openvswitch.org/releases/NEWS-3.1.7.txt
* v3.1.7
- Bug fixes
- OVS validated with DPDK 22.11.7.
* v3.1.6
- Bug fixes
- OVS validated with DPDK 22.11.6.
* v3.1.5
- Bug fixes
- OVS validated with DPDK 22.11.5.
* v3.1.4
- Bug fixes
- OVS validated with DPDK 22.11.4.
- OVN:
* https://github.com/ovn-org/ovn/blob/branch-23.03/NEWS
* v23.03.3
- Bug fixes
- Add "garp-max-timeout-sec" config option to vswitchd external-ids to cap the time between when ovn-controller
sends gARP packets.
* v23.03.1
- Bug fixes
- CT entries are not flushed by default anymore whenever a load balancer backend is removed. A new, per-LB, option
'ct_flush' can be used to restore the previous behavior. Disabled by default.
- Always allow IPv6 Router Discovery, Neighbor Discovery, and Multicast Listener Discovery protocols, regardless of
ACLs defined.
- Send ICMP Fragmentation Needed packets back to offending ports when communicating with multichassis ports using
frames that don't fit through a tunnel. This is done only for logical switches that are attached to a physical
network via a localnet port, in which case multichassis ports may have an effective MTU different from regular
ports and hence may need this mechanism to maintain connectivity with other peers in the network.
- ECMP routes use L4_SYM dp-hash by default if the datapath supports it. Existing sessions might get re-hashed to a
different ECMP path when OVN detects the algorithm support in the datapath during an upgrade or restart of
ovn-controller.
ImportantSUSE bug 1216002SUSE bug 1219465SUSE bug 1236353SUSE bug 1255435CVE-2023-3966 at SUSECVE-2023-3966 at NVDCVE-2023-5366 at SUSECVE-2023-5366 at NVDCVE-2024-2182 at SUSECVE-2024-2182 at NVDCVE-2025-0650 at SUSECVE-2025-0650 at NVDcpe:/o:suse:sl-micro:6.0Security update for libvirt (Moderate)SUSE Linux Micro 6.0
This update for libvirt fixes the following issues:
Security issues fixed:
- CVE-2025-13193: external inactive snapshots for shut-down VMs that are incorrectly created as world-readable allow
unprivileged users to inspect guest OS contents (bsc#1253703).
- CVE-2025-12748: parsing of user-provided XML files before ACL checks can lead to excessive memory consumption and a
crash when processing a specially crafted XML file (bsc#1253278).
Other updates and bugfixes:
- apparmor: Fix probing of apparmor availability on the VM host when using modular daemons (bsc#1235079).
ModerateSUSE bug 1235079SUSE bug 1253278SUSE bug 1253703CVE-2025-12748 at SUSECVE-2025-12748 at NVDCVE-2025-13193 at SUSECVE-2025-13193 at NVDcpe:/o:suse:sl-micro:6.0Security update for libsoup (Important)SUSE Linux Micro 6.0
This update for libsoup fixes the following issues:
- CVE-2025-14523: flaw in HTTP header handling can lead to host header parsing discrepancy between servers and proxies
and allow for request smuggling, cache poisoning and bypass of access controls (bsc#1254876).
ImportantSUSE bug 1254876CVE-2025-14523 at SUSECVE-2025-14523 at NVDcpe:/o:suse:sl-micro:6.0Security update for libtasn1 (Moderate)SUSE Linux Micro 6.0
This update for libtasn1 fixes the following issues:
- CVE-2025-13151: lack of validation of input data size leads to stack-based buffer overflow in
`asn1_expend_octet_string` (bsc#1256341).
ModerateSUSE bug 1256341CVE-2025-13151 at SUSECVE-2025-13151 at NVDcpe:/o:suse:sl-micro:6.0Security update for libsodium (Moderate)SUSE Linux Micro 6.0
This update for libsodium fixes the following issues:
- CVE-2025-15444: missing checks when validating elliptic curve points allows for cryptographic bypass (bsc#1256070).
ModerateSUSE bug 1256070CVE-2025-15444 at SUSECVE-2025-15444 at NVDcpe:/o:suse:sl-micro:6.0Security update for gpg2 (Important)SUSE Linux Micro 6.0
This update for gpg2 fixes the following issues:
- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).
Other security fixes:
- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).
- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).
- agent: Fix a memory leak (bsc#1256243).
- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).
ImportantSUSE bug 1255715SUSE bug 1256243SUSE bug 1256244SUSE bug 1256246SUSE bug 1256390CVE-2025-68973 at SUSECVE-2025-68973 at NVDcpe:/o:suse:sl-micro:6.0Security update for elemental-toolkit, elemental-operator (Important)SUSE Linux Micro 6.0
This update for elemental-toolkit, elemental-operator fixes the following issues:
elemental-operator:
- Update to version 1.6.10:
* Remove 'latest' tag as this overlaps with the latest branch
* Bump github.com/rancher-sandbox/go-tpm and its dependencies
This bump includes fixes to some CVEs:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
elemental-toolkit:
- Update to version 2.1.5:
* Update headers for new year 2026
* Disable selinux in installer media
- Update to version 2.1.4:
* Remove leftovers in installer integration test
* Bump to build against go 1.24
* Bump golang.org/x/crypto library
This bump includes fixes to some CVEs:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* bsc#1253581 (CVE-2025-47913)
* bsc#1253901 (CVE-2025-58181)
* bsc#1254079 (CVE-2025-47914)
ImportantSUSE bug 1241826SUSE bug 1241857SUSE bug 1251511SUSE bug 1251679SUSE bug 1253581SUSE bug 1253901SUSE bug 1254079CVE-2025-22872 at SUSECVE-2025-22872 at NVDCVE-2025-47911 at SUSECVE-2025-47911 at NVDCVE-2025-47913 at SUSECVE-2025-47913 at NVDCVE-2025-47914 at SUSECVE-2025-47914 at NVDCVE-2025-58181 at SUSECVE-2025-58181 at NVDCVE-2025-58190 at SUSECVE-2025-58190 at NVDcpe:/o:suse:sl-micro:6.0Security update for ovmf (Moderate)SUSE Linux Micro 6.0
This update for ovmf fixes the following issues:
- CVE-2022-36765: Fixed integer overflow to buffer overflow via local network vulnerability (bsc#1218680).
ModerateSUSE bug 1218680CVE-2022-36765 at SUSECVE-2022-36765 at NVDcpe:/o:suse:sl-micro:6.0Security update for libsoup (Important)SUSE Linux Micro 6.0
This update for libsoup fixes the following issues:
- CVE-2026-0716: Fixed out-of-bounds read for websocket (bsc#1256418).
- CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399).
ImportantSUSE bug 1256399SUSE bug 1256418CVE-2026-0716 at SUSECVE-2026-0716 at NVDCVE-2026-0719 at SUSECVE-2026-0719 at NVDcpe:/o:suse:sl-micro:6.0Security update for net-snmp (Important)SUSE Linux Micro 6.0
This update for net-snmp fixes the following issues:
- CVE-2025-68615: Fixed snmptrapd buffer overflow (bsc#1255491).
ImportantSUSE bug 1255491CVE-2025-68615 at SUSECVE-2025-68615 at NVDcpe:/o:suse:sl-micro:6.0Security update for abseil-cpp (Moderate)SUSE Linux Micro 6.0
This update for abseil-cpp fixes the following issues:
Update to version 20230802.3:
- CVE-2025-0838: Fixed potential integer overflow in hash container create/resize (#1813) (bsc#1237543).
ModerateSUSE bug 1237543CVE-2025-0838 at SUSECVE-2025-0838 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-urllib3 (Moderate)SUSE Linux Micro 6.0
This update for python-urllib3 fixes the following issues:
- CVE-2026-21441: Fixed excessive resource consumption during decompression of data in HTTP redirect responses (bsc#1256331).
ModerateSUSE bug 1256331CVE-2026-21441 at SUSECVE-2026-21441 at NVDcpe:/o:suse:sl-micro:6.0Security update for curl (Important)SUSE Linux Micro 6.0
This update for curl fixes the following issues:
- CVE-2025-14017: Fixed broken TLS options for threaded LDAPS (bsc#1256105).
ImportantSUSE bug 1256105CVE-2025-14017 at SUSECVE-2025-14017 at NVDcpe:/o:suse:sl-micro:6.0Security update for util-linux (Moderate)SUSE Linux Micro 6.0
This update for util-linux fixes the following issues:
- CVE-2025-14104: Fixed heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666).
- lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682).
ModerateSUSE bug 1254666CVE-2025-14104 at SUSECVE-2025-14104 at NVDcpe:/o:suse:sl-micro:6.0Security update for openssl-3 (Critical)SUSE Linux Micro 6.0
This update for openssl-3 fixes the following issues:
- CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256830).
- CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834).
- CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835).
- CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836).
- CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837).
- CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838).
- CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839).
- CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840).
CriticalSUSE bug 1256830SUSE bug 1256834SUSE bug 1256835SUSE bug 1256836SUSE bug 1256837SUSE bug 1256838SUSE bug 1256839SUSE bug 1256840CVE-2025-15467 at SUSECVE-2025-15467 at NVDCVE-2025-68160 at SUSECVE-2025-68160 at NVDCVE-2025-69418 at SUSECVE-2025-69418 at NVDCVE-2025-69419 at SUSECVE-2025-69419 at NVDCVE-2025-69420 at SUSECVE-2025-69420 at NVDCVE-2025-69421 at SUSECVE-2025-69421 at NVDCVE-2026-22795 at SUSECVE-2026-22795 at NVDCVE-2026-22796 at SUSECVE-2026-22796 at NVDcpe:/o:suse:sl-micro:6.0Security update for expat (Moderate)SUSE Linux Micro 6.0
This update for expat fixes the following issues:
- CVE-2026-24515: failure to copy the encoding handler data passed to XML_SetUnknownEncodingHandler may cause a NULL
dereference (bsc#1257144).
- CVE-2026-25210: lack of buffer size check can lead to an integer overflow (bsc#1257496).
ModerateSUSE bug 1257144SUSE bug 1257496CVE-2026-24515 at SUSECVE-2026-24515 at NVDCVE-2026-25210 at SUSECVE-2026-25210 at NVDcpe:/o:suse:sl-micro:6.0Security update for protobuf (Moderate)SUSE Linux Micro 6.0
This update for protobuf fixes the following issues:
- CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python json_format.ParseDict (bsc#1257173).
ModerateSUSE bug 1257173CVE-2026-0994 at SUSECVE-2026-0994 at NVDcpe:/o:suse:sl-micro:6.0Security update for libxml2 (Moderate)SUSE Linux Micro 6.0
This update for libxml2 fixes the following issues:
- CVE-2026-0989: Fixed call stack exhaustion leading to application crash
due to RelaxNG parser not limiting the recursion depth when
resolving `<include>` directives (bsc#1256805).
ModerateSUSE bug 1256805CVE-2026-0989 at SUSECVE-2026-0989 at NVDcpe:/o:suse:sl-micro:6.0Security update for glib2 (Important)SUSE Linux Micro 6.0
This update for glib2 fixes the following issues:
- CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354).
- CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355).
- CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353).
- CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049).
ImportantSUSE bug 1257049SUSE bug 1257353SUSE bug 1257354SUSE bug 1257355CVE-2026-0988 at SUSECVE-2026-0988 at NVDCVE-2026-1484 at SUSECVE-2026-1484 at NVDCVE-2026-1485 at SUSECVE-2026-1485 at NVDCVE-2026-1489 at SUSECVE-2026-1489 at NVDcpe:/o:suse:sl-micro:6.0Security update for openssl-3, libpulp, ulp-macros (Important)SUSE Linux Micro 6.0
This update for openssl-3, libpulp, ulp-macros fixes the following issues:
openssl-3:
- CVE-2024-6119: possible denial of service in X.509 name checks (bsc#1229465)
- CVE-2024-5535: SSL_select_next_proto buffer overread (bsc#1227138)
- CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers (bsc#1225551)
- CVE-2024-4603: Check DSA parameters for excessive sizes before validating (bsc#1224388)
- CVE-2024-2511: Fix unconstrained session cache growth in TLSv1.3 (bsc#1222548)
- FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365)
- FIPS: RSA keygen PCT requirements. (bsc#1221760, bsc#1221753)
- FIPS: Check that the fips provider is available before setting it as the default provider in FIPS mode. (bsc#1220523)
- FIPS: Port openssl to use jitterentropy (bsc#1220523)
- FIPS: Block non-Approved Elliptic Curves (bsc#1221786)
- FIPS: Service Level Indicator (bsc#1221365)
- FIPS: Output the FIPS-validation name and module version which uniquely identify the FIPS validated module. (bsc#1221751)
- FIPS: Add required selftests (bsc#1221760)
- FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821)
- FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827)
- FIPS: Zeroization is required (bsc#1221752)
- FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696)
- FIPS: NIST SP 800-56Brev2 (bsc#1221824)
- FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787)
- FIPS: Port openssl to use jitterentropy (bsc#1220523)
- FIPS: NIST SP 800-56Arev3 (bsc#1221822)
- FIPS: Error state has to be enforced (bsc#1221753)
- Build with enabled sm2 and sm4 support (bsc#1222899)
- fix non-reproducible build issue
- Fix HDKF key derivation (bsc#1225291)
- Enable livepatching support (bsc#1223428)
libpulp:
- Update package with libpulp-0.3.5
* Change .so load policy from lazy to eager.
* Fix patch of references when mprotect is enabled.
* Fix tramposed calloc arguments.
* Fix crash of ulp packer on empty lines.
- Disabled ptrace_scope through aaa_base-enable-ptrace package (bsc#1221763).
- Update package with libpulp-0.3.4:
* Add debuginfo into ulp extract.
- Disabled ptrace_scope when building the package (bsc#1221763).
- Update package with libpulp-0.3.3:
* Fixed a race condition when process list is empty.
* Removed "Unable to get section data" error message (bsc#1223306).
* Bumped asunsafe_conversion attempts from 100 to 2000.
* Fixed banner test on clang-18.
* Check if ptrace_scope is enabled when attempting a ptrace operation (bsc#1221763).
- Update package with libpulp-0.3.1:
* Add timestamp information on `ulp patches`.
ulp-macros:
- Initial release.
ImportantSUSE bug 1220523SUSE bug 1220690SUSE bug 1220693SUSE bug 1220696SUSE bug 1221365SUSE bug 1221751SUSE bug 1221752SUSE bug 1221753SUSE bug 1221760SUSE bug 1221763SUSE bug 1221786SUSE bug 1221787SUSE bug 1221821SUSE bug 1221822SUSE bug 1221824SUSE bug 1221827SUSE bug 1222548SUSE bug 1222899SUSE bug 1223306SUSE bug 1223336SUSE bug 1223428SUSE bug 1224388SUSE bug 1225291SUSE bug 1225551SUSE bug 1226463SUSE bug 1227138SUSE bug 1229465CVE-2024-2511 at SUSECVE-2024-2511 at NVDCVE-2024-4603 at SUSECVE-2024-4603 at NVDCVE-2024-4741 at SUSECVE-2024-4741 at NVDCVE-2024-5535 at SUSECVE-2024-5535 at NVDCVE-2024-6119 at SUSECVE-2024-6119 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-pyasn1 (Important)SUSE Linux Micro 6.0
This update for python-pyasn1 fixes the following issues:
- CVE-2026-23490: Fixed malformed RELATIVE-OID with excessive continuation octets leading to Denial of Service (bsc#1256902).
ImportantSUSE bug 1256902CVE-2026-23490 at SUSECVE-2026-23490 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-urllib3 (Moderate)SUSE Linux Micro 6.0
This update for python-urllib3 fixes the following issues:
- CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API (bsc#1254867).
- CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain (bsc#1254866).
ModerateSUSE bug 1254866SUSE bug 1254867CVE-2025-66418 at SUSECVE-2025-66418 at NVDCVE-2025-66471 at SUSECVE-2025-66471 at NVDcpe:/o:suse:sl-micro:6.0Security update for gpg2 (Important)SUSE Linux Micro 6.0
This update for gpg2 fixes the following issues:
- CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys (bsc#1257396).
- gpg.fail/filename: GnuPG Accepts Path Separators and Path Traversals in Literal Data "Filename" Field (bsc#1256389).
ImportantSUSE bug 1256389SUSE bug 1257396CVE-2026-24882 at SUSECVE-2026-24882 at NVDcpe:/o:suse:sl-micro:6.0Security update for libsoup (Important)SUSE Linux Micro 6.0
This update for libsoup fixes the following issues:
- CVE-2026-1536: HTTP header injection or response splitting via CRLF injection in the Content-Disposition header
(bsc#1257440).
- CVE-2026-1761: incorrect length calculation when parsing of multipart HTTP responses can lead to a stack-based
buffer overflow (bsc#1257598).
ImportantSUSE bug 1257440SUSE bug 1257598CVE-2026-1536 at SUSECVE-2026-1536 at NVDCVE-2026-1761 at SUSECVE-2026-1761 at NVDcpe:/o:suse:sl-micro:6.0Security update for libsodium (Moderate)SUSE Linux Micro 6.0
This update for libsodium fixes the following issues:
- CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070).
- CVE-2025-69277: Fixed incorrect validation of elliptic curve points in crypto_core_ed25519_is_valid_point function (bsc#1255764).
ModerateSUSE bug 1255764SUSE bug 1256070CVE-2025-15444 at SUSECVE-2025-15444 at NVDCVE-2025-69277 at SUSECVE-2025-69277 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-firmware (Moderate)SUSE Linux Micro 6.0
This update for kernel-firmware fixes the following issues:
- Update AMD ucode to 20251203 (bsc#1256483)
ModerateSUSE bug 1256483cpe:/o:suse:sl-micro:6.0Security update for docker-compose (Important)SUSE Linux Micro 6.0
This update for docker-compose fixes the following issues:
- CVE-2025-47914: non validated message size can cause a panic due to an out of bounds read (bsc#1254041).
- CVE-2025-47913: client process termination when receiving an unexpected message type in response to a key listing or
signing request (bsc#1253584).
ImportantSUSE bug 1253584SUSE bug 1254041CVE-2025-47913 at SUSECVE-2025-47913 at NVDCVE-2025-47914 at SUSECVE-2025-47914 at NVDcpe:/o:suse:sl-micro:6.0Security update for crun (Important)SUSE Linux Micro 6.0
This update for crun fixes the following issues:
- CVE-2025-24965: .krun_config.json symlink attack creates or overwrites file on the host (bsc#1237421).
ImportantSUSE bug 1237421CVE-2025-24965 at SUSECVE-2025-24965 at NVDcpe:/o:suse:sl-micro:6.0Security update for mozilla-nss (Critical)SUSE Linux Micro 6.0
This update for mozilla-nss fixes the following issues:
- update to NSS 3.101.2
- ChaChaXor to return after the function
- update to NSS 3.101.1
- missing sqlite header.
- GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
- update to NSS 3.101
- add diagnostic assertions for SFTKObject refcount.
- freeing the slot in DeleteCertAndKey if authentication failed
- fix formatting issues.
- Add Firmaprofesional CA Root-A Web to NSS.
- remove invalid acvp fuzz test vectors.
- pad short P-384 and P-521 signatures gtests.
- remove unused FreeBL ECC code.
- pad short P-384 and P-521 signatures.
- be less strict about ECDSA private key length.
- Integrate HACL* P-521.
- Integrate HACL* P-384.
- memory leak in create_objects_from_handles.
- ensure all input is consumed in a few places in mozilla::pkix
- SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
- clean up escape handling
- Use lib::pkix as default validator instead of the old-one
- Need to add high level support for PQ signing.
- Certificate Compression: changing the allocation/freeing of buffer + Improving the documentation
- SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
- Allow for non-full length ecdsa signature when using softoken
- Modification of .taskcluster.yml due to mozlint indent defects
- Implement support for PBMAC1 in PKCS#12
- disable VLA warnings for fuzz builds.
- remove redundant AllocItem implementation.
- add PK11_ReadDistrustAfterAttribute.
- Clang-formatting of SEC_GetMgfTypeByOidTag update
- Set SEC_ERROR_LIBRARY_FAILURE on self-test failure
- sftk_getParameters(): Fix fallback to default variable after error with configfile.
- Switch to the mozillareleases/image_builder image
- update to NSS 3.100
- merge pk11_kyberSlotList into pk11_ecSlotList for faster Xyber operations.
- remove ckcapi.
- avoid a potential PK11GenericObject memory leak.
- Remove incomplete ESDH code.
- Decrypt RSA OAEP encrypted messages.
- Fix certutil CRLDP URI code.
- Don't set CKA_DERIVE for CKK_EC_EDWARDS private keys.
- Add ability to encrypt and decrypt CMS messages using ECDH.
- Correct Templates for key agreement in smime/cmsasn.c.
- Moving the decodedCert allocation to NSS.
- Allow developers to speed up repeated local execution of NSS tests that depend on certificates.
- update to NSS 3.99
- Removing check for message len in ed25519
- add ed25519 to SECU_ecName2params.
- add EdDSA wycheproof tests.
- nss/lib layer code for EDDSA.
- Adding EdDSA implementation.
- Exporting Certificate Compression types
- Updating ACVP docker to rust 1.74
- Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552
- Add NSS_CMSRecipient_IsSupported.
- update to NSS 3.98
- CVE-2023-5388: Timing attack against RSA decryption in TLS
- Certificate Compression: enabling the check that the compression was advertised
- Move Windows workers to nss-1/b-win2022-alpha
- Remove Email trust bit from OISTE WISeKey Global Root GC CA
- Replace `distutils.spawn.find_executable` with `shutil.which` within `mach` in `nss`
- Certificate Compression: Updating nss_bogo_shim to support Certificate compression
- TLS Certificate Compression (RFC 8879) Implementation
- Add valgrind annotations to freebl kyber operations for constant-time execution tests
- Set nssckbi version number to 2.66
- Add Telekom Security roots
- Add D-Trust 2022 S/MIME roots
- Remove expired Security Communication RootCA1 root
- move keys to a slot that supports concatenation in PK11_ConcatSymKeys
- remove unmaintained tls-interop tests
- bogo: add support for the -ipv6 and -shim-id shim flags
- bogo: add support for the -curves shim flag and update Kyber expectations
- bogo: adjust expectation for a key usage bit test
- mozpkix: add option to ignore invalid subject alternative names
- Fix selfserv not stripping `publicname:` from -X value
- take ownership of ecckilla shims
- add valgrind annotations to freebl/ec.c
- PR_INADDR_ANY needs PR_htonl before assignment to inet.ip
- Update zlib to 1.3.1
- update to NSS 3.97
- make Xyber768d00 opt-in by policy
- add libssl support for xyber768d00
- add PK11_ConcatSymKeys
- add Kyber and a PKCS#11 KEM interface to softoken
- add a FreeBL API for Kyber
- part 2: vendor github.com/pq-crystals/kyber/commit/e0d1c6ff
- part 1: add a script for vendoring kyber from pq-crystals repo
- Removing the calls to RSA Blind from loader.*
- fix worker type for level3 mac tasks
- RSA Blind implementation
- Remove DSA selftests
- read KWP testvectors from JSON
- Backed out changeset dcb174139e4f
- Fix CKM_PBE_SHA1_DES2_EDE_CBC derivation
- Wrap CC shell commands in gyp expansions
- update to NSS 3.96.1
- Use pypi dependencies for MacOS worker in ./build_gyp.sh
- p7sign: add -a hash and -u certusage (also p7verify cleanups)
- add a defensive check for large ssl_DefSend return values
- Add dependency to the taskcluster script for Darwin
- Upgrade version of the MacOS worker for the CI
- update to NSS 3.95
- Bump builtins version number.
- Remove Email trust bit from Autoridad de Certificacion Firmaprofesional CIF A62634068 root cert.
- Remove 4 DigiCert (Symantec/Verisign) Root Certificates
- Remove 3 TrustCor Root Certificates from NSS.
- Remove Camerfirma root certificates from NSS.
- Remove old Autoridad de Certificacion Firmaprofesional Certificate.
- Add four Commscope root certificates to NSS.
- Add TrustAsia Global Root CA G3 and G4 root certificates.
- Include P-384 and P-521 Scalar Validation from HACL*
- Include P-256 Scalar Validation from HACL*.
- After the HACL 256 ECC patch, NSS incorrectly encodes 256 ECC without DER wrapping at the softoken level
- Add means to provide library parameters to C_Initialize
- clang format
- add OSXSAVE and XCR0 tests to AVX2 detection.
- Typo in ssl3_AppendHandshakeNumber
- Introducing input check of ssl3_AppendHandshakeNumber
- Fix Invalid casts in instance.c
- update to NSS 3.94
- Updated code and commit ID for HACL*
- update ACVP fuzzed test vector: refuzzed with current NSS
- Softoken C_ calls should use system FIPS setting to select NSC_ or FC_ variants
- NSS needs a database tool that can dump the low level representation of the database
- declare string literals using char in pkixnames_tests.cpp
- avoid implicit conversion for ByteString
- update rust version for acvp docker
- Moving the init function of the mpi_ints before clean-up in ec.c
- P-256 ECDH and ECDSA from HACL*
- Add ACVP test vectors to the repository
- Stop relying on std::basic_string<uint8_t>
- Transpose the PPC_ABI check from Makefile to gyp
- Update to NSS 3.93:
- Update zlib in NSS to 1.3.
- softoken: iterate hashUpdate calls for long inputs.
- regenerate NameConstraints test certificates (bsc#1214980).
- update to NSS 3.92
- Set nssckbi version number to 2.62
- Add 4 Atos TrustedRoot Root CA certificates to NSS
- Add 4 SSL.com Root CA certificates
- Add Sectigo E46 and R46 Root CA certificates
- Add LAWtrust Root CA2 (4096)
- Remove E-Tugra Certification Authority root
- Remove Camerfirma Chambers of Commerce Root.
- Remove Hongkong Post Root CA 1
- Remove E-Tugra Global Root CA ECC v3 and RSA v3
- Avoid redefining BYTE_ORDER on hppa Linux
- update to NSS 3.91
- Implementation of the HW support check for ADX instruction
- Removing the support of Curve25519
- Fix comment about the addition of ticketSupportsEarlyData
- Adding args to enable-legacy-db build
- dbtests.sh failure in "certutil dump keys with explicit default trust flags"
- Initialize flags in slot structures
- Improve the length check of RSA input to avoid heap overflow
- Followup Fixes
- avoid processing unexpected inputs by checking for m_exptmod base sign
- add a limit check on order_k to avoid infinite loop
- Update HACL* to commit 5f6051d2
- add SHA3 to cryptohi and softoken
- HACL SHA3
- Disabling ASM C25519 for A but X86_64
- update to NSS 3.90.3
- GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
- clean up escape handling.
- remove redundant AllocItem implementation.
- Disable ASM support for Curve25519.
- Disable ASM support for Curve25519 for all but X86_64.
CriticalSUSE bug 1214980SUSE bug 1216198SUSE bug 1222804SUSE bug 1222807SUSE bug 1222811SUSE bug 1222813SUSE bug 1222814SUSE bug 1222821SUSE bug 1222822SUSE bug 1222826SUSE bug 1222828SUSE bug 1222830SUSE bug 1222833SUSE bug 1222834SUSE bug 1223724SUSE bug 1224113SUSE bug 1224115SUSE bug 1224116SUSE bug 1224118SUSE bug 1227918SUSE bug 1325335SUSE bug 1548723SUSE bug 1573097SUSE bug 1615555SUSE bug 1748105SUSE bug 1753026SUSE bug 1757758SUSE bug 1774659SUSE bug 1775046SUSE bug 1780432SUSE bug 1784253SUSE bug 1793811SUSE bug 1813401SUSE bug 1818766SUSE bug 1822450SUSE bug 1822935SUSE bug 1822936SUSE bug 1826451SUSE bug 1826652SUSE bug 1827224SUSE bug 1827303SUSE bug 1827444SUSE bug 1829112SUSE bug 1830415SUSE bug 1830978SUSE bug 1831552SUSE bug 1833270SUSE bug 1834851SUSE bug 1835357SUSE bug 1835425SUSE bug 1835828SUSE bug 1836781SUSE bug 1836925SUSE bug 1837431SUSE bug 1837617SUSE bug 1837987SUSE bug 1839327SUSE bug 1839795SUSE bug 1839992SUSE bug 1840429SUSE bug 1840437SUSE bug 1840505SUSE bug 1840510SUSE bug 1841029SUSE bug 1842928SUSE bug 1842932SUSE bug 1842935SUSE bug 1842937SUSE bug 1847845SUSE bug 1848183SUSE bug 1849077SUSE bug 1849471SUSE bug 1850598SUSE bug 1850982SUSE bug 1851044SUSE bug 1851049SUSE bug 1852011SUSE bug 1852179SUSE bug 1853737SUSE bug 1854438SUSE bug 1854439SUSE bug 1854795SUSE bug 1855318SUSE bug 1858241SUSE bug 1860670SUSE bug 1861265SUSE bug 1861728SUSE bug 1863605SUSE bug 1865450SUSE bug 1867408SUSE bug 1869378SUSE bug 1869408SUSE bug 1869642SUSE bug 1870673SUSE bug 1871152SUSE bug 1871219SUSE bug 1871630SUSE bug 1871631SUSE bug 1873095SUSE bug 1873296SUSE bug 1874017SUSE bug 1874111SUSE bug 1874458SUSE bug 1874937SUSE bug 1875356SUSE bug 1875506SUSE bug 1875965SUSE bug 1876179SUSE bug 1876390SUSE bug 1876800SUSE bug 1877344SUSE bug 1877730SUSE bug 1879513SUSE bug 1879945SUSE bug 1880857SUSE bug 1881027SUSE bug 1884276SUSE bug 1884444SUSE bug 1885404SUSE bug 1887996SUSE bug 1889671SUSE bug 1890069SUSE bug 1893029SUSE bug 1893162SUSE bug 1893334SUSE bug 1893404SUSE bug 1893752SUSE bug 1894572SUSE bug 1895012SUSE bug 1895032SUSE bug 1896353SUSE bug 1897487SUSE bug 1898074SUSE bug 1898627SUSE bug 1898825SUSE bug 1898830SUSE bug 1898858SUSE bug 1899593SUSE bug 1899759SUSE bug 1899883SUSE bug 1900413SUSE bug 1901080SUSE bug 1901932SUSE bug 1905691SUSE bug 215997SUSE bug 671060SUSE bug 676100SUSE bug 676118SUSE bug 864039CVE-2023-5388 at SUSECVE-2023-5388 at NVDcpe:/o:suse:sl-micro:6.0Security update for cockpit (Important)SUSE Linux Micro 6.0
This update for cockpit fixes the following issues:
- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global
prototypes (bsc#1257324).
ImportantSUSE bug 1257324CVE-2025-13465 at SUSECVE-2025-13465 at NVDcpe:/o:suse:sl-micro:6.0Security update for libpng16 (Important)SUSE Linux Micro 6.0
This update for libpng16 fixes the following issues:
- CVE-2025-28162: memory leaks when running `pngimage` (bsc#1257364).
- CVE-2025-28164: memory leaks when running `pngimage` (bsc#1257365).
- CVE-2026-22695: heap buffer over-read in png_image_finish_read (bsc#1256525).
- CVE-2026-22801: integer truncation causing heap buffer over-read in png_image_write_* (bsc#1256526).
- CVE-2026-25646: heap buffer overflow vulnerability in png_set_dither/png_set_quantize (bsc#1258020).
ImportantSUSE bug 1256525SUSE bug 1256526SUSE bug 1257364SUSE bug 1257365SUSE bug 1258020CVE-2025-28162 at SUSECVE-2025-28162 at NVDCVE-2025-28164 at SUSECVE-2025-28164 at NVDCVE-2026-22695 at SUSECVE-2026-22695 at NVDCVE-2026-22801 at SUSECVE-2026-22801 at NVDCVE-2026-25646 at SUSECVE-2026-25646 at NVDcpe:/o:suse:sl-micro:6.0Security update for libssh (Moderate)SUSE Linux Micro 6.0
This update for libssh fixes the following issues:
- CVE-2026-0964: SCP Protocol Path Traversal in ssh_scp_pull_request() (bsc#1258049)
- CVE-2026-0965: Possible Denial of Service when parsing unexpected configuration files (bsc#1258045)
- CVE-2026-0966: Buffer underflow in ssh_get_hexa() on invalid input (bsc#1258054)
- CVE-2026-0967: Specially crafted patterns could cause DoS (bsc#1258081)
- CVE-2026-0968: OOB Read in sftp_parse_longname() (bsc#1258080)
ModerateSUSE bug 1258045SUSE bug 1258049SUSE bug 1258054SUSE bug 1258080SUSE bug 1258081CVE-2026-0964 at SUSECVE-2026-0964 at NVDCVE-2026-0965 at SUSECVE-2026-0965 at NVDCVE-2026-0966 at SUSECVE-2026-0966 at NVDCVE-2026-0967 at SUSECVE-2026-0967 at NVDCVE-2026-0968 at SUSECVE-2026-0968 at NVDcpe:/o:suse:sl-micro:6.0Security update for avahi (Moderate)SUSE Linux Micro 6.0
This update for avahi fixes the following issues:
- CVE-2024-52615: Resolve fixed source ports for wide-area DNS queries cause DNS responses be injected. (bsc#1233421)
- CVE-2025-68468: Fixed DoS bug by removing incorrect assertion. (bsc#1256499)
- CVE-2025-68471: Fixed DoS bug by changing assert to return. (bsc#1256500)
- CVE-2025-68276: Refuse to create wide-area record browsers when wide-area is off. (bsc#1256498)
ModerateSUSE bug 1233421SUSE bug 1256498SUSE bug 1256499SUSE bug 1256500CVE-2024-52615 at SUSECVE-2024-52615 at NVDCVE-2025-68276 at SUSECVE-2025-68276 at NVDCVE-2025-68468 at SUSECVE-2025-68468 at NVDCVE-2025-68471 at SUSECVE-2025-68471 at NVDcpe:/o:suse:sl-micro:6.0Security update for rust-keylime (Important)SUSE Linux Micro 6.0
This update for rust-keylime fixes the following issues:
Update to version 0.2.8+116.
Security issues fixed:
- CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257908).
Other updates and bugfixes:
- Update to version 0.2.8+116:
* build(deps): bump bytes from 1.7.2 to 1.11.1
* api: Modify /version endpoint output in version 2.5
* Add API v2.5 with backward-compatible /v2.5/quotes/integrity
* tests: add unit test for resolve_agent_id (#1182)
* (pull-model): enable retry logic for registration
* rpm: Update specfiles to apply on master
* workflows: Add test to detect unused crates
* lib: Drop unused crates
* push-model: Drop unused crates
* keylime-agent: Drop unused crates
* build(deps): bump uuid from 1.18.1 to 1.19.0
* Update reqwest-retry to 0.8, retry-policies to 0.5
* rpm: Fix cargo_build macro usage on CentOS Stream
* fix(push-model): resolve hash_ek uuid to actual EK hash
* build(deps): bump thiserror from 2.0.16 to 2.0.17
* workflows: Separate upstream test suite from e2e coverage
* Send UEFI measured boot logs as raw bytes (#1173)
* auth: Add unit tests for SecretToken implementation
* packit: Enable push-attestation tests
* resilient_client: Prevent authentication token leakage in logs
- Update to version 0.2.8+96:
* build(deps): bump wiremock from 0.6.4 to 0.6.5
* build(deps): bump actions/checkout from 5 to 6
* build(deps): bump chrono from 0.4.41 to 0.4.42
* packit: Get coverage from Fedora 43 runs
* Fix issues pointed out by clippy
* Replace mutex unwraps with proper error handling in TPM library
* Remove unused session request methods from StructureFiller
* Fix config panic on missing ek_handle in push model agent
* build(deps): bump tempfile from 3.21.0 to 3.23.0
* build(deps): bump actions/upload-artifact from 4 to 6 (#1163)
* Fix clippy warnings project-wide
* Add KEYLIME_DIR support for verifier TLS certificates in push model agent
* Thread privileged resources and use MeasurementList for IMA reading
* Add privileged resource initialization and privilege dropping to push model agent
* Fix privilege dropping order in run_as()
* add documentation on FQDN hostnames
* Remove confusing logs for push mode agent
* Set correct default Verifier port (8891->8881) (#1159)
* Add verifier_url to reference configuration file (#1158)
* Add TLS support for Registrar communication (#1139)
* Fix agent handling of 403 registration responses (#1154)
* Add minor README.md rephrasing (#1151)
* build(deps): bump actions/checkout from 5 to 6 (#1153)
* ci: update spec files for packit COPR build
* docs: improve challenge encoding and async TPM documentation
* refactor: improve middleware and error handling
* feat: add authentication client with middleware integration
* docker: Include keylime_push_model_agent binary
* Include attestation_interval configuration (#1146)
* Persist payload keys to avoid attestation failure on restart
* crypto: Implement the load or generate pattern for keys
* Use simple algorithm specifiers in certification_keys object (#1140)
* tests: Enable more tests in CI
* Fix RSA2048 algorithm reporting in keylime agent
* Remove disabled_signing_algorithms configuration
* rpm: Fix metadata patches to apply to current code
* workflows/rpm.yml: Use more strict patching
* build(deps): bump uuid from 1.17.0 to 1.18.1
* Fix ECC algorithm selection and reporting for keylime agent
* Improve logging consistency and coherency
* Implement minimal RFC compliance for Location header and URI parsing (#1125)
* Use separate keys for payload mechanism and mTLS
* docker: update rust to 1.81 for distroless Dockerfile
* Ensure UEFI log capabilities are set to false
* build(deps): bump http from 1.1.0 to 1.3.1
* build(deps): bump log from 0.4.27 to 0.4.28
* build(deps): bump cfg-if from 1.0.1 to 1.0.3
* build(deps): bump actix-rt from 2.10.0 to 2.11.0
* build(deps): bump async-trait from 0.1.88 to 0.1.89
* build(deps): bump trybuild from 1.0.105 to 1.0.110
* Accept evidence handling structures null entries
* workflows: Add test to check if RPM patches still apply
* CI: Enable test add-agent-with-malformed-ek-cert
* config: Fix singleton tests
* FSM: Remove needless lifetime annotations (#1105)
* rpm: Do not remove wiremock which is now available in Fedora
* Use latest Fedora httpdate version (1.0.3)
* Enhance coverage with parse_retry_after test
* Fix issues reported by CI regarding unwrap() calls
* Reuse max retries indicated to the ResilientClient
* Include limit of retries to 5 for Retry-After
* Add policy to handle Retry-After response headers
* build(deps): bump wiremock from 0.6.3 to 0.6.4
* build(deps): bump serde_json from 1.0.140 to 1.0.143
* build(deps): bump pest_derive from 2.8.0 to 2.8.1
* build(deps): bump syn from 2.0.90 to 2.0.106
* build(deps): bump tempfile from 3.20.0 to 3.21.0
* build(deps): bump thiserror from 2.0.12 to 2.0.16
* rpm: Fix patches to apply to current master code
* build(deps): bump anyhow from 1.0.98 to 1.0.99
* state_machine: Automatically clean config override during tests
* config: Implement singleton and factory pattern
* testing: Support overriding configuration during tests
* feat: implement standalone challenge-response authentication module
* structures: rename session structs for clarity and fix typos
* tpm: refactor certify_credential_with_iak() into a more generic function
* Add Push Model Agent Mermaid FSM chart (#1095)
* Add state to avoid exiting on wrong attestation (#1093)
* Add 6 alphanumeric lowercase X-Request-ID header
* Enhance Evidence Handling response parsing
* build(deps): bump quote from 1.0.35 to 1.0.40
* build(deps): bump libc from 0.2.172 to 0.2.175
* build(deps): bump glob from 0.3.2 to 0.3.3
* build(deps): bump actix-web from 4.10.2 to 4.11.0
ImportantSUSE bug 1257908CVE-2026-25727 at SUSECVE-2026-25727 at NVDcpe:/o:suse:sl-micro:6.0Security update for glibc (Important)SUSE Linux Micro 6.0
This update for glibc fixes the following issues:
- CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766).
- CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822).
- CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005).
- CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965).
ImportantSUSE bug 1246965SUSE bug 1256766SUSE bug 1256822SUSE bug 1257005CVE-2025-15281 at SUSECVE-2025-15281 at NVDCVE-2025-8058 at SUSECVE-2025-8058 at NVDCVE-2026-0861 at SUSECVE-2026-0861 at NVDCVE-2026-0915 at SUSECVE-2026-0915 at NVDcpe:/o:suse:sl-micro:6.0Security update for ucode-intel (Important)SUSE Linux Micro 6.0
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20260210 release (bsc#1258046):
- CVE-2024-24853: Updated fix for incorrect behavior order in transition
between executive monitor and SMI transfer monitor (STM) in some Intel(R)
Processor may allow a privileged user to potentially enable escalation
of privilege via local access (bsc#1229129).
- CVE-2025-31648: Improper handling of values in the
microcode flow for some Intel Processor Family may allow
an escalation of privilege (bsc#1258046).
ImportantSUSE bug 1229129SUSE bug 1258046CVE-2024-24853 at SUSECVE-2024-24853 at NVDCVE-2025-31648 at SUSECVE-2025-31648 at NVDcpe:/o:suse:sl-micro:6.0Security update for qemu (Important)SUSE Linux Micro 6.0
This update for qemu fixes the following issues:
- Fix bsc#1221812:
* block: Reschedule query-block during qcow2 invalidation (bsc#1221812)
- Fix bsc#1229007, CVE-2024-7409:
* nbd/server: CVE-2024-7409: Close stray clients at server-stop (bsc#1229007)
* nbd/server: CVE-2024-7409: Drop non-negotiating clients (bsc#1229007)
* nbd/server: CVE-2024-7409: Cap default max-connections to 100 (bsc#1229007)
* nbd/server: Plumb in new args to nbd_client_add() (bsc#1229007, CVE-2024-7409)
* nbd: Minor style and typo fixes (bsc#1229007, CVE-2024-7409)
- Update to version 8.2.6:
Full backport lists (from the various releases) here:
https://lore.kernel.org/qemu-devel/1721203806.547734.831464.nullmailer@tls.msk.ru/
Some of the upstream backports are:
hw/nvme: fix number of PIDs for FDP RUH update
sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments
char-stdio: Restore blocking mode of stdout on exit
virtio: remove virtio_tswap16s() call in vring_packed_event_read()
virtio-pci: Fix the failure process in kvm_virtio_pci_vector_use_one()
block: Parse filenames only when explicitly requested
iotests/270: Don't store data-file with json: prefix in image
iotests/244: Don't store data-file with protocol in image
qcow2: Don't open data_file with BDRV_O_NO_IO (bsc#1227322, CVE-2024-4467)
target/arm: Fix FJCVTZS vs flush-to-zero
target/arm: Fix VCMLA Dd, Dn, Dm[idx]
i386/cpu: fixup number of addressable IDs for processor cores in the physical package
tests: Update our CI to use CentOS Stream 9 instead of 8
migration: Fix file migration with fdset
tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers
target/sparc: use signed denominator in sdiv helper
linux-user: Make TARGET_NR_setgroups affect only the current thread
accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded
stdvga: fix screen blanking
hw/audio/virtio-snd: Always use little endian audio format
ui/gtk: Draw guest frame at refresh cycle
virtio-net: drop too short packets early
target/i386: fix size of EBP writeback in gen_enter()
ImportantSUSE bug 1221812SUSE bug 1227322SUSE bug 1229007CVE-2024-4467 at SUSECVE-2024-4467 at NVDCVE-2024-7409 at SUSECVE-2024-7409 at NVDcpe:/o:suse:sl-micro:6.0Security update for cups (Important)SUSE Linux Micro 6.0
This update for cups fixes the following issues:
Update to version 2.4.16.
Security issues fixed:
- CVE-2025-58436: single client sending slow messages to cupsd can delay the application and make it unusable for other
clients (bsc#1244057).
- CVE-2025-58060: authentication bypass with AuthType negotiate (bsc#1249049).
- CVE-2025-58364: unsafe deserialization and validation of printer attributes can lead to null dereference
(bsc#1249128).
- CVE-2025-61915: local denial-of-service via cupsd.conf update and related issues (bsc#1253783).
Other updates and bugfixes:
- Version upgrade to 2.4.16:
* 'cupsUTF8ToCharset' didn't validate 2-byte UTF-8 sequences,
potentially reading past the end of the source string
(Issue #1438)
* The web interface did not support domain usernames fully
(Issue #1441)
* Fixed an infinite loop issue in the GTK+ print dialog
(Issue #1439 bsc#1254353)
* Fixed stopping scheduler on unknown directive in
configuration (Issue #1443)
- Version upgrade to 2.4.15:
* Fixed potential crash in 'cups-driverd' when there are
duplicate PPDs (Issue #1355)
* Fixed error recovery when scanning for PPDs
in 'cups-driverd' (Issue #1416)
- Fix packages for Immutable Mode - cups (jsc#PED-14775,jsc#PED-14688)
- Version upgrade to 2.4.14.
- Version upgrade to 2.4.13:
* Added 'print-as-raster' printer and job attributes
for forcing rasterization (Issue #1282)
* Updated documentation (Issue #1086)
* Updated IPP backend to try a sanitized user name if the
printer/server does not like the value (Issue #1145)
* Updated the scheduler to send the "printer-added"
or "printer-modified" events whenever an IPP Everywhere PPD
is installed (Issue #1244)
* Updated the scheduler to send the "printer-modified" event
whenever the system default printer is changed (Issue #1246)
* Fixed a memory leak in 'httpClose' (Issue #1223)
* Fixed missing commas in 'ippCreateRequestedArray'
(Issue #1234)
* Fixed subscription issues in the scheduler and D-Bus notifier
(Issue #1235)
* Fixed media-default reporting for custom sizes (Issue #1238)
* Fixed support for IPP/PPD options with periods or underscores
(Issue #1249)
* Fixed parsing of real numbers in PPD compiler source files
(Issue #1263)
* Fixed scheduler freezing with zombie clients (Issue #1264)
* Fixed support for the server name in the ErrorLog filename
(Issue #1277)
* Fixed job cleanup after daemon restart (Issue #1315)
* Fixed handling of buggy DYMO USB printer serial numbers
(Issue #1338)
* Fixed unreachable block in IPP backend (Issue #1351)
* Fixed memory leak in _cupsConvertOptions (Issue #1354)
- Version upgrade to 2.4.12:
* GnuTLS follows system crypto policies now (Issue #1105)
* Added `NoSystem` SSLOptions value (Issue #1130)
* Now we raise alert for certificate issues (Issue #1194)
* Added Kyocera USB quirk (Issue #1198)
* The scheduler now logs a job's debugging history
if the backend fails (Issue #1205)
* Fixed a potential timing issue with `cupsEnumDests`
(Issue #1084)
* Fixed a potential "lost PPD" condition in the scheduler
(Issue #1109)
* Fixed a compressed file error handling bug (Issue #1070)
* Fixed a bug in the make-and-model whitespace trimming
code (Issue #1096)
* Fixed a removal of IPP Everywhere permanent queue
if installation failed (Issue #1102)
* Fixed `ServerToken None` in scheduler (Issue #1111)
* Fixed invalid IPP keyword values created from PPD
option names (Issue #1118)
* Fixed handling of "media" and "PageSize" in the same
print request (Issue #1125)
* Fixed client raster printing from macOS (Issue #1143)
* Fixed the default User-Agent string.
* Fixed a recursion issue in `ippReadIO`.
* Fixed handling incorrect radix in `scan_ps()` (Issue #1188)
* Fixed validation of dateTime values with time zones
more than UTC+11 (Issue #1201)
* Fixed attributes returned by the Create-Xxx-Subscriptions
requests (Issue #1204)
* Fixed `ippDateToTime` when using a non GMT/UTC timezone
(Issue #1208)
* Fixed `job-completed` event notifications for jobs that are
cancelled before started (Issue #1209)
* Fixed DNS-SD discovery with `ippfind` (Issue #1211)
ImportantSUSE bug 1244057SUSE bug 1249049SUSE bug 1249128SUSE bug 1253783SUSE bug 1254353CVE-2025-58060 at SUSECVE-2025-58060 at NVDCVE-2025-58364 at SUSECVE-2025-58364 at NVDCVE-2025-58436 at SUSECVE-2025-58436 at NVDCVE-2025-61915 at SUSECVE-2025-61915 at NVDcpe:/o:suse:sl-micro:6.0Security update for libsoup (Important)SUSE Linux Micro 6.0
This update for libsoup fixes the following issues:
- CVE-2025-12105: Fixed heap use-after-free in message queue handling during HTTP/2 read completion. (bsc#1252555)
- CVE-2025-32049: Fixed a Denial of Service attack to websocket server. (bsc#1240751)
- CVE-2026-2443: Fixed an out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information disclosure to remote attackers. (bsc#1258170)
- CVE-2026-2369: Fixed a buffer overread due to integer underflow when handling zero-length resources. (bsc#1258120)
- CVE-2026-2708: Fixed HTTP request smuggling via duplicate Content-Length headers. (bsc#1258508)
ImportantSUSE bug 1240751SUSE bug 1252555SUSE bug 1258120SUSE bug 1258170SUSE bug 1258508CVE-2025-12105 at SUSECVE-2025-12105 at NVDCVE-2025-32049 at SUSECVE-2025-32049 at NVDCVE-2026-2369 at SUSECVE-2026-2369 at NVDCVE-2026-2443 at SUSECVE-2026-2443 at NVDCVE-2026-2708 at SUSECVE-2026-2708 at NVDcpe:/o:suse:sl-micro:6.0Security update for docker (Moderate)SUSE Linux Micro 6.0
This update for docker fixes the following issues:
- CVE-2025-58181: an invalid number of mechanisms may cause unbounded memory consumption (bcs#1253904).
ModerateSUSE bug 1253904CVE-2025-58181 at SUSECVE-2025-58181 at NVDcpe:/o:suse:sl-micro:6.0Security update for cockpit-machines (Important)SUSE Linux Micro 6.0
This update for cockpit-machines fixes the following issues:
- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global
prototypes (bsc#1257325).
ImportantSUSE bug 1257325CVE-2025-13465 at SUSECVE-2025-13465 at NVDcpe:/o:suse:sl-micro:6.0Security update for ca-certificates-mozilla (Moderate)SUSE Linux Micro 6.0
This update for ca-certificates-mozilla fixes the following issues:
- Updated to 2.84 state of Mozilla SSL root CAs (bsc#1258002)
- Removed:
- Baltimore CyberTrust Root
- CommScope Public Trust ECC Root-01
- CommScope Public Trust ECC Root-02
- CommScope Public Trust RSA Root-01
- CommScope Public Trust RSA Root-02
- DigiNotar Root CA
- Added:
- e-Szigno TLS Root CA 2023
- OISTE Client Root ECC G1
- OISTE Client Root RSA G1
- OISTE Server Root ECC G1
- OISTE Server Root RSA G1
- SwissSign RSA SMIME Root CA 2022 - 1
- SwissSign RSA TLS Root CA 2022 - 1
- TrustAsia SMIME ECC Root CA
- TrustAsia SMIME RSA Root CA
- TrustAsia TLS ECC Root CA
- TrustAsia TLS RSA Root CA
ModerateSUSE bug 1258002cpe:/o:suse:sl-micro:6.0Security update for python-cryptography (Moderate)SUSE Linux Micro 6.0
This update for python-cryptography fixes the following issues:
- CVE-2026-26007: missing validation can lead to security issues for signature verification (ECDSA) and shared key
negotiation (ECDH) (bsc#1258074).
ModerateSUSE bug 1258074CVE-2026-26007 at SUSECVE-2026-26007 at NVDcpe:/o:suse:sl-micro:6.0Security update for libxslt, libxml2 (Moderate)SUSE Linux Micro 6.0
This update for libxslt, libxml2 fixes the following issues:
Changes in libxml2:
- CVE-2026-0990: call stack overflow may lead to application crash due to infinite recursion in
`xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811).
- CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling
`nextCatalog` elements (bsc#1256809, bsc#1256812).
- CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files
(bsc#1247858).
- CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257594, bsc#1257595).
- CVE-2025-10911: parsing xsl nodes may lead to use-after-free with key data stored cross-RVT (bsc#1250553).
ModerateSUSE bug 1247850SUSE bug 1247858SUSE bug 1250553SUSE bug 1256804SUSE bug 1256805SUSE bug 1256807SUSE bug 1256808SUSE bug 1256809SUSE bug 1256810SUSE bug 1256811SUSE bug 1256812SUSE bug 1257593SUSE bug 1257594SUSE bug 1257595CVE-2025-10911 at SUSECVE-2025-10911 at NVDCVE-2025-8732 at SUSECVE-2025-8732 at NVDCVE-2026-0989 at SUSECVE-2026-0989 at NVDCVE-2026-0990 at SUSECVE-2026-0990 at NVDCVE-2026-0992 at SUSECVE-2026-0992 at NVDCVE-2026-1757 at SUSECVE-2026-1757 at NVDcpe:/o:suse:sl-micro:6.0Security update for gnutls (Moderate)SUSE Linux Micro 6.0
This update for gnutls fixes the following issues:
Add the functionality to allow to specify the hash algorithm for
the PSK. This fixes a bug in the current implementation where the
binder is always calculated with SHA256.
* (bsc#1258083, jsc#PED-15752, jsc#PED-15753)
* lib/psk: Add gnutls_psk_allocate_{client,server}_credentials2
* tests/psk-file: Add testing for _credentials2 functions
* lib/psk: add null check for binder algo
* pre_shared_key: fix memleak when retrying with different binder algo
* pre_shared_key: add null check on pskcred
Security fix:
* CVE-2025-14831: DoS via excessive resource consumption during
certificate verification (bsc#1257960)
ModerateSUSE bug 1257960SUSE bug 1258083CVE-2025-14831 at SUSECVE-2025-14831 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 kernel was updated to receive various security bugfixes.
This release includes the first live patch.
The following security bugs were fixed:
- CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage (bsc#1221326).
- CVE-2023-52581: netfilter: nf_tables: fix memleak when more than 255 elements expired (bsc#1220877).
- CVE-2023-52859: perf: hisi: Fix use-after-free when register pmu fails (bsc#1225582).
- CVE-2023-52889: apparmor: Fix null pointer deref when receiving skb during sock creation (bsc#1229287,).
- CVE-2024-26590: erofs: fix inconsistent per-file compression format (bsc#1220252).
- CVE-2024-26631: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
- CVE-2024-26668: netfilter: nft_limit: reject configurations that cause integer overflow (bsc#1222335).
- CVE-2024-26669: kABI fix for net/sched: flower: Fix chain template offload (bsc#1222350).
- CVE-2024-26677: blacklist.conf: Add e7870cf13d20 ("rxrpc: Fix delayed ACKs to not set the reference serial number") (bsc#1222387)
- CVE-2024-26735: ipv6: sr: fix possible use-after-free and null-ptr-deref (bsc#1222372).
- CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
- CVE-2024-26809: netfilter: nft_set_pipapo: release elements in clone only from destroy path (bsc#1222633).
- CVE-2024-26812: kABI: vfio: struct virqfd kABI workaround (bsc#1222808).
- CVE-2024-26835: netfilter: nf_tables: set dormant flag on hook register failure (bsc#1222967).
- CVE-2024-26837: net: bridge: switchdev: Skip MDB replays of deferred events on offload (bsc#1222973).
- CVE-2024-26851: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (bsc#1223074)
- CVE-2024-27010: net/sched: Fix mirred deadlock on device recursion (bsc#1223720).
- CVE-2024-27011: netfilter: nf_tables: fix memleak in map from abort path (bsc#1223803).
- CVE-2024-27024: net/rds: fix WARNING in rds_conn_connect_if_down (bsc#1223777).
- CVE-2024-27079: iommu/vt-d: Fix NULL domain on device release (bsc#1223742).
- CVE-2024-27403: kabi: restore const specifier in flow_offload_route_init() (bsc#1224415).
- CVE-2024-27433: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() (bsc#1224711).
- CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
- CVE-2024-35897: netfilter: nf_tables: discard table flag update with pending basechain deletion (bsc#1224510).
- CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
- CVE-2024-36286: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
- CVE-2024-36489: tls: fix missing memory barrier in tls_init (bsc#1226874)
- CVE-2024-36881: mm/userfaultfd: reset ptes when close() for wr-protected ones (bsc#1225718).
- CVE-2024-36929: net: core: reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
- CVE-2024-36933: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
- CVE-2024-36979: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. (bsc#1226604).
- CVE-2024-38662: selftests/bpf: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
- CVE-2024-39489: ipv6: sr: fix memleak in seg6_hmac_init_algo (bsc#1227623)
- CVE-2024-39506: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
- CVE-2024-40905: ipv6: fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
- CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798).
- CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781).
- CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784).
- CVE-2024-40938: landlock: fix d_parent walk (bsc#1227840).
- CVE-2024-40939: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (bsc#1227799).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810).
- CVE-2024-40957: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (bsc#1227811).
- CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812).
- CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
- CVE-2024-40978: scsi: qedi: Fix crash while reading debugfs attribute (bsc#1227929).
- CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
- CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829).
- CVE-2024-40995: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
- CVE-2024-41000: block/ioctl: prefer different overflow check (bsc#1227867).
- CVE-2024-41007: tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
- CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020).
- CVE-2024-41010: bpf: Fix too early release of tcx_entry (bsc#1228021).
- CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
- CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
- CVE-2024-41020: filelock: Fix fcntl/close race recovery compat path (bsc#1228427).
- CVE-2024-41032: mm: vmalloc: check if a hash-index is in cpu_possible_mask (bsc#1228460).
- CVE-2024-41036: net: ks8851: Fix deadlock with the SPI chip variant (bsc#1228496).
- CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518).
- CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520).
- CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
- CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565).
- CVE-2024-41050: cachefiles: cyclic allocation of msg_id to avoid reuse (bsc#1228499).
- CVE-2024-41051: cachefiles: wait for ondemand_object_worker to finish when dropping object (bsc#1228468).
- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462).
- CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459).
- CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release (bsc#1228576).
- CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
- CVE-2024-41066: ibmvnic: add tx check to prevent skb leak (bsc#1228640).
- CVE-2024-41068: s390/sclp: Fix sclp_init() cleanup on failure (bsc#1228579).
- CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
- CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
- CVE-2024-41074: cachefiles: Set object to close if ondemand_id < 0 in copen (bsc#1228643).
- CVE-2024-41075: cachefiles: add consistency check for copen/cread (bsc#1228646).
- CVE-2024-41076: NFSv4: Fix memory leak in nfs4_set_security_label (bsc#1228649).
- CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
- CVE-2024-41080: io_uring: fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
- CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617).
- CVE-2024-41084: cxl/region: Avoid null pointer dereference in region lookup (bsc#1228472).
- CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470).
- CVE-2024-42073: mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems (bsc#1228457).
- CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672).
- CVE-2024-42082: xdp: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
- CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
- CVE-2024-42095: serial: 8250_omap: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
- CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
- CVE-2024-42106: inet_diag: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
- CVE-2024-42107: ice: Do not process extts if PTP is disabled (bsc#1228494).
- CVE-2024-42109: netfilter: nf_tables: unconditionall (bsc#1228505).
- CVE-2024-42110: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
- CVE-2024-42113: net: txgbe: initialize num_q_vectors for MSI/INTx interrupts (bsc#1228568).
- CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591).
- CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705).
- CVE-2024-42138: mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file (bsc#1228500).
- CVE-2024-42139: ice: Fix improper extts handling (bsc#1228503).
- CVE-2024-42142: net/mlx5: E-switch, Create ingress ACL when needed (bsc#1228491).
- CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743).
- CVE-2024-42148: bnx2x: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
- CVE-2024-42155: s390/pkey: Wipe copies of protected- and secure-keys (bsc#1228733).
- CVE-2024-42156: s390/pkey: Wipe copies of clear-key structures on failure (bsc#1228722).
- CVE-2024-42157: s390/pkey: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes).
- CVE-2024-42158: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
- CVE-2024-42159: scsi: mpi3mr: sanitise num_phys (bsc#1228754).
- CVE-2024-42161: bpf: avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756).
- CVE-2024-42162: gve: Account for stopped queues when reading NIC stats (bsc#1228706).
- CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723).
- CVE-2024-42241: mm/shmem: disable PMD-sized page cache if needed (bsc#1228986).
- CVE-2024-42245: Revert "sched/fair: Make sure to try to detach at least one movable task" (bsc#1228978).
- CVE-2024-42246: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
- CVE-2024-42247: wireguard: allowedips: avoid unaligned 64-bit memory accesses (bsc#1228988).
- CVE-2024-42268: net/mlx5: Fix missing lock on sync reset reload (bsc#1229391).
- CVE-2024-42269: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). (bsc#1229402).
- CVE-2024-42270: netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init(). (bsc#1229404).
- CVE-2024-42277: iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
- CVE-2024-42281: bpf: Fix a segment issue when downgrading gso_size (bsc#1229386).
- CVE-2024-42283: net: nexthop: Initialize all fields in dumped nexthops (bsc#1229383)
- CVE-2024-42284: tipc: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
- CVE-2024-42290: irqchip/imx-irqsteer: Handle runtime power management correctly (bsc#1229379).
- CVE-2024-42291: ice: Add a per-VF limit on number of FDIR filters (bsc#1229374).
- CVE-2024-42295: nilfs2: handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
- CVE-2024-42301: dev/parport: fix the array out-of-bounds risk (bsc#1229407).
- CVE-2024-42308: Update DRM patch reference (bsc#1229411)
- CVE-2024-42312: sysctl: always initialize i_uid/i_gid (bsc#1229357)
- CVE-2024-42316: mm/mglru: fix div-by-zero in vmpressure_calc_level() (bsc#1229353).
- CVE-2024-42318: landlock: Do not lose track of restrictions on cred_transfer (bsc#1229351).
- CVE-2024-42322: ipvs: properly dereference pe in ip_vs_add_service (bsc#1229347)
- CVE-2024-43821: scsi: lpfc: Fix a possible null pointer dereference (bsc#1229315).
- CVE-2024-43831: media: mediatek: vcodec: Handle invalid decoder vsi (bsc#1229309).
- CVE-2024-43834: xdp: fix invalid wait context of page_pool_destroy() (bsc#1229314)
- CVE-2024-43837: bpf: Fix updating attached freplace prog in prog_array map (bsc#1229297).
- CVE-2024-43839: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
- CVE-2024-43850: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove (bsc#1229316).
- CVE-2024-43854: block: initialize integrity buffer to zero before writing it to media (bsc#1229345)
- CVE-2024-43855: md: fix deadlock between mddev_suspend and flush bio (bsc#1229342).
- CVE-2024-43864: net/mlx5e: Fix CT entry update leaks of modify header context (bsc#1229496).
- CVE-2024-43866: net/mlx5: Always drain health in shutdown callback (bsc#1229495).
- CVE-2024-43880: kabi: lib: objagg: Put back removed metod in struct objagg_ops (bsc#1229481).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2024-43899: drm/amd/display: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
- CVE-2024-43911: wifi: mac80211: fix NULL dereference at band check in starting tx ba session (bsc#1229827).
Additional CVEs were previously fixed and are only mentioned in the metadata.
The following non-security bugs were fixed:
- ACPI/NUMA: Apply SRAT proximity domain to entire CFMWS window (git-fixes).
- ACPI: SBS: manage alarm sysfs attribute through psy core (stable-fixes).
- ACPI: battery: create alarm sysfs attribute atomically (stable-fixes).
- ACPI: processor_idle: use raw_safe_halt() in acpi_idle_play_dead() (git-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/realtek - FIxed ALC285 headphone no sound (stable-fixes).
- ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add quirk for Acer Aspire E5-574G (stable-fixes).
- ALSA: hda/realtek: Add support for new HP G12 laptops (stable-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs on HP Laptop 14-ey0xxx (stable-fixes).
- ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes).
- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book3 Ultra (stable-fixes).
- ALSA: hda/realtek: Implement sound init sequence for Samsung Galaxy Book3 Pro 360 (stable-fixes).
- ALSA: hda/realtek: support HP Pavilion Aero 13-bg0xxx Mute LED (stable-fixes).
- ALSA: hda/tas2781: Use correct endian conversion (git-fixes).
- ALSA: hda/tas2781: fix wrong calibrated data order (git-fixes).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Conditionally use snooping for AMD HDMI (git-fixes).
- ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: seq: Skip event type filtering for UMP events (git-fixes).
- ALSA: seq: ump: Explicitly reset RPN with Null RPN (stable-fixes).
- ALSA: seq: ump: Optimize conversions from SysEx to UMP (git-fixes).
- ALSA: seq: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes).
- ALSA: seq: ump: Use the common RPN/bank conversion context (stable-fixes).
- ALSA: timer: Relax start tick time check for slave timer elements (git-fixes).
- ALSA: ump: Explicitly reset RPN with Null RPN (stable-fixes).
- ALSA: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes).
- ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes).
- ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes).
- ASoC: SOF: Intel: hda-dsp: Make sure that no irq handler is pending before suspend (stable-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: SOF: amd: Fix for acp init sequence (git-fixes).
- ASoC: SOF: ipc4: check return value of snd_sof_ipc_msg_data (stable-fixes).
- ASoC: SOF: mediatek: Add missing board compatible (stable-fixes).
- ASoC: allow module autoloading for table board_ids (stable-fixes).
- ASoC: allow module autoloading for table db1200_pids (stable-fixes).
- ASoC: amd: acp: fix module autoloading (git-fixes).
- ASoC: amd: yc: Add quirk entry for OMEN by HP Gaming Laptop 16-n0xxx (bsc#1227182).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: cs35l45: Checks index of cs35l45_irqs[] (stable-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: mediatek: mt8188: Mark AFE_DAC_CON0 register as volatile (stable-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- Bluetooth: Add device 13d3:3572 IMC Networks Bluetooth Radio (stable-fixes).
- Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes).
- Bluetooth: L2CAP: Fix deadlock (git-fixes).
- Bluetooth: MGMT: Add error handling to pair_device() (git-fixes).
- Bluetooth: SMP: Fix assumption of Central always being Initiator (git-fixes).
- Bluetooth: bnep: Fix out-of-bound access (stable-fixes).
- Bluetooth: btintel: Fail setup on error (git-fixes).
- Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading (stable-fixes).
- Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (stable-fixes).
- Bluetooth: hci_conn: Check non NULL function before calling for HFP offload (stable-fixes).
- Bluetooth: hci_core: Fix LE quote calculation (git-fixes).
- Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes).
- Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes).
- Bluetooth: hci_sync: avoid dup filtering when passive scanning with adv monitor (git-fixes).
- Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git-fixes).
- Drop libata patch that caused a regression (bsc#1229054)
- HID: wacom: Defer calculation of resolution until resolution_code is known (git-fixes).
- Input: MT - limit max slots (stable-fixes).
- Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table (bsc#1229056).
- Input: i8042 - add forcenorestore quirk to leave controller untouched even on s3 (stable-fixes).
- Input: i8042 - use new forcenorestore quirk to replace old buggy quirk combination (stable-fixes).
- KVM: Always flush async #PF workqueue when vCPU is being destroyed (git-fixes).
- KVM: Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY (git-fixes).
- KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869).
- KVM: PPC: Book3S HV: Handle pending exceptions on guest entry with MSR_EE (bsc#1215199).
- KVM: Protect vcpu->pid dereference via debugfs with RCU (git-fixes).
- KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes).
- KVM: Stop processing *all* memslots when "null" mmu_notifier handler is found (git-fixes).
- KVM: VMX: Move posted interrupt descriptor out of VMX code (git-fixes).
- KVM: VMX: Split out the non-virtualization part of vmx_interrupt_blocked() (git-fixes).
- KVM: VMX: Switch __vmx_exit() and kvm_x86_vendor_exit() in vmx_exit() (git-fixes).
- KVM: arm64: AArch32: Fix spurious trapping of conditional instructions (git-fixes).
- KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes).
- KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git-fixes).
- KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes).
- KVM: arm64: Fix __pkvm_init_switch_pgd call ABI (git-fixes).
- KVM: arm64: Fix clobbered ELR in sync abort/SError (git-fixes)
- KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes).
- KVM: arm64: timers: Correctly handle TGE flip with CNTPOFF_EL2 (git-fixes).
- KVM: arm64: timers: Fix resource leaks in kvm_timer_hyp_init() (git-fixes).
- KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes).
- KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes).
- KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes).
- KVM: arm64: vgic-v4: Restore pending state on host userspace write (git-fixes).
- KVM: arm64: vgic: Add a non-locking primitive for kvm_vgic_vcpu_destroy() (git-fixes).
- KVM: arm64: vgic: Force vcpu vgic teardown on vcpu destroy (git-fixes).
- KVM: arm64: vgic: Simplify kvm_vgic_destroy() (git-fixes).
- KVM: fix kvm_mmu_memory_cache allocation warning (git-fixes).
- KVM: nVMX: Add a helper to get highest pending from Posted Interrupt vector (git-fixes).
- KVM: nVMX: Check for pending posted interrupts when looking for nested events (git-fixes).
- KVM: nVMX: Request immediate exit iff pending nested event needs injection (git-fixes).
- KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes).
- KVM: s390: fix validity interception issue when gisa is switched off (git-fixes bsc#1229167).
- KVM: x86/mmu: Bug the VM if KVM tries to split a !hugepage SPTE (git-fixes).
- KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID (git-fixes).
- Move upstreamed powerpc patches into sorted section
- Move upstreamed sound patches into sorted section
- Moved upstreamed ASoC patch into sorted section
- NFSD: Support write delegations in LAYOUTGET (git-fixes).
- NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
- PCI: Add Edimax Vendor ID to pci_ids.h (stable-fixes).
- PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes).
- PCI: loongson: Enable MSI in LS7A Root Complex (stable-fixes).
- RDMA/cache: Release GID table even if leak is detected (git-fixes)
- RDMA/device: Return error earlier if port in not valid (git-fixes)
- RDMA/hns: Check atomic wr length (git-fixes)
- RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes)
- RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes)
- RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes)
- RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes)
- RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes)
- RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes)
- RDMA/hns: Fix unmatch exception handling when init eq table fails (git-fixes)
- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes)
- RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes).
- RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes)
- RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes)
- RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes)
- RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes)
- RDMA: Fix netdev tracker in ib_device_set_netdev (git-fixes)
- Revert "ALSA: firewire-lib: obsolete workqueue for period update" (bsc#1208783).
- Revert "ALSA: firewire-lib: operate for period elapse event in process context" (bsc#1208783).
- Revert "KVM: Prevent module exit until all VMs are freed" (git-fixes).
- Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"" (git-fixes).
- Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" (git-fixes).
- Revert "misc: fastrpc: Restrict untrusted app to attach to privileged PD" (git-fixes).
- Revert "usb: gadget: uvc: cleanup request when not in correct state" (stable-fixes).
- Revert "usb: typec: tcpm: clear pd_event queue in PORT_RESET" (git-fixes).
- SUNRPC: Fix a race to wake a sync task (git-fixes).
- SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes).
- Squashfs: fix variable overflow triggered by sysbot (git-fixes).
- USB: serial: debug: do not echo input by default (stable-fixes).
- Update config files. Disable vdpa drivers for Alibaba ENI and SolidNET (jsc#PED-8954, bsc#1227834)
- Update config files. Disable CONFIG_KFENCE on ppc64le (bsc#1226920)
- Update patch references for ASoC regression fixes (bsc#1229045 bsc#1229046)
- afs: fix __afs_break_callback() / afs_drop_open_mmap() race (git-fixes).
- apparmor: unpack transition table if dfa is not present (bsc#1226031).
- arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
- arm64: Add Neoverse-V2 part (git-fixes)
- arm64: Fix KASAN random tag seed initialization (git-fixes)
- arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
- arm64: barrier: Restore spec_bar() macro (git-fixes)
- arm64: cputype: Add Cortex-A720 definitions (git-fixes)
- arm64: cputype: Add Cortex-A725 definitions (git-fixes)
- arm64: cputype: Add Cortex-X1C definitions (git-fixes)
- arm64: cputype: Add Cortex-X3 definitions (git-fixes)
- arm64: cputype: Add Cortex-X4 definitions (git-fixes)
- arm64: cputype: Add Cortex-X925 definitions (git-fixes)
- arm64: cputype: Add Neoverse-V3 definitions (git-fixes)
- arm64: dts: imx8mp: Add NPU Node (git-fixes)
- arm64: dts: imx8mp: Fix pgc vpu locations (git-fixes)
- arm64: dts: imx8mp: Fix pgc_mlmix location (git-fixes)
- arm64: dts: imx8mp: add HDMI power-domains (git-fixes)
- arm64: errata: Expand speculative SSBS workaround (again) (git-fixes)
- arm64: errata: Expand speculative SSBS workaround (git-fixes)
- arm64: errata: Unify speculative SSBS errata logic (git-fixes). Update config files.
- arm64: jump_label: Ensure patched jump_labels are visible to all CPUs (git-fixes)
- ata: libata-scsi: Do not overwrite valid sense data when CK_COND=1 (stable-fixes).
- ata: libata-scsi: Honor the D_SENSE bit for CK_COND=1 and no error (stable-fixes).
- blacklist.conf: Add libata upstream revert entry (bsc#1229054)
- bnxt_re: Fix imm_data endianness (git-fixes)
- bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG (git-fixes)
- bpf, lpm: Fix check prefixlen before walking trie (git-fixes).
- bpf/tests: Remove duplicate JSGT tests (git-fixes).
- bpf: Add crosstask check to __bpf_get_stack (git-fixes).
- bpf: Detect IP == ksym.end as part of BPF program (git-fixes).
- bpf: Ensure proper register state printing for cond jumps (git-fixes).
- bpf: Fix a few selftest failures due to llvm18 change (git-fixes).
- bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903).
- bpf: Fix check_stack_write_fixed_off() to correctly spill imm (git-fixes).
- bpf: Fix kfunc callback register type handling (git-fixes).
- bpf: Fix prog_array_map_poke_run map poke update (git-fixes).
- bpf: Fix unnecessary -EBUSY from htab_lock_bucket (git-fixes).
- bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly (git-fixes).
- bpf: Remove unnecessary wait from bpf_map_copy_value() (git-fixes).
- bpf: Set uattr->batch.count as zero before batched update or deletion (git-fixes).
- bpf: do not infer PTR_TO_CTX for programs with unnamed context type (git-fixes).
- bpf: enforce precision of R0 on callback return (git-fixes).
- bpf: extract bpf_ctx_convert_map logic and make it more reusable (git-fixes).
- bpf: fix control-flow graph checking in privileged mode (git-fixes).
- bpf: handle bpf_user_pt_regs_t typedef explicitly for PTR_TO_CTX global arg (git-fixes).
- bpf: hardcode BPF_PROG_PACK_SIZE to 2MB * num_possible_nodes() (git-fixes).
- bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes).
- bpf: simplify btf_get_prog_ctx_type() into btf_is_prog_ctx_type() (git-fixes).
- bpftool: Align output skeleton ELF code (git-fixes).
- bpftool: Fix -Wcast-qual warning (git-fixes).
- bpftool: Silence build warning about calloc() (git-fixes).
- bpftool: mark orphaned programs during prog show (git-fixes).
- btrfs: add a btrfs_finish_ordered_extent helper (git-fixes).
- btrfs: add a is_data_bbio helper (git-fixes).
- btrfs: add an ordered_extent pointer to struct btrfs_bio (git-fixes).
- btrfs: copy dir permission and time when creating a stub subvolume (bsc#1228321).
- btrfs: ensure fast fsync waits for ordered extents after a write failure (git-fixes).
- btrfs: factor out a btrfs_queue_ordered_fn helper (git-fixes).
- btrfs: factor out a can_finish_ordered_extent helper (git-fixes).
- btrfs: fix corruption after buffer fault in during direct IO append write (git-fixes).
- btrfs: fix double inode unlock for direct IO sync writes (git-fixes).
- btrfs: fix extent map use-after-free when adding pages to compressed bio (git-fixes).
- btrfs: fix leak of qgroup extent records after transaction abort (git-fixes).
- btrfs: fix ordered extent split error handling in btrfs_dio_submit_io (git-fixes).
- btrfs: limit write bios to a single ordered extent (git-fixes).
- btrfs: make btrfs_finish_ordered_extent() return void (git-fixes).
- btrfs: merge the two calls to btrfs_add_ordered_extent in run_delalloc_nocow (git-fixes).
- btrfs: open code btrfs_bio_end_io in btrfs_dio_submit_io (git-fixes).
- btrfs: open code end_extent_writepage in end_bio_extent_writepage (git-fixes).
- btrfs: pass a btrfs_inode to btrfs_fdatawrite_range() (git-fixes).
- btrfs: pass a btrfs_inode to btrfs_wait_ordered_range() (git-fixes).
- btrfs: pass an ordered_extent to btrfs_reloc_clone_csums (git-fixes).
- btrfs: pass an ordered_extent to btrfs_submit_compressed_write (git-fixes).
- btrfs: remove btrfs_add_ordered_extent (git-fixes).
- btrfs: rename err to ret in btrfs_direct_write() (git-fixes).
- btrfs: uninline some static inline helpers from tree-log.h (git-fixes).
- btrfs: use a btrfs_inode in the log context (struct btrfs_log_ctx) (git-fixes).
- btrfs: use a btrfs_inode local variable at btrfs_sync_file() (git-fixes).
- btrfs: use bbio->ordered in btrfs_csum_one_bio (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete buffered writes (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete compressed writes (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete direct writes (git-fixes).
- btrfs: use irq safe locking when running and adding delayed iputs (git-fixes).
- cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode (bsc#1229245).
- cachefiles: add missing lock protection when polling (bsc#1229256).
- cachefiles: add restore command to recover inflight ondemand read requests (bsc#1229244).
- cachefiles: add spin_lock for cachefiles_ondemand_info (bsc#1229249).
- cachefiles: cancel all requests for the object that is being dropped (bsc#1229255).
- cachefiles: defer exposing anon_fd until after copy_to_user() succeeds (bsc#1229251).
- cachefiles: extract ondemand info field from cachefiles_object (bsc#1229240).
- cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() (bsc#1229247).
- cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() (bsc#1229246).
- cachefiles: introduce object ondemand state (bsc#1229239).
- cachefiles: make on-demand read killable (bsc#1229252).
- cachefiles: narrow the scope of triggering EPOLLIN events in ondemand mode (bsc#1229243).
- cachefiles: never get a new anonymous fd if ondemand_id is valid (bsc#1229250).
- cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229253).
- cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read() (bsc#1229248).
- cachefiles: resend an open request if the read request's object is closed (bsc#1229241).
- cachefiles: stop sending new request when dropping object (bsc#1229254).
- can: mcp251xfd: tef: prepare to workaround broken TEF FIFO tail index erratum (stable-fixes).
- can: mcp251xfd: tef: update workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes).
- ceph: periodically flush the cap releases (bsc#1230056).
- cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801).
- cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
- cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
- cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
- cgroup: Remove unnecessary list_empty() (bsc#1222254).
- cgroup: preserve KABI of cgroup_root (bsc#1222254).
- char: xillybus: Check USB endpoints when probing device (git-fixes).
- char: xillybus: Do not destroy workqueue from work item running on it (stable-fixes).
- char: xillybus: Refine workqueue handling (git-fixes).
- clk: en7523: fix rate divider for slic and spi clocks (git-fixes).
- clk: qcom: Park shared RCGs upon registration (git-fixes).
- clk: qcom: camcc-sc7280: Add parent dependency to all camera GDSCs (git-fixes).
- clk: qcom: gcc-sa8775p: Update the GDSC wait_val fields and flags (git-fixes).
- clk: qcom: gcc-sc7280: Update force mem core bit for UFS ICE clock (git-fixes).
- clk: qcom: gpucc-sa8775p: Park RCG's clk source at XO during disable (git-fixes).
- clk: qcom: gpucc-sa8775p: Remove the CLK_IS_CRITICAL and ALWAYS_ON flags (git-fixes).
- clk: qcom: gpucc-sa8775p: Update wait_val fields for GPU GDSC's (git-fixes).
- clk: qcom: gpucc-sm8350: Park RCG's clk source at XO during disable (git-fixes).
- clk: qcom: kpss-xcc: Return of_clk_add_hw_provider to transfer the error (git-fixes).
- clk: visconti: Add bounds-checking coverage for struct visconti_pll_provider (stable-fixes).
- clocksource/drivers/sh_cmt: Address race condition for clock events (stable-fixes).
- cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- cxl/region: Move cxl_dpa_to_region() work to the region driver (bsc#1228472)
- dev/parport: fix the array out-of-bounds risk (stable-fixes).
- device property: Add cleanup.h based fwnode_handle_put() scope based cleanup (stable-fixes).
- dmaengine: dw: Add memory bus width verification (git-fixes).
- dmaengine: dw: Add peripheral bus width verification (git-fixes).
- docs: KVM: Fix register ID of SPSR_FIQ (git-fixes).
- driver core: Fix uevent_show() vs driver detach race (git-fixes).
- drm/admgpu: fix dereferencing null pointer context (stable-fixes).
- drm/amd/display: Add delay to improve LTTPR UHBR interop (stable-fixes).
- drm/amd/display: Add null checker before passing variables (stable-fixes).
- drm/amd/display: Adjust cursor position (git-fixes).
- drm/amd/display: Check for NULL pointer (stable-fixes).
- drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable-fixes).
- drm/amd/display: avoid using null object of framebuffer (git-fixes).
- drm/amd/display: fix cursor offset on rotation 180 (git-fixes).
- drm/amd/display: fix s2idle entry for DCN3.5+ (stable-fixes).
- drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable-fixes).
- drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes).
- drm/amdgpu/jpeg4: properly set atomics vmid field (stable-fixes).
- drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes).
- drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes).
- drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes).
- drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell (stable-fixes).
- drm/amdgpu/sdma5.2: limit wptr workaround to sdma 5.2.1 (git-fixes).
- drm/amdgpu: Actually check flags for all context ops (stable-fixes).
- drm/amdgpu: Add lock around VF RLCG interface (stable-fixes).
- drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes).
- drm/amdgpu: Forward soft recovery errors to userspace (stable-fixes).
- drm/amdgpu: Validate TA binary size (stable-fixes).
- drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes).
- drm/amdgpu: fix potential resource leak warning (stable-fixes).
- drm/amdgpu: reset vm state machine after gpu reset(vram lost) (stable-fixes).
- drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes).
- drm/client: fix null pointer dereference in drm_client_modeset_probe (git-fixes).
- drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes).
- drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes).
- drm/i915/dsi: Make Lenovo Yoga Tab 3 X90F DMI match less strict (git-fixes).
- drm/i915/gem: Adjust vma offset for framebuffer mmap offset (stable-fixes).
- drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (git-fixes).
- drm/i915/hdcp: Fix HDCP2_STREAM_STATUS macro (git-fixes).
- drm/i915: Fix possible int overflow in skl_ddi_calculate_wrpll() (git-fixes).
- drm/lima: set gp bus_stop bit before hard reset (stable-fixes).
- drm/mediatek/dp: Fix spurious kfree() (git-fixes).
- drm/msm/dp: fix the max supported bpp logic (git-fixes).
- drm/msm/dp: reset the link phy params before link training (git-fixes).
- drm/msm/dpu: capture snapshot on the first commit_done timeout (stable-fixes).
- drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes).
- drm/msm/dpu: do not play tricks with debug macros (git-fixes).
- drm/msm/dpu: drop MSM_ENC_VBLANK support (stable-fixes).
- drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() (git-fixes).
- drm/msm/dpu: split dpu_encoder_wait_for_event into two functions (stable-fixes).
- drm/msm/dpu: take plane rotation into account for wide planes (git-fixes).
- drm/msm/dpu: try multirect based on mdp clock limits (stable-fixes).
- drm/msm/dpu: use drmm-managed allocation for dpu_encoder_phys (stable-fixes).
- drm/msm/mdss: Rename path references to mdp_path (stable-fixes).
- drm/msm/mdss: switch mdss to use devm_of_icc_get() (stable-fixes).
- drm/msm: Reduce fallout of fence signaling vs reclaim hangs (stable-fixes).
- drm/nouveau: prime: fix refcount underflow (git-fixes).
- drm/panel: nt36523: Set 120Hz fps for xiaomi,elish panels (stable-fixes).
- drm/radeon/evergreen_cs: Clean up errors in evergreen_cs.c (bsc#1229024).
- drm/radeon: Remove __counted_by from StateArray.states[] (git-fixes).
- drm/rockchip: vop2: clear afbc en and transform bit for cluster window at linear mode (stable-fixes).
- drm/virtio: Fix type of dma-fence context variable (git-fixes).
- drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes).
- drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes).
- drm/vmwgfx: Fix prime with external buffers (git-fixes).
- efi/libstub: Zero initialize heap allocated struct screen_info (git-fixes).
- evm: do not copy up 'security.evm' xattr (git-fixes).
- firmware: cirrus: cs_dsp: Initialize debugfs_root to invalid (stable-fixes).
- fs/netfs/fscache_cookie: add missing "n_accesses" check (bsc#1229455).
- fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229456).
- genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git-fixes).
- genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git-fixes).
- genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git-fixes).
- gfs2: setattr_chown: Add missing initialization (git-fixes).
- gpio: mlxbf3: Support shutdown() function (git-fixes).
- gpio: prevent potential speculation leaks in gpio_device_get_desc() (stable-fixes).
- gpio: sysfs: extend the critical section for unregistering sysfs devices (stable-fixes).
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes).
- hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes).
- hwmon: (ltc2992) Avoid division by zero (stable-fixes).
- hwmon: (ltc2992) Fix memory leak in ltc2992_parse_dt() (git-fixes).
- hwmon: (pc87360) Bounds check data->innr usage (stable-fixes).
- i2c: Fix conditional for substituting empty ACPI functions (stable-fixes).
- i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes).
- i2c: qcom-geni: Add missing clk_disable_unprepare in geni_i2c_runtime_resume (git-fixes).
- i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes).
- i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes).
- i2c: riic: avoid potential division by zero (stable-fixes).
- i2c: smbus: Improve handling of stuck alerts (git-fixes).
- i2c: smbus: Send alert notifications to all devices if source not found (git-fixes).
- i2c: stm32f7: Add atomic_xfer method to driver (stable-fixes).
- i3c: mipi-i3c-hci: Do not unmap region not mapped for transfer (stable-fixes).
- i3c: mipi-i3c-hci: Remove BUG() when Ring Abort request times out (stable-fixes).
- i915/perf: Remove code to update PWR_CLK_STATE for gen12 (git-fixes).
- ice: Fix NULL pointer access, if PF does not support SRIOV_LAG (bsc#1228737).
- io_uring/advise: support 64-bit lengths (git-fixes).
- io_uring: Drop per-ctx dummy_ubuf (git-fixes).
- io_uring: Fix probe of disabled operations (git-fixes).
- io_uring: fix io_match_task must_hold (git-fixes).
- io_uring: tighten task exit cancellations (git-fixes).
- iommu/amd: Convert comma to semicolon (git-fixes).
- iommu/vt-d: Fix identity map bounds in si_domain_init() (git-fixes).
- iommufd/device: Fix hwpt at err_unresv in iommufd_device_do_replace() (git-fixes).
- ip6_tunnel: Fix broken GRO (bsc#1229444).
- ipv6: sr: fix incorrect unregister order (git-fixes).
- irqdomain: Fixed unbalanced fwnode get and put (git-fixes).
- jfs: Fix shift-out-of-bounds in dbDiscardAG (git-fixes).
- jfs: define xtree root and page independently (git-fixes).
- jfs: fix null ptr deref in dtInsertEntry (git-fixes).
- jump_label: Clarify condition in static_key_fast_inc_not_disabled() (git-fixes).
- jump_label: Fix concurrency issues in static_key_slow_dec() (git-fixes).
- jump_label: Fix the fix, brown paper bags galore (git-fixes).
- jump_label: Simplify and clarify static_key_fast_inc_cpus_locked() (git-fixes).
- kABI fix of: virtio-crypto: handle config changed by work queue (git-fixes).
- kABI workaround for sound core UMP conversion (stable-fixes).
- kabi fix for KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes).
- kabi fix for SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes).
- kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783)
- kcov: properly check for softirq context (git-fixes).
- kernel-binary: generate and install compile_commands.json (bsc#1228971)
- kernfs: Convert kernfs_path_from_node_locked() from strlcpy() to strscpy() (bsc#1229134).
- kernfs: fix false-positive WARN(nr_mmapped) in kernfs_drain_open_files (git-fixes).
- kprobes: Fix to check symbol prefixes correctly (git-fixes).
- kprobes: Prohibit probing on CFI preamble symbol (git-fixes).
- kvm: s390: Reject memory region operations for ucontrol VMs (git-fixes bsc#1229168).
- libbpf: Add missing LIBBPF_API annotation to libbpf_set_memlock_rlim API (git-fixes).
- libbpf: Apply map_set_def_max_entries() for inner_maps on creation (git-fixes).
- libbpf: Fix faccessat() usage on Android (git-fixes).
- libbpf: Use OPTS_SET() macro in bpf_xdp_query() (git-fixes).
- md-cluster: fix hanging issue while a new disk adding (bsc#1223395).
- md-cluster: fix hanging issue while a new disk adding (bsc#1223395).
- md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395).
- md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395).
- md-cluster: keeping kabi compatibility for upstream commit 35a0a409fa26 (bsc#1223395).
- md/md-bitmap: fix writing non bitmap pages (git-fixes).
- md/raid1: set max_sectors during early return from choose_slow_rdev() (git-fixes).
- md/raid1: support read error check (git-fixes).
- md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (git-fixes).
- md/raid5: fix spares errors about rcu usage (git-fixes).
- md/raid5: recheck if reshape has finished with device_lock held (git-fixes).
- md: Do not wait for MD_RECOVERY_NEEDED for HOT_REMOVE_DISK ioctl (git-fixes).
- md: add a mddev_add_trace_msg helper (git-fixes).
- md: add check for sleepers in md_wakeup_thread() (git-fixes).
- md: change the return value type of md_write_start to void (git-fixes).
- md: do not account sync_io if iostats of the disk is disabled (git-fixes).
- md: do not delete safemode_timer in mddev_suspend (git-fixes).
- md: factor out a helper exceed_read_errors() to check read_errors (git-fixes).
- md: fix a suspicious RCU usage warning (git-fixes).
- media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (git-fixes).
- media: amphion: Remove lock in s_ctrl callback (stable-fixes).
- media: drivers/media/dvb-core: copy user arrays safely (stable-fixes).
- media: pci: cx23885: check cx23885_vdev_init() return (stable-fixes).
- media: uvcvideo: Add quirk for invalid dev_sof in Logitech C920 (git-fixes).
- media: uvcvideo: Disable autosuspend for Insta360 Link (stable-fixes).
- media: uvcvideo: Fix the bandwdith quirk on USB 3.x (stable-fixes).
- media: uvcvideo: Ignore empty TS packets (stable-fixes).
- media: uvcvideo: Quirk for invalid dev_sof in Logitech C922 (stable-fixes).
- media: xc2028: avoid use-after-free in load_firmware_cb() (stable-fixes).
- memcg: protect concurrent access to mem_cgroup_idr (git-fixes).
- memory: stm32-fmc2-ebi: check regmap_read return value (stable-fixes).
- memory: tegra: Skip SID programming if SID registers are not set (stable-fixes).
- minmax: add a few more MIN_T/MAX_T users (bsc#1229024).
- minmax: avoid overly complicated constant expressions in VM code (bsc#1229024).
- minmax: do not use max() in situations that want a C constant expression (bsc#1229024).
- minmax: fix up min3() and max3() too (bsc#1229024).
- minmax: improve macro expansion and type checking (bsc#1229024).
- minmax: make generic MIN() and MAX() macros available everywhere (bsc#1229024).
- minmax: simplify and clarify min_t()/max_t() implementation (bsc#1229024).
- minmax: simplify min()/max()/clamp() implementation (bsc#1229024).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes).
- mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes).
- mmc: mtk-sd: receive cmd8 data when hs400 tuning fail (git-fixes).
- net/iucv: fix the allocation size of iucv_path_table array (git-fixes bsc#1229451).
- net/iucv: fix use after free in iucv_sock_close() (bsc#1228973).
- net/rds: fix possible cp null dereference (git-fixes).
- net/sched: initialize noop_qdisc owner (git-fixes).
- net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes).
- net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() (git-fixes).
- net: fix sk_memory_allocated_{add|sub} vs softirqs (bsc#1228757).
- net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530).
- net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086).
- net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154).
- net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes).
- net: missing check virtio (git-fixes).
- net: phy: micrel: Fix the KSZ9131 MDI-X status issue (git-fixes).
- net: phy: realtek: add support for RTL8366S Gigabit PHY (git-fixes).
- net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes).
- net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-fixes).
- netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462).
- nfc: pn533: Add poll mod list filling check (git-fixes).
- nfs: do not invalidate dentries on transient errors (git-fixes).
- nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes).
- nfs: make the rpc_stat per net namespace (git-fixes).
- nfs: pass explicit offset/count to trace events (git-fixes).
- nfs: propagate readlink errors in nfs_symlink_filler (git-fixes).
- nouveau/firmware: use dma non-coherent allocator (git-fixes).
- nvme-multipath: find NUMA path only for online numa-node (git-fixes).
- nvme-multipath: implement "queue-depth" iopolicy (bsc#1227706).
- nvme-multipath: prepare for "queue-depth" iopolicy (bsc#1227706).
- nvme-pci: Fix the instructions for disabling power management (git-fixes).
- nvme-pci: add missing condition check for existence of mapped data (git-fixes).
- nvme-pci: do not directly handle subsys reset fallout (bsc#1220066).
- nvme-sysfs: add 'tls_configured_key' sysfs attribute (bsc#1221857).
- nvme-sysfs: add 'tls_keyring' attribute (bsc#1221857).
- nvme-tcp: check for invalidated or revoked key (bsc#1221857).
- nvme-tcp: sanitize TLS key handling (bsc#1221857).
- nvme: add a newline to the 'tls_key' sysfs attribute (bsc#1221857).
- nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes).
- nvme: avoid double free special payload (git-fixes).
- nvme: fix NVME_NS_DEAC may incorrectly identifying the disk as EXT_LBA (git-fixes).
- nvme: fixup comment for nvme RDMA Provider Type (git-fixes).
- nvme: split off TLS sysfs attributes into a separate group (bsc#1221857).
- nvme: tcp: remove unnecessary goto statement (bsc#1221857).
- nvme_core: scan namespaces asynchronously (bsc#1224105).
- nvmet-auth: fix nvmet_auth hash error handling (git-fixes).
- nvmet: always initialize cqe.result (git-fixes).
- nvmet: do not return 'reserved' for empty TSAS values (git-fixes).
- nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-fixes).
- nvmet: make 'tsas' attribute idempotent for RDMA (git-fixes).
- ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
- padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes).
- perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes).
- pinctrl: mediatek: common-v2: Fix broken bias-disable for PULL_PU_PD_RSEL_TYPE (git-fixes).
- pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B pins (git-fixes).
- pinctrl: single: fix potential NULL dereference in pcs_get_function() (git-fixes).
- pinctrl: starfive: jh7110: Correct the level trigger configuration of iev register (git-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/surface: aggregator: Fix warning when controller is destroyed in probe (git-fixes).
- platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779).
- platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779).
- platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779).
- platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779).
- platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779).
- platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779).
- platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779).
- platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779).
- platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779).
- platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779).
- platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779).
- platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779).
- platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779).
- platform/x86/intel/ifs: Initialize union ifs_status to zero (git-fixes).
- platform/x86: lg-laptop: fix %s null argument warning (stable-fixes).
- power: supply: axp288_charger: Fix constant_charge_voltage writes (git-fixes).
- power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes).
- power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (git-fixes).
- powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869).
- powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869).
- powerpc/kexec: make the update_cpus_node() function public (bsc#1194869).
- powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869).
- powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869).
- powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869).
- powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869).
- powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869).
- powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (bsc#1194869).
- powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869).
- powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869).
- printk/panic: Allow cpu backtraces to be written into ringbuffer during panic (bsc#1225607).
- reiserfs: fix uninit-value in comp_keys (git-fixes).
- rtc: nct3018y: fix possible NULL dereference (stable-fixes).
- s390/cpum_cf: Fix endless loop in CF_DIAG event stop (git-fixes bsc#1229171).
- s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229173).
- s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229452).
- s390/pci: Add missing virt_to_phys() for directed DIBV (git-fixes bsc#1229174).
- s390/pci: Allow allocation of more than 1 MSI interrupt (git-fixes bsc#1229172).
- s390/pci: Refactor arch_setup_msi_irqs() (git-fixes bsc#1229172).
- s390/pkey: harmonize pkey s390 debug feature calls (bsc#1228720).
- s390/pkey: introduce dynamic debugging for pkey (bsc#1228720).
- s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229169).
- s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229170).
- samples/bpf: syscall_tp_user: Fix array out-of-bound access (git-fixes).
- samples/bpf: syscall_tp_user: Rename num_progs into nr_tests (git-fixes).
- sbitmap: use READ_ONCE to access map->word (stable-fixes).
- scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857).
- scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857).
- scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857).
- scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857).
- scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857).
- scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857).
- scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857).
- scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857).
- scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850).
- scsi: qla2xxx: Complete command early within lock (bsc#1228850).
- scsi: qla2xxx: Convert comma to semicolon (bsc#1228850).
- scsi: qla2xxx: Drop driver owner assignment (bsc#1228850).
- scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850).
- scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850).
- scsi: qla2xxx: Fix flash read failure (bsc#1228850).
- scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850).
- scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850).
- scsi: qla2xxx: Indent help text (bsc#1228850).
- scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850).
- scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850).
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850).
- scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850).
- scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850).
- scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850).
- scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850).
- selftest/bpf: Add map_in_maps with BPF_MAP_TYPE_PERF_EVENT_ARRAY values (git-fixes).
- selftests/bpf: Add a test to verify previous stacksafe() fix (bsc#1225903).
- selftests/bpf: Add assert for user stacks in test_task_stack (git-fixes).
- selftests/bpf: Add netkit to tc_redirect selftest (git-fixes).
- selftests/bpf: De-veth-ize the tc_redirect test case (git-fixes).
- selftests/bpf: Disable IPv6 for lwt_redirect test (git-fixes).
- selftests/bpf: Fix erroneous bitmask operation (git-fixes).
- selftests/bpf: Fix issues in setup_classid_environment() (git-fixes).
- selftests/bpf: Fix potential premature unload in bpf_testmod (git-fixes).
- selftests/bpf: Fix pyperf180 compilation failure with clang18 (git-fixes).
- selftests/bpf: Fix the flaky tc_redirect_dtime test (git-fixes).
- selftests/bpf: Fix up xdp bonding test wrt feature flags (git-fixes).
- selftests/bpf: Make linked_list failure test more robust (git-fixes).
- selftests/bpf: Relax time_tai test for equal timestamps in tai_forward (git-fixes).
- selftests/bpf: Skip module_fentry_shadow test when bpf_testmod is not available (git-fixes).
- selftests/bpf: Wait for the netstamp_needed_key static key to be turned on (git-fixes).
- selftests/bpf: fix RELEASE=1 build for tc_opts (git-fixes).
- selftests/bpf: fix bpf_loop_bench for new callback verification scheme (git-fixes).
- selftests/bpf: fix compiler warnings in RELEASE=1 mode (git-fixes).
- selftests/bpf: satisfy compiler by having explicit return in btf test (git-fixes).
- serial: core: check uartclk for zero to avoid divide by zero (stable-fixes).
- soc: qcom: cmd-db: Map shared memory as WC, not WB (git-fixes).
- soc: qcom: pmic_glink: Actually communicate when remote goes down (git-fixes).
- soundwire: stream: fix programming slave ports for non-continous port maps (git-fixes).
- spi: Add empty versions of ACPI functions (stable-fixes).
- spi: microchip-core: fix init function not setting the master and motorola modes (git-fixes).
- spi: microchip-core: switch to use modern name (stable-fixes).
- spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes).
- spi: spidev: Add missing spi_device_id for bh2228fv (git-fixes).
- squashfs: squashfs_read_data need to check if the length is 0 (git-fixes).
- ssb: Fix division by zero issue in ssb_calc_clock_rate (stable-fixes).
- staging: iio: resolver: ad2s1210: fix use before initialization (stable-fixes).
- staging: ks7010: disable bh on tx_dev_lock (stable-fixes).
- string.h: Introduce memtostr() and memtostr_pad() (bsc#1228849).
- sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes).
- swiotlb: do not set total_used to 0 in swiotlb_create_debugfs_files() (git-fixes).
- swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes).
- syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes).
- thermal/drivers/broadcom: Fix race between removal and clock disable (git-fixes).
- thermal: bcm2835: Convert to platform remove callback returning void (stable-fixes).
- thunderbolt: Mark XDomain as unplugged when router is removed (stable-fixes).
- tools/perf: Fix perf bench epoll to enable the run when some CPU's are offline (bsc#1227747).
- tools/perf: Fix perf bench futex to enable the run when some CPU's are offline (bsc#1227747).
- tools/perf: Fix timing issue with parallel threads in perf bench wake-up-parallel (bsc#1227747).
- tools/resolve_btfids: Fix comparison of distinct pointer types warning in resolve_btfids (git-fixes).
- tools/resolve_btfids: Fix cross-compilation to non-host endianness (git-fixes).
- tools/resolve_btfids: Refactor set sorting with types from btf_ids.h (git-fixes).
- tools/resolve_btfids: fix build with musl libc (git-fixes).
- trace/pid_list: Change gfp flags in pid_list_fill_irq() (git-fixes).
- tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes).
- tty: atmel_serial: use the correct RTS flag (git-fixes).
- tty: serial: fsl_lpuart: mark last busy before uart_add_one_port (git-fixes).
- usb: cdnsp: fix for Link TRB with TC (git-fixes).
- usb: cdnsp: fix incorrect index in cdnsp_get_hw_deq function (git-fixes).
- usb: core: sysfs: Unmerge @usb3_hardware_lpm_attr_group in remove_power_attributes() (git-fixes).
- usb: dwc3: core: Skip setting event buffers for host only controllers (stable-fixes).
- usb: dwc3: omap: add missing depopulate in probe error path (git-fixes).
- usb: dwc3: st: add missing depopulate in probe error path (git-fixes).
- usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes).
- usb: gadget: core: Check for unset descriptor (git-fixes).
- usb: gadget: fsl: Increase size of name buffer for endpoints (stable-fixes).
- usb: gadget: u_audio: Check return codes from usb_ep_enable and config_ep_by_speed (git-fixes).
- usb: gadget: u_serial: Set start_delayed during suspend (git-fixes).
- usb: gadget: uvc: cleanup request when not in correct state (stable-fixes).
- usb: typec: fsa4480: Add support to swap SBU orientation (git-fixes).
- usb: typec: fsa4480: Check if the chip is really there (git-fixes).
- usb: typec: fsa4480: Relax CHIP_ID check (git-fixes).
- usb: typec: fsa4480: add support for Audio Accessory Mode (git-fixes).
- usb: typec: fsa4480: rework mux & switch setup to handle more states (git-fixes).
- usb: vhci-hcd: Do not drop references before new references are gained (stable-fixes).
- vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes).
- vhost-scsi: Handle vhost_vq_work_queue failures for events (git-fixes).
- vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes).
- vhost/vsock: always initialize seqpacket_allow (git-fixes).
- vhost: Release worker mutex during flushes (git-fixes).
- vhost: Use virtqueue mutex for swapping worker (git-fixes).
- virt: guest_memfd: fix reference leak on hwpoisoned page (git-fixes).
- virtio-crypto: handle config changed by work queue (git-fixes).
- virtio: reenable config if freezing device failed (git-fixes).
- virtio_net: use u64_stats_t infra to avoid data-races (git-fixes).
- virtiofs: forbid newlines in tags (bsc#1229940).
- wifi: ath12k: fix memory leak in ath12k_dp_rx_peer_frag_setup() (stable-fixes).
- wifi: ath12k: fix soft lockup on suspend (git-fixes).
- wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion (git-fixes).
- wifi: cfg80211: fix reporting failed MLO links status with cfg80211_connect_done (git-fixes).
- wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes).
- wifi: mac80211: use monitor sdata with driver only if desired (git-fixes).
- wifi: mwifiex: duplicate static structs used in driver instances (git-fixes).
- wifi: nl80211: disallow setting special AP channel widths (stable-fixes).
- wifi: nl80211: do not give key data to userspace (stable-fixes).
- wifi: rtw88: usb: Fix disconnection after beacon loss (stable-fixes).
- wifi: wfx: repair open network AP mode (git-fixes).
- workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454).
- workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454).
- x86/asm: Use %c/%n instead of %P operand modifier in asm templates (git-fixes).
- x86/entry/64: Remove obsolete comment on tracing vs. SYSRET (git-fixes).
- x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes).
- x86/mm: Fix pti_clone_pgtable() alignment assumption (git-fixes).
- x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes).
- x86/numa: Fix SRAT lookup of CFMWS ranges with numa_fill_memblks() (git-fixes).
- x86/numa: Fix the address overlap check in numa_fill_memblks() (git-fixes).
- x86/numa: Fix the sort compare func used in numa_fill_memblks() (git-fixes).
- x86/numa: Introduce numa_fill_memblks() (git-fixes).
- x86/pci: Skip early E820 check for ECAM region (git-fixes).
- x86/xen: Convert comma to semicolon (git-fixes).
- xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes).
- xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes).
- xfs: allow cross-linking special files without project quota (git-fixes).
- xfs: allow symlinks with short remote targets (bsc#1229160).
- xfs: allow unlinked symlinks and dirs with zero size (git-fixes).
- xfs: attr forks require attr, not attr2 (git-fixes).
- xfs: convert comma to semicolon (git-fixes).
- xfs: do not use current->journal_info (git-fixes).
- xfs: fix unlink vs cluster buffer instantiation race (git-fixes).
- xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs (git-fixes).
- xfs: journal geometry is not properly bounds checked (git-fixes).
- xfs: match lock mode in xfs_buffered_write_iomap_begin() (git-fixes).
- xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovery (git-fixes).
- xfs: upgrade the extent counters in xfs_reflink_end_cow_extent later (git-fixes).
- xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes).
- xfs: use consistent uid/gid when grabbing dquots for inodes (git-fixes).
- xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes).
- xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1193454SUSE bug 1194869SUSE bug 1205462SUSE bug 1208783SUSE bug 1213123SUSE bug 1214285SUSE bug 1215199SUSE bug 1220066SUSE bug 1220252SUSE bug 1220877SUSE bug 1221326SUSE bug 1221630SUSE bug 1221645SUSE bug 1221652SUSE bug 1221857SUSE bug 1222254SUSE bug 1222335SUSE bug 1222350SUSE bug 1222364SUSE bug 1222372SUSE bug 1222387SUSE bug 1222433SUSE bug 1222434SUSE bug 1222625SUSE bug 1222633SUSE bug 1222634SUSE bug 1222808SUSE bug 1222967SUSE bug 1222973SUSE bug 1223053SUSE bug 1223074SUSE bug 1223191SUSE bug 1223395SUSE bug 1223635SUSE bug 1223720SUSE bug 1223731SUSE bug 1223742SUSE bug 1223763SUSE bug 1223767SUSE bug 1223777SUSE bug 1223803SUSE bug 1224105SUSE bug 1224415SUSE bug 1224485SUSE bug 1224496SUSE bug 1224510SUSE bug 1224535SUSE bug 1224631SUSE bug 1224636SUSE bug 1224690SUSE bug 1224694SUSE bug 1224700SUSE bug 1224711SUSE bug 1225475SUSE bug 1225582SUSE bug 1225607SUSE bug 1225718SUSE bug 1225751SUSE bug 1225814SUSE bug 1225832SUSE bug 1225838SUSE bug 1225903SUSE bug 1226031SUSE bug 1226127SUSE bug 1226502SUSE bug 1226530SUSE bug 1226588SUSE bug 1226604SUSE bug 1226743SUSE bug 1226751SUSE bug 1226765SUSE bug 1226798SUSE bug 1226801SUSE bug 1226834SUSE bug 1226874SUSE bug 1226885SUSE bug 1226920SUSE bug 1227149SUSE bug 1227182SUSE bug 1227383SUSE bug 1227437SUSE bug 1227492SUSE bug 1227493SUSE bug 1227494SUSE bug 1227618SUSE bug 1227620SUSE bug 1227623SUSE bug 1227627SUSE bug 1227634SUSE bug 1227706SUSE bug 1227722SUSE bug 1227724SUSE bug 1227725SUSE bug 1227728SUSE bug 1227729SUSE bug 1227732SUSE bug 1227733SUSE bug 1227734SUSE bug 1227747SUSE bug 1227750SUSE bug 1227754SUSE bug 1227758SUSE bug 1227760SUSE bug 1227761SUSE bug 1227764SUSE bug 1227766SUSE bug 1227770SUSE bug 1227771SUSE bug 1227772SUSE bug 1227774SUSE bug 1227781SUSE bug 1227784SUSE bug 1227785SUSE bug 1227787SUSE bug 1227790SUSE bug 1227791SUSE bug 1227792SUSE bug 1227796SUSE bug 1227798SUSE bug 1227799SUSE bug 1227802SUSE bug 1227808SUSE bug 1227810SUSE bug 1227811SUSE bug 1227812SUSE bug 1227815SUSE bug 1227816SUSE bug 1227818SUSE bug 1227820SUSE bug 1227823SUSE bug 1227824SUSE bug 1227826SUSE bug 1227828SUSE bug 1227829SUSE bug 1227830SUSE bug 1227832SUSE bug 1227833SUSE bug 1227834SUSE bug 1227839SUSE bug 1227840SUSE bug 1227846SUSE bug 1227849SUSE bug 1227851SUSE bug 1227853SUSE bug 1227863SUSE bug 1227864SUSE bug 1227865SUSE bug 1227867SUSE bug 1227869SUSE bug 1227870SUSE bug 1227883SUSE bug 1227884SUSE bug 1227891SUSE bug 1227893SUSE bug 1227929SUSE bug 1227950SUSE bug 1227957SUSE bug 1227981SUSE bug 1228020SUSE bug 1228021SUSE bug 1228192SUSE bug 1228235SUSE bug 1228236SUSE bug 1228247SUSE bug 1228321SUSE bug 1228409SUSE bug 1228410SUSE bug 1228426SUSE bug 1228427SUSE bug 1228429SUSE bug 1228446SUSE bug 1228447SUSE bug 1228449SUSE bug 1228450SUSE bug 1228452SUSE bug 1228456SUSE bug 1228457SUSE bug 1228458SUSE bug 1228459SUSE bug 1228460SUSE bug 1228462SUSE bug 1228463SUSE bug 1228466SUSE bug 1228467SUSE bug 1228468SUSE bug 1228469SUSE bug 1228470SUSE bug 1228472SUSE bug 1228479SUSE bug 1228480SUSE bug 1228481SUSE bug 1228482SUSE bug 1228483SUSE bug 1228484SUSE bug 1228485SUSE bug 1228486SUSE bug 1228487SUSE bug 1228489SUSE bug 1228491SUSE bug 1228492SUSE bug 1228493SUSE bug 1228494SUSE bug 1228495SUSE bug 1228496SUSE bug 1228499SUSE bug 1228500SUSE bug 1228501SUSE bug 1228502SUSE bug 1228503SUSE bug 1228505SUSE bug 1228508SUSE bug 1228509SUSE bug 1228510SUSE bug 1228511SUSE bug 1228513SUSE bug 1228515SUSE bug 1228516SUSE bug 1228518SUSE bug 1228520SUSE bug 1228525SUSE bug 1228527SUSE bug 1228530SUSE bug 1228531SUSE bug 1228539SUSE bug 1228561SUSE bug 1228563SUSE bug 1228564SUSE bug 1228565SUSE bug 1228567SUSE bug 1228568SUSE bug 1228572SUSE bug 1228576SUSE bug 1228579SUSE bug 1228580SUSE bug 1228581SUSE bug 1228582SUSE bug 1228584SUSE bug 1228586SUSE bug 1228588SUSE bug 1228590SUSE bug 1228591SUSE bug 1228599SUSE bug 1228615SUSE bug 1228616SUSE bug 1228617SUSE bug 1228625SUSE bug 1228626SUSE bug 1228633SUSE bug 1228635SUSE bug 1228636SUSE bug 1228640SUSE bug 1228643SUSE bug 1228644SUSE bug 1228646SUSE bug 1228649SUSE bug 1228650SUSE bug 1228654SUSE bug 1228655SUSE bug 1228656SUSE bug 1228658SUSE bug 1228660SUSE bug 1228662SUSE bug 1228665SUSE bug 1228666SUSE bug 1228667SUSE bug 1228672SUSE bug 1228673SUSE bug 1228674SUSE bug 1228677SUSE bug 1228680SUSE bug 1228687SUSE bug 1228705SUSE bug 1228706SUSE bug 1228707SUSE bug 1228708SUSE bug 1228709SUSE bug 1228710SUSE bug 1228718SUSE bug 1228720SUSE bug 1228721SUSE bug 1228722SUSE bug 1228723SUSE bug 1228724SUSE bug 1228726SUSE bug 1228727SUSE bug 1228733SUSE bug 1228737SUSE bug 1228743SUSE bug 1228748SUSE bug 1228754SUSE bug 1228756SUSE bug 1228757SUSE bug 1228758SUSE bug 1228764SUSE bug 1228766SUSE bug 1228779SUSE bug 1228801SUSE bug 1228849SUSE bug 1228850SUSE bug 1228857SUSE bug 1228959SUSE bug 1228964SUSE bug 1228966SUSE bug 1228967SUSE bug 1228971SUSE bug 1228973SUSE bug 1228977SUSE bug 1228978SUSE bug 1228979SUSE bug 1228986SUSE bug 1228988SUSE bug 1228989SUSE bug 1228991SUSE bug 1228992SUSE bug 1229005SUSE bug 1229024SUSE bug 1229042SUSE bug 1229045SUSE bug 1229046SUSE bug 1229054SUSE bug 1229056SUSE bug 1229086SUSE bug 1229134SUSE bug 1229136SUSE bug 1229154SUSE bug 1229156SUSE bug 1229160SUSE bug 1229167SUSE bug 1229168SUSE bug 1229169SUSE bug 1229170SUSE bug 1229171SUSE bug 1229172SUSE bug 1229173SUSE bug 1229174SUSE bug 1229239SUSE bug 1229240SUSE bug 1229241SUSE bug 1229243SUSE bug 1229244SUSE bug 1229245SUSE bug 1229246SUSE bug 1229247SUSE bug 1229248SUSE bug 1229249SUSE bug 1229250SUSE bug 1229251SUSE bug 1229252SUSE bug 1229253SUSE bug 1229254SUSE bug 1229255SUSE bug 1229256SUSE bug 1229287SUSE bug 1229290SUSE bug 1229291SUSE bug 1229292SUSE bug 1229294SUSE bug 1229296SUSE bug 1229297SUSE bug 1229298SUSE bug 1229299SUSE bug 1229301SUSE bug 1229303SUSE bug 1229304SUSE bug 1229305SUSE bug 1229307SUSE bug 1229309SUSE bug 1229312SUSE bug 1229313SUSE bug 1229314SUSE bug 1229315SUSE bug 1229316SUSE bug 1229317SUSE bug 1229318SUSE bug 1229319SUSE bug 1229320SUSE bug 1229327SUSE bug 1229341SUSE bug 1229342SUSE bug 1229344SUSE bug 1229345SUSE bug 1229346SUSE bug 1229347SUSE bug 1229349SUSE bug 1229350SUSE bug 1229351SUSE bug 1229353SUSE bug 1229354SUSE bug 1229355SUSE bug 1229356SUSE bug 1229357SUSE bug 1229358SUSE bug 1229359SUSE bug 1229360SUSE bug 1229365SUSE bug 1229366SUSE bug 1229369SUSE bug 1229370SUSE bug 1229373SUSE bug 1229374SUSE bug 1229379SUSE bug 1229381SUSE bug 1229382SUSE bug 1229383SUSE bug 1229386SUSE bug 1229388SUSE bug 1229390SUSE bug 1229391SUSE bug 1229392SUSE bug 1229395SUSE bug 1229398SUSE bug 1229399SUSE bug 1229400SUSE bug 1229402SUSE bug 1229403SUSE bug 1229404SUSE bug 1229407SUSE bug 1229409SUSE bug 1229410SUSE bug 1229411SUSE bug 1229413SUSE bug 1229414SUSE bug 1229417SUSE bug 1229444SUSE bug 1229451SUSE bug 1229452SUSE bug 1229455SUSE bug 1229456SUSE bug 1229480SUSE bug 1229481SUSE bug 1229482SUSE bug 1229484SUSE bug 1229485SUSE bug 1229486SUSE bug 1229487SUSE bug 1229488SUSE bug 1229489SUSE bug 1229490SUSE bug 1229493SUSE bug 1229495SUSE bug 1229496SUSE bug 1229497SUSE bug 1229500SUSE bug 1229503SUSE bug 1229707SUSE bug 1229739SUSE bug 1229743SUSE bug 1229746SUSE bug 1229747SUSE bug 1229752SUSE bug 1229754SUSE bug 1229755SUSE bug 1229756SUSE bug 1229759SUSE bug 1229761SUSE bug 1229767SUSE bug 1229781SUSE bug 1229784SUSE bug 1229785SUSE bug 1229787SUSE bug 1229788SUSE bug 1229789SUSE bug 1229792SUSE bug 1229820SUSE bug 1229827SUSE bug 1229830SUSE bug 1229837SUSE bug 1229940SUSE bug 1230056CVE-2023-52489 at SUSECVE-2023-52489 at NVDCVE-2023-52581 at SUSECVE-2023-52581 at NVDCVE-2023-52668 at SUSECVE-2023-52668 at NVDCVE-2023-52688 at SUSECVE-2023-52688 at NVDCVE-2023-52859 at SUSECVE-2023-52859 at NVDCVE-2023-52885 at SUSECVE-2023-52885 at NVDCVE-2023-52886 at SUSECVE-2023-52886 at NVDCVE-2023-52887 at SUSECVE-2023-52887 at NVDCVE-2023-52889 at SUSECVE-2023-52889 at NVDCVE-2024-26590 at SUSECVE-2024-26590 at NVDCVE-2024-26631 at SUSECVE-2024-26631 at NVDCVE-2024-26637 at SUSECVE-2024-26637 at NVDCVE-2024-26668 at SUSECVE-2024-26668 at NVDCVE-2024-26669 at SUSECVE-2024-26669 at NVDCVE-2024-26677 at SUSECVE-2024-26677 at NVDCVE-2024-26682 at SUSECVE-2024-26682 at NVDCVE-2024-26683 at SUSECVE-2024-26683 at NVDCVE-2024-26735 at SUSECVE-2024-26735 at NVDCVE-2024-26808 at SUSECVE-2024-26808 at NVDCVE-2024-26809 at SUSECVE-2024-26809 at NVDCVE-2024-26812 at SUSECVE-2024-26812 at NVDCVE-2024-26835 at SUSECVE-2024-26835 at NVDCVE-2024-26837 at SUSECVE-2024-26837 at NVDCVE-2024-26849 at SUSECVE-2024-26849 at NVDCVE-2024-26851 at SUSECVE-2024-26851 at NVDCVE-2024-26976 at SUSECVE-2024-26976 at NVDCVE-2024-27010 at SUSECVE-2024-27010 at NVDCVE-2024-27011 at SUSECVE-2024-27011 at NVDCVE-2024-27024 at SUSECVE-2024-27024 at NVDCVE-2024-27049 at SUSECVE-2024-27049 at NVDCVE-2024-27050 at SUSECVE-2024-27050 at NVDCVE-2024-27079 at SUSECVE-2024-27079 at NVDCVE-2024-27403 at SUSECVE-2024-27403 at NVDCVE-2024-27433 at SUSECVE-2024-27433 at NVDCVE-2024-27437 at SUSECVE-2024-27437 at NVDCVE-2024-31076 at SUSECVE-2024-31076 at NVDCVE-2024-35855 at SUSECVE-2024-35855 at NVDCVE-2024-35897 at SUSECVE-2024-35897 at NVDCVE-2024-35902 at SUSECVE-2024-35902 at NVDCVE-2024-35913 at SUSECVE-2024-35913 at NVDCVE-2024-35939 at SUSECVE-2024-35939 at NVDCVE-2024-35949 at SUSECVE-2024-35949 at NVDCVE-2024-36270 at SUSECVE-2024-36270 at NVDCVE-2024-36286 at SUSECVE-2024-36286 at NVDCVE-2024-36288 at SUSECVE-2024-36288 at NVDCVE-2024-36489 at SUSECVE-2024-36489 at NVDCVE-2024-36881 at SUSECVE-2024-36881 at NVDCVE-2024-36907 at SUSECVE-2024-36907 at NVDCVE-2024-36929 at SUSECVE-2024-36929 at NVDCVE-2024-36933 at SUSECVE-2024-36933 at NVDCVE-2024-36939 at SUSECVE-2024-36939 at NVDCVE-2024-36970 at SUSECVE-2024-36970 at NVDCVE-2024-36979 at SUSECVE-2024-36979 at NVDCVE-2024-38563 at SUSECVE-2024-38563 at NVDCVE-2024-38609 at SUSECVE-2024-38609 at NVDCVE-2024-38662 at SUSECVE-2024-38662 at NVDCVE-2024-39476 at SUSECVE-2024-39476 at NVDCVE-2024-39483 at SUSECVE-2024-39483 at NVDCVE-2024-39484 at SUSECVE-2024-39484 at NVDCVE-2024-39486 at SUSECVE-2024-39486 at NVDCVE-2024-39488 at SUSECVE-2024-39488 at NVDCVE-2024-39489 at SUSECVE-2024-39489 at NVDCVE-2024-39491 at SUSECVE-2024-39491 at NVDCVE-2024-39493 at SUSECVE-2024-39493 at NVDCVE-2024-39497 at SUSECVE-2024-39497 at NVDCVE-2024-39499 at SUSECVE-2024-39499 at NVDCVE-2024-39500 at SUSECVE-2024-39500 at NVDCVE-2024-39501 at SUSECVE-2024-39501 at NVDCVE-2024-39505 at SUSECVE-2024-39505 at NVDCVE-2024-39506 at SUSECVE-2024-39506 at NVDCVE-2024-39508 at SUSECVE-2024-39508 at NVDCVE-2024-39509 at SUSECVE-2024-39509 at NVDCVE-2024-39510 at SUSECVE-2024-39510 at NVDCVE-2024-40899 at SUSECVE-2024-40899 at NVDCVE-2024-40900 at SUSECVE-2024-40900 at NVDCVE-2024-40902 at SUSECVE-2024-40902 at NVDCVE-2024-40903 at SUSECVE-2024-40903 at NVDCVE-2024-40904 at SUSECVE-2024-40904 at NVDCVE-2024-40905 at SUSECVE-2024-40905 at NVDCVE-2024-40909 at SUSECVE-2024-40909 at NVDCVE-2024-40910 at SUSECVE-2024-40910 at NVDCVE-2024-40911 at SUSECVE-2024-40911 at NVDCVE-2024-40912 at SUSECVE-2024-40912 at NVDCVE-2024-40913 at SUSECVE-2024-40913 at NVDCVE-2024-40916 at SUSECVE-2024-40916 at NVDCVE-2024-40920 at SUSECVE-2024-40920 at NVDCVE-2024-40921 at SUSECVE-2024-40921 at NVDCVE-2024-40922 at SUSECVE-2024-40922 at NVDCVE-2024-40924 at SUSECVE-2024-40924 at NVDCVE-2024-40926 at SUSECVE-2024-40926 at NVDCVE-2024-40927 at SUSECVE-2024-40927 at NVDCVE-2024-40929 at SUSECVE-2024-40929 at NVDCVE-2024-40930 at SUSECVE-2024-40930 at NVDCVE-2024-40932 at SUSECVE-2024-40932 at NVDCVE-2024-40934 at SUSECVE-2024-40934 at NVDCVE-2024-40936 at SUSECVE-2024-40936 at NVDCVE-2024-40938 at SUSECVE-2024-40938 at NVDCVE-2024-40939 at SUSECVE-2024-40939 at NVDCVE-2024-40941 at SUSECVE-2024-40941 at NVDCVE-2024-40942 at SUSECVE-2024-40942 at NVDCVE-2024-40943 at SUSECVE-2024-40943 at NVDCVE-2024-40944 at SUSECVE-2024-40944 at NVDCVE-2024-40945 at SUSECVE-2024-40945 at NVDCVE-2024-40954 at SUSECVE-2024-40954 at NVDCVE-2024-40956 at SUSECVE-2024-40956 at NVDCVE-2024-40957 at SUSECVE-2024-40957 at NVDCVE-2024-40958 at SUSECVE-2024-40958 at NVDCVE-2024-40959 at SUSECVE-2024-40959 at NVDCVE-2024-40962 at SUSECVE-2024-40962 at NVDCVE-2024-40964 at SUSECVE-2024-40964 at NVDCVE-2024-40967 at SUSECVE-2024-40967 at NVDCVE-2024-40976 at SUSECVE-2024-40976 at NVDCVE-2024-40977 at SUSECVE-2024-40977 at NVDCVE-2024-40978 at SUSECVE-2024-40978 at NVDCVE-2024-40981 at SUSECVE-2024-40981 at NVDCVE-2024-40982 at SUSECVE-2024-40982 at NVDCVE-2024-40984 at SUSECVE-2024-40984 at NVDCVE-2024-40987 at SUSECVE-2024-40987 at NVDCVE-2024-40988 at SUSECVE-2024-40988 at NVDCVE-2024-40989 at SUSECVE-2024-40989 at NVDCVE-2024-40990 at SUSECVE-2024-40990 at NVDCVE-2024-40992 at SUSECVE-2024-40992 at NVDCVE-2024-40994 at SUSECVE-2024-40994 at NVDCVE-2024-40995 at SUSECVE-2024-40995 at NVDCVE-2024-40997 at SUSECVE-2024-40997 at NVDCVE-2024-41000 at SUSECVE-2024-41000 at NVDCVE-2024-41001 at SUSECVE-2024-41001 at NVDCVE-2024-41002 at SUSECVE-2024-41002 at NVDCVE-2024-41004 at SUSECVE-2024-41004 at NVDCVE-2024-41007 at SUSECVE-2024-41007 at NVDCVE-2024-41009 at SUSECVE-2024-41009 at NVDCVE-2024-41010 at SUSECVE-2024-41010 at NVDCVE-2024-41012 at SUSECVE-2024-41012 at NVDCVE-2024-41015 at SUSECVE-2024-41015 at NVDCVE-2024-41016 at SUSECVE-2024-41016 at NVDCVE-2024-41020 at SUSECVE-2024-41020 at NVDCVE-2024-41022 at SUSECVE-2024-41022 at NVDCVE-2024-41024 at SUSECVE-2024-41024 at NVDCVE-2024-41025 at SUSECVE-2024-41025 at NVDCVE-2024-41028 at SUSECVE-2024-41028 at NVDCVE-2024-41032 at SUSECVE-2024-41032 at NVDCVE-2024-41035 at SUSECVE-2024-41035 at NVDCVE-2024-41036 at SUSECVE-2024-41036 at NVDCVE-2024-41037 at SUSECVE-2024-41037 at NVDCVE-2024-41038 at SUSECVE-2024-41038 at NVDCVE-2024-41039 at SUSECVE-2024-41039 at NVDCVE-2024-41040 at SUSECVE-2024-41040 at NVDCVE-2024-41041 at SUSECVE-2024-41041 at NVDCVE-2024-41044 at SUSECVE-2024-41044 at NVDCVE-2024-41045 at SUSECVE-2024-41045 at NVDCVE-2024-41048 at SUSECVE-2024-41048 at NVDCVE-2024-41049 at SUSECVE-2024-41049 at NVDCVE-2024-41050 at SUSECVE-2024-41050 at NVDCVE-2024-41051 at SUSECVE-2024-41051 at NVDCVE-2024-41056 at SUSECVE-2024-41056 at NVDCVE-2024-41057 at SUSECVE-2024-41057 at NVDCVE-2024-41058 at SUSECVE-2024-41058 at NVDCVE-2024-41059 at SUSECVE-2024-41059 at NVDCVE-2024-41060 at SUSECVE-2024-41060 at NVDCVE-2024-41061 at SUSECVE-2024-41061 at NVDCVE-2024-41062 at SUSECVE-2024-41062 at NVDCVE-2024-41063 at SUSECVE-2024-41063 at NVDCVE-2024-41064 at SUSECVE-2024-41064 at NVDCVE-2024-41065 at SUSECVE-2024-41065 at NVDCVE-2024-41066 at SUSECVE-2024-41066 at NVDCVE-2024-41068 at SUSECVE-2024-41068 at NVDCVE-2024-41069 at SUSECVE-2024-41069 at NVDCVE-2024-41070 at SUSECVE-2024-41070 at NVDCVE-2024-41071 at SUSECVE-2024-41071 at NVDCVE-2024-41072 at SUSECVE-2024-41072 at NVDCVE-2024-41073 at SUSECVE-2024-41073 at NVDCVE-2024-41074 at SUSECVE-2024-41074 at NVDCVE-2024-41075 at SUSECVE-2024-41075 at NVDCVE-2024-41076 at SUSECVE-2024-41076 at NVDCVE-2024-41078 at SUSECVE-2024-41078 at NVDCVE-2024-41079 at SUSECVE-2024-41079 at NVDCVE-2024-41080 at SUSECVE-2024-41080 at NVDCVE-2024-41081 at SUSECVE-2024-41081 at NVDCVE-2024-41084 at SUSECVE-2024-41084 at NVDCVE-2024-41087 at SUSECVE-2024-41087 at NVDCVE-2024-41088 at SUSECVE-2024-41088 at NVDCVE-2024-41089 at SUSECVE-2024-41089 at NVDCVE-2024-41092 at SUSECVE-2024-41092 at NVDCVE-2024-41093 at SUSECVE-2024-41093 at NVDCVE-2024-41094 at SUSECVE-2024-41094 at NVDCVE-2024-41095 at SUSECVE-2024-41095 at NVDCVE-2024-41096 at SUSECVE-2024-41096 at NVDCVE-2024-41097 at SUSECVE-2024-41097 at NVDCVE-2024-41098 at SUSECVE-2024-41098 at NVDCVE-2024-42064 at SUSECVE-2024-42064 at NVDCVE-2024-42069 at SUSECVE-2024-42069 at NVDCVE-2024-42070 at SUSECVE-2024-42070 at NVDCVE-2024-42073 at SUSECVE-2024-42073 at NVDCVE-2024-42074 at SUSECVE-2024-42074 at NVDCVE-2024-42076 at SUSECVE-2024-42076 at NVDCVE-2024-42077 at SUSECVE-2024-42077 at NVDCVE-2024-42079 at SUSECVE-2024-42079 at NVDCVE-2024-42080 at SUSECVE-2024-42080 at NVDCVE-2024-42082 at SUSECVE-2024-42082 at NVDCVE-2024-42085 at SUSECVE-2024-42085 at NVDCVE-2024-42086 at SUSECVE-2024-42086 at NVDCVE-2024-42087 at SUSECVE-2024-42087 at NVDCVE-2024-42089 at SUSECVE-2024-42089 at NVDCVE-2024-42090 at SUSECVE-2024-42090 at NVDCVE-2024-42092 at SUSECVE-2024-42092 at NVDCVE-2024-42093 at SUSECVE-2024-42093 at NVDCVE-2024-42095 at SUSECVE-2024-42095 at NVDCVE-2024-42096 at SUSECVE-2024-42096 at NVDCVE-2024-42097 at SUSECVE-2024-42097 at NVDCVE-2024-42098 at SUSECVE-2024-42098 at NVDCVE-2024-42101 at SUSECVE-2024-42101 at NVDCVE-2024-42104 at SUSECVE-2024-42104 at NVDCVE-2024-42105 at SUSECVE-2024-42105 at NVDCVE-2024-42106 at SUSECVE-2024-42106 at NVDCVE-2024-42107 at SUSECVE-2024-42107 at NVDCVE-2024-42109 at SUSECVE-2024-42109 at NVDCVE-2024-42110 at SUSECVE-2024-42110 at NVDCVE-2024-42113 at SUSECVE-2024-42113 at NVDCVE-2024-42114 at SUSECVE-2024-42114 at NVDCVE-2024-42115 at SUSECVE-2024-42115 at NVDCVE-2024-42117 at SUSECVE-2024-42117 at NVDCVE-2024-42119 at SUSECVE-2024-42119 at NVDCVE-2024-42120 at SUSECVE-2024-42120 at NVDCVE-2024-42121 at SUSECVE-2024-42121 at NVDCVE-2024-42122 at SUSECVE-2024-42122 at NVDCVE-2024-42124 at SUSECVE-2024-42124 at NVDCVE-2024-42125 at SUSECVE-2024-42125 at NVDCVE-2024-42126 at SUSECVE-2024-42126 at NVDCVE-2024-42127 at SUSECVE-2024-42127 at NVDCVE-2024-42130 at SUSECVE-2024-42130 at NVDCVE-2024-42131 at SUSECVE-2024-42131 at NVDCVE-2024-42132 at SUSECVE-2024-42132 at NVDCVE-2024-42133 at SUSECVE-2024-42133 at NVDCVE-2024-42136 at SUSECVE-2024-42136 at NVDCVE-2024-42137 at SUSECVE-2024-42137 at NVDCVE-2024-42138 at SUSECVE-2024-42138 at NVDCVE-2024-42139 at SUSECVE-2024-42139 at NVDCVE-2024-42141 at SUSECVE-2024-42141 at NVDCVE-2024-42142 at SUSECVE-2024-42142 at NVDCVE-2024-42143 at SUSECVE-2024-42143 at NVDCVE-2024-42144 at SUSECVE-2024-42144 at NVDCVE-2024-42145 at SUSECVE-2024-42145 at NVDCVE-2024-42147 at SUSECVE-2024-42147 at NVDCVE-2024-42148 at SUSECVE-2024-42148 at NVDCVE-2024-42152 at SUSECVE-2024-42152 at NVDCVE-2024-42153 at SUSECVE-2024-42153 at NVDCVE-2024-42155 at SUSECVE-2024-42155 at NVDCVE-2024-42156 at SUSECVE-2024-42156 at NVDCVE-2024-42157 at SUSECVE-2024-42157 at NVDCVE-2024-42158 at SUSECVE-2024-42158 at NVDCVE-2024-42159 at SUSECVE-2024-42159 at NVDCVE-2024-42161 at SUSECVE-2024-42161 at NVDCVE-2024-42162 at SUSECVE-2024-42162 at NVDCVE-2024-42223 at SUSECVE-2024-42223 at NVDCVE-2024-42224 at SUSECVE-2024-42224 at NVDCVE-2024-42225 at SUSECVE-2024-42225 at NVDCVE-2024-42226 at SUSECVE-2024-42226 at NVDCVE-2024-42227 at SUSECVE-2024-42227 at NVDCVE-2024-42228 at SUSECVE-2024-42228 at NVDCVE-2024-42229 at SUSECVE-2024-42229 at NVDCVE-2024-42230 at SUSECVE-2024-42230 at NVDCVE-2024-42232 at SUSECVE-2024-42232 at NVDCVE-2024-42236 at SUSECVE-2024-42236 at NVDCVE-2024-42237 at SUSECVE-2024-42237 at NVDCVE-2024-42238 at SUSECVE-2024-42238 at NVDCVE-2024-42239 at SUSECVE-2024-42239 at NVDCVE-2024-42240 at SUSECVE-2024-42240 at NVDCVE-2024-42241 at SUSECVE-2024-42241 at NVDCVE-2024-42244 at SUSECVE-2024-42244 at NVDCVE-2024-42245 at SUSECVE-2024-42245 at NVDCVE-2024-42246 at SUSECVE-2024-42246 at NVDCVE-2024-42247 at SUSECVE-2024-42247 at NVDCVE-2024-42250 at SUSECVE-2024-42250 at NVDCVE-2024-42253 at SUSECVE-2024-42253 at NVDCVE-2024-42259 at SUSECVE-2024-42259 at NVDCVE-2024-42268 at SUSECVE-2024-42268 at NVDCVE-2024-42269 at SUSECVE-2024-42269 at NVDCVE-2024-42270 at SUSECVE-2024-42270 at NVDCVE-2024-42271 at SUSECVE-2024-42271 at NVDCVE-2024-42274 at SUSECVE-2024-42274 at NVDCVE-2024-42276 at SUSECVE-2024-42276 at NVDCVE-2024-42277 at SUSECVE-2024-42277 at NVDCVE-2024-42278 at SUSECVE-2024-42278 at NVDCVE-2024-42279 at SUSECVE-2024-42279 at NVDCVE-2024-42280 at SUSECVE-2024-42280 at NVDCVE-2024-42281 at SUSECVE-2024-42281 at NVDCVE-2024-42283 at SUSECVE-2024-42283 at NVDCVE-2024-42284 at SUSECVE-2024-42284 at NVDCVE-2024-42285 at SUSECVE-2024-42285 at NVDCVE-2024-42286 at SUSECVE-2024-42286 at NVDCVE-2024-42287 at SUSECVE-2024-42287 at NVDCVE-2024-42288 at SUSECVE-2024-42288 at NVDCVE-2024-42289 at SUSECVE-2024-42289 at NVDCVE-2024-42290 at SUSECVE-2024-42290 at NVDCVE-2024-42291 at SUSECVE-2024-42291 at NVDCVE-2024-42292 at SUSECVE-2024-42292 at NVDCVE-2024-42295 at SUSECVE-2024-42295 at NVDCVE-2024-42298 at SUSECVE-2024-42298 at NVDCVE-2024-42301 at SUSECVE-2024-42301 at NVDCVE-2024-42302 at SUSECVE-2024-42302 at NVDCVE-2024-42303 at SUSECVE-2024-42303 at NVDCVE-2024-42308 at SUSECVE-2024-42308 at NVDCVE-2024-42309 at SUSECVE-2024-42309 at NVDCVE-2024-42310 at SUSECVE-2024-42310 at NVDCVE-2024-42311 at SUSECVE-2024-42311 at NVDCVE-2024-42312 at SUSECVE-2024-42312 at NVDCVE-2024-42313 at SUSECVE-2024-42313 at NVDCVE-2024-42314 at SUSECVE-2024-42314 at NVDCVE-2024-42315 at SUSECVE-2024-42315 at NVDCVE-2024-42316 at SUSECVE-2024-42316 at NVDCVE-2024-42318 at SUSECVE-2024-42318 at NVDCVE-2024-42319 at SUSECVE-2024-42319 at NVDCVE-2024-42320 at SUSECVE-2024-42320 at NVDCVE-2024-42322 at SUSECVE-2024-42322 at NVDCVE-2024-43816 at SUSECVE-2024-43816 at NVDCVE-2024-43817 at SUSECVE-2024-43817 at NVDCVE-2024-43818 at SUSECVE-2024-43818 at NVDCVE-2024-43819 at SUSECVE-2024-43819 at NVDCVE-2024-43821 at SUSECVE-2024-43821 at NVDCVE-2024-43823 at SUSECVE-2024-43823 at NVDCVE-2024-43824 at SUSECVE-2024-43824 at NVDCVE-2024-43825 at SUSECVE-2024-43825 at NVDCVE-2024-43826 at SUSECVE-2024-43826 at NVDCVE-2024-43829 at SUSECVE-2024-43829 at NVDCVE-2024-43830 at SUSECVE-2024-43830 at NVDCVE-2024-43831 at SUSECVE-2024-43831 at NVDCVE-2024-43833 at SUSECVE-2024-43833 at NVDCVE-2024-43834 at SUSECVE-2024-43834 at NVDCVE-2024-43837 at SUSECVE-2024-43837 at NVDCVE-2024-43839 at SUSECVE-2024-43839 at NVDCVE-2024-43840 at SUSECVE-2024-43840 at NVDCVE-2024-43841 at SUSECVE-2024-43841 at NVDCVE-2024-43842 at SUSECVE-2024-43842 at NVDCVE-2024-43846 at SUSECVE-2024-43846 at NVDCVE-2024-43847 at SUSECVE-2024-43847 at NVDCVE-2024-43849 at SUSECVE-2024-43849 at NVDCVE-2024-43850 at SUSECVE-2024-43850 at NVDCVE-2024-43851 at SUSECVE-2024-43851 at NVDCVE-2024-43853 at SUSECVE-2024-43853 at NVDCVE-2024-43854 at SUSECVE-2024-43854 at NVDCVE-2024-43855 at SUSECVE-2024-43855 at NVDCVE-2024-43856 at SUSECVE-2024-43856 at NVDCVE-2024-43858 at SUSECVE-2024-43858 at NVDCVE-2024-43860 at SUSECVE-2024-43860 at NVDCVE-2024-43861 at SUSECVE-2024-43861 at NVDCVE-2024-43863 at SUSECVE-2024-43863 at NVDCVE-2024-43864 at SUSECVE-2024-43864 at NVDCVE-2024-43866 at SUSECVE-2024-43866 at NVDCVE-2024-43867 at SUSECVE-2024-43867 at NVDCVE-2024-43871 at SUSECVE-2024-43871 at NVDCVE-2024-43872 at SUSECVE-2024-43872 at NVDCVE-2024-43873 at SUSECVE-2024-43873 at NVDCVE-2024-43874 at SUSECVE-2024-43874 at NVDCVE-2024-43875 at SUSECVE-2024-43875 at NVDCVE-2024-43876 at SUSECVE-2024-43876 at NVDCVE-2024-43877 at SUSECVE-2024-43877 at NVDCVE-2024-43879 at SUSECVE-2024-43879 at NVDCVE-2024-43880 at SUSECVE-2024-43880 at NVDCVE-2024-43881 at SUSECVE-2024-43881 at NVDCVE-2024-43882 at SUSECVE-2024-43882 at NVDCVE-2024-43883 at SUSECVE-2024-43883 at NVDCVE-2024-43884 at SUSECVE-2024-43884 at NVDCVE-2024-43885 at SUSECVE-2024-43885 at NVDCVE-2024-43889 at SUSECVE-2024-43889 at NVDCVE-2024-43892 at SUSECVE-2024-43892 at NVDCVE-2024-43893 at SUSECVE-2024-43893 at NVDCVE-2024-43894 at SUSECVE-2024-43894 at NVDCVE-2024-43895 at SUSECVE-2024-43895 at NVDCVE-2024-43897 at SUSECVE-2024-43897 at NVDCVE-2024-43899 at SUSECVE-2024-43899 at NVDCVE-2024-43900 at SUSECVE-2024-43900 at NVDCVE-2024-43902 at SUSECVE-2024-43902 at NVDCVE-2024-43903 at SUSECVE-2024-43903 at NVDCVE-2024-43905 at SUSECVE-2024-43905 at NVDCVE-2024-43906 at SUSECVE-2024-43906 at NVDCVE-2024-43907 at SUSECVE-2024-43907 at NVDCVE-2024-43908 at SUSECVE-2024-43908 at NVDCVE-2024-43909 at SUSECVE-2024-43909 at NVDCVE-2024-43911 at SUSECVE-2024-43911 at NVDCVE-2024-43912 at SUSECVE-2024-43912 at NVDCVE-2024-44931 at SUSECVE-2024-44931 at NVDCVE-2024-44938 at SUSECVE-2024-44938 at NVDCVE-2024-44939 at SUSECVE-2024-44939 at NVDcpe:/o:suse:sl-micro:6.0Security update for zlib (Moderate)SUSE Linux Micro 6.0
This update for zlib fixes the following issues:
- CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392)
- CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378)
ModerateSUSE bug 1216378SUSE bug 1258392CVE-2023-45853 at SUSECVE-2023-45853 at NVDCVE-2026-27171 at SUSECVE-2026-27171 at NVDcpe:/o:suse:sl-micro:6.0Security update for python311 (Important)SUSE Linux Micro 6.0
This update for python311 fixes the following issues:
- CVE-2025-11468: preserving parens when folding comments in email headers. (bsc#1257029)
- CVE-2026-0672: rejects control characters in http cookies. (bsc#1257031)
- CVE-2026-0865: rejecting control characters in wsgiref.headers.Headers, which could be abused for injecting false HTTP headers. (bsc#1257042)
- CVE-2025-15366: basically the same as the previous patch for IMAP protocol. (bsc#1257044)
- CVE-2025-15282: basically the same as the previous patch for urllib library. (bsc#1257046)
- CVE-2025-15367: basically the same as the previous patch for poplib library. (bsc#1257041)
- CVE-2025-12781: fix decoding with non-standard Base64 alphabet (bsc#1257108)
ImportantSUSE bug 1257029SUSE bug 1257031SUSE bug 1257041SUSE bug 1257042SUSE bug 1257044SUSE bug 1257046SUSE bug 1257108CVE-2025-11468 at SUSECVE-2025-11468 at NVDCVE-2025-12781 at SUSECVE-2025-12781 at NVDCVE-2025-15282 at SUSECVE-2025-15282 at NVDCVE-2025-15366 at SUSECVE-2025-15366 at NVDCVE-2025-15367 at SUSECVE-2025-15367 at NVDCVE-2026-0672 at SUSECVE-2026-0672 at NVDCVE-2026-0865 at SUSECVE-2026-0865 at NVDcpe:/o:suse:sl-micro:6.0Security update for util-linux (Moderate)SUSE Linux Micro 6.0
This update for util-linux fixes the following issue:
- CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859).
ModerateSUSE bug 1258859CVE-2026-3184 at SUSECVE-2026-3184 at NVDcpe:/o:suse:sl-micro:6.0Security update for qemu (Moderate)SUSE Linux Micro 6.0
This update for qemu fixes the following issues:
- CVE-2025-14876: Fixed unbounded allocation in virtio-crypto. (bsc#1255400)
- CVE-2026-0665: Fixed PIRQ bounds check in xen_physdev_map_pirq. (bsc#1256484)
ModerateSUSE bug 1255400SUSE bug 1256484CVE-2025-14876 at SUSECVE-2025-14876 at NVDCVE-2026-0665 at SUSECVE-2026-0665 at NVDcpe:/o:suse:sl-micro:6.0Security update for vim (Moderate)SUSE Linux Micro 6.0
This update for vim fixes the following issues:
Update Vim to version 9.2.0045:
- CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip (bsc#1246602).
- CVE-2026-26269: Netbeans specialKeys stack buffer overflow (bsc#1258229).
ModerateSUSE bug 1246602SUSE bug 1258229CVE-2025-53906 at SUSECVE-2025-53906 at NVDCVE-2026-26269 at SUSECVE-2026-26269 at NVDcpe:/o:suse:sl-micro:6.0Security update for curl (Important)SUSE Linux Micro 6.0
This update for curl fixes the following issues:
- CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362).
- CVE-2026-3783: token leak with redirect and netrc (bsc#1259363).
- CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364).
- CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365).
ImportantSUSE bug 1259362SUSE bug 1259363SUSE bug 1259364SUSE bug 1259365CVE-2026-1965 at SUSECVE-2026-1965 at NVDCVE-2026-3783 at SUSECVE-2026-3783 at NVDCVE-2026-3784 at SUSECVE-2026-3784 at NVDCVE-2026-3805 at SUSECVE-2026-3805 at NVDcpe:/o:suse:sl-micro:6.0Security update for virtiofsd (Important)SUSE Linux Micro 6.0
This update for virtiofsd fixes the following issue:
- CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion
(bsc#1257912).
ImportantSUSE bug 1257912CVE-2026-25727 at SUSECVE-2026-25727 at NVDcpe:/o:suse:sl-micro:6.0Security update for busybox (Important)SUSE Linux Micro 6.0
This update for busybox fixes the following issues:
- CVE-2023-42363: use-after-free vulnerability in xasprintf function in xfuncs_printf.c (bsc#1217580).
- CVE-2023-42364: use-after-free in the awk.c evaluate function (bsc#1217584).
- CVE-2023-42365: use-after-free in the awk.c copyvar function (bsc#1217585).
- CVE-2025-46394: files in a TAR archive can have their filenames hidden from a listing if terminal escape sequences are
used when naming other files included in the archive (bsc#1241661).
- CVE-2025-60876: request line incorrectly neutralized mat lead to header injection (bsc#1253245).
- CVE-2026-26157: Arbitrary file overwrite and potential code execution via incomplete path sanitization (bsc#1258163).
- CVE-2026-26158: Arbitrary file modification and privilege escalation via unvalidated tar archive entries
(bsc#1258167).
- CVE-2021-42380: Additional fix for use-after-realloc in awk (bsc#1192869).
ImportantSUSE bug 1192869SUSE bug 1217580SUSE bug 1217584SUSE bug 1217585SUSE bug 1241661SUSE bug 1253245SUSE bug 1258163SUSE bug 1258167CVE-2021-42380 at SUSECVE-2021-42380 at NVDCVE-2023-42363 at SUSECVE-2023-42363 at NVDCVE-2023-42364 at SUSECVE-2023-42364 at NVDCVE-2023-42365 at SUSECVE-2023-42365 at NVDCVE-2025-46394 at SUSECVE-2025-46394 at NVDCVE-2025-60876 at SUSECVE-2025-60876 at NVDCVE-2026-26157 at SUSECVE-2026-26157 at NVDCVE-2026-26158 at SUSECVE-2026-26158 at NVDcpe:/o:suse:sl-micro:6.0Security update for runc (Important)SUSE Linux Micro 6.0
This update for runc fixes the following issues:
Update to runc v1.1.14. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.14>.
- CVE-2024-45310: Fixed that runc can be tricked into creating empty files/directories on host ( bsc#1230092)
Update to runc v1.1.13. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.13>.
- Fixed a performance issue when running lots of containers, caused by systemd getting
too many mount notifications. bsc#1214960
- Fixed -ENOSYS stub on ppc64le. bsc#1192051 bsc#1221050
ImportantSUSE bug 1192051SUSE bug 1214960SUSE bug 1221050SUSE bug 1230092CVE-2024-45310 at SUSECVE-2024-45310 at NVDcpe:/o:suse:sl-micro:6.0Security update for libsoup (Important)SUSE Linux Micro 6.0
This update for libsoup fixes the following issues:
- CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398).
- CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects
(bsc#1257441).
- CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request
smuggling and potential DoS (bsc#1257597).
ImportantSUSE bug 1257398SUSE bug 1257441SUSE bug 1257597CVE-2026-1467 at SUSECVE-2026-1467 at NVDCVE-2026-1539 at SUSECVE-2026-1539 at NVDCVE-2026-1760 at SUSECVE-2026-1760 at NVDcpe:/o:suse:sl-micro:6.0Security update for freetype2 (Moderate)SUSE Linux Micro 6.0
This update for freetype2 fixes the following issue:
Update to freetype2 2.14.2:
- CVE-2026-23865: Integer overflow in the tt_var_load_item_variation_store function (bsc#1259118).
Changelog:
* Several changes related to LCD filtering are implemented to
achieve better performance and encourage sound practices.
* Instead of blanket LCD filtering over the entire bitmap, it
is now applied only to non-zero spans using direct rendering.
This speeds up the ClearType-like rendering by more than 40%
at sizes above 32 ppem.
* Setting the filter weights with FT_Face_Properties is no
longer supported. The default and light filters are optimized
to work with any face.
* The legacy libXft LCD filter algorithm is no longer provided.
* The italic angle in `PS_FontInfo` is now stored as a fixed-point
value in degrees for all Type 1 fonts and their derivatives,
consistent with CFF fonts and common practices. The broken
underline position and thickness values are fixed for CFF fonts.
* The `x` field in the `FT_Span` structure is now unsigned.
* Demo program `ftgrid` got an option `-m` to select a start
character to display.
* Similarly, demo program `ftmulti` got an option `-m` to select a
text string for rendering.
* Option `-d` in the demo program `ttdebug` is now called `-a`,
expecting a comma-separated list of axis values. The user
interface is also slightly improved.
* The `ftinspect` demo program can now be compiled with Qt6, too.
* The auto-hinter got new abilities. It can now better separate
diacritic glyphs from base glyphs at small sizes by
artificially moving diacritics up (or down) if necessary
* Tilde accent glyphs get vertically stretched at small sizes so
that they don't degenerate to horizontal lines.
* Diacritics directly attached to a base glyph (like the ogonek in
character 'ę') no longer distort the shape of the base glyph
* The TrueType instruction interpreter was optimized to
produce a 15% gain in the glyph loading speed.
* Handling of Variation Fonts is now considerably faster
* TrueType and CFF glyph loading speed has been improved by 5-10%
on modern 64-bit platforms as a result of better handling of
fixed-point multiplication.
* The BDF driver now loads fonts 75% faster.
ModerateSUSE bug 1252148SUSE bug 1259118CVE-2026-23865 at SUSECVE-2026-23865 at NVDcpe:/o:suse:sl-micro:6.0Security update for vim (Moderate)SUSE Linux Micro 6.0
This update for vim fixes the following issue:
Update Vim to version 9.2.0110:
- CVE-2026-28417: crafted URL parsed by netrw plugin can lead to execute arbitrary shell commands (bsc#1259051).
ModerateSUSE bug 1259051CVE-2026-28417 at SUSECVE-2026-28417 at NVDcpe:/o:suse:sl-micro:6.0Security update for dpkg (Moderate)SUSE Linux Micro 6.0
This update for dpkg fixes the following issue:
- CVE-2026-2219: dpkg-deb: malformed .deb archives can cause a denial of service (bsc#1259385).
ModerateSUSE bug 1259385CVE-2026-2219 at SUSECVE-2026-2219 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage (bsc#1221326).
- CVE-2023-52581: netfilter: nf_tables: fix memleak when more than 255 elements expired (bsc#1220877).
- CVE-2023-52859: perf: hisi: Fix use-after-free when register pmu fails (bsc#1225582).
- CVE-2023-52889: apparmor: Fix null pointer deref when receiving skb during sock creation (bsc#1229287).
- CVE-2024-26590: erofs: fix inconsistent per-file compression format (bsc#1220252).
- CVE-2024-26631: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
- CVE-2024-26668: netfilter: nft_limit: reject configurations that cause integer overflow (bsc#1222335).
- CVE-2024-26669: kABI fix for net/sched: flower: Fix chain template offload (bsc#1222350).
- CVE-2024-26677: Blacklist e7870cf13d20 (" Fix delayed ACKs to not set the reference serial number") (bsc#1222387)
- CVE-2024-26735: ipv6: sr: fix possible use-after-free and null-ptr-deref (bsc#1222372).
- CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
- CVE-2024-26809: netfilter: nft_set_pipapo: release elements in clone only from destroy path (bsc#1222633).
- CVE-2024-26812: kABI: vfio: struct virqfd kABI workaround (bsc#1222808).
- CVE-2024-26835: netfilter: nf_tables: set dormant flag on hook register failure (bsc#1222967).
- CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973).
- CVE-2024-26851: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (bsc#1223074)
- CVE-2024-27010: net/sched: Fix mirred deadlock on device recursion (bsc#1223720).
- CVE-2024-27011: netfilter: nf_tables: fix memleak in map from abort path (bsc#1223803).
- CVE-2024-27024: net/rds: fix WARNING in rds_conn_connect_if_down (bsc#1223777).
- CVE-2024-27079: iommu/vt-d: Fix NULL domain on device release (bsc#1223742).
- CVE-2024-27403: kabi: restore const specifier in flow_offload_route_init() (bsc#1224415).
- CVE-2024-27433: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() (bsc#1224711).
- CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
- CVE-2024-35897: netfilter: nf_tables: discard table flag update with pending basechain deletion (bsc#1224510).
- CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
- CVE-2024-36286: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
- CVE-2024-36489: tls: fix missing memory barrier in tls_init (bsc#1226874)
- CVE-2024-36881: mm/userfaultfd: Fix reset ptes when close() for wr-protected (bsc#1225718).
- CVE-2024-36929: net: core: reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
- CVE-2024-36933: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
- CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1226604).
- CVE-2024-38662: selftests/bpf: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
- CVE-2024-39489: ipv6: sr: fix memleak in seg6_hmac_init_algo (bsc#1227623)
- CVE-2024-39506: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
- CVE-2024-40905: ipv6: fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
- CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798).
- CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781).
- CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784).
- CVE-2024-40938: landlock: fix d_parent walk (bsc#1227840).
- CVE-2024-40939: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (bsc#1227799).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810).
- CVE-2024-40957: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (bsc#1227811).
- CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812).
- CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
- CVE-2024-40978: scsi: qedi: Fix crash while reading debugfs attribute (bsc#1227929).
- CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
- CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829).
- CVE-2024-40995: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
- CVE-2024-41000: block/ioctl: prefer different overflow check (bsc#1227867).
- CVE-2024-41007: tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
- CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020).
- CVE-2024-41010: bpf: Fix too early release of tcx_entry (bsc#1228021).
- CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
- CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
- CVE-2024-41020: filelock: Fix fcntl/close race recovery compat path (bsc#1228427).
- CVE-2024-41032: mm: vmalloc: check if a hash-index is in cpu_possible_mask (bsc#1228460).
- CVE-2024-41036: net: ks8851: Fix deadlock with the SPI chip variant (bsc#1228496).
- CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518).
- CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520).
- CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
- CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565).
- CVE-2024-41050: cachefiles: cyclic allocation of msg_id to avoid reuse (bsc#1228499).
- CVE-2024-41051: cachefiles: wait for ondemand_object_worker to finish when dropping object (bsc#1228468).
- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462).
- CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459).
- CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release (bsc#1228576).
- CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
- CVE-2024-41066: ibmvnic: add tx check to prevent skb leak (bsc#1228640).
- CVE-2024-41068: s390/sclp: Fix sclp_init() cleanup on failure (bsc#1228579).
- CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
- CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
- CVE-2024-41074: cachefiles: Set object to close if ondemand_id < 0 in copen (bsc#1228643).
- CVE-2024-41075: cachefiles: add consistency check for copen/cread (bsc#1228646).
- CVE-2024-41076: NFSv4: Fix memory leak in nfs4_set_security_label (bsc#1228649).
- CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
- CVE-2024-41080: io_uring: fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
- CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617).
- CVE-2024-41084: cxl/region: Avoid null pointer dereference in region lookup (bsc#1228472).
- CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470).
- CVE-2024-42073: mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems (bsc#1228457).
- CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672).
- CVE-2024-42082: xdp: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
- CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
- CVE-2024-42095: serial: 8250_omap: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
- CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
- CVE-2024-42106: inet_diag: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
- CVE-2024-42107: ice: Do not process extts if PTP is disabled (bsc#1228494).
- CVE-2024-42109: netfilter: nf_tables: unconditionally flush pending work before notifier (bsc#1228505).
- CVE-2024-42110: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
- CVE-2024-42113: net: txgbe: initialize num_q_vectors for MSI/INTx interrupts (bsc#1228568).
- CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591).
- CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705).
- CVE-2024-42138: mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file (bsc#1228500).
- CVE-2024-42139: ice: Fix improper extts handling (bsc#1228503).
- CVE-2024-42142: net/mlx5: E-switch, Create ingress ACL when needed (bsc#1228491).
- CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743).
- CVE-2024-42148: bnx2x: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
- CVE-2024-42155: s390/pkey: Wipe copies of protected- and secure-keys (bsc#1228733).
- CVE-2024-42156: s390/pkey: Wipe copies of clear-key structures on failure (bsc#1228722).
- CVE-2024-42157: s390/pkey: Wipe sensitive data on failure (bsc#1228727).
- CVE-2024-42158: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
- CVE-2024-42159: scsi: mpi3mr: fix sanitise num_phys (bsc#1228754).
- CVE-2024-42161: bpf: avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756).
- CVE-2024-42162: gve: Account for stopped queues when reading NIC stats (bsc#1228706).
- CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723).
- CVE-2024-42241: mm/shmem: disable PMD-sized page cache if needed (bsc#1228986).
- CVE-2024-42245: Revert "sched/fair: Make sure to try to detach at least one movable task" (bsc#1228978).
- CVE-2024-42246: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
- CVE-2024-42247: wireguard: allowedips: avoid unaligned 64-bit memory accesses (bsc#1228988).
- CVE-2024-42268: net/mlx5: Fix missing lock on sync reset reload (bsc#1229391).
- CVE-2024-42269: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init() (bsc#1229402).
- CVE-2024-42270: netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init() (bsc#1229404).
- CVE-2024-42277: iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
- CVE-2024-42281: bpf: Fix a segment issue when downgrading gso_size (bsc#1229386).
- CVE-2024-42283: net: nexthop: Initialize all fields in dumped nexthops (bsc#1229383)
- CVE-2024-42284: tipc: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
- CVE-2024-42290: irqchip/imx-irqsteer: Handle runtime power management correctly (bsc#1229379).
- CVE-2024-42291: ice: Add a per-VF limit on number of FDIR filters (bsc#1229374).
- CVE-2024-42295: nilfs2: handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
- CVE-2024-42301: dev/parport: fix the array out-of-bounds risk (bsc#1229407).
- CVE-2024-42312: sysctl: always initialize i_uid/i_gid (bsc#1229357)
- CVE-2024-42316: mm/mglru: fix div-by-zero in vmpressure_calc_level() (bsc#1229353).
- CVE-2024-42318: landlock: Do not lose track of restrictions on cred_transfer (bsc#1229351).
- CVE-2024-42322: ipvs: properly dereference pe in ip_vs_add_service (bsc#1229347)
- CVE-2024-43821: scsi: lpfc: Fix a possible null pointer dereference (bsc#1229315).
- CVE-2024-43831: media: mediatek: vcodec: Handle invalid decoder vsi (bsc#1229309).
- CVE-2024-43834: xdp: fix invalid wait context of page_pool_destroy() (bsc#1229314)
- CVE-2024-43837: bpf: Fix updating attached freplace prog in prog_array map (bsc#1229297).
- CVE-2024-43839: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
- CVE-2024-43850: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove (bsc#1229316).
- CVE-2024-43854: block: initialize integrity buffer to zero before writing it to media (bsc#1229345)
- CVE-2024-43855: md: fix deadlock between mddev_suspend and flush bio (bsc#1229342).
- CVE-2024-43864: net/mlx5e: Fix CT entry update leaks of modify header context (bsc#1229496).
- CVE-2024-43866: net/mlx5: Always drain health in shutdown callback (bsc#1229495).
- CVE-2024-43880: kabi: lib: objagg: Put back removed metod in struct objagg_ops (bsc#1229481).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2024-43899: drm/amd/display: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
- CVE-2024-43911: wifi: mac80211: fix NULL dereference at band check in starting tx ba session (bsc#1229827).
The following non-security bugs were fixed:
- ACPI/NUMA: Apply SRAT proximity domain to entire CFMWS window (git-fixes).
- ACPI: SBS: manage alarm sysfs attribute through psy core (stable-fixes).
- ACPI: battery: create alarm sysfs attribute atomically (stable-fixes).
- ACPI: processor_idle: use raw_safe_halt() in acpi_idle_play_dead() (git-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/realtek - FIxed ALC285 headphone no sound (stable-fixes).
- ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add quirk for Acer Aspire E5-574G (stable-fixes).
- ALSA: hda/realtek: Add support for new HP G12 laptops (stable-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs on HP Laptop 14-ey0xxx (stable-fixes).
- ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes).
- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book3 Ultra (stable-fixes).
- ALSA: hda/realtek: Implement sound init sequence for Samsung Galaxy Book3 Pro 360 (stable-fixes).
- ALSA: hda/realtek: support HP Pavilion Aero 13-bg0xxx Mute LED (stable-fixes).
- ALSA: hda/tas2781: Use correct endian conversion (git-fixes).
- ALSA: hda/tas2781: fix wrong calibrated data order (git-fixes).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Conditionally use snooping for AMD HDMI (git-fixes).
- ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: seq: Skip event type filtering for UMP events (git-fixes).
- ALSA: seq: ump: Explicitly reset RPN with Null RPN (stable-fixes).
- ALSA: seq: ump: Optimize conversions from SysEx to UMP (git-fixes).
- ALSA: seq: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes).
- ALSA: seq: ump: Use the common RPN/bank conversion context (stable-fixes).
- ALSA: timer: Relax start tick time check for slave timer elements (git-fixes).
- ALSA: ump: Explicitly reset RPN with Null RPN (stable-fixes).
- ALSA: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes).
- ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes).
- ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes).
- ASoC: SOF: Intel: hda-dsp: Make sure that no irq handler is pending before suspend (stable-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: SOF: amd: Fix for acp init sequence (git-fixes).
- ASoC: SOF: ipc4: check return value of snd_sof_ipc_msg_data (stable-fixes).
- ASoC: SOF: mediatek: Add missing board compatible (stable-fixes).
- ASoC: allow module autoloading for table board_ids (stable-fixes).
- ASoC: allow module autoloading for table db1200_pids (stable-fixes).
- ASoC: amd: acp: fix module autoloading (git-fixes).
- ASoC: amd: yc: Add quirk entry for OMEN by HP Gaming Laptop 16-n0xxx (bsc#1227182).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: cs35l45: Checks index of cs35l45_irqs[] (stable-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: mediatek: mt8188: Mark AFE_DAC_CON0 register as volatile (stable-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- Bluetooth: Add device 13d3:3572 IMC Networks Bluetooth Radio (stable-fixes).
- Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes).
- Bluetooth: L2CAP: Fix deadlock (git-fixes).
- Bluetooth: MGMT: Add error handling to pair_device() (git-fixes).
- Bluetooth: SMP: Fix assumption of Central always being Initiator (git-fixes).
- Bluetooth: bnep: Fix out-of-bound access (stable-fixes).
- Bluetooth: btintel: Fail setup on error (git-fixes).
- Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading (stable-fixes).
- Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (stable-fixes).
- Bluetooth: hci_conn: Check non NULL function before calling for HFP offload (stable-fixes).
- Bluetooth: hci_core: Fix LE quote calculation (git-fixes).
- Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes).
- Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes).
- Bluetooth: hci_sync: avoid dup filtering when passive scanning with adv monitor (git-fixes).
- Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git-fixes).
- Drop libata patch that caused a regression (bsc#1229054)
- Fix build errors without patches.kabi (bsc#1226502)
- HID: wacom: Defer calculation of resolution until resolution_code is known (git-fixes).
- Input: MT - limit max slots (stable-fixes).
- Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table (bsc#1229056).
- Input: i8042 - add forcenorestore quirk to leave controller untouched even on s3 (stable-fixes).
- Input: i8042 - use new forcenorestore quirk to replace old buggy quirk combination (stable-fixes).
- KVM: Always flush async #PF workqueue when vCPU is being destroyed (git-fixes).
- KVM: Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY (git-fixes).
- KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869).
- KVM: PPC: Book3S HV: Handle pending exceptions on guest entry with MSR_EE (bsc#1215199).
- KVM: Protect vcpu->pid dereference via debugfs with RCU (git-fixes).
- KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes).
- KVM: Stop processing *all* memslots when "null" mmu_notifier handler is found (git-fixes).
- KVM: VMX: Move posted interrupt descriptor out of VMX code (git-fixes).
- KVM: VMX: Split out the non-virtualization part of vmx_interrupt_blocked() (git-fixes).
- KVM: VMX: Switch __vmx_exit() and kvm_x86_vendor_exit() in vmx_exit() (git-fixes).
- KVM: arm64: AArch32: Fix spurious trapping of conditional instructions (git-fixes).
- KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes).
- KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git-fixes).
- KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes).
- KVM: arm64: Fix __pkvm_init_switch_pgd call ABI (git-fixes).
- KVM: arm64: Fix clobbered ELR in sync abort/SError (git-fixes)
- KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes).
- KVM: arm64: timers: Correctly handle TGE flip with CNTPOFF_EL2 (git-fixes).
- KVM: arm64: timers: Fix resource leaks in kvm_timer_hyp_init() (git-fixes).
- KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes).
- KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes).
- KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes).
- KVM: arm64: vgic-v4: Restore pending state on host userspace write (git-fixes).
- KVM: arm64: vgic: Add a non-locking primitive for kvm_vgic_vcpu_destroy() (git-fixes).
- KVM: arm64: vgic: Force vcpu vgic teardown on vcpu destroy (git-fixes).
- KVM: arm64: vgic: Simplify kvm_vgic_destroy() (git-fixes).
- KVM: fix kvm_mmu_memory_cache allocation warning (git-fixes).
- KVM: nVMX: Add a helper to get highest pending from Posted Interrupt vector (git-fixes).
- KVM: nVMX: Check for pending posted interrupts when looking for nested events (git-fixes).
- KVM: nVMX: Request immediate exit iff pending nested event needs injection (git-fixes).
- KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes).
- KVM: s390: fix validity interception issue when gisa is switched off (git-fixes bsc#1229167).
- KVM: x86/mmu: Bug the VM if KVM tries to split a !hugepage SPTE (git-fixes).
- KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID (git-fixes).
- Move upstreamed powerpc patches into sorted section
- Move upstreamed sound patches into sorted section
- Moved upstreamed ASoC patch into sorted section
- NFSD: Support write delegations in LAYOUTGET (git-fixes).
- NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
- PCI: Add Edimax Vendor ID to pci_ids.h (stable-fixes).
- PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes).
- PCI: loongson: Enable MSI in LS7A Root Complex (stable-fixes).
- RDMA/cache: Release GID table even if leak is detected (git-fixes)
- RDMA/device: Return error earlier if port in not valid (git-fixes)
- RDMA/hns: Check atomic wr length (git-fixes)
- RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes)
- RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes)
- RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes)
- RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes)
- RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes)
- RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes)
- RDMA/hns: Fix unmatch exception handling when init eq table fails (git-fixes)
- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes)
- RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes).
- RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes)
- RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes)
- RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes)
- RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes)
- RDMA: Fix netdev tracker in ib_device_set_netdev (git-fixes)
- README.BRANCH: Add Petr Tesarik as branch maintainer
- Revert "ALSA: firewire-lib: obsolete workqueue for period update" (bsc#1208783).
- Revert "ALSA: firewire-lib: operate for period elapse event in process context" (bsc#1208783).
- Revert "KVM: Prevent module exit until all VMs are freed" (git-fixes).
- Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"" (git-fixes).
- Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" (git-fixes).
- Revert "misc: fastrpc: Restrict untrusted app to attach to privileged PD" (git-fixes).
- Revert "usb: gadget: uvc: cleanup request when not in correct state" (stable-fixes).
- Revert "usb: typec: tcpm: clear pd_event queue in PORT_RESET" (git-fixes).
- SUNRPC: Fix a race to wake a sync task (git-fixes).
- SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes).
- Squashfs: fix variable overflow triggered by sysbot (git-fixes).
- USB: serial: debug: do not echo input by default (stable-fixes).
- Update config files. Disable vdpa drivers for Alibaba ENI and SolidNET (jsc#PED-8954, bsc#1227834)
- Update config files. Disable CONFIG_KFENCE on ppc64le (bsc#1226920)
- Update patch refefernce for MFD patch (jsc#PED-10029)
- Update patch reference for MD patch (jsc#PED-10029 jsc#PED-10045)
- Update patch reference for SPI patch (jsc#PED-10105)
- Update patch reference for iwlwifi fix (jsc#PED-10055)
- Update patch reference of USB patch (jsc#PED-10108)
- Update patch references for ASoC regression fixes (bsc#1229045 bsc#1229046)
- afs: fix __afs_break_callback() / afs_drop_open_mmap() race (git-fixes).
- apparmor: unpack transition table if dfa is not present (bsc#1226031).
- arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
- arm64: Add Neoverse-V2 part (git-fixes)
- arm64: Fix KASAN random tag seed initialization (git-fixes)
- arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
- arm64: barrier: Restore spec_bar() macro (git-fixes)
- arm64: cputype: Add Cortex-A720 definitions (git-fixes)
- arm64: cputype: Add Cortex-A725 definitions (git-fixes)
- arm64: cputype: Add Cortex-X1C definitions (git-fixes)
- arm64: cputype: Add Cortex-X3 definitions (git-fixes)
- arm64: cputype: Add Cortex-X4 definitions (git-fixes)
- arm64: cputype: Add Cortex-X925 definitions (git-fixes)
- arm64: cputype: Add Neoverse-V3 definitions (git-fixes)
- arm64: dts: imx8mp: Add NPU Node (git-fixes)
- arm64: dts: imx8mp: Fix pgc vpu locations (git-fixes)
- arm64: dts: imx8mp: Fix pgc_mlmix location (git-fixes)
- arm64: dts: imx8mp: add HDMI power-domains (git-fixes)
- arm64: errata: Expand speculative SSBS workaround (again) (git-fixes)
- arm64: errata: Expand speculative SSBS workaround (git-fixes)
- arm64: errata: Unify speculative SSBS errata logic (git-fixes). Update config files.
- arm64: jump_label: Ensure patched jump_labels are visible to all CPUs (git-fixes)
- ata: libata-scsi: Do not overwrite valid sense data when CK_COND=1 (stable-fixes).
- ata: libata-scsi: Honor the D_SENSE bit for CK_COND=1 and no error (stable-fixes).
- blacklist.conf: Add libata upstream revert entry (bsc#1229054)
- blacklist.conf: printk/sysctl: breaks kernel without pre-requisite patches (bsc#1229025)
- bnxt_re: Fix imm_data endianness (git-fixes)
- bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG (git-fixes)
- bpf, lpm: Fix check prefixlen before walking trie (git-fixes).
- bpf/tests: Remove duplicate JSGT tests (git-fixes).
- bpf: Add crosstask check to __bpf_get_stack (git-fixes).
- bpf: Detect IP == ksym.end as part of BPF program (git-fixes).
- bpf: Ensure proper register state printing for cond jumps (git-fixes).
- bpf: Fix a few selftest failures due to llvm18 change (git-fixes).
- bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903).
- bpf: Fix check_stack_write_fixed_off() to correctly spill imm (git-fixes).
- bpf: Fix kfunc callback register type handling (git-fixes).
- bpf: Fix prog_array_map_poke_run map poke update (git-fixes).
- bpf: Fix unnecessary -EBUSY from htab_lock_bucket (git-fixes).
- bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly (git-fixes).
- bpf: Remove unnecessary wait from bpf_map_copy_value() (git-fixes).
- bpf: Set uattr->batch.count as zero before batched update or deletion (git-fixes).
- bpf: do not infer PTR_TO_CTX for programs with unnamed context type (git-fixes).
- bpf: enforce precision of R0 on callback return (git-fixes).
- bpf: extract bpf_ctx_convert_map logic and make it more reusable (git-fixes).
- bpf: fix control-flow graph checking in privileged mode (git-fixes).
- bpf: handle bpf_user_pt_regs_t typedef explicitly for PTR_TO_CTX global arg (git-fixes).
- bpf: hardcode BPF_PROG_PACK_SIZE to 2MB * num_possible_nodes() (git-fixes).
- bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes).
- bpf: simplify btf_get_prog_ctx_type() into btf_is_prog_ctx_type() (git-fixes).
- bpftool: Align output skeleton ELF code (git-fixes).
- bpftool: Fix -Wcast-qual warning (git-fixes).
- bpftool: Silence build warning about calloc() (git-fixes).
- bpftool: mark orphaned programs during prog show (git-fixes).
- btrfs: add a btrfs_finish_ordered_extent helper (git-fixes).
- btrfs: add a is_data_bbio helper (git-fixes).
- btrfs: add an ordered_extent pointer to struct btrfs_bio (git-fixes).
- btrfs: copy dir permission and time when creating a stub subvolume (bsc#1228321).
- btrfs: ensure fast fsync waits for ordered extents after a write failure (git-fixes).
- btrfs: factor out a btrfs_queue_ordered_fn helper (git-fixes).
- btrfs: factor out a can_finish_ordered_extent helper (git-fixes).
- btrfs: fix corruption after buffer fault in during direct IO append write (git-fixes).
- btrfs: fix double inode unlock for direct IO sync writes (git-fixes).
- btrfs: fix extent map use-after-free when adding pages to compressed bio (git-fixes).
- btrfs: fix leak of qgroup extent records after transaction abort (git-fixes).
- btrfs: fix ordered extent split error handling in btrfs_dio_submit_io (git-fixes).
- btrfs: limit write bios to a single ordered extent (git-fixes).
- btrfs: make btrfs_finish_ordered_extent() return void (git-fixes).
- btrfs: merge the two calls to btrfs_add_ordered_extent in run_delalloc_nocow (git-fixes).
- btrfs: open code btrfs_bio_end_io in btrfs_dio_submit_io (git-fixes).
- btrfs: open code end_extent_writepage in end_bio_extent_writepage (git-fixes).
- btrfs: pass a btrfs_inode to btrfs_fdatawrite_range() (git-fixes).
- btrfs: pass a btrfs_inode to btrfs_wait_ordered_range() (git-fixes).
- btrfs: pass an ordered_extent to btrfs_reloc_clone_csums (git-fixes).
- btrfs: pass an ordered_extent to btrfs_submit_compressed_write (git-fixes).
- btrfs: remove btrfs_add_ordered_extent (git-fixes).
- btrfs: rename err to ret in btrfs_direct_write() (git-fixes).
- btrfs: uninline some static inline helpers from tree-log.h (git-fixes).
- btrfs: use a btrfs_inode in the log context (struct btrfs_log_ctx) (git-fixes).
- btrfs: use a btrfs_inode local variable at btrfs_sync_file() (git-fixes).
- btrfs: use bbio->ordered in btrfs_csum_one_bio (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete buffered writes (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete compressed writes (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete direct writes (git-fixes).
- btrfs: use irq safe locking when running and adding delayed iputs (git-fixes).
- cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode (bsc#1229245).
- cachefiles: add missing lock protection when polling (bsc#1229256).
- cachefiles: add restore command to recover inflight ondemand read requests (bsc#1229244).
- cachefiles: add spin_lock for cachefiles_ondemand_info (bsc#1229249).
- cachefiles: cancel all requests for the object that is being dropped (bsc#1229255).
- cachefiles: defer exposing anon_fd until after copy_to_user() succeeds (bsc#1229251).
- cachefiles: extract ondemand info field from cachefiles_object (bsc#1229240).
- cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() (bsc#1229247).
- cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() (bsc#1229246).
- cachefiles: introduce object ondemand state (bsc#1229239).
- cachefiles: make on-demand read killable (bsc#1229252).
- cachefiles: narrow the scope of triggering EPOLLIN events in ondemand mode (bsc#1229243).
- cachefiles: never get a new anonymous fd if ondemand_id is valid (bsc#1229250).
- cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229253).
- cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read() (bsc#1229248).
- cachefiles: resend an open request if the read request's object is closed (bsc#1229241).
- cachefiles: stop sending new request when dropping object (bsc#1229254).
- can: mcp251xfd: tef: prepare to workaround broken TEF FIFO tail index erratum (stable-fixes).
- can: mcp251xfd: tef: update workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes).
- ceph: periodically flush the cap releases (bsc#1230056).
- cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801).
- cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
- cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
- cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
- cgroup: Remove unnecessary list_empty() (bsc#1222254).
- cgroup: preserve KABI of cgroup_root (bsc#1222254).
- char: xillybus: Check USB endpoints when probing device (git-fixes).
- char: xillybus: Do not destroy workqueue from work item running on it (stable-fixes).
- char: xillybus: Refine workqueue handling (git-fixes).
- check-for-config-changes: ignore also GCC_ASM_GOTO_OUTPUT_BROKEN Mainline commit f2f6a8e88717 ("init/Kconfig: remove CONFIG_GCC_ASM_GOTO_OUTPUT_WORKAROUND") replaced GCC_ASM_GOTO_OUTPUT_WORKAROUND with GCC_ASM_GOTO_OUTPUT_BROKEN. Ignore both when checking config changes.
- clk: en7523: fix rate divider for slic and spi clocks (git-fixes).
- clk: qcom: Park shared RCGs upon registration (git-fixes).
- clk: qcom: camcc-sc7280: Add parent dependency to all camera GDSCs (git-fixes).
- clk: qcom: gcc-sa8775p: Update the GDSC wait_val fields and flags (git-fixes).
- clk: qcom: gcc-sc7280: Update force mem core bit for UFS ICE clock (git-fixes).
- clk: qcom: gpucc-sa8775p: Park RCG's clk source at XO during disable (git-fixes).
- clk: qcom: gpucc-sa8775p: Remove the CLK_IS_CRITICAL and ALWAYS_ON flags (git-fixes).
- clk: qcom: gpucc-sa8775p: Update wait_val fields for GPU GDSC's (git-fixes).
- clk: qcom: gpucc-sm8350: Park RCG's clk source at XO during disable (git-fixes).
- clk: qcom: kpss-xcc: Return of_clk_add_hw_provider to transfer the error (git-fixes).
- clk: visconti: Add bounds-checking coverage for struct visconti_pll_provider (stable-fixes).
- clocksource/drivers/sh_cmt: Address race condition for clock events (stable-fixes).
- config.sh: generate and install compile_commands.json (bsc#1228971) This file contains the command line options used to compile every C file. It's useful for the livepatching team.
- cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- cxl/region: Move cxl_dpa_to_region() work to the region driver (bsc#1228472)
- dev/parport: fix the array out-of-bounds risk (stable-fixes).
- device property: Add cleanup.h based fwnode_handle_put() scope based cleanup (stable-fixes).
- dmaengine: dw: Add memory bus width verification (git-fixes).
- dmaengine: dw: Add peripheral bus width verification (git-fixes).
- docs: KVM: Fix register ID of SPSR_FIQ (git-fixes).
- driver core: Fix uevent_show() vs driver detach race (git-fixes).
- drm/admgpu: fix dereferencing null pointer context (stable-fixes).
- drm/amd/display: Add delay to improve LTTPR UHBR interop (stable-fixes).
- drm/amd/display: Add null checker before passing variables (stable-fixes).
- drm/amd/display: Adjust cursor position (git-fixes).
- drm/amd/display: Check for NULL pointer (stable-fixes).
- drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable-fixes).
- drm/amd/display: avoid using null object of framebuffer (git-fixes).
- drm/amd/display: fix cursor offset on rotation 180 (git-fixes).
- drm/amd/display: fix s2idle entry for DCN3.5+ (stable-fixes).
- drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable-fixes).
- drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes).
- drm/amdgpu/jpeg4: properly set atomics vmid field (stable-fixes).
- drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes).
- drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes).
- drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes).
- drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell (stable-fixes).
- drm/amdgpu/sdma5.2: limit wptr workaround to sdma 5.2.1 (git-fixes).
- drm/amdgpu: Actually check flags for all context ops (stable-fixes).
- drm/amdgpu: Add lock around VF RLCG interface (stable-fixes).
- drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes).
- drm/amdgpu: Forward soft recovery errors to userspace (stable-fixes).
- drm/amdgpu: Validate TA binary size (stable-fixes).
- drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes).
- drm/amdgpu: fix potential resource leak warning (stable-fixes).
- drm/amdgpu: reset vm state machine after gpu reset(vram lost) (stable-fixes).
- drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes).
- drm/client: fix null pointer dereference in drm_client_modeset_probe (git-fixes).
- drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes).
- drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes).
- drm/i915/dsi: Make Lenovo Yoga Tab 3 X90F DMI match less strict (git-fixes).
- drm/i915/gem: Adjust vma offset for framebuffer mmap offset (stable-fixes).
- drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (git-fixes).
- drm/i915/hdcp: Fix HDCP2_STREAM_STATUS macro (git-fixes).
- drm/i915: Fix possible int overflow in skl_ddi_calculate_wrpll() (git-fixes).
- drm/lima: set gp bus_stop bit before hard reset (stable-fixes).
- drm/mediatek/dp: Fix spurious kfree() (git-fixes).
- drm/msm/dp: fix the max supported bpp logic (git-fixes).
- drm/msm/dp: reset the link phy params before link training (git-fixes).
- drm/msm/dpu: capture snapshot on the first commit_done timeout (stable-fixes).
- drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes).
- drm/msm/dpu: do not play tricks with debug macros (git-fixes).
- drm/msm/dpu: drop MSM_ENC_VBLANK support (stable-fixes).
- drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() (git-fixes).
- drm/msm/dpu: split dpu_encoder_wait_for_event into two functions (stable-fixes).
- drm/msm/dpu: take plane rotation into account for wide planes (git-fixes).
- drm/msm/dpu: try multirect based on mdp clock limits (stable-fixes).
- drm/msm/dpu: use drmm-managed allocation for dpu_encoder_phys (stable-fixes).
- drm/msm/mdss: Rename path references to mdp_path (stable-fixes).
- drm/msm/mdss: switch mdss to use devm_of_icc_get() (stable-fixes).
- drm/msm: Reduce fallout of fence signaling vs reclaim hangs (stable-fixes).
- drm/nouveau: prime: fix refcount underflow (git-fixes).
- drm/panel: nt36523: Set 120Hz fps for xiaomi,elish panels (stable-fixes).
- drm/radeon/evergreen_cs: Clean up errors in evergreen_cs.c (bsc#1229024).
- drm/radeon: Remove __counted_by from StateArray.states[] (git-fixes).
- drm/rockchip: vop2: clear afbc en and transform bit for cluster window at linear mode (stable-fixes).
- drm/virtio: Fix type of dma-fence context variable (git-fixes).
- drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes).
- drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes).
- drm/vmwgfx: Fix prime with external buffers (git-fixes).
- efi/libstub: Zero initialize heap allocated struct screen_info (git-fixes).
- evm: do not copy up 'security.evm' xattr (git-fixes).
- firmware: cirrus: cs_dsp: Initialize debugfs_root to invalid (stable-fixes).
- fs/netfs/fscache_cookie: add missing "n_accesses" check (bsc#1229455).
- fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229456).
- genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git-fixes).
- genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git-fixes).
- genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git-fixes).
- gfs2: setattr_chown: Add missing initialization (git-fixes).
- gpio: mlxbf3: Support shutdown() function (git-fixes).
- gpio: prevent potential speculation leaks in gpio_device_get_desc() (stable-fixes).
- gpio: sysfs: extend the critical section for unregistering sysfs devices (stable-fixes).
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes).
- hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes).
- hwmon: (ltc2992) Avoid division by zero (stable-fixes).
- hwmon: (ltc2992) Fix memory leak in ltc2992_parse_dt() (git-fixes).
- hwmon: (pc87360) Bounds check data->innr usage (stable-fixes).
- i2c: Fix conditional for substituting empty ACPI functions (stable-fixes).
- i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes).
- i2c: qcom-geni: Add missing clk_disable_unprepare in geni_i2c_runtime_resume (git-fixes).
- i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes).
- i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes).
- i2c: riic: avoid potential division by zero (stable-fixes).
- i2c: smbus: Improve handling of stuck alerts (git-fixes).
- i2c: smbus: Send alert notifications to all devices if source not found (git-fixes).
- i2c: stm32f7: Add atomic_xfer method to driver (stable-fixes).
- i3c: mipi-i3c-hci: Do not unmap region not mapped for transfer (stable-fixes).
- i3c: mipi-i3c-hci: Remove BUG() when Ring Abort request times out (stable-fixes).
- i915/perf: Remove code to update PWR_CLK_STATE for gen12 (git-fixes).
- ice: Fix NULL pointer access, if PF does not support SRIOV_LAG (bsc#1228737).
- io_uring/advise: support 64-bit lengths (git-fixes).
- io_uring: Drop per-ctx dummy_ubuf (git-fixes).
- io_uring: Fix probe of disabled operations (git-fixes).
- io_uring: fix io_match_task must_hold (git-fixes).
- io_uring: tighten task exit cancellations (git-fixes).
- iommu/amd: Convert comma to semicolon (git-fixes).
- iommu/vt-d: Fix identity map bounds in si_domain_init() (git-fixes).
- iommufd/device: Fix hwpt at err_unresv in iommufd_device_do_replace() (git-fixes).
- ip6_tunnel: Fix broken GRO (bsc#1229444).
- ipv6: sr: fix incorrect unregister order (git-fixes).
- irqdomain: Fixed unbalanced fwnode get and put (git-fixes).
- jfs: Fix shift-out-of-bounds in dbDiscardAG (git-fixes).
- jfs: define xtree root and page independently (git-fixes).
- jfs: fix null ptr deref in dtInsertEntry (git-fixes).
- jump_label: Clarify condition in static_key_fast_inc_not_disabled() (git-fixes).
- jump_label: Fix concurrency issues in static_key_slow_dec() (git-fixes).
- jump_label: Fix the fix, brown paper bags galore (git-fixes).
- jump_label: Simplify and clarify static_key_fast_inc_cpus_locked() (git-fixes).
- kABI fix of: virtio-crypto: handle config changed by work queue (git-fixes).
- kABI workaround for sound core UMP conversion (stable-fixes).
- kabi fix for KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes).
- kabi fix for SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes).
- kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783)
- kabi/severity: add nvme common code The nvme common code is also allowed to change the data structures, there are only internal users.
- kcov: properly check for softirq context (git-fixes).
- kernel-binary: generate and install compile_commands.json (bsc#1228971)
- kernfs: Convert kernfs_path_from_node_locked() from strlcpy() to strscpy() (bsc#1229134).
- kernfs: fix false-positive WARN(nr_mmapped) in kernfs_drain_open_files (git-fixes).
- kprobes: Fix to check symbol prefixes correctly (git-fixes).
- kprobes: Prohibit probing on CFI preamble symbol (git-fixes).
- kvm: s390: Reject memory region operations for ucontrol VMs (git-fixes bsc#1229168).
- libbpf: Add missing LIBBPF_API annotation to libbpf_set_memlock_rlim API (git-fixes).
- libbpf: Apply map_set_def_max_entries() for inner_maps on creation (git-fixes).
- libbpf: Fix faccessat() usage on Android (git-fixes).
- libbpf: Use OPTS_SET() macro in bpf_xdp_query() (git-fixes).
- md-cluster: fix hanging issue while a new disk adding (bsc#1223395).
- md-cluster: fix hanging issue while a new disk adding (bsc#1223395).
- md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395).
- md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395).
- md-cluster: keeping kabi compatibility for upstream commit 35a0a409fa26 (bsc#1223395).
- md/md-bitmap: fix writing non bitmap pages (git-fixes).
- md/raid1: set max_sectors during early return from choose_slow_rdev() (git-fixes).
- md/raid1: support read error check (git-fixes).
- md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (git-fixes).
- md/raid5: fix spares errors about rcu usage (git-fixes).
- md/raid5: recheck if reshape has finished with device_lock held (git-fixes).
- md: Do not wait for MD_RECOVERY_NEEDED for HOT_REMOVE_DISK ioctl (git-fixes).
- md: add a mddev_add_trace_msg helper (git-fixes).
- md: add check for sleepers in md_wakeup_thread() (git-fixes).
- md: change the return value type of md_write_start to void (git-fixes).
- md: do not account sync_io if iostats of the disk is disabled (git-fixes).
- md: do not delete safemode_timer in mddev_suspend (git-fixes).
- md: factor out a helper exceed_read_errors() to check read_errors (git-fixes).
- md: fix a suspicious RCU usage warning (git-fixes).
- media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (git-fixes).
- media: amphion: Remove lock in s_ctrl callback (stable-fixes).
- media: drivers/media/dvb-core: copy user arrays safely (stable-fixes).
- media: pci: cx23885: check cx23885_vdev_init() return (stable-fixes).
- media: uvcvideo: Add quirk for invalid dev_sof in Logitech C920 (git-fixes).
- media: uvcvideo: Disable autosuspend for Insta360 Link (stable-fixes).
- media: uvcvideo: Fix the bandwdith quirk on USB 3.x (stable-fixes).
- media: uvcvideo: Ignore empty TS packets (stable-fixes).
- media: uvcvideo: Quirk for invalid dev_sof in Logitech C922 (stable-fixes).
- media: xc2028: avoid use-after-free in load_firmware_cb() (stable-fixes).
- memcg: protect concurrent access to mem_cgroup_idr (git-fixes).
- memory: stm32-fmc2-ebi: check regmap_read return value (stable-fixes).
- memory: tegra: Skip SID programming if SID registers are not set (stable-fixes).
- minmax: add a few more MIN_T/MAX_T users (bsc#1229024).
- minmax: avoid overly complicated constant expressions in VM code (bsc#1229024).
- minmax: do not use max() in situations that want a C constant expression (bsc#1229024).
- minmax: fix up min3() and max3() too (bsc#1229024).
- minmax: improve macro expansion and type checking (bsc#1229024).
- minmax: make generic MIN() and MAX() macros available everywhere (bsc#1229024).
- minmax: simplify and clarify min_t()/max_t() implementation (bsc#1229024).
- minmax: simplify min()/max()/clamp() implementation (bsc#1229024).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes).
- mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes).
- mmc: mtk-sd: receive cmd8 data when hs400 tuning fail (git-fixes).
- net/iucv: fix the allocation size of iucv_path_table array (git-fixes bsc#1229451).
- net/iucv: fix use after free in iucv_sock_close() (bsc#1228973).
- net/rds: fix possible cp null dereference (git-fixes).
- net/sched: initialize noop_qdisc owner (git-fixes).
- net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes).
- net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() (git-fixes).
- net: fix sk_memory_allocated_{add|sub} vs softirqs (bsc#1228757).
- net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530).
- net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086).
- net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154).
- net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes).
- net: missing check virtio (git-fixes).
- net: phy: micrel: Fix the KSZ9131 MDI-X status issue (git-fixes).
- net: phy: realtek: add support for RTL8366S Gigabit PHY (git-fixes).
- net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes).
- net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-fixes).
- netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462).
- nfc: pn533: Add poll mod list filling check (git-fixes).
- nfs: do not invalidate dentries on transient errors (git-fixes).
- nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes).
- nfs: make the rpc_stat per net namespace (git-fixes).
- nfs: pass explicit offset/count to trace events (git-fixes).
- nfs: propagate readlink errors in nfs_symlink_filler (git-fixes).
- nouveau/firmware: use dma non-coherent allocator (git-fixes).
- nvme-multipath: find NUMA path only for online numa-node (git-fixes).
- nvme-multipath: implement "queue-depth" iopolicy (bsc#1227706).
- nvme-multipath: prepare for "queue-depth" iopolicy (bsc#1227706).
- nvme-pci: Fix the instructions for disabling power management (git-fixes).
- nvme-pci: add missing condition check for existence of mapped data (git-fixes).
- nvme-pci: do not directly handle subsys reset fallout (bsc#1220066).
- nvme-sysfs: add 'tls_configured_key' sysfs attribute (bsc#1221857).
- nvme-sysfs: add 'tls_keyring' attribute (bsc#1221857).
- nvme-tcp: check for invalidated or revoked key (bsc#1221857).
- nvme-tcp: sanitize TLS key handling (bsc#1221857).
- nvme: add a newline to the 'tls_key' sysfs attribute (bsc#1221857).
- nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes).
- nvme: avoid double free special payload (git-fixes).
- nvme: fix NVME_NS_DEAC may incorrectly identifying the disk as EXT_LBA (git-fixes).
- nvme: fixup comment for nvme RDMA Provider Type (git-fixes).
- nvme: split off TLS sysfs attributes into a separate group (bsc#1221857).
- nvme: tcp: remove unnecessary goto statement (bsc#1221857).
- nvme_core: scan namespaces asynchronously (bsc#1224105).
- nvmet-auth: fix nvmet_auth hash error handling (git-fixes).
- nvmet: always initialize cqe.result (git-fixes).
- nvmet: do not return 'reserved' for empty TSAS values (git-fixes).
- nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-fixes).
- nvmet: make 'tsas' attribute idempotent for RDMA (git-fixes).
- ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
- padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes).
- perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes).
- pinctrl: mediatek: common-v2: Fix broken bias-disable for PULL_PU_PD_RSEL_TYPE (git-fixes).
- pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B pins (git-fixes).
- pinctrl: single: fix potential NULL dereference in pcs_get_function() (git-fixes).
- pinctrl: starfive: jh7110: Correct the level trigger configuration of iev register (git-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/surface: aggregator: Fix warning when controller is destroyed in probe (git-fixes).
- platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779).
- platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779).
- platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779).
- platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779).
- platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779).
- platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779).
- platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779).
- platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779).
- platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779).
- platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779).
- platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779).
- platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779).
- platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779).
- platform/x86/intel/ifs: Initialize union ifs_status to zero (git-fixes).
- platform/x86: lg-laptop: fix %s null argument warning (stable-fixes).
- power: supply: axp288_charger: Fix constant_charge_voltage writes (git-fixes).
- power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes).
- power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (git-fixes).
- powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869).
- powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869).
- powerpc/kexec: make the update_cpus_node() function public (bsc#1194869).
- powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869).
- powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869).
- powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869).
- powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869).
- powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869).
- powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (bsc#1194869).
- powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869).
- powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869).
- printk/panic: Allow cpu backtraces to be written into ringbuffer during panic (bsc#1225607).
- reiserfs: fix uninit-value in comp_keys (git-fixes).
- rtc: nct3018y: fix possible NULL dereference (stable-fixes).
- s390/cpum_cf: Fix endless loop in CF_DIAG event stop (git-fixes bsc#1229171).
- s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229173).
- s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229452).
- s390/pci: Add missing virt_to_phys() for directed DIBV (git-fixes bsc#1229174).
- s390/pci: Allow allocation of more than 1 MSI interrupt (git-fixes bsc#1229172).
- s390/pci: Refactor arch_setup_msi_irqs() (git-fixes bsc#1229172).
- s390/pkey: harmonize pkey s390 debug feature calls (bsc#1228720).
- s390/pkey: introduce dynamic debugging for pkey (bsc#1228720).
- s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229169).
- s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229170).
- samples/bpf: syscall_tp_user: Fix array out-of-bound access (git-fixes).
- samples/bpf: syscall_tp_user: Rename num_progs into nr_tests (git-fixes).
- sbitmap: use READ_ONCE to access map->word (stable-fixes).
- scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857).
- scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857).
- scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857).
- scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857).
- scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857).
- scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857).
- scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857).
- scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857).
- scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850).
- scsi: qla2xxx: Complete command early within lock (bsc#1228850).
- scsi: qla2xxx: Convert comma to semicolon (bsc#1228850).
- scsi: qla2xxx: Drop driver owner assignment (bsc#1228850).
- scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850).
- scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850).
- scsi: qla2xxx: Fix flash read failure (bsc#1228850).
- scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850).
- scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850).
- scsi: qla2xxx: Indent help text (bsc#1228850).
- scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850).
- scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850).
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850).
- scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850).
- scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850).
- scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850).
- scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850).
- selftest/bpf: Add map_in_maps with BPF_MAP_TYPE_PERF_EVENT_ARRAY values (git-fixes).
- selftests/bpf: Add a test to verify previous stacksafe() fix (bsc#1225903).
- selftests/bpf: Add assert for user stacks in test_task_stack (git-fixes).
- selftests/bpf: Add netkit to tc_redirect selftest (git-fixes).
- selftests/bpf: De-veth-ize the tc_redirect test case (git-fixes).
- selftests/bpf: Disable IPv6 for lwt_redirect test (git-fixes).
- selftests/bpf: Fix erroneous bitmask operation (git-fixes).
- selftests/bpf: Fix issues in setup_classid_environment() (git-fixes).
- selftests/bpf: Fix potential premature unload in bpf_testmod (git-fixes).
- selftests/bpf: Fix pyperf180 compilation failure with clang18 (git-fixes).
- selftests/bpf: Fix the flaky tc_redirect_dtime test (git-fixes).
- selftests/bpf: Fix up xdp bonding test wrt feature flags (git-fixes).
- selftests/bpf: Make linked_list failure test more robust (git-fixes).
- selftests/bpf: Relax time_tai test for equal timestamps in tai_forward (git-fixes).
- selftests/bpf: Skip module_fentry_shadow test when bpf_testmod is not available (git-fixes).
- selftests/bpf: Wait for the netstamp_needed_key static key to be turned on (git-fixes).
- selftests/bpf: fix RELEASE=1 build for tc_opts (git-fixes).
- selftests/bpf: fix bpf_loop_bench for new callback verification scheme (git-fixes).
- selftests/bpf: fix compiler warnings in RELEASE=1 mode (git-fixes).
- selftests/bpf: satisfy compiler by having explicit return in btf test (git-fixes).
- serial: core: check uartclk for zero to avoid divide by zero (stable-fixes).
- soc: qcom: cmd-db: Map shared memory as WC, not WB (git-fixes).
- soc: qcom: pmic_glink: Actually communicate when remote goes down (git-fixes).
- soundwire: stream: fix programming slave ports for non-continous port maps (git-fixes).
- spi: Add empty versions of ACPI functions (stable-fixes).
- spi: microchip-core: fix init function not setting the master and motorola modes (git-fixes).
- spi: microchip-core: switch to use modern name (stable-fixes).
- spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes).
- spi: spidev: Add missing spi_device_id for bh2228fv (git-fixes).
- squashfs: squashfs_read_data need to check if the length is 0 (git-fixes).
- ssb: Fix division by zero issue in ssb_calc_clock_rate (stable-fixes).
- staging: iio: resolver: ad2s1210: fix use before initialization (stable-fixes).
- staging: ks7010: disable bh on tx_dev_lock (stable-fixes).
- string.h: Introduce memtostr() and memtostr_pad() (bsc#1228849).
- sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes).
- swiotlb: do not set total_used to 0 in swiotlb_create_debugfs_files() (git-fixes).
- swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes).
- syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes).
- thermal/drivers/broadcom: Fix race between removal and clock disable (git-fixes).
- thermal: bcm2835: Convert to platform remove callback returning void (stable-fixes).
- thunderbolt: Mark XDomain as unplugged when router is removed (stable-fixes).
- tools/perf: Fix perf bench epoll to enable the run when some CPU's are offline (bsc#1227747).
- tools/perf: Fix perf bench futex to enable the run when some CPU's are offline (bsc#1227747).
- tools/perf: Fix timing issue with parallel threads in perf bench wake-up-parallel (bsc#1227747).
- tools/resolve_btfids: Fix comparison of distinct pointer types warning in resolve_btfids (git-fixes).
- tools/resolve_btfids: Fix cross-compilation to non-host endianness (git-fixes).
- tools/resolve_btfids: Refactor set sorting with types from btf_ids.h (git-fixes).
- tools/resolve_btfids: fix build with musl libc (git-fixes).
- trace/pid_list: Change gfp flags in pid_list_fill_irq() (git-fixes).
- tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes).
- tty: atmel_serial: use the correct RTS flag (git-fixes).
- tty: serial: fsl_lpuart: mark last busy before uart_add_one_port (git-fixes).
- usb: cdnsp: fix for Link TRB with TC (git-fixes).
- usb: cdnsp: fix incorrect index in cdnsp_get_hw_deq function (git-fixes).
- usb: core: sysfs: Unmerge @usb3_hardware_lpm_attr_group in remove_power_attributes() (git-fixes).
- usb: dwc3: core: Skip setting event buffers for host only controllers (stable-fixes).
- usb: dwc3: omap: add missing depopulate in probe error path (git-fixes).
- usb: dwc3: st: add missing depopulate in probe error path (git-fixes).
- usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes).
- usb: gadget: core: Check for unset descriptor (git-fixes).
- usb: gadget: fsl: Increase size of name buffer for endpoints (stable-fixes).
- usb: gadget: u_audio: Check return codes from usb_ep_enable and config_ep_by_speed (git-fixes).
- usb: gadget: u_serial: Set start_delayed during suspend (git-fixes).
- usb: gadget: uvc: cleanup request when not in correct state (stable-fixes).
- usb: typec: fsa4480: Add support to swap SBU orientation (git-fixes).
- usb: typec: fsa4480: Check if the chip is really there (git-fixes).
- usb: typec: fsa4480: Relax CHIP_ID check (git-fixes).
- usb: typec: fsa4480: add support for Audio Accessory Mode (git-fixes).
- usb: typec: fsa4480: rework mux & switch setup to handle more states (git-fixes).
- usb: vhci-hcd: Do not drop references before new references are gained (stable-fixes).
- vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes).
- vhost-scsi: Handle vhost_vq_work_queue failures for events (git-fixes).
- vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes).
- vhost/vsock: always initialize seqpacket_allow (git-fixes).
- vhost: Release worker mutex during flushes (git-fixes).
- vhost: Use virtqueue mutex for swapping worker (git-fixes).
- virt: guest_memfd: fix reference leak on hwpoisoned page (git-fixes).
- virtio-crypto: handle config changed by work queue (git-fixes).
- virtio: reenable config if freezing device failed (git-fixes).
- virtio_net: use u64_stats_t infra to avoid data-races (git-fixes).
- virtiofs: forbid newlines in tags (bsc#1229940).
- wifi: ath12k: fix memory leak in ath12k_dp_rx_peer_frag_setup() (stable-fixes).
- wifi: ath12k: fix soft lockup on suspend (git-fixes).
- wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion (git-fixes).
- wifi: cfg80211: fix reporting failed MLO links status with cfg80211_connect_done (git-fixes).
- wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes).
- wifi: mac80211: use monitor sdata with driver only if desired (git-fixes).
- wifi: mwifiex: duplicate static structs used in driver instances (git-fixes).
- wifi: nl80211: disallow setting special AP channel widths (stable-fixes).
- wifi: nl80211: do not give key data to userspace (stable-fixes).
- wifi: rtw88: usb: Fix disconnection after beacon loss (stable-fixes).
- wifi: wfx: repair open network AP mode (git-fixes).
- workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454).
- workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454).
- x86/asm: Use %c/%n instead of %P operand modifier in asm templates (git-fixes).
- x86/entry/64: Remove obsolete comment on tracing vs. SYSRET (git-fixes).
- x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes).
- x86/mm: Fix pti_clone_pgtable() alignment assumption (git-fixes).
- x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes).
- x86/numa: Fix SRAT lookup of CFMWS ranges with numa_fill_memblks() (git-fixes).
- x86/numa: Fix the address overlap check in numa_fill_memblks() (git-fixes).
- x86/numa: Fix the sort compare func used in numa_fill_memblks() (git-fixes).
- x86/numa: Introduce numa_fill_memblks() (git-fixes).
- x86/pci: Skip early E820 check for ECAM region (git-fixes).
- x86/xen: Convert comma to semicolon (git-fixes).
- xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes).
- xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes).
- xfs: allow cross-linking special files without project quota (git-fixes).
- xfs: allow symlinks with short remote targets (bsc#1229160).
- xfs: allow unlinked symlinks and dirs with zero size (git-fixes).
- xfs: attr forks require attr, not attr2 (git-fixes).
- xfs: convert comma to semicolon (git-fixes).
- xfs: do not use current->journal_info (git-fixes).
- xfs: fix unlink vs cluster buffer instantiation race (git-fixes).
- xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs (git-fixes).
- xfs: journal geometry is not properly bounds checked (git-fixes).
- xfs: match lock mode in xfs_buffered_write_iomap_begin() (git-fixes).
- xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovery (git-fixes).
- xfs: upgrade the extent counters in xfs_reflink_end_cow_extent later (git-fixes).
- xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes).
- xfs: use consistent uid/gid when grabbing dquots for inodes (git-fixes).
- xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes).
- xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1193454SUSE bug 1194869SUSE bug 1205462SUSE bug 1208783SUSE bug 1213123SUSE bug 1214285SUSE bug 1215199SUSE bug 1220066SUSE bug 1220252SUSE bug 1220877SUSE bug 1221326SUSE bug 1221630SUSE bug 1221645SUSE bug 1221652SUSE bug 1221857SUSE bug 1222254SUSE bug 1222335SUSE bug 1222350SUSE bug 1222364SUSE bug 1222372SUSE bug 1222387SUSE bug 1222433SUSE bug 1222434SUSE bug 1222625SUSE bug 1222633SUSE bug 1222634SUSE bug 1222808SUSE bug 1222967SUSE bug 1222973SUSE bug 1223053SUSE bug 1223074SUSE bug 1223191SUSE bug 1223395SUSE bug 1223635SUSE bug 1223720SUSE bug 1223731SUSE bug 1223742SUSE bug 1223763SUSE bug 1223767SUSE bug 1223777SUSE bug 1223803SUSE bug 1224105SUSE bug 1224415SUSE bug 1224485SUSE bug 1224496SUSE bug 1224510SUSE bug 1224535SUSE bug 1224631SUSE bug 1224636SUSE bug 1224690SUSE bug 1224694SUSE bug 1224700SUSE bug 1224711SUSE bug 1225475SUSE bug 1225582SUSE bug 1225607SUSE bug 1225718SUSE bug 1225751SUSE bug 1225814SUSE bug 1225832SUSE bug 1225838SUSE bug 1225903SUSE bug 1226031SUSE bug 1226127SUSE bug 1226502SUSE bug 1226530SUSE bug 1226588SUSE bug 1226604SUSE bug 1226743SUSE bug 1226751SUSE bug 1226765SUSE bug 1226798SUSE bug 1226801SUSE bug 1226834SUSE bug 1226874SUSE bug 1226885SUSE bug 1226920SUSE bug 1227149SUSE bug 1227182SUSE bug 1227383SUSE bug 1227437SUSE bug 1227492SUSE bug 1227493SUSE bug 1227494SUSE bug 1227618SUSE bug 1227620SUSE bug 1227623SUSE bug 1227627SUSE bug 1227634SUSE bug 1227706SUSE bug 1227722SUSE bug 1227724SUSE bug 1227725SUSE bug 1227728SUSE bug 1227729SUSE bug 1227732SUSE bug 1227733SUSE bug 1227734SUSE bug 1227747SUSE bug 1227750SUSE bug 1227754SUSE bug 1227758SUSE bug 1227760SUSE bug 1227761SUSE bug 1227764SUSE bug 1227766SUSE bug 1227770SUSE bug 1227771SUSE bug 1227772SUSE bug 1227774SUSE bug 1227781SUSE bug 1227784SUSE bug 1227785SUSE bug 1227787SUSE bug 1227790SUSE bug 1227791SUSE bug 1227792SUSE bug 1227796SUSE bug 1227798SUSE bug 1227799SUSE bug 1227802SUSE bug 1227808SUSE bug 1227810SUSE bug 1227811SUSE bug 1227812SUSE bug 1227815SUSE bug 1227816SUSE bug 1227818SUSE bug 1227820SUSE bug 1227823SUSE bug 1227824SUSE bug 1227826SUSE bug 1227828SUSE bug 1227829SUSE bug 1227830SUSE bug 1227832SUSE bug 1227833SUSE bug 1227834SUSE bug 1227839SUSE bug 1227840SUSE bug 1227846SUSE bug 1227849SUSE bug 1227851SUSE bug 1227853SUSE bug 1227863SUSE bug 1227864SUSE bug 1227865SUSE bug 1227867SUSE bug 1227869SUSE bug 1227870SUSE bug 1227883SUSE bug 1227884SUSE bug 1227891SUSE bug 1227893SUSE bug 1227929SUSE bug 1227950SUSE bug 1227957SUSE bug 1227981SUSE bug 1228020SUSE bug 1228021SUSE bug 1228192SUSE bug 1228235SUSE bug 1228236SUSE bug 1228247SUSE bug 1228321SUSE bug 1228409SUSE bug 1228410SUSE bug 1228426SUSE bug 1228427SUSE bug 1228429SUSE bug 1228446SUSE bug 1228447SUSE bug 1228449SUSE bug 1228450SUSE bug 1228452SUSE bug 1228456SUSE bug 1228457SUSE bug 1228458SUSE bug 1228459SUSE bug 1228460SUSE bug 1228462SUSE bug 1228463SUSE bug 1228466SUSE bug 1228468SUSE bug 1228469SUSE bug 1228470SUSE bug 1228472SUSE bug 1228479SUSE bug 1228480SUSE bug 1228481SUSE bug 1228482SUSE bug 1228483SUSE bug 1228484SUSE bug 1228485SUSE bug 1228486SUSE bug 1228487SUSE bug 1228489SUSE bug 1228491SUSE bug 1228492SUSE bug 1228493SUSE bug 1228494SUSE bug 1228495SUSE bug 1228496SUSE bug 1228499SUSE bug 1228500SUSE bug 1228501SUSE bug 1228502SUSE bug 1228503SUSE bug 1228505SUSE bug 1228508SUSE bug 1228509SUSE bug 1228510SUSE bug 1228511SUSE bug 1228513SUSE bug 1228515SUSE bug 1228516SUSE bug 1228518SUSE bug 1228520SUSE bug 1228525SUSE bug 1228527SUSE bug 1228530SUSE bug 1228531SUSE bug 1228539SUSE bug 1228561SUSE bug 1228563SUSE bug 1228564SUSE bug 1228565SUSE bug 1228567SUSE bug 1228568SUSE bug 1228572SUSE bug 1228576SUSE bug 1228579SUSE bug 1228580SUSE bug 1228581SUSE bug 1228582SUSE bug 1228584SUSE bug 1228586SUSE bug 1228588SUSE bug 1228590SUSE bug 1228591SUSE bug 1228599SUSE bug 1228615SUSE bug 1228616SUSE bug 1228617SUSE bug 1228625SUSE bug 1228626SUSE bug 1228633SUSE bug 1228635SUSE bug 1228636SUSE bug 1228640SUSE bug 1228643SUSE bug 1228644SUSE bug 1228646SUSE bug 1228649SUSE bug 1228650SUSE bug 1228654SUSE bug 1228655SUSE bug 1228656SUSE bug 1228658SUSE bug 1228660SUSE bug 1228662SUSE bug 1228665SUSE bug 1228666SUSE bug 1228667SUSE bug 1228672SUSE bug 1228673SUSE bug 1228674SUSE bug 1228677SUSE bug 1228680SUSE bug 1228687SUSE bug 1228705SUSE bug 1228706SUSE bug 1228707SUSE bug 1228708SUSE bug 1228709SUSE bug 1228710SUSE bug 1228718SUSE bug 1228720SUSE bug 1228721SUSE bug 1228722SUSE bug 1228723SUSE bug 1228724SUSE bug 1228726SUSE bug 1228727SUSE bug 1228733SUSE bug 1228737SUSE bug 1228743SUSE bug 1228748SUSE bug 1228754SUSE bug 1228756SUSE bug 1228757SUSE bug 1228758SUSE bug 1228764SUSE bug 1228766SUSE bug 1228779SUSE bug 1228801SUSE bug 1228849SUSE bug 1228850SUSE bug 1228857SUSE bug 1228959SUSE bug 1228964SUSE bug 1228966SUSE bug 1228967SUSE bug 1228971SUSE bug 1228973SUSE bug 1228977SUSE bug 1228978SUSE bug 1228979SUSE bug 1228986SUSE bug 1228988SUSE bug 1228989SUSE bug 1228991SUSE bug 1228992SUSE bug 1229005SUSE bug 1229024SUSE bug 1229025SUSE bug 1229042SUSE bug 1229045SUSE bug 1229046SUSE bug 1229054SUSE bug 1229056SUSE bug 1229086SUSE bug 1229134SUSE bug 1229136SUSE bug 1229154SUSE bug 1229156SUSE bug 1229160SUSE bug 1229167SUSE bug 1229168SUSE bug 1229169SUSE bug 1229170SUSE bug 1229171SUSE bug 1229172SUSE bug 1229173SUSE bug 1229174SUSE bug 1229239SUSE bug 1229240SUSE bug 1229241SUSE bug 1229243SUSE bug 1229244SUSE bug 1229245SUSE bug 1229246SUSE bug 1229247SUSE bug 1229248SUSE bug 1229249SUSE bug 1229250SUSE bug 1229251SUSE bug 1229252SUSE bug 1229253SUSE bug 1229254SUSE bug 1229255SUSE bug 1229256SUSE bug 1229287SUSE bug 1229290SUSE bug 1229291SUSE bug 1229292SUSE bug 1229294SUSE bug 1229296SUSE bug 1229297SUSE bug 1229298SUSE bug 1229299SUSE bug 1229301SUSE bug 1229303SUSE bug 1229304SUSE bug 1229305SUSE bug 1229307SUSE bug 1229309SUSE bug 1229312SUSE bug 1229313SUSE bug 1229314SUSE bug 1229315SUSE bug 1229316SUSE bug 1229317SUSE bug 1229318SUSE bug 1229319SUSE bug 1229320SUSE bug 1229327SUSE bug 1229341SUSE bug 1229342SUSE bug 1229344SUSE bug 1229345SUSE bug 1229346SUSE bug 1229347SUSE bug 1229349SUSE bug 1229350SUSE bug 1229351SUSE bug 1229353SUSE bug 1229354SUSE bug 1229355SUSE bug 1229356SUSE bug 1229357SUSE bug 1229358SUSE bug 1229359SUSE bug 1229360SUSE bug 1229365SUSE bug 1229366SUSE bug 1229369SUSE bug 1229370SUSE bug 1229373SUSE bug 1229374SUSE bug 1229379SUSE bug 1229381SUSE bug 1229382SUSE bug 1229383SUSE bug 1229386SUSE bug 1229388SUSE bug 1229390SUSE bug 1229391SUSE bug 1229392SUSE bug 1229395SUSE bug 1229398SUSE bug 1229399SUSE bug 1229400SUSE bug 1229402SUSE bug 1229403SUSE bug 1229404SUSE bug 1229407SUSE bug 1229409SUSE bug 1229410SUSE bug 1229411SUSE bug 1229413SUSE bug 1229414SUSE bug 1229417SUSE bug 1229444SUSE bug 1229451SUSE bug 1229452SUSE bug 1229455SUSE bug 1229456SUSE bug 1229480SUSE bug 1229481SUSE bug 1229482SUSE bug 1229484SUSE bug 1229485SUSE bug 1229486SUSE bug 1229487SUSE bug 1229488SUSE bug 1229489SUSE bug 1229490SUSE bug 1229493SUSE bug 1229495SUSE bug 1229496SUSE bug 1229497SUSE bug 1229500SUSE bug 1229503SUSE bug 1229707SUSE bug 1229739SUSE bug 1229743SUSE bug 1229746SUSE bug 1229747SUSE bug 1229752SUSE bug 1229754SUSE bug 1229755SUSE bug 1229756SUSE bug 1229759SUSE bug 1229761SUSE bug 1229767SUSE bug 1229781SUSE bug 1229784SUSE bug 1229785SUSE bug 1229787SUSE bug 1229788SUSE bug 1229789SUSE bug 1229792SUSE bug 1229820SUSE bug 1229827SUSE bug 1229830SUSE bug 1229837SUSE bug 1229940SUSE bug 1230056CVE-2023-52489 at SUSECVE-2023-52489 at NVDCVE-2023-52581 at SUSECVE-2023-52581 at NVDCVE-2023-52668 at SUSECVE-2023-52668 at NVDCVE-2023-52688 at SUSECVE-2023-52688 at NVDCVE-2023-52859 at SUSECVE-2023-52859 at NVDCVE-2023-52885 at SUSECVE-2023-52885 at NVDCVE-2023-52886 at SUSECVE-2023-52886 at NVDCVE-2023-52887 at SUSECVE-2023-52887 at NVDCVE-2023-52889 at SUSECVE-2023-52889 at NVDCVE-2024-26590 at SUSECVE-2024-26590 at NVDCVE-2024-26631 at SUSECVE-2024-26631 at NVDCVE-2024-26637 at SUSECVE-2024-26637 at NVDCVE-2024-26668 at SUSECVE-2024-26668 at NVDCVE-2024-26669 at SUSECVE-2024-26669 at NVDCVE-2024-26677 at SUSECVE-2024-26677 at NVDCVE-2024-26682 at SUSECVE-2024-26682 at NVDCVE-2024-26683 at SUSECVE-2024-26683 at NVDCVE-2024-26735 at SUSECVE-2024-26735 at NVDCVE-2024-26808 at SUSECVE-2024-26808 at NVDCVE-2024-26809 at SUSECVE-2024-26809 at NVDCVE-2024-26812 at SUSECVE-2024-26812 at NVDCVE-2024-26835 at SUSECVE-2024-26835 at NVDCVE-2024-26837 at SUSECVE-2024-26837 at NVDCVE-2024-26849 at SUSECVE-2024-26849 at NVDCVE-2024-26851 at SUSECVE-2024-26851 at NVDCVE-2024-26976 at SUSECVE-2024-26976 at NVDCVE-2024-27010 at SUSECVE-2024-27010 at NVDCVE-2024-27011 at SUSECVE-2024-27011 at NVDCVE-2024-27024 at SUSECVE-2024-27024 at NVDCVE-2024-27049 at SUSECVE-2024-27049 at NVDCVE-2024-27050 at SUSECVE-2024-27050 at NVDCVE-2024-27079 at SUSECVE-2024-27079 at NVDCVE-2024-27403 at SUSECVE-2024-27403 at NVDCVE-2024-27433 at SUSECVE-2024-27433 at NVDCVE-2024-27437 at SUSECVE-2024-27437 at NVDCVE-2024-31076 at SUSECVE-2024-31076 at NVDCVE-2024-35855 at SUSECVE-2024-35855 at NVDCVE-2024-35897 at SUSECVE-2024-35897 at NVDCVE-2024-35902 at SUSECVE-2024-35902 at NVDCVE-2024-35913 at SUSECVE-2024-35913 at NVDCVE-2024-35939 at SUSECVE-2024-35939 at NVDCVE-2024-35949 at SUSECVE-2024-35949 at NVDCVE-2024-36270 at SUSECVE-2024-36270 at NVDCVE-2024-36286 at SUSECVE-2024-36286 at NVDCVE-2024-36288 at SUSECVE-2024-36288 at NVDCVE-2024-36489 at SUSECVE-2024-36489 at NVDCVE-2024-36881 at SUSECVE-2024-36881 at NVDCVE-2024-36907 at SUSECVE-2024-36907 at NVDCVE-2024-36929 at SUSECVE-2024-36929 at NVDCVE-2024-36933 at SUSECVE-2024-36933 at NVDCVE-2024-36939 at SUSECVE-2024-36939 at NVDCVE-2024-36970 at SUSECVE-2024-36970 at NVDCVE-2024-36979 at SUSECVE-2024-36979 at NVDCVE-2024-38563 at SUSECVE-2024-38563 at NVDCVE-2024-38609 at SUSECVE-2024-38609 at NVDCVE-2024-38662 at SUSECVE-2024-38662 at NVDCVE-2024-39476 at SUSECVE-2024-39476 at NVDCVE-2024-39483 at SUSECVE-2024-39483 at NVDCVE-2024-39484 at SUSECVE-2024-39484 at NVDCVE-2024-39486 at SUSECVE-2024-39486 at NVDCVE-2024-39488 at SUSECVE-2024-39488 at NVDCVE-2024-39489 at SUSECVE-2024-39489 at NVDCVE-2024-39491 at SUSECVE-2024-39491 at NVDCVE-2024-39493 at SUSECVE-2024-39493 at NVDCVE-2024-39497 at SUSECVE-2024-39497 at NVDCVE-2024-39499 at SUSECVE-2024-39499 at NVDCVE-2024-39500 at SUSECVE-2024-39500 at NVDCVE-2024-39501 at SUSECVE-2024-39501 at NVDCVE-2024-39505 at SUSECVE-2024-39505 at NVDCVE-2024-39506 at SUSECVE-2024-39506 at NVDCVE-2024-39508 at SUSECVE-2024-39508 at NVDCVE-2024-39509 at SUSECVE-2024-39509 at NVDCVE-2024-39510 at SUSECVE-2024-39510 at NVDCVE-2024-40899 at SUSECVE-2024-40899 at NVDCVE-2024-40900 at SUSECVE-2024-40900 at NVDCVE-2024-40902 at SUSECVE-2024-40902 at NVDCVE-2024-40903 at SUSECVE-2024-40903 at NVDCVE-2024-40904 at SUSECVE-2024-40904 at NVDCVE-2024-40905 at SUSECVE-2024-40905 at NVDCVE-2024-40909 at SUSECVE-2024-40909 at NVDCVE-2024-40910 at SUSECVE-2024-40910 at NVDCVE-2024-40911 at SUSECVE-2024-40911 at NVDCVE-2024-40912 at SUSECVE-2024-40912 at NVDCVE-2024-40913 at SUSECVE-2024-40913 at NVDCVE-2024-40916 at SUSECVE-2024-40916 at NVDCVE-2024-40920 at SUSECVE-2024-40920 at NVDCVE-2024-40921 at SUSECVE-2024-40921 at NVDCVE-2024-40922 at SUSECVE-2024-40922 at NVDCVE-2024-40924 at SUSECVE-2024-40924 at NVDCVE-2024-40926 at SUSECVE-2024-40926 at NVDCVE-2024-40927 at SUSECVE-2024-40927 at NVDCVE-2024-40929 at SUSECVE-2024-40929 at NVDCVE-2024-40930 at SUSECVE-2024-40930 at NVDCVE-2024-40932 at SUSECVE-2024-40932 at NVDCVE-2024-40934 at SUSECVE-2024-40934 at NVDCVE-2024-40936 at SUSECVE-2024-40936 at NVDCVE-2024-40938 at SUSECVE-2024-40938 at NVDCVE-2024-40939 at SUSECVE-2024-40939 at NVDCVE-2024-40941 at SUSECVE-2024-40941 at NVDCVE-2024-40942 at SUSECVE-2024-40942 at NVDCVE-2024-40943 at SUSECVE-2024-40943 at NVDCVE-2024-40944 at SUSECVE-2024-40944 at NVDCVE-2024-40945 at SUSECVE-2024-40945 at NVDCVE-2024-40954 at SUSECVE-2024-40954 at NVDCVE-2024-40956 at SUSECVE-2024-40956 at NVDCVE-2024-40957 at SUSECVE-2024-40957 at NVDCVE-2024-40958 at SUSECVE-2024-40958 at NVDCVE-2024-40959 at SUSECVE-2024-40959 at NVDCVE-2024-40962 at SUSECVE-2024-40962 at NVDCVE-2024-40964 at SUSECVE-2024-40964 at NVDCVE-2024-40967 at SUSECVE-2024-40967 at NVDCVE-2024-40976 at SUSECVE-2024-40976 at NVDCVE-2024-40977 at SUSECVE-2024-40977 at NVDCVE-2024-40978 at SUSECVE-2024-40978 at NVDCVE-2024-40981 at SUSECVE-2024-40981 at NVDCVE-2024-40982 at SUSECVE-2024-40982 at NVDCVE-2024-40984 at SUSECVE-2024-40984 at NVDCVE-2024-40987 at SUSECVE-2024-40987 at NVDCVE-2024-40988 at SUSECVE-2024-40988 at NVDCVE-2024-40989 at SUSECVE-2024-40989 at NVDCVE-2024-40990 at SUSECVE-2024-40990 at NVDCVE-2024-40992 at SUSECVE-2024-40992 at NVDCVE-2024-40994 at SUSECVE-2024-40994 at NVDCVE-2024-40995 at SUSECVE-2024-40995 at NVDCVE-2024-40997 at SUSECVE-2024-40997 at NVDCVE-2024-41000 at SUSECVE-2024-41000 at NVDCVE-2024-41001 at SUSECVE-2024-41001 at NVDCVE-2024-41002 at SUSECVE-2024-41002 at NVDCVE-2024-41004 at SUSECVE-2024-41004 at NVDCVE-2024-41007 at SUSECVE-2024-41007 at NVDCVE-2024-41009 at SUSECVE-2024-41009 at NVDCVE-2024-41010 at SUSECVE-2024-41010 at NVDCVE-2024-41012 at SUSECVE-2024-41012 at NVDCVE-2024-41015 at SUSECVE-2024-41015 at NVDCVE-2024-41016 at SUSECVE-2024-41016 at NVDCVE-2024-41020 at SUSECVE-2024-41020 at NVDCVE-2024-41022 at SUSECVE-2024-41022 at NVDCVE-2024-41024 at SUSECVE-2024-41024 at NVDCVE-2024-41025 at SUSECVE-2024-41025 at NVDCVE-2024-41028 at SUSECVE-2024-41028 at NVDCVE-2024-41032 at SUSECVE-2024-41032 at NVDCVE-2024-41035 at SUSECVE-2024-41035 at NVDCVE-2024-41036 at SUSECVE-2024-41036 at NVDCVE-2024-41037 at SUSECVE-2024-41037 at NVDCVE-2024-41038 at SUSECVE-2024-41038 at NVDCVE-2024-41039 at SUSECVE-2024-41039 at NVDCVE-2024-41040 at SUSECVE-2024-41040 at NVDCVE-2024-41041 at SUSECVE-2024-41041 at NVDCVE-2024-41044 at SUSECVE-2024-41044 at NVDCVE-2024-41045 at SUSECVE-2024-41045 at NVDCVE-2024-41048 at SUSECVE-2024-41048 at NVDCVE-2024-41049 at SUSECVE-2024-41049 at NVDCVE-2024-41050 at SUSECVE-2024-41050 at NVDCVE-2024-41051 at SUSECVE-2024-41051 at NVDCVE-2024-41056 at SUSECVE-2024-41056 at NVDCVE-2024-41057 at SUSECVE-2024-41057 at NVDCVE-2024-41058 at SUSECVE-2024-41058 at NVDCVE-2024-41059 at SUSECVE-2024-41059 at NVDCVE-2024-41060 at SUSECVE-2024-41060 at NVDCVE-2024-41061 at SUSECVE-2024-41061 at NVDCVE-2024-41062 at SUSECVE-2024-41062 at NVDCVE-2024-41063 at SUSECVE-2024-41063 at NVDCVE-2024-41064 at SUSECVE-2024-41064 at NVDCVE-2024-41065 at SUSECVE-2024-41065 at NVDCVE-2024-41066 at SUSECVE-2024-41066 at NVDCVE-2024-41068 at SUSECVE-2024-41068 at NVDCVE-2024-41069 at SUSECVE-2024-41069 at NVDCVE-2024-41070 at SUSECVE-2024-41070 at NVDCVE-2024-41071 at SUSECVE-2024-41071 at NVDCVE-2024-41072 at SUSECVE-2024-41072 at NVDCVE-2024-41073 at SUSECVE-2024-41073 at NVDCVE-2024-41074 at SUSECVE-2024-41074 at NVDCVE-2024-41075 at SUSECVE-2024-41075 at NVDCVE-2024-41076 at SUSECVE-2024-41076 at NVDCVE-2024-41078 at SUSECVE-2024-41078 at NVDCVE-2024-41079 at SUSECVE-2024-41079 at NVDCVE-2024-41080 at SUSECVE-2024-41080 at NVDCVE-2024-41081 at SUSECVE-2024-41081 at NVDCVE-2024-41084 at SUSECVE-2024-41084 at NVDCVE-2024-41087 at SUSECVE-2024-41087 at NVDCVE-2024-41088 at SUSECVE-2024-41088 at NVDCVE-2024-41089 at SUSECVE-2024-41089 at NVDCVE-2024-41092 at SUSECVE-2024-41092 at NVDCVE-2024-41093 at SUSECVE-2024-41093 at NVDCVE-2024-41094 at SUSECVE-2024-41094 at NVDCVE-2024-41095 at SUSECVE-2024-41095 at NVDCVE-2024-41096 at SUSECVE-2024-41096 at NVDCVE-2024-41097 at SUSECVE-2024-41097 at NVDCVE-2024-41098 at SUSECVE-2024-41098 at NVDCVE-2024-42064 at SUSECVE-2024-42064 at NVDCVE-2024-42069 at SUSECVE-2024-42069 at NVDCVE-2024-42070 at SUSECVE-2024-42070 at NVDCVE-2024-42073 at SUSECVE-2024-42073 at NVDCVE-2024-42074 at SUSECVE-2024-42074 at NVDCVE-2024-42076 at SUSECVE-2024-42076 at NVDCVE-2024-42077 at SUSECVE-2024-42077 at NVDCVE-2024-42079 at SUSECVE-2024-42079 at NVDCVE-2024-42080 at SUSECVE-2024-42080 at NVDCVE-2024-42082 at SUSECVE-2024-42082 at NVDCVE-2024-42085 at SUSECVE-2024-42085 at NVDCVE-2024-42086 at SUSECVE-2024-42086 at NVDCVE-2024-42087 at SUSECVE-2024-42087 at NVDCVE-2024-42089 at SUSECVE-2024-42089 at NVDCVE-2024-42090 at SUSECVE-2024-42090 at NVDCVE-2024-42092 at SUSECVE-2024-42092 at NVDCVE-2024-42093 at SUSECVE-2024-42093 at NVDCVE-2024-42095 at SUSECVE-2024-42095 at NVDCVE-2024-42096 at SUSECVE-2024-42096 at NVDCVE-2024-42097 at SUSECVE-2024-42097 at NVDCVE-2024-42098 at SUSECVE-2024-42098 at NVDCVE-2024-42101 at SUSECVE-2024-42101 at NVDCVE-2024-42104 at SUSECVE-2024-42104 at NVDCVE-2024-42105 at SUSECVE-2024-42105 at NVDCVE-2024-42106 at SUSECVE-2024-42106 at NVDCVE-2024-42107 at SUSECVE-2024-42107 at NVDCVE-2024-42109 at SUSECVE-2024-42109 at NVDCVE-2024-42110 at SUSECVE-2024-42110 at NVDCVE-2024-42113 at SUSECVE-2024-42113 at NVDCVE-2024-42114 at SUSECVE-2024-42114 at NVDCVE-2024-42115 at SUSECVE-2024-42115 at NVDCVE-2024-42117 at SUSECVE-2024-42117 at NVDCVE-2024-42119 at SUSECVE-2024-42119 at NVDCVE-2024-42120 at SUSECVE-2024-42120 at NVDCVE-2024-42121 at SUSECVE-2024-42121 at NVDCVE-2024-42122 at SUSECVE-2024-42122 at NVDCVE-2024-42124 at SUSECVE-2024-42124 at NVDCVE-2024-42125 at SUSECVE-2024-42125 at NVDCVE-2024-42126 at SUSECVE-2024-42126 at NVDCVE-2024-42127 at SUSECVE-2024-42127 at NVDCVE-2024-42130 at SUSECVE-2024-42130 at NVDCVE-2024-42131 at SUSECVE-2024-42131 at NVDCVE-2024-42132 at SUSECVE-2024-42132 at NVDCVE-2024-42133 at SUSECVE-2024-42133 at NVDCVE-2024-42136 at SUSECVE-2024-42136 at NVDCVE-2024-42137 at SUSECVE-2024-42137 at NVDCVE-2024-42138 at SUSECVE-2024-42138 at NVDCVE-2024-42139 at SUSECVE-2024-42139 at NVDCVE-2024-42141 at SUSECVE-2024-42141 at NVDCVE-2024-42142 at SUSECVE-2024-42142 at NVDCVE-2024-42143 at SUSECVE-2024-42143 at NVDCVE-2024-42144 at SUSECVE-2024-42144 at NVDCVE-2024-42145 at SUSECVE-2024-42145 at NVDCVE-2024-42147 at SUSECVE-2024-42147 at NVDCVE-2024-42148 at SUSECVE-2024-42148 at NVDCVE-2024-42152 at SUSECVE-2024-42152 at NVDCVE-2024-42153 at SUSECVE-2024-42153 at NVDCVE-2024-42155 at SUSECVE-2024-42155 at NVDCVE-2024-42156 at SUSECVE-2024-42156 at NVDCVE-2024-42157 at SUSECVE-2024-42157 at NVDCVE-2024-42158 at SUSECVE-2024-42158 at NVDCVE-2024-42159 at SUSECVE-2024-42159 at NVDCVE-2024-42161 at SUSECVE-2024-42161 at NVDCVE-2024-42162 at SUSECVE-2024-42162 at NVDCVE-2024-42223 at SUSECVE-2024-42223 at NVDCVE-2024-42224 at SUSECVE-2024-42224 at NVDCVE-2024-42225 at SUSECVE-2024-42225 at NVDCVE-2024-42226 at SUSECVE-2024-42226 at NVDCVE-2024-42227 at SUSECVE-2024-42227 at NVDCVE-2024-42228 at SUSECVE-2024-42228 at NVDCVE-2024-42229 at SUSECVE-2024-42229 at NVDCVE-2024-42230 at SUSECVE-2024-42230 at NVDCVE-2024-42232 at SUSECVE-2024-42232 at NVDCVE-2024-42236 at SUSECVE-2024-42236 at NVDCVE-2024-42237 at SUSECVE-2024-42237 at NVDCVE-2024-42238 at SUSECVE-2024-42238 at NVDCVE-2024-42239 at SUSECVE-2024-42239 at NVDCVE-2024-42240 at SUSECVE-2024-42240 at NVDCVE-2024-42241 at SUSECVE-2024-42241 at NVDCVE-2024-42244 at SUSECVE-2024-42244 at NVDCVE-2024-42245 at SUSECVE-2024-42245 at NVDCVE-2024-42246 at SUSECVE-2024-42246 at NVDCVE-2024-42247 at SUSECVE-2024-42247 at NVDCVE-2024-42250 at SUSECVE-2024-42250 at NVDCVE-2024-42253 at SUSECVE-2024-42253 at NVDCVE-2024-42259 at SUSECVE-2024-42259 at NVDCVE-2024-42268 at SUSECVE-2024-42268 at NVDCVE-2024-42269 at SUSECVE-2024-42269 at NVDCVE-2024-42270 at SUSECVE-2024-42270 at NVDCVE-2024-42271 at SUSECVE-2024-42271 at NVDCVE-2024-42274 at SUSECVE-2024-42274 at NVDCVE-2024-42276 at SUSECVE-2024-42276 at NVDCVE-2024-42277 at SUSECVE-2024-42277 at NVDCVE-2024-42278 at SUSECVE-2024-42278 at NVDCVE-2024-42279 at SUSECVE-2024-42279 at NVDCVE-2024-42280 at SUSECVE-2024-42280 at NVDCVE-2024-42281 at SUSECVE-2024-42281 at NVDCVE-2024-42283 at SUSECVE-2024-42283 at NVDCVE-2024-42284 at SUSECVE-2024-42284 at NVDCVE-2024-42285 at SUSECVE-2024-42285 at NVDCVE-2024-42286 at SUSECVE-2024-42286 at NVDCVE-2024-42287 at SUSECVE-2024-42287 at NVDCVE-2024-42288 at SUSECVE-2024-42288 at NVDCVE-2024-42289 at SUSECVE-2024-42289 at NVDCVE-2024-42290 at SUSECVE-2024-42290 at NVDCVE-2024-42291 at SUSECVE-2024-42291 at NVDCVE-2024-42292 at SUSECVE-2024-42292 at NVDCVE-2024-42295 at SUSECVE-2024-42295 at NVDCVE-2024-42298 at SUSECVE-2024-42298 at NVDCVE-2024-42301 at SUSECVE-2024-42301 at NVDCVE-2024-42302 at SUSECVE-2024-42302 at NVDCVE-2024-42303 at SUSECVE-2024-42303 at NVDCVE-2024-42308 at SUSECVE-2024-42308 at NVDCVE-2024-42309 at SUSECVE-2024-42309 at NVDCVE-2024-42310 at SUSECVE-2024-42310 at NVDCVE-2024-42311 at SUSECVE-2024-42311 at NVDCVE-2024-42312 at SUSECVE-2024-42312 at NVDCVE-2024-42313 at SUSECVE-2024-42313 at NVDCVE-2024-42314 at SUSECVE-2024-42314 at NVDCVE-2024-42315 at SUSECVE-2024-42315 at NVDCVE-2024-42316 at SUSECVE-2024-42316 at NVDCVE-2024-42318 at SUSECVE-2024-42318 at NVDCVE-2024-42319 at SUSECVE-2024-42319 at NVDCVE-2024-42320 at SUSECVE-2024-42320 at NVDCVE-2024-42322 at SUSECVE-2024-42322 at NVDCVE-2024-43816 at SUSECVE-2024-43816 at NVDCVE-2024-43817 at SUSECVE-2024-43817 at NVDCVE-2024-43818 at SUSECVE-2024-43818 at NVDCVE-2024-43819 at SUSECVE-2024-43819 at NVDCVE-2024-43821 at SUSECVE-2024-43821 at NVDCVE-2024-43823 at SUSECVE-2024-43823 at NVDCVE-2024-43824 at SUSECVE-2024-43824 at NVDCVE-2024-43825 at SUSECVE-2024-43825 at NVDCVE-2024-43826 at SUSECVE-2024-43826 at NVDCVE-2024-43829 at SUSECVE-2024-43829 at NVDCVE-2024-43830 at SUSECVE-2024-43830 at NVDCVE-2024-43831 at SUSECVE-2024-43831 at NVDCVE-2024-43833 at SUSECVE-2024-43833 at NVDCVE-2024-43834 at SUSECVE-2024-43834 at NVDCVE-2024-43837 at SUSECVE-2024-43837 at NVDCVE-2024-43839 at SUSECVE-2024-43839 at NVDCVE-2024-43840 at SUSECVE-2024-43840 at NVDCVE-2024-43841 at SUSECVE-2024-43841 at NVDCVE-2024-43842 at SUSECVE-2024-43842 at NVDCVE-2024-43846 at SUSECVE-2024-43846 at NVDCVE-2024-43847 at SUSECVE-2024-43847 at NVDCVE-2024-43849 at SUSECVE-2024-43849 at NVDCVE-2024-43850 at SUSECVE-2024-43850 at NVDCVE-2024-43851 at SUSECVE-2024-43851 at NVDCVE-2024-43853 at SUSECVE-2024-43853 at NVDCVE-2024-43854 at SUSECVE-2024-43854 at NVDCVE-2024-43855 at SUSECVE-2024-43855 at NVDCVE-2024-43856 at SUSECVE-2024-43856 at NVDCVE-2024-43858 at SUSECVE-2024-43858 at NVDCVE-2024-43860 at SUSECVE-2024-43860 at NVDCVE-2024-43861 at SUSECVE-2024-43861 at NVDCVE-2024-43863 at SUSECVE-2024-43863 at NVDCVE-2024-43864 at SUSECVE-2024-43864 at NVDCVE-2024-43866 at SUSECVE-2024-43866 at NVDCVE-2024-43867 at SUSECVE-2024-43867 at NVDCVE-2024-43871 at SUSECVE-2024-43871 at NVDCVE-2024-43872 at SUSECVE-2024-43872 at NVDCVE-2024-43873 at SUSECVE-2024-43873 at NVDCVE-2024-43874 at SUSECVE-2024-43874 at NVDCVE-2024-43875 at SUSECVE-2024-43875 at NVDCVE-2024-43876 at SUSECVE-2024-43876 at NVDCVE-2024-43877 at SUSECVE-2024-43877 at NVDCVE-2024-43879 at SUSECVE-2024-43879 at NVDCVE-2024-43880 at SUSECVE-2024-43880 at NVDCVE-2024-43881 at SUSECVE-2024-43881 at NVDCVE-2024-43882 at SUSECVE-2024-43882 at NVDCVE-2024-43883 at SUSECVE-2024-43883 at NVDCVE-2024-43884 at SUSECVE-2024-43884 at NVDCVE-2024-43885 at SUSECVE-2024-43885 at NVDCVE-2024-43889 at SUSECVE-2024-43889 at NVDCVE-2024-43892 at SUSECVE-2024-43892 at NVDCVE-2024-43893 at SUSECVE-2024-43893 at NVDCVE-2024-43894 at SUSECVE-2024-43894 at NVDCVE-2024-43895 at SUSECVE-2024-43895 at NVDCVE-2024-43897 at SUSECVE-2024-43897 at NVDCVE-2024-43899 at SUSECVE-2024-43899 at NVDCVE-2024-43900 at SUSECVE-2024-43900 at NVDCVE-2024-43902 at SUSECVE-2024-43902 at NVDCVE-2024-43903 at SUSECVE-2024-43903 at NVDCVE-2024-43905 at SUSECVE-2024-43905 at NVDCVE-2024-43906 at SUSECVE-2024-43906 at NVDCVE-2024-43907 at SUSECVE-2024-43907 at NVDCVE-2024-43908 at SUSECVE-2024-43908 at NVDCVE-2024-43909 at SUSECVE-2024-43909 at NVDCVE-2024-43911 at SUSECVE-2024-43911 at NVDCVE-2024-43912 at SUSECVE-2024-43912 at NVDCVE-2024-44931 at SUSECVE-2024-44931 at NVDCVE-2024-44938 at SUSECVE-2024-44938 at NVDCVE-2024-44939 at SUSECVE-2024-44939 at NVDcpe:/o:suse:sl-micro:6.0Security update for python311 (Important)SUSE Linux Micro 6.0
This update for python311 fixes the following issues:
Updated to Python 3.11.15:
- CVE-2025-6075: quadratic complexity in os.path.expandvars() (bsc#1252974).
- CVE-2025-11468: header injection with carefully crafted inputs (bsc#1257029).
- CVE-2025-12084: quadratic complexity in xml.minidom node ID cache clearing (bsc#1254997).
- CVE-2025-13836: potential memory denial of service in the http.client module (bsc#1254400).
- CVE-2025-13837: potential memory denial of service in the plistlib module (bsc#1254401).
- CVE-2025-15282: control characters in URL media types data (bsc#1257046).
- CVE-2026-0672: control characters in http.cookies.Morsel fields and values (bsc#1257031).
- CVE-2026-0865: C0 control characters within wsgiref.headers.Headers fields, values, and parameters (bsc#1257042).
ImportantSUSE bug 1252974SUSE bug 1254400SUSE bug 1254401SUSE bug 1254997SUSE bug 1257029SUSE bug 1257031SUSE bug 1257042SUSE bug 1257046CVE-2025-11468 at SUSECVE-2025-11468 at NVDCVE-2025-12084 at SUSECVE-2025-12084 at NVDCVE-2025-13836 at SUSECVE-2025-13836 at NVDCVE-2025-13837 at SUSECVE-2025-13837 at NVDCVE-2025-15282 at SUSECVE-2025-15282 at NVDCVE-2025-6075 at SUSECVE-2025-6075 at NVDCVE-2026-0672 at SUSECVE-2026-0672 at NVDCVE-2026-0865 at SUSECVE-2026-0865 at NVDcpe:/o:suse:sl-micro:6.0Security update for sqlite3 (Moderate)SUSE Linux Micro 6.0
This update for sqlite3 fixes the following issues:
Update to version 3.51.3:
- CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670).
- CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619).
Changelog:
Update to version 3.51.3:
* Fix the WAL-reset database corruption bug:
https://sqlite.org/wal.html#walresetbug
* Other minor bug fixes.
Update to version 3.51.2:
* Fix an obscure deadlock in the new broken-posix-lock detection
logic.
* Fix multiple problems in the EXISTS-to-JOIN optimization.
Update to version 3.51.1:
* Fix incorrect results from nested EXISTS queries caused by the
optimization in item 6b in the 3.51.0 release.
* Fix a latent bug in fts5vocab virtual table, exposed by new
optimizations in the 3.51.0 release
Update to version 3.51.0:
* New macros in sqlite3.h:
- SQLITE_SCM_BRANCH -> the name of the branch from which the
source code is taken.
- SQLITE_SCM_TAGS -> space-separated list of tags on the source
code check-in.
- SQLITE_SCM_DATETIME -> ISO-8601 date and time of the source
* Two new JSON functions, jsonb_each() and jsonb_tree() work the
same as the existing json_each() and json_tree() functions
except that they return JSONB for the "value" column when the
"type" is 'array' or 'object'.
* The carray and percentile extensions are now built into the
amalgamation, though they are disabled by default and must be
activated at compile-time using the -DSQLITE_ENABLE_CARRAY
and/or -DSQLITE_ENABLE_PERCENTILE options, respectively.
* Enhancements to TCL Interface:
- Add the -asdict flag to the eval command to have it set the
row data as a dict instead of an array.
- User-defined functions may now break to return an SQL NULL.
* CLI enhancements:
- Increase the precision of ".timer" to microseconds.
- Enhance the "box" and "column" formatting modes to deal with
double-wide characters.
- The ".imposter" command provides read-only imposter tables
that work with VACUUM and do not require the --unsafe-testing
option.
- Add the --ifexists option to the CLI command-line option and
to the .open command.
- Limit columns widths set by the ".width" command to 30,000 or
less, as there is not good reason to have wider columns, but
supporting wider columns provides opportunity to malefactors.
* Performance enhancements:
- Use fewer CPU cycles to commit a read transaction.
- Early detection of joins that return no rows due to one or
more of the tables containing no rows.
- Avoid evaluation of scalar subqueries if the result of the
subquery does not change the result of the overall expression.
- Faster window function queries when using
"BETWEEN :x FOLLOWING AND :y FOLLOWING" with a large :y.
* Add the PRAGMA wal_checkpoint=NOOP; command and the
SQLITE_CHECKPOINT_NOOP argument for sqlite3_wal_checkpoint_v2().
* Add the sqlite3_set_errmsg() API for use by extensions.
* Add the sqlite3_db_status64() API, which works just like the
existing sqlite3_db_status() API except that it returns 64-bit
results.
* Add the SQLITE_DBSTATUS_TEMPBUF_SPILL option to the
sqlite3_db_status() and sqlite3_db_status64() interfaces.
* In the session extension add the sqlite3changeset_apply_v3()
interface.
* For the built-in printf() and the format() SQL function, omit
the leading '-' from negative floating point numbers if the '+'
flag is omitted and the "#" flag is present and all displayed
digits are '0'. Use '%#f' or similar to avoid outputs like
'-0.00' and instead show just '0.00'.
* Improved error messages generated by FTS5.
* Enforce STRICT typing on computed columns.
* Improved support for VxWorks
* JavaScript/WASM now supports 64-bit WASM. The canonical builds
continue to be 32-bit but creating one's own 64-bit build is
now as simple as running "make".
ModerateSUSE bug 1254670SUSE bug 1259619CVE-2025-70873 at SUSECVE-2025-70873 at NVDCVE-2025-7709 at SUSECVE-2025-7709 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-tornado6 (Important)SUSE Linux Micro 6.0
This update for python-tornado6 fixes the following issues:
- CVE-2026-31958: parsing large multipart bodies with many parts can cause a denial of service (bsc#1259553).
- incomplete validation of cookie attributes allows for injection of user-controlled values in other cookie attributes
(bsc#1259630).
ImportantSUSE bug 1259553SUSE bug 1259630CVE-2026-31958 at SUSECVE-2026-31958 at NVDcpe:/o:suse:sl-micro:6.0Security update for salt (Important)SUSE Linux Micro 6.0
This update for salt fixes the following issues:
- Security issues fixed:
* CVE-2025-67724: Fixed missing validation of supplied reason phrase (bsc#1254903)
* CVE-2025-67725: Fixed DoS via malicious HTTP request (bsc#1254905)
* CVE-2025-67726: Fixed HTTP header parameter parsing algorithm (bsc#1254904)
* CVE-2025-13836: Set a safe limit to http.client response read (bsc#1254400)
- Fixed KeyError in postgres module with PostgreSQL 17 (bsc#1254325)
- Use internal deb classes instead of external aptsource lib
- Improved performance of wheel key.finger call (bsc#1240532)
- Improved performance of utils.find_json function (bsc#1246130)
- Extended warn_until period to 2027
ImportantSUSE bug 1240532SUSE bug 1246130SUSE bug 1254325SUSE bug 1254400SUSE bug 1254903SUSE bug 1254904SUSE bug 1254905CVE-2025-13836 at SUSECVE-2025-13836 at NVDCVE-2025-67724 at SUSECVE-2025-67724 at NVDCVE-2025-67725 at SUSECVE-2025-67725 at NVDCVE-2025-67726 at SUSECVE-2025-67726 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-pyasn1 (Important)SUSE Linux Micro 6.0
This update for python-pyasn1 fixes the following issue:
- CVE-2026-30922: Denial of Service via Unbounded Recursion (bsc#1259803).
ImportantSUSE bug 1259803CVE-2026-30922 at SUSECVE-2026-30922 at NVDcpe:/o:suse:sl-micro:6.0Security update for systemd (Important)SUSE Linux Micro 6.0
This update for systemd fixes the following issues:
Security issues:
- CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method (bsc#1259650).
- CVE-2026-29111: local unprivileged user can trigger an assert in systemd (bsc#1259418).
- udev: check for invalid chars in various fields received from the kernel (bsc#1259697).
Non security issues:
- Name libsystemd-{shared,core} based on the major version of systemd and the
package release number (bsc#1228081, bsc#1256427)
- detect-virt: bare-metal GCE only for x86 and i386 (bsc#1254293)
Changelog:
- a943e3ce2f machined: reject invalid class types when registering machines
- 71593f77db udev: fix review mixup
- 73a89810b4 udev-builtin-net-id: print cescaped bad attributes
- 0f360bfdc0 udev-builtin-net_id: do not assume the current interface name is ethX
- 40905232e2 udev: ensure tag parsing stays within bounds
- 7bce9026e3 udev: ensure there is space for trailing NUL before calling sprintf
- d018ac1ea3 udev: check for invalid chars in various fields received from the kernel
- aef6e11921 core/cgroup: avoid one unnecessary strjoina()
- cc7426f38a sd-json: fix off-by-one issue when updating parent for array elements
- 26a748f727 core: validate input cgroup path more prudently
- 99d8308fde core/dbus-manager: propagate meaningful dbus errors from EnqueueMarkedJobs
- 8bbac1d508 detect-virt: bare-metal GCE only for x86 and i386
ImportantSUSE bug 1228081SUSE bug 1254293SUSE bug 1256427SUSE bug 1259418SUSE bug 1259650SUSE bug 1259697CVE-2026-29111 at SUSECVE-2026-29111 at NVDCVE-2026-4105 at SUSECVE-2026-4105 at NVDcpe:/o:suse:sl-micro:6.0Security update for docker (Critical)SUSE Linux Micro 6.0
This update for docker fixes the following issues:
Security fixes:
- CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts (bsc#1219267)
- CVE-2024-23652: Fixed insufficient validation of parent directory on mount (bsc#1219268)
- CVE-2024-23653: Fixed insufficient validation on entitlement on container creation via buildkit (bsc#1219438)
- CVE-2024-41110: A Authz zero length regression that could lead to authentication bypass was fixed (bsc#1228324)
Other changes:
- Update to Docker 25.0.6-ce.
- Fix BuildKit's symlink resolution logic to correctly handle non-lexical
symlinks. (bsc#1221916)
- Write volume options atomically so sudden system crashes won't result in
future Docker starts failing due to empty files. (bsc#1214855)
- Fixed world writable docker overlay files (bsc#1220339)
CriticalSUSE bug 1210141SUSE bug 1214855SUSE bug 1215323SUSE bug 1217513SUSE bug 1219267SUSE bug 1219268SUSE bug 1219438SUSE bug 1220339SUSE bug 1221916SUSE bug 1223409SUSE bug 1228324CVE-2024-23651 at SUSECVE-2024-23651 at NVDCVE-2024-23652 at SUSECVE-2024-23652 at NVDCVE-2024-23653 at SUSECVE-2024-23653 at NVDCVE-2024-41110 at SUSECVE-2024-41110 at NVDcpe:/o:suse:sl-micro:6.0Security update for capstone (Moderate)SUSE Linux Micro 6.0
This update for capstone fixes the following issues:
- CVE-2025-67873: Skipdata length unchecked leads to cs_insn.bytes heap buffer overflow (bsc#1255309).
- CVE-2025-68114: Unchecked vsnprintf return in SStream_concat allows stack buffer overflow (bsc#1255310).
ModerateSUSE bug 1255309SUSE bug 1255310CVE-2025-67873 at SUSECVE-2025-67873 at NVDCVE-2025-68114 at SUSECVE-2025-68114 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-PyJWT (Important)SUSE Linux Micro 6.0
This update for python-PyJWT fixes the following issue:
- CVE-2026-32597: validate the `crit` Header Parameter defined in RFC 7515 (bsc#1259616).
ImportantSUSE bug 1259616CVE-2026-32597 at SUSECVE-2026-32597 at NVDcpe:/o:suse:sl-micro:6.0Security update for docker-compose (Important)SUSE Linux Micro 6.0
This update for docker-compose fixes the following issue:
- CVE-2025-62725: OCI compose artifacts can be used to escape the cache directory and overwrite arbitrary files
(bsc#1252752).
ImportantSUSE bug 1252752CVE-2025-62725 at SUSECVE-2025-62725 at NVDcpe:/o:suse:sl-micro:6.0Security update for nghttp2 (Important)SUSE Linux Micro 6.0
This update for nghttp2 fixes the following issue:
- CVE-2026-27135: assertion failure due to missing state validation can lead to DoS (bsc#1259845).
ImportantSUSE bug 1259845CVE-2026-27135 at SUSECVE-2026-27135 at NVDcpe:/o:suse:sl-micro:6.0Security update for cockpit (Important)SUSE Linux Micro 6.0
This update for cockpit fixes the following issue:
- CVE-2026-26996: minimatch: ReDoS when glob pattern contains many consecutive wildcards followed by a literal character
that doesn't appear in the test string (bsc#1258641).
ImportantSUSE bug 1258641CVE-2026-26996 at SUSECVE-2026-26996 at NVDcpe:/o:suse:sl-micro:6.0Security update for python311 (Important)SUSE Linux Micro 6.0
This update for python311 fixes the following issues:
- CVE-2026-1299: header injection when an email is serialized due to improper newline quoting (bsc#1257181).
- CVE-2026-2297: validation bypass via incorrectly handled hook in FileLoader (bsc#1259240).
ImportantSUSE bug 1257181SUSE bug 1259240CVE-2026-1299 at SUSECVE-2026-1299 at NVDCVE-2026-2297 at SUSECVE-2026-2297 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-pyOpenSSL (Important)SUSE Linux Micro 6.0
This update for python-pyOpenSSL fixes the following issues:
- CVE-2026-27448: unhandled exception can result in connection not being cancelled (bsc#1259804).
- CVE-2026-27459: large cookie value can lead to a buffer overflow (bsc#1259808).
ImportantSUSE bug 1259804SUSE bug 1259808CVE-2026-27448 at SUSECVE-2026-27448 at NVDCVE-2026-27459 at SUSECVE-2026-27459 at NVDcpe:/o:suse:sl-micro:6.0Security update for rust-keylime (Moderate)SUSE Linux Micro 6.0
This update for rust-keylime fixes the following issues:
- Update vendored crates (CVE-2024-43806, bsc#1229952, bsc#1230029)
* rustix 0.37.25
* rustix 0.38.34
* shlex 1.3.0
- Update to version 0.2.6+13:
* Enable test functional/iak-idevid-persisted-and-protected
* build(deps): bump uuid from 1.7.0 to 1.10.0
* build(deps): bump openssl from 0.10.64 to 0.10.66
* keylime-agent/src/revocation: Fix comment indentation
* keylime/crypto: Fix indentation of documentation comment
* build(deps): bump thiserror from 1.0.59 to 1.0.63
* build(deps): bump serde_json from 1.0.116 to 1.0.120
* dependabot: Extend to also monitor workflow actions
* ci: Disable Packit CI on CentOS Stream 9
* ci: use CODECOV_TOKEN when submitting coverage data
* revocation: Use into() for unfallible transformation
* secure_mount: Fix possible infinite loop
* error: Rename enum variants to avoid clippy warning
- Update to version 0.2.6~0:
* Bump version to 0.2.6
* build(deps): bump libc from 0.2.153 to 0.2.155
* build(deps): bump serde from 1.0.196 to 1.0.203
* rpm/fedora: Update rust macro usage
* config: Support hostnames in registrar_ip option
* added use of persisted IAK and IDevID and authorisation values
* config changes
* Adding /agent/info API to agent
* Fix leftover 'unnecessary qualification' warnings on tests
- Update to version 0.2.5~4:
* Fix 'unnecessary qualification' warnings
* fix IAK template to match IDevID
* rpm: fix COPR RPMs build for centos-stream-10
* Build COPR RPMs for centos-stream-10
- Update to version 0.2.5~0:
* Bump version to 0.2.5
* cargo: Relax required version for pest crate
* build(deps): bump log from 0.4.20 to 0.4.21
* build(deps): bump thiserror from 1.0.56 to 1.0.59
- actix-web update moves rustls as feature (bsc#1223234, CVE-2024-32650)
- Update to version 0.2.4~39:
* build(deps): bump openssl from 0.10.63 to 0.10.64
* build(deps): bump h2 from 0.3.24 to 0.3.26
* build(deps): bump serde_json from 1.0.107 to 1.0.116
* build(deps): bump actix-web from 4.4.1 to 4.5.1
* crypto: Enable TLS 1.3
* build(deps): bump tempfile from 3.9.0 to 3.10.1
* build(deps): bump mio from 0.8.4 to 0.8.11
* enable hex values to be used for tpm_ownerpassword
* config: Support IPv6 with or without brackets
* keylime: Implement a simple IP parser to remove brackets
* crypto: Implement CertificateBuilder to generate certificates
* tests: Fix coverage download by supporting arbitrary URL
* cargo: Add testing feature to keylime library
* Set X509 SAN with local DNSname/IP/IPv6
* Include newest Node20 versions for Github actions
* tpm: Add unit test for uncovered public functions
* crypto: Implement ECC key generation support
* crypto: Add test for match_cert_to_template()
* Fix minor typo, format and remove end whitespaces
* crypto: Make error types less specific
* tests/run.sh: Run tarpaulin with a single thread
* payloads: Remove explicit drop of channel transmitter
* crypto: Move to keylime library
* crypto: Add specific type for every possible error
* tpm: Rename origin of error as source in structures
* list_parser: Add source for error for backtrace
* algorithms: Make errors more specific
* typo fix for default path to measured boot log file
* README: remove mentions of libarchive as a dependency
* Dockerfile.wolfi: Update clang to version 17
* docker: Remove libarchive as a dependency
* rpm: Remove libarchive from dependencies
* cargo: Replace compress-tools with zip crate
* cargo: Bump ahash to version 0.8.7
* build(deps): bump serde from 1.0.195 to 1.0.196
* build(deps): bump libc from 0.2.152 to 0.2.153
* build(deps): bump reqwest from 0.11.23 to 0.11.24
* docker: Install configuration file in the correct path
* config: Make IAK/IDevID disabled by default
- Update to version 0.2.4+git.1706692574.a744517:
* Bump version to 0.2.4
* build(deps): bump uuid from 1.4.1 to 1.7.0
* keylime-agent.conf: Allow setting event logs paths
* Mutable log paths: allow IMA and MBA log paths to be overridden by keylime configuration.
* workflows: Update checkout action to version 4
* build(deps): bump serde from 1.0.188 to 1.0.195
* build(deps): bump pest_derive from 2.7.0 to 2.7.6
* build(deps): bump openssl from 0.10.62 to 0.10.63
* build(deps): bump config from 0.13.3 to 0.13.4
* build(deps): bump base64 from 0.21.4 to 0.21.7
* build(deps): bump tempfile from 3.8.0 to 3.9.0
* build(deps): bump pest from 2.7.0 to 2.7.6
* build(deps): bump actix-web from 4.4.0 to 4.4.1
* build(deps): bump reqwest from 0.11.22 to 0.11.23
* build(deps): bump h2 from 0.3.17 to 0.3.24
* build(deps): bump shlex from 1.1.0 to 1.3.0
* cargo: Bump tss-esapi to version 7.4.0
* workflows: Fix keylime-bot token usage
* tpm: Add error context for every possible error
* tpm: Add AlgorithmError to TpmError
* detect idevid template from certificates
* build(deps): bump wiremock from 0.5.18 to 0.5.22
* build(deps): bump thiserror from 1.0.48 to 1.0.56
* Make use of workspace dependencies
* build(deps): bump openssl from 0.10.57 to 0.10.62
* packit: Bump Fedora version used for code coverage
- Update to version 0.2.3+git.1701075380.a5dc985:
* build(deps): bump actix-rt from 2.8.0 to 2.9.0
* Bump version to 0.2.3
* build(deps): bump reqwest from 0.11.20 to 0.11.22
* Bump configuration version and fix enable_iak_idevid
* Enable test functional/iak-idevid-register-with-certificates
* Update packit plan with new tests
* Add certificates and certificate checking for IDevID and IAK keys (#669)
- Update to version 0.2.2+git.1697658634.9c7c6fa:
* build(deps): bump rustix from 0.37.11 to 0.37.25
* build(deps): bump tempfile from 3.6.0 to 3.8.0
* build(deps): bump base64 from 0.21.0 to 0.21.4
* build(deps): bump serde_json from 1.0.96 to 1.0.107
* build(deps): bump openssl from 0.10.55 to 0.10.57
* cargo: Bump serde to version 1.0.188
* tests: Fix tarpaulin issues with dropped -v option
* build(deps): bump signal-hook from 0.3.15 to 0.3.17
* build(deps): bump actix-web from 4.3.1 to 4.4.0
* build(deps): bump thiserror from 1.0.40 to 1.0.48
* Remove private_in_public
* Initial PR to add support for IDevID and IAK
* build(deps): bump uuid from 1.3.1 to 1.4.1
* build(deps): bump log from 0.4.17 to 0.4.20
* build(deps): bump reqwest from 0.11.16 to 0.11.20
* Do not use too specific version on cargo audit workflow
* Add workflow to run cargo-audit security audit
* README: update dependencies for Debian and Ubuntu
* Use latest versions of checkout/upload-artifacts
* docker: Add 'keylime' system user
* Use "currently" for swtpm emulator warning (#632)
* Update container workflow actions versions
* Build container image and push to quay.io
* README: update requirements
- Update to version 0.2.2+git.1689256829.3d2b627:
* Bump version to 0.2.2
* build(deps): bump tempfile from 3.5.0 to 3.6.0
* removing SIGINT stop signals from Dockerfiles and systemd service, as well as adding SIGTERM to IMA emulator as shutdown signal
- Update to version 0.2.1+git.1689167094.67ce0cf:
* cargo: Bump serde to version 1.0.166
* build(deps): bump libc from 0.2.142 to 0.2.147
* adding release Dockerfiles in 3 flavours: fedora, distroless and wolfi
* hash: add more configurable hash algorithm for public key digest
* cargo: Update clap to version 4.3.11
* cargo: Bump tokio crate version to 1.28.2
* Add an example of IMA policy
* main: Gracefully shutdown on SIGTERM or SIGINT
* cargo: Bump proc-macro2 crate version
* revocation: Parse revocation actions flexibly
* crypto: Add unit tests for x509 functions
* crypto: Make internal functions private
* config: Add unit test for the list to files mapping
* config: Make trusted_client_ca to accept lists
* lib: Implement parser for lists from config file
* build(deps): bump openssl from 0.10.48 to 0.10.55
* Add secure mount sanity test to packit testing.
* [packit] Do not let COPR project expire
- Recommends the IMA Policy subpackage only if SELinux is configured
- Update to version 0.2.1+git.1685699835.3c9d17c:
* Remove MOUNT_SECURE bool
* rpm: Remove unused directory and add dependency for mount
* keylime-agent/src: update API version to 2.1 to consistent with https://github.com/keylime/keylime/blob/master/docs/rest_apis.rst
* docker/fedora/keylime_rust.Dockerfile: add the logic of cloning and compiling rust-keylime
* [tests] Update test coverage task name regexp
* [tests] Simply coverage file URL parsing
ModerateSUSE bug 1223234SUSE bug 1229952SUSE bug 1230029CVE-2024-32650 at SUSECVE-2024-32650 at NVDCVE-2024-43806 at SUSECVE-2024-43806 at NVDcpe:/o:suse:sl-micro:6.0Security update for tar (Important)SUSE Linux Micro 6.0
This update for tar fixes the following issue:
- CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399).
ImportantSUSE bug 1246399CVE-2025-45582 at SUSECVE-2025-45582 at NVDcpe:/o:suse:sl-micro:6.0Security update for polkit (Moderate)SUSE Linux Micro 6.0
This update for polkit fixes the following issue:
- CVE-2026-4897: Fixed possible OOM condition via specially crafted input to `polkit-agent-helper-1` (bsc#1260859).
ModerateSUSE bug 1260859CVE-2026-4897 at SUSECVE-2026-4897 at NVDcpe:/o:suse:sl-micro:6.0Security update for expat (Important)SUSE Linux Micro 6.0
This update for expat fixes the following issues:
- CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity
declaration value (bsc#1259726).
- CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711).
- CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729).
ImportantSUSE bug 1259711SUSE bug 1259726SUSE bug 1259729CVE-2026-32776 at SUSECVE-2026-32776 at NVDCVE-2026-32777 at SUSECVE-2026-32777 at NVDCVE-2026-32778 at SUSECVE-2026-32778 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-requests (Moderate)SUSE Linux Micro 6.0
This update for python-requests fixes the following issue:
- CVE-2026-25645: `extract_zipped_paths()` uses predictable filenames when extracting files from zip archives and reuses
target files that already exist without validation (bsc#1260589).
ModerateSUSE bug 1260589CVE-2026-25645 at SUSECVE-2026-25645 at NVDcpe:/o:suse:sl-micro:6.0Security update for libtpms (Moderate)SUSE Linux Micro 6.0
This update for libtpms fixes the following issues:
- CVE-2025-49133: out-of-bounds (OOB) access due to HMAC signing issue leads to abort and vTPM DoS (bsc#1244528).
ModerateSUSE bug 1244528CVE-2025-49133 at SUSECVE-2025-49133 at NVDcpe:/o:suse:sl-micro:6.0Security update for openssl-3 (Important)SUSE Linux Micro 6.0
This update for openssl-3 fixes the following issues:
- CVE-2026-28387: Potential use-after-free in DANE client code (bsc#1260441).
- CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL (bsc#1260442).
- CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo (bsc#1260443).
- CVE-2026-31789: Heap buffer overflow in hexadecimal conversion (bsc#1260444).
- CVE-2026-31790: Incorrect failure handling in RSA KEM RSASVE encapsulation (bsc#1260445).
ImportantSUSE bug 1260441SUSE bug 1260442SUSE bug 1260443SUSE bug 1260444SUSE bug 1260445CVE-2026-28387 at SUSECVE-2026-28387 at NVDCVE-2026-28388 at SUSECVE-2026-28388 at NVDCVE-2026-28389 at SUSECVE-2026-28389 at NVDCVE-2026-31789 at SUSECVE-2026-31789 at NVDCVE-2026-31790 at SUSECVE-2026-31790 at NVDcpe:/o:suse:sl-micro:6.0Security update for glibc (Important)SUSE Linux Micro 6.0
This update for glibc fixes the following issues:
- CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response (bsc#1260078).
- CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions (bsc#1260082).
ImportantSUSE bug 1260078SUSE bug 1260082CVE-2026-4437 at SUSECVE-2026-4437 at NVDCVE-2026-4438 at SUSECVE-2026-4438 at NVDcpe:/o:suse:sl-micro:6.0Security update for libpng16 (Important)SUSE Linux Micro 6.0
This update for libpng16 fixes the following issues:
- CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code
execution (bsc#1260754).
- CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and
crashes (bsc#1260755).
ImportantSUSE bug 1260754SUSE bug 1260755CVE-2026-33416 at SUSECVE-2026-33416 at NVDCVE-2026-33636 at SUSECVE-2026-33636 at NVDcpe:/o:suse:sl-micro:6.0Security update for less (Important)SUSE Linux Micro 6.0
This update for less fixes the following issues:
- CVE-2024-32487: Fix a bug where mishandling of \n character in paths when LESSOPEN is set leads to OS command execution. (bsc#1222849)
ImportantSUSE bug 1222849CVE-2024-32487 at SUSECVE-2024-32487 at NVDcpe:/o:suse:sl-micro:6.0Security update for keepalived (Moderate)SUSE Linux Micro 6.0
This update for keepalived fixes the following issues:
- CVE-2024-41184: Fixed integer overflow in vrrp_ipsets_handler (bsc#1228123)
ModerateSUSE bug 1228123CVE-2024-41184 at SUSECVE-2024-41184 at NVDcpe:/o:suse:sl-micro:6.0Security update for systemd (Critical)SUSE Linux Micro 6.0
This update for systemd fixes the following issues:
- Import commit 0512d0d1fc0b54a84964281708036a46ab39c153
0512d0d1fc cgroup: Rename effective limits internal table (jsc#PED-5659)
765846b70b cgroup: Restrict effective limits with global resource provision (jsc#PED-5659)
e29909088b test: Add effective cgroup limits testing (jsc#PED-5659)
beacac6df0 test: Convert rlimit test to subtest of generic limit testing (jsc#PED-5659)
e3b789e512 cgroup: Add EffectiveMemoryMax=, EffectiveMemoryHigh= and EffectiveTasksMax= properties (jsc#PED-5659)
5aa063ae16 bus-print-properties: prettify more unset properties
a53122c9bd bus-print-properties: ignore CGROUP_LIMIT_MAX for Memory*{Current, Peak}
8418791441 cgroup: rename TasksMax structure to CGroupTasksMax
- Don't try to restart the udev socket units anymore (bsc#1228809)
There's currently no way to restart a socket activable service and its socket
units "atomically" and safely.
- Make the 32bit version of libudev.so available again (bsc#1228223)
The symlink for building 32bit applications was mistakenly dropped when the
content of libudev-devel was merged into systemd-devel.
Provide the 32bit flavor of systemd-devel again, which should restore the plug
and play support in Wine for 32bit windows applications.
- Import commit up to 5aa182660dff86fe9d5cba61b0c6542bb2f2db23 (merge of v254.17)
CriticalSUSE bug 1200723SUSE bug 1204968SUSE bug 1213873SUSE bug 1218110SUSE bug 1221906SUSE bug 1226414SUSE bug 1226415SUSE bug 1228091SUSE bug 1228223SUSE bug 1228809SUSE bug 1229518CVE-2022-3821 at SUSECVE-2022-3821 at NVDcpe:/o:suse:sl-micro:6.0Security update for krb5 (Important)SUSE Linux Micro 6.0
This update for krb5 fixes the following issues:
- CVE-2024-37370: Confidential GSS krb5 wrap tokens with invalid plaintext Extra Count fields were erroneously accepted during unwrap (bsc#1227186)
- CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187)
- CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770)
- CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771)
- CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772)
ImportantSUSE bug 1220770SUSE bug 1220771SUSE bug 1220772SUSE bug 1227186SUSE bug 1227187CVE-2024-26458 at SUSECVE-2024-26458 at NVDCVE-2024-26461 at SUSECVE-2024-26461 at NVDCVE-2024-26462 at SUSECVE-2024-26462 at NVDCVE-2024-37370 at SUSECVE-2024-37370 at NVDCVE-2024-37371 at SUSECVE-2024-37371 at NVDcpe:/o:suse:sl-micro:6.0Security update for gtk3 (Important)SUSE Linux Micro 6.0
This update for gtk3 fixes the following issues:
- CVE-2024-6655: Fixed library injection from current working directory (bsc#1228120).
ImportantSUSE bug 1228120CVE-2024-6655 at SUSECVE-2024-6655 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-setuptools (Important)SUSE Linux Micro 6.0
This update for python-setuptools fixes the following issues:
- CVE-2024-6345: Fixed code execution via download functions in the package_index module in pypa/setuptools (bsc#1228105)
ImportantSUSE bug 1228105CVE-2024-6345 at SUSECVE-2024-6345 at NVDcpe:/o:suse:sl-micro:6.0Security update for openssh (Critical)SUSE Linux Micro 6.0
This update for openssh fixes the following issues:
- CVE-2024-39894: Fixed timing attacks against echo-off password entry (bsc#1227318)
- CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642).
CriticalSUSE bug 1217950SUSE bug 1218215SUSE bug 1226642SUSE bug 1227318CVE-2023-48795 at SUSECVE-2023-48795 at NVDCVE-2023-51385 at SUSECVE-2023-51385 at NVDCVE-2024-39894 at SUSECVE-2024-39894 at NVDCVE-2024-6387 at SUSECVE-2024-6387 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
- CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
- CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
- CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
- CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
- CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
- CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
- CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
- CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
- CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
- CVE-2024-42243: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray (bsc#1229001).
- CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
- CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
- CVE-2024-42294: block: fix deadlock between sd_remove & sd_release (bsc#1229371).
- CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
- CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
- CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
- CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
- CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).
- CVE-2024-43845: udf: Fix bogus checksum computation in udf_rename() (bsc#1229389).
- CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
- CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
- CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
- CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
- CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
- CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
- CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
- CVE-2024-44951: serial: sc16is7xx: fix TX fifo corruption (bsc#1230181).
- CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
- CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
- CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240).
- CVE-2024-44985: ipv6: prevent possible UAF in ip6_xmit() (bsc#1230206).
- CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
- CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
- CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
- CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
- CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195).
- CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
- CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
- CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169).
- CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
- CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
- CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).
- CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
- CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432).
- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
- CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 (bsc#1230435).
- CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455).
- CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
- CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).
- CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
- CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
- CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
- CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
- CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() (bsc#1230518).
- CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526).
- CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520).
- CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521).
- CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540).
- CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
- CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704).
- CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727).
- CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
- CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786).
- CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
- CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
- CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
- CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
- CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
- CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
- CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
The following non-security bugs were fixed:
- ABI: testing: fix admv8818 attr description (git-fixes).
- ACPI: CPPC: Add helper to get the highest performance value (stable-fixes).
- ACPI: CPPC: Fix MASK_VAL() usage (git-fixes).
- ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-fixes).
- ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-fixes).
- ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes).
- ACPI: sysfs: validate return type of _STR method (git-fixes).
- ACPICA: Implement ACPI_WARNING_ONCE and ACPI_ERROR_ONCE (stable-fixes).
- ACPICA: executer/exsystem: Do not nag user about every Stall() violating the spec (git-fixes).
- ALSA: control: Apply sanity check of input values for user elements (stable-fixes).
- ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices (stable-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack for ASUS Vivobook 15 X1504VAP (stable-fixes).
- ALSA: hda/realtek: Enable Mute Led for HP Victus 15-fb1xxx (stable-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx (stable-fixes).
- ALSA: hda/realtek: add patch for internal mic in Lenovo V145 (stable-fixes).
- ALSA: hda/realtek: extend quirks for Clevo V5[46]0 (stable-fixes).
- ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes).
- ALSA: hda: add HDMI codec ID for Intel PTL (stable-fixes).
- ALSA: hda: cs35l41: fix module autoloading (git-fixes).
- ARM: 9406/1: Fix callchain_trace() return value (git-fixes).
- ASoC: Intel: soc-acpi-cht: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- ASoC: amd: yc: Add a quirk for MSI Bravo 17 (D7VEK) (stable-fixes).
- ASoC: codecs: avoid possible garbage value in peb2466_reg_read() (git-fixes).
- ASoC: cs42l42: Convert comma to semicolon (git-fixes).
- ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object (git-fixes).
- ASoC: intel: fix module autoloading (stable-fixes).
- ASoC: meson: Remove unused declartion in header file (git-fixes).
- ASoC: meson: axg-card: fix 'use-after-free' (git-fixes).
- ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes).
- ASoC: rt5682s: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes).
- ASoC: soc-ac97: Fix the incorrect description (git-fixes).
- ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode (git-fixes).
- ASoC: tas2781-i2c: Get the right GPIO line (git-fixes).
- ASoC: tda7419: fix module autoloading (stable-fixes).
- ASoC: tegra: Fix CBB error during probe() (git-fixes).
- ASoC: topology: Properly initialize soc_enum values (stable-fixes).
- ASoc: SOF: topology: Clear SOF link platform name upon unload (git-fixes).
- ASoc: TAS2781: replace beXX_to_cpup with get_unaligned_beXX for potentially broken alignment (stable-fixes).
- Bluetooth: MGMT: Ignore keys being loaded with invalid type (git-fixes).
- Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() (stable-fixes).
- Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes).
- Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes).
- Bluetooth: hci_event: Use HCI error defines instead of magic values (stable-fixes).
- Bluetooth: hci_sync: Add helper functions to manipulate cmd_sync queue (stable-fixes).
- Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-fixes).
- Detect memory allocation failure in annotated_source__alloc_histograms (bsc#1227962).
- Documentation: ioctl: document 0x07 ioctl code (git-fixes).
- Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic (git-fixes).
- Drivers: hv: vmbus: Fix the misplaced function description (git-fixes).
- Drop mm patches that caused regressions (bsc#1230413)
- HID: amd_sfh: free driver_data after destroying hid device (stable-fixes).
- HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-fixes).
- HID: multitouch: Add support for GT7868Q (stable-fixes).
- HID: wacom: Do not warn about dropped packets for first packet (git-fixes).
- HID: wacom: Support sequence numbers smaller than 16-bit (git-fixes).
- IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes)
- Input: adp5588-keys - fix check on return code (git-fixes).
- Input: ads7846 - ratelimit the spi_sync error message (stable-fixes).
- Input: ili210x - use kvmalloc() to allocate buffer for firmware update (stable-fixes).
- Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes).
- Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 840 G2 (stable-fixes).
- Input: tsc2004/5 - do not hard code interrupt trigger (git-fixes).
- Input: tsc2004/5 - fix reset handling on probe (git-fixes).
- Input: tsc2004/5 - use device core to create driver-specific device attributes (git-fixes).
- Input: uinput - reject requests with unreasonable number of slots (stable-fixes).
- KEYS: prevent NULL pointer dereference in find_asymmetric_key() (git-fixes).
- KVM: SVM: Do not advertise Bus Lock Detect to guest if SVM support is missing (git-fixes).
- KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE (git-fixes).
- KVM: arm64: Block unsafe FF-A calls from the host (git-fixes).
- KVM: arm64: Disallow copying MTE to guest memory while KVM is dirty logging (git-fixes).
- KVM: arm64: Do not pass a TLBI level hint when zapping table entries (git-fixes).
- KVM: arm64: Do not re-initialize the KVM lock (git-fixes).
- KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init (git-fixes).
- KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (git-fixes).
- KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE (git-fixes).
- KVM: arm64: nvhe: Ignore SVE hint in SMCCC function ID (git-fixes).
- KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (git-fixes).
- KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (git-fixes).
- Move fixes into sorted section (bsc#1230119)
- Move s390 kabi patch into the kabi section
- Move upstreamed SCSI patches into sorted section
- Move upstreamed input patch into sorted section
- Move upstreamed kaslr patch into sorted section
- Move upstreamed nvme patches into sorted section
- NFS: never reuse a NFSv4.0 lock-owner (bsc#1227726).
- NFSD: Fix frame size warning in svc_export_parse() (git-fixes).
- NFSD: Rewrite synopsis of nfsd_percpu_counters_init() (git-fixes).
- NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes).
- PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes).
- PCI: Wait for Link before restoring Downstream Buses (git-fixes).
- PCI: al: Check IORESOURCE_BUS existence during probe (stable-fixes).
- PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes).
- PCI: dra7xx: Fix threaded IRQ request for "dra7xx-pcie-main" IRQ (git-fixes).
- PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes).
- PCI: imx6: Fix missing call to phy_power_off() in error handling (git-fixes).
- PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-fixes).
- PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes).
- PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() (git-fixes).
- PCI: qcom-ep: Enable controller resources like PHY only after refclk is available (git-fixes).
- PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes).
- PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes).
- PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666).
- RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes)
- RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes)
- RDMA/efa: Properly handle unexpected AQ completions (git-fixes)
- RDMA/erdma: Return QP state in erdma_query_qp (git-fixes)
- RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes)
- RDMA/hns: Fix 1bit-ECC recovery address in non-4K OS (git-fixes)
- RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 (git-fixes)
- RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-fixes)
- RDMA/hns: Fix ah error counter in sw stat not increasing (git-fixes)
- RDMA/hns: Fix restricted __le16 degrades to integer issue (git-fixes)
- RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes)
- RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes)
- RDMA/hns: Optimize hem allocation performance (git-fixes)
- RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes)
- RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes)
- RDMA/mlx5: Drop redundant work canceling from clean_keys() (git-fixes)
- RDMA/mlx5: Fix MR cache temp entries cleanup (git-fixes)
- RDMA/mlx5: Fix counter update on MR cache mkey creation (git-fixes)
- RDMA/mlx5: Limit usage of over-sized mkeys from the MR cache (git-fixes)
- RDMA/mlx5: Obtain upper net device only when needed (git-fixes)
- RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes)
- RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-fixes)
- Restore dropped fields for bluetooth MGMT/SMP structs (git-fixes).
- Squashfs: sanity check symbolic link size (git-fixes).
- USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes).
- USB: serial: kobil_sct: restore initial terminal settings (git-fixes).
- USB: serial: option: add MeiG Smart SRM825L (git-fixes).
- USB: serial: option: add MeiG Smart SRM825L (stable-fixes).
- USB: serial: pl2303: add device id for Macrosilicon MS3020 (stable-fixes).
- USB: usbtmc: prevent kernel-usb-infoleak (git-fixes).
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (git-fixes).
- afs: Do not cross .backup mountpoint from backup volume (git-fixes).
- afs: Revert "afs: Hide silly-rename files from userspace" (git-fixes).
- arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585)
- arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585)
- arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes).
- arm64: dts: allwinner: h616: Add r_i2c pinctrl nodes (git-fixes).
- arm64: dts: exynos: exynos7885-jackpotlte: Correct RAM amount to 4GB (git-fixes).
- arm64: dts: imx8-ss-dma: Fix adc0 closing brace location (git-fixes).
- arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-fixes).
- arm64: dts: rockchip: Correct vendor prefix for Hardkernel ODROID-M1 (git-fixes).
- arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes).
- arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-fixes).
- arm64: dts: rockchip: fix eMMC/SPI corruption when audio has been used on RK3399 Puma (git-fixes).
- arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma (git-fixes).
- arm64: signal: Fix some under-bracketed UAPI macros (git-fixes).
- arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585)
- arm64: tlb: Fix TLBI RANGE operand (bsc#1229585)
- arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585)
- ata: libata-scsi: Fix ata_msense_control() CDL page reporting (git-fixes).
- ata: libata: Clear DID_TIME_OUT for ATA PT commands with sense data (git-fixes).
- ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes).
- ata: pata_macio: Use WARN instead of BUG (stable-fixes).
- blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600).
- blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600).
- bpf, events: Use prog to emit ksymbol event for main program (git-fixes).
- bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() (git-fixes).
- btrfs: fix race between direct IO write and fsync when using same fd (git-fixes).
- btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1230854).
- bus: integrator-lm: fix OF node leak in probe() (git-fixes).
- cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231008).
- cachefiles: fix dentry leak in cachefiles_open_file() (bsc#1231183).
- can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes).
- can: bcm: Remove proc entry when dev is unregistered (git-fixes).
- can: j1939: use correct function name in comment (git-fixes).
- can: kvaser_pciefd: Skip redundant NULL pointer check in ISR (stable-fixes).
- can: m_can: Release irq on error in m_can_open (git-fixes).
- can: m_can: enable NAPI before enabling interrupts (git-fixes).
- can: m_can: m_can_close(): stop clocks after device has been shut down (git-fixes).
- can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open (git-fixes).
- can: mcp251xfd: clarify the meaning of timestamp (stable-fixes).
- can: mcp251xfd: fix ring configuration when switching from CAN-CC to CAN-FD mode (git-fixes).
- can: mcp251xfd: mcp251xfd_handle_rxif_ring_uinc(): factor out in separate function (stable-fixes).
- can: mcp251xfd: mcp251xfd_ring_init(): check TX-coalescing configuration (stable-fixes).
- can: mcp251xfd: move mcp251xfd_timestamp_start()/stop() into mcp251xfd_chip_start/stop() (stable-fixes).
- can: mcp251xfd: properly indent labels (stable-fixes).
- can: mcp251xfd: rx: add workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes).
- can: mcp251xfd: rx: prepare to workaround broken RX FIFO head index erratum (stable-fixes).
- cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (git-fixes).
- cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (stable-fixes).
- ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1231182).
- clk: Add a devm variant of clk_rate_exclusive_get() (bsc#1227885).
- clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get() (bsc#1227885).
- clk: qcom: clk-alpha-pll: Fix the pll post div mask (git-fixes).
- clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API (git-fixes).
- clk: qcom: clk-alpha-pll: Fix zonda set_rate failure when PLL is disabled (git-fixes).
- clk: qcom: gcc-sc8280xp: do not use parking clk_ops for QUPs (git-fixes).
- clk: qcom: gcc-sm8550: Do not park the USB RCG at registration time (git-fixes).
- clk: qcom: gcc-sm8550: Do not use parking clk_ops for QUPs (git-fixes).
- clk: qcom: ipq9574: Update the alpha PLL type for GPLLs (git-fixes).
- clk: ti: dra7-atl: Fix leak of of_nodes (git-fixes).
- clocksource/drivers/imx-tpm: Fix next event not taking effect sometime (git-fixes).
- clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX (git-fixes).
- clocksource/drivers/qcom: Add missing iounmap() on errors in msm_dt_timer_init() (git-fixes).
- cpufreq: amd-pstate: Enable amd-pstate preferred core support (stable-fixes).
- cpufreq: amd-pstate: fix the highest frequency issue which limits performance (git-fixes).
- cpufreq: scmi: Avoid overflow of target_freq in fast switch (stable-fixes).
- cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes).
- crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes).
- crypto: ccp - do not request interrupt on cmd completion when irqs disabled (git-fixes).
- crypto: iaa - Fix potential use after free bug (git-fixes).
- crypto: qat - fix unintentional re-enabling of error interrupts (stable-fixes).
- crypto: xor - fix template benchmarking (git-fixes).
- cxl/core: Fix incorrect vendor debug UUID define (git-fixes).
- cxl/pci: Fix to record only non-zero ranges (git-fixes).
- devres: Initialize an uninitialized struct member (stable-fixes).
- dma-buf: heaps: Fix off-by-one in CMA heap fault handler (git-fixes).
- dma-debug: avoid deadlock between dma debug vs printk and netconsole (stable-fixes).
- dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (stable-fixes).
- dmaengine: altera-msgdma: use irq variant of spin_lock/unlock while invoking callbacks (stable-fixes).
- driver core: Fix a potential null-ptr-deref in module_add_driver() (git-fixes).
- driver core: Fix error handling in driver API device_rename() (git-fixes).
- driver: iio: add missing checks on iio_info's callback access (stable-fixes).
- drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes).
- drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes).
- drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes).
- drm/amd/amdgpu: Check tbo resource pointer (stable-fixes).
- drm/amd/amdgpu: Properly tune the size of struct (git-fixes).
- drm/amd/display: Add array index check for hdcp ddc access (stable-fixes).
- drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (git-fixes).
- drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing (stable-fixes).
- drm/amd/display: Assign linear_pitch_alignment even for VM (stable-fixes).
- drm/amd/display: Avoid overflow from uint32_t to uint8_t (stable-fixes).
- drm/amd/display: Avoid race between dcn10_set_drr() and dc_state_destruct() (git-fixes).
- drm/amd/display: Check BIOS images before it is used (stable-fixes).
- drm/amd/display: Check HDCP returned status (stable-fixes).
- drm/amd/display: Check UnboundedRequestEnabled's value (stable-fixes).
- drm/amd/display: Check denominator pbn_div before used (stable-fixes).
- drm/amd/display: Check gpio_id before used as array index (stable-fixes).
- drm/amd/display: Check index for aux_rd_interval before using (stable-fixes).
- drm/amd/display: Check msg_id before processing transcation (stable-fixes).
- drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] (stable-fixes).
- drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX (stable-fixes).
- drm/amd/display: Defer handling mst up request in resume (stable-fixes).
- drm/amd/display: Disable error correction if it's not supported (stable-fixes).
- drm/amd/display: Do not use fsleep for PSR exit waits on dmub replay (stable-fixes).
- drm/amd/display: Ensure array index tg_inst won't be -1 (stable-fixes).
- drm/amd/display: Ensure index calculation will not overflow (stable-fixes).
- drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create (stable-fixes).
- drm/amd/display: Fix Coverity INTEGER_OVERFLOW within decide_fallback_link_setting_max_bw_policy (stable-fixes).
- drm/amd/display: Fix Coverity INTERGER_OVERFLOW within construct_integrated_info (stable-fixes).
- drm/amd/display: Fix FEC_READY write on DP LT (stable-fixes).
- drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box (stable-fixes).
- drm/amd/display: Fix pipe addition logic in calc_blocks_to_ungate DCN35 (stable-fixes).
- drm/amd/display: Handle the case which quad_part is equal 0 (stable-fixes).
- drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection (stable-fixes).
- drm/amd/display: Replace dm_execute_dmub_cmd with dc_wake_and_execute_dmub_cmd (git-fixes).
- drm/amd/display: Run DC_LOG_DC after checking link->link_enc (stable-fixes).
- drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration (stable-fixes).
- drm/amd/display: Skip wbscl_set_scaler_filter if filter is null (stable-fixes).
- drm/amd/display: Solve mst monitors blank out problem after resume (git-fixes).
- drm/amd/display: Spinlock before reading event (stable-fixes).
- drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (stable-fixes).
- drm/amd/display: Wake DMCUB before sending a command for replay feature (stable-fixes).
- drm/amd/display: added NULL check at start of dc_validate_stream (stable-fixes).
- drm/amd/display: handle nulled pipe context in DCE110's set_drr() (git-fixes).
- drm/amd/display: use preferred link settings for dp signal only (stable-fixes).
- drm/amd/pm: Fix negative array index read (stable-fixes).
- drm/amd/pm: check negtive return for table entries (stable-fixes).
- drm/amd/pm: check specific index for aldebaran (stable-fixes).
- drm/amd/pm: check specific index for smu13 (stable-fixes).
- drm/amd/pm: fix the Out-of-bounds read warning (stable-fixes).
- drm/amd/pm: fix uninitialized variable warning (stable-fixes).
- drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr (stable-fixes).
- drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt (stable-fixes).
- drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr (stable-fixes).
- drm/amd/pm: fix warning using uninitialized value of max_vid_step (stable-fixes).
- drm/amd: Add gfx12 swizzle mode defs (stable-fixes).
- drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes).
- drm/amdgpu/display: handle gfx12 in amdgpu_dm_plane_format_mod_supported (stable-fixes).
- drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs (stable-fixes).
- drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc (stable-fixes).
- drm/amdgpu/pm: Fix uninitialized variable agc_btc_response (stable-fixes).
- drm/amdgpu/pm: Fix uninitialized variable warning for smu10 (stable-fixes).
- drm/amdgpu/swsmu: always force a state reprogram on init (stable-fixes).
- drm/amdgpu: Fix get each xcp macro (git-fixes).
- drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (stable-fixes).
- drm/amdgpu: Fix out-of-bounds write warning (stable-fixes).
- drm/amdgpu: Fix smatch static checker warning (stable-fixes).
- drm/amdgpu: Fix the uninitialized variable warning (stable-fixes).
- drm/amdgpu: Fix the warning division or modulo by zero (stable-fixes).
- drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr (stable-fixes).
- drm/amdgpu: Fix uninitialized variable warning in amdgpu_info_ioctl (stable-fixes).
- drm/amdgpu: Handle sg size limit for contiguous allocation (stable-fixes).
- drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes).
- drm/amdgpu: add lock in amdgpu_gart_invalidate_tlb (stable-fixes).
- drm/amdgpu: add lock in kfd_process_dequeue_from_device (stable-fixes).
- drm/amdgpu: add missing error handling in function amdgpu_gmc_flush_gpu_tlb_pasid (stable-fixes).
- drm/amdgpu: add skip_hw_access checks for sriov (stable-fixes).
- drm/amdgpu: align pp_power_profile_mode with kernel docs (stable-fixes).
- drm/amdgpu: avoid reading vf2pf info size from FB (stable-fixes).
- drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes).
- drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes).
- drm/amdgpu: fix a possible null pointer dereference (git-fixes).
- drm/amdgpu: fix contiguous handling for IB parsing v2 (git-fixes).
- drm/amdgpu: fix dereference after null check (stable-fixes).
- drm/amdgpu: fix mc_data out-of-bounds read warning (stable-fixes).
- drm/amdgpu: fix overflowed array index read warning (stable-fixes).
- drm/amdgpu: fix overflowed constant warning in mmhub_set_clockgating() (stable-fixes).
- drm/amdgpu: fix the waring dereferencing hive (stable-fixes).
- drm/amdgpu: fix ucode out-of-bounds read warning (stable-fixes).
- drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
- drm/amdgpu: handle gfx12 in amdgpu_display_verify_sizes (stable-fixes).
- drm/amdgpu: properly handle vbios fake edid sizing (git-fixes).
- drm/amdgpu: reject gang submit on reserved VMIDs (stable-fixes).
- drm/amdgpu: the warning dereferencing obj for nbio_v7_4 (stable-fixes).
- drm/amdgpu: update type of buf size to u32 for eeprom functions (stable-fixes).
- drm/amdgu: fix Unintentional integer overflow for mall size (stable-fixes).
- drm/amdkfd: Check debug trap enable before write dbg_ev_file (stable-fixes).
- drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device (stable-fixes).
- drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes).
- drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ (stable-fixes).
- drm/drm-bridge: Drop conditionals around of_node pointers (stable-fixes).
- drm/fb-helper: Do not schedule_work() to flush frame buffer during panic() (stable-fixes).
- drm/gpuvm: fix missing dependency to DRM_EXEC (git-fixes).
- drm/i915/fence: Mark debug_fence_free() with __maybe_unused (git-fixes).
- drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused (git-fixes).
- drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes).
- drm/i915: Do not attempt to load the GSC multiple times (git-fixes).
- drm/kfd: Correct pinned buffer handling at kfd restore and validate process (stable-fixes).
- drm/mediatek: Set sensible cursor width/height values to fix crash (stable-fixes).
- drm/mediatek: ovl_adaptor: Add missing of_node_put() (git-fixes).
- drm/meson: plane: Add error handling (stable-fixes).
- drm/msm/a5xx: disable preemption in submits by default (git-fixes).
- drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes).
- drm/msm/a5xx: properly clear preemption records on resume (git-fixes).
- drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes).
- drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes).
- drm/msm/dsi: correct programming sequence for SM8350 / SM8450 (git-fixes).
- drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes).
- drm/msm: fix %s null argument error (git-fixes).
- drm/nouveau/fb: restore init() for ramgp102 (git-fixes).
- drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-fixes).
- drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-fixes).
- drm/radeon: properly handle vbios fake edid sizing (git-fixes).
- drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-fixes).
- drm/rockchip: vop: Allow 4096px width scaling (git-fixes).
- drm/rockchip: vop: clear DMA stop bit on RK3066 (git-fixes).
- drm/rockchip: vop: enable VOP_FEATURE_INTERNAL_RGB on RK3066 (git-fixes).
- drm/stm: Fix an error handling path in stm_drm_platform_probe() (git-fixes).
- drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes).
- drm/syncobj: Fix syncobj leak in drm_syncobj_eventfd_ioctl (git-fixes).
- drm/vc4: hdmi: Handle error case of pm_runtime_resume_and_get (git-fixes).
- drm: komeda: Fix an issue related to normalized zpos (stable-fixes).
- drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Ayn Loki Max (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OrangePi Neo (stable-fixes).
- ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() (git-fixes).
- erofs: fix incorrect symlink detection in fast symlink (git-fixes).
- exfat: fix memory leak in exfat_load_bitmap() (git-fixes).
- fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes).
- firmware: arm_scmi: Fix double free in OPTEE transport (git-fixes).
- firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() (git-fixes).
- firmware_loader: Block path traversal (git-fixes).
- fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230602).
- fuse: fix memory leak in fuse_create_open (bsc#1230124).
- fuse: update stats for pages in dropped aux writeback list (bsc#1230125).
- fuse: use unsigned type for getxattr/listxattr size truncation (bsc#1230123).
- gpio: modepin: Enable module autoloading (git-fixes).
- gpio: rockchip: fix OF node leak in probe() (git-fixes).
- hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes).
- hwmon: (asus-ec-sensors) remove VRM temp X570-E GAMING (stable-fixes).
- hwmon: (k10temp) Check return value of amd_smn_read() (stable-fixes).
- hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-fixes).
- hwmon: (max16065) Fix overflows seen when writing limits (git-fixes).
- hwmon: (nct6775-core) Fix underflows seen when writing limit attributes (stable-fixes).
- hwmon: (ntc_thermistor) fix module autoloading (git-fixes).
- hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >= 1.2 (git-fixes).
- hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes).
- hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-fixes).
- hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-fixes).
- hwrng: mtk - Use devm_pm_runtime_enable (git-fixes).
- i2c: aspeed: Update the stop sw state when the bus recovery occurs (git-fixes).
- i2c: designware: fix controller is holding SCL low while ENABLE bit is disabled (git-fixes).
- i2c: isch: Add missed 'else' (git-fixes).
- i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes).
- i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition (git-fixes).
- i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-fixes).
- iio: adc: ad7124: fix chip ID mismatch (git-fixes).
- iio: adc: ad7124: fix config comparison (git-fixes).
- iio: adc: ad7606: fix oversampling gpio array (git-fixes).
- iio: adc: ad7606: fix standby gpio state to match the documentation (git-fixes).
- iio: adc: ad7606: remove frstdata check for serial mode (git-fixes).
- iio: buffer-dmaengine: fix releasing dma channel on error (git-fixes).
- iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-fixes).
- iio: fix scale application in iio_convert_raw_to_processed_unlocked (git-fixes).
- iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes).
- ipmi: docs: do not advertise deprecated sysfs entries (git-fixes).
- ipmi:ssif: Improve detecting during probing (bsc#1228771)
- ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230206)
- jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes).
- kABI workaround for cros_ec stuff (git-fixes).
- kABI: Split kABI out of 'io_uring/kbuf: get rid of bl->is_ready'
- kABI: Split kABI out of 'io_uring: Re-add dummy_ubuf for kABI purposes'
- kABI: Split kABI out of io_uring/kbuf: protect io_buffer_list teardown with a reference
- kabi: dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776).
- kselftests: dmabuf-heaps: Ensure the driver name is null-terminated (stable-fixes).
- kthread: Fix task state in kthread worker if being frozen (bsc#1231146).
- leds: spi-byte: Call of_node_put() on error path (stable-fixes).
- lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (stable-fixes).
- lirc: rc_dev_get_from_fd(): fix file leak (git-fixes).
- mailbox: bcm2835: Fix timeout during suspend mode (git-fixes).
- mailbox: rockchip: fix a typo in module autoloading (git-fixes).
- media: i2c: ar0521: Use cansleep version of gpiod_set_value() (git-fixes).
- media: ov5675: Fix power on/off delay timings (git-fixes).
- media: platform: rzg2l-cru: rzg2l-csi2: Add missing MODULE_DEVICE_TABLE (git-fixes).
- media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes).
- media: qcom: camss: Remove use_count guard in stop_streaming (git-fixes).
- media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes).
- media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes).
- media: uvcvideo: Enforce alignment of frame and interval (stable-fixes).
- media: venus: fix use after free bug in venus_remove due to race condition (git-fixes).
- media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes).
- media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes).
- media: vivid: fix wrong sizeimage value for mplane (stable-fixes).
- memory: mtk-smi: Use devm_clk_get_enabled() (git-fixes).
- memory: tegra186-emc: drop unused to_tegra186_emc() (git-fixes).
- minmax: reduce min/max macro expansion in atomisp driver (git-fixes).
- misc: fastrpc: Fix double free of 'buf' in error path (git-fixes).
- mmc: core: apply SD quirks earlier during probe (git-fixes).
- mmc: cqhci: Fix checking of CQHCI_HALT state (git-fixes).
- mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K (git-fixes).
- mmc: sdhci-of-aspeed: fix module autoloading (git-fixes).
- module: Fix KCOV-ignored file name (git-fixes).
- mtd: powernv: Add check devm_kasprintf() returned value (git-fixes).
- mtd: slram: insert break after errors in parsing the map (git-fixes).
- net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git-fixes).
- net: phy: Fix missing of_node_put() for leds (git-fixes).
- net: phy: vitesse: repair vsc73xx autonegotiation (stable-fixes).
- net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes).
- net: usb: qmi_wwan: add MeiG Smart SRM825L (stable-fixes).
- nfsd: Do not leave work of closing files to a work queue (bsc#1228140).
- nilfs2: determine empty node blocks as corrupted (git-fixes).
- nilfs2: fix missing cleanup on rollforward recovery error (git-fixes).
- nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes).
- nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes).
- nilfs2: fix state management in error path of log writing function (git-fixes).
- nilfs2: protect references to superblock parameters exposed in sysfs (git-fixes).
- nouveau: fix the fwsec sb verification register (git-fixes).
- nvme-multipath: avoid hang on inaccessible namespaces (bsc#1228244).
- nvme-multipath: system fails to create generic nvme device (bsc#1228244).
- nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes).
- nvme-pci: allocate tagset on reset if necessary (git-fixes).
- nvme-tcp: fix link failure for TCP auth (git-fixes).
- nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes).
- nvme: clear caller pointer on identify failure (git-fixes).
- nvme: fix namespace removal list (git-fixes).
- nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes).
- nvmet-tcp: do not continue for invalid icreq (git-fixes).
- nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes).
- nvmet-trace: avoid dereferencing pointer too early (git-fixes).
- nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes).
- ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes).
- ocfs2: fix null-ptr-deref when journal load failed (git-fixes).
- ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes).
- ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes).
- pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes).
- pcmcia: Use resource_size function on resource object (stable-fixes).
- perf annotate: Introduce global annotation_options (git-fixes).
- perf annotate: Split branch stack cycles information out of 'struct annotation_line' (git-fixes).
- perf annotate: Use global annotation_options (git-fixes).
- perf arch events: Fix duplicate RISC-V SBI firmware event name (git-fixes).
- perf intel-pt: Fix aux_watermark calculation for 64-bit size (git-fixes).
- perf intel-pt: Fix exclude_guest setting (git-fixes).
- perf machine thread: Remove exited threads by default (git-fixes).
- perf maps: Move symbol maps functions to maps.c (git-fixes).
- perf pmu: Assume sysfs events are always the same case (git-fixes).
- perf pmus: Fixes always false when compare duplicates aliases (git-fixes).
- perf record: Lazy load kernel symbols (git-fixes).
- perf report: Convert to the global annotation_options (git-fixes).
- perf report: Fix condition in sort__sym_cmp() (git-fixes).
- perf stat: Fix the hard-coded metrics calculation on the hybrid (git-fixes).
- perf test: Make test_arm_callgraph_fp.sh more robust (git-fixes).
- perf tool: fix dereferencing NULL al->maps (git-fixes).
- perf tools: Add/use PMU reverse lookup from config to name (git-fixes).
- perf tools: Use pmus to describe type from attribute (git-fixes).
- perf top: Convert to the global annotation_options (git-fixes).
- perf/core: Fix missing wakeup when waiting for context reference (git-fixes).
- perf/x86/intel/cstate: Add pkg C2 residency counter for Sierra Forest (git-fixes).
- perf/x86/intel/cstate: Fix Alderlake/Raptorlake/Meteorlake (git-fixes).
- perf/x86/intel/ds: Fix non 0 retire latency on Raptorlake (git-fixes).
- perf/x86/intel/pt: Fix a topa_entry base address calculation (git-fixes).
- perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (git-fixes).
- perf/x86/intel/pt: Fix topa_entry base length (git-fixes).
- perf/x86/intel/uncore: Fix the bits of the CHA extended umask for SPR (git-fixes).
- perf/x86/intel/uncore: Support HBM and CXL PMON counters (bsc#1230119).
- perf/x86/intel: Add a distinct name for Granite Rapids (git-fixes).
- perf/x86/intel: Factor out the initialization code for SPR (git fixes).
- perf/x86/intel: Limit the period on Haswell (git-fixes).
- perf/x86/intel: Use the common uarch name for the shared functions (git fixes).
- perf/x86/uncore: Apply the unit control RB tree to MMIO uncore units (bsc#1230119).
- perf/x86/uncore: Apply the unit control RB tree to MSR uncore units (bsc#1230119).
- perf/x86/uncore: Apply the unit control RB tree to PCI uncore units (bsc#1230119).
- perf/x86/uncore: Cleanup unused unit structure (bsc#1230119).
- perf/x86/uncore: Retrieve the unit ID from the unit control RB tree (bsc#1230119).
- perf/x86/uncore: Save the unit control address of all units (bsc#1230119).
- perf/x86/uncore: Support per PMU cpumask (bsc#1230119).
- perf/x86: Fix smp_processor_id()-in-preemptible warnings (git-fixes).
- perf/x86: Serialize set_attr_rdpmc() (git-fixes).
- perf: Fix default aux_watermark calculation (git-fixes).
- perf: Fix event leak upon exit (git-fixes).
- perf: Fix perf_aux_size() for greater-than 32-bit size (git-fixes).
- perf: Prevent passing zero nr_pages to rb_alloc_aux() (git-fixes).
- perf: script: add raw|disasm arguments to --insn-trace option (git-fixes).
- phy: zynqmp: Take the phy mutex in xlate (stable-fixes).
- pinctrl: at91: make it work with current gpiolib (stable-fixes).
- pinctrl: meteorlake: Add Arrow Lake-H/U ACPI ID (stable-fixes).
- pinctrl: single: fix missing error code in pcs_probe() (git-fixes).
- platform/chrome: cros_ec_lpc: MEC access can use an AML mutex (stable-fixes).
- platform/surface: aggregator_registry: Add Support for Surface Pro 10 (stable-fixes).
- platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 (stable-fixes).
- platform/x86: dell-smbios: Fix error path in dell_smbios_init() (git-fixes).
- platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes).
- platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-fixes).
- platform/x86: x86-android-tablets: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes).
- power: supply: axp20x_battery: Remove design from min and max voltage (git-fixes).
- power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes).
- power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes).
- powercap/intel_rapl: Add support for AMD family 1Ah (stable-fixes).
- powerpc/qspinlock: Fix deadlock in MCS queue (bac#1230295 ltc#206656).
- pwm: xilinx: Fix u32 overflow issue in 32-bit width PWM mode (stable-fixes).
- r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes).
- regmap: maple: work around gcc-14.1 false-positive warning (stable-fixes).
- regmap: spi: Fix potential off-by-one when calculating reserved size (stable-fixes).
- regulator: Return actual error in of_regulator_bulk_get_all() (git-fixes).
- regulator: core: Fix regulator_is_supported_voltage() kerneldoc return value (git-fixes).
- regulator: core: Fix short description for _regulator_check_status_enabled() (git-fixes).
- regulator: core: Stub devm_regulator_bulk_get_const() if !CONFIG_REGULATOR (git-fixes).
- regulator: rt5120: Convert comma to semicolon (git-fixes).
- regulator: wm831x-isink: Convert comma to semicolon (git-fixes).
- remoteproc: imx_rproc: Correct ddr alias for i.MX8M (git-fixes).
- remoteproc: imx_rproc: Initialize workqueue earlier (git-fixes).
- remoteproc: k3-r5: Fix error handling when power-up failed (git-fixes).
- reset: berlin: fix OF node leak in probe() error path (git-fixes).
- reset: k210: fix OF node leak in probe() error path (git-fixes).
- resource: fix region_intersects() vs add_memory_driver_managed() (git-fixes).
- rtc: at91sam9: fix OF node leak in probe() error path (git-fixes).
- s390/dasd: Fix redundant /proc/dasd* entries removal (bsc#1227694).
- s390/dasd: Remove DMA alignment (LTC#208933 bsc#1230426 git-fixes).
- s390/mm: Convert gmap_make_secure to use a folio (git-fixes bsc#1230562).
- s390/mm: Convert make_page_secure to use a folio (git-fixes bsc#1230563).
- s390: allow pte_offset_map_lock() to fail (git-fixes bsc#1230564).
- scripts: kconfig: merge_config: config files: add a trailing newline (stable-fixes).
- scripts: sphinx-pre-install: remove unnecessary double check for $cur_version (git-fixes).
- scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223).
- scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Fix overflow build issue (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1229429 jsc#PED-9899).
- scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848).
- selftests: lib: remove strscpy test (git-fixes).
- selinux,smack: do not bypass permissions check in inode_setsecctx hook (stable-fixes).
- soc: fsl: cpm1: tsa: Fix tsa_write8() (git-fixes).
- soc: versatile: integrator: fix OF node leak in probe() error path (git-fixes).
- spi: atmel-quadspi: Avoid overwriting delay register settings (git-fixes).
- spi: atmel-quadspi: Undo runtime PM changes at driver exit time (git-fixes).
- spi: bcm63xx: Enable module autoloading (stable-fixes).
- spi: bcm63xx: Fix module autoloading (git-fixes).
- spi: meson-spicc: convert comma to semicolon (git-fixes).
- spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes).
- spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ (git-fixes).
- spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes).
- spi: rockchip: Resolve unbalanced runtime PM / system PM handling (git-fixes).
- spi: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes).
- spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time (git-fixes).
- spi: spidev: Add an entry for elgin,jg10309-01 (stable-fixes).
- spi: spidev: Add missing spi_device_id for jg10309-01 (git-fixes).
- staging: iio: frequency: ad9834: Validate frequency parameter value (git-fixes).
- supported.conf: mark adiantum and xctr crypto modules as supported (bsc#1231035)
- thunderbolt: Fix XDomain rx_lanes_show and tx_lanes_show (git-fixes).
- thunderbolt: Fix calculation of consumed USB3 bandwidth on a path (git-fixes).
- thunderbolt: Fix rollback in tb_port_lane_bonding_enable() for lane 1 (git-fixes).
- thunderbolt: There are only 5 basic router registers in pre-USB4 routers (git-fixes).
- tomoyo: fallback to realpath if symlink's pathname does not exist (git-fixes).
- tools/perf: Fix the string match for "/tmp/perf-$PID.map" files in dso__load (git-fixes).
- tpm: Clean up TPM space after command failure (git-fixes).
- tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes).
- tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes).
- uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git-fixes).
- usb: cdnsp: Fix incorrect usb_request status (git-fixes).
- usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes).
- usb: dwc2: drd: fix clock gating on USB role switch (git-fixes).
- usb: dwc3: Avoid waking up gadget during startxfer (git-fixes).
- usb: dwc3: core: Prevent USB core invalid event buffer address access (git-fixes).
- usb: dwc3: core: Prevent USB core invalid event buffer address access (stable-fixes).
- usb: dwc3: core: update LC timer as per USB Spec V3.2 (stable-fixes).
- usb: gadget: aspeed_udc: validate endpoint index for ast udc (stable-fixes).
- usb: typec: ucsi: Fix null pointer dereference in trace (stable-fixes).
- usb: typec: ucsi: Wait 20ms before reading CCI after a reset (git-fixes).
- usb: uas: set host status byte on data completion error (stable-fixes).
- usbip: Do not submit special requests twice (stable-fixes).
- usbnet: ipheth: add CDC NCM support (git-fixes).
- usbnet: ipheth: do not stop RX on failing RX callback (git-fixes).
- usbnet: ipheth: drop RX URBs with no payload (git-fixes).
- usbnet: ipheth: fix carrier detection in modes 1 and 4 (git-fixes).
- usbnet: ipheth: fix risk of NULL pointer deallocation (git-fixes).
- usbnet: ipheth: race between ipheth_close and error handling (stable-fixes).
- usbnet: ipheth: remove extraneous rx URB length check (git-fixes).
- usbnet: ipheth: transmit URBs without trailing padding (git-fixes).
- usbnet: modern method to get random MAC (git-fixes).
- virtio-net: synchronize probe with ndo_set_features (git-fixes).
- virtio_net: Fix napi_skb_cache_put warning (git-fixes).
- virtio_net: fixing XDP for fully checksummed packets handling (git-fixes).
- watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes).
- wifi: ath11k: initialize 'ret' in ath11k_qmi_load_file_target_mem() (stable-fixes).
- wifi: ath12k: fix BSS chan info request WMI command (git-fixes).
- wifi: ath12k: fix firmware crash due to invalid peer nss (stable-fixes).
- wifi: ath12k: fix invalid AMPDU factor calculation in ath12k_peer_assoc_h_he() (git-fixes).
- wifi: ath12k: fix uninitialize symbol error on ath12k_peer_assoc_h_he() (stable-fixes).
- wifi: ath12k: initialize 'ret' in ath12k_dp_rxdma_ring_sel_config_wcn7850() (stable-fixes).
- wifi: ath12k: initialize 'ret' in ath12k_qmi_load_file_target_mem() (stable-fixes).
- wifi: ath12k: match WMI BSS chan info structure with firmware definition (git-fixes).
- wifi: ath9k: Remove error checks when creating debugfs entries (git-fixes).
- wifi: brcmfmac: introducing fwil query functions (git-fixes).
- wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes).
- wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes).
- wifi: cfg80211: fix bug of mapping AF3x to incorrect User Priority (git-fixes).
- wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-fixes).
- wifi: cfg80211: make hash table duplicates more survivable (stable-fixes).
- wifi: cfg80211: restrict operation during radar detection (stable-fixes).
- wifi: iwlwifi: clear trans->state earlier upon error (stable-fixes).
- wifi: iwlwifi: lower message level for FW buffer destination (stable-fixes).
- wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (stable-fixes).
- wifi: iwlwifi: mvm: fix iwl_mvm_max_scan_ie_fw_cmd_room() (stable-fixes).
- wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation (stable-fixes).
- wifi: iwlwifi: mvm: increase the time between ranging measurements (git-fixes).
- wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (stable-fixes).
- wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check (stable-fixes).
- wifi: mac80211: check ieee80211_bss_info_change_notify() against MLD (stable-fixes).
- wifi: mac80211: do not use rate mask for offchannel TX either (git-fixes).
- wifi: mac80211: fix the comeback long retry times (git-fixes).
- wifi: mac80211: free skb on error path in ieee80211_beacon_get_ap() (stable-fixes).
- wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-fixes).
- wifi: mt76: connac: fix checksum offload fields of connac3 RXD (git-fixes).
- wifi: mt76: mt7603: fix mixed declarations and code (git-fixes).
- wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes).
- wifi: mt76: mt7915: check devm_kasprintf() returned value (git-fixes).
- wifi: mt76: mt7915: fix oops on non-dbdc mt7986 (git-fixes).
- wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-fixes).
- wifi: mt76: mt7921: Check devm_kasprintf() returned value (git-fixes).
- wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change (stable-fixes).
- wifi: mt76: mt7921: fix wrong UNII-4 freq range check for the channel usage (git-fixes).
- wifi: mt76: mt7925: fix a potential array-index-out-of-bounds issue for clc (git-fixes).
- wifi: mt76: mt7996: fix EHT beamforming capability check (git-fixes).
- wifi: mt76: mt7996: fix HE and EHT beamforming capabilities (git-fixes).
- wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he (git-fixes).
- wifi: mt76: mt7996: fix traffic delay when switching back to working channel (git-fixes).
- wifi: mt76: mt7996: fix uninitialized TLV data (git-fixes).
- wifi: mt76: mt7996: fix wmm set of station interface to 3 (git-fixes).
- wifi: mt76: mt7996: use hweight16 to get correct tx antenna (git-fixes).
- wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes).
- wifi: rtw88: 8822c: Fix reported RX band width (git-fixes).
- wifi: rtw88: always wait for both firmware loading attempts (git-fixes).
- wifi: rtw88: remove CPT execution branch never used (git-fixes).
- wifi: rtw88: usb: schedule rx work after everything is set up (stable-fixes).
- wifi: rtw89: ser: avoid multiple deinit on same CAM (stable-fixes).
- wifi: rtw89: wow: prevent to send unexpected H2C during download Firmware (stable-fixes).
- wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes).
- x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes).
- x86/kaslr: Expose and use the end of the physical memory address space (bsc#1229443).
- x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382).
- x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382).
- x86/mm: Use lookup_address_in_pgd_attr() in show_fault_oops() (bsc#1221527).
- x86/pat: Fix W^X violation false-positives when running as Xen PV guest (bsc#1221527).
- x86/pat: Introduce lookup_address_in_pgd_attr() (bsc#1221527).
- x86/pat: Restructure _lookup_address_cpa() (bsc#1221527).
- xen/swiotlb: add alignment check for dma buffers (bsc#1229928).
- xen/swiotlb: fix allocated size (git-fixes).
- xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003).
- xen: allow mapping ACPI data using a different physical address (bsc#1226003).
- xen: introduce generic helper checking for memory map conflicts (bsc#1226003).
- xen: move checks for e820 conflicts further up (bsc#1226003).
- xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003).
- xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003).
- xen: use correct end address of kernel for conflict checking (bsc#1226003).
- xfs: restrict when we try to align cow fork delalloc to cowextsz hints (git-fixes).
- xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git-fixes).
- xz: cleanup CRC32 edits from 2018 (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1183045SUSE bug 1215199SUSE bug 1216223SUSE bug 1216776SUSE bug 1220382SUSE bug 1221527SUSE bug 1221610SUSE bug 1221650SUSE bug 1222629SUSE bug 1223600SUSE bug 1223848SUSE bug 1225487SUSE bug 1225812SUSE bug 1225903SUSE bug 1226003SUSE bug 1226507SUSE bug 1226606SUSE bug 1226666SUSE bug 1226846SUSE bug 1226860SUSE bug 1227487SUSE bug 1227694SUSE bug 1227726SUSE bug 1227819SUSE bug 1227885SUSE bug 1227890SUSE bug 1227962SUSE bug 1228090SUSE bug 1228140SUSE bug 1228244SUSE bug 1228507SUSE bug 1228771SUSE bug 1229001SUSE bug 1229004SUSE bug 1229019SUSE bug 1229086SUSE bug 1229167SUSE bug 1229169SUSE bug 1229289SUSE bug 1229334SUSE bug 1229362SUSE bug 1229363SUSE bug 1229364SUSE bug 1229371SUSE bug 1229380SUSE bug 1229389SUSE bug 1229394SUSE bug 1229429SUSE bug 1229443SUSE bug 1229452SUSE bug 1229455SUSE bug 1229456SUSE bug 1229494SUSE bug 1229585SUSE bug 1229753SUSE bug 1229764SUSE bug 1229768SUSE bug 1229790SUSE bug 1229810SUSE bug 1229899SUSE bug 1229928SUSE bug 1230015SUSE bug 1230119SUSE bug 1230123SUSE bug 1230124SUSE bug 1230125SUSE bug 1230169SUSE bug 1230170SUSE bug 1230171SUSE bug 1230173SUSE bug 1230174SUSE bug 1230175SUSE bug 1230176SUSE bug 1230178SUSE bug 1230180SUSE bug 1230181SUSE bug 1230185SUSE bug 1230191SUSE bug 1230192SUSE bug 1230193SUSE bug 1230194SUSE bug 1230195SUSE bug 1230200SUSE bug 1230204SUSE bug 1230206SUSE bug 1230207SUSE bug 1230209SUSE bug 1230211SUSE bug 1230213SUSE bug 1230217SUSE bug 1230221SUSE bug 1230224SUSE bug 1230230SUSE bug 1230232SUSE bug 1230233SUSE bug 1230240SUSE bug 1230244SUSE bug 1230245SUSE bug 1230247SUSE bug 1230248SUSE bug 1230269SUSE bug 1230270SUSE bug 1230295SUSE bug 1230340SUSE bug 1230413SUSE bug 1230426SUSE bug 1230430SUSE bug 1230431SUSE bug 1230432SUSE bug 1230433SUSE bug 1230434SUSE bug 1230435SUSE bug 1230440SUSE bug 1230441SUSE bug 1230442SUSE bug 1230444SUSE bug 1230450SUSE bug 1230451SUSE bug 1230454SUSE bug 1230455SUSE bug 1230457SUSE bug 1230459SUSE bug 1230506SUSE bug 1230507SUSE bug 1230511SUSE bug 1230515SUSE bug 1230517SUSE bug 1230518SUSE bug 1230519SUSE bug 1230520SUSE bug 1230521SUSE bug 1230524SUSE bug 1230526SUSE bug 1230533SUSE bug 1230535SUSE bug 1230539SUSE bug 1230540SUSE bug 1230549SUSE bug 1230556SUSE bug 1230562SUSE bug 1230563SUSE bug 1230564SUSE bug 1230580SUSE bug 1230582SUSE bug 1230589SUSE bug 1230602SUSE bug 1230699SUSE bug 1230700SUSE bug 1230701SUSE bug 1230702SUSE bug 1230703SUSE bug 1230704SUSE bug 1230705SUSE bug 1230706SUSE bug 1230709SUSE bug 1230711SUSE bug 1230712SUSE bug 1230715SUSE bug 1230719SUSE bug 1230722SUSE bug 1230724SUSE bug 1230725SUSE bug 1230726SUSE bug 1230727SUSE bug 1230730SUSE bug 1230731SUSE bug 1230732SUSE bug 1230747SUSE bug 1230748SUSE bug 1230749SUSE bug 1230751SUSE bug 1230752SUSE bug 1230753SUSE bug 1230756SUSE bug 1230761SUSE bug 1230766SUSE bug 1230767SUSE bug 1230768SUSE bug 1230771SUSE bug 1230772SUSE bug 1230775SUSE bug 1230776SUSE bug 1230780SUSE bug 1230783SUSE bug 1230786SUSE bug 1230787SUSE bug 1230791SUSE bug 1230794SUSE bug 1230796SUSE bug 1230802SUSE bug 1230806SUSE bug 1230808SUSE bug 1230809SUSE bug 1230810SUSE bug 1230812SUSE bug 1230813SUSE bug 1230814SUSE bug 1230815SUSE bug 1230821SUSE bug 1230825SUSE bug 1230830SUSE bug 1230831SUSE bug 1230854SUSE bug 1230948SUSE bug 1231008SUSE bug 1231035SUSE bug 1231120SUSE bug 1231146SUSE bug 1231182SUSE bug 1231183CVE-2023-52610 at SUSECVE-2023-52610 at NVDCVE-2023-52752 at SUSECVE-2023-52752 at NVDCVE-2023-52915 at SUSECVE-2023-52915 at NVDCVE-2023-52916 at SUSECVE-2023-52916 at NVDCVE-2024-26640 at SUSECVE-2024-26640 at NVDCVE-2024-26759 at SUSECVE-2024-26759 at NVDCVE-2024-26804 at SUSECVE-2024-26804 at NVDCVE-2024-36953 at SUSECVE-2024-36953 at NVDCVE-2024-38538 at SUSECVE-2024-38538 at NVDCVE-2024-38596 at SUSECVE-2024-38596 at NVDCVE-2024-38632 at SUSECVE-2024-38632 at NVDCVE-2024-40965 at SUSECVE-2024-40965 at NVDCVE-2024-40973 at SUSECVE-2024-40973 at NVDCVE-2024-40983 at SUSECVE-2024-40983 at NVDCVE-2024-42154 at SUSECVE-2024-42154 at NVDCVE-2024-42243 at SUSECVE-2024-42243 at NVDCVE-2024-42252 at SUSECVE-2024-42252 at NVDCVE-2024-42265 at SUSECVE-2024-42265 at NVDCVE-2024-42294 at SUSECVE-2024-42294 at NVDCVE-2024-42304 at SUSECVE-2024-42304 at NVDCVE-2024-42305 at SUSECVE-2024-42305 at NVDCVE-2024-42306 at SUSECVE-2024-42306 at NVDCVE-2024-43828 at SUSECVE-2024-43828 at NVDCVE-2024-43832 at SUSECVE-2024-43832 at NVDCVE-2024-43835 at SUSECVE-2024-43835 at NVDCVE-2024-43845 at SUSECVE-2024-43845 at NVDCVE-2024-43870 at SUSECVE-2024-43870 at NVDCVE-2024-43890 at SUSECVE-2024-43890 at NVDCVE-2024-43898 at SUSECVE-2024-43898 at NVDCVE-2024-43904 at SUSECVE-2024-43904 at NVDCVE-2024-43914 at SUSECVE-2024-43914 at NVDCVE-2024-44935 at SUSECVE-2024-44935 at NVDCVE-2024-44944 at SUSECVE-2024-44944 at NVDCVE-2024-44946 at SUSECVE-2024-44946 at NVDCVE-2024-44947 at SUSECVE-2024-44947 at NVDCVE-2024-44948 at SUSECVE-2024-44948 at NVDCVE-2024-44950 at SUSECVE-2024-44950 at NVDCVE-2024-44951 at SUSECVE-2024-44951 at NVDCVE-2024-44952 at SUSECVE-2024-44952 at NVDCVE-2024-44954 at SUSECVE-2024-44954 at NVDCVE-2024-44960 at SUSECVE-2024-44960 at NVDCVE-2024-44961 at SUSECVE-2024-44961 at NVDCVE-2024-44962 at SUSECVE-2024-44962 at NVDCVE-2024-44965 at SUSECVE-2024-44965 at NVDCVE-2024-44967 at SUSECVE-2024-44967 at NVDCVE-2024-44969 at SUSECVE-2024-44969 at NVDCVE-2024-44970 at SUSECVE-2024-44970 at NVDCVE-2024-44971 at SUSECVE-2024-44971 at NVDCVE-2024-44977 at SUSECVE-2024-44977 at NVDCVE-2024-44982 at SUSECVE-2024-44982 at NVDCVE-2024-44984 at SUSECVE-2024-44984 at NVDCVE-2024-44985 at SUSECVE-2024-44985 at NVDCVE-2024-44986 at SUSECVE-2024-44986 at NVDCVE-2024-44987 at SUSECVE-2024-44987 at NVDCVE-2024-44988 at SUSECVE-2024-44988 at NVDCVE-2024-44989 at SUSECVE-2024-44989 at NVDCVE-2024-44990 at SUSECVE-2024-44990 at NVDCVE-2024-44991 at SUSECVE-2024-44991 at NVDCVE-2024-44997 at SUSECVE-2024-44997 at NVDCVE-2024-44998 at SUSECVE-2024-44998 at NVDCVE-2024-44999 at SUSECVE-2024-44999 at NVDCVE-2024-45000 at SUSECVE-2024-45000 at NVDCVE-2024-45001 at SUSECVE-2024-45001 at NVDCVE-2024-45002 at SUSECVE-2024-45002 at NVDCVE-2024-45003 at SUSECVE-2024-45003 at NVDCVE-2024-45005 at SUSECVE-2024-45005 at NVDCVE-2024-45006 at SUSECVE-2024-45006 at NVDCVE-2024-45007 at SUSECVE-2024-45007 at NVDCVE-2024-45008 at SUSECVE-2024-45008 at NVDCVE-2024-45011 at SUSECVE-2024-45011 at NVDCVE-2024-45012 at SUSECVE-2024-45012 at NVDCVE-2024-45013 at SUSECVE-2024-45013 at NVDCVE-2024-45015 at SUSECVE-2024-45015 at NVDCVE-2024-45017 at SUSECVE-2024-45017 at NVDCVE-2024-45018 at SUSECVE-2024-45018 at NVDCVE-2024-45019 at SUSECVE-2024-45019 at NVDCVE-2024-45020 at SUSECVE-2024-45020 at NVDCVE-2024-45021 at SUSECVE-2024-45021 at NVDCVE-2024-45022 at SUSECVE-2024-45022 at NVDCVE-2024-45023 at SUSECVE-2024-45023 at NVDCVE-2024-45026 at SUSECVE-2024-45026 at NVDCVE-2024-45028 at SUSECVE-2024-45028 at NVDCVE-2024-45029 at SUSECVE-2024-45029 at NVDCVE-2024-45030 at SUSECVE-2024-45030 at NVDCVE-2024-46672 at SUSECVE-2024-46672 at NVDCVE-2024-46673 at SUSECVE-2024-46673 at NVDCVE-2024-46674 at SUSECVE-2024-46674 at NVDCVE-2024-46675 at SUSECVE-2024-46675 at NVDCVE-2024-46676 at SUSECVE-2024-46676 at NVDCVE-2024-46677 at SUSECVE-2024-46677 at NVDCVE-2024-46679 at SUSECVE-2024-46679 at NVDCVE-2024-46685 at SUSECVE-2024-46685 at NVDCVE-2024-46686 at SUSECVE-2024-46686 at NVDCVE-2024-46687 at SUSECVE-2024-46687 at NVDCVE-2024-46689 at SUSECVE-2024-46689 at NVDCVE-2024-46691 at SUSECVE-2024-46691 at NVDCVE-2024-46692 at SUSECVE-2024-46692 at NVDCVE-2024-46693 at SUSECVE-2024-46693 at NVDCVE-2024-46694 at SUSECVE-2024-46694 at NVDCVE-2024-46695 at SUSECVE-2024-46695 at NVDCVE-2024-46702 at SUSECVE-2024-46702 at NVDCVE-2024-46706 at SUSECVE-2024-46706 at NVDCVE-2024-46707 at SUSECVE-2024-46707 at NVDCVE-2024-46709 at SUSECVE-2024-46709 at NVDCVE-2024-46710 at SUSECVE-2024-46710 at NVDCVE-2024-46714 at SUSECVE-2024-46714 at NVDCVE-2024-46715 at SUSECVE-2024-46715 at NVDCVE-2024-46716 at SUSECVE-2024-46716 at NVDCVE-2024-46717 at SUSECVE-2024-46717 at NVDCVE-2024-46719 at SUSECVE-2024-46719 at NVDCVE-2024-46720 at SUSECVE-2024-46720 at NVDCVE-2024-46722 at SUSECVE-2024-46722 at NVDCVE-2024-46723 at SUSECVE-2024-46723 at NVDCVE-2024-46724 at SUSECVE-2024-46724 at NVDCVE-2024-46725 at SUSECVE-2024-46725 at NVDCVE-2024-46726 at SUSECVE-2024-46726 at NVDCVE-2024-46728 at SUSECVE-2024-46728 at NVDCVE-2024-46729 at SUSECVE-2024-46729 at NVDCVE-2024-46730 at SUSECVE-2024-46730 at NVDCVE-2024-46731 at SUSECVE-2024-46731 at NVDCVE-2024-46732 at SUSECVE-2024-46732 at NVDCVE-2024-46734 at SUSECVE-2024-46734 at NVDCVE-2024-46735 at SUSECVE-2024-46735 at NVDCVE-2024-46737 at SUSECVE-2024-46737 at NVDCVE-2024-46738 at SUSECVE-2024-46738 at NVDCVE-2024-46739 at SUSECVE-2024-46739 at NVDCVE-2024-46741 at SUSECVE-2024-46741 at NVDCVE-2024-46743 at SUSECVE-2024-46743 at NVDCVE-2024-46744 at SUSECVE-2024-46744 at NVDCVE-2024-46745 at SUSECVE-2024-46745 at NVDCVE-2024-46746 at SUSECVE-2024-46746 at NVDCVE-2024-46747 at SUSECVE-2024-46747 at NVDCVE-2024-46749 at SUSECVE-2024-46749 at NVDCVE-2024-46750 at SUSECVE-2024-46750 at NVDCVE-2024-46751 at SUSECVE-2024-46751 at NVDCVE-2024-46752 at SUSECVE-2024-46752 at NVDCVE-2024-46753 at SUSECVE-2024-46753 at NVDCVE-2024-46755 at SUSECVE-2024-46755 at NVDCVE-2024-46756 at SUSECVE-2024-46756 at NVDCVE-2024-46757 at SUSECVE-2024-46757 at NVDCVE-2024-46758 at SUSECVE-2024-46758 at NVDCVE-2024-46759 at SUSECVE-2024-46759 at NVDCVE-2024-46760 at SUSECVE-2024-46760 at NVDCVE-2024-46761 at SUSECVE-2024-46761 at NVDCVE-2024-46767 at SUSECVE-2024-46767 at NVDCVE-2024-46771 at SUSECVE-2024-46771 at NVDCVE-2024-46772 at SUSECVE-2024-46772 at NVDCVE-2024-46773 at SUSECVE-2024-46773 at NVDCVE-2024-46774 at SUSECVE-2024-46774 at NVDCVE-2024-46776 at SUSECVE-2024-46776 at NVDCVE-2024-46778 at SUSECVE-2024-46778 at NVDCVE-2024-46780 at SUSECVE-2024-46780 at NVDCVE-2024-46781 at SUSECVE-2024-46781 at NVDCVE-2024-46783 at SUSECVE-2024-46783 at NVDCVE-2024-46784 at SUSECVE-2024-46784 at NVDCVE-2024-46786 at SUSECVE-2024-46786 at NVDCVE-2024-46787 at SUSECVE-2024-46787 at NVDCVE-2024-46791 at SUSECVE-2024-46791 at NVDCVE-2024-46794 at SUSECVE-2024-46794 at NVDCVE-2024-46797 at SUSECVE-2024-46797 at NVDCVE-2024-46798 at SUSECVE-2024-46798 at NVDCVE-2024-46822 at SUSECVE-2024-46822 at NVDcpe:/o:suse:sl-micro:6.0Security update for patch (Low)SUSE Linux Micro 6.0
This update for patch fixes the following issues:
- CVE-2019-20633: Fix double-free/OOB read in pch.c (bsc#1167721)
LowSUSE bug 1167721CVE-2019-20633 at SUSECVE-2019-20633 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
- CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
- CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
- CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
- CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
- CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
- CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
- CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
- CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
- CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
- CVE-2024-42243: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray (bsc#1229001).
- CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
- CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
- CVE-2024-42294: block: fix deadlock between sd_remove & sd_release (bsc#1229371).
- CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
- CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
- CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
- CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
- CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).
- CVE-2024-43845: udf: Fix bogus checksum computation in udf_rename() (bsc#1229389).
- CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
- CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
- CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
- CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
- CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
- CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
- CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
- CVE-2024-44951: serial: sc16is7xx: fix TX fifo corruption (bsc#1230181).
- CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
- CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
- CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240).
- CVE-2024-44985: ipv6: prevent possible UAF in ip6_xmit() (bsc#1230206).
- CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
- CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
- CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
- CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
- CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195).
- CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
- CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
- CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169).
- CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
- CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
- CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).
- CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
- CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432).
- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
- CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 (bsc#1230435).
- CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455).
- CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
- CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).
- CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
- CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
- CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
- CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
- CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() (bsc#1230518).
- CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526).
- CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520).
- CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521).
- CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540).
- CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
- CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704).
- CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727).
- CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
- CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786).
- CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
- CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
- CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
- CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
- CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
- CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
- CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
The following non-security bugs were fixed:
- ABI: testing: fix admv8818 attr description (git-fixes).
- ACPI: CPPC: Add helper to get the highest performance value (stable-fixes).
- ACPI: CPPC: Fix MASK_VAL() usage (git-fixes).
- ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-fixes).
- ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-fixes).
- ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes).
- ACPI: sysfs: validate return type of _STR method (git-fixes).
- ACPICA: Implement ACPI_WARNING_ONCE and ACPI_ERROR_ONCE (stable-fixes).
- ACPICA: executer/exsystem: Do not nag user about every Stall() violating the spec (git-fixes).
- ALSA: control: Apply sanity check of input values for user elements (stable-fixes).
- ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices (stable-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack for ASUS Vivobook 15 X1504VAP (stable-fixes).
- ALSA: hda/realtek: Enable Mute Led for HP Victus 15-fb1xxx (stable-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx (stable-fixes).
- ALSA: hda/realtek: add patch for internal mic in Lenovo V145 (stable-fixes).
- ALSA: hda/realtek: extend quirks for Clevo V5[46]0 (stable-fixes).
- ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes).
- ALSA: hda: add HDMI codec ID for Intel PTL (stable-fixes).
- ALSA: hda: cs35l41: fix module autoloading (git-fixes).
- ARM: 9406/1: Fix callchain_trace() return value (git-fixes).
- ASoC: Intel: soc-acpi-cht: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- ASoC: amd: yc: Add a quirk for MSI Bravo 17 (D7VEK) (stable-fixes).
- ASoC: codecs: avoid possible garbage value in peb2466_reg_read() (git-fixes).
- ASoC: cs42l42: Convert comma to semicolon (git-fixes).
- ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object (git-fixes).
- ASoC: intel: fix module autoloading (stable-fixes).
- ASoC: meson: Remove unused declartion in header file (git-fixes).
- ASoC: meson: axg-card: fix 'use-after-free' (git-fixes).
- ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes).
- ASoC: rt5682s: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes).
- ASoC: soc-ac97: Fix the incorrect description (git-fixes).
- ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode (git-fixes).
- ASoC: tas2781-i2c: Get the right GPIO line (git-fixes).
- ASoC: tda7419: fix module autoloading (stable-fixes).
- ASoC: tegra: Fix CBB error during probe() (git-fixes).
- ASoC: topology: Properly initialize soc_enum values (stable-fixes).
- ASoc: SOF: topology: Clear SOF link platform name upon unload (git-fixes).
- ASoc: TAS2781: replace beXX_to_cpup with get_unaligned_beXX for potentially broken alignment (stable-fixes).
- Bluetooth: MGMT: Ignore keys being loaded with invalid type (git-fixes).
- Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() (stable-fixes).
- Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes).
- Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes).
- Bluetooth: hci_event: Use HCI error defines instead of magic values (stable-fixes).
- Bluetooth: hci_sync: Add helper functions to manipulate cmd_sync queue (stable-fixes).
- Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-fixes).
- Detect memory allocation failure in annotated_source__alloc_histograms (bsc#1227962).
- Documentation: ioctl: document 0x07 ioctl code (git-fixes).
- Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic (git-fixes).
- Drivers: hv: vmbus: Fix the misplaced function description (git-fixes).
- Drop mm patches that caused regressions (bsc#1230413)
- Enable livepatching related packages on -RT (jsc#PED-1706)
- HID: amd_sfh: free driver_data after destroying hid device (stable-fixes).
- HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-fixes).
- HID: multitouch: Add support for GT7868Q (stable-fixes).
- HID: wacom: Do not warn about dropped packets for first packet (git-fixes).
- HID: wacom: Support sequence numbers smaller than 16-bit (git-fixes).
- IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes)
- Input: adp5588-keys - fix check on return code (git-fixes).
- Input: ads7846 - ratelimit the spi_sync error message (stable-fixes).
- Input: ili210x - use kvmalloc() to allocate buffer for firmware update (stable-fixes).
- Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes).
- Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 840 G2 (stable-fixes).
- Input: tsc2004/5 - do not hard code interrupt trigger (git-fixes).
- Input: tsc2004/5 - fix reset handling on probe (git-fixes).
- Input: tsc2004/5 - use device core to create driver-specific device attributes (git-fixes).
- Input: uinput - reject requests with unreasonable number of slots (stable-fixes).
- KEYS: prevent NULL pointer dereference in find_asymmetric_key() (git-fixes).
- KVM: SVM: Do not advertise Bus Lock Detect to guest if SVM support is missing (git-fixes).
- KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE (git-fixes).
- KVM: arm64: Block unsafe FF-A calls from the host (git-fixes).
- KVM: arm64: Disallow copying MTE to guest memory while KVM is dirty logging (git-fixes).
- KVM: arm64: Do not pass a TLBI level hint when zapping table entries (git-fixes).
- KVM: arm64: Do not re-initialize the KVM lock (git-fixes).
- KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init (git-fixes).
- KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (git-fixes).
- KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE (git-fixes).
- KVM: arm64: nvhe: Ignore SVE hint in SMCCC function ID (git-fixes).
- KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (git-fixes).
- KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (git-fixes).
- Merge branch 'ALP-current' (0e26fa94003b) into 'ALP-current-RT'
- Move fixes into sorted section (bsc#1230119)
- Move s390 kabi patch into the kabi section
- Move upstreamed SCSI patches into sorted section
- Move upstreamed input patch into sorted section
- Move upstreamed kaslr patch into sorted section
- Move upstreamed nvme patches into sorted section
- NFS: never reuse a NFSv4.0 lock-owner (bsc#1227726).
- NFSD: Fix frame size warning in svc_export_parse() (git-fixes).
- NFSD: Rewrite synopsis of nfsd_percpu_counters_init() (git-fixes).
- NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes).
- No -rt specific changes this merge.
- PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes).
- PCI: Wait for Link before restoring Downstream Buses (git-fixes).
- PCI: al: Check IORESOURCE_BUS existence during probe (stable-fixes).
- PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes).
- PCI: dra7xx: Fix threaded IRQ request for "dra7xx-pcie-main" IRQ (git-fixes).
- PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes).
- PCI: imx6: Fix missing call to phy_power_off() in error handling (git-fixes).
- PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-fixes).
- PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes).
- PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() (git-fixes).
- PCI: qcom-ep: Enable controller resources like PHY only after refclk is available (git-fixes).
- PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes).
- PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes).
- PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666).
- RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes)
- RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes)
- RDMA/efa: Properly handle unexpected AQ completions (git-fixes)
- RDMA/erdma: Return QP state in erdma_query_qp (git-fixes)
- RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes)
- RDMA/hns: Fix 1bit-ECC recovery address in non-4K OS (git-fixes)
- RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 (git-fixes)
- RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-fixes)
- RDMA/hns: Fix ah error counter in sw stat not increasing (git-fixes)
- RDMA/hns: Fix restricted __le16 degrades to integer issue (git-fixes)
- RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes)
- RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes)
- RDMA/hns: Optimize hem allocation performance (git-fixes)
- RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes)
- RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes)
- RDMA/mlx5: Drop redundant work canceling from clean_keys() (git-fixes)
- RDMA/mlx5: Fix MR cache temp entries cleanup (git-fixes)
- RDMA/mlx5: Fix counter update on MR cache mkey creation (git-fixes)
- RDMA/mlx5: Limit usage of over-sized mkeys from the MR cache (git-fixes)
- RDMA/mlx5: Obtain upper net device only when needed (git-fixes)
- RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes)
- RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-fixes)
- Replace git-fixes tag by bsc#1226507, patches.suse/md-Don-t-wait-for-MD_RECOVERY_NEEDED-for-HOT_REMOVE_DISK-ioctl-a1fd.patch (bsc#1226507).
- Resort io_uring kABI patches These ended up in the wrong section. Push them to the right place, next to the other io_uring kabi patches.
- Restore dropped fields for bluetooth MGMT/SMP structs (git-fixes).
- Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE" (git-fixes).
- Revert "PCI: Extend ACS configurability (bsc#1228090)." (bsc#1229019) This reverts commit 571e4310e81312c847a5caee7e45e66aeea2a169. It breaks ACS on certain platforms. Even 6.11 is affected. So drop for now and investigate.
- Revert "drm/amdgpu: align pp_power_profile_mode with kernel docs" (stable-fixes).
- Revert "media: tuners: fix error return code of hybrid_tuner_request_state()" (git-fixes).
- Revert "mm, kmsan: fix infinite recursion due to RCU critical section" This reverts commit 16ad73a9f4c2888f3bc28513f5e9a88d753f8741.
- Revert "mm/sparsemem: fix race in accessing memory_section->usage" This reverts commit 6aa8957889611fbe7f06353f917cfb3d9620a680.
- Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()" This reverts commit 35f619d3c421219e07bc89d2d6a37fbff25519fe.
- Split kabi part of dm_blk_ioctl-implement-path-failover-for-SG_IO.patch
- Squashfs: sanity check symbolic link size (git-fixes).
- USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes).
- USB: serial: kobil_sct: restore initial terminal settings (git-fixes).
- USB: serial: option: add MeiG Smart SRM825L (git-fixes).
- USB: serial: option: add MeiG Smart SRM825L (stable-fixes).
- USB: serial: pl2303: add device id for Macrosilicon MS3020 (stable-fixes).
- USB: usbtmc: prevent kernel-usb-infoleak (git-fixes).
- Update patches.suse/af_unix-Fix-data-races-around-sk-sk_shutdown.patch (git-fixes bsc#1226846).
- Update patches.suse/gfs2-Fix-NULL-pointer-dereference-in-gfs2_log_flush.patch (bsc#1230948)
- Update patches.suse/powerpc-pseries-make-max-polling-consistent-for-long.patch (bsc#1215199 jsc#PED-10954).
- Update patches.suse/security-integrity-fix-pointer-to-ESL-data-and-.patch (bsc#1012628 jsc#PED-5085 jsc#PED-10954).
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (git-fixes).
- afs: Do not cross .backup mountpoint from backup volume (git-fixes).
- afs: Revert "afs: Hide silly-rename files from userspace" (git-fixes).
- arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585)
- arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585)
- arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes).
- arm64: dts: allwinner: h616: Add r_i2c pinctrl nodes (git-fixes).
- arm64: dts: exynos: exynos7885-jackpotlte: Correct RAM amount to 4GB (git-fixes).
- arm64: dts: imx8-ss-dma: Fix adc0 closing brace location (git-fixes).
- arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-fixes).
- arm64: dts: rockchip: Correct vendor prefix for Hardkernel ODROID-M1 (git-fixes).
- arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes).
- arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-fixes).
- arm64: dts: rockchip: fix eMMC/SPI corruption when audio has been used on RK3399 Puma (git-fixes).
- arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma (git-fixes).
- arm64: signal: Fix some under-bracketed UAPI macros (git-fixes).
- arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585)
- arm64: tlb: Fix TLBI RANGE operand (bsc#1229585)
- arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585)
- ata: libata-scsi: Fix ata_msense_control() CDL page reporting (git-fixes).
- ata: libata: Clear DID_TIME_OUT for ATA PT commands with sense data (git-fixes).
- ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes).
- ata: pata_macio: Use WARN instead of BUG (stable-fixes).
- blacklist.conf: ("KVM: arm64: Use TLBI_TTL_UNKNOWN in __kvm_tlb_flush_vmid_range()") (bsc#1229585)
- blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600).
- blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600).
- bpf, events: Use prog to emit ksymbol event for main program (git-fixes).
- bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() (git-fixes).
- btrfs: fix race between direct IO write and fsync when using same fd (git-fixes).
- btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1230854).
- bus: integrator-lm: fix OF node leak in probe() (git-fixes).
- cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231008).
- cachefiles: fix dentry leak in cachefiles_open_file() (bsc#1231183).
- can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes).
- can: bcm: Remove proc entry when dev is unregistered (git-fixes).
- can: j1939: use correct function name in comment (git-fixes).
- can: kvaser_pciefd: Skip redundant NULL pointer check in ISR (stable-fixes).
- can: m_can: Release irq on error in m_can_open (git-fixes).
- can: m_can: enable NAPI before enabling interrupts (git-fixes).
- can: m_can: m_can_close(): stop clocks after device has been shut down (git-fixes).
- can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open (git-fixes).
- can: mcp251xfd: clarify the meaning of timestamp (stable-fixes).
- can: mcp251xfd: fix ring configuration when switching from CAN-CC to CAN-FD mode (git-fixes).
- can: mcp251xfd: mcp251xfd_handle_rxif_ring_uinc(): factor out in separate function (stable-fixes).
- can: mcp251xfd: mcp251xfd_ring_init(): check TX-coalescing configuration (stable-fixes).
- can: mcp251xfd: move mcp251xfd_timestamp_start()/stop() into mcp251xfd_chip_start/stop() (stable-fixes).
- can: mcp251xfd: properly indent labels (stable-fixes).
- can: mcp251xfd: rx: add workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes).
- can: mcp251xfd: rx: prepare to workaround broken RX FIFO head index erratum (stable-fixes).
- cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (git-fixes).
- cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (stable-fixes).
- ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1231182).
- clk: Add a devm variant of clk_rate_exclusive_get() (bsc#1227885).
- clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get() (bsc#1227885).
- clk: qcom: clk-alpha-pll: Fix the pll post div mask (git-fixes).
- clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API (git-fixes).
- clk: qcom: clk-alpha-pll: Fix zonda set_rate failure when PLL is disabled (git-fixes).
- clk: qcom: gcc-sc8280xp: do not use parking clk_ops for QUPs (git-fixes).
- clk: qcom: gcc-sm8550: Do not park the USB RCG at registration time (git-fixes).
- clk: qcom: gcc-sm8550: Do not use parking clk_ops for QUPs (git-fixes).
- clk: qcom: ipq9574: Update the alpha PLL type for GPLLs (git-fixes).
- clk: ti: dra7-atl: Fix leak of of_nodes (git-fixes).
- clocksource/drivers/imx-tpm: Fix next event not taking effect sometime (git-fixes).
- clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX (git-fixes).
- clocksource/drivers/qcom: Add missing iounmap() on errors in msm_dt_timer_init() (git-fixes).
- cpufreq: amd-pstate: Enable amd-pstate preferred core support (stable-fixes).
- cpufreq: amd-pstate: fix the highest frequency issue which limits performance (git-fixes).
- cpufreq: scmi: Avoid overflow of target_freq in fast switch (stable-fixes).
- cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes).
- crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes).
- crypto: ccp - do not request interrupt on cmd completion when irqs disabled (git-fixes).
- crypto: iaa - Fix potential use after free bug (git-fixes).
- crypto: qat - fix unintentional re-enabling of error interrupts (stable-fixes).
- crypto: xor - fix template benchmarking (git-fixes).
- cxl/core: Fix incorrect vendor debug UUID define (git-fixes).
- cxl/pci: Fix to record only non-zero ranges (git-fixes).
- devres: Initialize an uninitialized struct member (stable-fixes).
- dma-buf: heaps: Fix off-by-one in CMA heap fault handler (git-fixes).
- dma-debug: avoid deadlock between dma debug vs printk and netconsole (stable-fixes).
- dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (stable-fixes).
- dmaengine: altera-msgdma: use irq variant of spin_lock/unlock while invoking callbacks (stable-fixes).
- driver core: Fix a potential null-ptr-deref in module_add_driver() (git-fixes).
- driver core: Fix error handling in driver API device_rename() (git-fixes).
- driver: iio: add missing checks on iio_info's callback access (stable-fixes).
- drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes).
- drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes).
- drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes).
- drm/amd/amdgpu: Check tbo resource pointer (stable-fixes).
- drm/amd/amdgpu: Properly tune the size of struct (git-fixes).
- drm/amd/display: Add array index check for hdcp ddc access (stable-fixes).
- drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (git-fixes).
- drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing (stable-fixes).
- drm/amd/display: Assign linear_pitch_alignment even for VM (stable-fixes).
- drm/amd/display: Avoid overflow from uint32_t to uint8_t (stable-fixes).
- drm/amd/display: Avoid race between dcn10_set_drr() and dc_state_destruct() (git-fixes).
- drm/amd/display: Check BIOS images before it is used (stable-fixes).
- drm/amd/display: Check HDCP returned status (stable-fixes).
- drm/amd/display: Check UnboundedRequestEnabled's value (stable-fixes).
- drm/amd/display: Check denominator pbn_div before used (stable-fixes).
- drm/amd/display: Check gpio_id before used as array index (stable-fixes).
- drm/amd/display: Check index for aux_rd_interval before using (stable-fixes).
- drm/amd/display: Check msg_id before processing transcation (stable-fixes).
- drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] (stable-fixes).
- drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX (stable-fixes).
- drm/amd/display: Defer handling mst up request in resume (stable-fixes).
- drm/amd/display: Disable error correction if it's not supported (stable-fixes).
- drm/amd/display: Do not use fsleep for PSR exit waits on dmub replay (stable-fixes).
- drm/amd/display: Ensure array index tg_inst won't be -1 (stable-fixes).
- drm/amd/display: Ensure index calculation will not overflow (stable-fixes).
- drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create (stable-fixes).
- drm/amd/display: Fix Coverity INTEGER_OVERFLOW within decide_fallback_link_setting_max_bw_policy (stable-fixes).
- drm/amd/display: Fix Coverity INTERGER_OVERFLOW within construct_integrated_info (stable-fixes).
- drm/amd/display: Fix FEC_READY write on DP LT (stable-fixes).
- drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box (stable-fixes).
- drm/amd/display: Fix pipe addition logic in calc_blocks_to_ungate DCN35 (stable-fixes).
- drm/amd/display: Handle the case which quad_part is equal 0 (stable-fixes).
- drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection (stable-fixes).
- drm/amd/display: Replace dm_execute_dmub_cmd with dc_wake_and_execute_dmub_cmd (git-fixes).
- drm/amd/display: Run DC_LOG_DC after checking link->link_enc (stable-fixes).
- drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration (stable-fixes).
- drm/amd/display: Skip wbscl_set_scaler_filter if filter is null (stable-fixes).
- drm/amd/display: Solve mst monitors blank out problem after resume (git-fixes).
- drm/amd/display: Spinlock before reading event (stable-fixes).
- drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (stable-fixes).
- drm/amd/display: Wake DMCUB before sending a command for replay feature (stable-fixes).
- drm/amd/display: added NULL check at start of dc_validate_stream (stable-fixes).
- drm/amd/display: handle nulled pipe context in DCE110's set_drr() (git-fixes).
- drm/amd/display: use preferred link settings for dp signal only (stable-fixes).
- drm/amd/pm: Fix negative array index read (stable-fixes).
- drm/amd/pm: check negtive return for table entries (stable-fixes).
- drm/amd/pm: check specific index for aldebaran (stable-fixes).
- drm/amd/pm: check specific index for smu13 (stable-fixes).
- drm/amd/pm: fix the Out-of-bounds read warning (stable-fixes).
- drm/amd/pm: fix uninitialized variable warning (stable-fixes).
- drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr (stable-fixes).
- drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt (stable-fixes).
- drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr (stable-fixes).
- drm/amd/pm: fix warning using uninitialized value of max_vid_step (stable-fixes).
- drm/amd: Add gfx12 swizzle mode defs (stable-fixes).
- drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes).
- drm/amdgpu/display: handle gfx12 in amdgpu_dm_plane_format_mod_supported (stable-fixes).
- drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs (stable-fixes).
- drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc (stable-fixes).
- drm/amdgpu/pm: Fix uninitialized variable agc_btc_response (stable-fixes).
- drm/amdgpu/pm: Fix uninitialized variable warning for smu10 (stable-fixes).
- drm/amdgpu/swsmu: always force a state reprogram on init (stable-fixes).
- drm/amdgpu: Fix get each xcp macro (git-fixes).
- drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (stable-fixes).
- drm/amdgpu: Fix out-of-bounds write warning (stable-fixes).
- drm/amdgpu: Fix smatch static checker warning (stable-fixes).
- drm/amdgpu: Fix the uninitialized variable warning (stable-fixes).
- drm/amdgpu: Fix the warning division or modulo by zero (stable-fixes).
- drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr (stable-fixes).
- drm/amdgpu: Fix uninitialized variable warning in amdgpu_info_ioctl (stable-fixes).
- drm/amdgpu: Handle sg size limit for contiguous allocation (stable-fixes).
- drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes).
- drm/amdgpu: add lock in amdgpu_gart_invalidate_tlb (stable-fixes).
- drm/amdgpu: add lock in kfd_process_dequeue_from_device (stable-fixes).
- drm/amdgpu: add missing error handling in function amdgpu_gmc_flush_gpu_tlb_pasid (stable-fixes).
- drm/amdgpu: add skip_hw_access checks for sriov (stable-fixes).
- drm/amdgpu: align pp_power_profile_mode with kernel docs (stable-fixes).
- drm/amdgpu: avoid reading vf2pf info size from FB (stable-fixes).
- drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes).
- drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes).
- drm/amdgpu: fix a possible null pointer dereference (git-fixes).
- drm/amdgpu: fix contiguous handling for IB parsing v2 (git-fixes).
- drm/amdgpu: fix dereference after null check (stable-fixes).
- drm/amdgpu: fix mc_data out-of-bounds read warning (stable-fixes).
- drm/amdgpu: fix overflowed array index read warning (stable-fixes).
- drm/amdgpu: fix overflowed constant warning in mmhub_set_clockgating() (stable-fixes).
- drm/amdgpu: fix the waring dereferencing hive (stable-fixes).
- drm/amdgpu: fix ucode out-of-bounds read warning (stable-fixes).
- drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
- drm/amdgpu: handle gfx12 in amdgpu_display_verify_sizes (stable-fixes).
- drm/amdgpu: properly handle vbios fake edid sizing (git-fixes).
- drm/amdgpu: reject gang submit on reserved VMIDs (stable-fixes).
- drm/amdgpu: the warning dereferencing obj for nbio_v7_4 (stable-fixes).
- drm/amdgpu: update type of buf size to u32 for eeprom functions (stable-fixes).
- drm/amdgu: fix Unintentional integer overflow for mall size (stable-fixes).
- drm/amdkfd: Check debug trap enable before write dbg_ev_file (stable-fixes).
- drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device (stable-fixes).
- drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes).
- drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ (stable-fixes).
- drm/drm-bridge: Drop conditionals around of_node pointers (stable-fixes).
- drm/fb-helper: Do not schedule_work() to flush frame buffer during panic() (stable-fixes).
- drm/gpuvm: fix missing dependency to DRM_EXEC (git-fixes).
- drm/i915/fence: Mark debug_fence_free() with __maybe_unused (git-fixes).
- drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused (git-fixes).
- drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes).
- drm/i915: Do not attempt to load the GSC multiple times (git-fixes).
- drm/kfd: Correct pinned buffer handling at kfd restore and validate process (stable-fixes).
- drm/mediatek: Set sensible cursor width/height values to fix crash (stable-fixes).
- drm/mediatek: ovl_adaptor: Add missing of_node_put() (git-fixes).
- drm/meson: plane: Add error handling (stable-fixes).
- drm/msm/a5xx: disable preemption in submits by default (git-fixes).
- drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes).
- drm/msm/a5xx: properly clear preemption records on resume (git-fixes).
- drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes).
- drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes).
- drm/msm/dsi: correct programming sequence for SM8350 / SM8450 (git-fixes).
- drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes).
- drm/msm: fix %s null argument error (git-fixes).
- drm/nouveau/fb: restore init() for ramgp102 (git-fixes).
- drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-fixes).
- drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-fixes).
- drm/radeon: properly handle vbios fake edid sizing (git-fixes).
- drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-fixes).
- drm/rockchip: vop: Allow 4096px width scaling (git-fixes).
- drm/rockchip: vop: clear DMA stop bit on RK3066 (git-fixes).
- drm/rockchip: vop: enable VOP_FEATURE_INTERNAL_RGB on RK3066 (git-fixes).
- drm/stm: Fix an error handling path in stm_drm_platform_probe() (git-fixes).
- drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes).
- drm/syncobj: Fix syncobj leak in drm_syncobj_eventfd_ioctl (git-fixes).
- drm/vc4: hdmi: Handle error case of pm_runtime_resume_and_get (git-fixes).
- drm: komeda: Fix an issue related to normalized zpos (stable-fixes).
- drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Ayn Loki Max (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OrangePi Neo (stable-fixes).
- ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() (git-fixes).
- erofs: fix incorrect symlink detection in fast symlink (git-fixes).
- exfat: fix memory leak in exfat_load_bitmap() (git-fixes).
- fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes).
- firmware: arm_scmi: Fix double free in OPTEE transport (git-fixes).
- firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() (git-fixes).
- firmware_loader: Block path traversal (git-fixes).
- fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230602).
- fuse: fix memory leak in fuse_create_open (bsc#1230124).
- fuse: update stats for pages in dropped aux writeback list (bsc#1230125).
- fuse: use unsigned type for getxattr/listxattr size truncation (bsc#1230123).
- gpio: modepin: Enable module autoloading (git-fixes).
- gpio: rockchip: fix OF node leak in probe() (git-fixes).
- hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes).
- hwmon: (asus-ec-sensors) remove VRM temp X570-E GAMING (stable-fixes).
- hwmon: (k10temp) Check return value of amd_smn_read() (stable-fixes).
- hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-fixes).
- hwmon: (max16065) Fix overflows seen when writing limits (git-fixes).
- hwmon: (nct6775-core) Fix underflows seen when writing limit attributes (stable-fixes).
- hwmon: (ntc_thermistor) fix module autoloading (git-fixes).
- hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >= 1.2 (git-fixes).
- hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes).
- hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-fixes).
- hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-fixes).
- hwrng: mtk - Use devm_pm_runtime_enable (git-fixes).
- i2c: aspeed: Update the stop sw state when the bus recovery occurs (git-fixes).
- i2c: designware: fix controller is holding SCL low while ENABLE bit is disabled (git-fixes).
- i2c: isch: Add missed 'else' (git-fixes).
- i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes).
- i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition (git-fixes).
- i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-fixes).
- iio: adc: ad7124: fix chip ID mismatch (git-fixes).
- iio: adc: ad7124: fix config comparison (git-fixes).
- iio: adc: ad7606: fix oversampling gpio array (git-fixes).
- iio: adc: ad7606: fix standby gpio state to match the documentation (git-fixes).
- iio: adc: ad7606: remove frstdata check for serial mode (git-fixes).
- iio: buffer-dmaengine: fix releasing dma channel on error (git-fixes).
- iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-fixes).
- iio: fix scale application in iio_convert_raw_to_processed_unlocked (git-fixes).
- iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes).
- ipmi: docs: do not advertise deprecated sysfs entries (git-fixes).
- ipmi:ssif: Improve detecting during probing (bsc#1228771)
- ipmi:ssif: Improve detecting during probing (bsc#1228771) Move patch into the sorted section.
- ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230206)
- jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes).
- kABI workaround for cros_ec stuff (git-fixes).
- kABI: Workaround kABI change in patches.suse/iommu-dma-Trace-bounce-buffer-usage-when-mapping-buf.patch (git-fixes).
- kabi: dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776).
- kselftests: dmabuf-heaps: Ensure the driver name is null-terminated (stable-fixes).
- kthread: Fix task state in kthread worker if being frozen (bsc#1231146).
- leds: spi-byte: Call of_node_put() on error path (stable-fixes).
- lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (stable-fixes).
- lirc: rc_dev_get_from_fd(): fix file leak (git-fixes).
- mailbox: bcm2835: Fix timeout during suspend mode (git-fixes).
- mailbox: rockchip: fix a typo in module autoloading (git-fixes).
- media: i2c: ar0521: Use cansleep version of gpiod_set_value() (git-fixes).
- media: ov5675: Fix power on/off delay timings (git-fixes).
- media: platform: rzg2l-cru: rzg2l-csi2: Add missing MODULE_DEVICE_TABLE (git-fixes).
- media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes).
- media: qcom: camss: Remove use_count guard in stop_streaming (git-fixes).
- media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes).
- media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes).
- media: uvcvideo: Enforce alignment of frame and interval (stable-fixes).
- media: venus: fix use after free bug in venus_remove due to race condition (git-fixes).
- media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes).
- media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes).
- media: vivid: fix wrong sizeimage value for mplane (stable-fixes).
- memory: mtk-smi: Use devm_clk_get_enabled() (git-fixes).
- memory: tegra186-emc: drop unused to_tegra186_emc() (git-fixes).
- minmax: reduce min/max macro expansion in atomisp driver (git-fixes).
- misc: fastrpc: Fix double free of 'buf' in error path (git-fixes).
- mmc: core: apply SD quirks earlier during probe (git-fixes).
- mmc: cqhci: Fix checking of CQHCI_HALT state (git-fixes).
- mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K (git-fixes).
- mmc: sdhci-of-aspeed: fix module autoloading (git-fixes).
- module: Fix KCOV-ignored file name (git-fixes).
- mtd: powernv: Add check devm_kasprintf() returned value (git-fixes).
- mtd: slram: insert break after errors in parsing the map (git-fixes).
- net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git-fixes).
- net: phy: Fix missing of_node_put() for leds (git-fixes).
- net: phy: vitesse: repair vsc73xx autonegotiation (stable-fixes).
- net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes).
- net: usb: qmi_wwan: add MeiG Smart SRM825L (stable-fixes).
- nfsd: Do not leave work of closing files to a work queue (bsc#1228140).
- nilfs2: determine empty node blocks as corrupted (git-fixes).
- nilfs2: fix missing cleanup on rollforward recovery error (git-fixes).
- nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes).
- nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes).
- nilfs2: fix state management in error path of log writing function (git-fixes).
- nilfs2: protect references to superblock parameters exposed in sysfs (git-fixes).
- nouveau: fix the fwsec sb verification register (git-fixes).
- nvme-multipath: avoid hang on inaccessible namespaces (bsc#1228244).
- nvme-multipath: system fails to create generic nvme device (bsc#1228244).
- nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes).
- nvme-pci: allocate tagset on reset if necessary (git-fixes).
- nvme-tcp: fix link failure for TCP auth (git-fixes).
- nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes).
- nvme: clear caller pointer on identify failure (git-fixes).
- nvme: fix namespace removal list (git-fixes).
- nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes).
- nvmet-tcp: do not continue for invalid icreq (git-fixes).
- nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes).
- nvmet-trace: avoid dereferencing pointer too early (git-fixes).
- nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes).
- ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes).
- ocfs2: fix null-ptr-deref when journal load failed (git-fixes).
- ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes).
- ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes).
- pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes).
- pcmcia: Use resource_size function on resource object (stable-fixes).
- perf annotate: Introduce global annotation_options (git-fixes).
- perf annotate: Split branch stack cycles information out of 'struct annotation_line' (git-fixes).
- perf annotate: Use global annotation_options (git-fixes).
- perf arch events: Fix duplicate RISC-V SBI firmware event name (git-fixes).
- perf intel-pt: Fix aux_watermark calculation for 64-bit size (git-fixes).
- perf intel-pt: Fix exclude_guest setting (git-fixes).
- perf machine thread: Remove exited threads by default (git-fixes).
- perf maps: Move symbol maps functions to maps.c (git-fixes).
- perf pmu: Assume sysfs events are always the same case (git-fixes).
- perf pmus: Fixes always false when compare duplicates aliases (git-fixes).
- perf record: Lazy load kernel symbols (git-fixes).
- perf report: Convert to the global annotation_options (git-fixes).
- perf report: Fix condition in sort__sym_cmp() (git-fixes).
- perf stat: Fix the hard-coded metrics calculation on the hybrid (git-fixes).
- perf test: Make test_arm_callgraph_fp.sh more robust (git-fixes).
- perf tool: fix dereferencing NULL al->maps (git-fixes).
- perf tools: Add/use PMU reverse lookup from config to name (git-fixes).
- perf tools: Use pmus to describe type from attribute (git-fixes).
- perf top: Convert to the global annotation_options (git-fixes).
- perf/core: Fix missing wakeup when waiting for context reference (git-fixes).
- perf/x86/intel/cstate: Add pkg C2 residency counter for Sierra Forest (git-fixes).
- perf/x86/intel/cstate: Fix Alderlake/Raptorlake/Meteorlake (git-fixes).
- perf/x86/intel/ds: Fix non 0 retire latency on Raptorlake (git-fixes).
- perf/x86/intel/pt: Fix a topa_entry base address calculation (git-fixes).
- perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (git-fixes).
- perf/x86/intel/pt: Fix topa_entry base length (git-fixes).
- perf/x86/intel/uncore: Fix the bits of the CHA extended umask for SPR (git-fixes).
- perf/x86/intel/uncore: Support HBM and CXL PMON counters (bsc#1230119).
- perf/x86/intel: Add a distinct name for Granite Rapids (git-fixes).
- perf/x86/intel: Factor out the initialization code for SPR (git fixes).
- perf/x86/intel: Limit the period on Haswell (git-fixes).
- perf/x86/intel: Use the common uarch name for the shared functions (git fixes).
- perf/x86/uncore: Apply the unit control RB tree to MMIO uncore units (bsc#1230119).
- perf/x86/uncore: Apply the unit control RB tree to MSR uncore units (bsc#1230119).
- perf/x86/uncore: Apply the unit control RB tree to PCI uncore units (bsc#1230119).
- perf/x86/uncore: Cleanup unused unit structure (bsc#1230119).
- perf/x86/uncore: Retrieve the unit ID from the unit control RB tree (bsc#1230119).
- perf/x86/uncore: Save the unit control address of all units (bsc#1230119).
- perf/x86/uncore: Support per PMU cpumask (bsc#1230119).
- perf/x86: Fix smp_processor_id()-in-preemptible warnings (git-fixes).
- perf/x86: Serialize set_attr_rdpmc() (git-fixes).
- perf: Fix default aux_watermark calculation (git-fixes).
- perf: Fix event leak upon exit (git-fixes).
- perf: Fix perf_aux_size() for greater-than 32-bit size (git-fixes).
- perf: Prevent passing zero nr_pages to rb_alloc_aux() (git-fixes).
- perf: script: add raw|disasm arguments to --insn-trace option (git-fixes).
- phy: zynqmp: Take the phy mutex in xlate (stable-fixes).
- pinctrl: at91: make it work with current gpiolib (stable-fixes).
- pinctrl: meteorlake: Add Arrow Lake-H/U ACPI ID (stable-fixes).
- pinctrl: single: fix missing error code in pcs_probe() (git-fixes).
- platform/chrome: cros_ec_lpc: MEC access can use an AML mutex (stable-fixes).
- platform/surface: aggregator_registry: Add Support for Surface Pro 10 (stable-fixes).
- platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 (stable-fixes).
- platform/x86: dell-smbios: Fix error path in dell_smbios_init() (git-fixes).
- platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes).
- platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-fixes).
- platform/x86: x86-android-tablets: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes).
- power: supply: axp20x_battery: Remove design from min and max voltage (git-fixes).
- power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes).
- power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes).
- powercap/intel_rapl: Add support for AMD family 1Ah (stable-fixes).
- powerpc/qspinlock: Fix deadlock in MCS queue (bac#1230295 ltc#206656).
- pwm: xilinx: Fix u32 overflow issue in 32-bit width PWM mode (stable-fixes).
- r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes).
- regmap: maple: work around gcc-14.1 false-positive warning (stable-fixes).
- regmap: spi: Fix potential off-by-one when calculating reserved size (stable-fixes).
- regulator: Return actual error in of_regulator_bulk_get_all() (git-fixes).
- regulator: core: Fix regulator_is_supported_voltage() kerneldoc return value (git-fixes).
- regulator: core: Fix short description for _regulator_check_status_enabled() (git-fixes).
- regulator: core: Stub devm_regulator_bulk_get_const() if !CONFIG_REGULATOR (git-fixes).
- regulator: rt5120: Convert comma to semicolon (git-fixes).
- regulator: wm831x-isink: Convert comma to semicolon (git-fixes).
- remoteproc: imx_rproc: Correct ddr alias for i.MX8M (git-fixes).
- remoteproc: imx_rproc: Initialize workqueue earlier (git-fixes).
- remoteproc: k3-r5: Fix error handling when power-up failed (git-fixes).
- reset: berlin: fix OF node leak in probe() error path (git-fixes).
- reset: k210: fix OF node leak in probe() error path (git-fixes).
- resource: fix region_intersects() vs add_memory_driver_managed() (git-fixes).
- rpm/check-for-config-changes: Exclude ARCH_USING_PATCHABLE_FUNCTION_ENTRY gcc version dependent, at least on ppc
- rtc: at91sam9: fix OF node leak in probe() error path (git-fixes).
- s390/dasd: Fix redundant /proc/dasd* entries removal (bsc#1227694).
- s390/dasd: Remove DMA alignment (LTC#208933 bsc#1230426 git-fixes).
- s390/mm: Convert gmap_make_secure to use a folio (git-fixes bsc#1230562).
- s390/mm: Convert make_page_secure to use a folio (git-fixes bsc#1230563).
- s390: allow pte_offset_map_lock() to fail (git-fixes bsc#1230564).
- scripts: kconfig: merge_config: config files: add a trailing newline (stable-fixes).
- scripts: sphinx-pre-install: remove unnecessary double check for $cur_version (git-fixes).
- scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223).
- scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Fix overflow build issue (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429 jsc#PED-9899).
- scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1229429 jsc#PED-9899).
- scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848).
- selftests: lib: remove strscpy test (git-fixes).
- selinux,smack: do not bypass permissions check in inode_setsecctx hook (stable-fixes).
- soc: fsl: cpm1: tsa: Fix tsa_write8() (git-fixes).
- soc: versatile: integrator: fix OF node leak in probe() error path (git-fixes).
- spi: atmel-quadspi: Avoid overwriting delay register settings (git-fixes).
- spi: atmel-quadspi: Undo runtime PM changes at driver exit time (git-fixes).
- spi: bcm63xx: Enable module autoloading (stable-fixes).
- spi: bcm63xx: Fix module autoloading (git-fixes).
- spi: meson-spicc: convert comma to semicolon (git-fixes).
- spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes).
- spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ (git-fixes).
- spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes).
- spi: rockchip: Resolve unbalanced runtime PM / system PM handling (git-fixes).
- spi: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes).
- spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time (git-fixes).
- spi: spidev: Add an entry for elgin,jg10309-01 (stable-fixes).
- spi: spidev: Add missing spi_device_id for jg10309-01 (git-fixes).
- staging: iio: frequency: ad9834: Validate frequency parameter value (git-fixes).
- supported.conf: mark adiantum and xctr crypto modules as supported (bsc#1231035)
- thunderbolt: Fix XDomain rx_lanes_show and tx_lanes_show (git-fixes).
- thunderbolt: Fix calculation of consumed USB3 bandwidth on a path (git-fixes).
- thunderbolt: Fix rollback in tb_port_lane_bonding_enable() for lane 1 (git-fixes).
- thunderbolt: There are only 5 basic router registers in pre-USB4 routers (git-fixes).
- tomoyo: fallback to realpath if symlink's pathname does not exist (git-fixes).
- tools/perf: Fix the string match for "/tmp/perf-$PID.map" files in dso__load (git-fixes).
- tpm: Clean up TPM space after command failure (git-fixes).
- tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes).
- tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes).
- uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git-fixes).
- usb: cdnsp: Fix incorrect usb_request status (git-fixes).
- usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes).
- usb: dwc2: drd: fix clock gating on USB role switch (git-fixes).
- usb: dwc3: Avoid waking up gadget during startxfer (git-fixes).
- usb: dwc3: core: Prevent USB core invalid event buffer address access (git-fixes).
- usb: dwc3: core: Prevent USB core invalid event buffer address access (stable-fixes).
- usb: dwc3: core: update LC timer as per USB Spec V3.2 (stable-fixes).
- usb: gadget: aspeed_udc: validate endpoint index for ast udc (stable-fixes).
- usb: typec: ucsi: Fix null pointer dereference in trace (stable-fixes).
- usb: typec: ucsi: Wait 20ms before reading CCI after a reset (git-fixes).
- usb: uas: set host status byte on data completion error (stable-fixes).
- usbip: Do not submit special requests twice (stable-fixes).
- usbnet: ipheth: add CDC NCM support (git-fixes).
- usbnet: ipheth: do not stop RX on failing RX callback (git-fixes).
- usbnet: ipheth: drop RX URBs with no payload (git-fixes).
- usbnet: ipheth: fix carrier detection in modes 1 and 4 (git-fixes).
- usbnet: ipheth: fix risk of NULL pointer deallocation (git-fixes).
- usbnet: ipheth: race between ipheth_close and error handling (stable-fixes).
- usbnet: ipheth: remove extraneous rx URB length check (git-fixes).
- usbnet: ipheth: transmit URBs without trailing padding (git-fixes).
- usbnet: modern method to get random MAC (git-fixes).
- virtio-net: synchronize probe with ndo_set_features (git-fixes).
- virtio_net: Fix napi_skb_cache_put warning (git-fixes).
- virtio_net: fixing XDP for fully checksummed packets handling (git-fixes).
- watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes).
- wifi: ath11k: initialize 'ret' in ath11k_qmi_load_file_target_mem() (stable-fixes).
- wifi: ath12k: fix BSS chan info request WMI command (git-fixes).
- wifi: ath12k: fix firmware crash due to invalid peer nss (stable-fixes).
- wifi: ath12k: fix invalid AMPDU factor calculation in ath12k_peer_assoc_h_he() (git-fixes).
- wifi: ath12k: fix uninitialize symbol error on ath12k_peer_assoc_h_he() (stable-fixes).
- wifi: ath12k: initialize 'ret' in ath12k_dp_rxdma_ring_sel_config_wcn7850() (stable-fixes).
- wifi: ath12k: initialize 'ret' in ath12k_qmi_load_file_target_mem() (stable-fixes).
- wifi: ath12k: match WMI BSS chan info structure with firmware definition (git-fixes).
- wifi: ath9k: Remove error checks when creating debugfs entries (git-fixes).
- wifi: brcmfmac: introducing fwil query functions (git-fixes).
- wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes).
- wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes).
- wifi: cfg80211: fix bug of mapping AF3x to incorrect User Priority (git-fixes).
- wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-fixes).
- wifi: cfg80211: make hash table duplicates more survivable (stable-fixes).
- wifi: cfg80211: restrict operation during radar detection (stable-fixes).
- wifi: iwlwifi: clear trans->state earlier upon error (stable-fixes).
- wifi: iwlwifi: lower message level for FW buffer destination (stable-fixes).
- wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (stable-fixes).
- wifi: iwlwifi: mvm: fix iwl_mvm_max_scan_ie_fw_cmd_room() (stable-fixes).
- wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation (stable-fixes).
- wifi: iwlwifi: mvm: increase the time between ranging measurements (git-fixes).
- wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (stable-fixes).
- wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check (stable-fixes).
- wifi: mac80211: check ieee80211_bss_info_change_notify() against MLD (stable-fixes).
- wifi: mac80211: do not use rate mask for offchannel TX either (git-fixes).
- wifi: mac80211: fix the comeback long retry times (git-fixes).
- wifi: mac80211: free skb on error path in ieee80211_beacon_get_ap() (stable-fixes).
- wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-fixes).
- wifi: mt76: connac: fix checksum offload fields of connac3 RXD (git-fixes).
- wifi: mt76: mt7603: fix mixed declarations and code (git-fixes).
- wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes).
- wifi: mt76: mt7915: check devm_kasprintf() returned value (git-fixes).
- wifi: mt76: mt7915: fix oops on non-dbdc mt7986 (git-fixes).
- wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-fixes).
- wifi: mt76: mt7921: Check devm_kasprintf() returned value (git-fixes).
- wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change (stable-fixes).
- wifi: mt76: mt7921: fix wrong UNII-4 freq range check for the channel usage (git-fixes).
- wifi: mt76: mt7925: fix a potential array-index-out-of-bounds issue for clc (git-fixes).
- wifi: mt76: mt7996: fix EHT beamforming capability check (git-fixes).
- wifi: mt76: mt7996: fix HE and EHT beamforming capabilities (git-fixes).
- wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he (git-fixes).
- wifi: mt76: mt7996: fix traffic delay when switching back to working channel (git-fixes).
- wifi: mt76: mt7996: fix uninitialized TLV data (git-fixes).
- wifi: mt76: mt7996: fix wmm set of station interface to 3 (git-fixes).
- wifi: mt76: mt7996: use hweight16 to get correct tx antenna (git-fixes).
- wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes).
- wifi: rtw88: 8822c: Fix reported RX band width (git-fixes).
- wifi: rtw88: always wait for both firmware loading attempts (git-fixes).
- wifi: rtw88: remove CPT execution branch never used (git-fixes).
- wifi: rtw88: usb: schedule rx work after everything is set up (stable-fixes).
- wifi: rtw89: ser: avoid multiple deinit on same CAM (stable-fixes).
- wifi: rtw89: wow: prevent to send unexpected H2C during download Firmware (stable-fixes).
- wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes).
- x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes).
- x86/kaslr: Expose and use the end of the physical memory address space (bsc#1229443).
- x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382).
- x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382).
- x86/mm: Use lookup_address_in_pgd_attr() in show_fault_oops() (bsc#1221527).
- x86/pat: Fix W^X violation false-positives when running as Xen PV guest (bsc#1221527).
- x86/pat: Introduce lookup_address_in_pgd_attr() (bsc#1221527).
- x86/pat: Restructure _lookup_address_cpa() (bsc#1221527).
- xen/swiotlb: add alignment check for dma buffers (bsc#1229928).
- xen/swiotlb: fix allocated size (git-fixes).
- xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003).
- xen: allow mapping ACPI data using a different physical address (bsc#1226003).
- xen: introduce generic helper checking for memory map conflicts (bsc#1226003).
- xen: move checks for e820 conflicts further up (bsc#1226003).
- xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003).
- xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003).
- xen: use correct end address of kernel for conflict checking (bsc#1226003).
- xfs: restrict when we try to align cow fork delalloc to cowextsz hints (git-fixes).
- xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git-fixes).
- xz: cleanup CRC32 edits from 2018 (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1183045SUSE bug 1215199SUSE bug 1216223SUSE bug 1216776SUSE bug 1220382SUSE bug 1221527SUSE bug 1221610SUSE bug 1221650SUSE bug 1222629SUSE bug 1223600SUSE bug 1223848SUSE bug 1225487SUSE bug 1225812SUSE bug 1225903SUSE bug 1226003SUSE bug 1226507SUSE bug 1226606SUSE bug 1226666SUSE bug 1226846SUSE bug 1226860SUSE bug 1227487SUSE bug 1227694SUSE bug 1227726SUSE bug 1227819SUSE bug 1227885SUSE bug 1227890SUSE bug 1227962SUSE bug 1228090SUSE bug 1228140SUSE bug 1228244SUSE bug 1228507SUSE bug 1228771SUSE bug 1229001SUSE bug 1229004SUSE bug 1229019SUSE bug 1229086SUSE bug 1229167SUSE bug 1229169SUSE bug 1229289SUSE bug 1229334SUSE bug 1229362SUSE bug 1229363SUSE bug 1229364SUSE bug 1229371SUSE bug 1229380SUSE bug 1229389SUSE bug 1229394SUSE bug 1229429SUSE bug 1229443SUSE bug 1229452SUSE bug 1229455SUSE bug 1229456SUSE bug 1229494SUSE bug 1229585SUSE bug 1229753SUSE bug 1229764SUSE bug 1229768SUSE bug 1229790SUSE bug 1229810SUSE bug 1229899SUSE bug 1229928SUSE bug 1230015SUSE bug 1230119SUSE bug 1230123SUSE bug 1230124SUSE bug 1230125SUSE bug 1230169SUSE bug 1230170SUSE bug 1230171SUSE bug 1230173SUSE bug 1230174SUSE bug 1230175SUSE bug 1230176SUSE bug 1230178SUSE bug 1230180SUSE bug 1230181SUSE bug 1230185SUSE bug 1230191SUSE bug 1230192SUSE bug 1230193SUSE bug 1230194SUSE bug 1230195SUSE bug 1230200SUSE bug 1230204SUSE bug 1230206SUSE bug 1230207SUSE bug 1230209SUSE bug 1230211SUSE bug 1230213SUSE bug 1230217SUSE bug 1230221SUSE bug 1230224SUSE bug 1230230SUSE bug 1230232SUSE bug 1230233SUSE bug 1230240SUSE bug 1230244SUSE bug 1230245SUSE bug 1230247SUSE bug 1230248SUSE bug 1230269SUSE bug 1230270SUSE bug 1230295SUSE bug 1230340SUSE bug 1230413SUSE bug 1230426SUSE bug 1230430SUSE bug 1230431SUSE bug 1230432SUSE bug 1230433SUSE bug 1230434SUSE bug 1230435SUSE bug 1230440SUSE bug 1230441SUSE bug 1230442SUSE bug 1230444SUSE bug 1230450SUSE bug 1230451SUSE bug 1230454SUSE bug 1230455SUSE bug 1230457SUSE bug 1230459SUSE bug 1230506SUSE bug 1230507SUSE bug 1230511SUSE bug 1230515SUSE bug 1230517SUSE bug 1230518SUSE bug 1230519SUSE bug 1230520SUSE bug 1230521SUSE bug 1230524SUSE bug 1230526SUSE bug 1230533SUSE bug 1230535SUSE bug 1230539SUSE bug 1230540SUSE bug 1230549SUSE bug 1230556SUSE bug 1230562SUSE bug 1230563SUSE bug 1230564SUSE bug 1230580SUSE bug 1230582SUSE bug 1230589SUSE bug 1230602SUSE bug 1230699SUSE bug 1230700SUSE bug 1230701SUSE bug 1230702SUSE bug 1230703SUSE bug 1230704SUSE bug 1230705SUSE bug 1230706SUSE bug 1230709SUSE bug 1230711SUSE bug 1230712SUSE bug 1230715SUSE bug 1230719SUSE bug 1230722SUSE bug 1230724SUSE bug 1230725SUSE bug 1230726SUSE bug 1230727SUSE bug 1230730SUSE bug 1230731SUSE bug 1230732SUSE bug 1230747SUSE bug 1230748SUSE bug 1230749SUSE bug 1230751SUSE bug 1230752SUSE bug 1230753SUSE bug 1230756SUSE bug 1230761SUSE bug 1230766SUSE bug 1230767SUSE bug 1230768SUSE bug 1230771SUSE bug 1230772SUSE bug 1230775SUSE bug 1230776SUSE bug 1230780SUSE bug 1230783SUSE bug 1230786SUSE bug 1230787SUSE bug 1230791SUSE bug 1230794SUSE bug 1230796SUSE bug 1230802SUSE bug 1230806SUSE bug 1230808SUSE bug 1230809SUSE bug 1230810SUSE bug 1230812SUSE bug 1230813SUSE bug 1230814SUSE bug 1230815SUSE bug 1230821SUSE bug 1230825SUSE bug 1230830SUSE bug 1230831SUSE bug 1230854SUSE bug 1230948SUSE bug 1231008SUSE bug 1231035SUSE bug 1231120SUSE bug 1231146SUSE bug 1231182SUSE bug 1231183CVE-2023-52610 at SUSECVE-2023-52610 at NVDCVE-2023-52752 at SUSECVE-2023-52752 at NVDCVE-2023-52915 at SUSECVE-2023-52915 at NVDCVE-2023-52916 at SUSECVE-2023-52916 at NVDCVE-2024-26640 at SUSECVE-2024-26640 at NVDCVE-2024-26759 at SUSECVE-2024-26759 at NVDCVE-2024-26804 at SUSECVE-2024-26804 at NVDCVE-2024-36953 at SUSECVE-2024-36953 at NVDCVE-2024-38538 at SUSECVE-2024-38538 at NVDCVE-2024-38596 at SUSECVE-2024-38596 at NVDCVE-2024-38632 at SUSECVE-2024-38632 at NVDCVE-2024-40965 at SUSECVE-2024-40965 at NVDCVE-2024-40973 at SUSECVE-2024-40973 at NVDCVE-2024-40983 at SUSECVE-2024-40983 at NVDCVE-2024-42154 at SUSECVE-2024-42154 at NVDCVE-2024-42243 at SUSECVE-2024-42243 at NVDCVE-2024-42252 at SUSECVE-2024-42252 at NVDCVE-2024-42265 at SUSECVE-2024-42265 at NVDCVE-2024-42294 at SUSECVE-2024-42294 at NVDCVE-2024-42304 at SUSECVE-2024-42304 at NVDCVE-2024-42305 at SUSECVE-2024-42305 at NVDCVE-2024-42306 at SUSECVE-2024-42306 at NVDCVE-2024-43828 at SUSECVE-2024-43828 at NVDCVE-2024-43832 at SUSECVE-2024-43832 at NVDCVE-2024-43835 at SUSECVE-2024-43835 at NVDCVE-2024-43845 at SUSECVE-2024-43845 at NVDCVE-2024-43870 at SUSECVE-2024-43870 at NVDCVE-2024-43890 at SUSECVE-2024-43890 at NVDCVE-2024-43898 at SUSECVE-2024-43898 at NVDCVE-2024-43904 at SUSECVE-2024-43904 at NVDCVE-2024-43914 at SUSECVE-2024-43914 at NVDCVE-2024-44935 at SUSECVE-2024-44935 at NVDCVE-2024-44944 at SUSECVE-2024-44944 at NVDCVE-2024-44946 at SUSECVE-2024-44946 at NVDCVE-2024-44947 at SUSECVE-2024-44947 at NVDCVE-2024-44948 at SUSECVE-2024-44948 at NVDCVE-2024-44950 at SUSECVE-2024-44950 at NVDCVE-2024-44951 at SUSECVE-2024-44951 at NVDCVE-2024-44952 at SUSECVE-2024-44952 at NVDCVE-2024-44954 at SUSECVE-2024-44954 at NVDCVE-2024-44960 at SUSECVE-2024-44960 at NVDCVE-2024-44961 at SUSECVE-2024-44961 at NVDCVE-2024-44962 at SUSECVE-2024-44962 at NVDCVE-2024-44965 at SUSECVE-2024-44965 at NVDCVE-2024-44967 at SUSECVE-2024-44967 at NVDCVE-2024-44969 at SUSECVE-2024-44969 at NVDCVE-2024-44970 at SUSECVE-2024-44970 at NVDCVE-2024-44971 at SUSECVE-2024-44971 at NVDCVE-2024-44977 at SUSECVE-2024-44977 at NVDCVE-2024-44982 at SUSECVE-2024-44982 at NVDCVE-2024-44984 at SUSECVE-2024-44984 at NVDCVE-2024-44985 at SUSECVE-2024-44985 at NVDCVE-2024-44986 at SUSECVE-2024-44986 at NVDCVE-2024-44987 at SUSECVE-2024-44987 at NVDCVE-2024-44988 at SUSECVE-2024-44988 at NVDCVE-2024-44989 at SUSECVE-2024-44989 at NVDCVE-2024-44990 at SUSECVE-2024-44990 at NVDCVE-2024-44991 at SUSECVE-2024-44991 at NVDCVE-2024-44997 at SUSECVE-2024-44997 at NVDCVE-2024-44998 at SUSECVE-2024-44998 at NVDCVE-2024-44999 at SUSECVE-2024-44999 at NVDCVE-2024-45000 at SUSECVE-2024-45000 at NVDCVE-2024-45001 at SUSECVE-2024-45001 at NVDCVE-2024-45002 at SUSECVE-2024-45002 at NVDCVE-2024-45003 at SUSECVE-2024-45003 at NVDCVE-2024-45005 at SUSECVE-2024-45005 at NVDCVE-2024-45006 at SUSECVE-2024-45006 at NVDCVE-2024-45007 at SUSECVE-2024-45007 at NVDCVE-2024-45008 at SUSECVE-2024-45008 at NVDCVE-2024-45011 at SUSECVE-2024-45011 at NVDCVE-2024-45012 at SUSECVE-2024-45012 at NVDCVE-2024-45013 at SUSECVE-2024-45013 at NVDCVE-2024-45015 at SUSECVE-2024-45015 at NVDCVE-2024-45017 at SUSECVE-2024-45017 at NVDCVE-2024-45018 at SUSECVE-2024-45018 at NVDCVE-2024-45019 at SUSECVE-2024-45019 at NVDCVE-2024-45020 at SUSECVE-2024-45020 at NVDCVE-2024-45021 at SUSECVE-2024-45021 at NVDCVE-2024-45022 at SUSECVE-2024-45022 at NVDCVE-2024-45023 at SUSECVE-2024-45023 at NVDCVE-2024-45026 at SUSECVE-2024-45026 at NVDCVE-2024-45028 at SUSECVE-2024-45028 at NVDCVE-2024-45029 at SUSECVE-2024-45029 at NVDCVE-2024-45030 at SUSECVE-2024-45030 at NVDCVE-2024-46672 at SUSECVE-2024-46672 at NVDCVE-2024-46673 at SUSECVE-2024-46673 at NVDCVE-2024-46674 at SUSECVE-2024-46674 at NVDCVE-2024-46675 at SUSECVE-2024-46675 at NVDCVE-2024-46676 at SUSECVE-2024-46676 at NVDCVE-2024-46677 at SUSECVE-2024-46677 at NVDCVE-2024-46679 at SUSECVE-2024-46679 at NVDCVE-2024-46685 at SUSECVE-2024-46685 at NVDCVE-2024-46686 at SUSECVE-2024-46686 at NVDCVE-2024-46687 at SUSECVE-2024-46687 at NVDCVE-2024-46689 at SUSECVE-2024-46689 at NVDCVE-2024-46691 at SUSECVE-2024-46691 at NVDCVE-2024-46692 at SUSECVE-2024-46692 at NVDCVE-2024-46693 at SUSECVE-2024-46693 at NVDCVE-2024-46694 at SUSECVE-2024-46694 at NVDCVE-2024-46695 at SUSECVE-2024-46695 at NVDCVE-2024-46702 at SUSECVE-2024-46702 at NVDCVE-2024-46706 at SUSECVE-2024-46706 at NVDCVE-2024-46707 at SUSECVE-2024-46707 at NVDCVE-2024-46709 at SUSECVE-2024-46709 at NVDCVE-2024-46710 at SUSECVE-2024-46710 at NVDCVE-2024-46714 at SUSECVE-2024-46714 at NVDCVE-2024-46715 at SUSECVE-2024-46715 at NVDCVE-2024-46716 at SUSECVE-2024-46716 at NVDCVE-2024-46717 at SUSECVE-2024-46717 at NVDCVE-2024-46719 at SUSECVE-2024-46719 at NVDCVE-2024-46720 at SUSECVE-2024-46720 at NVDCVE-2024-46722 at SUSECVE-2024-46722 at NVDCVE-2024-46723 at SUSECVE-2024-46723 at NVDCVE-2024-46724 at SUSECVE-2024-46724 at NVDCVE-2024-46725 at SUSECVE-2024-46725 at NVDCVE-2024-46726 at SUSECVE-2024-46726 at NVDCVE-2024-46728 at SUSECVE-2024-46728 at NVDCVE-2024-46729 at SUSECVE-2024-46729 at NVDCVE-2024-46730 at SUSECVE-2024-46730 at NVDCVE-2024-46731 at SUSECVE-2024-46731 at NVDCVE-2024-46732 at SUSECVE-2024-46732 at NVDCVE-2024-46734 at SUSECVE-2024-46734 at NVDCVE-2024-46735 at SUSECVE-2024-46735 at NVDCVE-2024-46737 at SUSECVE-2024-46737 at NVDCVE-2024-46738 at SUSECVE-2024-46738 at NVDCVE-2024-46739 at SUSECVE-2024-46739 at NVDCVE-2024-46741 at SUSECVE-2024-46741 at NVDCVE-2024-46743 at SUSECVE-2024-46743 at NVDCVE-2024-46744 at SUSECVE-2024-46744 at NVDCVE-2024-46745 at SUSECVE-2024-46745 at NVDCVE-2024-46746 at SUSECVE-2024-46746 at NVDCVE-2024-46747 at SUSECVE-2024-46747 at NVDCVE-2024-46749 at SUSECVE-2024-46749 at NVDCVE-2024-46750 at SUSECVE-2024-46750 at NVDCVE-2024-46751 at SUSECVE-2024-46751 at NVDCVE-2024-46752 at SUSECVE-2024-46752 at NVDCVE-2024-46753 at SUSECVE-2024-46753 at NVDCVE-2024-46755 at SUSECVE-2024-46755 at NVDCVE-2024-46756 at SUSECVE-2024-46756 at NVDCVE-2024-46757 at SUSECVE-2024-46757 at NVDCVE-2024-46758 at SUSECVE-2024-46758 at NVDCVE-2024-46759 at SUSECVE-2024-46759 at NVDCVE-2024-46760 at SUSECVE-2024-46760 at NVDCVE-2024-46761 at SUSECVE-2024-46761 at NVDCVE-2024-46767 at SUSECVE-2024-46767 at NVDCVE-2024-46771 at SUSECVE-2024-46771 at NVDCVE-2024-46772 at SUSECVE-2024-46772 at NVDCVE-2024-46773 at SUSECVE-2024-46773 at NVDCVE-2024-46774 at SUSECVE-2024-46774 at NVDCVE-2024-46776 at SUSECVE-2024-46776 at NVDCVE-2024-46778 at SUSECVE-2024-46778 at NVDCVE-2024-46780 at SUSECVE-2024-46780 at NVDCVE-2024-46781 at SUSECVE-2024-46781 at NVDCVE-2024-46783 at SUSECVE-2024-46783 at NVDCVE-2024-46784 at SUSECVE-2024-46784 at NVDCVE-2024-46786 at SUSECVE-2024-46786 at NVDCVE-2024-46787 at SUSECVE-2024-46787 at NVDCVE-2024-46791 at SUSECVE-2024-46791 at NVDCVE-2024-46794 at SUSECVE-2024-46794 at NVDCVE-2024-46797 at SUSECVE-2024-46797 at NVDCVE-2024-46798 at SUSECVE-2024-46798 at NVDCVE-2024-46822 at SUSECVE-2024-46822 at NVDcpe:/o:suse:sl-micro:6.0Security update for python311 (Important)SUSE Linux Micro 6.0
This update for python311 fixes the following issues:
- CVE-2024-8088: Fixed a denial of service in zipfile (bsc#1229704)
- CVE-2024-6232: Fixed a ReDos via excessive backtracking while parsing header values (bsc#1230227)
- CVE-2024-7592: Fixed a denial of service in the http.cookies module (bsc#1229596)
ImportantSUSE bug 1229596SUSE bug 1229704SUSE bug 1230227CVE-2024-6232 at SUSECVE-2024-6232 at NVDCVE-2024-7592 at SUSECVE-2024-7592 at NVDCVE-2024-8088 at SUSECVE-2024-8088 at NVDcpe:/o:suse:sl-micro:6.0Security update for tiff (Moderate)SUSE Linux Micro 6.0
This update for tiff fixes the following issues:
* CVE-2024-7006: Fix pointer deref in tif_dirinfo.c [bsc#1228924]
ModerateSUSE bug 1228924CVE-2024-7006 at SUSECVE-2024-7006 at NVDcpe:/o:suse:sl-micro:6.0Security update for protobuf (Important)SUSE Linux Micro 6.0
This update for protobuf fixes the following issues:
- CVE-2024-7254: Fixed a stack overflow vulnerability in protocol buffers (bsc#1230778)
ImportantSUSE bug 1230778CVE-2024-7254 at SUSECVE-2024-7254 at NVDcpe:/o:suse:sl-micro:6.0Security update for qemu (Important)SUSE Linux Micro 6.0
This update for qemu fixes the following issues:
- Bugfixes and CVEs:
* hw/usb/hcd-ohci: Fix #1510, #303: pid not IN or OUT (bsc#1230834, CVE-2024-8354)
* softmmu: Support concurrent bounce buffers (bsc#1230915, CVE-2024-8612)
* system/physmem: Per-AddressSpace bounce buffering (bsc#1230915, CVE-2024-8612)
* system/physmem: Propagate AddressSpace to MapClient helpers (bsc#1230915, CVE-2024-8612)
* system/physmem: Replace qemu_mutex_lock() calls with QEMU_LOCK_GUARD (bsc#1230915, CVE-2024-8612)
- Update version to 8.2.7
* Full changelog here:
https://lore.kernel.org/qemu-devel/d9ff276f-f1ba-4e90-8343-a7a0dc2bf305@tls.msk.ru/
* Fixes:
bsc#1229007, CVE-2024-7409
bsc#1224132, CVE-2024-4693
* Some backports:
gitlab: fix logic for changing docker tag on stable branches
ui/sdl2: set swap interval explicitly when OpenGL is enabled
hw/intc/arm_gic: fix spurious level triggered interrupts
hw/audio/virtio-sound: fix heap buffer overflow
tests/docker: update debian i686 and mipsel images to bookworm
tests/docker: remove debian-armel-cross
hw/display/vhost-user-gpu.c: fix vhost_user_gpu_chr_read()
crypto: check gnutls & gcrypt support the requested pbkdf hash
crypto: run qcrypto_pbkdf2_count_iters in a new thread
softmmu/physmem: fix memory leak in dirty_memory_extend()
target/ppc: Fix migration of CPUs with TLB_EMB TLB type
gitlab: migrate the s390x custom machine to 22.04
target/hppa: Fix PSW V-bit packaging in cpu_hppa_get for hppa64
hw/audio/virtio-snd: fix invalid param check
virtio-pci: Fix the use of an uninitialized irqfd
- Fix bsc#1231519:
* accel/kvm: check for KVM_CAP_READONLY_MEM on VM (bsc#1231519)
ImportantSUSE bug 1224132SUSE bug 1229007SUSE bug 1229929SUSE bug 1230140SUSE bug 1230834SUSE bug 1230915SUSE bug 1231519CVE-2024-4693 at SUSECVE-2024-4693 at NVDCVE-2024-7409 at SUSECVE-2024-7409 at NVDCVE-2024-8354 at SUSECVE-2024-8354 at NVDCVE-2024-8612 at SUSECVE-2024-8612 at NVDcpe:/o:suse:sl-micro:6.0Security update for podman (Moderate)SUSE Linux Micro 6.0
This update for podman fixes the following issues:
- CVE-2024-9676: Fixed a denial of service via a symlink traversal in the containers/storage library (bsc#1231698)
- CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230)
- CVE-2024-9675: Fixed caching of arbitrary directory mount (bsc#1231499)
- CVE-2024-9407: Fixed improper input validation in bind-propagation option of Dockerfile RUN --mount instruction (bsc#1231208)
ModerateSUSE bug 1231208SUSE bug 1231230SUSE bug 1231499SUSE bug 1231698CVE-2024-6104 at SUSECVE-2024-6104 at NVDCVE-2024-9341 at SUSECVE-2024-9341 at NVDCVE-2024-9407 at SUSECVE-2024-9407 at NVDCVE-2024-9675 at SUSECVE-2024-9675 at NVDCVE-2024-9676 at SUSECVE-2024-9676 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52778: mptcp: deal with large GSO size (bsc#1224948).
- CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823).
- CVE-2024-26596: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events (bsc#1220355).
- CVE-2024-26741: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished() (bsc#1222587).
- CVE-2024-26782: mptcp: fix double-free on socket dismantle (bsc#1222590).
- CVE-2024-26953: net: esp: fix bad handling of pages from page_pool (bsc#1223656).
- CVE-2024-27017: netfilter: nft_set_pipapo: walk over current view on netlink dump (bsc#1223733).
- CVE-2024-35888: erspan: make sure erspan_base_hdr is present in skb->head (bsc#1224518).
- CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).
- CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797).
- CVE-2024-36883: net: fix out-of-bounds access in ops_init (bsc#1225725).
- CVE-2024-36886: tipc: fix UAF in error path (bsc#1225730).
- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).
- CVE-2024-36927: ipv4: Fix uninit-value access in __ip_make_skb() (bsc#1225813).
- CVE-2024-36954: tipc: fix a possible memleak in tipc_buf_append (bsc#1225764).
- CVE-2024-36968: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() (bsc#1226130).
- CVE-2024-38589: netrom: fix possible dead-lock in nr_rt_ioctl() (bsc#1226748).
- CVE-2024-40914: mm/huge_memory: do not unpoison huge_zero_folio (bsc#1227842).
- CVE-2024-41023: sched/deadline: Fix task_struct reference leak (bsc#1228430).
- CVE-2024-41031: mm/filemap: skip to create PMD-sized page cache if needed (bsc#1228454).
- CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620).
- CVE-2024-42102: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (bsc#1233132).
- CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179).
- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
- CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456).
- CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550).
- CVE-2024-46680: Bluetooth: btnxpuart: Fix random crash seen while removing driver (bsc#1230557).
- CVE-2024-46681: pktgen: use cpus_read_lock() in pg_net_init() (bsc#1230558).
- CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
- CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801).
- CVE-2024-46765: ice: protect XDP configuration with a mutex (bsc#1230807).
- CVE-2024-46766: ice: move netif_queue_set_napi to rtnl-protected sections (bsc#1230762).
- CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
- CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774).
- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191).
- CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197).
- CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115).
- CVE-2024-46831: net: microchip: vcap: Fix use-after-free error in kunit test (bsc#1231117).
- CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096).
- CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105).
- CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094).
- CVE-2024-46843: scsi: ufs: core: Remove SCSI host only if added (bsc#1231100).
- CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
- CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085).
- CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087).
- CVE-2024-46870: drm/amd/display: Disable DMCUB timeout for DCN35 (bsc#1231435).
- CVE-2024-47658: crypto: stm32/cryp - call finalize with bh disabled (bsc#1231436).
- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).
- CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442).
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode() and iput() (bsc#1231930).
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987).
- CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998).
- CVE-2024-47687: vdpa/mlx5: Fix invalid mr resource destroy (bsc#1232003).
- CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857).
- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).
- CVE-2024-47703: bpf, lsm: add check for BPF LSM return value (bsc#1231946).
- CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944).
- CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872).
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942).
- CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935).
- CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049).
- CVE-2024-47727: x86/tdx: Fix "in-kernel MMIO" check (bsc#1232116).
- CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075).
- CVE-2024-47731: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing (bsc#1232117).
- CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124).
- CVE-2024-47741: btrfs: fix race setting file private on concurrent lseek using same fd (bsc#1231869).
- CVE-2024-47745: mm: call the security_mmap_file() LSM hook in remap_file_pages() (bsc#1232135).
- CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145).
- CVE-2024-47752: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning (bsc#1232130).
- CVE-2024-47753: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning (bsc#1231868).
- CVE-2024-47754: media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning (bsc#1232131).
- CVE-2024-49852: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (bsc#1232819).
- CVE-2024-49864: rxrpc: Fix a race between socket set up and I/O thread creation (bsc#1232256).
- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232262).
- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).
- CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201).
- CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200).
- CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199).
- CVE-2024-49888: bpf: Fix a sdiv overflow issue (bsc#1232208).
- CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217).
- CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220).
- CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354).
- CVE-2024-49895: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (bsc#1232352).
- CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221).
- CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355).
- CVE-2024-49898: drm/amd/display: Check null-initialized variables (bsc#1232222).
- CVE-2024-49899: drm/amd/display: Initialize denominators' default to 1 (bsc#1232358).
- CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305).
- CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332).
- CVE-2024-49907: drm/amd/display: Check null pointers before using dc->clk_mgr (bsc#1232334).
- CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337).
- CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366).
- CVE-2024-49912: drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' (bsc#1232367).
- CVE-2024-49913: drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (bsc#1232307).
- CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369).
- CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965).
- CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967).
- CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968).
- CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313).
- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).
- CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374).
- CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368).
- CVE-2024-49934: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (bsc#1232387).
- CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424).
- CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166).
- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).
- CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164).
- CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160).
- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-49953: net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (bsc#1232156).
- CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155).
- CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151).
- CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149).
- CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395).
- CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140).
- CVE-2024-49968: ext4: filesystems without casefold feature cannot be mounted with siphash (bsc#1232264).
- CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519).
- CVE-2024-49972: drm/amd/display: Deallocate DML memory if allocation fails (bsc#1232315).
- CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105).
- CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383).
- CVE-2024-49983: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free (bsc#1232096).
- CVE-2024-49986: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors (bsc#1232093).
- CVE-2024-49987: bpftool: Fix undefined behavior in qsort(NULL, 0, ...) (bsc#1232258).
- CVE-2024-49989: drm/amd/display: fix double free issue during amdgpu module unload (bsc#1232483).
- CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282).
- CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316).
- CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).
- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
- CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085).
- CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084).
- CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083).
- CVE-2024-50003: drm/amd/display: Fix system hang while resume with TBT monitor (bsc#1232385).
- CVE-2024-50004: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 (bsc#1232396).
- CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442).
- CVE-2024-50009: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value (bsc#1232318).
- CVE-2024-50012: cpufreq: Avoid a bad reference count on CPU node (bsc#1232386).
- CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446).
- CVE-2024-50015: ext4: dax: fix overflowing extents beyond inode size when partially writing (bsc#1232079).
- CVE-2024-50020: ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() (bsc#1231989).
- CVE-2024-50021: ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() (bsc#1231957).
- CVE-2024-50022: device-dax: correct pgoff align in dax_set_mapping() (bsc#1231956).
- CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954).
- CVE-2024-50027: thermal: core: Free tzp copy along with the thermal zone (bsc#1231951).
- CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950).
- CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914).
- CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392).
- CVE-2024-50040: igb: Do not bring the device up after non-fatal error (bsc#1231908).
- CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907).
- CVE-2024-50042: ice: Fix increasing MSI-X on VF (bsc#1231906).
- CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903).
- CVE-2024-50046: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902).
- CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418).
- CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345).
- CVE-2024-50060: io_uring: check if we need to reschedule during overflow flush (bsc#1232417).
- CVE-2024-50063: bpf: Prevent tail call between progs attached to different hooks (bsc#1232435).
- CVE-2024-50064: zram: free secondary algorithms names (bsc#1231901).
- CVE-2024-50080: ublk: do not allow user copy for unprivileged device (bsc#1232502).
- CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501).
- CVE-2024-50082: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (bsc#1232500).
- CVE-2024-50084: net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() (bsc#1232494).
- CVE-2024-50087: btrfs: fix uninitialized pointer free on read_alloc_one_name() error (bsc#1232499).
- CVE-2024-50088: btrfs: fix uninitialized pointer free in add_inode_ref() (bsc#1232498).
- CVE-2024-50098: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down (bsc#1232881).
- CVE-2024-50110: xfrm: fix one more kernel-infoleak in algo dumping (bsc#1232885).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232926).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).
- CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905).
- CVE-2024-50130: netfilter: bpf: must hold reference on net namespace (bsc#1232894).
- CVE-2024-50138: bpf: Use raw_spinlock_t in ringbuf (bsc#1232935).
- CVE-2024-50139: KVM: arm64: Fix shift-out-of-bounds bug (bsc#1233062).
- CVE-2024-50145: octeon_ep: add SKB allocation failures handling in __octep_oq_process_rx() (bsc#1233044).
- CVE-2024-50153: scsi: target: core: Fix null-ptr-deref in target_alloc_device() (bsc#1233061).
- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).
- CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050).
- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).
- CVE-2024-50169: vsock: Update rx_bytes on read_skb() (bsc#1233320).
- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).
- CVE-2024-50177: drm/amd/display: fix a UBSAN warning in DML2.1 (bsc#1233115).
- CVE-2024-50182: secretmem: disable memfd_secret() if arch cannot set direct map (bsc#1233129).
- CVE-2024-50184: virtio_pmem: Check device status before requesting flush (bsc#1233135).
- CVE-2024-50186: net: explicitly clear the sk pointer, when pf->create fails (bsc#1233110).
- CVE-2024-50192: irqchip/gic-v4: Do not allow a VMOVP on a dying VPE (bsc#1233106).
- CVE-2024-50225: btrfs: fix error propagation of split bios (bsc#1233193).
- CVE-2024-50228: mm: shmem: fix data-race in shmem_getattr() (bsc#1233204).
- CVE-2024-50230: nilfs2: fix kernel bug due to missing clearing of checked flag (bsc#1233206).
- CVE-2024-50245: fs/ntfs3: Fix possible deadlock in mi_read (bsc#1233203).
- CVE-2024-50246: fs/ntfs3: Add rough attr alloc_size check (bsc#1233207).
- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233226).
- CVE-2024-50252: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address (bsc#1233201).
- CVE-2024-50257: netfilter: Fix use-after-free in get_info() (bsc#1233244).
- CVE-2024-50261: macsec: Fix use-after-free while sending the offloading packet (bsc#1233253).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50271: signal: restore the override_rlimit logic (bsc#1233460).
- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).
- CVE-2024-50274: idpf: avoid vport access in idpf_get_link_ksettings (bsc#1233463).
- CVE-2024-50275: arm64/sve: Discard stale CPU state when handling SVE traps (bsc#1233464).
- CVE-2024-50276: net: vertexcom: mse102x: Fix possible double free of TX skb (bsc#1233465).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).
- CVE-2024-50295: net: arc: fix the device for dma_map_single/dma_unmap_single (bsc#1233484).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-50298: net: enetc: allocate vf_state during PF probes (bsc#1233487).
- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233540).
- CVE-2024-53043: mctp i2c: handle NULL header address (bsc#1233523).
- CVE-2024-53048: ice: fix crash on probe for DPLL enabled E810 LOM (bsc#1233721).
- CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547).
- CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550).
- CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568).
- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).
- CVE-2024-53079: mm/thp: fix deferred split unqueue naming and locking (bsc#1233570).
- CVE-2024-53082: virtio_net: Add hash_key_length check (bsc#1233573).
- CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642).
- CVE-2024-53110: vp_vdpa: fix id_table array not null terminated error (bsc#1234085).
- CVE-2024-53121: net/mlx5: fs, lock FTE when checking if active (bsc#1234078).
- CVE-2024-53138: net/mlx5e: kTLS, Fix incorrect page refcounting (bsc#1234223).
The following non-security bugs were fixed:
- 9p: explicitly deny setlease attempts (git-fixes).
- ACPI: CPPC: Add support for setting EPP register in FFH (stable-fixes).
- ACPI: CPPC: Fix _CPC register setting issue (git-fixes).
- ACPI: CPPC: Make rmw_lock a raw_spin_lock (git-fixes).
- ACPI: EC: Do not release locks during operation region accesses (stable-fixes).
- ACPI: PAD: fix crash in exit_round_robin() (stable-fixes).
- ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes).
- ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git-fixes).
- ACPI: battery: Fix possible crash when unregistering a battery hook (git-fixes).
- ACPI: battery: Simplify battery hook locking (stable-fixes).
- ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue (stable-fixes).
- ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable-fixes).
- ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes).
- ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes).
- ACPICA: iasl: handle empty connection_node (stable-fixes).
- ALSA/hda: intel-sdw-acpi: cleanup sdw_intel_scan_controller (stable-fixes).
- ALSA/hda: intel-sdw-acpi: fetch fwnode once in sdw_intel_scan_controller() (stable-fixes).
- ALSA/hda: intel-sdw-acpi: simplify sdw-master-count property read (stable-fixes).
- ALSA: 6fire: Release resources at card release (git-fixes).
- ALSA: Reorganize kerneldoc parameter names (stable-fixes).
- ALSA: ac97: bus: Fix the mistake in the comment (git-fixes).
- ALSA: asihpi: Fix potential OOB array access (stable-fixes).
- ALSA: caiaq: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ALSA: core: add isascii() check to card ID generator (stable-fixes).
- ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes).
- ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() (git-fixes).
- ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable-fixes).
- ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes).
- ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes).
- ALSA: hda/conexant: fix Z60MR100 startup pop issue (stable-fixes).
- ALSA: hda/conexant: fix some typos (stable-fixes).
- ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes).
- ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (bsc#1219803).
- ALSA: hda/realtek - Fixed Clevo platform headset Mic issue (stable-fixes).
- ALSA: hda/realtek - update set GPIO3 to default for Thinkpad with ALC1318 (git-fixes).
- ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 (stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 (stable-fixes).
- ALSA: hda/realtek: Add support for Samsung Galaxy Book3 360 (NP730QFG) (stable-fixes).
- ALSA: hda/realtek: Apply quirk for Medion E15433 (bsc#1233298).
- ALSA: hda/realtek: Enable mic on Vaio VJFH52 (stable-fixes).
- ALSA: hda/realtek: Enable mute and micmute LED on HP ProBook 430 G8 (stable-fixes).
- ALSA: hda/realtek: Enable speaker pins for Medion E15443 platform (bsc#1233298).
- ALSA: hda/realtek: Fix Internal Speaker and Mic boost of Infinix Y4 Max (bsc#1233298).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 (stable-fixes).
- ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes).
- ALSA: hda/realtek: Limit internal Mic boost on Dell platform (stable-fixes).
- ALSA: hda/realtek: Refactor and simplify Samsung Galaxy Book init (stable-fixes).
- ALSA: hda/realtek: Set PCBeep to default value for ALC274 (stable-fixes).
- ALSA: hda/realtek: Update ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Update ALC256 depop procedure (git-fixes).
- ALSA: hda/realtek: Update default depop procedure (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LED for HP mt645 G8 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 (stable-fixes).
- ALSA: hda/realtek: tas2781: Fix ROG ALLY X audio (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo Y990 Laptop (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects (stable-fixes).
- ALSA: hda/tas2781: select CRC32 instead of CRC32_SARWATE (git-fixes).
- ALSA: hda: Poll jack events for LS7A HD-Audio (stable-fixes).
- ALSA: hda: Show the codec quirk info at probing (stable-fixes).
- ALSA: hda: Sound support for HP Spectre x360 16 inch model 2024 (stable-fixes).
- ALSA: hda: tas2781: Fix missing setup at runtime PM (bsc#1230132).
- ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes).
- ALSA: ice1712: Remove redundant code in stac9460_dac_vol_put (stable-fixes).
- ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes).
- ALSA: line6: update contact information (stable-fixes).
- ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes).
- ALSA: pcm: Add sanity NULL check for the default mmap fault handler (stable-fixes).
- ALSA: silence integer wrapping warning (stable-fixes).
- ALSA: ump: Fix evaluation of MIDI 1.0 FB info (git-fixes).
- ALSA: us122l: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ALSA: usb-audio: Add Pioneer DJ/AlphaTheta DJM-A9 Mixer (stable-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes).
- ALSA: usb-audio: Add input value sanity checks for standard types (stable-fixes).
- ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes).
- ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes).
- ALSA: usb-audio: Add quirk for HP 320 FHD Webcam (bsc#1232768).
- ALSA: usb-audio: Add quirks for Dell WD19 dock (stable-fixes).
- ALSA: usb-audio: Define macros for quirk table entries (stable-fixes).
- ALSA: usb-audio: Fix Yamaha P-125 Quirk Entry (stable-fixes).
- ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (stable-fixes).
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (git-fixes).
- ALSA: usb-audio: Make mic volume workarounds globally applicable (stable-fixes).
- ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes).
- ALSA: usb-audio: Use snprintf instead of sprintf in build_mixer_unit_ctl (stable-fixes).
- ALSA: usb-audio: add mixer mapping for Corsair HS80 (stable-fixes).
- ALSA: usx2y: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ASoC: Intel: avs: da7219: Remove suspend_pre() and resume_post() (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated codec (stable-fixes).
- ASoC: Intel: sst: Fix used of uninitialized ctx to log an error (git-fixes).
- ASoC: Intel: sst: Support LPE0F28 ACPI HID (stable-fixes).
- ASoC: SOF: Add i2s bt dai configuration support for AMD platforms (bsc#1233305).
- ASoC: SOF: Add support for configuring PDM interface from topology (bsc#1233305).
- ASoC: SOF: Deprecate invalid enums in IPC3 (bsc#1233305).
- ASoC: SOF: IPC4: get pipeline priority from topology (bsc#1233305).
- ASoC: SOF: IPC4: synchronize fw_config_params with fw definitions (bsc#1233305).
- ASoC: SOF: Refactor sof_i2s_tokens reading to update acpbt dai (bsc#1233305).
- ASoC: SOF: Rename amd_bt sof_dai_type (bsc#1233305).
- ASoC: SOF: Wire up buffer flags (bsc#1233305).
- ASoC: SOF: add alignment for topology header file struct definition (bsc#1233305).
- ASoC: SOF: align topology header file with sof topology header (bsc#1233305).
- ASoC: SOF: ipc3-topology: Convert the topology pin index to ALH dai index (git-fixes).
- ASoC: SOF: ipc3-topology: fix resource leaks in sof_ipc3_widget_setup_comp_dai() (git-fixes).
- ASoC: SOF: ipc4-control: Add support for ALSA enum control (bsc#1233305).
- ASoC: SOF: ipc4-control: Add support for ALSA switch control (bsc#1233305).
- ASoC: SOF: ipc4-mtrace: move debug slot related definitions to header.h (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add deep buffer size to debug prints (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add definition for generic switch/enum control (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add module ID print during module set up (bsc#1233305).
- ASoC: SOF: ipc4-topology: Helper to find an swidget by module/instance id (bsc#1233305).
- ASoC: SOF: ipc4-topology: Only handle dai_config with HW_PARAMS for ChainDMA (bsc#1233305).
- ASoC: SOF: ipc4-topology: change chain_dma handling in dai_config (bsc#1233305).
- ASoC: SOF: ipc4-topology: export sof_ipc4_copier_is_single_format (bsc#1233305).
- ASoC: SOF: ipc4-topology: set config_length based on device_count (bsc#1233305).
- ASoC: SOF: ipc4: Add data struct for module notification message from firmware (bsc#1233305).
- ASoC: SOF: ipc4: Add new message type: SOF_IPC4_GLB_LOAD_LIBRARY_PREPARE (bsc#1233305).
- ASoC: SOF: sof-client-probes-ipc4: Set param_size extension bits (git-fixes).
- ASoC: SOF: topology: Parse DAI type token for dspless mode (bsc#1233305).
- ASoC: SOF: topology: dynamically allocate and store DAI widget->private (bsc#1233305).
- ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA (stable-fixes).
- ASoC: amd: yc: Add quirk for HP Dragonfly pro one (stable-fixes).
- ASoC: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry (git-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA (stable-fixes).
- ASoC: amd: yc: Support dmic on another model of Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022 (stable-fixes).
- ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is uninitialized (git-fixes).
- ASoC: audio-graph-card2: Purge absent supplies for device tree nodes (stable-fixes).
- ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() (git-fixes).
- ASoC: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes).
- ASoC: codecs: rt5640: Always disable IRQs from rt5640_cancel_work() (stable-fixes).
- ASoC: codecs: wsa883x: Handle reading version failure (stable-fixes).
- ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() (git-fixes).
- ASoC: dapm: fix bounds checker error in dapm_widget_list_create (git-fixes).
- ASoC: fsl_micfil: Add sample rate constraint (stable-fixes).
- ASoC: fsl_micfil: fix regmap_write_bits usage (git-fixes).
- ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit (stable-fixes).
- ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git-fixes).
- ASoC: max98388: Fix missing increment of variable slot_found (git-fixes).
- ASoC: mediatek: mt8188-mt6359: Remove hardcoded dmic codec (git-fixes).
- ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string (stable-fixes).
- ASoC: rt722-sdca: Remove logically deadcode in rt722-sdca.c (git-fixes).
- ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue (stable-fixes).
- ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove (git-fixes).
- ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() (stable-fixes).
- ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() (stable-fixes).
- ASoC: tas2781: Add new driver version for tas2563 & tas2781 qfn chip (stable-fixes).
- ASoC: tas2781: Use of_property_read_reg() (stable-fixes).
- Bluetooth: Call iso_exit() on module unload (git-fixes).
- Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (git-fixes).
- Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git-fixes).
- Bluetooth: Remove debugfs directory on module init failure (git-fixes).
- Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes).
- Bluetooth: btintel: Direct exception event to bluetooth stack (git-fixes).
- Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test (bsc#1230557)
- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 (stable-fixes).
- Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git-fixes).
- Bluetooth: fix use-after-free in device_for_each_child() (git-fixes).
- Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (git-fixes).
- Bluetooth: hci_core: Fix calling mgmt_device_connected (git-fixes).
- Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes).
- Documentation: kgdb: Correct parameter error (git-fixes).
- HID: Ignore battery for all ELAN I2C-HID devices (stable-fixes).
- HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes).
- HID: core: zero-initialize the report buffer (git-fixes).
- HID: i2c-hid: Remove I2C_HID_QUIRK_SET_PWR_WAKEUP_DEV quirk (stable-fixes).
- HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard (stable-fixes).
- HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad (stable-fixes).
- HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad (stable-fixes).
- HID: multitouch: Add support for B2402FVA track point (stable-fixes).
- HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable-fixes).
- HID: multitouch: Add support for lenovo Y9000P Touchpad (stable-fixes).
- HID: plantronics: Workaround for an unexcepted opposite volume key (stable-fixes).
- HID: wacom: Interpret tilt data from Intuos Pro BT as signed values (git-fixes).
- HID: wacom: fix when get product name maybe null pointer (git-fixes).
- Input: adp5589-keys - fix NULL pointer dereference (git-fixes).
- Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes).
- Input: edt-ft5x06 - fix regmap leak when probe fails (git-fixes).
- Input: hideep - add missing dependency on REGMAP_I2C (git-fixes).
- Input: hycon-hy46xx - add missing dependency on REGMAP_I2C (git-fixes).
- Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line (stable-fixes).
- Input: xpad - add GameSir T4 Kaleid Controller support (git-fixes).
- Input: xpad - add GameSir VID for Xbox One controllers (git-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2C Wireless Controller (git-fixes).
- Input: xpad - add support for MSI Claw A1M (git-fixes).
- Input: xpad - add support for Machenike G5 Pro Controller (git-fixes).
- Input: xpad - fix support for some third-party controllers (git-fixes).
- Input: xpad - sort xpad_device by vendor and product ID (git-fixes).
- Input: xpad - spelling fixes for "Xbox" (git-fixes).
- KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git-fixes).
- KVM: PPC: Book3S HV: Avoid returning to nested hypervisor on pending doorbells (bsc#1215199).
- KVM: PPC: Book3S HV: Stop using vc->dpdes for nested KVM guests (bsc#1215199).
- KVM: PPC: Book3S HV: remove unused varible (bsc#1194869).
- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (bsc#1232207).
- KVM: SEV-ES: Prevent MSR access post VMSA encryption (bsc#1232207).
- KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes).
- KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock (git-fixes).
- KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is disabled (git-fixes).
- KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid (git-fixes).
- KVM: Write the per-page "segment" when clearing (part of) a guest page (git-fixes).
- KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232626).
- KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231276).
- KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232623).
- KVM: x86/mmu: Skip emulation on page fault iff 1+ SPs were unprotected (git-fixes).
- KVM: x86/mmu: Trigger unprotect logic only on write-protection page faults (git-fixes).
- KVM: x86: Dedup fastpath MSR post-handling logic (git-fixes).
- KVM: x86: Enforce x2APIC's must-be-zero reserved ICR bits (git-fixes).
- KVM: x86: Exit to userspace if fastpath triggers one on instruction skip (git-fixes).
- KVM: x86: Move x2APIC ICR helper above kvm_apic_write_nodecode() (git-fixes).
- KVM: x86: Re-enter guest if WRMSR(X2APIC_ICR) fastpath is successful (git-fixes).
- KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).
- NFS: Avoid unnecessary rescanning of the per-server delegation list (git-fixes).
- NFS: remove revoked delegation from server's delegation list (git-fixes).
- NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes).
- NFSD: Mark filecache "down" if init fails (git-fixes).
- NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016).
- NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes).
- PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes).
- PCI: Add T_PVPERL macro (git-fixes).
- PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes).
- PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019).
- PCI: Fix reset_method_store() memory leak (git-fixes).
- PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes).
- PCI: endpoint: Clear secondary (not primary) EPC in pci_epc_remove_epf() (git-fixes).
- PCI: j721e: Deassert PERST# after a delay of PCIE_T_PVPERL_MS milliseconds (git-fixes).
- PCI: keystone: Add link up check to ks_pcie_other_map_bus() (git-fixes).
- PCI: keystone: Set mode as Root Complex for "ti,keystone-pcie" compatible (git-fixes).
- PCI: rockchip-ep: Fix address translation unit programming (git-fixes).
- RAS/AMD/ATL: Add amd_atl pr_fmt() prefix (jsc#PED-10559).
- RAS/AMD/ATL: Expand helpers for adding and removing base and hole (jsc#PED-10559).
- RAS/AMD/ATL: Implement DF 4.5 NP2 denormalization (jsc#PED-10559).
- RAS/AMD/ATL: Read DRAM hole base early (jsc#PED-10559).
- RAS/AMD/ATL: Validate address map when information is gathered (jsc#PED-10559).
- RDMA/bnxt_re: Add a check for memory allocation (git-fixes)
- RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop (git-fixes)
- RDMA/bnxt_re: Change the sequence of updating the CQ toggle value (git-fixes)
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (git-fixes)
- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes)
- RDMA/bnxt_re: Fix a possible memory leak (git-fixes)
- RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes)
- RDMA/bnxt_re: Fix incorrect dereference of srq in async event (git-fixes)
- RDMA/bnxt_re: Fix out of bound check (git-fixes)
- RDMA/bnxt_re: Fix the GID table length (git-fixes)
- RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes)
- RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes)
- RDMA/bnxt_re: Return more meaningful error (git-fixes)
- RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes)
- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)
- RDMA/cxgb4: Dump vendor specific QP details (git-fixes)
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes)
- RDMA/hns: Add mutex_destroy() (git-fixes)
- RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes)
- RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (git-fixes)
- RDMA/hns: Fix an AEQE overflow error caused by untimely update of eq_db_ci (git-fixes)
- RDMA/hns: Fix cpu stuck caused by printings during reset (git-fixes)
- RDMA/hns: Fix different dgids mapping to the same dip_idx (git-fixes)
- RDMA/hns: Fix flush cqe error when racing with destroy qp (git-fixes)
- RDMA/hns: Fix out-of-order issue of requester when setting FENCE (git-fixes)
- RDMA/hns: Use dev_* printings in hem code instead of ibdev_* (git-fixes)
- RDMA/hns: Use macro instead of magic number (git-fixes)
- RDMA/irdma: Fix misspelling of "accept*" (git-fixes)
- RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes)
- RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes).
- RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes).
- RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (git-fixes)
- RDMA/mlx5: Move events notifier registration to be after device registration (git-fixes)
- RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git-fixes)
- RDMA/mlx5: Use sq timestamp as QP timestamp when RoCE is disabled (git-fixes).
- RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git-fixes)
- RDMA/rxe: Fix the qp flush warnings in req (git-fixes)
- RDMA/rxe: Set queue pair cur_qp_state when being queried (git-fixes)
- RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES (git-fixes)
- RDMA/srpt: Make slab cache names unique (git-fixes)
- SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes).
- SUNRPC: Fixup gss_status tracepoint error output (git-fixes).
- SUNRPC: Remove BUG_ON call sites (git-fixes).
- SUNRPC: clnt.c: Remove misleading comment (git-fixes).
- USB: appledisplay: close race between probe and completion handler (git-fixes).
- USB: chaoskey: Fix possible deadlock chaoskey_list_lock (git-fixes).
- USB: chaoskey: fail open after removal (git-fixes).
- USB: gadget: dummy-hcd: Fix "task hung" problem (git-fixes).
- USB: misc: cypress_cy7c63: check for short transfer (git-fixes).
- USB: misc: yurex: fix race between read and write (git-fixes).
- USB: serial: ftdi_sio: Fix atomicity violation in get_serial_info() (git-fixes).
- USB: serial: io_edgeport: fix use after free in debug printk (git-fixes).
- USB: serial: option: add Fibocom FG132 0x0112 composition (stable-fixes).
- USB: serial: option: add Quectel RG650V (stable-fixes).
- USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes).
- USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes).
- USB: serial: qcserial: add support for Sierra Wireless EM86xx (stable-fixes).
- Use pahole -j1 option for reproducible builds (bsc#1230414 bsc#1229450).
- accel/qaic: Fix the for loop used to walk SG table (git-fixes).
- accel: Use XArray instead of IDR for minors (jsc#PED-11580).
- acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block() (git-fixes).
- ad7780: fix division by zero in ad7780_write_raw() (git-fixes).
- aes-gcm-p10: Use the correct bit to test for P10 (bsc#1232704).
- amd-pstate: Set min_perf to nominal_perf for active mode performance gov (git-fixes).
- apparmor: fix 'Do simple duplicate message elimination' (git-fixes).
- apparmor: test: Fix memory leak for aa_unpack_strdup() (git-fixes).
- apparmor: use kvfree_sensitive to free data->data (git-fixes).
- arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 (git-fixes)
- arm64: cputype: Add Neoverse-N3 definitions (git-fixes)
- arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Fix SD regulator startup delay (git-fixes)
- arm64: dts: freescale: imx8mp-verdin: Fix SD regulator startup delay (git-fixes)
- arm64: dts: imx8-ss-vpu: Fix imx8qm VPU IRQs (git-fixes)
- arm64: dts: imx8qxp: Add VPU subsystem file (git-fixes)
- arm64: dts: imx93: add nvmem property for eqos (git-fixes)
- arm64: dts: imx93: add nvmem property for fec1 (git-fixes)
- arm64: dts: imx93: add ocotp node (git-fixes)
- arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus (git-fixes)
- arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes (git-fixes)
- arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes)
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes)
- arm64: dts: rockchip: Fix bluetooth properties on rk3566 box demo (git-fixes)
- arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes (git-fixes)
- arm64: dts: rockchip: Fix rt5651 compatible value on (git-fixes)
- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 (git-fixes)
- arm64: dts: rockchip: Fix wakeup prop names on PineNote BT node (git-fixes)
- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma (git-fixes)
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes)
- arm64: dts: rockchip: Remove undocumented supports-emmc property (git-fixes)
- arm64: dts: rockchip: fix i2c2 pinctrl-names property on (git-fixes)
- arm64: dts: rockchip: remove num-slots property from (git-fixes)
- arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone (git-fixes)
- arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a (git-fixes).
- arm64: errata: Expand speculative SSBS workaround once more (git-fixes)
- arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes)
- arm64: fix .data.rel.ro size assertion when CONFIG_LTO_CLANG (git-fixes)
- arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS (git-fixes).
- arm64: probes: Fix simulate_ldr*_literal() (git-fixes)
- arm64: probes: Fix uprobes for big-endian kernels (git-fixes)
- arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes)
- arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint (git-fixes)
- arm64: smccc: replace custom COUNT_ARGS() & CONCATENATE() (git-fixes)
- arm64: tegra: Move AGX Orin nodes to correct location (git-fixes)
- arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (git-fixes)
- ata: libata: Set DID_TIME_OUT for commands that actually timed out (git-fixes).
- ata: libata: avoid superfluous disk spin down + spin up during hibernation (git-fixes).
- audit: do not WARN_ON_ONCE(!current->mm) in audit_exe_compare() (git-fixes).
- audit: do not take task_lock() in audit_exe_compare() code path (git-fixes).
- block: print symbolic error name instead of error code (bsc#1231872).
- block: sed-opal: add ioctl IOC_OPAL_SET_SID_PW (bsc#1229677).
- bnxt_en: Cap the size of HWRM_PORT_PHY_QCFG forwarded response (git-fixes).
- bnxt_en: Fix error recovery for 5760X (P7) chips (git-fixes).
- bnxt_en: Fix the PCI-AER routines (git-fixes).
- bnxt_en: Restore PTP tx_avail count in case of skb_pad() error (git-fixes).
- bnxt_en: refactor reset close code (git-fixes).
- bpf, arm64: Fix address emission with tag-based KASAN enabled (git-fixes)
- bpf, arm64: Remove garbage frame for struct_ops trampoline (git-fixes)
- bpf, lsm: Add disabled BPF LSM hook list (git-fixes).
- bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes).
- bpf, sockmap: SK_DROP on attempted redirects of unsupported af_vsock (git-fixes).
- bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes).
- bpf, vsock: Drop static vsock_bpf_prot initialization (git-fixes).
- bpf, x64: Remove tail call detection (git-fixes).
- bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes).
- bpf: Fail verification for sign-extension of packet data/data_end/data_meta (git-fixes).
- bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes).
- bpf: Fix error message on kfunc arg type mismatch (git-fixes).
- bpf: Fix helper writes to read-only maps (git-fixes).
- bpf: Fix tailcall cases in test_bpf (git-fixes).
- bpf: Fix truncation bug in coerce_reg_to_size_sx() (git-fixes).
- bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes).
- bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git-fixes).
- bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes).
- bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes).
- btf, scripts: rust: drop is_rust_module.sh (bsc#1230414 bsc#1229450).
- btrfs: merge btrfs_orig_bbio_end_io() into btrfs_bio_end_io() (bsc#1233193)
- btrfs: send: fix invalid clone operation for file that got its size decreased (git-fixes).
- can: c_can: c_can_handle_bus_err(): update statistics if skb allocation fails (git-fixes).
- can: c_can: fix {rx,tx}_errors statistics (git-fixes).
- can: dev: can_set_termination(): allow sleeping GPIOs (git-fixes).
- can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: hi311x: hi3110_can_ist(): fix potential use-after-free (git-fixes).
- can: hi311x: hi3110_can_ist(): fix {rx,tx}_errors statistics (git-fixes).
- can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: j1939: j1939_session_new(): fix skb reference counting (git-fixes).
- can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation (git-fixes).
- can: mcp251xfd: mcp251xfd_get_tef_len(): work around erratum DS80000789E 6 (git-fixes).
- can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes (git-fixes).
- can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode (stable-fixes).
- can: sja1000: sja1000_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (git-fixes).
- can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (git-fixes).
- ceph: fix cap ref leak via netfs init_request (bsc#1231384).
- cgroup/bpf: only cgroup v2 can be attached by bpf programs (bsc#1234108).
- clk: bcm: bcm53573: fix OF node leak in init (stable-fixes).
- clk: clk-apple-nco: Add NULL check in applnco_probe (git-fixes).
- clk: clk-axi-clkgen: make sure to enable the AXI bus clock (git-fixes).
- clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (stable-fixes).
- clk: imx: clk-scu: fix clk enable state save and restore (git-fixes).
- clk: imx: fracn-gppll: correct PLL initialization flow (git-fixes).
- clk: imx: fracn-gppll: fix pll power up (git-fixes).
- clk: imx: lpcg-scu: SW workaround for errata (e10858) (git-fixes).
- clk: qcom: clk-alpha-pll: drop lucid-evo pll enabled warning (git-fixes).
- clk: qcom: clk-alpha-pll: fix lucid 5lpe pll enabled check (git-fixes).
- clk: qcom: gcc-qcs404: fix initial rate of GPLL3 (git-fixes).
- clk: renesas: rzg2l: Fix FOUTPOSTDIV clk (git-fixes).
- clk: sunxi-ng: d1: Fix PLL_AUDIO0 preset (git-fixes).
- comedi: Flush partial mappings in error case (git-fixes).
- comedi: ni_routing: tools: Check when the file could not be opened (stable-fixes).
- config s390x: build ultravisor userspace access into the kernel (bsc#1232090)
- config.sh: Remove Arm build project, we do not build armv7 configs
- config: Disable LAM on x86 (bsc#1217845)
- cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw() (git-fixes).
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_cost() (git-fixes).
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_power() (git-fixes).
- cpufreq: loongson2: Unregister platform_driver on failure (git-fixes).
- cpufreq: mediatek-hw: Fix wrong return value in mtk_cpufreq_get_cpu_power() (git-fixes).
- crypto: aes-gcm-p10 - Use the correct bit to test for P10 (bsc#1232704).
- crypto: api - Fix liveliness check in crypto_alg_tested (stable-fixes).
- crypto: bcm - add error check in the ahash_hmac_init function (git-fixes).
- crypto: caam - Fix the pointer passed to caam_qi_shutdown() (git-fixes).
- crypto: caam - add error check to caam_rsa_set_priv_key_form (git-fixes).
- crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() (git-fixes).
- crypto: cavium - Fix the if condition to exit loop after timeout (git-fixes).
- crypto: hisilicon/qm - flush all work before driver removed (bsc#1232075)
- crypto: inside-secure - Fix the return value of safexcel_xcbcmac_cra_init() (git-fixes).
- crypto: octeontx - Fix authenc setkey (stable-fixes).
- crypto: octeontx* - Select CRYPTO_AUTHENC (git-fixes).
- crypto: octeontx2 - Fix authenc setkey (stable-fixes).
- crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (git-fixes).
- crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMD and re-enable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched implementation (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Register modules as SIMD (bsc#1230501 ltc#208632).
- crypto: qat - remove check after debugfs_create_dir() (git-fixes).
- crypto: qat - remove faulty arbiter config reset (git-fixes).
- crypto: qat/qat_4xxx - fix off by one in uof_get_name() (git-fixes).
- crypto: x86/aegis128 - access 32-bit arguments as 32-bit (git-fixes).
- cxgb4: Properly lock TX queue for the selftest (git-fixes).
- cxgb4: add forgotten u64 ivlan cast before shift (git-fixes).
- cxgb4: unnecessary check for 0 in the free_sge_txq_uld() function (git-fixes).
- cxl: downgrade a warning message to debug level in cxl_probe_component_regs() (bsc#1229165).
- dcache: keep dentry_hashtable or d_hash_shift even when not used (git-fixes).
- debugfs: fix automount d_fsdata usage (git-fixes).
- devlink: Fix command annotation documentation (git-fixes).
- dma-fence: Fix reference leak on fence merge failure path (git-fixes).
- dma-fence: Use kernel's sort for merging fences (git-fixes).
- dmaengine: sh: rz-dmac: handle configs where one address is zero (git-fixes).
- dmaengine: ti: k3-udma: Set EOP for all TRs in cyclic BCDMA transfer (git-fixes).
- doc: rcu: update printed dynticks counter bits (git-fixes).
- driver core: bus: Fix double free in driver API bus_register() (stable-fixes).
- driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes).
- drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend() (git-fixes).
- drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes).
- drm/amd/display: Add HDMI DSC native YCbCr422 support (stable-fixes).
- drm/amd/display: Add disable timeout option (bsc#1231435)
- drm/amd/display: Adjust VSDB parser for replay feature (stable-fixes).
- drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944)
- drm/amd/display: Check null pointer before dereferencing se (stable-fixes).
- drm/amd/display: Clean up dsc blocks in accelerated mode (stable-fixes).
- drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (stable-fixes).
- drm/amd/display: Fix brightness level not retained over reboot (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp (git-fixes).
- drm/amd/display: Remove a redundant check in authenticated_dp (stable-fixes).
- drm/amd/display: Revert "Check HDCP returned status" (stable-fixes).
- drm/amd/display: Round calculated vtotal (stable-fixes).
- drm/amd/display: Skip to enable dsc if it has been off (stable-fixes).
- drm/amd/display: Validate backlight caps are sane (stable-fixes).
- drm/amd/pm: Vangogh: Fix kernel memory out of bounds write (git-fixes).
- drm/amd: Add some missing straps from NBIO 7.11.0 (git-fixes).
- drm/amd: Fix initialization mistake for NBIO 7.7.0 (stable-fixes).
- drm/amd: Guard against bad data for ATIF ACPI method (git-fixes).
- drm/amdgpu/swsmu: Only force workload setup on init (git-fixes).
- drm/amdgpu/vcn: enable AV1 on both instances (stable-fixes).
- drm/amdgpu: Adjust debugfs eviction and IB access permissions (stable-fixes).
- drm/amdgpu: Adjust debugfs register access permissions (stable-fixes).
- drm/amdgpu: Fix DPX valid mode check on GC 9.4.3 (git-fixes).
- drm/amdgpu: Fix JPEG v4.0.3 register write (git-fixes).
- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (stable-fixes).
- drm/amdgpu: fix check in gmc_v9_0_get_vm_pte() (git-fixes).
- drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (git-fixes).
- drm/amdkfd: Accounting pdd vram_usage for svm (stable-fixes).
- drm/amdkfd: Fix wrong usage of INIT_WORK() (git-fixes).
- drm/bridge: anx7625: Drop EDID cache on bridge power off (git-fixes).
- drm/bridge: it6505: Drop EDID cache on bridge power off (git-fixes).
- drm/bridge: tc358767: Fix link properties discovery (git-fixes).
- drm/bridge: tc358768: Fix DSI command tx (git-fixes).
- drm/etnaviv: Request pages from DMA32 zone on addressing_limited (git-fixes).
- drm/etnaviv: hold GPU lock across perfmon sampling (git-fixes).
- drm/i915/gem: fix bitwise and logical AND mixup (git-fixes).
- drm/i915/hdcp: fix connector refcounting (git-fixes).
- drm/imx/dcss: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/mediatek: Fix child node refcount handling in early exit (git-fixes).
- drm/mediatek: Fix get efuse issue for MT8188 DPTX (git-fixes).
- drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused (git-fixes).
- drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/msm/dpu: cast crtc_clk calculation to u64 in _dpu_core_perf_calc_clk() (git-fixes).
- drm/msm/dpu: check for overflow in _dpu_crtc_setup_lm_bounds() (git-fixes).
- drm/msm/dpu: do not always program merge_3d block (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on MSM8998 (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on SDM845 (git-fixes).
- drm/msm/dpu: make sure phys resources are properly initialized (git-fixes).
- drm/msm/dpu: move CRTC resource assignment to dpu_encoder_virt_atomic_check (git-fixes).
- drm/msm/dpu: on SDM845 move DSPP_3 to LM_5 block (git-fixes).
- drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes).
- drm/msm/dsi: improve/fix dsc pclk calculation (git-fixes).
- drm/msm/gpu: Check the status of registration to PM QoS (git-fixes).
- drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes).
- drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes).
- drm/msm: Fix some typos in comment (git-fixes).
- drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() (git-fixes).
- drm/omap: Fix locking in omap_gem_new_dmabuf() (git-fixes).
- drm/omap: Fix possible NULL dereference (git-fixes).
- drm/panfrost: Add missing OPP table refcnt decremental (git-fixes).
- drm/panfrost: Remove unused id_mask from struct panfrost_model (git-fixes).
- drm/radeon: Fix encoder->possible_clones (git-fixes).
- drm/rockchip: vop: Fix a dereferenced before check warning (git-fixes).
- drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes).
- drm/sched: Always wake up correct scheduler in drm_sched_entity_push_job (git-fixes).
- drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes).
- drm/sti: avoid potential dereference of error pointers (git-fixes).
- drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check (git-fixes).
- drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check (git-fixes).
- drm/v3d: Address race-condition in MMU flush (git-fixes).
- drm/v3d: Enable Performance Counters before clearing them (git-fixes).
- drm/v3d: Stop the active perfmon before being destroyed (git-fixes).
- drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA (stable-fixes).
- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_atomic_flush (git-fixes).
- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_lut_load (git-fixes).
- drm/vc4: Stop the active perfmon before being destroyed (git-fixes).
- drm/vc4: hdmi: Avoid hang with debug registers when suspended (git-fixes).
- drm/vc4: hvs: Correct logic on stopping an HVS channel (git-fixes).
- drm/vc4: hvs: Do not write gamma luts on 2711 (git-fixes).
- drm/vc4: hvs: Fix dlist debug not resetting the next entry pointer (git-fixes).
- drm/vc4: hvs: Remove incorrect limit from hvs_dlist debugfs function (git-fixes).
- drm/vkms: Drop unnecessary call to drm_crtc_cleanup() (git-fixes).
- drm/vmwgfx: Handle surface check failure correctly (git-fixes).
- drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS (stable-fixes).
- drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes).
- drm: Expand max DRM device number to full MINORBITS (jsc#PED-11580).
- drm: Use XArray instead of IDR for minors (jsc#PED-11580).
- drm: use ATOMIC64_INIT() for atomic64_t (git-fixes).
- drm: xlnx: zynqmp_dpsub: fix hotplug detection (git-fixes).
- drm: zynqmp_kms: Unplug DRM device before removal (git-fixes).
- e1000e: Fix S0ix residency on corporate systems (git-fixes).
- e1000e: Remove Meteor Lake SMBUS workarounds (git-fixes).
- e1000e: change I219 (19) devices to ADP (git-fixes).
- e1000e: fix force smbus during suspend flow (git-fixes).
- e1000e: move force SMBUS near the end of enable_ulp function (git-fixes).
- efi/libstub: Free correct pointer on failure (git-fixes).
- efi/libstub: fix efi_parse_options() ignoring the default command line (git-fixes).
- efi/libstub: zboot.lds: Discard .discard sections (stable-fixes).
- efi/memattr: Ignore table if the size is clearly bogus (bsc#1231465).
- efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes).
- eth: bnxt: fix counting packets discarded due to OOM and netpoll (git-fixes).
- ext4: do not track ranges in fast_commit if inode has inlined data (bsc#1231635).
- ext4: fix fast commit inode enqueueing during a full journal commit (bsc#1231636).
- ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible() (bsc#1231637).
- ext4: fix possible tid_t sequence overflows (bsc#1231634).
- ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201)
- ext4: fix unttached inode after power cut with orphan file feature enabled (bsc#1234009).
- ext4: mark fc as ineligible using an handle in ext4_xattr_set() (bsc#1231640).
- ext4: use handle to mark fc as ineligible in __track_dentry_update() (bsc#1231639).
- f2fs: get out of a repeat loop when getting a locked data page (bsc#1234011).
- fat: fix uninitialized variable (git-fixes).
- fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (stable-fixes).
- fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() (git-fixes).
- fbdev: sisfb: Fix strbuf array overflow (stable-fixes).
- fgraph: Change the name of cpuhp state to "fgraph:online" (git-fixes).
- fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes).
- fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git-fixes).
- filemap: remove use of wait bookmarks (bsc#1224088).
- firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (git-fixes).
- firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() (git-fixes).
- firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (git-fixes).
- firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() (git-fixes).
- firmware: google: Unregister driver_info on failure (git-fixes).
- firmware_loader: Fix possible resource leak in fw_log_firmware_info() (git-fixes).
- fs/9p: drop inodes immediately on non-.L too (git-fixes).
- fs/9p: fix the cache always being enabled on files with qid flags (git-fixes).
- fs/ntfs3: Add more attributes checks in mi_enum_attr() (bsc#1233207)
- fs/ntfs3: Fixed overflow check in mi_enum_attr() (bsc#1233207)
- fs/ntfs3: Sequential field availability check in mi_enum_attr() (bsc#1233207)
- fs: Fix uninitialized value issue in from_kuid and from_kgid (git-fixes).
- genirq/msi: Fix off-by-one error in msi_domain_alloc() (git-fixes).
- goldfish: Fix unused const variable 'goldfish_pipe_acpi_match' (git-fixes).
- gpio: aspeed: Add the flush write to ensure the write complete (git-fixes).
- gpio: aspeed: Use devm_clk api to manage clock source (git-fixes).
- gpio: davinci: fix lazy disable (git-fixes).
- gpio: exar: set value when external pull-up or pull-down is present (git-fixes).
- gpio: zevio: Add missed label initialisation (git-fixes).
- gve: Fix XDP TX completion handling when counters overflow (git-fixes).
- gve: Fix an edge case for TSO skb validity check (git-fixes).
- gve: ignore nonrelevant GSO type bits when processing TSO headers (git-fixes).
- hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes).
- hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes).
- hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (git-fixes).
- hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (adt7470) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (max16065) Fix alarm attributes (git-fixes).
- hwmon: (max16065) Remove use of i2c_match_id() (stable-fixes).
- hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (nct6775) add G15CF to ASUS WMI monitoring list (stable-fixes).
- hwmon: (nct6775-core) Fix overflows seen when writing limit attributes (git-fixes).
- hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (tps23861) Fix reporting of negative temperatures (git-fixes).
- hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die Temperature (git-fixes).
- i2c: core: Setup i2c_adapter runtime-pm before calling device_add() (git-fixes).
- i2c: core: fix lockdep warning for sparsely nested adapter chain (git-fixes).
- i2c: cpm: Remove linux,i2c-index conversion from be32 (git-fixes).
- i2c: designware: do not hold SCL low when I2C_DYNAMIC_TAR_UPDATE is not set (git-fixes).
- i2c: exynos5: Calculate t_scl_l, t_scl_h according to i2c spec (git-fixes).
- i2c: i801: Add lis3lv02d for Dell Precision 3540 (git-fixes).
- i2c: i801: Add lis3lv02d for Dell XPS 15 7590 (git-fixes).
- i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes).
- i2c: i801: add helper i801_restore_regs (git-fixes).
- i2c: ismt: kill transaction in hardware on timeout (git-fixes).
- i2c: ocores: Move system PM hooks to the NOIRQ phase (git-fixes).
- i2c: ocores: Remove #ifdef guards for PM related functions (git-fixes).
- i2c: omap: switch to NOIRQ_SYSTEM_SLEEP_PM_OPS() and RUNTIME_PM_OPS() (git-fixes).
- i2c: omap: wakeup the controller during suspend() callback (git-fixes).
- i2c: rcar: properly format a debug output (git-fixes).
- i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes).
- i2c: stm32f7: perform most of irq job in threaded handler (git-fixes).
- i2c: synquacer: Deal with optional PCLK correctly (git-fixes).
- i2c: synquacer: Remove a clk reference from struct synquacer_i2c (stable-fixes).
- i2c: xiic: Try re-initialization on bus busy timeout (git-fixes).
- i2c: xiic: improve error message when transfer fails to start (stable-fixes).
- i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() (git-fixes).
- i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (stable-fixes).
- i3c: master: svc: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- i40e: Fix XDP program unloading while removing the driver (git-fixes).
- i40e: Report MFS in decimal base instead of hex (git-fixes).
- i40e: fix race condition by adding filter's intermediate sync state (git-fixes).
- iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (git-fixes).
- iavf: Fix TC config comparison with existing adapter TC config (git-fixes).
- ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes).
- ice: Fix checking for unsupported keys on non-tunnel device (git-fixes).
- ice: Fix lldp packets dropping after changing the number of channels (git-fixes).
- ice: Fix netif_is_ice() in Safe Mode (git-fixes).
- ice: Fix package download algorithm (git-fixes).
- ice: Fix recipe read procedure (git-fixes).
- ice: Fix reset handler (git-fixes).
- ice: Flush FDB entries before reset (git-fixes).
- ice: Interpret .set_channels() input differently (git-fixes).
- ice: Rebuild TC queues on VSI queue reconfiguration (git-fixes).
- ice: Reject pin requests with unsupported flags (git-fixes).
- ice: add flag to distinguish reset from .ndo_bpf in XDP rings config (git-fixes).
- ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (git-fixes).
- ice: avoid IRQ collision to fix init failure on ACPI S3 resume (git-fixes).
- ice: clear port vlan config during reset (git-fixes).
- ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins (git-fixes).
- ice: do not bring the VSI up, if it was down before the XDP setup (git-fixes).
- ice: do not busy wait for Rx queue disable in ice_qp_dis() (git-fixes).
- ice: fix 200G PHY types to link speed mapping (git-fixes).
- ice: fix 200G link speed message log (git-fixes).
- ice: fix ICE_LAST_OFFSET formula (git-fixes).
- ice: fix VLAN replay after reset (git-fixes).
- ice: fix VSI lists confusion when adding VLANs (git-fixes).
- ice: fix accounting for filters shared by multiple VSIs (git-fixes).
- ice: fix accounting if a VLAN already exists (git-fixes).
- ice: fix iteration of TLVs in Preserved Fields Area (git-fixes).
- ice: fix page reuse when PAGE_SIZE is over 8k (git-fixes).
- ice: fix reads from NVM Shadow RAM on E830 and E825-C devices (git-fixes).
- ice: fix truesize operations for PAGE_SIZE >= 8192 (git-fixes).
- ice: implement AQ download pkg retry (git-fixes).
- ice: map XDP queues to vectors in ice_vsi_map_rings_to_vectors() (git-fixes).
- ice: remove af_xdp_zc_qps bitmap (git-fixes).
- ice: replace synchronize_rcu with synchronize_net (git-fixes).
- ice: respect netif readiness in AF_XDP ZC related ndo's (git-fixes).
- ice: set correct dst VSI in only LAN filters (git-fixes).
- ice: tc: allow zero flags in parsing tc flower (git-fixes).
- ice: tc: check src_vsi in case of traffic from VF (git-fixes).
- ice: use proper macro for testing bit (git-fixes).
- idpf: Interpret .set_channels() input differently (git-fixes).
- idpf: avoid bloating &idpf_q_vector with big %NR_CPUS (git-fixes).
- idpf: do not enable NAPI and interrupts prior to allocating Rx buffers (git-fixes).
- idpf: do not skip over ethtool tcp-data-split setting (git-fixes).
- idpf: fix UAFs when destroying the queues (git-fixes).
- idpf: fix memleak in vport interrupt configuration (git-fixes).
- idpf: fix memory leaks and crashes while performing a soft reset (git-fixes).
- ieee802154: Fix build error (git-fixes).
- igb: Always call igb_xdp_ring_update_tail() under Tx lock (git-fixes).
- igb: Disable threaded IRQ for igb_msix_other (git-fixes).
- igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes).
- igc: Fix double reset adapter triggered from a single taprio cmd (git-fixes).
- igc: Fix packet still tx after gate close by reducing i226 MAC retry buffer (git-fixes).
- igc: Fix qbv tx latency by setting gtxoffset (git-fixes).
- igc: Fix qbv_config_change_errors logics (git-fixes).
- igc: Fix reset adapter logics when tx mode change (git-fixes).
- igc: Unlock on error in igc_io_resume() (git-fixes).
- iio: Fix fwnode_handle in __fwnode_iio_channel_get_by_name() (git-fixes).
- iio: accel: bma400: Fix uninitialized variable field_value in tap event handling (git-fixes).
- iio: accel: kx022a: Fix raw read format (git-fixes).
- iio: accel: kx022a: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (git-fixes).
- iio: adc: ad7606: Fix typo in the driver name (git-fixes).
- iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer (git-fixes).
- iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ti-lmp92064: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git-fixes).
- iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig (git-fixes).
- iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig (git-fixes).
- iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() (git-fixes).
- iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() (git-fixes).
- iio: gts: Fix uninitialized symbol 'ret' (git-fixes).
- iio: gts: fix infinite loop for gain_to_scaletables() (git-fixes).
- iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes).
- iio: light: al3010: Fix an error handling path in al3010_probe() (git-fixes).
- iio: light: opt3001: add missing full-scale range value (git-fixes).
- iio: light: veml6030: fix ALS sensor resolution (git-fixes).
- iio: light: veml6030: fix IIO device retrieval from embedded device (git-fixes).
- iio: light: veml6030: fix microlux value calculation (git-fixes).
- iio: magnetometer: ak8975: Convert enum->pointer for data in the match tables (stable-fixes).
- iio: magnetometer: ak8975: Fix 'Unexpected device' error (git-fixes).
- iio: magnetometer: ak8975: drop incorrect AK09116 compatible (git-fixes).
- iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- ima: fix buffer overrun in ima_eventdigest_init_common (git-fixes).
- initramfs: avoid filename buffer overrun (bsc#1232436).
- intel_idle: add Granite Rapids Xeon support (bsc#1231630).
- intel_idle: fix ACPI _CST matching for newer Xeon platforms (bsc#1231630).
- io_uring/eventfd: move to more idiomatic RCU free usage (git-fixes).
- io_uring/io-wq: do not allow pinning outside of cpuset (git-fixes).
- io_uring/io-wq: inherit cpuset of cgroup in io worker (git-fixes).
- io_uring/net: harden multishot termination case for recv (git-fixes).
- io_uring/rw: fix cflags posting for single issue multishot read (git-fixes).
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (git-fixes).
- io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN (git-fixes).
- io_uring/sqpoll: close race on waiting for sqring entries (git-fixes).
- io_uring/sqpoll: do not allow pinning outside of cpuset (git-fixes).
- io_uring/sqpoll: do not put cpumask on stack (git-fixes).
- io_uring/sqpoll: retain test for whether the CPU is valid (git-fixes).
- io_uring: check for presence of task_work rather than TIF_NOTIFY_SIGNAL (git-fixes).
- iommu/amd: Allocate the page table root using GFP_KERNEL (git-fixes).
- iommu/amd: Do not set the D bit on AMD v2 table entries (git-fixes).
- iommu/amd: Fix typo of , instead of ; (git-fixes).
- iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes).
- iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices (git-fixes).
- iommufd: Check the domain owner of the parent before creating a nesting domain (git-fixes).
- iommufd: Protect against overflow of ALIGN() during iova allocation (git-fixes).
- irqchip/gic-v3-its: Avoid explicit cpumask allocation on stack (git-fixes).
- jbd2: Move j_transaction_overhead_buffers into a hole (bsc#1234042).
- jbd2: avoid infinite transaction commit loop (bsc#1234039).
- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (bsc#1234043).
- jbd2: avoid mount failed when commit block is partial submitted (bsc#1234040).
- jbd2: correct the printing of write_flags in jbd2_write_superblock() (bsc#1234045).
- jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit (bsc#1231638).
- jbd2: fix kernel-doc for j_transaction_overhead_buffers (bsc#1234042).
- jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev (bsc#1234044).
- jbd2: fix soft lockup in journal_finish_inode_data_buffers() (bsc#1234046).
- jbd2: make jbd2_journal_get_max_txn_bufs() internal (bsc#1234041).
- jbd2: precompute number of transaction descriptor blocks (bsc#1234042).
- jfs: Fix sanity check in dbMount (git-fixes).
- jfs: Fix uaf in dbFreeBits (git-fixes).
- jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes).
- jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes).
- jfs: check if leafidx greater than num leaves per dmap tree (git-fixes).
- jump_label: Fix static_key_slow_dec() yet again (git-fixes).
- kABI fix of VM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).
- kABI workaround for ASoC SOF (bsc#1233305).
- kABI: Restore exported __arm_smccc_sve_check (git-fixes)
- kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes).
- kABI: bpf: struct bpf_insn_acces_aux kABI workaround (git-fixes).
- kabi, mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes kabi).
- kasan: Fix Software Tag-Based KASAN with GCC (git-fixes).
- kasan: move checks to do_strncpy_from_user (git-fixes).
- kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450).
- kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450).
- kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450).
- kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450).
- kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450).
- kconfig: qconf: fix buffer overflow in debug links (git-fixes).
- kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644).
- kexec_file: fix elfcorehdr digest exclusion when CONFIG_CRASH_HOTPLUG=y (git-fixes).
- keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry (git-fixes).
- keys: Fix overwrite of key expiration on instantiation (git-fixes).
- kthread: unpark only parked kthread (git-fixes).
- leds: lp55xx: Remove redundant test for invalid channel number (git-fixes).
- lib/xarray: introduce a new helper xas_get_order (bsc#1231617).
- lib: string_helpers: silence snprintf() output truncation warning (git-fixes).
- mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING (git-fixes).
- macsec: do not increment counters for an unrelated SA (git-fixes).
- mailbox: arm_mhuv2: clean up loop in get_irq_chan_comb() (git-fixes).
- maple_tree: correct tree corruption on spanning store (git-fixes).
- maple_tree: fix alloc node fail issue (git-fixes).
- maple_tree: refine mas_store_root() on storing NULL (git-fixes).
- media: adv7604: prevent underflow condition when reporting colorspace (git-fixes).
- media: amphion: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: amphion: Set video drvdata before register video device (git-fixes).
- media: ar0521: do not overflow when checking PLL values (git-fixes).
- media: atomisp: Add check for rgby_data memory allocation failure (git-fixes).
- media: bttv: use audio defaults for winfast2000 (git-fixes).
- media: core: v4l2-ioctl: check if ioctl is known to avoid NULL name (git-fixes).
- media: cx24116: prevent overflows on SNR calculus (git-fixes).
- media: dvb_frontend: do not play tricks with underflow values (git-fixes).
- media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set (stable-fixes).
- media: dvbdev: prevent the risk of out of memory access (git-fixes).
- media: gspca: ov534-ov772x: Fix off-by-one error in set_frame_rate() (git-fixes).
- media: i2c: dw9768: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: i2c: imx335: Enable regulator supplies (stable-fixes).
- media: i2c: tc358743: Fix crash in the probe error path when using polling (git-fixes).
- media: imx-jpeg: Ensure power suppliers be suspended before detach them (git-fixes).
- media: imx-jpeg: Set video drvdata before register video device (git-fixes).
- media: imx335: Fix reset-gpio handling (git-fixes).
- media: mantis: remove orphan mantis_core.h (git-fixes).
- media: mtk-jpeg: Fix null-ptr-deref during unload module (git-fixes).
- media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning (git-fixes).
- media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() (git-fixes).
- media: platform: exynos4-is: Fix an OF node reference leak in fimc_md_is_isp_available (git-fixes).
- media: pulse8-cec: fix data timestamp at pulse8_setup() (git-fixes).
- media: s5p-jpeg: prevent buffer overflows (git-fixes).
- media: stb0899_algo: initialize cfr before using it (git-fixes).
- media: ts2020: fix null-ptr-deref in ts2020_probe() (git-fixes).
- media: uvcvideo: Require entities to have a non-zero unique ID (git-fixes).
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (git-fixes).
- media: uvcvideo: Stop stream during unregister (git-fixes).
- media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() (git-fixes).
- media: v4l2-tpg: prevent the risk of a division by zero (git-fixes).
- media: vb2: Fix comment (git-fixes).
- media: venus: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes).
- media: videobuf2: fix typo: vb2_dbuf -> vb2_qbuf (git-fixes).
- media: wl128x: Fix atomicity violation in fmc_send_cmd() (git-fixes).
- mei: use kvmalloc for read buffer (git-fixes).
- mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- mfd: rt5033: Fix missing regmap_del_irq_chip() (git-fixes).
- mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to fix race (git-fixes).
- minmax: avoid overly complex min()/max() macro arguments in xen (git-fixes).
- minmax: scsi: fix mis-use of 'clamp()' in sr.c (git-fixes).
- misc: apds990x: Fix missing pm_runtime_disable() (git-fixes).
- mlx5: avoid truncating error message (git-fixes).
- mlx5: stop warning for 64KB pages (git-fixes).
- mlxbf_gige: disable RX filters until RX path initialized (git-fixes).
- mm/filemap: optimize filemap folio adding (bsc#1231617).
- mm/filemap: return early if failed to allocate memory for split (bsc#1231617).
- mm/hugetlb: fix nodes huge page allocation when there are surplus pages (bsc#1234012).
- mm: avoid unsafe VMA hook invocation when error arises on mmap hook (git-fixes).
- mm: khugepaged: fix the arguments order in khugepaged_collapse_file trace point (git-fixes).
- mm: mmap: no need to call khugepaged_enter_vma() for stack (jsc#PED-10978).
- mm: move dummy_vm_ops out of a header (git-fixes prerequisity).
- mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes).
- mm: refactor map_deny_write_exec() (git-fixes).
- mm: resolve faulty mmap_region() error path behaviour (git-fixes).
- mm: unconditionally close VMAs on error (git-fixes).
- mmc: core: Further prevent card detect during shutdown (git-fixes).
- mmc: mmc_spi: drop buggy snprintf() (git-fixes).
- mmc: sunxi-mmc: Fix A100 compatible description (git-fixes).
- modpost: fix acpi MODULE_DEVICE_TABLE built with mismatched endianness (git-fixes).
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (git-fixes).
- modpost: remove incorrect code in do_eisa_entry() (git-fixes).
- module: abort module loading when sysfs setup suffer errors (git-fixes).
- mtd: rawnand: atmel: Fix possible memory leak (git-fixes).
- mtd: spi-nor: core: replace dummy buswidth from addr to data (git-fixes).
- nbd: fix race between timeout and normal completion (bsc#1230918).
- net/mlx5: Add missing masks and QoS bit masks for scheduling elements (git-fixes).
- net/mlx5: Added cond_resched() to crdump collection (git-fixes).
- net/mlx5: Check capability for fw_reset (git-fixes).
- net/mlx5: Check for invalid vector index on EQ creation (git-fixes).
- net/mlx5: Explicitly set scheduling element and TSAR type (git-fixes).
- net/mlx5: Fix command bitmask initialization (git-fixes).
- net/mlx5: Fix error handling in irq_pool_request_irq (git-fixes).
- net/mlx5: Lag, do bond only if slaves agree on roce state (git-fixes).
- net/mlx5: Lag, do not use the hardcoded value of the first port (git-fixes).
- net/mlx5: Stop waiting for PCI if pci channel is offline (git-fixes).
- net/mlx5: Unregister notifier on eswitch init failure (git-fixes).
- net/mlx5: Update the list of the PCI supported devices (git-fixes).
- net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (git-fixes).
- net/mlx5e: Add missing link mode to ptys2ext_ethtool_map (git-fixes).
- net/mlx5e: Add missing link modes to ptys2ethtool_map (git-fixes).
- net/mlx5e: Add mqprio_rl cleanup and free in mlx5e_priv_cleanup() (git-fixes).
- net/mlx5e: Correctly report errors for ethtool rx flows (git-fixes).
- net/mlx5e: Do not call cleanup on profile rollback failure (git-fixes).
- net/mlx5e: Fix IPsec tunnel mode offload feature check (git-fixes).
- net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes).
- net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets (git-fixes).
- net/mlx5e: Require mlx5 tc classifier action support for IPsec prio capability (git-fixes).
- net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (git-fixes).
- net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891).
- net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289).
- net: mdio-ipq4019: add missing error check (git-fixes).
- net: phy: Remove LED entry from LEDs list on unregister (git-fixes).
- net: phy: bcm84881: Fix some error handling paths (git-fixes).
- net: phy: dp83822: Fix reset pin definitions (git-fixes).
- net: phy: dp83869: fix memory corruption when enabling fiber (git-fixes).
- net: phy: ti: add PHY_RST_AFTER_CLK_EN flag (git-fixes).
- net: qede: sanitize 'rc' in qede_add_tc_flower_fltr() (git-fixes).
- net: qede: use return from qede_parse_actions() (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flow_spec (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flower (git-fixes).
- net: relax socket state check at accept time (git-fixes).
- net: stmmac: dwmac-tegra: Fix link bring-up sequence (git-fixes)
- net: sysfs: Fix /sys/class/net/<iface> path for statistics (git-fixes).
- net: test for not too small csum_start in virtio_net_hdr_to_skb() (git-fixes).
- net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (git-fixes).
- net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device (git-fixes).
- net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration (git-fixes).
- net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition (stable-fixes).
- net: usb: usbnet: fix name regression (get-fixes).
- net: usb: usbnet: fix race in probe failure (git-fixes).
- net: wwan: fix global oob in wwan_rtnl_policy (git-fixes).
- net: wwan: t7xx: Fix off-by-one error in t7xx_dpmaif_rx_buf_alloc() (git-fixes).
- net: xfrm: preserve kabi for xfrm_state (bsc#1233754).
- netdevsim: copy addresses for both in and out paths (git-fixes).
- netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes).
- netfilter: nf_tables: missing iterator type in lookup walk (git-fixes).
- nfs: Fix KMSAN warning in decode_getfattr_attrs() (git-fixes).
- nfs: avoid i_lock contention in nfs_clear_invalid_mapping (git-fixes).
- nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes).
- nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes).
- nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net (git-fixes).
- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes).
- nfsd: fix refcount leak when file is unhashed after being found (git-fixes).
- nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes).
- nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git-fixes).
- nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234121).
- nfsd: return -EINVAL when namelen is 0 (git-fixes).
- nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git-fixes).
- nilfs2: fix potential deadlock with newly created symlinks (git-fixes).
- nouveau/dmem: Fix privileged error in copy engine channel (git-fixes).
- nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git-fixes).
- nouveau/dp: handle retries for AUX CH transfers with GSP (git-fixes).
- nouveau/gsp: Avoid addressing beyond end of rpc->entries (stable-fixes).
- nouveau: fw: sync dma after setup is called (git-fixes).
- nouveau: handle EBUSY and EAGAIN for GSP aux errors (git-fixes).
- ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes).
- ntfs3: Add bounds checking to mi_enum_attr() (bsc#1233207)
- nvme-fabrics: fix kernel crash while shutting down controller (git-fixes).
- nvme-loop: flush off pending I/O while shutting down loop controller (git-fixes).
- nvme-multipath: suppress partition scan until the disk is ready (bsc#1228244).
- nvme-pci: fix freeing of the HMB descriptor table (git-fixes).
- nvme-pci: fix race condition between reset and nvme_dev_disable() (git-fixes).
- nvme-pci: qdepth 1 quirk (git-fixes).
- nvme-pci: reverse request order in nvme_queue_rqs (git-fixes).
- nvme-pci: set doorbell config before unquiescing (git-fixes).
- nvme/host: Fix RCU list traversal to use SRCU primitive (git-fixes).
- nvme: disable CC.CRIME (NVME_CC_CRIME) (jsc#PED-9901).
- nvme: null terminate nvme_tls_attrs (git-fixes).
- nvme: re-fix error-handling for io_uring nvme-passthrough (git-fixes).
- nvme: tcp: avoid race between queue_lock lock and destroy (git-fixes).
- nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes).
- ocfs2: fix UBSAN warning in ocfs2_verify_volume() (git-fixes).
- ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes).
- ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes).
- ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes).
- ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (git-fixes).
- ocfs2: uncache inode which has failed entering the group (git-fixes).
- of: Add cleanup.h based auto release via __free(device_node) markings (bsc#1232386)
- parport: Proper fix for array out-of-bounds access (git-fixes).
- phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check (git-fixes).
- phy: qcom: qmp-combo: move driver data initialisation earlier (git-fixes).
- phy: qcom: qmp-usb: fix NULL-deref on runtime suspend (git-fixes).
- phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes).
- phy: ti: phy-j721e-wiz: fix usxgmii configuration (git-fixes).
- pinctrl: apple: check devm_kasprintf() returned value (git-fixes).
- pinctrl: k210: Undef K210_PC_DEFAULT (git-fixes).
- pinctrl: ocelot: fix system hang on level based interrupts (stable-fixes).
- pinctrl: qcom: spmi: fix debugfs drive strength (git-fixes).
- pinctrl: zynqmp: drop excess struct member description (git-fixes).
- platform/chrome: cros_ec_typec: fix missing fwnode reference decrement (git-fixes).
- platform/x86/amd/pmc: Detect when STB is not available (git-fixes).
- platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (git-fixes).
- platform/x86: dell-sysman: add support for alienware products (stable-fixes).
- platform/x86: dell-wmi: Ignore suspend notifications (stable-fixes).
- platform/x86: lenovo-ymc: Ignore the 0x0 state (stable-fixes).
- platform/x86: panasonic-laptop: Return errno correctly in show callback (git-fixes).
- platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes).
- posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone (bsc#1234098).
- power: reset: brcmstb: Do not go into infinite loop if reset fails (stable-fixes).
- power: supply: bq27xxx: Fix registers of bq27426 (git-fixes).
- power: supply: core: Remove might_sleep() from power_supply_put() (git-fixes).
- power: supply: rt9471: Fix wrong WDT function regfield declaration (git-fixes).
- power: supply: rt9471: Use IC status regfield to report real charger status (git-fixes).
- powercap: intel_rapl: Fix off by one in get_rpi() (git-fixes).
- powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869).
- powerpc/64s: Fix unnecessary copy to 0 when kernel is booted at address 0 (bsc#1215199).
- powerpc/atomic: Use YZ constraints for DS-form instructions (bsc#1194869).
- powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869).
- powerpc/boot: Only free if realloc() succeeds (bsc#1194869).
- powerpc/code-patching: Add generic memory patching (bsc#1194869).
- powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869).
- powerpc/crypto: do not build aes-gcm-p10 by default (bsc#1230501 ltc#208632).
- powerpc/crypto: fix missing skcipher dependency for aes-gcm-p10 (bsc#1230501 ltc#208632).
- powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() (bsc#1215199).
- powerpc/fadump: Refactor and prepare fadump_cma_init for late init (bsc#1215199).
- powerpc/kexec: Fix return of uninitialized variable (bsc#1194869).
- powerpc/mm/fault: Fix kfence page fault reporting (bsc#1194869).
- powerpc/mm: Fix boot crash with FLATMEM (bsc#1194869).
- powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL (bsc#1194869).
- powerpc/powernv: Free name on error in opal_event_init() (bsc#1194869).
- powerpc/pseries: Fix KVM guest detection for disabling hardlockup detector (bsc#1194869).
- powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore (bsc#1194869).
- powerpc/pseries: Use correct data types from pseries_hp_errorlog struct (bsc#1215199).
- powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869).
- powerpc/vdso: Inconditionally use CFUNC macro (bsc#1215199).
- powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869).
- powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729).
- printk: Add notation to console_srcu locking (bsc#1232183).
- pwm: imx-tpm: Use correct MODULO value for EPWM mode (git-fixes).
- qed: avoid truncating work queue length (git-fixes).
- rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631).
- rcu: Fix buffer overflow in print_cpu_stall_info() (bsc#1226623).
- regmap: detach regmap from dev on regmap_exit (git-fixes).
- regmap: irq: Set lockdep class for hierarchical IRQ domains (git-fixes).
- rpm/check-for-config-changes: add HAVE_RUST and RUSTC_SUPPORTS_ to IGNORED_CONFIGS_RE They depend on SHADOW_CALL_STACK.
- rpm/release-projects: Add SLFO projects (bsc#1231293).
- rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644)
- rpmsg: glink: Handle rejected intent request better (git-fixes).
- rtc: ab-eoz9: do not fail temperature reads on undervoltage notification (git-fixes).
- rtc: abx80x: Fix WDT bit position of the status register (git-fixes).
- rtc: bbnsm: add remove hook (git-fixes).
- rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (git-fixes).
- rtc: rzn1: fix BCD to rtc_time conversion errors (git-fixes).
- rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- runtime constants: add default dummy infrastructure (git-fixes).
- runtime constants: add x86 architecture support (git-fixes).
- s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747).
- s390/pci: Handle PCI error codes other than 0x3a (git-fixes bsc#1232629).
- s390/sclp: Deactivate sclp after all its users (git-fixes bsc#1232628).
- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232627).
- scsi: NCR5380: Check for phase match during PDMA fixup (git-fixes).
- scsi: NCR5380: Initialize buffer for MSG IN and STATUS transfers (git-fixes).
- scsi: Remove scsi device no_start_on_resume flag (git-fixes).
- scsi: aacraid: Rearrange order of struct aac_srb_unit (git-fixes).
- scsi: cdrom: kABI: fix cdrom_dev_ops change (git-fixes).
- scsi: core: Disable CDL by default (git-fixes).
- scsi: core: Fix handling of SCMD_FAIL_IF_RECOVERING (git-fixes).
- scsi: core: Fix the return value of scsi_logical_block_count() (git-fixes).
- scsi: core: Handle devices which return an unusually large VPD page count (git-fixes).
- scsi: core: alua: I/O errors for ALUA state transitions (git-fixes).
- scsi: fnic: Move flush_work initialization out of if block (bsc#1230055).
- scsi: hisi_sas: Handle the NCQ error returned by D2H frame (git-fixes).
- scsi: hpsa: Fix allocation size for Scsi_Host private data (git-fixes).
- scsi: kABI: restore no_start_on_resume to scsi_device (git-fixes).
- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (git-fixes).
- scsi: libsas: Fix the failure of adding phy with zero-address to port (git-fixes).
- scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757).
- scsi: lpfc: Add cleanup of nvmels_wq after HBA reset (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Call lpfc_sli4_queue_unset() in restart and rmmod paths (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check SLI_ACTIVE flag in FDMI cmpl before submitting follow up FDMI (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check devloss callbk done flag for potential stale NDLP ptrs (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Copyright updates for 14.4.0.6 patches (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757).
- scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757).
- scsi: lpfc: Modify CGN warning signal calculation based on EDC response (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Prevent NDLP reference count underflow in dev_loss_tmo callback (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Remove trailing space after \n newline (bsc#1232757).
- scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (bsc#1232757 bsc#1228119).
- scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757).
- scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757).
- scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757).
- scsi: lpfc: Update lpfc version to 14.4.0.6 (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Update lpfc_els_flush_cmd() to check for SLI_ACTIVE before BSG flag (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757).
- scsi: mac_scsi: Disallow bus errors during PDMA send (git-fixes).
- scsi: mac_scsi: Refactor polling loop (git-fixes).
- scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages (git-fixes).
- scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: mpi3mr: Avoid memcpy field-spanning write WARNING (git-fixes).
- scsi: mpi3mr: Avoid possible run-time warning with long manufacturer strings (git-fixes).
- scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes).
- scsi: mpi3mr: Validate SAS port assignments (git-fixes).
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: pm8001: Do not overwrite PCI queue mapping (git-fixes).
- scsi: pm80xx: Set phy->enable_completion only when we wait for it (git-fixes).
- scsi: qedf: Set qed_slowpath_params to zero before use (git-fixes).
- scsi: scsi_transport_fc: Allow setting rport state to current state (git-fixes).
- scsi: sd: Ignore command SYNCHRONIZE CACHE error if format in progress (git-fixes).
- scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer (git-fixes).
- scsi: smartpqi: correct stream detection (git-fixes).
- scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly (git-fixes).
- scsi: spi: Fix sshdr use (git-fixes).
- scsi: sr: Fix unintentional arithmetic wraparound (git-fixes).
- scsi: wd33c93: Do not use stale scsi_pointer value (git-fixes).
- security/keys: fix slab-out-of-bounds in key_task_permission (git-fixes).
- selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes).
- selftests/bpf: Add a test case to write strtol result into .rodata (git-fixes).
- selftests/bpf: Add test for sign extension in coerce_subreg_to_size_sx() (git-fixes).
- selftests/bpf: Add test for truncation after sign extension in coerce_reg_to_size_sx() (git-fixes).
- selftests/bpf: Add tests for ldsx of pkt data/data_end/data_meta accesses (git-fixes).
- selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes).
- selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes).
- selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git-fixes).
- serial: 8250: omap: Move pm_runtime_get_sync (git-fixes).
- serial: imx: Update mctrl old_status on RTSD interrupt (git-fixes).
- serial: protect uart_port_dtr_rts() in uart_shutdown() too (stable-fixes).
- signal: Replace BUG_ON()s (bsc#1234093).
- soc: fsl: rcpm: fix missing of_node_put() in copy_ippdexpcr1_setting() (git-fixes).
- soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (git-fixes).
- soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- soundwire: intel_bus_common: enable interrupts before exiting reset (stable-fixes).
- spi: Fix acpi deferred irq probe (git-fixes).
- spi: atmel-quadspi: Fix register name in verbose logging function (git-fixes).
- spi: atmel-quadspi: Fix wrong register value written to MR (git-fixes).
- spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes).
- spi: mtk-snfi: fix kerneldoc for mtk_snand_is_page_ops() (git-fixes).
- spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes).
- spi: spi-fsl-dspi: Fix crash when not using GPIO chip select (git-fixes).
- spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- spi: tegra210-quad: Avoid shift-out-of-bounds (git-fixes).
- splice: always fsnotify_access(in), fsnotify_modify(out) on success (git-fixes).
- splice: fsnotify_access(fd)/fsnotify_modify(fd) in vmsplice (git-fixes).
- splice: fsnotify_access(in), fsnotify_modify(out) on success in tee (git-fixes).
- srcu: Fix callbacks acceleration mishandling (git-fixes).
- staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() (git-fixes).
- sumversion: Fix a memory leak in get_src_version() (git-fixes).
- supported.conf: mark nhpoly1305 module as supported (bsc#1231035)
- supported.conf: mark ultravisor userspace access as supported (bsc#1232090)
- task_work: add kerneldoc annotation for 'data' argument (git-fixes).
- tcp: Fix refcnt handling in __inet_hash_connect() (git-fixes).
- thermal: core: Initialize thermal zones before registering them (git-fixes).
- thermal: int3400: Fix reading of current_uuid for active policy (git-fixes).
- thermal: intel: int340x: processor: Fix warning during module unload (git-fixes).
- thunderbolt: Honor TMU requirements in the domain when setting TMU mode (stable-fixes).
- thunderbolt: Improve DisplayPort tunnel setup process to be more robust (stable-fixes).
- tools/lib/thermal: Fix sampling handler context ptr (git-fixes).
- tools/power turbostat: Fix trailing '\n' parsing (git-fixes).
- tools/power turbostat: Increase the limit for fd opened (bsc#1233119).
- tools: hv: rm .*.cmd when make clean (git-fixes).
- tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 git-fixes).
- tpm: fix signed/unsigned bug when checking event logs (git-fixes).
- tracing/hwlat: Fix a race during cpuhp processing (git-fixes).
- tracing/osnoise: Fix build when timerlat is not enabled (git-fixes).
- tracing/osnoise: Skip running osnoise if all instances are off (git-fixes).
- tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (git-fixes).
- tracing/osnoise: Use a cpumask to know what threads are kthreads (git-fixes).
- tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread() (git-fixes).
- tracing/timerlat: Add user-space interface (git-fixes).
- tracing/timerlat: Drop interface_lock in stop_kthread() (git-fixes).
- tracing/timerlat: Fix a race during cpuhp processing (git-fixes).
- tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline (git-fixes).
- tracing/timerlat: Move hrtimer_init to timerlat_fd open() (git-fixes).
- tracing/timerlat: Only clear timer if a kthread exists (git-fixes).
- tracing: Consider the NULL character when validating the event length (git-fixes).
- tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler (git-fixes).
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (stable-fixes).
- u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one file (git-fixes).
- ubifs: Fix adding orphan entry twice for the same inode (git-fixes).
- ubifs: Fix unattached xattr inode if powercut happens after deleting (git-fixes).
- ubifs: add check for crypto_shash_tfm_digest (git-fixes).
- ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes).
- ucounts: fix counter leak in inc_rlimit_get_ucounts() (bsc#1233460).
- unicode: Do not special case ignorable code points (stable-fixes).
- unicode: Fix utf8_load() error path (git-fixes).
- uprobe: avoid out-of-bounds memory access of fetching args (git-fixes).
- uprobes: encapsulate preparation of uprobe args buffer (git-fixes).
- uprobes: introduce the global struct vm_special_mapping xol_mapping (bsc#1231114).
- uprobes: turn xol_area->pages into xol_area->page (bsc#1231114).
- usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes).
- usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes).
- usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG (git-fixes).
- usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes).
- usb: dwc3: gadget: Add missing check for single port RAM in TxFIFO resizing logic (git-fixes).
- usb: dwc3: gadget: Fix checking for number of TRBs left (git-fixes).
- usb: dwc3: gadget: Fix looping of queued SG entries (git-fixes).
- usb: ehci-spear: fix call balance of sehci clk handling routines (git-fixes).
- usb: gadget: core: force synchronous registration (git-fixes).
- usb: gadget: dummy_hcd: Set transfer interval to 1 microframe (stable-fixes).
- usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler (stable-fixes).
- usb: gadget: dummy_hcd: execute hrtimer callback in softirq context (git-fixes).
- usb: gadget: f_uac2: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: gadget: f_uac2: fix non-newline-terminated function name (stable-fixes).
- usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store (git-fixes).
- usb: musb: Fix hardware lockup on first Rx endpoint request (git-fixes).
- usb: musb: sunxi: Fix accessing an released usb phy (git-fixes).
- usb: phy: Fix API devm_usb_put_phy() can not release the phy (git-fixes).
- usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes).
- usb: typec: altmode should keep reference to parent (git-fixes).
- usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() (git-fixes).
- usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() (git-fixes).
- usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() (git-fixes).
- usb: xhci: Fix TD invalidation under pending Set TR Dequeue (git-fixes).
- usb: xhci: Fix problem with xhci resume from suspend (stable-fixes).
- usb: xhci: fix loss of data on Cadence xHC (git-fixes).
- usb: yurex: make waiting on yurex_write interruptible (git-fixes).
- usbip: tools: Fix detach_port() invalid port error path (git-fixes).
- usbnet: fix cyclical race on disconnect with work queue (git-fixes).
- vdpa: Fix an error handling path in eni_vdpa_probe() (git-fixes).
- vdpa_sim_blk: Fix the potential leak of mgmt_dev (git-fixes).
- vdpa_sim_blk: allocate the buffer zeroed (git-fixes).
- vduse: avoid using __GFP_NOFAIL (git-fixes).
- vfs: dcache: move hashlen_hash() from callers into d_hash() (git-fixes).
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes).
- vhost_vdpa: assign irq bypass producer token correctly (git-fixes).
- virtio_console: fix misc probe bugs (git-fixes).
- vmalloc: modify the alloc_vmap_area() error message for better diagnostics (jsc#PED-10978).
- vmxnet3: Add XDP support (bsc#1226498).
- vmxnet3: Fix missing reserved tailroom (bsc#1226498).
- vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame (bsc#1226498).
- vmxnet3: add command to allow disabling of offloads (bsc#1226498).
- vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498).
- vmxnet3: prepare for version 9 changes (bsc#1226498).
- vmxnet3: update to version 9 (bsc#1226498).
- vsock: Update msg_count on read_skb() (git-fixes).
- vt: prevent kernel-infoleak in con_font_get() (git-fixes).
- watchdog: apple: Actually flush writes after requesting watchdog restart (git-fixes).
- watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (git-fixes).
- watchdog: rti: of: honor timeout-sec property (git-fixes).
- wifi: ath10k: Fix memory leak in management tx (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss1 (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss2 (git-fixes).
- wifi: ath11k: Fix CE offset address calculation for WCN6750 in SSR (git-fixes).
- wifi: ath11k: Fix invalid ring usage in full monitor mode (git-fixes).
- wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes).
- wifi: ath12k: Skip Rx TID cleanup for self peer (git-fixes).
- wifi: ath12k: fix array out-of-bound access in SoC stats (stable-fixes).
- wifi: ath12k: fix crash when unbinding (git-fixes).
- wifi: ath12k: fix warning when unbinding (git-fixes).
- wifi: ath12k: remove msdu_end structure for WCN7850 (git-fixes).
- wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (git-fixes).
- wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable-fixes).
- wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes).
- wifi: brcm80211: BRCM_TRACING should depend on TRACING (git-fixes).
- wifi: brcmfmac: release 'root' node in all execution paths (git-fixes).
- wifi: cfg80211: Set correct chandef when starting CAC (stable-fixes).
- wifi: cfg80211: clear wdev->cqm_config pointer on free (git-fixes).
- wifi: cw1200: Fix potential NULL dereference (git-fixes).
- wifi: iwlegacy: Clear stale interrupts before resuming device (stable-fixes).
- wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd() (git-fixes).
- wifi: iwlwifi: allow only CN mcc from WRDD (stable-fixes).
- wifi: iwlwifi: config: label 'gl' devices as discrete (git-fixes).
- wifi: iwlwifi: mvm: Fix a race in scan abort flow (stable-fixes).
- wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (git-fixes).
- wifi: iwlwifi: mvm: avoid NULL pointer dereference (stable-fixes).
- wifi: iwlwifi: mvm: do not add default link in fw restart flow (git-fixes).
- wifi: iwlwifi: mvm: do not leak a link on AP removal (git-fixes).
- wifi: iwlwifi: mvm: drop wrong STA selection in TX (stable-fixes).
- wifi: iwlwifi: mvm: use correct key iteration (stable-fixes).
- wifi: iwlwifi: remove AX101, AX201 and AX203 support from LNL (stable-fixes).
- wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (git-fixes).
- wifi: mac80211: fix RCU list iterations (stable-fixes).
- wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys (git-fixes).
- wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation (stable-fixes).
- wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable (stable-fixes).
- wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (git-fixes).
- wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- wifi: rtw88: 8821cu: Remove VID/PID 0bda:c82c (stable-fixes).
- wifi: rtw88: Fix USB/SDIO devices not transmitting beacons (git-fixes).
- wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes).
- wifi: rtw89: avoid reading out of bounds when loading TX power FW elements (stable-fixes).
- wifi: rtw89: avoid to add interface to list twice when SER (stable-fixes).
- wifi: rtw89: correct base HT rate mask for firmware (stable-fixes).
- wifi: wfx: Fix error handling in wfx_core_init() (git-fixes).
- x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1233443).
- x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load (git-fixes).
- x86/Documentation: Indent 'note::' directive for protocol version number note (git-fixes).
- x86/PCI: Check pcie_find_root_port() return for NULL (git-fixes).
- x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h (git-fixes).
- x86/apic: Always explicitly disarm TSC-deadline timer (git-fixes).
- x86/apic: Make x2apic_disable() work correctly (git-fixes).
- x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes).
- x86/bugs: Skip RSB fill at VMEXIT (git-fixes).
- x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes).
- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes).
- x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes).
- x86/entry: Remove unwanted instrumentation in common_interrupt() (git-fixes).
- x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes).
- x86/microcode/intel: Remove unnecessary cache writeback and invalidation (git-fixes).
- x86/mm: Use IPIs to synchronize LAM enablement (git-fixes).
- x86/resctrl: Annotate get_mem_config() functions as __init (git-fixes).
- x86/resctrl: Avoid overflow in MB settings in bw_validate() (git-fixes).
- x86/resctrl: Remove hard-coded memory bandwidth limit (git-fixes).
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes).
- x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments() (git-fixes).
- x86/tdx: Dynamically disable SEPT violations from causing #VEs (git-fixes).
- x86/tdx: Enable CPU topology enumeration (git-fixes).
- x86/tdx: Introduce wrappers to read and write TD metadata (git-fixes).
- x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() (git-fixes).
- x86/traps: move kmsan check after instrumentation_begin (git-fixes).
- x86: Increase brk randomness entropy for 64-bit systems (git-fixes).
- x86: do the user address masking outside the user access area (git-fixes).
- x86: fix off-by-one in access_ok() (git-fixes).
- x86: fix user address masking non-canonical speculation issue (git-fixes).
- x86: make the masked_user_access_begin() macro use its argument only once (git-fixes).
- x86: support user address masking instead of non-speculative conditional (git-fixes).
- xfrm: Export symbol xfrm_dev_state_delete (bsc#1233754).
- xfrm: Fix unregister netdevice hang on hardware offload (bsc#1233754).
- xfs: check opcode and iovec count match in xlog_recover_attri_commit_pass2 (git-fixes).
- xfs: check shortform attr entry flags specifically (git-fixes).
- xfs: convert delayed extents to unwritten when zeroing post eof blocks (git-fixes).
- xfs: fix finding a last resort AG in xfs_filestream_pick_ag (git-fixes).
- xfs: fix freeing speculative preallocations for preallocated files (git-fixes).
- xfs: make sure sb_fdblocks is non-negative (git-fixes).
- xfs: make the seq argument to xfs_bmapi_convert_delalloc() optional (git-fixes).
- xfs: make xfs_bmapi_convert_delalloc() to allocate the target offset (git-fixes).
- xfs: remove a racy if_bytes check in xfs_reflink_end_cow_extent (git-fixes).
- xfs: validate recovered name buffers when recovering xattr items (git-fixes).
- xhci: Add a quirk for writing ERST in high-low order (git-fixes).
- xhci: Fix Link TRB DMA in command ring stopped completion event (git-fixes).
- xhci: Fix incorrect stream context type macro (git-fixes).
- xhci: Mitigate failed set dequeue pointer commands (git-fixes).
- xhci: Use pm_runtime_get to prevent RPM on unsupported systems (git-fixes).
- xhci: tegra: fix checked USB2 port number (git-fixes).
- zonefs: Improve error handling (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1082555SUSE bug 1194869SUSE bug 1215199SUSE bug 1217845SUSE bug 1218562SUSE bug 1218644SUSE bug 1219596SUSE bug 1219803SUSE bug 1220355SUSE bug 1220382SUSE bug 1221309SUSE bug 1222423SUSE bug 1222587SUSE bug 1222590SUSE bug 1223112SUSE bug 1223384SUSE bug 1223656SUSE bug 1223700SUSE bug 1223733SUSE bug 1223824SUSE bug 1223848SUSE bug 1224088SUSE bug 1224429SUSE bug 1224518SUSE bug 1224548SUSE bug 1224574SUSE bug 1224948SUSE bug 1225611SUSE bug 1225713SUSE bug 1225725SUSE bug 1225730SUSE bug 1225742SUSE bug 1225764SUSE bug 1225768SUSE bug 1225813SUSE bug 1225903SUSE bug 1226003SUSE bug 1226130SUSE bug 1226498SUSE bug 1226623SUSE bug 1226631SUSE bug 1226748SUSE bug 1226797SUSE bug 1226848SUSE bug 1226872SUSE bug 1227726SUSE bug 1227842SUSE bug 1228119SUSE bug 1228244SUSE bug 1228269SUSE bug 1228410SUSE bug 1228430SUSE bug 1228454SUSE bug 1228537SUSE bug 1228620SUSE bug 1228743SUSE bug 1228747SUSE bug 1228850SUSE bug 1228857SUSE bug 1229019SUSE bug 1229165SUSE bug 1229429SUSE bug 1229450SUSE bug 1229585SUSE bug 1229677SUSE bug 1229769SUSE bug 1229808SUSE bug 1229891SUSE bug 1230055SUSE bug 1230132SUSE bug 1230179SUSE bug 1230220SUSE bug 1230231SUSE bug 1230289SUSE bug 1230295SUSE bug 1230339SUSE bug 1230341SUSE bug 1230375SUSE bug 1230414SUSE bug 1230429SUSE bug 1230456SUSE bug 1230501SUSE bug 1230527SUSE bug 1230550SUSE bug 1230557SUSE bug 1230558SUSE bug 1230600SUSE bug 1230620SUSE bug 1230710SUSE bug 1230733SUSE bug 1230762SUSE bug 1230763SUSE bug 1230773SUSE bug 1230774SUSE bug 1230801SUSE bug 1230807SUSE bug 1230817SUSE bug 1230827SUSE bug 1230831SUSE bug 1230914SUSE bug 1230918SUSE bug 1230971SUSE bug 1231016SUSE bug 1231035SUSE bug 1231072SUSE bug 1231073SUSE bug 1231075SUSE bug 1231076SUSE bug 1231081SUSE bug 1231082SUSE bug 1231083SUSE bug 1231084SUSE bug 1231085SUSE bug 1231087SUSE bug 1231089SUSE bug 1231092SUSE bug 1231093SUSE bug 1231094SUSE bug 1231096SUSE bug 1231098SUSE bug 1231100SUSE bug 1231101SUSE bug 1231102SUSE bug 1231105SUSE bug 1231108SUSE bug 1231111SUSE bug 1231114SUSE bug 1231115SUSE bug 1231116SUSE bug 1231117SUSE bug 1231131SUSE bug 1231132SUSE bug 1231135SUSE bug 1231136SUSE bug 1231138SUSE bug 1231148SUSE bug 1231169SUSE bug 1231170SUSE bug 1231171SUSE bug 1231178SUSE bug 1231179SUSE bug 1231182SUSE bug 1231183SUSE bug 1231187SUSE bug 1231191SUSE bug 1231193SUSE bug 1231195SUSE bug 1231197SUSE bug 1231200SUSE bug 1231202SUSE bug 1231203SUSE bug 1231276SUSE bug 1231293SUSE bug 1231384SUSE bug 1231434SUSE bug 1231435SUSE bug 1231436SUSE bug 1231439SUSE bug 1231440SUSE bug 1231441SUSE bug 1231442SUSE bug 1231452SUSE bug 1231453SUSE bug 1231465SUSE bug 1231474SUSE bug 1231481SUSE bug 1231496SUSE bug 1231502SUSE bug 1231537SUSE bug 1231539SUSE bug 1231540SUSE bug 1231541SUSE bug 1231617SUSE bug 1231630SUSE bug 1231634SUSE bug 1231635SUSE bug 1231636SUSE bug 1231637SUSE bug 1231638SUSE bug 1231639SUSE bug 1231640SUSE bug 1231673SUSE bug 1231828SUSE bug 1231849SUSE bug 1231855SUSE bug 1231856SUSE bug 1231857SUSE bug 1231858SUSE bug 1231859SUSE bug 1231860SUSE bug 1231861SUSE bug 1231864SUSE bug 1231865SUSE bug 1231868SUSE bug 1231869SUSE bug 1231871SUSE bug 1231872SUSE bug 1231901SUSE bug 1231902SUSE bug 1231903SUSE bug 1231904SUSE bug 1231906SUSE bug 1231907SUSE bug 1231908SUSE bug 1231914SUSE bug 1231916SUSE bug 1231920SUSE bug 1231924SUSE bug 1231926SUSE bug 1231930SUSE bug 1231931SUSE bug 1231935SUSE bug 1231942SUSE bug 1231944SUSE bug 1231946SUSE bug 1231947SUSE bug 1231950SUSE bug 1231951SUSE bug 1231952SUSE bug 1231953SUSE bug 1231954SUSE bug 1231955SUSE bug 1231956SUSE bug 1231957SUSE bug 1231965SUSE bug 1231967SUSE bug 1231968SUSE bug 1231987SUSE bug 1231988SUSE bug 1231989SUSE bug 1231990SUSE bug 1231998SUSE bug 1232000SUSE bug 1232003SUSE bug 1232009SUSE bug 1232013SUSE bug 1232015SUSE bug 1232016SUSE bug 1232017SUSE bug 1232018SUSE bug 1232033SUSE bug 1232034SUSE bug 1232036SUSE bug 1232043SUSE bug 1232047SUSE bug 1232048SUSE bug 1232049SUSE bug 1232050SUSE bug 1232056SUSE bug 1232075SUSE bug 1232076SUSE bug 1232079SUSE bug 1232080SUSE bug 1232083SUSE bug 1232084SUSE bug 1232085SUSE bug 1232089SUSE bug 1232090SUSE bug 1232093SUSE bug 1232094SUSE bug 1232096SUSE bug 1232097SUSE bug 1232098SUSE bug 1232103SUSE bug 1232104SUSE bug 1232105SUSE bug 1232109SUSE bug 1232111SUSE bug 1232114SUSE bug 1232116SUSE bug 1232117SUSE bug 1232124SUSE bug 1232126SUSE bug 1232127SUSE bug 1232129SUSE bug 1232130SUSE bug 1232131SUSE bug 1232132SUSE bug 1232134SUSE bug 1232135SUSE bug 1232140SUSE bug 1232141SUSE bug 1232142SUSE bug 1232145SUSE bug 1232147SUSE bug 1232148SUSE bug 1232149SUSE bug 1232151SUSE bug 1232152SUSE bug 1232154SUSE bug 1232155SUSE bug 1232156SUSE bug 1232157SUSE bug 1232159SUSE bug 1232160SUSE bug 1232162SUSE bug 1232164SUSE bug 1232165SUSE bug 1232166SUSE bug 1232174SUSE bug 1232180SUSE bug 1232182SUSE bug 1232183SUSE bug 1232185SUSE bug 1232187SUSE bug 1232189SUSE bug 1232192SUSE bug 1232195SUSE bug 1232196SUSE bug 1232198SUSE bug 1232199SUSE bug 1232200SUSE bug 1232201SUSE bug 1232207SUSE bug 1232208SUSE bug 1232217SUSE bug 1232218SUSE bug 1232220SUSE bug 1232221SUSE bug 1232222SUSE bug 1232224SUSE bug 1232232SUSE bug 1232250SUSE bug 1232251SUSE bug 1232253SUSE bug 1232254SUSE bug 1232255SUSE bug 1232256SUSE bug 1232258SUSE bug 1232259SUSE bug 1232260SUSE bug 1232262SUSE bug 1232263SUSE bug 1232264SUSE bug 1232272SUSE bug 1232275SUSE bug 1232279SUSE bug 1232282SUSE bug 1232285SUSE bug 1232287SUSE bug 1232295SUSE bug 1232305SUSE bug 1232307SUSE bug 1232309SUSE bug 1232310SUSE bug 1232312SUSE bug 1232313SUSE bug 1232314SUSE bug 1232315SUSE bug 1232316SUSE bug 1232317SUSE bug 1232318SUSE bug 1232329SUSE bug 1232332SUSE bug 1232333SUSE bug 1232334SUSE bug 1232335SUSE bug 1232337SUSE bug 1232339SUSE bug 1232340SUSE bug 1232342SUSE bug 1232345SUSE bug 1232349SUSE bug 1232352SUSE bug 1232354SUSE bug 1232355SUSE bug 1232357SUSE bug 1232358SUSE bug 1232359SUSE bug 1232361SUSE bug 1232362SUSE bug 1232366SUSE bug 1232367SUSE bug 1232368SUSE bug 1232369SUSE bug 1232370SUSE bug 1232371SUSE bug 1232374SUSE bug 1232378SUSE bug 1232381SUSE bug 1232383SUSE bug 1232385SUSE bug 1232386SUSE bug 1232387SUSE bug 1232392SUSE bug 1232394SUSE bug 1232395SUSE bug 1232396SUSE bug 1232413SUSE bug 1232416SUSE bug 1232417SUSE bug 1232418SUSE bug 1232424SUSE bug 1232427SUSE bug 1232432SUSE bug 1232435SUSE bug 1232436SUSE bug 1232442SUSE bug 1232446SUSE bug 1232483SUSE bug 1232494SUSE bug 1232498SUSE bug 1232499SUSE bug 1232500SUSE bug 1232501SUSE bug 1232502SUSE bug 1232503SUSE bug 1232504SUSE bug 1232505SUSE bug 1232506SUSE bug 1232507SUSE bug 1232511SUSE bug 1232519SUSE bug 1232520SUSE bug 1232529SUSE bug 1232552SUSE bug 1232623SUSE bug 1232626SUSE bug 1232627SUSE bug 1232628SUSE bug 1232629SUSE bug 1232704SUSE bug 1232757SUSE bug 1232768SUSE bug 1232819SUSE bug 1232823SUSE bug 1232860SUSE bug 1232869SUSE bug 1232870SUSE bug 1232873SUSE bug 1232876SUSE bug 1232877SUSE bug 1232878SUSE bug 1232880SUSE bug 1232881SUSE bug 1232884SUSE bug 1232885SUSE bug 1232887SUSE bug 1232888SUSE bug 1232890SUSE bug 1232892SUSE bug 1232894SUSE bug 1232896SUSE bug 1232897SUSE bug 1232905SUSE bug 1232907SUSE bug 1232914SUSE bug 1232919SUSE bug 1232925SUSE bug 1232926SUSE bug 1232928SUSE bug 1232935SUSE bug 1233029SUSE bug 1233032SUSE bug 1233035SUSE bug 1233036SUSE bug 1233041SUSE bug 1233044SUSE bug 1233049SUSE bug 1233050SUSE bug 1233051SUSE bug 1233056SUSE bug 1233057SUSE bug 1233061SUSE bug 1233062SUSE bug 1233063SUSE bug 1233065SUSE bug 1233067SUSE bug 1233070SUSE bug 1233073SUSE bug 1233074SUSE bug 1233088SUSE bug 1233091SUSE bug 1233092SUSE bug 1233097SUSE bug 1233100SUSE bug 1233103SUSE bug 1233104SUSE bug 1233105SUSE bug 1233106SUSE bug 1233107SUSE bug 1233108SUSE bug 1233110SUSE bug 1233111SUSE bug 1233113SUSE bug 1233114SUSE bug 1233115SUSE bug 1233117SUSE bug 1233119SUSE bug 1233123SUSE bug 1233125SUSE bug 1233127SUSE bug 1233129SUSE bug 1233130SUSE bug 1233132SUSE bug 1233135SUSE bug 1233176SUSE bug 1233179SUSE bug 1233185SUSE bug 1233188SUSE bug 1233189SUSE bug 1233191SUSE bug 1233193SUSE bug 1233197SUSE bug 1233201SUSE bug 1233203SUSE bug 1233204SUSE bug 1233205SUSE bug 1233206SUSE bug 1233207SUSE bug 1233208SUSE bug 1233209SUSE bug 1233210SUSE bug 1233211SUSE bug 1233212SUSE bug 1233216SUSE bug 1233217SUSE bug 1233219SUSE bug 1233226SUSE bug 1233238SUSE bug 1233241SUSE bug 1233244SUSE bug 1233253SUSE bug 1233255SUSE bug 1233293SUSE bug 1233298SUSE bug 1233305SUSE bug 1233320SUSE bug 1233350SUSE bug 1233443SUSE bug 1233452SUSE bug 1233453SUSE bug 1233454SUSE bug 1233456SUSE bug 1233457SUSE bug 1233458SUSE bug 1233460SUSE bug 1233462SUSE bug 1233463SUSE bug 1233464SUSE bug 1233465SUSE bug 1233468SUSE bug 1233471SUSE bug 1233476SUSE bug 1233478SUSE bug 1233479SUSE bug 1233481SUSE bug 1233484SUSE bug 1233485SUSE bug 1233487SUSE bug 1233490SUSE bug 1233491SUSE bug 1233523SUSE bug 1233524SUSE bug 1233540SUSE bug 1233547SUSE bug 1233548SUSE bug 1233550SUSE bug 1233552SUSE bug 1233553SUSE bug 1233554SUSE bug 1233555SUSE bug 1233557SUSE bug 1233560SUSE bug 1233561SUSE bug 1233564SUSE bug 1233566SUSE bug 1233567SUSE bug 1233568SUSE bug 1233570SUSE bug 1233572SUSE bug 1233573SUSE bug 1233577SUSE bug 1233580SUSE bug 1233640SUSE bug 1233641SUSE bug 1233642SUSE bug 1233721SUSE bug 1233754SUSE bug 1233756SUSE bug 1233769SUSE bug 1233771SUSE bug 1233977SUSE bug 1234009SUSE bug 1234011SUSE bug 1234012SUSE bug 1234025SUSE bug 1234039SUSE bug 1234040SUSE bug 1234041SUSE bug 1234042SUSE bug 1234043SUSE bug 1234044SUSE bug 1234045SUSE bug 1234046SUSE bug 1234072SUSE bug 1234078SUSE bug 1234081SUSE bug 1234083SUSE bug 1234085SUSE bug 1234087SUSE bug 1234093SUSE bug 1234098SUSE bug 1234108SUSE bug 1234121SUSE bug 1234223CVE-2023-52766 at SUSECVE-2023-52766 at NVDCVE-2023-52778 at SUSECVE-2023-52778 at NVDCVE-2023-52800 at SUSECVE-2023-52800 at NVDCVE-2023-52881 at SUSECVE-2023-52881 at NVDCVE-2023-52917 at SUSECVE-2023-52917 at NVDCVE-2023-52918 at SUSECVE-2023-52918 at NVDCVE-2023-52919 at SUSECVE-2023-52919 at NVDCVE-2023-52920 at SUSECVE-2023-52920 at NVDCVE-2023-52921 at SUSECVE-2023-52921 at NVDCVE-2023-52922 at SUSECVE-2023-52922 at NVDCVE-2023-6270 at SUSECVE-2023-6270 at NVDCVE-2024-26596 at SUSECVE-2024-26596 at NVDCVE-2024-26703 at SUSECVE-2024-26703 at NVDCVE-2024-26741 at SUSECVE-2024-26741 at NVDCVE-2024-26758 at SUSECVE-2024-26758 at NVDCVE-2024-26761 at SUSECVE-2024-26761 at NVDCVE-2024-26767 at SUSECVE-2024-26767 at NVDCVE-2024-26782 at SUSECVE-2024-26782 at NVDCVE-2024-26864 at SUSECVE-2024-26864 at NVDCVE-2024-26943 at SUSECVE-2024-26943 at NVDCVE-2024-26953 at SUSECVE-2024-26953 at NVDCVE-2024-27017 at SUSECVE-2024-27017 at NVDCVE-2024-27026 at SUSECVE-2024-27026 at NVDCVE-2024-27043 at SUSECVE-2024-27043 at NVDCVE-2024-27407 at SUSECVE-2024-27407 at NVDCVE-2024-35888 at SUSECVE-2024-35888 at NVDCVE-2024-35980 at SUSECVE-2024-35980 at NVDCVE-2024-36000 at SUSECVE-2024-36000 at NVDCVE-2024-36031 at SUSECVE-2024-36031 at NVDCVE-2024-36244 at SUSECVE-2024-36244 at NVDCVE-2024-36484 at SUSECVE-2024-36484 at NVDCVE-2024-36883 at SUSECVE-2024-36883 at NVDCVE-2024-36886 at SUSECVE-2024-36886 at NVDCVE-2024-36905 at SUSECVE-2024-36905 at NVDCVE-2024-36920 at SUSECVE-2024-36920 at NVDCVE-2024-36927 at SUSECVE-2024-36927 at NVDCVE-2024-36954 at SUSECVE-2024-36954 at NVDCVE-2024-36968 at SUSECVE-2024-36968 at NVDCVE-2024-38576 at SUSECVE-2024-38576 at NVDCVE-2024-38577 at SUSECVE-2024-38577 at NVDCVE-2024-38589 at SUSECVE-2024-38589 at NVDCVE-2024-38599 at SUSECVE-2024-38599 at NVDCVE-2024-40914 at SUSECVE-2024-40914 at NVDCVE-2024-41016 at SUSECVE-2024-41016 at NVDCVE-2024-41023 at SUSECVE-2024-41023 at NVDCVE-2024-41031 at SUSECVE-2024-41031 at NVDCVE-2024-41047 at SUSECVE-2024-41047 at NVDCVE-2024-41082 at SUSECVE-2024-41082 at NVDCVE-2024-42102 at SUSECVE-2024-42102 at NVDCVE-2024-42145 at SUSECVE-2024-42145 at NVDCVE-2024-44932 at SUSECVE-2024-44932 at NVDCVE-2024-44958 at SUSECVE-2024-44958 at NVDCVE-2024-44964 at SUSECVE-2024-44964 at NVDCVE-2024-44995 at SUSECVE-2024-44995 at NVDCVE-2024-45016 at SUSECVE-2024-45016 at NVDCVE-2024-45025 at SUSECVE-2024-45025 at NVDCVE-2024-46678 at SUSECVE-2024-46678 at NVDCVE-2024-46680 at SUSECVE-2024-46680 at NVDCVE-2024-46681 at SUSECVE-2024-46681 at NVDCVE-2024-46721 at SUSECVE-2024-46721 at NVDCVE-2024-46754 at SUSECVE-2024-46754 at NVDCVE-2024-46765 at SUSECVE-2024-46765 at NVDCVE-2024-46766 at SUSECVE-2024-46766 at NVDCVE-2024-46770 at SUSECVE-2024-46770 at NVDCVE-2024-46775 at SUSECVE-2024-46775 at NVDCVE-2024-46777 at SUSECVE-2024-46777 at NVDCVE-2024-46788 at SUSECVE-2024-46788 at NVDCVE-2024-46797 at SUSECVE-2024-46797 at NVDCVE-2024-46800 at SUSECVE-2024-46800 at NVDCVE-2024-46802 at SUSECVE-2024-46802 at NVDCVE-2024-46803 at SUSECVE-2024-46803 at NVDCVE-2024-46804 at SUSECVE-2024-46804 at NVDCVE-2024-46805 at SUSECVE-2024-46805 at NVDCVE-2024-46806 at SUSECVE-2024-46806 at NVDCVE-2024-46807 at SUSECVE-2024-46807 at NVDCVE-2024-46809 at SUSECVE-2024-46809 at NVDCVE-2024-46810 at SUSECVE-2024-46810 at NVDCVE-2024-46811 at SUSECVE-2024-46811 at NVDCVE-2024-46812 at SUSECVE-2024-46812 at NVDCVE-2024-46813 at SUSECVE-2024-46813 at NVDCVE-2024-46814 at SUSECVE-2024-46814 at NVDCVE-2024-46815 at SUSECVE-2024-46815 at NVDCVE-2024-46816 at SUSECVE-2024-46816 at NVDCVE-2024-46817 at SUSECVE-2024-46817 at NVDCVE-2024-46818 at SUSECVE-2024-46818 at NVDCVE-2024-46819 at SUSECVE-2024-46819 at NVDCVE-2024-46821 at SUSECVE-2024-46821 at NVDCVE-2024-46825 at SUSECVE-2024-46825 at NVDCVE-2024-46826 at SUSECVE-2024-46826 at NVDCVE-2024-46827 at SUSECVE-2024-46827 at NVDCVE-2024-46828 at SUSECVE-2024-46828 at NVDCVE-2024-46830 at SUSECVE-2024-46830 at NVDCVE-2024-46831 at SUSECVE-2024-46831 at NVDCVE-2024-46834 at SUSECVE-2024-46834 at NVDCVE-2024-46835 at SUSECVE-2024-46835 at NVDCVE-2024-46836 at SUSECVE-2024-46836 at NVDCVE-2024-46840 at SUSECVE-2024-46840 at NVDCVE-2024-46841 at SUSECVE-2024-46841 at NVDCVE-2024-46842 at SUSECVE-2024-46842 at NVDCVE-2024-46843 at SUSECVE-2024-46843 at NVDCVE-2024-46845 at SUSECVE-2024-46845 at NVDCVE-2024-46846 at SUSECVE-2024-46846 at NVDCVE-2024-46848 at SUSECVE-2024-46848 at NVDCVE-2024-46849 at SUSECVE-2024-46849 at NVDCVE-2024-46851 at SUSECVE-2024-46851 at NVDCVE-2024-46852 at SUSECVE-2024-46852 at NVDCVE-2024-46853 at SUSECVE-2024-46853 at NVDCVE-2024-46854 at SUSECVE-2024-46854 at NVDCVE-2024-46855 at SUSECVE-2024-46855 at NVDCVE-2024-46857 at SUSECVE-2024-46857 at NVDCVE-2024-46859 at SUSECVE-2024-46859 at NVDCVE-2024-46860 at SUSECVE-2024-46860 at NVDCVE-2024-46861 at SUSECVE-2024-46861 at NVDCVE-2024-46864 at SUSECVE-2024-46864 at NVDCVE-2024-46870 at SUSECVE-2024-46870 at NVDCVE-2024-46871 at SUSECVE-2024-46871 at NVDCVE-2024-47658 at SUSECVE-2024-47658 at NVDCVE-2024-47660 at SUSECVE-2024-47660 at NVDCVE-2024-47661 at SUSECVE-2024-47661 at NVDCVE-2024-47662 at SUSECVE-2024-47662 at NVDCVE-2024-47663 at SUSECVE-2024-47663 at NVDCVE-2024-47664 at SUSECVE-2024-47664 at NVDCVE-2024-47665 at SUSECVE-2024-47665 at NVDCVE-2024-47666 at SUSECVE-2024-47666 at NVDCVE-2024-47667 at SUSECVE-2024-47667 at NVDCVE-2024-47668 at SUSECVE-2024-47668 at NVDCVE-2024-47669 at SUSECVE-2024-47669 at NVDCVE-2024-47670 at SUSECVE-2024-47670 at NVDCVE-2024-47671 at SUSECVE-2024-47671 at NVDCVE-2024-47672 at SUSECVE-2024-47672 at NVDCVE-2024-47673 at SUSECVE-2024-47673 at NVDCVE-2024-47674 at SUSECVE-2024-47674 at NVDCVE-2024-47675 at SUSECVE-2024-47675 at NVDCVE-2024-47679 at SUSECVE-2024-47679 at NVDCVE-2024-47681 at SUSECVE-2024-47681 at NVDCVE-2024-47682 at SUSECVE-2024-47682 at NVDCVE-2024-47684 at SUSECVE-2024-47684 at NVDCVE-2024-47685 at SUSECVE-2024-47685 at NVDCVE-2024-47686 at SUSECVE-2024-47686 at NVDCVE-2024-47687 at SUSECVE-2024-47687 at NVDCVE-2024-47688 at SUSECVE-2024-47688 at NVDCVE-2024-47692 at SUSECVE-2024-47692 at NVDCVE-2024-47693 at SUSECVE-2024-47693 at NVDCVE-2024-47695 at SUSECVE-2024-47695 at NVDCVE-2024-47696 at SUSECVE-2024-47696 at NVDCVE-2024-47697 at SUSECVE-2024-47697 at NVDCVE-2024-47698 at SUSECVE-2024-47698 at NVDCVE-2024-47699 at SUSECVE-2024-47699 at NVDCVE-2024-47701 at SUSECVE-2024-47701 at NVDCVE-2024-47702 at SUSECVE-2024-47702 at NVDCVE-2024-47703 at SUSECVE-2024-47703 at NVDCVE-2024-47704 at SUSECVE-2024-47704 at NVDCVE-2024-47705 at SUSECVE-2024-47705 at NVDCVE-2024-47706 at SUSECVE-2024-47706 at NVDCVE-2024-47707 at SUSECVE-2024-47707 at NVDCVE-2024-47709 at SUSECVE-2024-47709 at NVDCVE-2024-47710 at SUSECVE-2024-47710 at NVDCVE-2024-47712 at SUSECVE-2024-47712 at NVDCVE-2024-47713 at SUSECVE-2024-47713 at NVDCVE-2024-47714 at SUSECVE-2024-47714 at NVDCVE-2024-47715 at SUSECVE-2024-47715 at NVDCVE-2024-47718 at SUSECVE-2024-47718 at NVDCVE-2024-47719 at SUSECVE-2024-47719 at NVDCVE-2024-47720 at SUSECVE-2024-47720 at NVDCVE-2024-47723 at SUSECVE-2024-47723 at NVDCVE-2024-47727 at SUSECVE-2024-47727 at NVDCVE-2024-47728 at SUSECVE-2024-47728 at NVDCVE-2024-47730 at SUSECVE-2024-47730 at NVDCVE-2024-47731 at SUSECVE-2024-47731 at NVDCVE-2024-47732 at SUSECVE-2024-47732 at NVDCVE-2024-47735 at SUSECVE-2024-47735 at NVDCVE-2024-47737 at SUSECVE-2024-47737 at NVDCVE-2024-47738 at SUSECVE-2024-47738 at NVDCVE-2024-47739 at SUSECVE-2024-47739 at NVDCVE-2024-47741 at SUSECVE-2024-47741 at NVDCVE-2024-47742 at SUSECVE-2024-47742 at NVDCVE-2024-47743 at SUSECVE-2024-47743 at NVDCVE-2024-47744 at SUSECVE-2024-47744 at NVDCVE-2024-47745 at SUSECVE-2024-47745 at NVDCVE-2024-47747 at SUSECVE-2024-47747 at NVDCVE-2024-47748 at SUSECVE-2024-47748 at NVDCVE-2024-47749 at SUSECVE-2024-47749 at NVDCVE-2024-47750 at SUSECVE-2024-47750 at NVDCVE-2024-47751 at SUSECVE-2024-47751 at NVDCVE-2024-47752 at SUSECVE-2024-47752 at NVDCVE-2024-47753 at SUSECVE-2024-47753 at NVDCVE-2024-47754 at SUSECVE-2024-47754 at NVDCVE-2024-47756 at SUSECVE-2024-47756 at NVDCVE-2024-47757 at SUSECVE-2024-47757 at NVDCVE-2024-49850 at SUSECVE-2024-49850 at NVDCVE-2024-49851 at SUSECVE-2024-49851 at NVDCVE-2024-49852 at SUSECVE-2024-49852 at NVDCVE-2024-49853 at SUSECVE-2024-49853 at NVDCVE-2024-49855 at SUSECVE-2024-49855 at NVDCVE-2024-49858 at SUSECVE-2024-49858 at NVDCVE-2024-49860 at SUSECVE-2024-49860 at NVDCVE-2024-49861 at SUSECVE-2024-49861 at NVDCVE-2024-49862 at SUSECVE-2024-49862 at NVDCVE-2024-49863 at SUSECVE-2024-49863 at NVDCVE-2024-49864 at SUSECVE-2024-49864 at NVDCVE-2024-49866 at SUSECVE-2024-49866 at NVDCVE-2024-49867 at SUSECVE-2024-49867 at NVDCVE-2024-49868 at SUSECVE-2024-49868 at NVDCVE-2024-49870 at SUSECVE-2024-49870 at NVDCVE-2024-49871 at SUSECVE-2024-49871 at NVDCVE-2024-49874 at SUSECVE-2024-49874 at NVDCVE-2024-49875 at SUSECVE-2024-49875 at NVDCVE-2024-49877 at SUSECVE-2024-49877 at NVDCVE-2024-49878 at SUSECVE-2024-49878 at NVDCVE-2024-49879 at SUSECVE-2024-49879 at NVDCVE-2024-49881 at SUSECVE-2024-49881 at NVDCVE-2024-49882 at SUSECVE-2024-49882 at NVDCVE-2024-49883 at SUSECVE-2024-49883 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49886 at SUSECVE-2024-49886 at NVDCVE-2024-49888 at SUSECVE-2024-49888 at NVDCVE-2024-49890 at SUSECVE-2024-49890 at NVDCVE-2024-49891 at SUSECVE-2024-49891 at NVDCVE-2024-49892 at SUSECVE-2024-49892 at NVDCVE-2024-49894 at SUSECVE-2024-49894 at NVDCVE-2024-49895 at SUSECVE-2024-49895 at NVDCVE-2024-49896 at SUSECVE-2024-49896 at NVDCVE-2024-49897 at SUSECVE-2024-49897 at NVDCVE-2024-49898 at SUSECVE-2024-49898 at NVDCVE-2024-49899 at SUSECVE-2024-49899 at NVDCVE-2024-49900 at SUSECVE-2024-49900 at NVDCVE-2024-49901 at SUSECVE-2024-49901 at NVDCVE-2024-49902 at SUSECVE-2024-49902 at NVDCVE-2024-49903 at SUSECVE-2024-49903 at NVDCVE-2024-49905 at SUSECVE-2024-49905 at NVDCVE-2024-49906 at SUSECVE-2024-49906 at NVDCVE-2024-49907 at SUSECVE-2024-49907 at NVDCVE-2024-49908 at SUSECVE-2024-49908 at NVDCVE-2024-49909 at SUSECVE-2024-49909 at NVDCVE-2024-49911 at SUSECVE-2024-49911 at NVDCVE-2024-49912 at SUSECVE-2024-49912 at NVDCVE-2024-49913 at SUSECVE-2024-49913 at NVDCVE-2024-49914 at SUSECVE-2024-49914 at NVDCVE-2024-49917 at SUSECVE-2024-49917 at NVDCVE-2024-49918 at SUSECVE-2024-49918 at NVDCVE-2024-49919 at SUSECVE-2024-49919 at NVDCVE-2024-49920 at SUSECVE-2024-49920 at NVDCVE-2024-49921 at SUSECVE-2024-49921 at NVDCVE-2024-49922 at SUSECVE-2024-49922 at NVDCVE-2024-49923 at SUSECVE-2024-49923 at NVDCVE-2024-49925 at SUSECVE-2024-49925 at NVDCVE-2024-49928 at SUSECVE-2024-49928 at NVDCVE-2024-49929 at SUSECVE-2024-49929 at NVDCVE-2024-49930 at SUSECVE-2024-49930 at NVDCVE-2024-49931 at SUSECVE-2024-49931 at NVDCVE-2024-49933 at SUSECVE-2024-49933 at NVDCVE-2024-49934 at SUSECVE-2024-49934 at NVDCVE-2024-49935 at SUSECVE-2024-49935 at NVDCVE-2024-49936 at SUSECVE-2024-49936 at NVDCVE-2024-49937 at SUSECVE-2024-49937 at NVDCVE-2024-49938 at SUSECVE-2024-49938 at NVDCVE-2024-49939 at SUSECVE-2024-49939 at NVDCVE-2024-49944 at SUSECVE-2024-49944 at NVDCVE-2024-49945 at SUSECVE-2024-49945 at NVDCVE-2024-49946 at SUSECVE-2024-49946 at NVDCVE-2024-49947 at SUSECVE-2024-49947 at NVDCVE-2024-49949 at SUSECVE-2024-49949 at NVDCVE-2024-49950 at SUSECVE-2024-49950 at NVDCVE-2024-49952 at SUSECVE-2024-49952 at NVDCVE-2024-49953 at SUSECVE-2024-49953 at NVDCVE-2024-49954 at SUSECVE-2024-49954 at NVDCVE-2024-49955 at SUSECVE-2024-49955 at NVDCVE-2024-49957 at SUSECVE-2024-49957 at NVDCVE-2024-49958 at SUSECVE-2024-49958 at NVDCVE-2024-49959 at SUSECVE-2024-49959 at NVDCVE-2024-49960 at SUSECVE-2024-49960 at NVDCVE-2024-49961 at SUSECVE-2024-49961 at NVDCVE-2024-49962 at SUSECVE-2024-49962 at NVDCVE-2024-49963 at SUSECVE-2024-49963 at NVDCVE-2024-49965 at SUSECVE-2024-49965 at NVDCVE-2024-49966 at SUSECVE-2024-49966 at NVDCVE-2024-49967 at SUSECVE-2024-49967 at NVDCVE-2024-49968 at SUSECVE-2024-49968 at NVDCVE-2024-49969 at SUSECVE-2024-49969 at NVDCVE-2024-49972 at SUSECVE-2024-49972 at NVDCVE-2024-49973 at SUSECVE-2024-49973 at NVDCVE-2024-49974 at SUSECVE-2024-49974 at NVDCVE-2024-49975 at SUSECVE-2024-49975 at NVDCVE-2024-49976 at SUSECVE-2024-49976 at NVDCVE-2024-49981 at SUSECVE-2024-49981 at NVDCVE-2024-49982 at SUSECVE-2024-49982 at NVDCVE-2024-49983 at SUSECVE-2024-49983 at NVDCVE-2024-49985 at SUSECVE-2024-49985 at NVDCVE-2024-49986 at SUSECVE-2024-49986 at NVDCVE-2024-49987 at SUSECVE-2024-49987 at NVDCVE-2024-49989 at SUSECVE-2024-49989 at NVDCVE-2024-49991 at SUSECVE-2024-49991 at NVDCVE-2024-49993 at SUSECVE-2024-49993 at NVDCVE-2024-49995 at SUSECVE-2024-49995 at NVDCVE-2024-49996 at SUSECVE-2024-49996 at NVDCVE-2024-50000 at SUSECVE-2024-50000 at NVDCVE-2024-50001 at SUSECVE-2024-50001 at NVDCVE-2024-50002 at SUSECVE-2024-50002 at NVDCVE-2024-50003 at SUSECVE-2024-50003 at NVDCVE-2024-50004 at SUSECVE-2024-50004 at NVDCVE-2024-50006 at SUSECVE-2024-50006 at NVDCVE-2024-50007 at SUSECVE-2024-50007 at NVDCVE-2024-50008 at SUSECVE-2024-50008 at NVDCVE-2024-50009 at SUSECVE-2024-50009 at NVDCVE-2024-50012 at SUSECVE-2024-50012 at NVDCVE-2024-50013 at SUSECVE-2024-50013 at NVDCVE-2024-50014 at SUSECVE-2024-50014 at NVDCVE-2024-50015 at SUSECVE-2024-50015 at NVDCVE-2024-50017 at SUSECVE-2024-50017 at NVDCVE-2024-50019 at SUSECVE-2024-50019 at NVDCVE-2024-50020 at SUSECVE-2024-50020 at NVDCVE-2024-50021 at SUSECVE-2024-50021 at NVDCVE-2024-50022 at SUSECVE-2024-50022 at NVDCVE-2024-50023 at SUSECVE-2024-50023 at NVDCVE-2024-50024 at SUSECVE-2024-50024 at NVDCVE-2024-50025 at SUSECVE-2024-50025 at NVDCVE-2024-50026 at SUSECVE-2024-50026 at NVDCVE-2024-50027 at SUSECVE-2024-50027 at NVDCVE-2024-50028 at SUSECVE-2024-50028 at NVDCVE-2024-50031 at SUSECVE-2024-50031 at NVDCVE-2024-50033 at SUSECVE-2024-50033 at NVDCVE-2024-50035 at SUSECVE-2024-50035 at NVDCVE-2024-50040 at SUSECVE-2024-50040 at NVDCVE-2024-50041 at SUSECVE-2024-50041 at NVDCVE-2024-50042 at SUSECVE-2024-50042 at NVDCVE-2024-50044 at SUSECVE-2024-50044 at NVDCVE-2024-50045 at SUSECVE-2024-50045 at NVDCVE-2024-50046 at SUSECVE-2024-50046 at NVDCVE-2024-50047 at SUSECVE-2024-50047 at NVDCVE-2024-50048 at SUSECVE-2024-50048 at NVDCVE-2024-50049 at SUSECVE-2024-50049 at NVDCVE-2024-50055 at SUSECVE-2024-50055 at NVDCVE-2024-50058 at SUSECVE-2024-50058 at NVDCVE-2024-50059 at SUSECVE-2024-50059 at NVDCVE-2024-50060 at SUSECVE-2024-50060 at NVDCVE-2024-50061 at SUSECVE-2024-50061 at NVDCVE-2024-50062 at SUSECVE-2024-50062 at NVDCVE-2024-50063 at SUSECVE-2024-50063 at NVDCVE-2024-50064 at SUSECVE-2024-50064 at NVDCVE-2024-50067 at SUSECVE-2024-50067 at NVDCVE-2024-50069 at SUSECVE-2024-50069 at NVDCVE-2024-50073 at SUSECVE-2024-50073 at NVDCVE-2024-50074 at SUSECVE-2024-50074 at NVDCVE-2024-50075 at SUSECVE-2024-50075 at NVDCVE-2024-50076 at SUSECVE-2024-50076 at NVDCVE-2024-50077 at SUSECVE-2024-50077 at NVDCVE-2024-50078 at SUSECVE-2024-50078 at NVDCVE-2024-50080 at SUSECVE-2024-50080 at NVDCVE-2024-50081 at SUSECVE-2024-50081 at NVDCVE-2024-50082 at SUSECVE-2024-50082 at NVDCVE-2024-50084 at SUSECVE-2024-50084 at NVDCVE-2024-50087 at SUSECVE-2024-50087 at NVDCVE-2024-50088 at SUSECVE-2024-50088 at NVDCVE-2024-50089 at SUSECVE-2024-50089 at NVDCVE-2024-50093 at SUSECVE-2024-50093 at NVDCVE-2024-50095 at SUSECVE-2024-50095 at NVDCVE-2024-50096 at SUSECVE-2024-50096 at NVDCVE-2024-50098 at SUSECVE-2024-50098 at NVDCVE-2024-50099 at SUSECVE-2024-50099 at NVDCVE-2024-50100 at SUSECVE-2024-50100 at NVDCVE-2024-50101 at SUSECVE-2024-50101 at NVDCVE-2024-50102 at SUSECVE-2024-50102 at NVDCVE-2024-50103 at SUSECVE-2024-50103 at NVDCVE-2024-50108 at SUSECVE-2024-50108 at NVDCVE-2024-50110 at SUSECVE-2024-50110 at NVDCVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-50116 at SUSECVE-2024-50116 at NVDCVE-2024-50117 at SUSECVE-2024-50117 at NVDCVE-2024-50121 at SUSECVE-2024-50121 at NVDCVE-2024-50124 at SUSECVE-2024-50124 at NVDCVE-2024-50125 at SUSECVE-2024-50125 at NVDCVE-2024-50127 at SUSECVE-2024-50127 at NVDCVE-2024-50128 at SUSECVE-2024-50128 at NVDCVE-2024-50130 at SUSECVE-2024-50130 at NVDCVE-2024-50131 at SUSECVE-2024-50131 at NVDCVE-2024-50134 at SUSECVE-2024-50134 at NVDCVE-2024-50135 at SUSECVE-2024-50135 at NVDCVE-2024-50136 at SUSECVE-2024-50136 at NVDCVE-2024-50138 at SUSECVE-2024-50138 at NVDCVE-2024-50139 at SUSECVE-2024-50139 at NVDCVE-2024-50141 at SUSECVE-2024-50141 at NVDCVE-2024-50145 at SUSECVE-2024-50145 at NVDCVE-2024-50146 at SUSECVE-2024-50146 at NVDCVE-2024-50147 at SUSECVE-2024-50147 at NVDCVE-2024-50148 at SUSECVE-2024-50148 at NVDCVE-2024-50150 at SUSECVE-2024-50150 at NVDCVE-2024-50153 at SUSECVE-2024-50153 at NVDCVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-50155 at SUSECVE-2024-50155 at NVDCVE-2024-50156 at SUSECVE-2024-50156 at NVDCVE-2024-50157 at SUSECVE-2024-50157 at NVDCVE-2024-50158 at SUSECVE-2024-50158 at NVDCVE-2024-50159 at SUSECVE-2024-50159 at NVDCVE-2024-50160 at SUSECVE-2024-50160 at NVDCVE-2024-50166 at SUSECVE-2024-50166 at NVDCVE-2024-50167 at SUSECVE-2024-50167 at NVDCVE-2024-50169 at SUSECVE-2024-50169 at NVDCVE-2024-50171 at SUSECVE-2024-50171 at NVDCVE-2024-50172 at SUSECVE-2024-50172 at NVDCVE-2024-50175 at SUSECVE-2024-50175 at NVDCVE-2024-50176 at SUSECVE-2024-50176 at NVDCVE-2024-50177 at SUSECVE-2024-50177 at NVDCVE-2024-50179 at SUSECVE-2024-50179 at NVDCVE-2024-50180 at SUSECVE-2024-50180 at NVDCVE-2024-50181 at SUSECVE-2024-50181 at NVDCVE-2024-50182 at SUSECVE-2024-50182 at NVDCVE-2024-50183 at SUSECVE-2024-50183 at NVDCVE-2024-50184 at SUSECVE-2024-50184 at NVDCVE-2024-50186 at SUSECVE-2024-50186 at NVDCVE-2024-50187 at SUSECVE-2024-50187 at NVDCVE-2024-50188 at SUSECVE-2024-50188 at NVDCVE-2024-50189 at SUSECVE-2024-50189 at NVDCVE-2024-50192 at SUSECVE-2024-50192 at NVDCVE-2024-50194 at SUSECVE-2024-50194 at NVDCVE-2024-50195 at SUSECVE-2024-50195 at NVDCVE-2024-50196 at SUSECVE-2024-50196 at NVDCVE-2024-50198 at SUSECVE-2024-50198 at NVDCVE-2024-50200 at SUSECVE-2024-50200 at NVDCVE-2024-50201 at SUSECVE-2024-50201 at NVDCVE-2024-50205 at SUSECVE-2024-50205 at NVDCVE-2024-50208 at SUSECVE-2024-50208 at NVDCVE-2024-50209 at SUSECVE-2024-50209 at NVDCVE-2024-50210 at SUSECVE-2024-50210 at NVDCVE-2024-50215 at SUSECVE-2024-50215 at NVDCVE-2024-50216 at SUSECVE-2024-50216 at NVDCVE-2024-50218 at SUSECVE-2024-50218 at NVDCVE-2024-50221 at SUSECVE-2024-50221 at NVDCVE-2024-50224 at SUSECVE-2024-50224 at NVDCVE-2024-50225 at SUSECVE-2024-50225 at NVDCVE-2024-50228 at SUSECVE-2024-50228 at NVDCVE-2024-50229 at SUSECVE-2024-50229 at NVDCVE-2024-50230 at SUSECVE-2024-50230 at NVDCVE-2024-50231 at SUSECVE-2024-50231 at NVDCVE-2024-50232 at SUSECVE-2024-50232 at NVDCVE-2024-50233 at SUSECVE-2024-50233 at NVDCVE-2024-50234 at SUSECVE-2024-50234 at NVDCVE-2024-50235 at SUSECVE-2024-50235 at NVDCVE-2024-50236 at SUSECVE-2024-50236 at NVDCVE-2024-50237 at SUSECVE-2024-50237 at NVDCVE-2024-50240 at SUSECVE-2024-50240 at NVDCVE-2024-50245 at SUSECVE-2024-50245 at NVDCVE-2024-50246 at SUSECVE-2024-50246 at NVDCVE-2024-50248 at SUSECVE-2024-50248 at NVDCVE-2024-50249 at SUSECVE-2024-50249 at NVDCVE-2024-50250 at SUSECVE-2024-50250 at NVDCVE-2024-50252 at SUSECVE-2024-50252 at NVDCVE-2024-50255 at SUSECVE-2024-50255 at NVDCVE-2024-50257 at SUSECVE-2024-50257 at NVDCVE-2024-50261 at SUSECVE-2024-50261 at NVDCVE-2024-50264 at SUSECVE-2024-50264 at NVDCVE-2024-50265 at SUSECVE-2024-50265 at NVDCVE-2024-50267 at SUSECVE-2024-50267 at NVDCVE-2024-50268 at SUSECVE-2024-50268 at NVDCVE-2024-50269 at SUSECVE-2024-50269 at NVDCVE-2024-50271 at SUSECVE-2024-50271 at NVDCVE-2024-50273 at SUSECVE-2024-50273 at NVDCVE-2024-50274 at SUSECVE-2024-50274 at NVDCVE-2024-50275 at SUSECVE-2024-50275 at NVDCVE-2024-50276 at SUSECVE-2024-50276 at NVDCVE-2024-50279 at SUSECVE-2024-50279 at NVDCVE-2024-50282 at SUSECVE-2024-50282 at NVDCVE-2024-50287 at SUSECVE-2024-50287 at NVDCVE-2024-50289 at SUSECVE-2024-50289 at NVDCVE-2024-50290 at SUSECVE-2024-50290 at NVDCVE-2024-50292 at SUSECVE-2024-50292 at NVDCVE-2024-50295 at SUSECVE-2024-50295 at NVDCVE-2024-50296 at SUSECVE-2024-50296 at NVDCVE-2024-50298 at SUSECVE-2024-50298 at NVDCVE-2024-50301 at SUSECVE-2024-50301 at NVDCVE-2024-50302 at SUSECVE-2024-50302 at NVDCVE-2024-53042 at SUSECVE-2024-53042 at NVDCVE-2024-53043 at SUSECVE-2024-53043 at NVDCVE-2024-53045 at SUSECVE-2024-53045 at NVDCVE-2024-53048 at SUSECVE-2024-53048 at NVDCVE-2024-53051 at SUSECVE-2024-53051 at NVDCVE-2024-53052 at SUSECVE-2024-53052 at NVDCVE-2024-53055 at SUSECVE-2024-53055 at NVDCVE-2024-53056 at SUSECVE-2024-53056 at NVDCVE-2024-53058 at SUSECVE-2024-53058 at NVDCVE-2024-53059 at SUSECVE-2024-53059 at NVDCVE-2024-53060 at SUSECVE-2024-53060 at NVDCVE-2024-53061 at SUSECVE-2024-53061 at NVDCVE-2024-53063 at SUSECVE-2024-53063 at NVDCVE-2024-53066 at SUSECVE-2024-53066 at NVDCVE-2024-53068 at SUSECVE-2024-53068 at NVDCVE-2024-53072 at SUSECVE-2024-53072 at NVDCVE-2024-53074 at SUSECVE-2024-53074 at NVDCVE-2024-53076 at SUSECVE-2024-53076 at NVDCVE-2024-53079 at SUSECVE-2024-53079 at NVDCVE-2024-53081 at SUSECVE-2024-53081 at NVDCVE-2024-53082 at SUSECVE-2024-53082 at NVDCVE-2024-53085 at SUSECVE-2024-53085 at NVDCVE-2024-53088 at SUSECVE-2024-53088 at NVDCVE-2024-53093 at SUSECVE-2024-53093 at NVDCVE-2024-53094 at SUSECVE-2024-53094 at NVDCVE-2024-53095 at SUSECVE-2024-53095 at NVDCVE-2024-53096 at SUSECVE-2024-53096 at NVDCVE-2024-53100 at SUSECVE-2024-53100 at NVDCVE-2024-53101 at SUSECVE-2024-53101 at NVDCVE-2024-53104 at SUSECVE-2024-53104 at NVDCVE-2024-53106 at SUSECVE-2024-53106 at NVDCVE-2024-53108 at SUSECVE-2024-53108 at NVDCVE-2024-53110 at SUSECVE-2024-53110 at NVDCVE-2024-53112 at SUSECVE-2024-53112 at NVDCVE-2024-53114 at SUSECVE-2024-53114 at NVDCVE-2024-53121 at SUSECVE-2024-53121 at NVDCVE-2024-53138 at SUSECVE-2024-53138 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails (bsc#1230998)
- CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993)
- CVE-2024-50302: Fixed HID: core: zero-initialize the report buffer (bsc#1233679)
- CVE-2024-56600: Fixed net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235218)
- CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452)
- CVE-2024-57882: Fixed mptcp: fix TCP options overflow (bsc#1235916)
- CVE-2024-53104: Fixed media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783)
ImportantSUSE bug 1149841SUSE bug 1196281SUSE bug 1230998SUSE bug 1231993SUSE bug 1233679SUSE bug 1235218SUSE bug 1235452SUSE bug 1235916SUSE bug 1236783SUSE bug 904970SUSE bug 907150SUSE bug 920615SUSE bug 920633SUSE bug 930408CVE-2024-45016 at SUSECVE-2024-45016 at NVDCVE-2024-47684 at SUSECVE-2024-47684 at NVDCVE-2024-50302 at SUSECVE-2024-50302 at NVDCVE-2024-53104 at SUSECVE-2024-53104 at NVDCVE-2024-56600 at SUSECVE-2024-56600 at NVDCVE-2024-56648 at SUSECVE-2024-56648 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rpm/config.sh: Update Leap project
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
ImportantSUSE bug 1012628SUSE bug 1213545SUSE bug 1215199SUSE bug 1221858SUSE bug 1222323SUSE bug 1230557SUSE bug 1230708SUSE bug 1233120SUSE bug 1240708SUSE bug 1240890SUSE bug 1242034SUSE bug 1242754SUSE bug 1244734SUSE bug 1244930SUSE bug 1245663SUSE bug 1245710SUSE bug 1245767SUSE bug 1245780SUSE bug 1245815SUSE bug 1245956SUSE bug 1245973SUSE bug 1245977SUSE bug 1246005SUSE bug 1246012SUSE bug 1246181SUSE bug 1246193SUSE bug 1247057SUSE bug 1247078SUSE bug 1247112SUSE bug 1247116SUSE bug 1247119SUSE bug 1247155SUSE bug 1247162SUSE bug 1247167SUSE bug 1247229SUSE bug 1247243SUSE bug 1247280SUSE bug 1247313SUSE bug 1247712SUSE bug 1247976SUSE bug 1248088SUSE bug 1248108SUSE bug 1248164SUSE bug 1248166SUSE bug 1248178SUSE bug 1248179SUSE bug 1248180SUSE bug 1248183SUSE bug 1248186SUSE bug 1248194SUSE bug 1248196SUSE bug 1248198SUSE bug 1248205SUSE bug 1248206SUSE bug 1248208SUSE bug 1248209SUSE bug 1248212SUSE bug 1248213SUSE bug 1248214SUSE bug 1248216SUSE bug 1248217SUSE bug 1248223SUSE bug 1248227SUSE bug 1248228SUSE bug 1248229SUSE bug 1248240SUSE bug 1248255SUSE bug 1248297SUSE bug 1248306SUSE bug 1248312SUSE bug 1248333SUSE bug 1248337SUSE bug 1248338SUSE bug 1248340SUSE bug 1248341SUSE bug 1248345SUSE bug 1248349SUSE bug 1248350SUSE bug 1248354SUSE bug 1248355SUSE bug 1248361SUSE bug 1248363SUSE bug 1248368SUSE bug 1248374SUSE bug 1248377SUSE bug 1248386SUSE bug 1248390SUSE bug 1248395SUSE bug 1248399SUSE bug 1248401SUSE bug 1248511SUSE bug 1248573SUSE bug 1248575SUSE bug 1248577SUSE bug 1248609SUSE bug 1248614SUSE bug 1248617SUSE bug 1248621SUSE bug 1248636SUSE bug 1248643SUSE bug 1248648SUSE bug 1248652SUSE bug 1248655SUSE bug 1248666SUSE bug 1248669SUSE bug 1248746SUSE bug 1248748SUSE bug 1249022CVE-2023-3867 at SUSECVE-2023-3867 at NVDCVE-2023-4130 at SUSECVE-2023-4130 at NVDCVE-2023-4515 at SUSECVE-2023-4515 at NVDCVE-2024-26661 at SUSECVE-2024-26661 at NVDCVE-2024-46733 at SUSECVE-2024-46733 at NVDCVE-2024-58238 at SUSECVE-2024-58238 at NVDCVE-2024-58239 at SUSECVE-2024-58239 at NVDCVE-2025-38006 at SUSECVE-2025-38006 at NVDCVE-2025-38075 at SUSECVE-2025-38075 at NVDCVE-2025-38103 at SUSECVE-2025-38103 at NVDCVE-2025-38125 at SUSECVE-2025-38125 at NVDCVE-2025-38146 at SUSECVE-2025-38146 at NVDCVE-2025-38160 at SUSECVE-2025-38160 at NVDCVE-2025-38184 at SUSECVE-2025-38184 at NVDCVE-2025-38185 at SUSECVE-2025-38185 at NVDCVE-2025-38190 at SUSECVE-2025-38190 at NVDCVE-2025-38201 at SUSECVE-2025-38201 at NVDCVE-2025-38205 at SUSECVE-2025-38205 at NVDCVE-2025-38208 at SUSECVE-2025-38208 at NVDCVE-2025-38245 at SUSECVE-2025-38245 at NVDCVE-2025-38251 at SUSECVE-2025-38251 at NVDCVE-2025-38360 at SUSECVE-2025-38360 at NVDCVE-2025-38439 at SUSECVE-2025-38439 at NVDCVE-2025-38441 at SUSECVE-2025-38441 at NVDCVE-2025-38444 at SUSECVE-2025-38444 at NVDCVE-2025-38445 at SUSECVE-2025-38445 at NVDCVE-2025-38458 at SUSECVE-2025-38458 at NVDCVE-2025-38459 at SUSECVE-2025-38459 at NVDCVE-2025-38464 at SUSECVE-2025-38464 at NVDCVE-2025-38472 at SUSECVE-2025-38472 at NVDCVE-2025-38490 at SUSECVE-2025-38490 at NVDCVE-2025-38491 at SUSECVE-2025-38491 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38503 at SUSECVE-2025-38503 at NVDCVE-2025-38506 at SUSECVE-2025-38506 at NVDCVE-2025-38510 at SUSECVE-2025-38510 at NVDCVE-2025-38512 at SUSECVE-2025-38512 at NVDCVE-2025-38513 at SUSECVE-2025-38513 at NVDCVE-2025-38515 at SUSECVE-2025-38515 at NVDCVE-2025-38516 at SUSECVE-2025-38516 at NVDCVE-2025-38520 at SUSECVE-2025-38520 at NVDCVE-2025-38524 at SUSECVE-2025-38524 at NVDCVE-2025-38528 at SUSECVE-2025-38528 at NVDCVE-2025-38529 at SUSECVE-2025-38529 at NVDCVE-2025-38530 at SUSECVE-2025-38530 at NVDCVE-2025-38531 at SUSECVE-2025-38531 at NVDCVE-2025-38535 at SUSECVE-2025-38535 at NVDCVE-2025-38537 at SUSECVE-2025-38537 at NVDCVE-2025-38538 at SUSECVE-2025-38538 at NVDCVE-2025-38540 at SUSECVE-2025-38540 at NVDCVE-2025-38541 at SUSECVE-2025-38541 at NVDCVE-2025-38543 at SUSECVE-2025-38543 at NVDCVE-2025-38546 at SUSECVE-2025-38546 at NVDCVE-2025-38548 at SUSECVE-2025-38548 at NVDCVE-2025-38550 at SUSECVE-2025-38550 at NVDCVE-2025-38553 at SUSECVE-2025-38553 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDCVE-2025-38560 at SUSECVE-2025-38560 at NVDCVE-2025-38563 at SUSECVE-2025-38563 at NVDCVE-2025-38565 at SUSECVE-2025-38565 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38568 at SUSECVE-2025-38568 at NVDCVE-2025-38571 at SUSECVE-2025-38571 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38576 at SUSECVE-2025-38576 at NVDCVE-2025-38581 at SUSECVE-2025-38581 at NVDCVE-2025-38582 at SUSECVE-2025-38582 at NVDCVE-2025-38583 at SUSECVE-2025-38583 at NVDCVE-2025-38585 at SUSECVE-2025-38585 at NVDCVE-2025-38587 at SUSECVE-2025-38587 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38591 at SUSECVE-2025-38591 at NVDCVE-2025-38601 at SUSECVE-2025-38601 at NVDCVE-2025-38602 at SUSECVE-2025-38602 at NVDCVE-2025-38604 at SUSECVE-2025-38604 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-38609 at SUSECVE-2025-38609 at NVDCVE-2025-38610 at SUSECVE-2025-38610 at NVDCVE-2025-38612 at SUSECVE-2025-38612 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38621 at SUSECVE-2025-38621 at NVDCVE-2025-38624 at SUSECVE-2025-38624 at NVDCVE-2025-38630 at SUSECVE-2025-38630 at NVDCVE-2025-38632 at SUSECVE-2025-38632 at NVDCVE-2025-38634 at SUSECVE-2025-38634 at NVDCVE-2025-38635 at SUSECVE-2025-38635 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38646 at SUSECVE-2025-38646 at NVDCVE-2025-38650 at SUSECVE-2025-38650 at NVDCVE-2025-38656 at SUSECVE-2025-38656 at NVDCVE-2025-38663 at SUSECVE-2025-38663 at NVDCVE-2025-38665 at SUSECVE-2025-38665 at NVDCVE-2025-38670 at SUSECVE-2025-38670 at NVDCVE-2025-38671 at SUSECVE-2025-38671 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232271)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231676)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231943)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1231676SUSE bug 1231943SUSE bug 1232271SUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2024-47674 at SUSECVE-2024-47674 at NVDCVE-2024-47706 at SUSECVE-2024-47706 at NVDCVE-2024-49867 at SUSECVE-2024-49867 at NVDCVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_6 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1246030SUSE bug 1248108CVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_7 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1246030SUSE bug 1248108CVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_8 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1246030SUSE bug 1248108CVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232271)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231676)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231943)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1231676SUSE bug 1231943SUSE bug 1232271SUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2024-47674 at SUSECVE-2024-47674 at NVDCVE-2024-47706 at SUSECVE-2024-47706 at NVDCVE-2024-49867 at SUSECVE-2024-49867 at NVDCVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1246030SUSE bug 1248108CVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1246030SUSE bug 1248108CVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232271)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231676)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231943)
ModerateSUSE bug 1231676SUSE bug 1231943SUSE bug 1232271SUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2024-47674 at SUSECVE-2024-47674 at NVDCVE-2024-47706 at SUSECVE-2024-47706 at NVDCVE-2024-49867 at SUSECVE-2024-49867 at NVDCVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1246030SUSE bug 1248108CVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1246030SUSE bug 1248108CVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232271)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231676)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231943)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1231676SUSE bug 1231943SUSE bug 1232271SUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2024-47674 at SUSECVE-2024-47674 at NVDCVE-2024-47706 at SUSECVE-2024-47706 at NVDCVE-2024-49867 at SUSECVE-2024-49867 at NVDCVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_5 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ModerateSUSE bug 1244337SUSE bug 1246030SUSE bug 1247350SUSE bug 1247351SUSE bug 1248108CVE-2025-38212 at SUSECVE-2025-38212 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_9 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1246030SUSE bug 1248108CVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231862)
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ModerateSUSE bug 1231862SUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2024-49860 at SUSECVE-2024-49860 at NVDCVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1247499SUSE bug 1248298CVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-56600: net: inet6: Fixed dangling sk pointer in inet6_create() (bsc#1235218).
- CVE-2024-57882: mptcp: Fixed TCP options overflow (bsc#1235916).
ImportantSUSE bug 1235218SUSE bug 1235916CVE-2024-56600 at SUSECVE-2024-56600 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231862)
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1231862SUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2024-49860 at SUSECVE-2024-49860 at NVDCVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ModerateSUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1247499SUSE bug 1248298CVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rpm/config.sh: Update Leap project
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
ImportantSUSE bug 1012628SUSE bug 1213545SUSE bug 1215199SUSE bug 1221858SUSE bug 1222323SUSE bug 1230557SUSE bug 1230708SUSE bug 1233120SUSE bug 1240708SUSE bug 1240890SUSE bug 1242034SUSE bug 1242754SUSE bug 1244734SUSE bug 1244930SUSE bug 1245663SUSE bug 1245710SUSE bug 1245767SUSE bug 1245780SUSE bug 1245815SUSE bug 1245956SUSE bug 1245973SUSE bug 1245977SUSE bug 1246005SUSE bug 1246012SUSE bug 1246181SUSE bug 1246193SUSE bug 1247057SUSE bug 1247078SUSE bug 1247112SUSE bug 1247116SUSE bug 1247119SUSE bug 1247155SUSE bug 1247162SUSE bug 1247167SUSE bug 1247229SUSE bug 1247243SUSE bug 1247280SUSE bug 1247313SUSE bug 1247712SUSE bug 1247976SUSE bug 1248088SUSE bug 1248108SUSE bug 1248164SUSE bug 1248166SUSE bug 1248178SUSE bug 1248179SUSE bug 1248180SUSE bug 1248183SUSE bug 1248186SUSE bug 1248194SUSE bug 1248196SUSE bug 1248198SUSE bug 1248205SUSE bug 1248206SUSE bug 1248208SUSE bug 1248209SUSE bug 1248212SUSE bug 1248213SUSE bug 1248214SUSE bug 1248216SUSE bug 1248217SUSE bug 1248223SUSE bug 1248227SUSE bug 1248228SUSE bug 1248229SUSE bug 1248240SUSE bug 1248255SUSE bug 1248297SUSE bug 1248306SUSE bug 1248312SUSE bug 1248333SUSE bug 1248337SUSE bug 1248338SUSE bug 1248340SUSE bug 1248341SUSE bug 1248345SUSE bug 1248349SUSE bug 1248350SUSE bug 1248354SUSE bug 1248355SUSE bug 1248361SUSE bug 1248363SUSE bug 1248368SUSE bug 1248374SUSE bug 1248377SUSE bug 1248386SUSE bug 1248390SUSE bug 1248395SUSE bug 1248399SUSE bug 1248401SUSE bug 1248511SUSE bug 1248573SUSE bug 1248575SUSE bug 1248577SUSE bug 1248609SUSE bug 1248614SUSE bug 1248617SUSE bug 1248621SUSE bug 1248636SUSE bug 1248643SUSE bug 1248648SUSE bug 1248652SUSE bug 1248655SUSE bug 1248666SUSE bug 1248669SUSE bug 1248746SUSE bug 1248748SUSE bug 1249022CVE-2023-3867 at SUSECVE-2023-3867 at NVDCVE-2023-4130 at SUSECVE-2023-4130 at NVDCVE-2023-4515 at SUSECVE-2023-4515 at NVDCVE-2024-26661 at SUSECVE-2024-26661 at NVDCVE-2024-46733 at SUSECVE-2024-46733 at NVDCVE-2024-58238 at SUSECVE-2024-58238 at NVDCVE-2024-58239 at SUSECVE-2024-58239 at NVDCVE-2025-38006 at SUSECVE-2025-38006 at NVDCVE-2025-38075 at SUSECVE-2025-38075 at NVDCVE-2025-38103 at SUSECVE-2025-38103 at NVDCVE-2025-38125 at SUSECVE-2025-38125 at NVDCVE-2025-38146 at SUSECVE-2025-38146 at NVDCVE-2025-38160 at SUSECVE-2025-38160 at NVDCVE-2025-38184 at SUSECVE-2025-38184 at NVDCVE-2025-38185 at SUSECVE-2025-38185 at NVDCVE-2025-38190 at SUSECVE-2025-38190 at NVDCVE-2025-38201 at SUSECVE-2025-38201 at NVDCVE-2025-38205 at SUSECVE-2025-38205 at NVDCVE-2025-38208 at SUSECVE-2025-38208 at NVDCVE-2025-38245 at SUSECVE-2025-38245 at NVDCVE-2025-38251 at SUSECVE-2025-38251 at NVDCVE-2025-38360 at SUSECVE-2025-38360 at NVDCVE-2025-38439 at SUSECVE-2025-38439 at NVDCVE-2025-38441 at SUSECVE-2025-38441 at NVDCVE-2025-38444 at SUSECVE-2025-38444 at NVDCVE-2025-38445 at SUSECVE-2025-38445 at NVDCVE-2025-38458 at SUSECVE-2025-38458 at NVDCVE-2025-38459 at SUSECVE-2025-38459 at NVDCVE-2025-38464 at SUSECVE-2025-38464 at NVDCVE-2025-38472 at SUSECVE-2025-38472 at NVDCVE-2025-38490 at SUSECVE-2025-38490 at NVDCVE-2025-38491 at SUSECVE-2025-38491 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38503 at SUSECVE-2025-38503 at NVDCVE-2025-38506 at SUSECVE-2025-38506 at NVDCVE-2025-38510 at SUSECVE-2025-38510 at NVDCVE-2025-38512 at SUSECVE-2025-38512 at NVDCVE-2025-38513 at SUSECVE-2025-38513 at NVDCVE-2025-38515 at SUSECVE-2025-38515 at NVDCVE-2025-38516 at SUSECVE-2025-38516 at NVDCVE-2025-38520 at SUSECVE-2025-38520 at NVDCVE-2025-38524 at SUSECVE-2025-38524 at NVDCVE-2025-38528 at SUSECVE-2025-38528 at NVDCVE-2025-38529 at SUSECVE-2025-38529 at NVDCVE-2025-38530 at SUSECVE-2025-38530 at NVDCVE-2025-38531 at SUSECVE-2025-38531 at NVDCVE-2025-38535 at SUSECVE-2025-38535 at NVDCVE-2025-38537 at SUSECVE-2025-38537 at NVDCVE-2025-38538 at SUSECVE-2025-38538 at NVDCVE-2025-38540 at SUSECVE-2025-38540 at NVDCVE-2025-38541 at SUSECVE-2025-38541 at NVDCVE-2025-38543 at SUSECVE-2025-38543 at NVDCVE-2025-38546 at SUSECVE-2025-38546 at NVDCVE-2025-38548 at SUSECVE-2025-38548 at NVDCVE-2025-38550 at SUSECVE-2025-38550 at NVDCVE-2025-38553 at SUSECVE-2025-38553 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDCVE-2025-38560 at SUSECVE-2025-38560 at NVDCVE-2025-38563 at SUSECVE-2025-38563 at NVDCVE-2025-38565 at SUSECVE-2025-38565 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38568 at SUSECVE-2025-38568 at NVDCVE-2025-38571 at SUSECVE-2025-38571 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38576 at SUSECVE-2025-38576 at NVDCVE-2025-38581 at SUSECVE-2025-38581 at NVDCVE-2025-38582 at SUSECVE-2025-38582 at NVDCVE-2025-38583 at SUSECVE-2025-38583 at NVDCVE-2025-38585 at SUSECVE-2025-38585 at NVDCVE-2025-38587 at SUSECVE-2025-38587 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38591 at SUSECVE-2025-38591 at NVDCVE-2025-38601 at SUSECVE-2025-38601 at NVDCVE-2025-38602 at SUSECVE-2025-38602 at NVDCVE-2025-38604 at SUSECVE-2025-38604 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-38609 at SUSECVE-2025-38609 at NVDCVE-2025-38610 at SUSECVE-2025-38610 at NVDCVE-2025-38612 at SUSECVE-2025-38612 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38621 at SUSECVE-2025-38621 at NVDCVE-2025-38624 at SUSECVE-2025-38624 at NVDCVE-2025-38630 at SUSECVE-2025-38630 at NVDCVE-2025-38632 at SUSECVE-2025-38632 at NVDCVE-2025-38634 at SUSECVE-2025-38634 at NVDCVE-2025-38635 at SUSECVE-2025-38635 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38646 at SUSECVE-2025-38646 at NVDCVE-2025-38650 at SUSECVE-2025-38650 at NVDCVE-2025-38656 at SUSECVE-2025-38656 at NVDCVE-2025-38663 at SUSECVE-2025-38663 at NVDCVE-2025-38665 at SUSECVE-2025-38665 at NVDCVE-2025-38670 at SUSECVE-2025-38670 at NVDCVE-2025-38671 at SUSECVE-2025-38671 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_12 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_12 fixes the following issues:
- New livepatch SLE Micro 6.0/6.1 kernel rt update 12
Importantcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- CVE-2024-27415: netfilter: br_netfilter: skip conntrack input hook for promisc packets (bsc#1224757).
- CVE-2024-35910: kABI fix for tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).
- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).
- CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).
- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028).
- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).
- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).
- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).
- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).
- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).
- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).
- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).
- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).
- CVE-2024-56638: kABI fix for "netfilter: nft_inner: incorrect percpu area handling under softirq" (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).
- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113).
- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114).
- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).
- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).
- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).
- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).
- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).
- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).
- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).
- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).
- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).
- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).
- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).
- CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle (bsc#1236698).
- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).
- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).
- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).
- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).
- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).
- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).
- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).
- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).
- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).
- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).
- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).
- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).
- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).
- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).
- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).
- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).
- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).
- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).
- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).
- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed
if hclge_ptp_get_cycle returns an error (bsc#1240720).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).
- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).
- CVE-2025-21969: Bluetooth: L2CAP: Fix build errors in some archs (bsc#1240784).
- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).
- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).
- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).
- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).
- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).
- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
The following non-security bugs were fixed:
- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).
- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).
- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).
- ALSA: seq: Make dependency on UMP clearer (git-fixes).
- ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-fixes).
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).
- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).
- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).
- ASoC: ops: Consistently treat platform_max as control value (git-fixes).
- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).
- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).
- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- Fix memory-hotplug regression (bsc#1237504)
- Grab mm lock before grabbing pt lock (git-fixes).
- HID: Enable playstation driver independently of sony driver (git-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).
- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).
- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).
- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).
- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- Input: ads7846 - fix gpiod allocation (git-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- Input: iqs7222 - preserve system status register (git-fixes).
- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).
- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - rename QH controller to Legion Go S (stable-fixes).
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).
- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).
- KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes).
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes).
- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).
- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes).
- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).
- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).
- Move upstreamed ACPI patch into sorted section
- Move upstreamed PCI and initramfs patches into sorted section
- Move upstreamed nfsd and sunrpc patches into sorted section
- Move upstreamed powerpc and SCSI patches into sorted section
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- PCI/DOE: Support discovery version 2 (bsc#1237853)
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- PCI: Use downstream bridges for distributing resources (bsc#1237325).
- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).
- PCI: brcmstb: Use internal register to change link capability (git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).
- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- RDMA/efa: Reset device on probe failure (git-fixes)
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Reapply "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes).
- Revert "dm: requeue IO if mapping table not yet available" (git-fixes).
- Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (git-fixes).
- Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes).
- Revert "leds-pca955x: Remove the unused function pca95xx_num_led_regs()" (stable-fixes).
- Revert "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "wifi: ath11k: support hibernation" (bsc#1207948).
- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).
- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).
- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).
- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).
- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).
- Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094)
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).
- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- affs: do not write overlarge OFS data block size fields (git-fixes).
- affs: generate OFS sequence numbers starting at 1 (git-fixes).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)
- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)
- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)
- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)
- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)
- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- arm64: mm: Correct the update of max_pfn (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- bio-integrity: do not restrict the size of integrity metadata (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558).
- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).
- blk-mq: add number of queue calc helper (bsc#1236897).
- blk-mq: create correct map for fallback case (bsc#1236896).
- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).
- blk_iocost: remove some duplicate irq disable/enables (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add check of 'minors' and 'first_minor' in device_add_disk() (git-fixes).
- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).
- block: change rq_integrity_vec to respect the iterator (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- block: ensure we hold a queue reference when using queue limits (git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).
- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).
- block: retry call probe after request_module in blk_request_module (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- block: use the right type for stub rq_integrity_vec() (git-fixes).
- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).
- bpf: fix potential error return (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).
- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).
- cifs: Remove intermediate object of failed create reparse call (git-fixes).
- cifs: commands that are retried should have replay flag set (bsc#1231432).
- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).
- cifs: helper function to check replayable error codes (bsc#1231432).
- cifs: new mount option called retrans (bsc#1231432).
- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).
- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).
- cifs: update desired access while requesting for directory lease (git-fixes).
- cifs: update the same create_guid on replay (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- config: Set gcc version (jsc#PED-12251).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- counter: fix privdata alignment (git-fixes).
- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).
- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)
- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)
- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)
Keep the feature disabled by default on x86_64
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).
- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).
- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init()
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (jsc#PED-12416).
- crypto: qat - Fix typo "accelaration" (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix "Full Going True" macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- doc/README.SUSE: Point to the updated version of LKMPG
- doc: update managed_irq documentation (bsc#1236897).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/pm/smu11: Prevent division by zero (git-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- drm/amd/pm: Prevent division by zero (git-fixes).
- drm/amd: Keep display off while going into S4 (stable-fixes).
- drm/amdgpu/dma_buf: fix page_link check (git-fixes).
- drm/amdgpu/gfx11: fix num_mec (git-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to
avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).
- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake "gettin" -> "getting" (git-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).
- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).
- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).
- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).
- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
- drm/i915/selftests: avoid using uninitialized context (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).
- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).
- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).
- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/sti: remove duplicate object names (git-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes).
- eth: gve: use appropriate helper to set xdp_features (git-fixes).
- exfat: convert to ctime accessor functions (git-fixes).
- exfat: do not zero the extended part (bsc#1237356).
- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).
- exfat: fix file being changed by unaligned direct write (git-fixes).
- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).
- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).
- exfat: fix zero the unwritten part for dio read (git-fixes).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- futex: Do not include process MM in futex key on no-MMU (git-fixes).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).
- gpio: pca953x: Improve interrupt support (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).
- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
- gup: make the stack expansion warning a bit more targeted (bsc#1238214).
- hfs: Sanity check the root record (git-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).
- ice: gather page_count()'s of each frag right before XDP prog call (git-fixes).
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).
- ice: put Rx buffers after being done with current frame (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).
- igc: return early when failing to read EECD register (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kabi: fix bus type (bsc#1236896).
- kabi: fix group_cpus_evenly (bsc#1236897).
- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).
- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).
- kernel-binary: Support livepatch_rt with merged RT branch
- kernel-source: Also replace bin/env
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).
- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).
- lib: stackinit: hide never-taken branch from compiler (stable-fixes).
- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__default_new() to
perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698
jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).
- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).
- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).
- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes).
- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/raid0: do not free conf on raid0_run failure (git-fixes).
- md/raid1: do not free conf on raid0_run failure (git-fixes).
- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).
- md: Do not flush sync_work in md_write_start() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: ov08x40: Fix hblank out of range issue (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: "__ALIGN_KERNEL" redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).
- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).
- mptcp: export local_address (git-fixes)
- mptcp: fix NL PM announced address accounting (git-fixes)
- mptcp: fix data races on local_id (git-fixes)
- mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- mptcp: pm: do not try to create sf if alloc failed (git-fixes)
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- mptcp: pm: reduce indentation blocks (git-fixes)
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- mptcp: unify pm get_local_id interfaces (git-fixes)
- mptcp: unify pm set_flags interfaces (git-fixes)
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: Add status chack in r852_ready() (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions (git-fixes).
- nbd: do not allow reconnect after disconnect (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- net l2tp: drop flow hash on forward (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).
- net: Fix undefined behavior in netdev name allocation (bsc#1233749).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: check for altname conflicts when changing netdev's netns (bsc#1233749).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- net: do not send a MOVE event when netdev changes netns (bsc#1233749).
- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: fix removing a namespace with conflicting altnames (bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: move altnames together with the netdevice (bsc#1233749).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).
- net: remove else after return in dev_prep_valid_name() (bsc#1233749).
- net: rose: lock the socket in rose_bind() (git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).
- net: smc: fix spurious error message from __sock_release() (bsc#1237126).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).
- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).
- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).
- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).
- ntb: intel: Fix using link status DB's (git-fixes).
- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).
- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).
- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).
- ntb_perf: Fix printk format (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).
- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).
- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).
- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).
- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563).
- padata: fix sysfs store callback check (git-fixes).
- partitions: ldm: remove the initial kernel-doc notation (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- perf tools: annotate asm_pure_loop.S (bsc#1239906).
- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).
- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).
- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: ISST: Correct command storage data length (git-fixes).
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).
- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).
- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).
- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).
- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid
mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).
- powerpc: Stop using no_llseek (bsc#1239573).
- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).
- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).
- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).
- rbd: do not move requests to the running list on errors (git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).
- s390/cio: Fix CHPID "configure" attribute caching (git-fixes bsc#1240979).
- s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205).
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).
- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).
- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices (bsc#1236752).
- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/topology: Improve topology detection (bsc#1236591).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)
- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).
- scsi: core: Clear driver private data when retrying request (git-fixes).
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- scsi: core: Handle depopulation and restoration in progress (git-fixes).
- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).
- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).
- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).
- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).
- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).
- scsi: myrb: Remove dead code (git-fixes).
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes).
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- scsi: sg: Enable runtime power management (git-fixes).
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).
- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).
- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).
- scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).
- selftest: hugetlb_dio: fix test naming (git-fixes).
- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).
- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).
- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).
- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).
- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb3: fix creating FIFOs when mounting with "sfu" mount option (git-fixes).
- smb3: request handle caching when caching directories (bsc#1231432).
- smb3: retrying on failed server close (bsc#1231432).
- smb: cached directories can be more than root file handle (bsc#1231432).
- smb: cilent: set reparse mount points as automounts (git-fixes).
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).
- smb: client: Fix minor whitespace errors and warnings (git-fixes).
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).
- smb: client: add support for WSL reparse points (git-fixes).
- smb: client: allow creating special files via reparse points (git-fixes).
- smb: client: allow creating symlinks via reparse points (git-fixes).
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- smb: client: do not query reparse points twice on symlinks (git-fixes).
- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).
- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).
- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).
- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).
- smb: client: fix hardlinking of reparse points (git-fixes).
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616).
- smb: client: fix possible double free in smb2_set_ea() (git-fixes).
- smb: client: fix potential broken compound request (git-fixes).
- smb: client: fix renaming of reparse points (git-fixes).
- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).
- smb: client: handle path separator of created SMB symlinks (git-fixes).
- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).
- smb: client: ignore unhandled reparse tags (git-fixes).
- smb: client: implement ->query_reparse_point() for SMB1 (git-fixes).
- smb: client: instantiate when creating SFU files (git-fixes).
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- smb: client: introduce reparse mount option (git-fixes).
- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).
- smb: client: move most of reparse point handling code to common file (git-fixes).
- smb: client: move some params to cifs_open_info_data (bsc#1231432).
- smb: client: optimise reparse point querying (git-fixes).
- smb: client: parse owner/group when creating reparse points (git-fixes).
- smb: client: parse reparse point flag in create response (bsc#1231432).
- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).
- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).
- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).
- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).
- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- smb: client: retry compound request without reusing lease (git-fixes).
- smb: client: return reparse type in /proc/mounts (git-fixes).
- smb: client: reuse file lease key in compound operations (git-fixes).
- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).
- smb: client: set correct file type from NFS reparse points (git-fixes).
- smb: client: stop revalidating reparse points unnecessarily (git-fixes).
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes).
- tools: move alignment-related macros to new <linux/align.h> (git-fixes).
- topology: Set capacity_freq_ref in all cases (bsc#1238052)
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- tpm_tis: Move CRC check to generic send routine (bsc#1235870).
- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).
- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).
- tty: serial: 8250: Add some more device IDs (stable-fixes).
- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).
- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).
- tty: xilinx_uartps: split sysrq handling (git-fixes).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).
- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).
- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).
- usb: xhci: correct debug message page size calculation (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).
- usbnet: ipheth: document scope of NCM implementation (stable-fixes).
- usbnet:fix NPE during rx_complete (git-fixes).
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- vfio/pci: Lock external INTx masking ops (bsc#1222803).
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- virtio-mem: check if the config changed before fake offlining memory (git-fixes).
- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).
- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).
- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).
- vsock/virtio: cancel close work in the destructor (git-fixes)
- vsock: Keep the binding until socket destruction (git-fixes)
- vsock: reset socket state when de-assigning the transport (git-fixes)
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).
- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/asm: Make serialize() always_inline (git-fixes).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle "nosmt" correctly (git-fixes).
- x86/microcode: Handle "offline" CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).
- xen/swiotlb: relax alignment requirements (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).
- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- zram: fix potential UAF of zram table (git-fixes).
- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).
- zram: refuse to use zero sized block device as backing device (git-fixes).
- zram: split memory-tracking and ac-time tracking (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1207948SUSE bug 1215199SUSE bug 1215211SUSE bug 1218470SUSE bug 1219367SUSE bug 1221651SUSE bug 1222649SUSE bug 1222672SUSE bug 1222803SUSE bug 1223047SUSE bug 1224013SUSE bug 1224049SUSE bug 1224489SUSE bug 1224610SUSE bug 1224757SUSE bug 1225533SUSE bug 1225606SUSE bug 1225742SUSE bug 1225770SUSE bug 1225981SUSE bug 1226871SUSE bug 1227858SUSE bug 1227937SUSE bug 1228521SUSE bug 1228653SUSE bug 1228659SUSE bug 1229311SUSE bug 1229361SUSE bug 1230235SUSE bug 1230438SUSE bug 1230439SUSE bug 1230497SUSE bug 1230728SUSE bug 1230769SUSE bug 1230832SUSE bug 1231088SUSE bug 1231293SUSE bug 1231432SUSE bug 1231910SUSE bug 1231912SUSE bug 1231920SUSE bug 1231949SUSE bug 1232159SUSE bug 1232198SUSE bug 1232201SUSE bug 1232299SUSE bug 1232364SUSE bug 1232389SUSE bug 1232421SUSE bug 1232508SUSE bug 1232520SUSE bug 1232743SUSE bug 1232812SUSE bug 1232848SUSE bug 1232895SUSE bug 1232919SUSE bug 1233028SUSE bug 1233033SUSE bug 1233060SUSE bug 1233109SUSE bug 1233221SUSE bug 1233248SUSE bug 1233259SUSE bug 1233260SUSE bug 1233479SUSE bug 1233483SUSE bug 1233522SUSE bug 1233551SUSE bug 1233557SUSE bug 1233749SUSE bug 1234070SUSE bug 1234074SUSE bug 1234157SUSE bug 1234222SUSE bug 1234480SUSE bug 1234698SUSE bug 1234828SUSE bug 1234853SUSE bug 1234857SUSE bug 1234891SUSE bug 1234894SUSE bug 1234895SUSE bug 1234896SUSE bug 1234936SUSE bug 1234963SUSE bug 1235054SUSE bug 1235061SUSE bug 1235073SUSE bug 1235244SUSE bug 1235435SUSE bug 1235436SUSE bug 1235441SUSE bug 1235455SUSE bug 1235485SUSE bug 1235501SUSE bug 1235524SUSE bug 1235550SUSE bug 1235589SUSE bug 1235591SUSE bug 1235592SUSE bug 1235599SUSE bug 1235609SUSE bug 1235621SUSE bug 1235637SUSE bug 1235698SUSE bug 1235711SUSE bug 1235712SUSE bug 1235715SUSE bug 1235729SUSE bug 1235733SUSE bug 1235761SUSE bug 1235870SUSE bug 1235874SUSE bug 1235914SUSE bug 1235932SUSE bug 1235933SUSE bug 1235973SUSE bug 1236099SUSE bug 1236111SUSE bug 1236113SUSE bug 1236114SUSE bug 1236115SUSE bug 1236122SUSE bug 1236123SUSE bug 1236133SUSE bug 1236138SUSE bug 1236199SUSE bug 1236200SUSE bug 1236203SUSE bug 1236205SUSE bug 1236206SUSE bug 1236333SUSE bug 1236573SUSE bug 1236575SUSE bug 1236576SUSE bug 1236591SUSE bug 1236661SUSE bug 1236677SUSE bug 1236680SUSE bug 1236681SUSE bug 1236682SUSE bug 1236683SUSE bug 1236684SUSE bug 1236685SUSE bug 1236689SUSE bug 1236692SUSE bug 1236694SUSE bug 1236698SUSE bug 1236700SUSE bug 1236702SUSE bug 1236752SUSE bug 1236757SUSE bug 1236758SUSE bug 1236759SUSE bug 1236760SUSE bug 1236761SUSE bug 1236821SUSE bug 1236822SUSE bug 1236896SUSE bug 1236897SUSE bug 1236952SUSE bug 1236967SUSE bug 1236994SUSE bug 1237007SUSE bug 1237017SUSE bug 1237025SUSE bug 1237028SUSE bug 1237029SUSE bug 1237045SUSE bug 1237126SUSE bug 1237132SUSE bug 1237139SUSE bug 1237155SUSE bug 1237158SUSE bug 1237159SUSE bug 1237164SUSE bug 1237232SUSE bug 1237234SUSE bug 1237313SUSE bug 1237325SUSE bug 1237356SUSE bug 1237415SUSE bug 1237452SUSE bug 1237504SUSE bug 1237521SUSE bug 1237530SUSE bug 1237558SUSE bug 1237562SUSE bug 1237563SUSE bug 1237565SUSE bug 1237571SUSE bug 1237848SUSE bug 1237849SUSE bug 1237853SUSE bug 1237856SUSE bug 1237873SUSE bug 1237874SUSE bug 1237875SUSE bug 1237876SUSE bug 1237877SUSE bug 1237879SUSE bug 1237881SUSE bug 1237882SUSE bug 1237885SUSE bug 1237889SUSE bug 1237890SUSE bug 1237891SUSE bug 1237894SUSE bug 1237897SUSE bug 1237900SUSE bug 1237901SUSE bug 1237906SUSE bug 1237907SUSE bug 1237911SUSE bug 1237912SUSE bug 1237950SUSE bug 1238052SUSE bug 1238212SUSE bug 1238214SUSE bug 1238303SUSE bug 1238347SUSE bug 1238368SUSE bug 1238474SUSE bug 1238475SUSE bug 1238479SUSE bug 1238494SUSE bug 1238496SUSE bug 1238497SUSE bug 1238500SUSE bug 1238501SUSE bug 1238502SUSE bug 1238503SUSE bug 1238506SUSE bug 1238507SUSE bug 1238509SUSE bug 1238510SUSE bug 1238511SUSE bug 1238512SUSE bug 1238521SUSE bug 1238523SUSE bug 1238525SUSE bug 1238526SUSE bug 1238528SUSE bug 1238529SUSE bug 1238531SUSE bug 1238532SUSE bug 1238565SUSE bug 1238570SUSE bug 1238715SUSE bug 1238716SUSE bug 1238734SUSE bug 1238735SUSE bug 1238736SUSE bug 1238738SUSE bug 1238739SUSE bug 1238746SUSE bug 1238747SUSE bug 1238751SUSE bug 1238753SUSE bug 1238754SUSE bug 1238757SUSE bug 1238759SUSE bug 1238760SUSE bug 1238762SUSE bug 1238763SUSE bug 1238767SUSE bug 1238768SUSE bug 1238771SUSE bug 1238772SUSE bug 1238773SUSE bug 1238775SUSE bug 1238780SUSE bug 1238781SUSE bug 1238785SUSE bug 1238860SUSE bug 1238863SUSE bug 1238864SUSE bug 1238865SUSE bug 1238876SUSE bug 1238877SUSE bug 1238903SUSE bug 1238904SUSE bug 1238905SUSE bug 1238909SUSE bug 1238911SUSE bug 1238917SUSE bug 1238958SUSE bug 1238959SUSE bug 1238963SUSE bug 1238964SUSE bug 1238969SUSE bug 1238970SUSE bug 1238971SUSE bug 1238973SUSE bug 1238975SUSE bug 1238978SUSE bug 1238979SUSE bug 1238981SUSE bug 1238984SUSE bug 1238986SUSE bug 1238990SUSE bug 1238993SUSE bug 1238994SUSE bug 1238997SUSE bug 1239015SUSE bug 1239016SUSE bug 1239027SUSE bug 1239029SUSE bug 1239030SUSE bug 1239033SUSE bug 1239034SUSE bug 1239036SUSE bug 1239037SUSE bug 1239038SUSE bug 1239039SUSE bug 1239045SUSE bug 1239065SUSE bug 1239066SUSE bug 1239068SUSE bug 1239073SUSE bug 1239076SUSE bug 1239080SUSE bug 1239085SUSE bug 1239087SUSE bug 1239095SUSE bug 1239104SUSE bug 1239105SUSE bug 1239109SUSE bug 1239112SUSE bug 1239114SUSE bug 1239115SUSE bug 1239117SUSE bug 1239167SUSE bug 1239174SUSE bug 1239346SUSE bug 1239349SUSE bug 1239435SUSE bug 1239467SUSE bug 1239468SUSE bug 1239471SUSE bug 1239473SUSE bug 1239474SUSE bug 1239475SUSE bug 1239477SUSE bug 1239478SUSE bug 1239479SUSE bug 1239481SUSE bug 1239482SUSE bug 1239483SUSE bug 1239484SUSE bug 1239486SUSE bug 1239508SUSE bug 1239512SUSE bug 1239518SUSE bug 1239573SUSE bug 1239594SUSE bug 1239595SUSE bug 1239600SUSE bug 1239605SUSE bug 1239615SUSE bug 1239644SUSE bug 1239684SUSE bug 1239707SUSE bug 1239906SUSE bug 1239925SUSE bug 1239986SUSE bug 1239994SUSE bug 1240167SUSE bug 1240168SUSE bug 1240169SUSE bug 1240171SUSE bug 1240172SUSE bug 1240173SUSE bug 1240175SUSE bug 1240176SUSE bug 1240177SUSE bug 1240179SUSE bug 1240182SUSE bug 1240183SUSE bug 1240184SUSE bug 1240185SUSE bug 1240186SUSE bug 1240188SUSE bug 1240189SUSE bug 1240191SUSE bug 1240192SUSE bug 1240333SUSE bug 1240334SUSE bug 1240375SUSE bug 1240575SUSE bug 1240581SUSE bug 1240582SUSE bug 1240583SUSE bug 1240584SUSE bug 1240585SUSE bug 1240587SUSE bug 1240590SUSE bug 1240591SUSE bug 1240592SUSE bug 1240594SUSE bug 1240595SUSE bug 1240596SUSE bug 1240600SUSE bug 1240612SUSE bug 1240616SUSE bug 1240639SUSE bug 1240643SUSE bug 1240647SUSE bug 1240691SUSE bug 1240700SUSE bug 1240701SUSE bug 1240703SUSE bug 1240708SUSE bug 1240714SUSE bug 1240715SUSE bug 1240716SUSE bug 1240718SUSE bug 1240719SUSE bug 1240720SUSE bug 1240722SUSE bug 1240727SUSE bug 1240739SUSE bug 1240742SUSE bug 1240779SUSE bug 1240783SUSE bug 1240784SUSE bug 1240795SUSE bug 1240796SUSE bug 1240797SUSE bug 1240799SUSE bug 1240801SUSE bug 1240806SUSE bug 1240808SUSE bug 1240812SUSE bug 1240813SUSE bug 1240815SUSE bug 1240816SUSE bug 1240819SUSE bug 1240821SUSE bug 1240825SUSE bug 1240829SUSE bug 1240873SUSE bug 1240937SUSE bug 1240938SUSE bug 1240940SUSE bug 1240942SUSE bug 1240943SUSE bug 1240978SUSE bug 1240979SUSE bug 1241038CVE-2023-52831 at SUSECVE-2023-52831 at NVDCVE-2023-52924 at SUSECVE-2023-52924 at NVDCVE-2023-52925 at SUSECVE-2023-52925 at NVDCVE-2023-52926 at SUSECVE-2023-52926 at NVDCVE-2023-52927 at SUSECVE-2023-52927 at NVDCVE-2024-26634 at SUSECVE-2024-26634 at NVDCVE-2024-26708 at SUSECVE-2024-26708 at NVDCVE-2024-26810 at SUSECVE-2024-26810 at NVDCVE-2024-26873 at SUSECVE-2024-26873 at NVDCVE-2024-27415 at SUSECVE-2024-27415 at NVDCVE-2024-35826 at SUSECVE-2024-35826 at NVDCVE-2024-35910 at SUSECVE-2024-35910 at NVDCVE-2024-38606 at SUSECVE-2024-38606 at NVDCVE-2024-40980 at SUSECVE-2024-40980 at NVDCVE-2024-41005 at SUSECVE-2024-41005 at NVDCVE-2024-41055 at SUSECVE-2024-41055 at NVDCVE-2024-41077 at SUSECVE-2024-41077 at NVDCVE-2024-41149 at SUSECVE-2024-41149 at NVDCVE-2024-42307 at SUSECVE-2024-42307 at NVDCVE-2024-43820 at SUSECVE-2024-43820 at NVDCVE-2024-44974 at SUSECVE-2024-44974 at NVDCVE-2024-45009 at SUSECVE-2024-45009 at NVDCVE-2024-45010 at SUSECVE-2024-45010 at NVDCVE-2024-46736 at SUSECVE-2024-46736 at NVDCVE-2024-46782 at SUSECVE-2024-46782 at NVDCVE-2024-46796 at SUSECVE-2024-46796 at NVDCVE-2024-46858 at SUSECVE-2024-46858 at NVDCVE-2024-47408 at SUSECVE-2024-47408 at NVDCVE-2024-47701 at SUSECVE-2024-47701 at NVDCVE-2024-47794 at SUSECVE-2024-47794 at NVDCVE-2024-49571 at SUSECVE-2024-49571 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49924 at SUSECVE-2024-49924 at NVDCVE-2024-49940 at SUSECVE-2024-49940 at NVDCVE-2024-49950 at SUSECVE-2024-49950 at NVDCVE-2024-49994 at SUSECVE-2024-49994 at NVDCVE-2024-50029 at SUSECVE-2024-50029 at NVDCVE-2024-50036 at SUSECVE-2024-50036 at NVDCVE-2024-50038 at SUSECVE-2024-50038 at NVDCVE-2024-50056 at SUSECVE-2024-50056 at NVDCVE-2024-50073 at SUSECVE-2024-50073 at NVDCVE-2024-50085 at SUSECVE-2024-50085 at NVDCVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-50126 at SUSECVE-2024-50126 at NVDCVE-2024-50140 at SUSECVE-2024-50140 at NVDCVE-2024-50142 at SUSECVE-2024-50142 at NVDCVE-2024-50152 at SUSECVE-2024-50152 at NVDCVE-2024-50185 at SUSECVE-2024-50185 at NVDCVE-2024-50251 at SUSECVE-2024-50251 at NVDCVE-2024-50258 at SUSECVE-2024-50258 at NVDCVE-2024-50290 at SUSECVE-2024-50290 at NVDCVE-2024-50294 at SUSECVE-2024-50294 at NVDCVE-2024-50304 at SUSECVE-2024-50304 at NVDCVE-2024-52559 at SUSECVE-2024-52559 at NVDCVE-2024-53057 at SUSECVE-2024-53057 at NVDCVE-2024-53063 at SUSECVE-2024-53063 at NVDCVE-2024-53123 at SUSECVE-2024-53123 at NVDCVE-2024-53124 at SUSECVE-2024-53124 at NVDCVE-2024-53139 at SUSECVE-2024-53139 at NVDCVE-2024-53140 at SUSECVE-2024-53140 at NVDCVE-2024-53147 at SUSECVE-2024-53147 at NVDCVE-2024-53163 at SUSECVE-2024-53163 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53176 at SUSECVE-2024-53176 at NVDCVE-2024-53177 at SUSECVE-2024-53177 at NVDCVE-2024-53178 at SUSECVE-2024-53178 at NVDCVE-2024-53226 at SUSECVE-2024-53226 at NVDCVE-2024-53239 at SUSECVE-2024-53239 at NVDCVE-2024-53680 at SUSECVE-2024-53680 at NVDCVE-2024-54683 at SUSECVE-2024-54683 at NVDCVE-2024-56539 at SUSECVE-2024-56539 at NVDCVE-2024-56548 at SUSECVE-2024-56548 at NVDCVE-2024-56579 at SUSECVE-2024-56579 at NVDCVE-2024-56592 at SUSECVE-2024-56592 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDCVE-2024-56633 at SUSECVE-2024-56633 at NVDCVE-2024-56638 at SUSECVE-2024-56638 at NVDCVE-2024-56640 at SUSECVE-2024-56640 at NVDCVE-2024-56647 at SUSECVE-2024-56647 at NVDCVE-2024-56658 at SUSECVE-2024-56658 at NVDCVE-2024-56702 at SUSECVE-2024-56702 at NVDCVE-2024-56703 at SUSECVE-2024-56703 at NVDCVE-2024-56718 at SUSECVE-2024-56718 at NVDCVE-2024-56719 at SUSECVE-2024-56719 at NVDCVE-2024-56720 at SUSECVE-2024-56720 at NVDCVE-2024-56751 at SUSECVE-2024-56751 at NVDCVE-2024-56758 at SUSECVE-2024-56758 at NVDCVE-2024-56770 at SUSECVE-2024-56770 at NVDCVE-2024-57807 at SUSECVE-2024-57807 at NVDCVE-2024-57834 at SUSECVE-2024-57834 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDCVE-2024-57889 at SUSECVE-2024-57889 at NVDCVE-2024-57900 at SUSECVE-2024-57900 at NVDCVE-2024-57947 at SUSECVE-2024-57947 at NVDCVE-2024-57948 at SUSECVE-2024-57948 at NVDCVE-2024-57973 at SUSECVE-2024-57973 at NVDCVE-2024-57974 at SUSECVE-2024-57974 at NVDCVE-2024-57978 at SUSECVE-2024-57978 at NVDCVE-2024-57979 at SUSECVE-2024-57979 at NVDCVE-2024-57980 at SUSECVE-2024-57980 at NVDCVE-2024-57981 at SUSECVE-2024-57981 at NVDCVE-2024-57986 at SUSECVE-2024-57986 at NVDCVE-2024-57990 at SUSECVE-2024-57990 at NVDCVE-2024-57993 at SUSECVE-2024-57993 at NVDCVE-2024-57994 at SUSECVE-2024-57994 at NVDCVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-57997 at SUSECVE-2024-57997 at NVDCVE-2024-57999 at SUSECVE-2024-57999 at NVDCVE-2024-58002 at SUSECVE-2024-58002 at NVDCVE-2024-58005 at SUSECVE-2024-58005 at NVDCVE-2024-58006 at SUSECVE-2024-58006 at NVDCVE-2024-58007 at SUSECVE-2024-58007 at NVDCVE-2024-58009 at SUSECVE-2024-58009 at NVDCVE-2024-58011 at SUSECVE-2024-58011 at NVDCVE-2024-58012 at SUSECVE-2024-58012 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2024-58014 at SUSECVE-2024-58014 at NVDCVE-2024-58017 at SUSECVE-2024-58017 at NVDCVE-2024-58018 at SUSECVE-2024-58018 at NVDCVE-2024-58019 at SUSECVE-2024-58019 at NVDCVE-2024-58020 at SUSECVE-2024-58020 at NVDCVE-2024-58034 at SUSECVE-2024-58034 at NVDCVE-2024-58051 at SUSECVE-2024-58051 at NVDCVE-2024-58052 at SUSECVE-2024-58052 at NVDCVE-2024-58054 at SUSECVE-2024-58054 at NVDCVE-2024-58055 at SUSECVE-2024-58055 at NVDCVE-2024-58056 at SUSECVE-2024-58056 at NVDCVE-2024-58057 at SUSECVE-2024-58057 at NVDCVE-2024-58058 at SUSECVE-2024-58058 at NVDCVE-2024-58061 at SUSECVE-2024-58061 at NVDCVE-2024-58063 at SUSECVE-2024-58063 at NVDCVE-2024-58069 at SUSECVE-2024-58069 at NVDCVE-2024-58071 at SUSECVE-2024-58071 at NVDCVE-2024-58072 at SUSECVE-2024-58072 at NVDCVE-2024-58076 at SUSECVE-2024-58076 at NVDCVE-2024-58078 at SUSECVE-2024-58078 at NVDCVE-2024-58079 at SUSECVE-2024-58079 at NVDCVE-2024-58080 at SUSECVE-2024-58080 at NVDCVE-2024-58083 at SUSECVE-2024-58083 at NVDCVE-2024-58085 at SUSECVE-2024-58085 at NVDCVE-2024-58086 at SUSECVE-2024-58086 at NVDCVE-2025-21631 at SUSECVE-2025-21631 at NVDCVE-2025-21635 at SUSECVE-2025-21635 at NVDCVE-2025-21636 at SUSECVE-2025-21636 at NVDCVE-2025-21637 at SUSECVE-2025-21637 at NVDCVE-2025-21638 at SUSECVE-2025-21638 at NVDCVE-2025-21639 at SUSECVE-2025-21639 at NVDCVE-2025-21640 at SUSECVE-2025-21640 at NVDCVE-2025-21647 at SUSECVE-2025-21647 at NVDCVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21665 at SUSECVE-2025-21665 at NVDCVE-2025-21666 at SUSECVE-2025-21666 at NVDCVE-2025-21667 at SUSECVE-2025-21667 at NVDCVE-2025-21668 at SUSECVE-2025-21668 at NVDCVE-2025-21669 at SUSECVE-2025-21669 at NVDCVE-2025-21670 at SUSECVE-2025-21670 at NVDCVE-2025-21671 at SUSECVE-2025-21671 at NVDCVE-2025-21673 at SUSECVE-2025-21673 at NVDCVE-2025-21675 at SUSECVE-2025-21675 at NVDCVE-2025-21678 at SUSECVE-2025-21678 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDCVE-2025-21681 at SUSECVE-2025-21681 at NVDCVE-2025-21684 at SUSECVE-2025-21684 at NVDCVE-2025-21687 at SUSECVE-2025-21687 at NVDCVE-2025-21688 at SUSECVE-2025-21688 at NVDCVE-2025-21689 at SUSECVE-2025-21689 at NVDCVE-2025-21690 at SUSECVE-2025-21690 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21693 at SUSECVE-2025-21693 at NVDCVE-2025-21697 at SUSECVE-2025-21697 at NVDCVE-2025-21699 at SUSECVE-2025-21699 at NVDCVE-2025-21700 at SUSECVE-2025-21700 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21703 at SUSECVE-2025-21703 at NVDCVE-2025-21704 at SUSECVE-2025-21704 at NVDCVE-2025-21705 at SUSECVE-2025-21705 at NVDCVE-2025-21706 at SUSECVE-2025-21706 at NVDCVE-2025-21708 at SUSECVE-2025-21708 at NVDCVE-2025-21711 at SUSECVE-2025-21711 at NVDCVE-2025-21714 at SUSECVE-2025-21714 at NVDCVE-2025-21715 at SUSECVE-2025-21715 at NVDCVE-2025-21716 at SUSECVE-2025-21716 at NVDCVE-2025-21718 at SUSECVE-2025-21718 at NVDCVE-2025-21719 at SUSECVE-2025-21719 at NVDCVE-2025-21723 at SUSECVE-2025-21723 at NVDCVE-2025-21724 at SUSECVE-2025-21724 at NVDCVE-2025-21725 at SUSECVE-2025-21725 at NVDCVE-2025-21726 at SUSECVE-2025-21726 at NVDCVE-2025-21727 at SUSECVE-2025-21727 at NVDCVE-2025-21728 at SUSECVE-2025-21728 at NVDCVE-2025-21729 at SUSECVE-2025-21729 at NVDCVE-2025-21731 at SUSECVE-2025-21731 at NVDCVE-2025-21732 at SUSECVE-2025-21732 at NVDCVE-2025-21733 at SUSECVE-2025-21733 at NVDCVE-2025-21734 at SUSECVE-2025-21734 at NVDCVE-2025-21735 at SUSECVE-2025-21735 at NVDCVE-2025-21736 at SUSECVE-2025-21736 at NVDCVE-2025-21738 at SUSECVE-2025-21738 at NVDCVE-2025-21739 at SUSECVE-2025-21739 at NVDCVE-2025-21741 at SUSECVE-2025-21741 at NVDCVE-2025-21742 at SUSECVE-2025-21742 at NVDCVE-2025-21743 at SUSECVE-2025-21743 at NVDCVE-2025-21744 at SUSECVE-2025-21744 at NVDCVE-2025-21745 at SUSECVE-2025-21745 at NVDCVE-2025-21749 at SUSECVE-2025-21749 at NVDCVE-2025-21750 at SUSECVE-2025-21750 at NVDCVE-2025-21753 at SUSECVE-2025-21753 at NVDCVE-2025-21754 at SUSECVE-2025-21754 at NVDCVE-2025-21755 at SUSECVE-2025-21755 at NVDCVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-21759 at SUSECVE-2025-21759 at NVDCVE-2025-21760 at SUSECVE-2025-21760 at NVDCVE-2025-21761 at SUSECVE-2025-21761 at NVDCVE-2025-21762 at SUSECVE-2025-21762 at NVDCVE-2025-21763 at SUSECVE-2025-21763 at NVDCVE-2025-21764 at SUSECVE-2025-21764 at NVDCVE-2025-21765 at SUSECVE-2025-21765 at NVDCVE-2025-21766 at SUSECVE-2025-21766 at NVDCVE-2025-21767 at SUSECVE-2025-21767 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-21773 at SUSECVE-2025-21773 at NVDCVE-2025-21775 at SUSECVE-2025-21775 at NVDCVE-2025-21776 at SUSECVE-2025-21776 at NVDCVE-2025-21779 at SUSECVE-2025-21779 at NVDCVE-2025-21780 at SUSECVE-2025-21780 at NVDCVE-2025-21781 at SUSECVE-2025-21781 at NVDCVE-2025-21782 at SUSECVE-2025-21782 at NVDCVE-2025-21784 at SUSECVE-2025-21784 at NVDCVE-2025-21785 at SUSECVE-2025-21785 at NVDCVE-2025-21790 at SUSECVE-2025-21790 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-21793 at SUSECVE-2025-21793 at NVDCVE-2025-21794 at SUSECVE-2025-21794 at NVDCVE-2025-21795 at SUSECVE-2025-21795 at NVDCVE-2025-21796 at SUSECVE-2025-21796 at NVDCVE-2025-21799 at SUSECVE-2025-21799 at NVDCVE-2025-21802 at SUSECVE-2025-21802 at NVDCVE-2025-21804 at SUSECVE-2025-21804 at NVDCVE-2025-21806 at SUSECVE-2025-21806 at NVDCVE-2025-21810 at SUSECVE-2025-21810 at NVDCVE-2025-21815 at SUSECVE-2025-21815 at NVDCVE-2025-21819 at SUSECVE-2025-21819 at NVDCVE-2025-21820 at SUSECVE-2025-21820 at NVDCVE-2025-21821 at SUSECVE-2025-21821 at NVDCVE-2025-21823 at SUSECVE-2025-21823 at NVDCVE-2025-21825 at SUSECVE-2025-21825 at NVDCVE-2025-21828 at SUSECVE-2025-21828 at NVDCVE-2025-21829 at SUSECVE-2025-21829 at NVDCVE-2025-21830 at SUSECVE-2025-21830 at NVDCVE-2025-21831 at SUSECVE-2025-21831 at NVDCVE-2025-21832 at SUSECVE-2025-21832 at NVDCVE-2025-21835 at SUSECVE-2025-21835 at NVDCVE-2025-21836 at SUSECVE-2025-21836 at NVDCVE-2025-21838 at SUSECVE-2025-21838 at NVDCVE-2025-21844 at SUSECVE-2025-21844 at NVDCVE-2025-21846 at SUSECVE-2025-21846 at NVDCVE-2025-21847 at SUSECVE-2025-21847 at NVDCVE-2025-21848 at SUSECVE-2025-21848 at NVDCVE-2025-21850 at SUSECVE-2025-21850 at NVDCVE-2025-21855 at SUSECVE-2025-21855 at NVDCVE-2025-21856 at SUSECVE-2025-21856 at NVDCVE-2025-21857 at SUSECVE-2025-21857 at NVDCVE-2025-21858 at SUSECVE-2025-21858 at NVDCVE-2025-21859 at SUSECVE-2025-21859 at NVDCVE-2025-21861 at SUSECVE-2025-21861 at NVDCVE-2025-21862 at SUSECVE-2025-21862 at NVDCVE-2025-21863 at SUSECVE-2025-21863 at NVDCVE-2025-21864 at SUSECVE-2025-21864 at NVDCVE-2025-21865 at SUSECVE-2025-21865 at NVDCVE-2025-21866 at SUSECVE-2025-21866 at NVDCVE-2025-21869 at SUSECVE-2025-21869 at NVDCVE-2025-21870 at SUSECVE-2025-21870 at NVDCVE-2025-21871 at SUSECVE-2025-21871 at NVDCVE-2025-21873 at SUSECVE-2025-21873 at NVDCVE-2025-21875 at SUSECVE-2025-21875 at NVDCVE-2025-21876 at SUSECVE-2025-21876 at NVDCVE-2025-21877 at SUSECVE-2025-21877 at NVDCVE-2025-21878 at SUSECVE-2025-21878 at NVDCVE-2025-21881 at SUSECVE-2025-21881 at NVDCVE-2025-21883 at SUSECVE-2025-21883 at NVDCVE-2025-21884 at SUSECVE-2025-21884 at NVDCVE-2025-21885 at SUSECVE-2025-21885 at NVDCVE-2025-21886 at SUSECVE-2025-21886 at NVDCVE-2025-21887 at SUSECVE-2025-21887 at NVDCVE-2025-21888 at SUSECVE-2025-21888 at NVDCVE-2025-21889 at SUSECVE-2025-21889 at NVDCVE-2025-21890 at SUSECVE-2025-21890 at NVDCVE-2025-21891 at SUSECVE-2025-21891 at NVDCVE-2025-21892 at SUSECVE-2025-21892 at NVDCVE-2025-21894 at SUSECVE-2025-21894 at NVDCVE-2025-21895 at SUSECVE-2025-21895 at NVDCVE-2025-21905 at SUSECVE-2025-21905 at NVDCVE-2025-21906 at SUSECVE-2025-21906 at NVDCVE-2025-21908 at SUSECVE-2025-21908 at NVDCVE-2025-21909 at SUSECVE-2025-21909 at NVDCVE-2025-21910 at SUSECVE-2025-21910 at NVDCVE-2025-21912 at SUSECVE-2025-21912 at NVDCVE-2025-21913 at SUSECVE-2025-21913 at NVDCVE-2025-21914 at SUSECVE-2025-21914 at NVDCVE-2025-21915 at SUSECVE-2025-21915 at NVDCVE-2025-21916 at SUSECVE-2025-21916 at NVDCVE-2025-21917 at SUSECVE-2025-21917 at NVDCVE-2025-21918 at SUSECVE-2025-21918 at NVDCVE-2025-21922 at SUSECVE-2025-21922 at NVDCVE-2025-21923 at SUSECVE-2025-21923 at NVDCVE-2025-21924 at SUSECVE-2025-21924 at NVDCVE-2025-21927 at SUSECVE-2025-21927 at NVDCVE-2025-21928 at SUSECVE-2025-21928 at NVDCVE-2025-21930 at SUSECVE-2025-21930 at NVDCVE-2025-21934 at SUSECVE-2025-21934 at NVDCVE-2025-21935 at SUSECVE-2025-21935 at NVDCVE-2025-21936 at SUSECVE-2025-21936 at NVDCVE-2025-21937 at SUSECVE-2025-21937 at NVDCVE-2025-21941 at SUSECVE-2025-21941 at NVDCVE-2025-21943 at SUSECVE-2025-21943 at NVDCVE-2025-21948 at SUSECVE-2025-21948 at NVDCVE-2025-21950 at SUSECVE-2025-21950 at NVDCVE-2025-21951 at SUSECVE-2025-21951 at NVDCVE-2025-21953 at SUSECVE-2025-21953 at NVDCVE-2025-21956 at SUSECVE-2025-21956 at NVDCVE-2025-21957 at SUSECVE-2025-21957 at NVDCVE-2025-21960 at SUSECVE-2025-21960 at NVDCVE-2025-21961 at SUSECVE-2025-21961 at NVDCVE-2025-21966 at SUSECVE-2025-21966 at NVDCVE-2025-21968 at SUSECVE-2025-21968 at NVDCVE-2025-21969 at SUSECVE-2025-21969 at NVDCVE-2025-21970 at SUSECVE-2025-21970 at NVDCVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-21972 at SUSECVE-2025-21972 at NVDCVE-2025-21975 at SUSECVE-2025-21975 at NVDCVE-2025-21978 at SUSECVE-2025-21978 at NVDCVE-2025-21979 at SUSECVE-2025-21979 at NVDCVE-2025-21981 at SUSECVE-2025-21981 at NVDCVE-2025-21991 at SUSECVE-2025-21991 at NVDCVE-2025-21992 at SUSECVE-2025-21992 at NVDCVE-2025-21993 at SUSECVE-2025-21993 at NVDCVE-2025-21995 at SUSECVE-2025-21995 at NVDCVE-2025-21996 at SUSECVE-2025-21996 at NVDCVE-2025-22001 at SUSECVE-2025-22001 at NVDCVE-2025-22003 at SUSECVE-2025-22003 at NVDCVE-2025-22007 at SUSECVE-2025-22007 at NVDCVE-2025-22008 at SUSECVE-2025-22008 at NVDCVE-2025-22009 at SUSECVE-2025-22009 at NVDCVE-2025-22010 at SUSECVE-2025-22010 at NVDCVE-2025-22013 at SUSECVE-2025-22013 at NVDCVE-2025-22014 at SUSECVE-2025-22014 at NVDCVE-2025-2312 at SUSECVE-2025-2312 at NVDcpe:/o:suse:sl-micro:6.0Security update for nvidia-open-driver-G06-signed (Important)SUSE Linux Micro 6.0
This update for nvidia-open-driver-G06-signed fixes the following issues:
Update non-CUDA variant to 580.82.07 (bsc#1249235)
Update non-CUDA variant to 580.76.05 (bsc#1247907)
- get rid of rule of older KMPs not to load nvidia_drm module,
which are still installed in parallel and therefore still
active (bsc#1247923)
Update CUDA variant to 580.65.06, which addresses various security issues:
* CVE-2025-23277 (bsc#1247528)
* CVE-2025-23278 (bsc#1247529)
* CVE-2025-23286 (bsc#1247530)
* CVE-2025-23283 (bsc#1247531)
* CVE-2025-23279 (bsc#1247532)
Update non-CUDA variant to 570.172.08 (bsc#1246327)
- empty pci_ids-570.169; PCI ID hardware Supplements get moved to
gfx repository to package nvidia-open-driver-G06-signed-kmp-meta
(bsc#1246010)
- remove 60-nvidia-$flavor.conf, since driver no longer gets
autoselected without gfx/cuda repositories present and so we no
longer need to disable it by default (bsc#1246010)
ImportantSUSE bug 1237208SUSE bug 1246010SUSE bug 1246327SUSE bug 1247528SUSE bug 1247529SUSE bug 1247530SUSE bug 1247531SUSE bug 1247532SUSE bug 1247907SUSE bug 1247923SUSE bug 1249235CVE-2025-23277 at SUSECVE-2025-23277 at NVDCVE-2025-23278 at SUSECVE-2025-23278 at NVDCVE-2025-23279 at SUSECVE-2025-23279 at NVDCVE-2025-23283 at SUSECVE-2025-23283 at NVDCVE-2025-23286 at SUSECVE-2025-23286 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1237048SUSE bug 1240744SUSE bug 1243650SUSE bug 1245509SUSE bug 1247315CVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-50154: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink() (bsc#1233072)
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1233072SUSE bug 1237048SUSE bug 1240744SUSE bug 1243650SUSE bug 1245509SUSE bug 1247315CVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2024-50154: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink() (bsc#1233072)
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1233072SUSE bug 1237048SUSE bug 1240744SUSE bug 1243650SUSE bug 1245509SUSE bug 1247315CVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1237048SUSE bug 1240744SUSE bug 1245509SUSE bug 1247315CVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1247315CVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-27415: netfilter: br_netfilter: skip conntrack input hook for promisc packets (bsc#1224757).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).
- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).
- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).
- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).
- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).
- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).
- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).
- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).
- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).
- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).
- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).
- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).
- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).
- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).
- CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784).
- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).
- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).
- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).
- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).
- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).
- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
The following non-security bugs were fixed:
- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).
- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).
- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).
- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).
- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).
- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).
- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).
- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).
- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).
- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).
- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).
- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).
- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).
- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).
- affs: do not write overlarge OFS data block size fields (git-fixes).
- affs: generate OFS sequence numbers starting at 1 (git-fixes).
- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)
- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)
- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)
- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)
- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)
- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)
- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)
- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)
- arm64: mm: Correct the update of max_pfn (git-fixes)
- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).
- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).
- bpf: fix potential error return (git-fixes).
- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).
- counter: fix privdata alignment (git-fixes).
- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).
- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).
- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)
- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)
- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)
Keep the feature disabled by default on x86_64
- drm/amd/pm/smu11: Prevent division by zero (git-fixes).
- drm/amd/pm: Prevent division by zero (git-fixes).
- drm/amd: Keep display off while going into S4 (stable-fixes).
- drm/amdgpu/dma_buf: fix page_link check (git-fixes).
- drm/amdgpu/gfx11: fix num_mec (git-fixes).
- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).
- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).
- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).
- drm/sti: remove duplicate object names (git-fixes).
- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).
- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).
- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).
- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).
- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__default_new() to
perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).
- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).
- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).
- mtd: rawnand: Add status chack in r852_ready() (git-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).
- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).
- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).
- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).
- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).
- ntb: intel: Fix using link status DB's (git-fixes).
- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).
- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).
- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).
- ntb_perf: Fix printk format (git-fixes).
- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).
- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).
- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).
- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- perf tools: annotate asm_pure_loop.S (bsc#1239906).
- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).
- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).
- platform/x86: ISST: Correct command storage data length (git-fixes).
- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).
- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).
- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).
- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).
- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).
- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).
- s390/cio: Fix CHPID "configure" attribute caching (git-fixes bsc#1240979).
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).
- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)
- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).
- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).
- smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616).
- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).
- topology: Set capacity_freq_ref in all cases (bsc#1238052)
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- tpm_tis: Move CRC check to generic send routine (bsc#1235870).
- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).
- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).
- tty: serial: 8250: Add some more device IDs (stable-fixes).
- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).
- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).
- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).
- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).
- usb: xhci: correct debug message page size calculation (git-fixes).
- usbnet:fix NPE during rx_complete (git-fixes).
- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).
- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).
- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).
- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).
- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).
- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).
- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).
- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).
ImportantSUSE bug 1224013SUSE bug 1224757SUSE bug 1228659SUSE bug 1231910SUSE bug 1234074SUSE bug 1234157SUSE bug 1234698SUSE bug 1235550SUSE bug 1235870SUSE bug 1237874SUSE bug 1237882SUSE bug 1238052SUSE bug 1238565SUSE bug 1238746SUSE bug 1238970SUSE bug 1238990SUSE bug 1239066SUSE bug 1239475SUSE bug 1239684SUSE bug 1239906SUSE bug 1239925SUSE bug 1240167SUSE bug 1240168SUSE bug 1240171SUSE bug 1240176SUSE bug 1240184SUSE bug 1240185SUSE bug 1240375SUSE bug 1240575SUSE bug 1240581SUSE bug 1240582SUSE bug 1240583SUSE bug 1240584SUSE bug 1240585SUSE bug 1240587SUSE bug 1240590SUSE bug 1240591SUSE bug 1240592SUSE bug 1240594SUSE bug 1240595SUSE bug 1240596SUSE bug 1240600SUSE bug 1240612SUSE bug 1240616SUSE bug 1240639SUSE bug 1240643SUSE bug 1240647SUSE bug 1240691SUSE bug 1240700SUSE bug 1240701SUSE bug 1240703SUSE bug 1240708SUSE bug 1240714SUSE bug 1240715SUSE bug 1240716SUSE bug 1240718SUSE bug 1240719SUSE bug 1240720SUSE bug 1240722SUSE bug 1240727SUSE bug 1240739SUSE bug 1240742SUSE bug 1240779SUSE bug 1240783SUSE bug 1240784SUSE bug 1240795SUSE bug 1240796SUSE bug 1240797SUSE bug 1240799SUSE bug 1240801SUSE bug 1240806SUSE bug 1240808SUSE bug 1240812SUSE bug 1240813SUSE bug 1240815SUSE bug 1240816SUSE bug 1240819SUSE bug 1240821SUSE bug 1240825SUSE bug 1240829SUSE bug 1240873SUSE bug 1240937SUSE bug 1240938SUSE bug 1240940SUSE bug 1240942SUSE bug 1240943SUSE bug 1240978SUSE bug 1240979SUSE bug 1241038CVE-2024-27415 at SUSECVE-2024-27415 at NVDCVE-2024-50038 at SUSECVE-2024-50038 at NVDCVE-2024-53124 at SUSECVE-2024-53124 at NVDCVE-2024-53139 at SUSECVE-2024-53139 at NVDCVE-2024-58018 at SUSECVE-2024-58018 at NVDCVE-2024-58071 at SUSECVE-2024-58071 at NVDCVE-2025-21729 at SUSECVE-2025-21729 at NVDCVE-2025-21755 at SUSECVE-2025-21755 at NVDCVE-2025-21806 at SUSECVE-2025-21806 at NVDCVE-2025-21836 at SUSECVE-2025-21836 at NVDCVE-2025-21863 at SUSECVE-2025-21863 at NVDCVE-2025-21873 at SUSECVE-2025-21873 at NVDCVE-2025-21875 at SUSECVE-2025-21875 at NVDCVE-2025-21881 at SUSECVE-2025-21881 at NVDCVE-2025-21884 at SUSECVE-2025-21884 at NVDCVE-2025-21887 at SUSECVE-2025-21887 at NVDCVE-2025-21889 at SUSECVE-2025-21889 at NVDCVE-2025-21894 at SUSECVE-2025-21894 at NVDCVE-2025-21895 at SUSECVE-2025-21895 at NVDCVE-2025-21905 at SUSECVE-2025-21905 at NVDCVE-2025-21906 at SUSECVE-2025-21906 at NVDCVE-2025-21908 at SUSECVE-2025-21908 at NVDCVE-2025-21909 at SUSECVE-2025-21909 at NVDCVE-2025-21910 at SUSECVE-2025-21910 at NVDCVE-2025-21912 at SUSECVE-2025-21912 at NVDCVE-2025-21913 at SUSECVE-2025-21913 at NVDCVE-2025-21914 at SUSECVE-2025-21914 at NVDCVE-2025-21915 at SUSECVE-2025-21915 at NVDCVE-2025-21916 at SUSECVE-2025-21916 at NVDCVE-2025-21917 at SUSECVE-2025-21917 at NVDCVE-2025-21918 at SUSECVE-2025-21918 at NVDCVE-2025-21922 at SUSECVE-2025-21922 at NVDCVE-2025-21923 at SUSECVE-2025-21923 at NVDCVE-2025-21924 at SUSECVE-2025-21924 at NVDCVE-2025-21927 at SUSECVE-2025-21927 at NVDCVE-2025-21928 at SUSECVE-2025-21928 at NVDCVE-2025-21930 at SUSECVE-2025-21930 at NVDCVE-2025-21934 at SUSECVE-2025-21934 at NVDCVE-2025-21935 at SUSECVE-2025-21935 at NVDCVE-2025-21936 at SUSECVE-2025-21936 at NVDCVE-2025-21937 at SUSECVE-2025-21937 at NVDCVE-2025-21941 at SUSECVE-2025-21941 at NVDCVE-2025-21943 at SUSECVE-2025-21943 at NVDCVE-2025-21948 at SUSECVE-2025-21948 at NVDCVE-2025-21950 at SUSECVE-2025-21950 at NVDCVE-2025-21951 at SUSECVE-2025-21951 at NVDCVE-2025-21953 at SUSECVE-2025-21953 at NVDCVE-2025-21956 at SUSECVE-2025-21956 at NVDCVE-2025-21957 at SUSECVE-2025-21957 at NVDCVE-2025-21960 at SUSECVE-2025-21960 at NVDCVE-2025-21961 at SUSECVE-2025-21961 at NVDCVE-2025-21966 at SUSECVE-2025-21966 at NVDCVE-2025-21968 at SUSECVE-2025-21968 at NVDCVE-2025-21969 at SUSECVE-2025-21969 at NVDCVE-2025-21970 at SUSECVE-2025-21970 at NVDCVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-21972 at SUSECVE-2025-21972 at NVDCVE-2025-21975 at SUSECVE-2025-21975 at NVDCVE-2025-21978 at SUSECVE-2025-21978 at NVDCVE-2025-21979 at SUSECVE-2025-21979 at NVDCVE-2025-21981 at SUSECVE-2025-21981 at NVDCVE-2025-21991 at SUSECVE-2025-21991 at NVDCVE-2025-21992 at SUSECVE-2025-21992 at NVDCVE-2025-21993 at SUSECVE-2025-21993 at NVDCVE-2025-21995 at SUSECVE-2025-21995 at NVDCVE-2025-21996 at SUSECVE-2025-21996 at NVDCVE-2025-22001 at SUSECVE-2025-22001 at NVDCVE-2025-22003 at SUSECVE-2025-22003 at NVDCVE-2025-22007 at SUSECVE-2025-22007 at NVDCVE-2025-22008 at SUSECVE-2025-22008 at NVDCVE-2025-22009 at SUSECVE-2025-22009 at NVDCVE-2025-22010 at SUSECVE-2025-22010 at NVDCVE-2025-22013 at SUSECVE-2025-22013 at NVDCVE-2025-22014 at SUSECVE-2025-22014 at NVDCVE-2025-2312 at SUSECVE-2025-2312 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-50154: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink() (bsc#1233072)
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1233072SUSE bug 1237048SUSE bug 1240744SUSE bug 1243650SUSE bug 1245509SUSE bug 1247315CVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2024-50154: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink() (bsc#1233072)
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1233072SUSE bug 1237048SUSE bug 1240744SUSE bug 1243650SUSE bug 1245509SUSE bug 1247315CVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1237048SUSE bug 1240744SUSE bug 1243650SUSE bug 1245509SUSE bug 1247315CVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1237048SUSE bug 1240744SUSE bug 1245509SUSE bug 1247315CVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_7 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ModerateSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1247315CVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer (bsc#1249770).
- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
- CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
- CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
- CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
- CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).
- CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
- CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
- CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).
- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
- CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
- CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
- CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
- CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
- CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
- CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
- CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
- CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
- CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
- CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
- CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
- CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
- CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
- CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
- CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).
- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
- CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).
- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
- CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
- CVE-2025-39832: net/mlx5: Fix lockdep assertion on sync reset unload event (bsc#1249901).
- CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).
- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
- CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
- CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
- CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
- CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).
The following non-security bugs were fixed:
- !CONFIG & reference -> this is bug, immediate fail
- 9p/xen: fix init sequence (git-fixes).
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).
- ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message (git-fixes).
- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).
- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).
- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).
- ACPICA: Fix largest possible resource descriptor index (git-fixes).
- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).
- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).
- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).
- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).
- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).
- ALSA: lx_core: use int type to store negative error codes (git-fixes).
- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).
- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).
- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Convert comma to semicolon (git-fixes).
- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).
- ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-fixes).
- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).
- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).
- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).
- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).
- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).
- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).
- ASoC: wm8940: Correct PLL rate rounding (git-fixes).
- ASoC: wm8940: Correct typo in control name (git-fixes).
- ASoC: wm8974: Correct PLL rate rounding (git-fixes).
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).
- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
- Bluetooth: MGMT: Fix possible UAFs (git-fixes).
- Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).
- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).
- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).
- Bluetooth: qca: fix invalid device address check (git-fixes).
- Bluetooth: qca: fix wcn3991 device address check (git-fixes).
- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- Correct typos of References tags in some patches
- Do not self obsolete older kernel variants
- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).
- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).
- Drop PCI patches that broke kdump capture boot (bsc#1246509)
- Drop arm64 patches that may lead to module load failure (bsc#1250057)
- EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller (git-fixes).
- Fix BPF selftests compilation error in bpf_iter.c (git-fixes)
- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).
- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).
- HID: input: report battery status changes immediately (git-fixes).
- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).
- HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).
- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
- HID: wacom: Add a new Art Pen 2 (stable-fixes).
- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
- IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes)
- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
- KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes).
- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).
- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes).
- KVM: VMX: Extract checking of guest's DEBUGCTL into helper (git-fixes).
- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).
- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-fixes).
- KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-fixes).
- KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits (git-fixes).
- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).
- KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table (git-fixes).
- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).
- KVM: x86: Fully defer to vendor code to decide how to force immediate exit (git-fixes).
- KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-fixes).
- KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint (git-fixes).
- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).
- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186)
- Limit patch filenames to 100 characters (bsc#1249604).
- NFSv4.1: fix backchannel max_resp_sz verification check (git-fixes).
- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).
- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).
- NFSv4: Do not clear capabilities that won't be reset (git-fixes).
- PCI/AER: Fix missing uevent on recovery when a reset is requested (git-fixes).
- PCI/ERR: Fix uevent on failure to recover (git-fixes).
- PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (git-fixes).
- PCI/sysfs: Ensure devices are powered for config reads (git-fixes).
- PCI: Extend isolated function probing to LoongArch (git-fixes).
- PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit (git-fixes).
- PCI: rcar-host: Drop PMSR spinlock (git-fixes).
- PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() (git-fixes).
- PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes).
- PCI: tegra194: Handle errors in BPMP response (git-fixes).
- PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock (git-fixes).
- PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation (git-fixes).
- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).
- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).
- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes)
- RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes)
- RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes)
- RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes)
- RDMA/rxe: Fix race in do_task() when draining (git-fixes)
- RDMA/siw: Always report immediate post SQ errors (git-fixes)
- Revert "SUNRPC: Do not allow waiting for exiting tasks" (git-fixes).
- Revert "drm/amdgpu: fix incorrect vm flags to map bo" (stable-fixes).
- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
- Squashfs: add additional inode sanity checking (git-fixes).
- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).
- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).
- Update config files. (bsc#1249186) Plain run_oldconfig after Kconfig update.
- afs: Fix potential null pointer dereference in afs_put_server (git-fixes).
- arm64: Handle KCOV __init vs inline mismatches (git-fixes)
- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
- arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes)
- arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes)
- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
- arm64: dts: imx8mp: Correct thermal sensor index (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
- batman-adv: fix OOB read/write in network-coding decode (git-fixes).
- bpf, bpftool: Fix incorrect disasm pc (git-fixes).
- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
- bpf: Fix iter/task tid filtering (git-fixes).
- bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).
- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
- bpf: Properly test iter/task tid filtering (git-fixes).
- bpf: bpftool: Setting error code in do_loader() (git-fixes).
- bpf: handle implicit declaration of function gettid in bpf_iter.c
- bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).
- bpftool: Fix JSON writer resource leak in version command (git-fixes).
- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).
- bpftool: Fix readlink usage in get_fd_type (git-fixes).
- bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).
- bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).
- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).
- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).
- btrfs: add cancellation points to trim loops (git-fixes).
- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).
- btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).
- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).
- btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes).
- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).
- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).
- btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).
- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).
- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).
- btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).
- btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).
- btrfs: scrub: fix grouping of read IO (git-fixes).
- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
- btrfs: split remaining space to discard in chunks (git-fixes).
- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
- btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).
- build_bug.h: Add KABI assert (bsc#1249186).
- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).
- bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() (git-fixes).
- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).
- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).
- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).
- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).
- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
- ceph: validate snapdirname option length when mounting (git-fixes).
- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).
- cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).
- cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (bsc#1247963).
- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
- cgroup: make css_rstat_updated nmi safe (bsc#1247963).
- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).
- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).
- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).
- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
- config.sh: Use Step repository for building Leap kernel bs-upload-kernel does not understand the Leap repository layout
- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).
- cpufreq: Exit governor when failed to start old governor (stable-fixes).
- cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).
- cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).
- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
- cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes).
- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).
- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
- cpufreq: scpi: compare kHz instead of Hz (git-fixes).
- cpufreq: tegra186: Share policy per cluster (stable-fixes).
- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).
- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).
- crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes).
- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).
- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).
- crypto: qat - add shutdown handler to qat_c62x (git-fixes).
- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).
- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).
- dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation (git-fixes).
- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).
- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).
- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
- dmaengine: idxd: Remove improper idxd_free (git-fixes).
- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).
- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).
- docs: admin-guide: update to current minimum pipe size default (git-fixes).
- drivers/base/node: fix double free in register_one_node() (git-fixes).
- drivers/base/node: handle error properly in register_one_node() (git-fixes).
- drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).
- drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).
- drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).
- drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).
- drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).
- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
- drm/amd/display: Remove redundant semicolons (git-fixes).
- drm/amd/display: use udelay rather than fsleep (git-fixes).
- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).
- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).
- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).
- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).
- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).
- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).
- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
- drm/amdgpu: remove the redeclaration of variable i (git-fixes).
- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).
- drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).
- drm/bridge: it6505: select REGMAP_I2C (git-fixes).
- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).
- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).
- drm/edid: Define the quirks in an enum list (bsc#1248121).
- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).
- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).
- drm/mediatek: fix potential OF node use-after-free (git-fixes).
- drm/msm/dpu: fix incorrect type for ret (git-fixes).
- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).
- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).
- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).
- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).
- fbcon: Fix OOB access in font allocation (git-fixes).
- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).
- firmware: meson_sm: fix device leak at probe (git-fixes).
- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).
- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).
- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).
- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).
- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
- hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).
- i2c: designware: Add disabling clocks when probe fails (git-fixes).
- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).
- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).
- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
- i3c: Fix default I2C adapter timeout value (git-fixes).
- i3c: master: svc: Recycle unused IBI slot (git-fixes).
- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).
- iio: dac: ad5360: use int type to store negative error codes (git-fixes).
- iio: dac: ad5421: use int type to store negative error codes (git-fixes).
- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).
- iio: frequency: adf4350: Fix prescaler usage (git-fixes).
- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).
- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).
- iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-fixes).
- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
- kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- kABI fix for "netfilter: nf_tables: Audit log rule reset" (git-fixes).
- kABI workaround for "drm/dp: Add an EDID quirk for the DPCD register access probe" (bsc#1248121).
- kABI workaround for RCU tasks exit tracking (bsc#1246298).
- kABI: adjust new field on ip_ct_sctp struct (git-fixes).
- kABI: arm64: ftrace: Restore init_module behavior (git-fixes).
- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
- kABI: make nft_trans_gc_catchall() public again (git-fixes).
- kABI: netfilter flowtable move gc operation to bottom (git-fixes).
- kabi: Restore layout of parallel_data (bsc1248343).
- kabi: add struct cgroup_extra (bsc#1247963).
- kabi: drop kvm_x86_ops from kabi relevant symbols.
- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).
- kernel-binary: Another installation ordering fix (bsc#1241353).
- kernel-source.spec: Depend on python3-base for build Both kernel-binary and kernel-docs already have this dependency.
- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).
- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).
- media: cx18: Add missing check after DMA map (git-fixes).
- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
- media: lirc: Fix error handling in lirc_register() (git-fixes).
- media: pci: ivtv: Add missing check after DMA map (git-fixes).
- media: rc: fix races with imon_disconnect() (git-fixes).
- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
- media: st-delta: avoid excessive stack usage (git-fixes).
- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).
- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).
- media: zoran: Remove zoran_fh structure (git-fixes).
- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).
- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).
- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).
- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).
- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).
- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
- mm: move page table sync declarations to linux/pgtable.h (git-fixes).
- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
- mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).
- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).
- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).
- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).
- net: nfc: nci: Add parameter validation for packet data (git-fixes).
- net: phy: fix phy_uses_state_machine() (git-fixes).
- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).
- net: rose: convert 'use' field to refcount_t (git-fixes).
- net: rose: fix a typo in rose_clear_routes() (git-fixes).
- net: rose: include node references in rose_neigh refcount (git-fixes).
- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).
- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).
- net: usb: cdc-ncm: check for filtering capability (git-fixes).
- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).
- netfilter: conntrack: fix extension size table (git-fixes).
- netfilter: flowtable: GC pushes back packets to classic path (git-fixes).
- netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).
- netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).
- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
- netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).
- netfilter: nf_tables: Audit log rule reset (git-fixes).
- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).
- netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).
- netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).
- netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).
- netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).
- netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).
- netfilter: nf_tables: Unbreak audit log reset (git-fixes).
- netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).
- netfilter: nf_tables: audit log object reset once per table (git-fixes).
- netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).
- netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).
- netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: nft_obj_filter fits into cb->ctx (git-fixes).
- netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).
- netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).
- netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).
- netfilter: nft_payload: fix wrong mac header matching (git-fixes).
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).
- netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).
- netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).
- netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).
- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).
- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
- nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).
- nvme-pci: try function level reset on init failure (git-fixes).
- nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).
- nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500).
- nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).
- orangefs: Remove unused type in macro fill_default_sys_attrs (git-fixes).
- pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).
- pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).
- pcmcia: omap: Add missing check for platform_get_resource (git-fixes).
- phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568 (git-fixes).
- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
- phy: ti-pipe3: fix device leak at unbind (git-fixes).
- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
- pinctrl: renesas: Use int type to store negative error codes (git-fixes).
- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).
- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
- platform/x86: think-lmi: Fix class device unregistration (git-fixes).
- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).
- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).
- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).
- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).
- power: supply: max77976_charger: fix constant current reporting (git-fixes).
- pptp: fix pptp_xmit() error path (git-fixes).
- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).
- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).
- rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)
- rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)
- rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain real-time response in (bsc#1246298)
- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)
- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)
- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).
- regulator: scmi: Use int type to store negative error codes (git-fixes).
- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
- rpm: Configure KABI checkingness macro (bsc#1249186)
- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186)
- rpm: Link arch-symbols script from scripts directory.
- rpm: Link guards script from scripts directory.
- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).
- s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).
- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).
- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).
- s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).
- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).
- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).
- s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).
- sched/deadline: Collect sched_dl_entity initialization (git-fixes)
- sched/fair: Remove unused parameter from sched_asym() (git-fixes)
- sched/fair: Take the scheduling domain into account in (git-fixes)
- sched/isolation: Fix boot crash when maxcpus < first (git-fixes)
- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)
- scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).
- scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).
- scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519).
- scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).
- scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).
- scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).
- scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).
- scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).
- scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).
- scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519).
- scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).
- scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519).
- scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
- scsi: lpfc: Use int type to store negative error codes (bsc#1250519).
- scsi: lpfc: use min() to improve code (bsc#1250519).
- scsi: qla2xxx: Avoid stack frame size warning in qla_dfs (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp() (git-fixes).
- scsi: qla2xxx: Remove firmware URL (git-fixes).
- scsi: qla2xxx: Use secs_to_jiffies() instead of msecs_to_jiffies() (git-fixes).
- scsi: qla2xxx: edif: Fix incorrect sign of error code (git-fixes).
- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes).
- selftests/bpf: Add asserts for netfilter link info (git-fixes).
- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).
- selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).
- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).
- selftests: bpf: test batch lookup on array of maps with holes (git-fixes).
- serial: max310x: Add error checking in probe() (git-fixes).
- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).
- spi: bcm2835: Remove redundant semicolons (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).
- spi: mtk-snfi: Remove redundant semicolons (git-fixes).
- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).
- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
- struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).
- struct ci_hdrc: new member has_short_pkt_limit to end (git-fixes).
- struct l2cap_chan: shift new member rx_avail to end (git-fixes).
- supported.conf: mark hyperv_drm as external
- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
- thunderbolt: Compare HMAC values in constant time (git-fixes).
- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).
- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).
- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
- usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag (git-fixes).
- usb: core: Add 0x prefix to quirks debug output (stable-fixes).
- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).
- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).
- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).
- usb: typec: fusb302: cache PD RX state (git-fixes).
- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).
- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).
- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).
- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).
- usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register (git-fixes).
- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).
- use uniform permission checks for all mount propagation changes (git-fixes).
- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).
- vhost-scsi: Return queue full for page alloc failures during copy (git-fixes).
- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).
- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).
- vhost: fail early when __vhost_add_used() fails (git-fixes).
- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).
- vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- vsock: Allow retrying on connect() failure (git-fixes).
- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes).
- vsock: avoid timeout during connect() if the socket is closing (git-fixes).
- watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (git-fixes).
- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).
- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).
- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).
- wifi: ath11k: fix group data packet drops during rekey (git-fixes).
- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).
- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).
- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).
- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).
- wifi: mac80211: fix incorrect type for ret (stable-fixes).
- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).
- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).
- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
- wifi: mwifiex: send world regulatory domain to driver (git-fixes).
- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).
- wifi: virt_wifi: Fix page fault on connect (stable-fixes).
- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).
- writeback: Avoid contention on wb->list_lock when switching inodes (bsc#1237776).
- writeback: Avoid contention on wb->list_lock when switching inodes (kABI fixup) (bsc#1237776).
- writeback: Avoid excessively long inode switching times (bsc#1237776).
- writeback: Avoid softlockup when switching many inodes (bsc#1237776).
- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
- x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).
- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).
- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).
- xen/netfront: Fix TX response spurious interrupts (git-fixes).
- xen: Add support for XenServer 6.1 platform device (git-fixes).
- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).
- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).
- xfs: rework datasync tracking and execution (bsc#1237449).
- xhci: Fix control transfer error on Etron xHCI host (git-fixes).
- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).
- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1194869SUSE bug 1213061SUSE bug 1213666SUSE bug 1214073SUSE bug 1214928SUSE bug 1214953SUSE bug 1215150SUSE bug 1215696SUSE bug 1216436SUSE bug 1216976SUSE bug 1218644SUSE bug 1220186SUSE bug 1220419SUSE bug 1229165SUSE bug 1230062SUSE bug 1236897SUSE bug 1237449SUSE bug 1237776SUSE bug 1240324SUSE bug 1241166SUSE bug 1241292SUSE bug 1241353SUSE bug 1241866SUSE bug 1243100SUSE bug 1243112SUSE bug 1245193SUSE bug 1245260SUSE bug 1245700SUSE bug 1246057SUSE bug 1246125SUSE bug 1246190SUSE bug 1246248SUSE bug 1246298SUSE bug 1246509SUSE bug 1246782SUSE bug 1247099SUSE bug 1247118SUSE bug 1247126SUSE bug 1247136SUSE bug 1247137SUSE bug 1247223SUSE bug 1247239SUSE bug 1247262SUSE bug 1247442SUSE bug 1247483SUSE bug 1247500SUSE bug 1247963SUSE bug 1248111SUSE bug 1248121SUSE bug 1248192SUSE bug 1248199SUSE bug 1248200SUSE bug 1248202SUSE bug 1248225SUSE bug 1248296SUSE bug 1248334SUSE bug 1248343SUSE bug 1248357SUSE bug 1248360SUSE bug 1248365SUSE bug 1248378SUSE bug 1248380SUSE bug 1248392SUSE bug 1248512SUSE bug 1248610SUSE bug 1248619SUSE bug 1248622SUSE bug 1248626SUSE bug 1248628SUSE bug 1248634SUSE bug 1248639SUSE bug 1248647SUSE bug 1248674SUSE bug 1248681SUSE bug 1248733SUSE bug 1248734SUSE bug 1248735SUSE bug 1248775SUSE bug 1248847SUSE bug 1249122SUSE bug 1249123SUSE bug 1249124SUSE bug 1249125SUSE bug 1249126SUSE bug 1249143SUSE bug 1249156SUSE bug 1249159SUSE bug 1249163SUSE bug 1249164SUSE bug 1249166SUSE bug 1249169SUSE bug 1249170SUSE bug 1249172SUSE bug 1249176SUSE bug 1249177SUSE bug 1249186SUSE bug 1249190SUSE bug 1249194SUSE bug 1249195SUSE bug 1249196SUSE bug 1249199SUSE bug 1249200SUSE bug 1249202SUSE bug 1249203SUSE bug 1249204SUSE bug 1249206SUSE bug 1249215SUSE bug 1249220SUSE bug 1249221SUSE bug 1249254SUSE bug 1249255SUSE bug 1249257SUSE bug 1249258SUSE bug 1249260SUSE bug 1249262SUSE bug 1249263SUSE bug 1249265SUSE bug 1249266SUSE bug 1249271SUSE bug 1249272SUSE bug 1249273SUSE bug 1249278SUSE bug 1249279SUSE bug 1249281SUSE bug 1249282SUSE bug 1249284SUSE bug 1249285SUSE bug 1249288SUSE bug 1249290SUSE bug 1249292SUSE bug 1249295SUSE bug 1249296SUSE bug 1249299SUSE bug 1249300SUSE bug 1249303SUSE bug 1249304SUSE bug 1249305SUSE bug 1249308SUSE bug 1249312SUSE bug 1249315SUSE bug 1249318SUSE bug 1249321SUSE bug 1249323SUSE bug 1249324SUSE bug 1249334SUSE bug 1249338SUSE bug 1249346SUSE bug 1249374SUSE bug 1249413SUSE bug 1249479SUSE bug 1249481SUSE bug 1249482SUSE bug 1249486SUSE bug 1249488SUSE bug 1249489SUSE bug 1249490SUSE bug 1249494SUSE bug 1249504SUSE bug 1249506SUSE bug 1249508SUSE bug 1249510SUSE bug 1249513SUSE bug 1249515SUSE bug 1249516SUSE bug 1249522SUSE bug 1249523SUSE bug 1249524SUSE bug 1249526SUSE bug 1249533SUSE bug 1249538SUSE bug 1249540SUSE bug 1249542SUSE bug 1249545SUSE bug 1249548SUSE bug 1249554SUSE bug 1249598SUSE bug 1249604SUSE bug 1249608SUSE bug 1249615SUSE bug 1249640SUSE bug 1249641SUSE bug 1249642SUSE bug 1249658SUSE bug 1249662SUSE bug 1249672SUSE bug 1249673SUSE bug 1249677SUSE bug 1249678SUSE bug 1249679SUSE bug 1249682SUSE bug 1249687SUSE bug 1249698SUSE bug 1249707SUSE bug 1249712SUSE bug 1249730SUSE bug 1249756SUSE bug 1249758SUSE bug 1249761SUSE bug 1249762SUSE bug 1249768SUSE bug 1249770SUSE bug 1249774SUSE bug 1249779SUSE bug 1249780SUSE bug 1249785SUSE bug 1249787SUSE bug 1249795SUSE bug 1249815SUSE bug 1249820SUSE bug 1249823SUSE bug 1249824SUSE bug 1249825SUSE bug 1249826SUSE bug 1249833SUSE bug 1249842SUSE bug 1249845SUSE bug 1249849SUSE bug 1249850SUSE bug 1249853SUSE bug 1249856SUSE bug 1249861SUSE bug 1249863SUSE bug 1249864SUSE bug 1249865SUSE bug 1249866SUSE bug 1249869SUSE bug 1249870SUSE bug 1249880SUSE bug 1249883SUSE bug 1249888SUSE bug 1249894SUSE bug 1249896SUSE bug 1249897SUSE bug 1249901SUSE bug 1249911SUSE bug 1249917SUSE bug 1249919SUSE bug 1249923SUSE bug 1249926SUSE bug 1249938SUSE bug 1249949SUSE bug 1249950SUSE bug 1249952SUSE bug 1249975SUSE bug 1249979SUSE bug 1249984SUSE bug 1249988SUSE bug 1249990SUSE bug 1249993SUSE bug 1249994SUSE bug 1249997SUSE bug 1250002SUSE bug 1250004SUSE bug 1250006SUSE bug 1250007SUSE bug 1250012SUSE bug 1250022SUSE bug 1250024SUSE bug 1250025SUSE bug 1250028SUSE bug 1250029SUSE bug 1250035SUSE bug 1250049SUSE bug 1250055SUSE bug 1250057SUSE bug 1250058SUSE bug 1250062SUSE bug 1250063SUSE bug 1250065SUSE bug 1250066SUSE bug 1250067SUSE bug 1250069SUSE bug 1250070SUSE bug 1250073SUSE bug 1250074SUSE bug 1250088SUSE bug 1250089SUSE bug 1250106SUSE bug 1250112SUSE bug 1250117SUSE bug 1250120SUSE bug 1250125SUSE bug 1250127SUSE bug 1250128SUSE bug 1250145SUSE bug 1250150SUSE bug 1250156SUSE bug 1250157SUSE bug 1250161SUSE bug 1250163SUSE bug 1250166SUSE bug 1250167SUSE bug 1250169SUSE bug 1250171SUSE bug 1250177SUSE bug 1250179SUSE bug 1250180SUSE bug 1250186SUSE bug 1250196SUSE bug 1250198SUSE bug 1250199SUSE bug 1250201SUSE bug 1250203SUSE bug 1250204SUSE bug 1250206SUSE bug 1250208SUSE bug 1250241SUSE bug 1250242SUSE bug 1250243SUSE bug 1250247SUSE bug 1250249SUSE bug 1250251SUSE bug 1250262SUSE bug 1250263SUSE bug 1250266SUSE bug 1250267SUSE bug 1250268SUSE bug 1250275SUSE bug 1250276SUSE bug 1250281SUSE bug 1250290SUSE bug 1250291SUSE bug 1250292SUSE bug 1250294SUSE bug 1250297SUSE bug 1250298SUSE bug 1250313SUSE bug 1250319SUSE bug 1250323SUSE bug 1250325SUSE bug 1250329SUSE bug 1250336SUSE bug 1250337SUSE bug 1250344SUSE bug 1250358SUSE bug 1250365SUSE bug 1250371SUSE bug 1250377SUSE bug 1250384SUSE bug 1250389SUSE bug 1250395SUSE bug 1250397SUSE bug 1250402SUSE bug 1250406SUSE bug 1250407SUSE bug 1250426SUSE bug 1250450SUSE bug 1250459SUSE bug 1250519SUSE bug 1250522SUSE bug 1250530SUSE bug 1250655SUSE bug 1250712SUSE bug 1250713SUSE bug 1250732SUSE bug 1250736SUSE bug 1250741SUSE bug 1250759SUSE bug 1250763SUSE bug 1250765SUSE bug 1250807SUSE bug 1250808SUSE bug 1250809SUSE bug 1250812SUSE bug 1250813SUSE bug 1250815SUSE bug 1250816SUSE bug 1250820SUSE bug 1250823SUSE bug 1250825SUSE bug 1250827SUSE bug 1250830SUSE bug 1250831SUSE bug 1250837SUSE bug 1250841SUSE bug 1250861SUSE bug 1250863SUSE bug 1250867SUSE bug 1250872SUSE bug 1250873SUSE bug 1250878SUSE bug 1250905SUSE bug 1250907SUSE bug 1250917SUSE bug 1250918SUSE bug 1250923SUSE bug 1250926SUSE bug 1250928SUSE bug 1250929SUSE bug 1250930SUSE bug 1250931SUSE bug 1250941SUSE bug 1250942SUSE bug 1250949SUSE bug 1250952SUSE bug 1250957SUSE bug 1250964CVE-2023-31248 at SUSECVE-2023-31248 at NVDCVE-2023-3772 at SUSECVE-2023-3772 at NVDCVE-2023-39197 at SUSECVE-2023-39197 at NVDCVE-2023-42753 at SUSECVE-2023-42753 at NVDCVE-2023-53147 at SUSECVE-2023-53147 at NVDCVE-2023-53148 at SUSECVE-2023-53148 at NVDCVE-2023-53150 at SUSECVE-2023-53150 at NVDCVE-2023-53151 at SUSECVE-2023-53151 at NVDCVE-2023-53152 at SUSECVE-2023-53152 at NVDCVE-2023-53165 at SUSECVE-2023-53165 at NVDCVE-2023-53167 at SUSECVE-2023-53167 at NVDCVE-2023-53170 at SUSECVE-2023-53170 at NVDCVE-2023-53174 at SUSECVE-2023-53174 at NVDCVE-2023-53175 at SUSECVE-2023-53175 at NVDCVE-2023-53177 at SUSECVE-2023-53177 at NVDCVE-2023-53179 at SUSECVE-2023-53179 at NVDCVE-2023-53180 at SUSECVE-2023-53180 at NVDCVE-2023-53181 at SUSECVE-2023-53181 at NVDCVE-2023-53183 at SUSECVE-2023-53183 at NVDCVE-2023-53184 at SUSECVE-2023-53184 at NVDCVE-2023-53185 at SUSECVE-2023-53185 at NVDCVE-2023-53187 at SUSECVE-2023-53187 at NVDCVE-2023-53189 at SUSECVE-2023-53189 at NVDCVE-2023-53192 at SUSECVE-2023-53192 at NVDCVE-2023-53195 at SUSECVE-2023-53195 at NVDCVE-2023-53196 at SUSECVE-2023-53196 at NVDCVE-2023-53201 at SUSECVE-2023-53201 at NVDCVE-2023-53204 at SUSECVE-2023-53204 at NVDCVE-2023-53205 at SUSECVE-2023-53205 at NVDCVE-2023-53206 at SUSECVE-2023-53206 at NVDCVE-2023-53207 at SUSECVE-2023-53207 at NVDCVE-2023-53208 at SUSECVE-2023-53208 at NVDCVE-2023-53209 at SUSECVE-2023-53209 at NVDCVE-2023-53210 at SUSECVE-2023-53210 at NVDCVE-2023-53215 at SUSECVE-2023-53215 at NVDCVE-2023-53217 at SUSECVE-2023-53217 at NVDCVE-2023-53220 at SUSECVE-2023-53220 at NVDCVE-2023-53221 at SUSECVE-2023-53221 at NVDCVE-2023-53222 at SUSECVE-2023-53222 at NVDCVE-2023-53226 at SUSECVE-2023-53226 at NVDCVE-2023-53230 at SUSECVE-2023-53230 at NVDCVE-2023-53231 at SUSECVE-2023-53231 at NVDCVE-2023-53235 at SUSECVE-2023-53235 at NVDCVE-2023-53238 at SUSECVE-2023-53238 at NVDCVE-2023-53243 at SUSECVE-2023-53243 at NVDCVE-2023-53245 at SUSECVE-2023-53245 at NVDCVE-2023-53247 at SUSECVE-2023-53247 at NVDCVE-2023-53248 at SUSECVE-2023-53248 at NVDCVE-2023-53249 at SUSECVE-2023-53249 at NVDCVE-2023-53251 at SUSECVE-2023-53251 at NVDCVE-2023-53252 at SUSECVE-2023-53252 at NVDCVE-2023-53255 at SUSECVE-2023-53255 at NVDCVE-2023-53257 at SUSECVE-2023-53257 at NVDCVE-2023-53258 at SUSECVE-2023-53258 at NVDCVE-2023-53260 at SUSECVE-2023-53260 at NVDCVE-2023-53261 at SUSECVE-2023-53261 at NVDCVE-2023-53263 at SUSECVE-2023-53263 at NVDCVE-2023-53264 at SUSECVE-2023-53264 at NVDCVE-2023-53272 at SUSECVE-2023-53272 at NVDCVE-2023-53274 at SUSECVE-2023-53274 at NVDCVE-2023-53275 at SUSECVE-2023-53275 at NVDCVE-2023-53280 at SUSECVE-2023-53280 at NVDCVE-2023-53286 at SUSECVE-2023-53286 at NVDCVE-2023-53287 at SUSECVE-2023-53287 at NVDCVE-2023-53288 at SUSECVE-2023-53288 at NVDCVE-2023-53291 at SUSECVE-2023-53291 at NVDCVE-2023-53292 at SUSECVE-2023-53292 at NVDCVE-2023-53303 at SUSECVE-2023-53303 at NVDCVE-2023-53304 at SUSECVE-2023-53304 at NVDCVE-2023-53305 at SUSECVE-2023-53305 at NVDCVE-2023-53309 at SUSECVE-2023-53309 at NVDCVE-2023-53311 at SUSECVE-2023-53311 at NVDCVE-2023-53312 at SUSECVE-2023-53312 at NVDCVE-2023-53313 at SUSECVE-2023-53313 at NVDCVE-2023-53314 at SUSECVE-2023-53314 at NVDCVE-2023-53316 at SUSECVE-2023-53316 at NVDCVE-2023-53319 at SUSECVE-2023-53319 at NVDCVE-2023-53321 at SUSECVE-2023-53321 at NVDCVE-2023-53322 at SUSECVE-2023-53322 at NVDCVE-2023-53323 at SUSECVE-2023-53323 at NVDCVE-2023-53324 at SUSECVE-2023-53324 at NVDCVE-2023-53325 at SUSECVE-2023-53325 at NVDCVE-2023-53328 at SUSECVE-2023-53328 at NVDCVE-2023-53331 at SUSECVE-2023-53331 at NVDCVE-2023-53333 at SUSECVE-2023-53333 at NVDCVE-2023-53336 at SUSECVE-2023-53336 at NVDCVE-2023-53338 at SUSECVE-2023-53338 at NVDCVE-2023-53339 at SUSECVE-2023-53339 at NVDCVE-2023-53342 at SUSECVE-2023-53342 at NVDCVE-2023-53343 at SUSECVE-2023-53343 at NVDCVE-2023-53350 at SUSECVE-2023-53350 at NVDCVE-2023-53352 at SUSECVE-2023-53352 at NVDCVE-2023-53354 at SUSECVE-2023-53354 at NVDCVE-2023-53356 at SUSECVE-2023-53356 at NVDCVE-2023-53357 at SUSECVE-2023-53357 at NVDCVE-2023-53360 at SUSECVE-2023-53360 at NVDCVE-2023-53362 at SUSECVE-2023-53362 at NVDCVE-2023-53364 at SUSECVE-2023-53364 at NVDCVE-2023-53365 at SUSECVE-2023-53365 at NVDCVE-2023-53367 at SUSECVE-2023-53367 at NVDCVE-2023-53368 at SUSECVE-2023-53368 at NVDCVE-2023-53369 at SUSECVE-2023-53369 at NVDCVE-2023-53370 at SUSECVE-2023-53370 at NVDCVE-2023-53371 at SUSECVE-2023-53371 at NVDCVE-2023-53374 at SUSECVE-2023-53374 at NVDCVE-2023-53377 at SUSECVE-2023-53377 at NVDCVE-2023-53379 at SUSECVE-2023-53379 at NVDCVE-2023-53380 at SUSECVE-2023-53380 at NVDCVE-2023-53384 at SUSECVE-2023-53384 at NVDCVE-2023-53385 at SUSECVE-2023-53385 at NVDCVE-2023-53386 at SUSECVE-2023-53386 at NVDCVE-2023-53391 at SUSECVE-2023-53391 at NVDCVE-2023-53394 at SUSECVE-2023-53394 at NVDCVE-2023-53395 at SUSECVE-2023-53395 at NVDCVE-2023-53397 at SUSECVE-2023-53397 at NVDCVE-2023-53401 at SUSECVE-2023-53401 at NVDCVE-2023-53420 at SUSECVE-2023-53420 at NVDCVE-2023-53421 at SUSECVE-2023-53421 at NVDCVE-2023-53424 at SUSECVE-2023-53424 at NVDCVE-2023-53425 at SUSECVE-2023-53425 at NVDCVE-2023-53426 at SUSECVE-2023-53426 at NVDCVE-2023-53428 at SUSECVE-2023-53428 at NVDCVE-2023-53429 at SUSECVE-2023-53429 at NVDCVE-2023-53432 at SUSECVE-2023-53432 at NVDCVE-2023-53436 at SUSECVE-2023-53436 at NVDCVE-2023-53438 at SUSECVE-2023-53438 at NVDCVE-2023-53441 at SUSECVE-2023-53441 at NVDCVE-2023-53442 at SUSECVE-2023-53442 at NVDCVE-2023-53444 at SUSECVE-2023-53444 at NVDCVE-2023-53446 at SUSECVE-2023-53446 at NVDCVE-2023-53447 at SUSECVE-2023-53447 at NVDCVE-2023-53448 at SUSECVE-2023-53448 at NVDCVE-2023-53451 at SUSECVE-2023-53451 at NVDCVE-2023-53454 at SUSECVE-2023-53454 at NVDCVE-2023-53456 at SUSECVE-2023-53456 at NVDCVE-2023-53457 at SUSECVE-2023-53457 at NVDCVE-2023-53461 at SUSECVE-2023-53461 at NVDCVE-2023-53462 at SUSECVE-2023-53462 at NVDCVE-2023-53463 at SUSECVE-2023-53463 at NVDCVE-2023-53465 at SUSECVE-2023-53465 at NVDCVE-2023-53472 at SUSECVE-2023-53472 at NVDCVE-2023-53479 at SUSECVE-2023-53479 at NVDCVE-2023-53480 at SUSECVE-2023-53480 at NVDCVE-2023-53485 at SUSECVE-2023-53485 at NVDCVE-2023-53487 at SUSECVE-2023-53487 at NVDCVE-2023-53488 at SUSECVE-2023-53488 at NVDCVE-2023-53490 at SUSECVE-2023-53490 at NVDCVE-2023-53491 at SUSECVE-2023-53491 at NVDCVE-2023-53492 at SUSECVE-2023-53492 at NVDCVE-2023-53493 at SUSECVE-2023-53493 at NVDCVE-2023-53495 at SUSECVE-2023-53495 at NVDCVE-2023-53496 at SUSECVE-2023-53496 at NVDCVE-2023-53500 at SUSECVE-2023-53500 at NVDCVE-2023-53501 at SUSECVE-2023-53501 at NVDCVE-2023-53504 at SUSECVE-2023-53504 at NVDCVE-2023-53505 at SUSECVE-2023-53505 at NVDCVE-2023-53507 at SUSECVE-2023-53507 at NVDCVE-2023-53508 at SUSECVE-2023-53508 at NVDCVE-2023-53510 at SUSECVE-2023-53510 at NVDCVE-2023-53515 at SUSECVE-2023-53515 at NVDCVE-2023-53516 at SUSECVE-2023-53516 at NVDCVE-2023-53518 at SUSECVE-2023-53518 at NVDCVE-2023-53519 at SUSECVE-2023-53519 at NVDCVE-2023-53520 at SUSECVE-2023-53520 at NVDCVE-2023-53523 at SUSECVE-2023-53523 at NVDCVE-2023-53526 at SUSECVE-2023-53526 at NVDCVE-2023-53527 at SUSECVE-2023-53527 at NVDCVE-2023-53528 at SUSECVE-2023-53528 at NVDCVE-2023-53530 at SUSECVE-2023-53530 at NVDCVE-2023-53531 at SUSECVE-2023-53531 at NVDCVE-2024-26584 at SUSECVE-2024-26584 at NVDCVE-2024-58090 at SUSECVE-2024-58090 at NVDCVE-2024-58240 at SUSECVE-2024-58240 at NVDCVE-2025-22022 at SUSECVE-2025-22022 at NVDCVE-2025-38119 at SUSECVE-2025-38119 at NVDCVE-2025-38234 at SUSECVE-2025-38234 at NVDCVE-2025-38255 at SUSECVE-2025-38255 at NVDCVE-2025-38263 at SUSECVE-2025-38263 at NVDCVE-2025-38351 at SUSECVE-2025-38351 at NVDCVE-2025-38402 at SUSECVE-2025-38402 at NVDCVE-2025-38408 at SUSECVE-2025-38408 at NVDCVE-2025-38418 at SUSECVE-2025-38418 at NVDCVE-2025-38419 at SUSECVE-2025-38419 at NVDCVE-2025-38456 at SUSECVE-2025-38456 at NVDCVE-2025-38465 at SUSECVE-2025-38465 at NVDCVE-2025-38466 at SUSECVE-2025-38466 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-38514 at SUSECVE-2025-38514 at NVDCVE-2025-38526 at SUSECVE-2025-38526 at NVDCVE-2025-38527 at SUSECVE-2025-38527 at NVDCVE-2025-38533 at SUSECVE-2025-38533 at NVDCVE-2025-38544 at SUSECVE-2025-38544 at NVDCVE-2025-38556 at SUSECVE-2025-38556 at NVDCVE-2025-38574 at SUSECVE-2025-38574 at NVDCVE-2025-38584 at SUSECVE-2025-38584 at NVDCVE-2025-38590 at SUSECVE-2025-38590 at NVDCVE-2025-38593 at SUSECVE-2025-38593 at NVDCVE-2025-38595 at SUSECVE-2025-38595 at NVDCVE-2025-38597 at SUSECVE-2025-38597 at NVDCVE-2025-38605 at SUSECVE-2025-38605 at NVDCVE-2025-38614 at SUSECVE-2025-38614 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDCVE-2025-38622 at SUSECVE-2025-38622 at NVDCVE-2025-38623 at SUSECVE-2025-38623 at NVDCVE-2025-38639 at SUSECVE-2025-38639 at NVDCVE-2025-38640 at SUSECVE-2025-38640 at NVDCVE-2025-38643 at SUSECVE-2025-38643 at NVDCVE-2025-38645 at SUSECVE-2025-38645 at NVDCVE-2025-38659 at SUSECVE-2025-38659 at NVDCVE-2025-38660 at SUSECVE-2025-38660 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDCVE-2025-38668 at SUSECVE-2025-38668 at NVDCVE-2025-38676 at SUSECVE-2025-38676 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDCVE-2025-38679 at SUSECVE-2025-38679 at NVDCVE-2025-38680 at SUSECVE-2025-38680 at NVDCVE-2025-38681 at SUSECVE-2025-38681 at NVDCVE-2025-38683 at SUSECVE-2025-38683 at NVDCVE-2025-38684 at SUSECVE-2025-38684 at NVDCVE-2025-38685 at SUSECVE-2025-38685 at NVDCVE-2025-38687 at SUSECVE-2025-38687 at NVDCVE-2025-38691 at SUSECVE-2025-38691 at NVDCVE-2025-38692 at SUSECVE-2025-38692 at NVDCVE-2025-38693 at SUSECVE-2025-38693 at NVDCVE-2025-38694 at SUSECVE-2025-38694 at NVDCVE-2025-38695 at SUSECVE-2025-38695 at NVDCVE-2025-38697 at SUSECVE-2025-38697 at NVDCVE-2025-38698 at SUSECVE-2025-38698 at NVDCVE-2025-38701 at SUSECVE-2025-38701 at NVDCVE-2025-38702 at SUSECVE-2025-38702 at NVDCVE-2025-38705 at SUSECVE-2025-38705 at NVDCVE-2025-38706 at SUSECVE-2025-38706 at NVDCVE-2025-38709 at SUSECVE-2025-38709 at NVDCVE-2025-38712 at SUSECVE-2025-38712 at NVDCVE-2025-38713 at SUSECVE-2025-38713 at NVDCVE-2025-38714 at SUSECVE-2025-38714 at NVDCVE-2025-38715 at SUSECVE-2025-38715 at NVDCVE-2025-38721 at SUSECVE-2025-38721 at NVDCVE-2025-38722 at SUSECVE-2025-38722 at NVDCVE-2025-38724 at SUSECVE-2025-38724 at NVDCVE-2025-38725 at SUSECVE-2025-38725 at NVDCVE-2025-38727 at SUSECVE-2025-38727 at NVDCVE-2025-38729 at SUSECVE-2025-38729 at NVDCVE-2025-38730 at SUSECVE-2025-38730 at NVDCVE-2025-38732 at SUSECVE-2025-38732 at NVDCVE-2025-38734 at SUSECVE-2025-38734 at NVDCVE-2025-38735 at SUSECVE-2025-38735 at NVDCVE-2025-38736 at SUSECVE-2025-38736 at NVDCVE-2025-39675 at SUSECVE-2025-39675 at NVDCVE-2025-39677 at SUSECVE-2025-39677 at NVDCVE-2025-39678 at SUSECVE-2025-39678 at NVDCVE-2025-39679 at SUSECVE-2025-39679 at NVDCVE-2025-39681 at SUSECVE-2025-39681 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-39684 at SUSECVE-2025-39684 at NVDCVE-2025-39685 at SUSECVE-2025-39685 at NVDCVE-2025-39686 at SUSECVE-2025-39686 at NVDCVE-2025-39691 at SUSECVE-2025-39691 at NVDCVE-2025-39693 at SUSECVE-2025-39693 at NVDCVE-2025-39694 at SUSECVE-2025-39694 at NVDCVE-2025-39701 at SUSECVE-2025-39701 at NVDCVE-2025-39703 at SUSECVE-2025-39703 at NVDCVE-2025-39705 at SUSECVE-2025-39705 at NVDCVE-2025-39706 at SUSECVE-2025-39706 at NVDCVE-2025-39709 at SUSECVE-2025-39709 at NVDCVE-2025-39710 at SUSECVE-2025-39710 at NVDCVE-2025-39713 at SUSECVE-2025-39713 at NVDCVE-2025-39714 at SUSECVE-2025-39714 at NVDCVE-2025-39718 at SUSECVE-2025-39718 at NVDCVE-2025-39719 at SUSECVE-2025-39719 at NVDCVE-2025-39721 at SUSECVE-2025-39721 at NVDCVE-2025-39724 at SUSECVE-2025-39724 at NVDCVE-2025-39726 at SUSECVE-2025-39726 at NVDCVE-2025-39730 at SUSECVE-2025-39730 at NVDCVE-2025-39732 at SUSECVE-2025-39732 at NVDCVE-2025-39738 at SUSECVE-2025-39738 at NVDCVE-2025-39739 at SUSECVE-2025-39739 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-39743 at SUSECVE-2025-39743 at NVDCVE-2025-39744 at SUSECVE-2025-39744 at NVDCVE-2025-39746 at SUSECVE-2025-39746 at NVDCVE-2025-39749 at SUSECVE-2025-39749 at NVDCVE-2025-39750 at SUSECVE-2025-39750 at NVDCVE-2025-39751 at SUSECVE-2025-39751 at NVDCVE-2025-39754 at SUSECVE-2025-39754 at NVDCVE-2025-39757 at SUSECVE-2025-39757 at NVDCVE-2025-39758 at SUSECVE-2025-39758 at NVDCVE-2025-39759 at SUSECVE-2025-39759 at NVDCVE-2025-39760 at SUSECVE-2025-39760 at NVDCVE-2025-39761 at SUSECVE-2025-39761 at NVDCVE-2025-39763 at SUSECVE-2025-39763 at NVDCVE-2025-39764 at SUSECVE-2025-39764 at NVDCVE-2025-39766 at SUSECVE-2025-39766 at NVDCVE-2025-39770 at SUSECVE-2025-39770 at NVDCVE-2025-39772 at SUSECVE-2025-39772 at NVDCVE-2025-39773 at SUSECVE-2025-39773 at NVDCVE-2025-39782 at SUSECVE-2025-39782 at NVDCVE-2025-39783 at SUSECVE-2025-39783 at NVDCVE-2025-39787 at SUSECVE-2025-39787 at NVDCVE-2025-39790 at SUSECVE-2025-39790 at NVDCVE-2025-39797 at SUSECVE-2025-39797 at NVDCVE-2025-39798 at SUSECVE-2025-39798 at NVDCVE-2025-39800 at SUSECVE-2025-39800 at NVDCVE-2025-39801 at SUSECVE-2025-39801 at NVDCVE-2025-39806 at SUSECVE-2025-39806 at NVDCVE-2025-39808 at SUSECVE-2025-39808 at NVDCVE-2025-39810 at SUSECVE-2025-39810 at NVDCVE-2025-39823 at SUSECVE-2025-39823 at NVDCVE-2025-39824 at SUSECVE-2025-39824 at NVDCVE-2025-39825 at SUSECVE-2025-39825 at NVDCVE-2025-39826 at SUSECVE-2025-39826 at NVDCVE-2025-39827 at SUSECVE-2025-39827 at NVDCVE-2025-39832 at SUSECVE-2025-39832 at NVDCVE-2025-39833 at SUSECVE-2025-39833 at NVDCVE-2025-39835 at SUSECVE-2025-39835 at NVDCVE-2025-39838 at SUSECVE-2025-39838 at NVDCVE-2025-39839 at SUSECVE-2025-39839 at NVDCVE-2025-39842 at SUSECVE-2025-39842 at NVDCVE-2025-39844 at SUSECVE-2025-39844 at NVDCVE-2025-39845 at SUSECVE-2025-39845 at NVDCVE-2025-39846 at SUSECVE-2025-39846 at NVDCVE-2025-39847 at SUSECVE-2025-39847 at NVDCVE-2025-39848 at SUSECVE-2025-39848 at NVDCVE-2025-39849 at SUSECVE-2025-39849 at NVDCVE-2025-39850 at SUSECVE-2025-39850 at NVDCVE-2025-39853 at SUSECVE-2025-39853 at NVDCVE-2025-39854 at SUSECVE-2025-39854 at NVDCVE-2025-39857 at SUSECVE-2025-39857 at NVDCVE-2025-39860 at SUSECVE-2025-39860 at NVDCVE-2025-39861 at SUSECVE-2025-39861 at NVDCVE-2025-39863 at SUSECVE-2025-39863 at NVDCVE-2025-39864 at SUSECVE-2025-39864 at NVDCVE-2025-39865 at SUSECVE-2025-39865 at NVDCVE-2025-39869 at SUSECVE-2025-39869 at NVDCVE-2025-39870 at SUSECVE-2025-39870 at NVDCVE-2025-39871 at SUSECVE-2025-39871 at NVDCVE-2025-39873 at SUSECVE-2025-39873 at NVDCVE-2025-39882 at SUSECVE-2025-39882 at NVDCVE-2025-39885 at SUSECVE-2025-39885 at NVDCVE-2025-39889 at SUSECVE-2025-39889 at NVDCVE-2025-39891 at SUSECVE-2025-39891 at NVDCVE-2025-39907 at SUSECVE-2025-39907 at NVDCVE-2025-39920 at SUSECVE-2025-39920 at NVDCVE-2025-39923 at SUSECVE-2025-39923 at NVDCVE-2025-39925 at SUSECVE-2025-39925 at NVDCVE-2025-40300 at SUSECVE-2025-40300 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-53237: Fixed bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008)
- CVE-2024-53082: Fixed virtio_net: Add hash_key_length check (bsc#1233677)
- CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability (bsc#1240840)
- CVE-2024-56650: Fixed netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431)
ModerateSUSE bug 1233677SUSE bug 1235008SUSE bug 1235431SUSE bug 1240840CVE-2024-53082 at SUSECVE-2024-53082 at NVDCVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-8805 at SUSECVE-2024-8805 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_12 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_12 fixes the following issues:
New livepatch SLE Micro 6.0/6.1 kernel update 12.
Moderatecpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer (bsc#1249770).
- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
- CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
- CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
- CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
- CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).
- CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
- CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
- CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).
- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
- CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
- CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
- CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
- CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
- CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
- CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
- CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
- CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
- CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
- CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
- CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
- CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
- CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
- CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
- CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).
- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
- CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).
- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
- CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
- CVE-2025-39832: net/mlx5: Fix lockdep assertion on sync reset unload event (bsc#1249901).
- CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).
- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
- CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
- CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
- CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
- CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).
The following non-security bugs were fixed:
- !CONFIG & reference -> this is bug, immediate fail
- 9p/xen: fix init sequence (git-fixes).
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).
- ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message (git-fixes).
- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).
- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).
- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).
- ACPICA: Fix largest possible resource descriptor index (git-fixes).
- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).
- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).
- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).
- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).
- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).
- ALSA: lx_core: use int type to store negative error codes (git-fixes).
- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).
- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).
- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Convert comma to semicolon (git-fixes).
- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).
- ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-fixes).
- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).
- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).
- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).
- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).
- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).
- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).
- ASoC: wm8940: Correct PLL rate rounding (git-fixes).
- ASoC: wm8940: Correct typo in control name (git-fixes).
- ASoC: wm8974: Correct PLL rate rounding (git-fixes).
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).
- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
- Bluetooth: MGMT: Fix possible UAFs (git-fixes).
- Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).
- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).
- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).
- Bluetooth: qca: fix invalid device address check (git-fixes).
- Bluetooth: qca: fix wcn3991 device address check (git-fixes).
- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- Do not self obsolete older kernel variants
- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).
- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).
- EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller (git-fixes).
- Fix BPF selftests compilation error in bpf_iter.c (git-fixes).
- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).
- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).
- HID: input: report battery status changes immediately (git-fixes).
- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).
- HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).
- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
- HID: wacom: Add a new Art Pen 2 (stable-fixes).
- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
- IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes)
- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
- KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes).
- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).
- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes).
- KVM: VMX: Extract checking of guest's DEBUGCTL into helper (git-fixes).
- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).
- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-fixes).
- KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-fixes).
- KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits (git-fixes).
- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).
- KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table (git-fixes).
- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).
- KVM: x86: Fully defer to vendor code to decide how to force immediate exit (git-fixes).
- KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-fixes).
- KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint (git-fixes).
- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).
- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186).
- Limit patch filenames to 100 characters (bsc#1249604).
- NFSv4.1: fix backchannel max_resp_sz verification check (git-fixes).
- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).
- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).
- NFSv4: Do not clear capabilities that won't be reset (git-fixes).
- PCI/AER: Fix missing uevent on recovery when a reset is requested (git-fixes).
- PCI/ERR: Fix uevent on failure to recover (git-fixes).
- PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (git-fixes).
- PCI/sysfs: Ensure devices are powered for config reads (git-fixes).
- PCI: Extend isolated function probing to LoongArch (git-fixes).
- PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit (git-fixes).
- PCI: rcar-host: Drop PMSR spinlock (git-fixes).
- PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() (git-fixes).
- PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes).
- PCI: tegra194: Handle errors in BPMP response (git-fixes).
- PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock (git-fixes).
- PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation (git-fixes).
- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).
- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).
- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes)
- RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes)
- RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes)
- RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes)
- RDMA/rxe: Fix race in do_task() when draining (git-fixes)
- RDMA/siw: Always report immediate post SQ errors (git-fixes)
- Revert "SUNRPC: Do not allow waiting for exiting tasks" (git-fixes).
- Revert "drm/amdgpu: fix incorrect vm flags to map bo" (stable-fixes).
- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
- Squashfs: add additional inode sanity checking (git-fixes).
- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).
- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).
- Update config files. (bsc#1249186) Plain run_oldconfig after Kconfig update.
- afs: Fix potential null pointer dereference in afs_put_server (git-fixes).
- arm64: Handle KCOV __init vs inline mismatches (git-fixes)
- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
- arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes)
- arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes)
- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
- arm64: dts: imx8mp: Correct thermal sensor index (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
- batman-adv: fix OOB read/write in network-coding decode (git-fixes).
- bpf, bpftool: Fix incorrect disasm pc (git-fixes).
- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
- bpf: Fix iter/task tid filtering (git-fixes).
- bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).
- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
- bpf: Properly test iter/task tid filtering (git-fixes).
- bpf: bpftool: Setting error code in do_loader() (git-fixes).
- bpf: handle implicit declaration of function gettid in bpf_iter.c
- bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).
- bpftool: Fix JSON writer resource leak in version command (git-fixes).
- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).
- bpftool: Fix readlink usage in get_fd_type (git-fixes).
- bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).
- bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).
- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).
- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).
- btrfs: add cancellation points to trim loops (git-fixes).
- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).
- btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).
- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).
- btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes).
- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).
- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).
- btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).
- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).
- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).
- btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).
- btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).
- btrfs: scrub: fix grouping of read IO (git-fixes).
- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
- btrfs: split remaining space to discard in chunks (git-fixes).
- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
- btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).
- build_bug.h: Add KABI assert (bsc#1249186).
- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).
- bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() (git-fixes).
- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).
- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).
- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).
- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).
- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
- ceph: validate snapdirname option length when mounting (git-fixes).
- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).
- cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).
- cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (bsc#1247963).
- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
- cgroup: make css_rstat_updated nmi safe (bsc#1247963).
- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).
- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).
- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).
- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
- config.sh: Use Step repository for building Leap kernel bs-upload-kernel does not understand the Leap repository layout
- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).
- cpufreq: Exit governor when failed to start old governor (stable-fixes).
- cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).
- cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).
- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
- cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes).
- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).
- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
- cpufreq: scpi: compare kHz instead of Hz (git-fixes).
- cpufreq: tegra186: Share policy per cluster (stable-fixes).
- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).
- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).
- crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes).
- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).
- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).
- crypto: qat - add shutdown handler to qat_c62x (git-fixes).
- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).
- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).
- dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation (git-fixes).
- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).
- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).
- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
- dmaengine: idxd: Remove improper idxd_free (git-fixes).
- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).
- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).
- docs: admin-guide: update to current minimum pipe size default (git-fixes).
- drivers/base/node: fix double free in register_one_node() (git-fixes).
- drivers/base/node: handle error properly in register_one_node() (git-fixes).
- drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).
- drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).
- drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).
- drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).
- drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).
- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
- drm/amd/display: Remove redundant semicolons (git-fixes).
- drm/amd/display: use udelay rather than fsleep (git-fixes).
- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).
- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).
- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).
- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).
- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).
- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).
- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
- drm/amdgpu: remove the redeclaration of variable i (git-fixes).
- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).
- drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).
- drm/bridge: it6505: select REGMAP_I2C (git-fixes).
- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).
- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).
- drm/edid: Define the quirks in an enum list (bsc#1248121).
- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).
- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).
- drm/mediatek: fix potential OF node use-after-free (git-fixes).
- drm/msm/dpu: fix incorrect type for ret (git-fixes).
- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).
- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).
- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).
- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).
- fbcon: Fix OOB access in font allocation (git-fixes).
- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).
- firmware: meson_sm: fix device leak at probe (git-fixes).
- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).
- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).
- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).
- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).
- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
- hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).
- i2c: designware: Add disabling clocks when probe fails (git-fixes).
- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).
- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).
- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
- i3c: Fix default I2C adapter timeout value (git-fixes).
- i3c: master: svc: Recycle unused IBI slot (git-fixes).
- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).
- iio: dac: ad5360: use int type to store negative error codes (git-fixes).
- iio: dac: ad5421: use int type to store negative error codes (git-fixes).
- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).
- iio: frequency: adf4350: Fix prescaler usage (git-fixes).
- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).
- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).
- iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-fixes).
- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
- kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- kABI fix for "netfilter: nf_tables: Audit log rule reset" (git-fixes).
- kABI workaround for "drm/dp: Add an EDID quirk for the DPCD register access probe" (bsc#1248121).
- kABI workaround for RCU tasks exit tracking (bsc#1246298).
- kABI: adjust new field on ip_ct_sctp struct (git-fixes).
- kABI: arm64: ftrace: Restore init_module behavior (git-fixes).
- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
- kABI: make nft_trans_gc_catchall() public again (git-fixes).
- kABI: netfilter flowtable move gc operation to bottom (git-fixes).
- kabi: Restore layout of parallel_data (bsc1248343).
- kabi: add struct cgroup_extra (bsc#1247963).
- kabi: drop kvm_x86_ops from kabi relevant symbols.
- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).
- kernel-binary: Another installation ordering fix (bsc#1241353).
- kernel-source.spec: Depend on python3-base for build Both kernel-binary and kernel-docs already have this dependency.
- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).
- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).
- media: cx18: Add missing check after DMA map (git-fixes).
- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
- media: lirc: Fix error handling in lirc_register() (git-fixes).
- media: pci: ivtv: Add missing check after DMA map (git-fixes).
- media: rc: fix races with imon_disconnect() (git-fixes).
- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
- media: st-delta: avoid excessive stack usage (git-fixes).
- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).
- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).
- media: zoran: Remove zoran_fh structure (git-fixes).
- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).
- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).
- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).
- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).
- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).
- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
- mm: move page table sync declarations to linux/pgtable.h (git-fixes).
- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
- mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).
- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).
- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).
- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).
- net: nfc: nci: Add parameter validation for packet data (git-fixes).
- net: phy: fix phy_uses_state_machine() (git-fixes).
- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).
- net: rose: convert 'use' field to refcount_t (git-fixes).
- net: rose: fix a typo in rose_clear_routes() (git-fixes).
- net: rose: include node references in rose_neigh refcount (git-fixes).
- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).
- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).
- net: usb: cdc-ncm: check for filtering capability (git-fixes).
- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).
- netfilter: conntrack: fix extension size table (git-fixes).
- netfilter: flowtable: GC pushes back packets to classic path (git-fixes).
- netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).
- netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).
- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
- netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).
- netfilter: nf_tables: Audit log rule reset (git-fixes).
- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).
- netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).
- netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).
- netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).
- netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).
- netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).
- netfilter: nf_tables: Unbreak audit log reset (git-fixes).
- netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).
- netfilter: nf_tables: audit log object reset once per table (git-fixes).
- netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).
- netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).
- netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: nft_obj_filter fits into cb->ctx (git-fixes).
- netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).
- netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).
- netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).
- netfilter: nft_payload: fix wrong mac header matching (git-fixes).
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).
- netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).
- netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).
- netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).
- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).
- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
- nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).
- nvme-pci: try function level reset on init failure (git-fixes).
- nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).
- nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500).
- nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).
- orangefs: Remove unused type in macro fill_default_sys_attrs (git-fixes).
- pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).
- pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).
- pcmcia: omap: Add missing check for platform_get_resource (git-fixes).
- phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568 (git-fixes).
- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
- phy: ti-pipe3: fix device leak at unbind (git-fixes).
- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
- pinctrl: renesas: Use int type to store negative error codes (git-fixes).
- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).
- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
- platform/x86: think-lmi: Fix class device unregistration (git-fixes).
- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).
- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).
- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).
- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).
- power: supply: max77976_charger: fix constant current reporting (git-fixes).
- pptp: fix pptp_xmit() error path (git-fixes).
- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).
- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).
- rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)
- rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)
- rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain real-time response in (bsc#1246298)
- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)
- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)
- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).
- regulator: scmi: Use int type to store negative error codes (git-fixes).
- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
- rpm: Configure KABI checkingness macro (bsc#1249186).
- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).
- rpm: Link arch-symbols script from scripts directory.
- rpm: Link guards script from scripts directory.
- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).
- s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).
- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).
- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).
- s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).
- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).
- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).
- s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).
- sched/deadline: Collect sched_dl_entity initialization (git-fixes)
- sched/fair: Remove unused parameter from sched_asym() (git-fixes)
- sched/fair: Take the scheduling domain into account in (git-fixes)
- sched/isolation: Fix boot crash when maxcpus < first (git-fixes)
- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)
- sched: add a sched_ttwu_queue sysctl (bsc#1247963, jsc#PED-13659).
- scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).
- scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).
- scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519).
- scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).
- scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).
- scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).
- scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).
- scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).
- scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).
- scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519).
- scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).
- scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519).
- scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
- scsi: lpfc: Use int type to store negative error codes (bsc#1250519).
- scsi: lpfc: use min() to improve code (bsc#1250519).
- scsi: qla2xxx: Avoid stack frame size warning in qla_dfs (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp() (git-fixes).
- scsi: qla2xxx: Remove firmware URL (git-fixes).
- scsi: qla2xxx: Use secs_to_jiffies() instead of msecs_to_jiffies() (git-fixes).
- scsi: qla2xxx: edif: Fix incorrect sign of error code (git-fixes).
- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes).
- selftests/bpf: Add asserts for netfilter link info (git-fixes).
- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).
- selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).
- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).
- selftests: bpf: test batch lookup on array of maps with holes (git-fixes).
- serial: max310x: Add error checking in probe() (git-fixes).
- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).
- spi: bcm2835: Remove redundant semicolons (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).
- spi: mtk-snfi: Remove redundant semicolons (git-fixes).
- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).
- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
- struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).
- struct ci_hdrc: new member has_short_pkt_limit to end (git-fixes).
- struct l2cap_chan: shift new member rx_avail to end (git-fixes).
- supported.conf: mark hyperv_drm as external
- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
- thunderbolt: Compare HMAC values in constant time (git-fixes).
- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).
- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).
- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
- usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag (git-fixes).
- usb: core: Add 0x prefix to quirks debug output (stable-fixes).
- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).
- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).
- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).
- usb: typec: fusb302: cache PD RX state (git-fixes).
- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).
- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).
- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).
- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).
- usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register (git-fixes).
- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).
- use uniform permission checks for all mount propagation changes (git-fixes).
- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).
- vhost-scsi: Return queue full for page alloc failures during copy (git-fixes).
- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).
- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).
- vhost: fail early when __vhost_add_used() fails (git-fixes).
- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).
- vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- vsock: Allow retrying on connect() failure (git-fixes).
- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes).
- vsock: avoid timeout during connect() if the socket is closing (git-fixes).
- watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (git-fixes).
- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).
- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).
- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).
- wifi: ath11k: fix group data packet drops during rekey (git-fixes).
- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).
- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).
- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).
- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).
- wifi: mac80211: fix incorrect type for ret (stable-fixes).
- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).
- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).
- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
- wifi: mwifiex: send world regulatory domain to driver (git-fixes).
- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).
- wifi: virt_wifi: Fix page fault on connect (stable-fixes).
- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).
- writeback: Avoid contention on wb->list_lock when switching inodes (bsc#1237776).
- writeback: Avoid contention on wb->list_lock when switching inodes (kABI fixup) (bsc#1237776).
- writeback: Avoid excessively long inode switching times (bsc#1237776).
- writeback: Avoid softlockup when switching many inodes (bsc#1237776).
- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
- x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).
- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).
- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).
- xen/netfront: Fix TX response spurious interrupts (git-fixes).
- xen: Add support for XenServer 6.1 platform device (git-fixes).
- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).
- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).
- xfs: rework datasync tracking and execution (bsc#1237449).
- xhci: Fix control transfer error on Etron xHCI host (git-fixes).
- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).
- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1194869SUSE bug 1213061SUSE bug 1213666SUSE bug 1214073SUSE bug 1214928SUSE bug 1214953SUSE bug 1215150SUSE bug 1215696SUSE bug 1216436SUSE bug 1216976SUSE bug 1218644SUSE bug 1220186SUSE bug 1220419SUSE bug 1229165SUSE bug 1230062SUSE bug 1236897SUSE bug 1237449SUSE bug 1237776SUSE bug 1240324SUSE bug 1241166SUSE bug 1241292SUSE bug 1241353SUSE bug 1241866SUSE bug 1243100SUSE bug 1243112SUSE bug 1245193SUSE bug 1245260SUSE bug 1245700SUSE bug 1246057SUSE bug 1246125SUSE bug 1246190SUSE bug 1246248SUSE bug 1246298SUSE bug 1246509SUSE bug 1246782SUSE bug 1247099SUSE bug 1247118SUSE bug 1247126SUSE bug 1247136SUSE bug 1247137SUSE bug 1247223SUSE bug 1247239SUSE bug 1247262SUSE bug 1247442SUSE bug 1247483SUSE bug 1247500SUSE bug 1247963SUSE bug 1248111SUSE bug 1248121SUSE bug 1248192SUSE bug 1248199SUSE bug 1248200SUSE bug 1248202SUSE bug 1248225SUSE bug 1248296SUSE bug 1248334SUSE bug 1248343SUSE bug 1248357SUSE bug 1248360SUSE bug 1248365SUSE bug 1248378SUSE bug 1248380SUSE bug 1248392SUSE bug 1248512SUSE bug 1248610SUSE bug 1248619SUSE bug 1248622SUSE bug 1248626SUSE bug 1248628SUSE bug 1248634SUSE bug 1248639SUSE bug 1248647SUSE bug 1248674SUSE bug 1248681SUSE bug 1248733SUSE bug 1248734SUSE bug 1248735SUSE bug 1248775SUSE bug 1248847SUSE bug 1249122SUSE bug 1249123SUSE bug 1249124SUSE bug 1249125SUSE bug 1249126SUSE bug 1249143SUSE bug 1249156SUSE bug 1249159SUSE bug 1249163SUSE bug 1249164SUSE bug 1249166SUSE bug 1249169SUSE bug 1249170SUSE bug 1249172SUSE bug 1249176SUSE bug 1249177SUSE bug 1249186SUSE bug 1249190SUSE bug 1249194SUSE bug 1249195SUSE bug 1249196SUSE bug 1249199SUSE bug 1249200SUSE bug 1249202SUSE bug 1249203SUSE bug 1249204SUSE bug 1249206SUSE bug 1249215SUSE bug 1249220SUSE bug 1249221SUSE bug 1249254SUSE bug 1249255SUSE bug 1249257SUSE bug 1249258SUSE bug 1249260SUSE bug 1249262SUSE bug 1249263SUSE bug 1249265SUSE bug 1249266SUSE bug 1249271SUSE bug 1249272SUSE bug 1249273SUSE bug 1249278SUSE bug 1249279SUSE bug 1249281SUSE bug 1249282SUSE bug 1249284SUSE bug 1249285SUSE bug 1249288SUSE bug 1249290SUSE bug 1249292SUSE bug 1249295SUSE bug 1249296SUSE bug 1249299SUSE bug 1249300SUSE bug 1249303SUSE bug 1249304SUSE bug 1249305SUSE bug 1249308SUSE bug 1249312SUSE bug 1249315SUSE bug 1249318SUSE bug 1249321SUSE bug 1249323SUSE bug 1249324SUSE bug 1249334SUSE bug 1249338SUSE bug 1249346SUSE bug 1249374SUSE bug 1249413SUSE bug 1249479SUSE bug 1249481SUSE bug 1249482SUSE bug 1249486SUSE bug 1249488SUSE bug 1249489SUSE bug 1249490SUSE bug 1249494SUSE bug 1249504SUSE bug 1249506SUSE bug 1249508SUSE bug 1249510SUSE bug 1249513SUSE bug 1249515SUSE bug 1249516SUSE bug 1249522SUSE bug 1249523SUSE bug 1249524SUSE bug 1249526SUSE bug 1249533SUSE bug 1249538SUSE bug 1249540SUSE bug 1249542SUSE bug 1249545SUSE bug 1249548SUSE bug 1249554SUSE bug 1249598SUSE bug 1249604SUSE bug 1249608SUSE bug 1249615SUSE bug 1249640SUSE bug 1249641SUSE bug 1249642SUSE bug 1249658SUSE bug 1249662SUSE bug 1249672SUSE bug 1249673SUSE bug 1249677SUSE bug 1249678SUSE bug 1249679SUSE bug 1249682SUSE bug 1249687SUSE bug 1249698SUSE bug 1249707SUSE bug 1249712SUSE bug 1249730SUSE bug 1249756SUSE bug 1249758SUSE bug 1249761SUSE bug 1249762SUSE bug 1249768SUSE bug 1249770SUSE bug 1249774SUSE bug 1249779SUSE bug 1249780SUSE bug 1249785SUSE bug 1249787SUSE bug 1249795SUSE bug 1249815SUSE bug 1249820SUSE bug 1249823SUSE bug 1249824SUSE bug 1249825SUSE bug 1249826SUSE bug 1249833SUSE bug 1249842SUSE bug 1249845SUSE bug 1249849SUSE bug 1249850SUSE bug 1249853SUSE bug 1249856SUSE bug 1249861SUSE bug 1249863SUSE bug 1249864SUSE bug 1249865SUSE bug 1249866SUSE bug 1249869SUSE bug 1249870SUSE bug 1249880SUSE bug 1249883SUSE bug 1249888SUSE bug 1249894SUSE bug 1249896SUSE bug 1249897SUSE bug 1249901SUSE bug 1249911SUSE bug 1249917SUSE bug 1249919SUSE bug 1249923SUSE bug 1249926SUSE bug 1249938SUSE bug 1249949SUSE bug 1249950SUSE bug 1249952SUSE bug 1249975SUSE bug 1249979SUSE bug 1249984SUSE bug 1249988SUSE bug 1249990SUSE bug 1249993SUSE bug 1249994SUSE bug 1249997SUSE bug 1250002SUSE bug 1250004SUSE bug 1250006SUSE bug 1250007SUSE bug 1250012SUSE bug 1250022SUSE bug 1250024SUSE bug 1250025SUSE bug 1250028SUSE bug 1250029SUSE bug 1250035SUSE bug 1250049SUSE bug 1250055SUSE bug 1250057SUSE bug 1250058SUSE bug 1250062SUSE bug 1250063SUSE bug 1250065SUSE bug 1250066SUSE bug 1250067SUSE bug 1250069SUSE bug 1250070SUSE bug 1250073SUSE bug 1250074SUSE bug 1250088SUSE bug 1250089SUSE bug 1250106SUSE bug 1250112SUSE bug 1250117SUSE bug 1250120SUSE bug 1250125SUSE bug 1250127SUSE bug 1250128SUSE bug 1250145SUSE bug 1250150SUSE bug 1250156SUSE bug 1250157SUSE bug 1250161SUSE bug 1250163SUSE bug 1250166SUSE bug 1250167SUSE bug 1250169SUSE bug 1250171SUSE bug 1250177SUSE bug 1250179SUSE bug 1250180SUSE bug 1250186SUSE bug 1250196SUSE bug 1250198SUSE bug 1250199SUSE bug 1250201SUSE bug 1250203SUSE bug 1250204SUSE bug 1250206SUSE bug 1250208SUSE bug 1250241SUSE bug 1250242SUSE bug 1250243SUSE bug 1250247SUSE bug 1250249SUSE bug 1250251SUSE bug 1250262SUSE bug 1250263SUSE bug 1250266SUSE bug 1250267SUSE bug 1250268SUSE bug 1250275SUSE bug 1250276SUSE bug 1250281SUSE bug 1250290SUSE bug 1250291SUSE bug 1250292SUSE bug 1250294SUSE bug 1250297SUSE bug 1250298SUSE bug 1250313SUSE bug 1250319SUSE bug 1250323SUSE bug 1250325SUSE bug 1250329SUSE bug 1250336SUSE bug 1250337SUSE bug 1250344SUSE bug 1250358SUSE bug 1250365SUSE bug 1250371SUSE bug 1250377SUSE bug 1250384SUSE bug 1250389SUSE bug 1250395SUSE bug 1250397SUSE bug 1250402SUSE bug 1250406SUSE bug 1250407SUSE bug 1250426SUSE bug 1250450SUSE bug 1250459SUSE bug 1250519SUSE bug 1250522SUSE bug 1250530SUSE bug 1250655SUSE bug 1250712SUSE bug 1250713SUSE bug 1250732SUSE bug 1250736SUSE bug 1250741SUSE bug 1250759SUSE bug 1250763SUSE bug 1250765SUSE bug 1250807SUSE bug 1250808SUSE bug 1250809SUSE bug 1250812SUSE bug 1250813SUSE bug 1250815SUSE bug 1250816SUSE bug 1250820SUSE bug 1250823SUSE bug 1250825SUSE bug 1250827SUSE bug 1250830SUSE bug 1250831SUSE bug 1250837SUSE bug 1250841SUSE bug 1250861SUSE bug 1250863SUSE bug 1250867SUSE bug 1250872SUSE bug 1250873SUSE bug 1250878SUSE bug 1250905SUSE bug 1250907SUSE bug 1250917SUSE bug 1250918SUSE bug 1250923SUSE bug 1250926SUSE bug 1250928SUSE bug 1250929SUSE bug 1250930SUSE bug 1250931SUSE bug 1250941SUSE bug 1250942SUSE bug 1250949SUSE bug 1250952SUSE bug 1250957SUSE bug 1250964CVE-2023-31248 at SUSECVE-2023-31248 at NVDCVE-2023-3772 at SUSECVE-2023-3772 at NVDCVE-2023-39197 at SUSECVE-2023-39197 at NVDCVE-2023-42753 at SUSECVE-2023-42753 at NVDCVE-2023-53147 at SUSECVE-2023-53147 at NVDCVE-2023-53148 at SUSECVE-2023-53148 at NVDCVE-2023-53150 at SUSECVE-2023-53150 at NVDCVE-2023-53151 at SUSECVE-2023-53151 at NVDCVE-2023-53152 at SUSECVE-2023-53152 at NVDCVE-2023-53165 at SUSECVE-2023-53165 at NVDCVE-2023-53167 at SUSECVE-2023-53167 at NVDCVE-2023-53170 at SUSECVE-2023-53170 at NVDCVE-2023-53174 at SUSECVE-2023-53174 at NVDCVE-2023-53175 at SUSECVE-2023-53175 at NVDCVE-2023-53177 at SUSECVE-2023-53177 at NVDCVE-2023-53179 at SUSECVE-2023-53179 at NVDCVE-2023-53180 at SUSECVE-2023-53180 at NVDCVE-2023-53181 at SUSECVE-2023-53181 at NVDCVE-2023-53183 at SUSECVE-2023-53183 at NVDCVE-2023-53184 at SUSECVE-2023-53184 at NVDCVE-2023-53185 at SUSECVE-2023-53185 at NVDCVE-2023-53187 at SUSECVE-2023-53187 at NVDCVE-2023-53189 at SUSECVE-2023-53189 at NVDCVE-2023-53192 at SUSECVE-2023-53192 at NVDCVE-2023-53195 at SUSECVE-2023-53195 at NVDCVE-2023-53196 at SUSECVE-2023-53196 at NVDCVE-2023-53201 at SUSECVE-2023-53201 at NVDCVE-2023-53204 at SUSECVE-2023-53204 at NVDCVE-2023-53205 at SUSECVE-2023-53205 at NVDCVE-2023-53206 at SUSECVE-2023-53206 at NVDCVE-2023-53207 at SUSECVE-2023-53207 at NVDCVE-2023-53208 at SUSECVE-2023-53208 at NVDCVE-2023-53209 at SUSECVE-2023-53209 at NVDCVE-2023-53210 at SUSECVE-2023-53210 at NVDCVE-2023-53215 at SUSECVE-2023-53215 at NVDCVE-2023-53217 at SUSECVE-2023-53217 at NVDCVE-2023-53220 at SUSECVE-2023-53220 at NVDCVE-2023-53221 at SUSECVE-2023-53221 at NVDCVE-2023-53222 at SUSECVE-2023-53222 at NVDCVE-2023-53226 at SUSECVE-2023-53226 at NVDCVE-2023-53230 at SUSECVE-2023-53230 at NVDCVE-2023-53231 at SUSECVE-2023-53231 at NVDCVE-2023-53235 at SUSECVE-2023-53235 at NVDCVE-2023-53238 at SUSECVE-2023-53238 at NVDCVE-2023-53243 at SUSECVE-2023-53243 at NVDCVE-2023-53245 at SUSECVE-2023-53245 at NVDCVE-2023-53247 at SUSECVE-2023-53247 at NVDCVE-2023-53248 at SUSECVE-2023-53248 at NVDCVE-2023-53249 at SUSECVE-2023-53249 at NVDCVE-2023-53251 at SUSECVE-2023-53251 at NVDCVE-2023-53252 at SUSECVE-2023-53252 at NVDCVE-2023-53255 at SUSECVE-2023-53255 at NVDCVE-2023-53257 at SUSECVE-2023-53257 at NVDCVE-2023-53258 at SUSECVE-2023-53258 at NVDCVE-2023-53260 at SUSECVE-2023-53260 at NVDCVE-2023-53261 at SUSECVE-2023-53261 at NVDCVE-2023-53263 at SUSECVE-2023-53263 at NVDCVE-2023-53264 at SUSECVE-2023-53264 at NVDCVE-2023-53272 at SUSECVE-2023-53272 at NVDCVE-2023-53274 at SUSECVE-2023-53274 at NVDCVE-2023-53275 at SUSECVE-2023-53275 at NVDCVE-2023-53280 at SUSECVE-2023-53280 at NVDCVE-2023-53286 at SUSECVE-2023-53286 at NVDCVE-2023-53287 at SUSECVE-2023-53287 at NVDCVE-2023-53288 at SUSECVE-2023-53288 at NVDCVE-2023-53291 at SUSECVE-2023-53291 at NVDCVE-2023-53292 at SUSECVE-2023-53292 at NVDCVE-2023-53303 at SUSECVE-2023-53303 at NVDCVE-2023-53304 at SUSECVE-2023-53304 at NVDCVE-2023-53305 at SUSECVE-2023-53305 at NVDCVE-2023-53309 at SUSECVE-2023-53309 at NVDCVE-2023-53311 at SUSECVE-2023-53311 at NVDCVE-2023-53312 at SUSECVE-2023-53312 at NVDCVE-2023-53313 at SUSECVE-2023-53313 at NVDCVE-2023-53314 at SUSECVE-2023-53314 at NVDCVE-2023-53316 at SUSECVE-2023-53316 at NVDCVE-2023-53319 at SUSECVE-2023-53319 at NVDCVE-2023-53321 at SUSECVE-2023-53321 at NVDCVE-2023-53322 at SUSECVE-2023-53322 at NVDCVE-2023-53323 at SUSECVE-2023-53323 at NVDCVE-2023-53324 at SUSECVE-2023-53324 at NVDCVE-2023-53325 at SUSECVE-2023-53325 at NVDCVE-2023-53328 at SUSECVE-2023-53328 at NVDCVE-2023-53331 at SUSECVE-2023-53331 at NVDCVE-2023-53333 at SUSECVE-2023-53333 at NVDCVE-2023-53336 at SUSECVE-2023-53336 at NVDCVE-2023-53338 at SUSECVE-2023-53338 at NVDCVE-2023-53339 at SUSECVE-2023-53339 at NVDCVE-2023-53342 at SUSECVE-2023-53342 at NVDCVE-2023-53343 at SUSECVE-2023-53343 at NVDCVE-2023-53350 at SUSECVE-2023-53350 at NVDCVE-2023-53352 at SUSECVE-2023-53352 at NVDCVE-2023-53354 at SUSECVE-2023-53354 at NVDCVE-2023-53356 at SUSECVE-2023-53356 at NVDCVE-2023-53357 at SUSECVE-2023-53357 at NVDCVE-2023-53360 at SUSECVE-2023-53360 at NVDCVE-2023-53362 at SUSECVE-2023-53362 at NVDCVE-2023-53364 at SUSECVE-2023-53364 at NVDCVE-2023-53365 at SUSECVE-2023-53365 at NVDCVE-2023-53367 at SUSECVE-2023-53367 at NVDCVE-2023-53368 at SUSECVE-2023-53368 at NVDCVE-2023-53369 at SUSECVE-2023-53369 at NVDCVE-2023-53370 at SUSECVE-2023-53370 at NVDCVE-2023-53371 at SUSECVE-2023-53371 at NVDCVE-2023-53374 at SUSECVE-2023-53374 at NVDCVE-2023-53377 at SUSECVE-2023-53377 at NVDCVE-2023-53379 at SUSECVE-2023-53379 at NVDCVE-2023-53380 at SUSECVE-2023-53380 at NVDCVE-2023-53384 at SUSECVE-2023-53384 at NVDCVE-2023-53385 at SUSECVE-2023-53385 at NVDCVE-2023-53386 at SUSECVE-2023-53386 at NVDCVE-2023-53391 at SUSECVE-2023-53391 at NVDCVE-2023-53394 at SUSECVE-2023-53394 at NVDCVE-2023-53395 at SUSECVE-2023-53395 at NVDCVE-2023-53397 at SUSECVE-2023-53397 at NVDCVE-2023-53401 at SUSECVE-2023-53401 at NVDCVE-2023-53420 at SUSECVE-2023-53420 at NVDCVE-2023-53421 at SUSECVE-2023-53421 at NVDCVE-2023-53424 at SUSECVE-2023-53424 at NVDCVE-2023-53425 at SUSECVE-2023-53425 at NVDCVE-2023-53426 at SUSECVE-2023-53426 at NVDCVE-2023-53428 at SUSECVE-2023-53428 at NVDCVE-2023-53429 at SUSECVE-2023-53429 at NVDCVE-2023-53432 at SUSECVE-2023-53432 at NVDCVE-2023-53436 at SUSECVE-2023-53436 at NVDCVE-2023-53438 at SUSECVE-2023-53438 at NVDCVE-2023-53441 at SUSECVE-2023-53441 at NVDCVE-2023-53442 at SUSECVE-2023-53442 at NVDCVE-2023-53444 at SUSECVE-2023-53444 at NVDCVE-2023-53446 at SUSECVE-2023-53446 at NVDCVE-2023-53447 at SUSECVE-2023-53447 at NVDCVE-2023-53448 at SUSECVE-2023-53448 at NVDCVE-2023-53451 at SUSECVE-2023-53451 at NVDCVE-2023-53454 at SUSECVE-2023-53454 at NVDCVE-2023-53456 at SUSECVE-2023-53456 at NVDCVE-2023-53457 at SUSECVE-2023-53457 at NVDCVE-2023-53461 at SUSECVE-2023-53461 at NVDCVE-2023-53462 at SUSECVE-2023-53462 at NVDCVE-2023-53463 at SUSECVE-2023-53463 at NVDCVE-2023-53465 at SUSECVE-2023-53465 at NVDCVE-2023-53472 at SUSECVE-2023-53472 at NVDCVE-2023-53479 at SUSECVE-2023-53479 at NVDCVE-2023-53480 at SUSECVE-2023-53480 at NVDCVE-2023-53485 at SUSECVE-2023-53485 at NVDCVE-2023-53487 at SUSECVE-2023-53487 at NVDCVE-2023-53488 at SUSECVE-2023-53488 at NVDCVE-2023-53490 at SUSECVE-2023-53490 at NVDCVE-2023-53491 at SUSECVE-2023-53491 at NVDCVE-2023-53492 at SUSECVE-2023-53492 at NVDCVE-2023-53493 at SUSECVE-2023-53493 at NVDCVE-2023-53495 at SUSECVE-2023-53495 at NVDCVE-2023-53496 at SUSECVE-2023-53496 at NVDCVE-2023-53500 at SUSECVE-2023-53500 at NVDCVE-2023-53501 at SUSECVE-2023-53501 at NVDCVE-2023-53504 at SUSECVE-2023-53504 at NVDCVE-2023-53505 at SUSECVE-2023-53505 at NVDCVE-2023-53507 at SUSECVE-2023-53507 at NVDCVE-2023-53508 at SUSECVE-2023-53508 at NVDCVE-2023-53510 at SUSECVE-2023-53510 at NVDCVE-2023-53515 at SUSECVE-2023-53515 at NVDCVE-2023-53516 at SUSECVE-2023-53516 at NVDCVE-2023-53518 at SUSECVE-2023-53518 at NVDCVE-2023-53519 at SUSECVE-2023-53519 at NVDCVE-2023-53520 at SUSECVE-2023-53520 at NVDCVE-2023-53523 at SUSECVE-2023-53523 at NVDCVE-2023-53526 at SUSECVE-2023-53526 at NVDCVE-2023-53527 at SUSECVE-2023-53527 at NVDCVE-2023-53528 at SUSECVE-2023-53528 at NVDCVE-2023-53530 at SUSECVE-2023-53530 at NVDCVE-2023-53531 at SUSECVE-2023-53531 at NVDCVE-2024-26584 at SUSECVE-2024-26584 at NVDCVE-2024-58090 at SUSECVE-2024-58090 at NVDCVE-2024-58240 at SUSECVE-2024-58240 at NVDCVE-2025-22022 at SUSECVE-2025-22022 at NVDCVE-2025-38119 at SUSECVE-2025-38119 at NVDCVE-2025-38234 at SUSECVE-2025-38234 at NVDCVE-2025-38255 at SUSECVE-2025-38255 at NVDCVE-2025-38263 at SUSECVE-2025-38263 at NVDCVE-2025-38351 at SUSECVE-2025-38351 at NVDCVE-2025-38402 at SUSECVE-2025-38402 at NVDCVE-2025-38408 at SUSECVE-2025-38408 at NVDCVE-2025-38418 at SUSECVE-2025-38418 at NVDCVE-2025-38419 at SUSECVE-2025-38419 at NVDCVE-2025-38456 at SUSECVE-2025-38456 at NVDCVE-2025-38465 at SUSECVE-2025-38465 at NVDCVE-2025-38466 at SUSECVE-2025-38466 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-38514 at SUSECVE-2025-38514 at NVDCVE-2025-38526 at SUSECVE-2025-38526 at NVDCVE-2025-38527 at SUSECVE-2025-38527 at NVDCVE-2025-38533 at SUSECVE-2025-38533 at NVDCVE-2025-38544 at SUSECVE-2025-38544 at NVDCVE-2025-38556 at SUSECVE-2025-38556 at NVDCVE-2025-38574 at SUSECVE-2025-38574 at NVDCVE-2025-38584 at SUSECVE-2025-38584 at NVDCVE-2025-38590 at SUSECVE-2025-38590 at NVDCVE-2025-38593 at SUSECVE-2025-38593 at NVDCVE-2025-38595 at SUSECVE-2025-38595 at NVDCVE-2025-38597 at SUSECVE-2025-38597 at NVDCVE-2025-38605 at SUSECVE-2025-38605 at NVDCVE-2025-38614 at SUSECVE-2025-38614 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDCVE-2025-38622 at SUSECVE-2025-38622 at NVDCVE-2025-38623 at SUSECVE-2025-38623 at NVDCVE-2025-38639 at SUSECVE-2025-38639 at NVDCVE-2025-38640 at SUSECVE-2025-38640 at NVDCVE-2025-38643 at SUSECVE-2025-38643 at NVDCVE-2025-38645 at SUSECVE-2025-38645 at NVDCVE-2025-38659 at SUSECVE-2025-38659 at NVDCVE-2025-38660 at SUSECVE-2025-38660 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDCVE-2025-38668 at SUSECVE-2025-38668 at NVDCVE-2025-38676 at SUSECVE-2025-38676 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDCVE-2025-38679 at SUSECVE-2025-38679 at NVDCVE-2025-38680 at SUSECVE-2025-38680 at NVDCVE-2025-38681 at SUSECVE-2025-38681 at NVDCVE-2025-38683 at SUSECVE-2025-38683 at NVDCVE-2025-38684 at SUSECVE-2025-38684 at NVDCVE-2025-38685 at SUSECVE-2025-38685 at NVDCVE-2025-38687 at SUSECVE-2025-38687 at NVDCVE-2025-38691 at SUSECVE-2025-38691 at NVDCVE-2025-38692 at SUSECVE-2025-38692 at NVDCVE-2025-38693 at SUSECVE-2025-38693 at NVDCVE-2025-38694 at SUSECVE-2025-38694 at NVDCVE-2025-38695 at SUSECVE-2025-38695 at NVDCVE-2025-38697 at SUSECVE-2025-38697 at NVDCVE-2025-38698 at SUSECVE-2025-38698 at NVDCVE-2025-38701 at SUSECVE-2025-38701 at NVDCVE-2025-38702 at SUSECVE-2025-38702 at NVDCVE-2025-38705 at SUSECVE-2025-38705 at NVDCVE-2025-38706 at SUSECVE-2025-38706 at NVDCVE-2025-38709 at SUSECVE-2025-38709 at NVDCVE-2025-38712 at SUSECVE-2025-38712 at NVDCVE-2025-38713 at SUSECVE-2025-38713 at NVDCVE-2025-38714 at SUSECVE-2025-38714 at NVDCVE-2025-38715 at SUSECVE-2025-38715 at NVDCVE-2025-38721 at SUSECVE-2025-38721 at NVDCVE-2025-38722 at SUSECVE-2025-38722 at NVDCVE-2025-38724 at SUSECVE-2025-38724 at NVDCVE-2025-38725 at SUSECVE-2025-38725 at NVDCVE-2025-38727 at SUSECVE-2025-38727 at NVDCVE-2025-38729 at SUSECVE-2025-38729 at NVDCVE-2025-38730 at SUSECVE-2025-38730 at NVDCVE-2025-38732 at SUSECVE-2025-38732 at NVDCVE-2025-38734 at SUSECVE-2025-38734 at NVDCVE-2025-38735 at SUSECVE-2025-38735 at NVDCVE-2025-38736 at SUSECVE-2025-38736 at NVDCVE-2025-39675 at SUSECVE-2025-39675 at NVDCVE-2025-39677 at SUSECVE-2025-39677 at NVDCVE-2025-39678 at SUSECVE-2025-39678 at NVDCVE-2025-39679 at SUSECVE-2025-39679 at NVDCVE-2025-39681 at SUSECVE-2025-39681 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-39684 at SUSECVE-2025-39684 at NVDCVE-2025-39685 at SUSECVE-2025-39685 at NVDCVE-2025-39686 at SUSECVE-2025-39686 at NVDCVE-2025-39691 at SUSECVE-2025-39691 at NVDCVE-2025-39693 at SUSECVE-2025-39693 at NVDCVE-2025-39694 at SUSECVE-2025-39694 at NVDCVE-2025-39701 at SUSECVE-2025-39701 at NVDCVE-2025-39703 at SUSECVE-2025-39703 at NVDCVE-2025-39705 at SUSECVE-2025-39705 at NVDCVE-2025-39706 at SUSECVE-2025-39706 at NVDCVE-2025-39709 at SUSECVE-2025-39709 at NVDCVE-2025-39710 at SUSECVE-2025-39710 at NVDCVE-2025-39713 at SUSECVE-2025-39713 at NVDCVE-2025-39714 at SUSECVE-2025-39714 at NVDCVE-2025-39718 at SUSECVE-2025-39718 at NVDCVE-2025-39719 at SUSECVE-2025-39719 at NVDCVE-2025-39721 at SUSECVE-2025-39721 at NVDCVE-2025-39724 at SUSECVE-2025-39724 at NVDCVE-2025-39726 at SUSECVE-2025-39726 at NVDCVE-2025-39730 at SUSECVE-2025-39730 at NVDCVE-2025-39732 at SUSECVE-2025-39732 at NVDCVE-2025-39738 at SUSECVE-2025-39738 at NVDCVE-2025-39739 at SUSECVE-2025-39739 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-39743 at SUSECVE-2025-39743 at NVDCVE-2025-39744 at SUSECVE-2025-39744 at NVDCVE-2025-39746 at SUSECVE-2025-39746 at NVDCVE-2025-39749 at SUSECVE-2025-39749 at NVDCVE-2025-39750 at SUSECVE-2025-39750 at NVDCVE-2025-39751 at SUSECVE-2025-39751 at NVDCVE-2025-39754 at SUSECVE-2025-39754 at NVDCVE-2025-39757 at SUSECVE-2025-39757 at NVDCVE-2025-39758 at SUSECVE-2025-39758 at NVDCVE-2025-39759 at SUSECVE-2025-39759 at NVDCVE-2025-39760 at SUSECVE-2025-39760 at NVDCVE-2025-39761 at SUSECVE-2025-39761 at NVDCVE-2025-39763 at SUSECVE-2025-39763 at NVDCVE-2025-39764 at SUSECVE-2025-39764 at NVDCVE-2025-39766 at SUSECVE-2025-39766 at NVDCVE-2025-39770 at SUSECVE-2025-39770 at NVDCVE-2025-39772 at SUSECVE-2025-39772 at NVDCVE-2025-39773 at SUSECVE-2025-39773 at NVDCVE-2025-39782 at SUSECVE-2025-39782 at NVDCVE-2025-39783 at SUSECVE-2025-39783 at NVDCVE-2025-39787 at SUSECVE-2025-39787 at NVDCVE-2025-39790 at SUSECVE-2025-39790 at NVDCVE-2025-39797 at SUSECVE-2025-39797 at NVDCVE-2025-39798 at SUSECVE-2025-39798 at NVDCVE-2025-39800 at SUSECVE-2025-39800 at NVDCVE-2025-39801 at SUSECVE-2025-39801 at NVDCVE-2025-39806 at SUSECVE-2025-39806 at NVDCVE-2025-39808 at SUSECVE-2025-39808 at NVDCVE-2025-39810 at SUSECVE-2025-39810 at NVDCVE-2025-39823 at SUSECVE-2025-39823 at NVDCVE-2025-39824 at SUSECVE-2025-39824 at NVDCVE-2025-39825 at SUSECVE-2025-39825 at NVDCVE-2025-39826 at SUSECVE-2025-39826 at NVDCVE-2025-39827 at SUSECVE-2025-39827 at NVDCVE-2025-39832 at SUSECVE-2025-39832 at NVDCVE-2025-39833 at SUSECVE-2025-39833 at NVDCVE-2025-39835 at SUSECVE-2025-39835 at NVDCVE-2025-39838 at SUSECVE-2025-39838 at NVDCVE-2025-39839 at SUSECVE-2025-39839 at NVDCVE-2025-39842 at SUSECVE-2025-39842 at NVDCVE-2025-39844 at SUSECVE-2025-39844 at NVDCVE-2025-39845 at SUSECVE-2025-39845 at NVDCVE-2025-39846 at SUSECVE-2025-39846 at NVDCVE-2025-39847 at SUSECVE-2025-39847 at NVDCVE-2025-39848 at SUSECVE-2025-39848 at NVDCVE-2025-39849 at SUSECVE-2025-39849 at NVDCVE-2025-39850 at SUSECVE-2025-39850 at NVDCVE-2025-39853 at SUSECVE-2025-39853 at NVDCVE-2025-39854 at SUSECVE-2025-39854 at NVDCVE-2025-39857 at SUSECVE-2025-39857 at NVDCVE-2025-39860 at SUSECVE-2025-39860 at NVDCVE-2025-39861 at SUSECVE-2025-39861 at NVDCVE-2025-39863 at SUSECVE-2025-39863 at NVDCVE-2025-39864 at SUSECVE-2025-39864 at NVDCVE-2025-39865 at SUSECVE-2025-39865 at NVDCVE-2025-39869 at SUSECVE-2025-39869 at NVDCVE-2025-39870 at SUSECVE-2025-39870 at NVDCVE-2025-39871 at SUSECVE-2025-39871 at NVDCVE-2025-39873 at SUSECVE-2025-39873 at NVDCVE-2025-39882 at SUSECVE-2025-39882 at NVDCVE-2025-39885 at SUSECVE-2025-39885 at NVDCVE-2025-39889 at SUSECVE-2025-39889 at NVDCVE-2025-39891 at SUSECVE-2025-39891 at NVDCVE-2025-39907 at SUSECVE-2025-39907 at NVDCVE-2025-39920 at SUSECVE-2025-39920 at NVDCVE-2025-39923 at SUSECVE-2025-39923 at NVDCVE-2025-39925 at SUSECVE-2025-39925 at NVDCVE-2025-40300 at SUSECVE-2025-40300 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_13 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_13 fixes the following issues:
- New livepatch SLE Micro 6.0 kernel update 13
Importantcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249534CVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2024-53237: Fixed bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008)
- CVE-2024-53082: Fixed virtio_net: Add hash_key_length check (bsc#1233677)
- CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability (bsc#1240840)
- CVE-2024-56650: Fixed netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431)
ModerateSUSE bug 1233677SUSE bug 1235008SUSE bug 1235431SUSE bug 1240840CVE-2024-53082 at SUSECVE-2024-53082 at NVDCVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-8805 at SUSECVE-2024-8805 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_11 fixes the following issues:
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1248108SUSE bug 1248376SUSE bug 1248673SUSE bug 1249534CVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations (bsc#1232384)
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1232384SUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2024-49974 at SUSECVE-2024-49974 at NVDCVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations (bsc#1232384)
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1232384SUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2024-49974 at SUSECVE-2024-49974 at NVDCVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249534CVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_10 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_10 fixes the following issues:
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1248108SUSE bug 1248376SUSE bug 1248673SUSE bug 1249534CVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-53237: Fixed bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008)
- CVE-2024-53082: Fixed virtio_net: Add hash_key_length check (bsc#1233677)
- CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability (bsc#1240840)
- CVE-2024-56650: Fixed netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431)
ModerateSUSE bug 1233677SUSE bug 1235008SUSE bug 1235431SUSE bug 1240840CVE-2024-53082 at SUSECVE-2024-53082 at NVDCVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-8805 at SUSECVE-2024-8805 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations (bsc#1232384)
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1232384SUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2024-49974 at SUSECVE-2024-49974 at NVDCVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations (bsc#1232384)
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1232384SUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2024-49974 at SUSECVE-2024-49974 at NVDCVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019)
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1246019SUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019)
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1246019SUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019)
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1246019SUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_10 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_10 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
ImportantSUSE bug 1248631SUSE bug 1249207CVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2024-53237: Fixed bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008)
- CVE-2024-53082: Fixed virtio_net: Add hash_key_length check (bsc#1233677)
- CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability (bsc#1240840)
- CVE-2024-56650: Fixed netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431)
ModerateSUSE bug 1233677SUSE bug 1235008SUSE bug 1235431SUSE bug 1240840CVE-2024-53082 at SUSECVE-2024-53082 at NVDCVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-8805 at SUSECVE-2024-8805 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_11 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
ImportantSUSE bug 1248631SUSE bug 1249207CVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019)
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1246019SUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_12 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_12 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
ImportantSUSE bug 1248631CVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_12 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_12 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
ImportantSUSE bug 1248631CVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52778: mptcp: deal with large GSO size (bsc#1224948).
- CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823).
- CVE-2024-26596: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events (bsc#1220355).
- CVE-2024-26741: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished() (bsc#1222587).
- CVE-2024-26782: mptcp: fix double-free on socket dismantle (bsc#1222590).
- CVE-2024-26953: net: esp: fix bad handling of pages from page_pool (bsc#1223656).
- CVE-2024-27017: netfilter: nft_set_pipapo: walk over current view on netlink dump (bsc#1223733).
- CVE-2024-35888: erspan: make sure erspan_base_hdr is present in skb->head (bsc#1224518).
- CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).
- CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797).
- CVE-2024-36883: net: fix out-of-bounds access in ops_init (bsc#1225725).
- CVE-2024-36886: tipc: fix UAF in error path (bsc#1225730).
- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).
- CVE-2024-36927: ipv4: Fix uninit-value access in __ip_make_skb() (bsc#1225813).
- CVE-2024-36954: tipc: fix a possible memleak in tipc_buf_append (bsc#1225764).
- CVE-2024-36968: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() (bsc#1226130).
- CVE-2024-38589: netrom: fix possible dead-lock in nr_rt_ioctl() (bsc#1226748).
- CVE-2024-40914: mm/huge_memory: do not unpoison huge_zero_folio (bsc#1227842).
- CVE-2024-41023: sched/deadline: Fix task_struct reference leak (bsc#1228430).
- CVE-2024-41031: mm/filemap: skip to create PMD-sized page cache if needed (bsc#1228454).
- CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620).
- CVE-2024-42102: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (bsc#1233132).
- CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179).
- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
- CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456).
- CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550).
- CVE-2024-46680: Bluetooth: btnxpuart: Fix random crash seen while removing driver (bsc#1230557).
- CVE-2024-46681: pktgen: use cpus_read_lock() in pg_net_init() (bsc#1230558).
- CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
- CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801).
- CVE-2024-46765: ice: protect XDP configuration with a mutex (bsc#1230807).
- CVE-2024-46766: ice: move netif_queue_set_napi to rtnl-protected sections (bsc#1230762).
- CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
- CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774).
- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191).
- CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197).
- CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115).
- CVE-2024-46831: net: microchip: vcap: Fix use-after-free error in kunit test (bsc#1231117).
- CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096).
- CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105).
- CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094).
- CVE-2024-46843: scsi: ufs: core: Remove SCSI host only if added (bsc#1231100).
- CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
- CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085).
- CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087).
- CVE-2024-46870: drm/amd/display: Disable DMCUB timeout for DCN35 (bsc#1231435).
- CVE-2024-47658: crypto: stm32/cryp - call finalize with bh disabled (bsc#1231436).
- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).
- CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442).
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()&iput() (bsc#1231930).
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987).
- CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998).
- CVE-2024-47687: vdpa/mlx5: Fix invalid mr resource destroy (bsc#1232003).
- CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857).
- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).
- CVE-2024-47703: bpf, lsm: add check for BPF LSM return value (bsc#1231946).
- CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944).
- CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872).
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942).
- CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935).
- CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049).
- CVE-2024-47727: x86/tdx: Fix "in-kernel MMIO" check (bsc#1232116).
- CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075).
- CVE-2024-47731: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing (bsc#1232117).
- CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124).
- CVE-2024-47741: btrfs: fix race setting file private on concurrent lseek using same fd (bsc#1231869).
- CVE-2024-47745: mm: call the security_mmap_file() LSM hook in remap_file_pages() (bsc#1232135).
- CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145).
- CVE-2024-47752: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning (bsc#1232130).
- CVE-2024-47753: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning (bsc#1231868).
- CVE-2024-47754: media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning (bsc#1232131).
- CVE-2024-49852: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (bsc#1232819).
- CVE-2024-49864: rxrpc: Fix a race between socket set up and I/O thread creation (bsc#1232256).
- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232262).
- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).
- CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201).
- CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200).
- CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199).
- CVE-2024-49888: bpf: Fix a sdiv overflow issue (bsc#1232208).
- CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217).
- CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220).
- CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354).
- CVE-2024-49895: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (bsc#1232352).
- CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221).
- CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355).
- CVE-2024-49898: drm/amd/display: Check null-initialized variables (bsc#1232222).
- CVE-2024-49899: drm/amd/display: Initialize denominators' default to 1 (bsc#1232358).
- CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305).
- CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332).
- CVE-2024-49907: drm/amd/display: Check null pointers before using dc->clk_mgr (bsc#1232334).
- CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337).
- CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366).
- CVE-2024-49912: drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' (bsc#1232367).
- CVE-2024-49913: drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (bsc#1232307).
- CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369).
- CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965).
- CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967).
- CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968).
- CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313).
- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).
- CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374).
- CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368).
- CVE-2024-49934: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (bsc#1232387).
- CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424).
- CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166).
- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).
- CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164).
- CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160).
- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-49953: net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (bsc#1232156).
- CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155).
- CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151).
- CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149).
- CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395).
- CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140).
- CVE-2024-49968: ext4: filesystems without casefold feature cannot be mounted with siphash (bsc#1232264).
- CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519).
- CVE-2024-49972: drm/amd/display: Deallocate DML memory if allocation fails (bsc#1232315).
- CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105).
- CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383).
- CVE-2024-49983: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free (bsc#1232096).
- CVE-2024-49986: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors (bsc#1232093).
- CVE-2024-49987: bpftool: Fix undefined behavior in qsort(NULL, 0, ...) (bsc#1232258).
- CVE-2024-49989: drm/amd/display: fix double free issue during amdgpu module unload (bsc#1232483).
- CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282).
- CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316).
- CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).
- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
- CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085).
- CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084).
- CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083).
- CVE-2024-50003: drm/amd/display: Fix system hang while resume with TBT monitor (bsc#1232385).
- CVE-2024-50004: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 (bsc#1232396).
- CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442).
- CVE-2024-50009: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value (bsc#1232318).
- CVE-2024-50012: cpufreq: Avoid a bad reference count on CPU node (bsc#1232386).
- CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446).
- CVE-2024-50015: ext4: dax: fix overflowing extents beyond inode size when partially writing (bsc#1232079).
- CVE-2024-50020: ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() (bsc#1231989).
- CVE-2024-50021: ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() (bsc#1231957).
- CVE-2024-50022: device-dax: correct pgoff align in dax_set_mapping() (bsc#1231956).
- CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954).
- CVE-2024-50027: thermal: core: Free tzp copy along with the thermal zone (bsc#1231951).
- CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950).
- CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914).
- CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392).
- CVE-2024-50040: igb: Do not bring the device up after non-fatal error (bsc#1231908).
- CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907).
- CVE-2024-50042: ice: Fix increasing MSI-X on VF (bsc#1231906).
- CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903).
- CVE-2024-50046: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902).
- CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418).
- CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345).
- CVE-2024-50060: io_uring: check if we need to reschedule during overflow flush (bsc#1232417).
- CVE-2024-50063: bpf: Prevent tail call between progs attached to different hooks (bsc#1232435).
- CVE-2024-50064: zram: free secondary algorithms names (bsc#1231901).
- CVE-2024-50080: ublk: do not allow user copy for unprivileged device (bsc#1232502).
- CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501).
- CVE-2024-50082: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (bsc#1232500).
- CVE-2024-50084: net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() (bsc#1232494).
- CVE-2024-50087: btrfs: fix uninitialized pointer free on read_alloc_one_name() error (bsc#1232499).
- CVE-2024-50088: btrfs: fix uninitialized pointer free in add_inode_ref() (bsc#1232498).
- CVE-2024-50098: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down (bsc#1232881).
- CVE-2024-50110: xfrm: fix one more kernel-infoleak in algo dumping (bsc#1232885).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232926).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).
- CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905).
- CVE-2024-50130: netfilter: bpf: must hold reference on net namespace (bsc#1232894).
- CVE-2024-50138: bpf: Use raw_spinlock_t in ringbuf (bsc#1232935).
- CVE-2024-50139: KVM: arm64: Fix shift-out-of-bounds bug (bsc#1233062).
- CVE-2024-50145: octeon_ep: add SKB allocation failures handling in __octep_oq_process_rx() (bsc#1233044).
- CVE-2024-50153: scsi: target: core: Fix null-ptr-deref in target_alloc_device() (bsc#1233061).
- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).
- CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050).
- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).
- CVE-2024-50169: vsock: Update rx_bytes on read_skb() (bsc#1233320).
- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).
- CVE-2024-50177: drm/amd/display: fix a UBSAN warning in DML2.1 (bsc#1233115).
- CVE-2024-50182: secretmem: disable memfd_secret() if arch cannot set direct map (bsc#1233129).
- CVE-2024-50184: virtio_pmem: Check device status before requesting flush (bsc#1233135).
- CVE-2024-50186: net: explicitly clear the sk pointer, when pf->create fails (bsc#1233110).
- CVE-2024-50192: irqchip/gic-v4: Do not allow a VMOVP on a dying VPE (bsc#1233106).
- CVE-2024-50225: btrfs: fix error propagation of split bios (bsc#1233193).
- CVE-2024-50228: mm: shmem: fix data-race in shmem_getattr() (bsc#1233204).
- CVE-2024-50230: nilfs2: fix kernel bug due to missing clearing of checked flag (bsc#1233206).
- CVE-2024-50245: fs/ntfs3: Fix possible deadlock in mi_read (bsc#1233203).
- CVE-2024-50246: fs/ntfs3: Add rough attr alloc_size check (bsc#1233207).
- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233226).
- CVE-2024-50252: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address (bsc#1233201).
- CVE-2024-50257: netfilter: Fix use-after-free in get_info() (bsc#1233244).
- CVE-2024-50261: macsec: Fix use-after-free while sending the offloading packet (bsc#1233253).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50271: signal: restore the override_rlimit logic (bsc#1233460).
- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).
- CVE-2024-50274: idpf: avoid vport access in idpf_get_link_ksettings (bsc#1233463).
- CVE-2024-50275: arm64/sve: Discard stale CPU state when handling SVE traps (bsc#1233464).
- CVE-2024-50276: net: vertexcom: mse102x: Fix possible double free of TX skb (bsc#1233465).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).
- CVE-2024-50295: net: arc: fix the device for dma_map_single/dma_unmap_single (bsc#1233484).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-50298: net: enetc: allocate vf_state during PF probes (bsc#1233487).
- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233540).
- CVE-2024-53043: mctp i2c: handle NULL header address (bsc#1233523).
- CVE-2024-53048: ice: fix crash on probe for DPLL enabled E810 LOM (bsc#1233721).
- CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547).
- CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550).
- CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568).
- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).
- CVE-2024-53079: mm/thp: fix deferred split unqueue naming and locking (bsc#1233570).
- CVE-2024-53082: virtio_net: Add hash_key_length check (bsc#1233573).
- CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642).
- CVE-2024-53110: vp_vdpa: fix id_table array not null terminated error (bsc#1234085).
- CVE-2024-53121: net/mlx5: fs, lock FTE when checking if active (bsc#1234078).
- CVE-2024-53138: net/mlx5e: kTLS, Fix incorrect page refcounting (bsc#1234223).
The following non-security bugs were fixed:
- 9p: explicitly deny setlease attempts (git-fixes).
- ACPI: CPPC: Add support for setting EPP register in FFH (stable-fixes).
- ACPI: CPPC: Fix _CPC register setting issue (git-fixes).
- ACPI: CPPC: Make rmw_lock a raw_spin_lock (git-fixes).
- ACPI: EC: Do not release locks during operation region accesses (stable-fixes).
- ACPI: PAD: fix crash in exit_round_robin() (stable-fixes).
- ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes).
- ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git-fixes).
- ACPI: battery: Fix possible crash when unregistering a battery hook (git-fixes).
- ACPI: battery: Simplify battery hook locking (stable-fixes).
- ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue (stable-fixes).
- ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable-fixes).
- ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes).
- ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes).
- ACPICA: iasl: handle empty connection_node (stable-fixes).
- ALSA/hda: intel-sdw-acpi: cleanup sdw_intel_scan_controller (stable-fixes).
- ALSA/hda: intel-sdw-acpi: fetch fwnode once in sdw_intel_scan_controller() (stable-fixes).
- ALSA/hda: intel-sdw-acpi: simplify sdw-master-count property read (stable-fixes).
- ALSA: 6fire: Release resources at card release (git-fixes).
- ALSA: Reorganize kerneldoc parameter names (stable-fixes).
- ALSA: ac97: bus: Fix the mistake in the comment (git-fixes).
- ALSA: asihpi: Fix potential OOB array access (stable-fixes).
- ALSA: caiaq: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ALSA: core: add isascii() check to card ID generator (stable-fixes).
- ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes).
- ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() (git-fixes).
- ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable-fixes).
- ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes).
- ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes).
- ALSA: hda/conexant: fix Z60MR100 startup pop issue (stable-fixes).
- ALSA: hda/conexant: fix some typos (stable-fixes).
- ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes).
- ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (bsc#1219803).
- ALSA: hda/realtek - Fixed Clevo platform headset Mic issue (stable-fixes).
- ALSA: hda/realtek - update set GPIO3 to default for Thinkpad with ALC1318 (git-fixes).
- ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 (stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 (stable-fixes).
- ALSA: hda/realtek: Add support for Samsung Galaxy Book3 360 (NP730QFG) (stable-fixes).
- ALSA: hda/realtek: Apply quirk for Medion E15433 (bsc#1233298).
- ALSA: hda/realtek: Enable mic on Vaio VJFH52 (stable-fixes).
- ALSA: hda/realtek: Enable mute and micmute LED on HP ProBook 430 G8 (stable-fixes).
- ALSA: hda/realtek: Enable speaker pins for Medion E15443 platform (bsc#1233298).
- ALSA: hda/realtek: Fix Internal Speaker and Mic boost of Infinix Y4 Max (bsc#1233298).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 (stable-fixes).
- ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes).
- ALSA: hda/realtek: Limit internal Mic boost on Dell platform (stable-fixes).
- ALSA: hda/realtek: Refactor and simplify Samsung Galaxy Book init (stable-fixes).
- ALSA: hda/realtek: Set PCBeep to default value for ALC274 (stable-fixes).
- ALSA: hda/realtek: Update ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Update ALC256 depop procedure (git-fixes).
- ALSA: hda/realtek: Update default depop procedure (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LED for HP mt645 G8 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 (stable-fixes).
- ALSA: hda/realtek: tas2781: Fix ROG ALLY X audio (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo Y990 Laptop (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects (stable-fixes).
- ALSA: hda/tas2781: select CRC32 instead of CRC32_SARWATE (git-fixes).
- ALSA: hda: Poll jack events for LS7A HD-Audio (stable-fixes).
- ALSA: hda: Show the codec quirk info at probing (stable-fixes).
- ALSA: hda: Sound support for HP Spectre x360 16 inch model 2024 (stable-fixes).
- ALSA: hda: tas2781: Fix missing setup at runtime PM (bsc#1230132).
- ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes).
- ALSA: ice1712: Remove redundant code in stac9460_dac_vol_put (stable-fixes).
- ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes).
- ALSA: line6: update contact information (stable-fixes).
- ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes).
- ALSA: pcm: Add sanity NULL check for the default mmap fault handler (stable-fixes).
- ALSA: silence integer wrapping warning (stable-fixes).
- ALSA: ump: Fix evaluation of MIDI 1.0 FB info (git-fixes).
- ALSA: us122l: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ALSA: usb-audio: Add Pioneer DJ/AlphaTheta DJM-A9 Mixer (stable-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes).
- ALSA: usb-audio: Add input value sanity checks for standard types (stable-fixes).
- ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes).
- ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes).
- ALSA: usb-audio: Add quirk for HP 320 FHD Webcam (bsc#1232768).
- ALSA: usb-audio: Add quirks for Dell WD19 dock (stable-fixes).
- ALSA: usb-audio: Define macros for quirk table entries (stable-fixes).
- ALSA: usb-audio: Fix Yamaha P-125 Quirk Entry (stable-fixes).
- ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (stable-fixes).
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (git-fixes).
- ALSA: usb-audio: Make mic volume workarounds globally applicable (stable-fixes).
- ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes).
- ALSA: usb-audio: Use snprintf instead of sprintf in build_mixer_unit_ctl (stable-fixes).
- ALSA: usb-audio: add mixer mapping for Corsair HS80 (stable-fixes).
- ALSA: usx2y: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ASoC: Intel: avs: da7219: Remove suspend_pre() and resume_post() (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated codec (stable-fixes).
- ASoC: Intel: sst: Fix used of uninitialized ctx to log an error (git-fixes).
- ASoC: Intel: sst: Support LPE0F28 ACPI HID (stable-fixes).
- ASoC: SOF: Add i2s bt dai configuration support for AMD platforms (bsc#1233305).
- ASoC: SOF: Add support for configuring PDM interface from topology (bsc#1233305).
- ASoC: SOF: Deprecate invalid enums in IPC3 (bsc#1233305).
- ASoC: SOF: IPC4: get pipeline priority from topology (bsc#1233305).
- ASoC: SOF: IPC4: synchronize fw_config_params with fw definitions (bsc#1233305).
- ASoC: SOF: Refactor sof_i2s_tokens reading to update acpbt dai (bsc#1233305).
- ASoC: SOF: Rename amd_bt sof_dai_type (bsc#1233305).
- ASoC: SOF: Wire up buffer flags (bsc#1233305).
- ASoC: SOF: add alignment for topology header file struct definition (bsc#1233305).
- ASoC: SOF: align topology header file with sof topology header (bsc#1233305).
- ASoC: SOF: ipc3-topology: Convert the topology pin index to ALH dai index (git-fixes).
- ASoC: SOF: ipc3-topology: fix resource leaks in sof_ipc3_widget_setup_comp_dai() (git-fixes).
- ASoC: SOF: ipc4-control: Add support for ALSA enum control (bsc#1233305).
- ASoC: SOF: ipc4-control: Add support for ALSA switch control (bsc#1233305).
- ASoC: SOF: ipc4-mtrace: move debug slot related definitions to header.h (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add deep buffer size to debug prints (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add definition for generic switch/enum control (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add module ID print during module set up (bsc#1233305).
- ASoC: SOF: ipc4-topology: Helper to find an swidget by module/instance id (bsc#1233305).
- ASoC: SOF: ipc4-topology: Only handle dai_config with HW_PARAMS for ChainDMA (bsc#1233305).
- ASoC: SOF: ipc4-topology: change chain_dma handling in dai_config (bsc#1233305).
- ASoC: SOF: ipc4-topology: export sof_ipc4_copier_is_single_format (bsc#1233305).
- ASoC: SOF: ipc4-topology: set config_length based on device_count (bsc#1233305).
- ASoC: SOF: ipc4: Add data struct for module notification message from firmware (bsc#1233305).
- ASoC: SOF: ipc4: Add new message type: SOF_IPC4_GLB_LOAD_LIBRARY_PREPARE (bsc#1233305).
- ASoC: SOF: sof-client-probes-ipc4: Set param_size extension bits (git-fixes).
- ASoC: SOF: topology: Parse DAI type token for dspless mode (bsc#1233305).
- ASoC: SOF: topology: dynamically allocate and store DAI widget->private (bsc#1233305).
- ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA (stable-fixes).
- ASoC: amd: yc: Add quirk for HP Dragonfly pro one (stable-fixes).
- ASoC: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry (git-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA (stable-fixes).
- ASoC: amd: yc: Support dmic on another model of Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022 (stable-fixes).
- ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is uninitialized (git-fixes).
- ASoC: audio-graph-card2: Purge absent supplies for device tree nodes (stable-fixes).
- ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() (git-fixes).
- ASoC: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes).
- ASoC: codecs: rt5640: Always disable IRQs from rt5640_cancel_work() (stable-fixes).
- ASoC: codecs: wsa883x: Handle reading version failure (stable-fixes).
- ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() (git-fixes).
- ASoC: dapm: fix bounds checker error in dapm_widget_list_create (git-fixes).
- ASoC: fsl_micfil: Add sample rate constraint (stable-fixes).
- ASoC: fsl_micfil: fix regmap_write_bits usage (git-fixes).
- ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit (stable-fixes).
- ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git-fixes).
- ASoC: max98388: Fix missing increment of variable slot_found (git-fixes).
- ASoC: mediatek: mt8188-mt6359: Remove hardcoded dmic codec (git-fixes).
- ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string (stable-fixes).
- ASoC: rt722-sdca: Remove logically deadcode in rt722-sdca.c (git-fixes).
- ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue (stable-fixes).
- ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove (git-fixes).
- ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() (stable-fixes).
- ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() (stable-fixes).
- ASoC: tas2781: Add new driver version for tas2563 & tas2781 qfn chip (stable-fixes).
- ASoC: tas2781: Use of_property_read_reg() (stable-fixes).
- Bluetooth: Call iso_exit() on module unload (git-fixes).
- Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (git-fixes).
- Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git-fixes).
- Bluetooth: Remove debugfs directory on module init failure (git-fixes).
- Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes).
- Bluetooth: btintel: Direct exception event to bluetooth stack (git-fixes).
- Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test (bsc#1230557)
- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 (stable-fixes).
- Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git-fixes).
- Bluetooth: fix use-after-free in device_for_each_child() (git-fixes).
- Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (git-fixes).
- Bluetooth: hci_core: Fix calling mgmt_device_connected (git-fixes).
- Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes).
- Documentation: kgdb: Correct parameter error (git-fixes).
- HID: Ignore battery for all ELAN I2C-HID devices (stable-fixes).
- HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes).
- HID: core: zero-initialize the report buffer (git-fixes).
- HID: i2c-hid: Remove I2C_HID_QUIRK_SET_PWR_WAKEUP_DEV quirk (stable-fixes).
- HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard (stable-fixes).
- HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad (stable-fixes).
- HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad (stable-fixes).
- HID: multitouch: Add support for B2402FVA track point (stable-fixes).
- HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable-fixes).
- HID: multitouch: Add support for lenovo Y9000P Touchpad (stable-fixes).
- HID: plantronics: Workaround for an unexcepted opposite volume key (stable-fixes).
- HID: wacom: Interpret tilt data from Intuos Pro BT as signed values (git-fixes).
- HID: wacom: fix when get product name maybe null pointer (git-fixes).
- Input: adp5589-keys - fix NULL pointer dereference (git-fixes).
- Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes).
- Input: edt-ft5x06 - fix regmap leak when probe fails (git-fixes).
- Input: hideep - add missing dependency on REGMAP_I2C (git-fixes).
- Input: hycon-hy46xx - add missing dependency on REGMAP_I2C (git-fixes).
- Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line (stable-fixes).
- Input: xpad - add GameSir T4 Kaleid Controller support (git-fixes).
- Input: xpad - add GameSir VID for Xbox One controllers (git-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2C Wireless Controller (git-fixes).
- Input: xpad - add support for MSI Claw A1M (git-fixes).
- Input: xpad - add support for Machenike G5 Pro Controller (git-fixes).
- Input: xpad - fix support for some third-party controllers (git-fixes).
- Input: xpad - sort xpad_device by vendor and product ID (git-fixes).
- Input: xpad - spelling fixes for "Xbox" (git-fixes).
- KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git-fixes).
- KVM: PPC: Book3S HV: Avoid returning to nested hypervisor on pending doorbells (bsc#1215199).
- KVM: PPC: Book3S HV: Stop using vc->dpdes for nested KVM guests (bsc#1215199).
- KVM: PPC: Book3S HV: remove unused varible (bsc#1194869).
- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (bsc#1232207).
- KVM: SEV-ES: Prevent MSR access post VMSA encryption (bsc#1232207).
- KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes).
- KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock (git-fixes).
- KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is disabled (git-fixes).
- KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid (git-fixes).
- KVM: Write the per-page "segment" when clearing (part of) a guest page (git-fixes).
- KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232626).
- KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231276).
- KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232623).
- KVM: x86/mmu: Skip emulation on page fault iff 1+ SPs were unprotected (git-fixes).
- KVM: x86/mmu: Trigger unprotect logic only on write-protection page faults (git-fixes).
- KVM: x86: Dedup fastpath MSR post-handling logic (git-fixes).
- KVM: x86: Enforce x2APIC's must-be-zero reserved ICR bits (git-fixes).
- KVM: x86: Exit to userspace if fastpath triggers one on instruction skip (git-fixes).
- KVM: x86: Move x2APIC ICR helper above kvm_apic_write_nodecode() (git-fixes).
- KVM: x86: Re-enter guest if WRMSR(X2APIC_ICR) fastpath is successful (git-fixes).
- KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).
- NFS: Avoid unnecessary rescanning of the per-server delegation list (git-fixes).
- NFS: remove revoked delegation from server's delegation list (git-fixes).
- NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes).
- NFSD: Mark filecache "down" if init fails (git-fixes).
- NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016).
- NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes).
- PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes).
- PCI: Add T_PVPERL macro (git-fixes).
- PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes).
- PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019).
- PCI: Fix reset_method_store() memory leak (git-fixes).
- PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes).
- PCI: endpoint: Clear secondary (not primary) EPC in pci_epc_remove_epf() (git-fixes).
- PCI: j721e: Deassert PERST# after a delay of PCIE_T_PVPERL_MS milliseconds (git-fixes).
- PCI: keystone: Add link up check to ks_pcie_other_map_bus() (git-fixes).
- PCI: keystone: Set mode as Root Complex for "ti,keystone-pcie" compatible (git-fixes).
- PCI: rockchip-ep: Fix address translation unit programming (git-fixes).
- RAS/AMD/ATL: Add amd_atl pr_fmt() prefix (jsc#PED-10559).
- RAS/AMD/ATL: Expand helpers for adding and removing base and hole (jsc#PED-10559).
- RAS/AMD/ATL: Implement DF 4.5 NP2 denormalization (jsc#PED-10559).
- RAS/AMD/ATL: Read DRAM hole base early (jsc#PED-10559).
- RAS/AMD/ATL: Validate address map when information is gathered (jsc#PED-10559).
- RDMA/bnxt_re: Add a check for memory allocation (git-fixes)
- RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop (git-fixes)
- RDMA/bnxt_re: Change the sequence of updating the CQ toggle value (git-fixes)
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (git-fixes)
- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes)
- RDMA/bnxt_re: Fix a possible memory leak (git-fixes)
- RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes)
- RDMA/bnxt_re: Fix incorrect dereference of srq in async event (git-fixes)
- RDMA/bnxt_re: Fix out of bound check (git-fixes)
- RDMA/bnxt_re: Fix the GID table length (git-fixes)
- RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes)
- RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes)
- RDMA/bnxt_re: Return more meaningful error (git-fixes)
- RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes)
- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)
- RDMA/cxgb4: Dump vendor specific QP details (git-fixes)
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes)
- RDMA/hns: Add mutex_destroy() (git-fixes)
- RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes)
- RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (git-fixes)
- RDMA/hns: Fix an AEQE overflow error caused by untimely update of eq_db_ci (git-fixes)
- RDMA/hns: Fix cpu stuck caused by printings during reset (git-fixes)
- RDMA/hns: Fix different dgids mapping to the same dip_idx (git-fixes)
- RDMA/hns: Fix flush cqe error when racing with destroy qp (git-fixes)
- RDMA/hns: Fix out-of-order issue of requester when setting FENCE (git-fixes)
- RDMA/hns: Use dev_* printings in hem code instead of ibdev_* (git-fixes)
- RDMA/hns: Use macro instead of magic number (git-fixes)
- RDMA/irdma: Fix misspelling of "accept*" (git-fixes)
- RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes)
- RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes).
- RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes).
- RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (git-fixes)
- RDMA/mlx5: Move events notifier registration to be after device registration (git-fixes)
- RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git-fixes)
- RDMA/mlx5: Use sq timestamp as QP timestamp when RoCE is disabled (git-fixes).
- RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git-fixes)
- RDMA/rxe: Fix the qp flush warnings in req (git-fixes)
- RDMA/rxe: Set queue pair cur_qp_state when being queried (git-fixes)
- RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES (git-fixes)
- RDMA/srpt: Make slab cache names unique (git-fixes)
- Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" (bsc#1228269).
- Revert "ALSA: hda: Conditionally use snooping for AMD HDMI" (stable-fixes).
- Revert "KEYS: encrypted: Add check for strsep" (git-fixes).
- Revert "KVM: PPC: Book3S HV Nested: Stop forwarding all HFUs to L1" (bsc#1215199).
- Revert "RDMA/core: Fix ENODEV error for iWARP test over vlan" (git-fixes)
- Revert "cgroup: Fix memory leak caused by missing cgroup_bpf_offline" (bsc#1234108).
- Revert "cpufreq: brcmstb-avs-cpufreq: Fix initial command check" (stable-fixes).
- Revert "driver core: Fix uevent_show() vs driver detach race" (git-fixes).
- Revert "ixgbe: Manual AN-37 for troublesome link partners for X550 SFI" (git-fixes).
- Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" (git-fixes).
- Revert "ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path" (git-fixes).
- Revert "usb: gadget: composite: fix OS descriptors w_value logic" (git-fixes).
- Revert "wifi: iwlwifi: remove retry loops in start" (git-fixes).
- SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes).
- SUNRPC: Fixup gss_status tracepoint error output (git-fixes).
- SUNRPC: Remove BUG_ON call sites (git-fixes).
- SUNRPC: clnt.c: Remove misleading comment (git-fixes).
- USB: appledisplay: close race between probe and completion handler (git-fixes).
- USB: chaoskey: Fix possible deadlock chaoskey_list_lock (git-fixes).
- USB: chaoskey: fail open after removal (git-fixes).
- USB: gadget: dummy-hcd: Fix "task hung" problem (git-fixes).
- USB: misc: cypress_cy7c63: check for short transfer (git-fixes).
- USB: misc: yurex: fix race between read and write (git-fixes).
- USB: serial: ftdi_sio: Fix atomicity violation in get_serial_info() (git-fixes).
- USB: serial: io_edgeport: fix use after free in debug printk (git-fixes).
- USB: serial: option: add Fibocom FG132 0x0112 composition (stable-fixes).
- USB: serial: option: add Quectel RG650V (stable-fixes).
- USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes).
- USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes).
- USB: serial: qcserial: add support for Sierra Wireless EM86xx (stable-fixes).
- accel/qaic: Fix the for loop used to walk SG table (git-fixes).
- accel: Use XArray instead of IDR for minors (jsc#PED-11580).
- acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block() (git-fixes).
- ad7780: fix division by zero in ad7780_write_raw() (git-fixes).
- aes-gcm-p10: Use the correct bit to test for P10 (bsc#1232704).
- amd-pstate: Set min_perf to nominal_perf for active mode performance gov (git-fixes).
- apparmor: fix 'Do simple duplicate message elimination' (git-fixes).
- apparmor: test: Fix memory leak for aa_unpack_strdup() (git-fixes).
- apparmor: use kvfree_sensitive to free data->data (git-fixes).
- arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 (git-fixes)
- arm64: cputype: Add Neoverse-N3 definitions (git-fixes)
- arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Fix SD regulator startup delay (git-fixes)
- arm64: dts: freescale: imx8mp-verdin: Fix SD regulator startup delay (git-fixes)
- arm64: dts: imx8-ss-vpu: Fix imx8qm VPU IRQs (git-fixes)
- arm64: dts: imx8qxp: Add VPU subsystem file (git-fixes)
- arm64: dts: imx93: add nvmem property for eqos (git-fixes)
- arm64: dts: imx93: add nvmem property for fec1 (git-fixes)
- arm64: dts: imx93: add ocotp node (git-fixes)
- arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus (git-fixes)
- arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes (git-fixes)
- arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes)
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes)
- arm64: dts: rockchip: Fix bluetooth properties on rk3566 box demo (git-fixes)
- arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes (git-fixes)
- arm64: dts: rockchip: Fix rt5651 compatible value on (git-fixes)
- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 (git-fixes)
- arm64: dts: rockchip: Fix wakeup prop names on PineNote BT node (git-fixes)
- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma (git-fixes)
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes)
- arm64: dts: rockchip: Remove undocumented supports-emmc property (git-fixes)
- arm64: dts: rockchip: fix i2c2 pinctrl-names property on (git-fixes)
- arm64: dts: rockchip: remove num-slots property from (git-fixes)
- arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone (git-fixes)
- arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a (git-fixes).
- arm64: errata: Expand speculative SSBS workaround once more (git-fixes)
- arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes)
- arm64: fix .data.rel.ro size assertion when CONFIG_LTO_CLANG (git-fixes)
- arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS (git-fixes).
- arm64: probes: Fix simulate_ldr*_literal() (git-fixes)
- arm64: probes: Fix uprobes for big-endian kernels (git-fixes)
- arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes)
- arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint (git-fixes)
- arm64: smccc: replace custom COUNT_ARGS() & CONCATENATE() (git-fixes)
- arm64: tegra: Move AGX Orin nodes to correct location (git-fixes)
- arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (git-fixes)
- ata: libata: Set DID_TIME_OUT for commands that actually timed out (git-fixes).
- ata: libata: avoid superfluous disk spin down + spin up during hibernation (git-fixes).
- audit: do not WARN_ON_ONCE(!current->mm) in audit_exe_compare() (git-fixes).
- audit: do not take task_lock() in audit_exe_compare() code path (git-fixes).
- block: print symbolic error name instead of error code (bsc#1231872).
- block: sed-opal: add ioctl IOC_OPAL_SET_SID_PW (bsc#1229677).
- bnxt_en: Cap the size of HWRM_PORT_PHY_QCFG forwarded response (git-fixes).
- bnxt_en: Fix error recovery for 5760X (P7) chips (git-fixes).
- bnxt_en: Fix the PCI-AER routines (git-fixes).
- bnxt_en: Restore PTP tx_avail count in case of skb_pad() error (git-fixes).
- bnxt_en: refactor reset close code (git-fixes).
- bpf, arm64: Fix address emission with tag-based KASAN enabled (git-fixes)
- bpf, arm64: Remove garbage frame for struct_ops trampoline (git-fixes)
- bpf, lsm: Add disabled BPF LSM hook list (git-fixes).
- bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes).
- bpf, sockmap: SK_DROP on attempted redirects of unsupported af_vsock (git-fixes).
- bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes).
- bpf, vsock: Drop static vsock_bpf_prot initialization (git-fixes).
- bpf, x64: Remove tail call detection (git-fixes).
- bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes).
- bpf: Fail verification for sign-extension of packet data/data_end/data_meta (git-fixes).
- bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes).
- bpf: Fix error message on kfunc arg type mismatch (git-fixes).
- bpf: Fix helper writes to read-only maps (git-fixes).
- bpf: Fix tailcall cases in test_bpf (git-fixes).
- bpf: Fix truncation bug in coerce_reg_to_size_sx() (git-fixes).
- bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes).
- bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git-fixes).
- bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes).
- bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes).
- btf, scripts: rust: drop is_rust_module.sh (bsc#1230414 bsc#1229450).
- btrfs: merge btrfs_orig_bbio_end_io() into btrfs_bio_end_io() (bsc#1233193)
- btrfs: send: fix invalid clone operation for file that got its size decreased (git-fixes).
- can: c_can: c_can_handle_bus_err(): update statistics if skb allocation fails (git-fixes).
- can: c_can: fix {rx,tx}_errors statistics (git-fixes).
- can: dev: can_set_termination(): allow sleeping GPIOs (git-fixes).
- can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: hi311x: hi3110_can_ist(): fix potential use-after-free (git-fixes).
- can: hi311x: hi3110_can_ist(): fix {rx,tx}_errors statistics (git-fixes).
- can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: j1939: j1939_session_new(): fix skb reference counting (git-fixes).
- can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation (git-fixes).
- can: mcp251xfd: mcp251xfd_get_tef_len(): work around erratum DS80000789E 6 (git-fixes).
- can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes (git-fixes).
- can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode (stable-fixes).
- can: sja1000: sja1000_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (git-fixes).
- can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (git-fixes).
- ceph: fix cap ref leak via netfs init_request (bsc#1231384).
- cgroup/bpf: only cgroup v2 can be attached by bpf programs (bsc#1234108).
- clk: bcm: bcm53573: fix OF node leak in init (stable-fixes).
- clk: clk-apple-nco: Add NULL check in applnco_probe (git-fixes).
- clk: clk-axi-clkgen: make sure to enable the AXI bus clock (git-fixes).
- clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (stable-fixes).
- clk: imx: clk-scu: fix clk enable state save and restore (git-fixes).
- clk: imx: fracn-gppll: correct PLL initialization flow (git-fixes).
- clk: imx: fracn-gppll: fix pll power up (git-fixes).
- clk: imx: lpcg-scu: SW workaround for errata (e10858) (git-fixes).
- clk: qcom: clk-alpha-pll: drop lucid-evo pll enabled warning (git-fixes).
- clk: qcom: clk-alpha-pll: fix lucid 5lpe pll enabled check (git-fixes).
- clk: qcom: gcc-qcs404: fix initial rate of GPLL3 (git-fixes).
- clk: renesas: rzg2l: Fix FOUTPOSTDIV clk (git-fixes).
- clk: sunxi-ng: d1: Fix PLL_AUDIO0 preset (git-fixes).
- comedi: Flush partial mappings in error case (git-fixes).
- comedi: ni_routing: tools: Check when the file could not be opened (stable-fixes).
- config s390x: build ultravisor userspace access into the kernel (bsc#1232090).
- config.sh: Remove Arm build project, we do not build armv7 configs
- config: Disable LAM on x86 (bsc#1217845).
- cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw() (git-fixes).
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_cost() (git-fixes).
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_power() (git-fixes).
- cpufreq: loongson2: Unregister platform_driver on failure (git-fixes).
- cpufreq: mediatek-hw: Fix wrong return value in mtk_cpufreq_get_cpu_power() (git-fixes).
- crypto: aes-gcm-p10 - Use the correct bit to test for P10 (bsc#1232704).
- crypto: api - Fix liveliness check in crypto_alg_tested (stable-fixes).
- crypto: bcm - add error check in the ahash_hmac_init function (git-fixes).
- crypto: caam - Fix the pointer passed to caam_qi_shutdown() (git-fixes).
- crypto: caam - add error check to caam_rsa_set_priv_key_form (git-fixes).
- crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() (git-fixes).
- crypto: cavium - Fix the if condition to exit loop after timeout (git-fixes).
- crypto: hisilicon/qm - flush all work before driver removed (bsc#1232075)
- crypto: inside-secure - Fix the return value of safexcel_xcbcmac_cra_init() (git-fixes).
- crypto: octeontx - Fix authenc setkey (stable-fixes).
- crypto: octeontx* - Select CRYPTO_AUTHENC (git-fixes).
- crypto: octeontx2 - Fix authenc setkey (stable-fixes).
- crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (git-fixes).
- crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMD and re-enable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched implementation (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Register modules as SIMD (bsc#1230501 ltc#208632).
- crypto: qat - remove check after debugfs_create_dir() (git-fixes).
- crypto: qat - remove faulty arbiter config reset (git-fixes).
- crypto: qat/qat_4xxx - fix off by one in uof_get_name() (git-fixes).
- crypto: x86/aegis128 - access 32-bit arguments as 32-bit (git-fixes).
- cxgb4: Properly lock TX queue for the selftest (git-fixes).
- cxgb4: add forgotten u64 ivlan cast before shift (git-fixes).
- cxgb4: unnecessary check for 0 in the free_sge_txq_uld() function (git-fixes).
- cxl: downgrade a warning message to debug level in cxl_probe_component_regs() (bsc#1229165).
- dcache: keep dentry_hashtable or d_hash_shift even when not used (git-fixes).
- debugfs: fix automount d_fsdata usage (git-fixes).
- devlink: Fix command annotation documentation (git-fixes).
- dma-fence: Fix reference leak on fence merge failure path (git-fixes).
- dma-fence: Use kernel's sort for merging fences (git-fixes).
- dmaengine: sh: rz-dmac: handle configs where one address is zero (git-fixes).
- dmaengine: ti: k3-udma: Set EOP for all TRs in cyclic BCDMA transfer (git-fixes).
- doc: rcu: update printed dynticks counter bits (git-fixes).
- driver core: bus: Fix double free in driver API bus_register() (stable-fixes).
- driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes).
- drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend() (git-fixes).
- drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes).
- drm/amd/display: Add HDMI DSC native YCbCr422 support (stable-fixes).
- drm/amd/display: Add disable timeout option (bsc#1231435)
- drm/amd/display: Adjust VSDB parser for replay feature (stable-fixes).
- drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944)
- drm/amd/display: Check null pointer before dereferencing se (stable-fixes).
- drm/amd/display: Clean up dsc blocks in accelerated mode (stable-fixes).
- drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (stable-fixes).
- drm/amd/display: Fix brightness level not retained over reboot (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp (git-fixes).
- drm/amd/display: Remove a redundant check in authenticated_dp (stable-fixes).
- drm/amd/display: Revert "Check HDCP returned status" (stable-fixes).
- drm/amd/display: Round calculated vtotal (stable-fixes).
- drm/amd/display: Skip to enable dsc if it has been off (stable-fixes).
- drm/amd/display: Validate backlight caps are sane (stable-fixes).
- drm/amd/pm: Vangogh: Fix kernel memory out of bounds write (git-fixes).
- drm/amd: Add some missing straps from NBIO 7.11.0 (git-fixes).
- drm/amd: Fix initialization mistake for NBIO 7.7.0 (stable-fixes).
- drm/amd: Guard against bad data for ATIF ACPI method (git-fixes).
- drm/amdgpu/swsmu: Only force workload setup on init (git-fixes).
- drm/amdgpu/vcn: enable AV1 on both instances (stable-fixes).
- drm/amdgpu: Adjust debugfs eviction and IB access permissions (stable-fixes).
- drm/amdgpu: Adjust debugfs register access permissions (stable-fixes).
- drm/amdgpu: Fix DPX valid mode check on GC 9.4.3 (git-fixes).
- drm/amdgpu: Fix JPEG v4.0.3 register write (git-fixes).
- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (stable-fixes).
- drm/amdgpu: fix check in gmc_v9_0_get_vm_pte() (git-fixes).
- drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (git-fixes).
- drm/amdkfd: Accounting pdd vram_usage for svm (stable-fixes).
- drm/amdkfd: Fix wrong usage of INIT_WORK() (git-fixes).
- drm/bridge: anx7625: Drop EDID cache on bridge power off (git-fixes).
- drm/bridge: it6505: Drop EDID cache on bridge power off (git-fixes).
- drm/bridge: tc358767: Fix link properties discovery (git-fixes).
- drm/bridge: tc358768: Fix DSI command tx (git-fixes).
- drm/etnaviv: Request pages from DMA32 zone on addressing_limited (git-fixes).
- drm/etnaviv: hold GPU lock across perfmon sampling (git-fixes).
- drm/i915/gem: fix bitwise and logical AND mixup (git-fixes).
- drm/i915/hdcp: fix connector refcounting (git-fixes).
- drm/imx/dcss: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/mediatek: Fix child node refcount handling in early exit (git-fixes).
- drm/mediatek: Fix get efuse issue for MT8188 DPTX (git-fixes).
- drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused (git-fixes).
- drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/msm/dpu: cast crtc_clk calculation to u64 in _dpu_core_perf_calc_clk() (git-fixes).
- drm/msm/dpu: check for overflow in _dpu_crtc_setup_lm_bounds() (git-fixes).
- drm/msm/dpu: do not always program merge_3d block (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on MSM8998 (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on SDM845 (git-fixes).
- drm/msm/dpu: make sure phys resources are properly initialized (git-fixes).
- drm/msm/dpu: move CRTC resource assignment to dpu_encoder_virt_atomic_check (git-fixes).
- drm/msm/dpu: on SDM845 move DSPP_3 to LM_5 block (git-fixes).
- drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes).
- drm/msm/dsi: improve/fix dsc pclk calculation (git-fixes).
- drm/msm/gpu: Check the status of registration to PM QoS (git-fixes).
- drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes).
- drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes).
- drm/msm: Fix some typos in comment (git-fixes).
- drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() (git-fixes).
- drm/omap: Fix locking in omap_gem_new_dmabuf() (git-fixes).
- drm/omap: Fix possible NULL dereference (git-fixes).
- drm/panfrost: Add missing OPP table refcnt decremental (git-fixes).
- drm/panfrost: Remove unused id_mask from struct panfrost_model (git-fixes).
- drm/radeon: Fix encoder->possible_clones (git-fixes).
- drm/rockchip: vop: Fix a dereferenced before check warning (git-fixes).
- drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes).
- drm/sched: Always wake up correct scheduler in drm_sched_entity_push_job (git-fixes).
- drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes).
- drm/sti: avoid potential dereference of error pointers (git-fixes).
- drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check (git-fixes).
- drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check (git-fixes).
- drm/v3d: Address race-condition in MMU flush (git-fixes).
- drm/v3d: Enable Performance Counters before clearing them (git-fixes).
- drm/v3d: Stop the active perfmon before being destroyed (git-fixes).
- drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA (stable-fixes).
- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_atomic_flush (git-fixes).
- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_lut_load (git-fixes).
- drm/vc4: Stop the active perfmon before being destroyed (git-fixes).
- drm/vc4: hdmi: Avoid hang with debug registers when suspended (git-fixes).
- drm/vc4: hvs: Correct logic on stopping an HVS channel (git-fixes).
- drm/vc4: hvs: Do not write gamma luts on 2711 (git-fixes).
- drm/vc4: hvs: Fix dlist debug not resetting the next entry pointer (git-fixes).
- drm/vc4: hvs: Remove incorrect limit from hvs_dlist debugfs function (git-fixes).
- drm/vkms: Drop unnecessary call to drm_crtc_cleanup() (git-fixes).
- drm/vmwgfx: Handle surface check failure correctly (git-fixes).
- drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS (stable-fixes).
- drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes).
- drm: Expand max DRM device number to full MINORBITS (jsc#PED-11580).
- drm: Use XArray instead of IDR for minors (jsc#PED-11580).
- drm: use ATOMIC64_INIT() for atomic64_t (git-fixes).
- drm: xlnx: zynqmp_dpsub: fix hotplug detection (git-fixes).
- drm: zynqmp_kms: Unplug DRM device before removal (git-fixes).
- dwc2: Drop USB dwc2 patch that caused a regression on RPi3 (bsc#1232342)
- e1000e: Fix S0ix residency on corporate systems (git-fixes).
- e1000e: Remove Meteor Lake SMBUS workarounds (git-fixes).
- e1000e: change I219 (19) devices to ADP (git-fixes).
- e1000e: fix force smbus during suspend flow (git-fixes).
- e1000e: move force SMBUS near the end of enable_ulp function (git-fixes).
- efi/libstub: Free correct pointer on failure (git-fixes).
- efi/libstub: fix efi_parse_options() ignoring the default command line (git-fixes).
- efi/libstub: zboot.lds: Discard .discard sections (stable-fixes).
- efi/memattr: Ignore table if the size is clearly bogus (bsc#1231465).
- efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes).
- eth: bnxt: fix counting packets discarded due to OOM and netpoll (git-fixes).
- ext4: do not track ranges in fast_commit if inode has inlined data (bsc#1231635).
- ext4: fix fast commit inode enqueueing during a full journal commit (bsc#1231636).
- ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible() (bsc#1231637).
- ext4: fix possible tid_t sequence overflows (bsc#1231634).
- ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201)
- ext4: fix unttached inode after power cut with orphan file feature enabled (bsc#1234009).
- ext4: mark fc as ineligible using an handle in ext4_xattr_set() (bsc#1231640).
- ext4: use handle to mark fc as ineligible in __track_dentry_update() (bsc#1231639).
- f2fs: get out of a repeat loop when getting a locked data page (bsc#1234011).
- fat: fix uninitialized variable (git-fixes).
- fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (stable-fixes).
- fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() (git-fixes).
- fbdev: sisfb: Fix strbuf array overflow (stable-fixes).
- fgraph: Change the name of cpuhp state to "fgraph:online" (git-fixes).
- fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes).
- fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git-fixes).
- filemap: remove use of wait bookmarks (bsc#1224088).
- firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (git-fixes).
- firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() (git-fixes).
- firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (git-fixes).
- firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() (git-fixes).
- firmware: google: Unregister driver_info on failure (git-fixes).
- firmware_loader: Fix possible resource leak in fw_log_firmware_info() (git-fixes).
- fs/9p: drop inodes immediately on non-.L too (git-fixes).
- fs/9p: fix the cache always being enabled on files with qid flags (git-fixes).
- fs/ntfs3: Add more attributes checks in mi_enum_attr() (bsc#1233207)
- fs/ntfs3: Fixed overflow check in mi_enum_attr() (bsc#1233207)
- fs/ntfs3: Sequential field availability check in mi_enum_attr() (bsc#1233207)
- fs: Fix uninitialized value issue in from_kuid and from_kgid (git-fixes).
- genirq/msi: Fix off-by-one error in msi_domain_alloc() (git-fixes).
- goldfish: Fix unused const variable 'goldfish_pipe_acpi_match' (git-fixes).
- gpio: aspeed: Add the flush write to ensure the write complete (git-fixes).
- gpio: aspeed: Use devm_clk api to manage clock source (git-fixes).
- gpio: davinci: fix lazy disable (git-fixes).
- gpio: exar: set value when external pull-up or pull-down is present (git-fixes).
- gpio: zevio: Add missed label initialisation (git-fixes).
- gve: Fix XDP TX completion handling when counters overflow (git-fixes).
- gve: Fix an edge case for TSO skb validity check (git-fixes).
- gve: ignore nonrelevant GSO type bits when processing TSO headers (git-fixes).
- hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes).
- hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes).
- hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (git-fixes).
- hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (adt7470) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (max16065) Fix alarm attributes (git-fixes).
- hwmon: (max16065) Remove use of i2c_match_id() (stable-fixes).
- hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (nct6775) add G15CF to ASUS WMI monitoring list (stable-fixes).
- hwmon: (nct6775-core) Fix overflows seen when writing limit attributes (git-fixes).
- hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (tps23861) Fix reporting of negative temperatures (git-fixes).
- hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die Temperature (git-fixes).
- i2c: core: Setup i2c_adapter runtime-pm before calling device_add() (git-fixes).
- i2c: core: fix lockdep warning for sparsely nested adapter chain (git-fixes).
- i2c: cpm: Remove linux,i2c-index conversion from be32 (git-fixes).
- i2c: designware: do not hold SCL low when I2C_DYNAMIC_TAR_UPDATE is not set (git-fixes).
- i2c: exynos5: Calculate t_scl_l, t_scl_h according to i2c spec (git-fixes).
- i2c: i801: Add lis3lv02d for Dell Precision 3540 (git-fixes).
- i2c: i801: Add lis3lv02d for Dell XPS 15 7590 (git-fixes).
- i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes).
- i2c: i801: add helper i801_restore_regs (git-fixes).
- i2c: ismt: kill transaction in hardware on timeout (git-fixes).
- i2c: ocores: Move system PM hooks to the NOIRQ phase (git-fixes).
- i2c: ocores: Remove #ifdef guards for PM related functions (git-fixes).
- i2c: omap: switch to NOIRQ_SYSTEM_SLEEP_PM_OPS() and RUNTIME_PM_OPS() (git-fixes).
- i2c: omap: wakeup the controller during suspend() callback (git-fixes).
- i2c: rcar: properly format a debug output (git-fixes).
- i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes).
- i2c: stm32f7: perform most of irq job in threaded handler (git-fixes).
- i2c: synquacer: Deal with optional PCLK correctly (git-fixes).
- i2c: synquacer: Remove a clk reference from struct synquacer_i2c (stable-fixes).
- i2c: xiic: Try re-initialization on bus busy timeout (git-fixes).
- i2c: xiic: improve error message when transfer fails to start (stable-fixes).
- i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() (git-fixes).
- i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (stable-fixes).
- i3c: master: svc: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- i40e: Fix XDP program unloading while removing the driver (git-fixes).
- i40e: Report MFS in decimal base instead of hex (git-fixes).
- i40e: fix race condition by adding filter's intermediate sync state (git-fixes).
- iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (git-fixes).
- iavf: Fix TC config comparison with existing adapter TC config (git-fixes).
- ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes).
- ice: Fix checking for unsupported keys on non-tunnel device (git-fixes).
- ice: Fix lldp packets dropping after changing the number of channels (git-fixes).
- ice: Fix netif_is_ice() in Safe Mode (git-fixes).
- ice: Fix package download algorithm (git-fixes).
- ice: Fix recipe read procedure (git-fixes).
- ice: Fix reset handler (git-fixes).
- ice: Flush FDB entries before reset (git-fixes).
- ice: Interpret .set_channels() input differently (git-fixes).
- ice: Rebuild TC queues on VSI queue reconfiguration (git-fixes).
- ice: Reject pin requests with unsupported flags (git-fixes).
- ice: add flag to distinguish reset from .ndo_bpf in XDP rings config (git-fixes).
- ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (git-fixes).
- ice: avoid IRQ collision to fix init failure on ACPI S3 resume (git-fixes).
- ice: clear port vlan config during reset (git-fixes).
- ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins (git-fixes).
- ice: do not bring the VSI up, if it was down before the XDP setup (git-fixes).
- ice: do not busy wait for Rx queue disable in ice_qp_dis() (git-fixes).
- ice: fix 200G PHY types to link speed mapping (git-fixes).
- ice: fix 200G link speed message log (git-fixes).
- ice: fix ICE_LAST_OFFSET formula (git-fixes).
- ice: fix VLAN replay after reset (git-fixes).
- ice: fix VSI lists confusion when adding VLANs (git-fixes).
- ice: fix accounting for filters shared by multiple VSIs (git-fixes).
- ice: fix accounting if a VLAN already exists (git-fixes).
- ice: fix iteration of TLVs in Preserved Fields Area (git-fixes).
- ice: fix page reuse when PAGE_SIZE is over 8k (git-fixes).
- ice: fix reads from NVM Shadow RAM on E830 and E825-C devices (git-fixes).
- ice: fix truesize operations for PAGE_SIZE >= 8192 (git-fixes).
- ice: implement AQ download pkg retry (git-fixes).
- ice: map XDP queues to vectors in ice_vsi_map_rings_to_vectors() (git-fixes).
- ice: remove af_xdp_zc_qps bitmap (git-fixes).
- ice: replace synchronize_rcu with synchronize_net (git-fixes).
- ice: respect netif readiness in AF_XDP ZC related ndo's (git-fixes).
- ice: set correct dst VSI in only LAN filters (git-fixes).
- ice: tc: allow zero flags in parsing tc flower (git-fixes).
- ice: tc: check src_vsi in case of traffic from VF (git-fixes).
- ice: use proper macro for testing bit (git-fixes).
- idpf: Interpret .set_channels() input differently (git-fixes).
- idpf: avoid bloating &idpf_q_vector with big %NR_CPUS (git-fixes).
- idpf: do not enable NAPI and interrupts prior to allocating Rx buffers (git-fixes).
- idpf: do not skip over ethtool tcp-data-split setting (git-fixes).
- idpf: fix UAFs when destroying the queues (git-fixes).
- idpf: fix memleak in vport interrupt configuration (git-fixes).
- idpf: fix memory leaks and crashes while performing a soft reset (git-fixes).
- ieee802154: Fix build error (git-fixes).
- igb: Always call igb_xdp_ring_update_tail() under Tx lock (git-fixes).
- igb: Disable threaded IRQ for igb_msix_other (git-fixes).
- igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes).
- igc: Fix double reset adapter triggered from a single taprio cmd (git-fixes).
- igc: Fix packet still tx after gate close by reducing i226 MAC retry buffer (git-fixes).
- igc: Fix qbv tx latency by setting gtxoffset (git-fixes).
- igc: Fix qbv_config_change_errors logics (git-fixes).
- igc: Fix reset adapter logics when tx mode change (git-fixes).
- igc: Unlock on error in igc_io_resume() (git-fixes).
- iio: Fix fwnode_handle in __fwnode_iio_channel_get_by_name() (git-fixes).
- iio: accel: bma400: Fix uninitialized variable field_value in tap event handling (git-fixes).
- iio: accel: kx022a: Fix raw read format (git-fixes).
- iio: accel: kx022a: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (git-fixes).
- iio: adc: ad7606: Fix typo in the driver name (git-fixes).
- iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer (git-fixes).
- iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ti-lmp92064: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git-fixes).
- iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig (git-fixes).
- iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig (git-fixes).
- iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() (git-fixes).
- iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() (git-fixes).
- iio: gts: Fix uninitialized symbol 'ret' (git-fixes).
- iio: gts: fix infinite loop for gain_to_scaletables() (git-fixes).
- iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes).
- iio: light: al3010: Fix an error handling path in al3010_probe() (git-fixes).
- iio: light: opt3001: add missing full-scale range value (git-fixes).
- iio: light: veml6030: fix ALS sensor resolution (git-fixes).
- iio: light: veml6030: fix IIO device retrieval from embedded device (git-fixes).
- iio: light: veml6030: fix microlux value calculation (git-fixes).
- iio: magnetometer: ak8975: Convert enum->pointer for data in the match tables (stable-fixes).
- iio: magnetometer: ak8975: Fix 'Unexpected device' error (git-fixes).
- iio: magnetometer: ak8975: drop incorrect AK09116 compatible (git-fixes).
- iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- ima: fix buffer overrun in ima_eventdigest_init_common (git-fixes).
- initramfs: avoid filename buffer overrun (bsc#1232436).
- intel_idle: add Granite Rapids Xeon support (bsc#1231630).
- intel_idle: fix ACPI _CST matching for newer Xeon platforms (bsc#1231630).
- io_uring/eventfd: move to more idiomatic RCU free usage (git-fixes).
- io_uring/io-wq: do not allow pinning outside of cpuset (git-fixes).
- io_uring/io-wq: inherit cpuset of cgroup in io worker (git-fixes).
- io_uring/net: harden multishot termination case for recv (git-fixes).
- io_uring/rw: fix cflags posting for single issue multishot read (git-fixes).
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (git-fixes).
- io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN (git-fixes).
- io_uring/sqpoll: close race on waiting for sqring entries (git-fixes).
- io_uring/sqpoll: do not allow pinning outside of cpuset (git-fixes).
- io_uring/sqpoll: do not put cpumask on stack (git-fixes).
- io_uring/sqpoll: retain test for whether the CPU is valid (git-fixes).
- io_uring: check for presence of task_work rather than TIF_NOTIFY_SIGNAL (git-fixes).
- iommu/amd: Allocate the page table root using GFP_KERNEL (git-fixes).
- iommu/amd: Do not set the D bit on AMD v2 table entries (git-fixes).
- iommu/amd: Fix typo of , instead of ; (git-fixes).
- iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes).
- iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices (git-fixes).
- iommufd: Check the domain owner of the parent before creating a nesting domain (git-fixes).
- iommufd: Protect against overflow of ALIGN() during iova allocation (git-fixes).
- irqchip/gic-v3-its: Avoid explicit cpumask allocation on stack (git-fixes).
- jbd2: Move j_transaction_overhead_buffers into a hole (bsc#1234042).
- jbd2: avoid infinite transaction commit loop (bsc#1234039).
- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (bsc#1234043).
- jbd2: avoid mount failed when commit block is partial submitted (bsc#1234040).
- jbd2: correct the printing of write_flags in jbd2_write_superblock() (bsc#1234045).
- jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit (bsc#1231638).
- jbd2: fix kernel-doc for j_transaction_overhead_buffers (bsc#1234042).
- jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev (bsc#1234044).
- jbd2: fix soft lockup in journal_finish_inode_data_buffers() (bsc#1234046).
- jbd2: make jbd2_journal_get_max_txn_bufs() internal (bsc#1234041).
- jbd2: precompute number of transaction descriptor blocks (bsc#1234042).
- jfs: Fix sanity check in dbMount (git-fixes).
- jfs: Fix uaf in dbFreeBits (git-fixes).
- jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes).
- jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes).
- jfs: check if leafidx greater than num leaves per dmap tree (git-fixes).
- jump_label: Fix static_key_slow_dec() yet again (git-fixes).
- kABI fix of VM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).
- kABI workaround for ASoC SOF (bsc#1233305).
- kABI: Restore exported __arm_smccc_sve_check (git-fixes)
- kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes).
- kABI: bpf: struct bpf_insn_acces_aux kABI workaround (git-fixes).
- kabi, mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes kabi).
- kasan: Fix Software Tag-Based KASAN with GCC (git-fixes).
- kasan: move checks to do_strncpy_from_user (git-fixes).
- kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450).
- kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450).
- kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450).
- kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450).
- kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450).
- kconfig: qconf: fix buffer overflow in debug links (git-fixes).
- kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644).
- kexec_file: fix elfcorehdr digest exclusion when CONFIG_CRASH_HOTPLUG=y (git-fixes).
- keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry (git-fixes).
- keys: Fix overwrite of key expiration on instantiation (git-fixes).
- kthread: unpark only parked kthread (git-fixes).
- leds: lp55xx: Remove redundant test for invalid channel number (git-fixes).
- lib/xarray: introduce a new helper xas_get_order (bsc#1231617).
- lib: string_helpers: silence snprintf() output truncation warning (git-fixes).
- mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING (git-fixes).
- macsec: do not increment counters for an unrelated SA (git-fixes).
- mailbox: arm_mhuv2: clean up loop in get_irq_chan_comb() (git-fixes).
- maple_tree: correct tree corruption on spanning store (git-fixes).
- maple_tree: fix alloc node fail issue (git-fixes).
- maple_tree: refine mas_store_root() on storing NULL (git-fixes).
- media: Drop the previous HD-audio TAS2781 fix (bsc#1230132)
- media: adv7604: prevent underflow condition when reporting colorspace (git-fixes).
- media: amphion: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: amphion: Set video drvdata before register video device (git-fixes).
- media: ar0521: do not overflow when checking PLL values (git-fixes).
- media: atomisp: Add check for rgby_data memory allocation failure (git-fixes).
- media: bttv: use audio defaults for winfast2000 (git-fixes).
- media: core: v4l2-ioctl: check if ioctl is known to avoid NULL name (git-fixes).
- media: cx24116: prevent overflows on SNR calculus (git-fixes).
- media: dvb_frontend: do not play tricks with underflow values (git-fixes).
- media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set (stable-fixes).
- media: dvbdev: prevent the risk of out of memory access (git-fixes).
- media: gspca: ov534-ov772x: Fix off-by-one error in set_frame_rate() (git-fixes).
- media: i2c: dw9768: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: i2c: imx335: Enable regulator supplies (stable-fixes).
- media: i2c: tc358743: Fix crash in the probe error path when using polling (git-fixes).
- media: imx-jpeg: Ensure power suppliers be suspended before detach them (git-fixes).
- media: imx-jpeg: Set video drvdata before register video device (git-fixes).
- media: imx335: Fix reset-gpio handling (git-fixes).
- media: mantis: remove orphan mantis_core.h (git-fixes).
- media: mtk-jpeg: Fix null-ptr-deref during unload module (git-fixes).
- media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning (git-fixes).
- media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() (git-fixes).
- media: platform: exynos4-is: Fix an OF node reference leak in fimc_md_is_isp_available (git-fixes).
- media: pulse8-cec: fix data timestamp at pulse8_setup() (git-fixes).
- media: s5p-jpeg: prevent buffer overflows (git-fixes).
- media: stb0899_algo: initialize cfr before using it (git-fixes).
- media: ts2020: fix null-ptr-deref in ts2020_probe() (git-fixes).
- media: uvcvideo: Require entities to have a non-zero unique ID (git-fixes).
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (git-fixes).
- media: uvcvideo: Stop stream during unregister (git-fixes).
- media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() (git-fixes).
- media: v4l2-tpg: prevent the risk of a division by zero (git-fixes).
- media: vb2: Fix comment (git-fixes).
- media: venus: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes).
- media: videobuf2: fix typo: vb2_dbuf -> vb2_qbuf (git-fixes).
- media: wl128x: Fix atomicity violation in fmc_send_cmd() (git-fixes).
- mei: use kvmalloc for read buffer (git-fixes).
- mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- mfd: rt5033: Fix missing regmap_del_irq_chip() (git-fixes).
- mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to fix race (git-fixes).
- minmax: avoid overly complex min()/max() macro arguments in xen (git-fixes).
- minmax: scsi: fix mis-use of 'clamp()' in sr.c (git-fixes).
- misc: apds990x: Fix missing pm_runtime_disable() (git-fixes).
- mlx5: avoid truncating error message (git-fixes).
- mlx5: stop warning for 64KB pages (git-fixes).
- mlxbf_gige: disable RX filters until RX path initialized (git-fixes).
- mm/filemap: optimize filemap folio adding (bsc#1231617).
- mm/filemap: return early if failed to allocate memory for split (bsc#1231617).
- mm/hugetlb: fix nodes huge page allocation when there are surplus pages (bsc#1234012).
- mm: avoid unsafe VMA hook invocation when error arises on mmap hook (git-fixes).
- mm: khugepaged: fix the arguments order in khugepaged_collapse_file trace point (git-fixes).
- mm: mmap: no need to call khugepaged_enter_vma() for stack (jsc#PED-10978).
- mm: move dummy_vm_ops out of a header (git-fixes prerequisity).
- mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes).
- mm: refactor map_deny_write_exec() (git-fixes).
- mm: resolve faulty mmap_region() error path behaviour (git-fixes).
- mm: unconditionally close VMAs on error (git-fixes).
- mmc: core: Further prevent card detect during shutdown (git-fixes).
- mmc: mmc_spi: drop buggy snprintf() (git-fixes).
- mmc: sunxi-mmc: Fix A100 compatible description (git-fixes).
- modpost: fix acpi MODULE_DEVICE_TABLE built with mismatched endianness (git-fixes).
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (git-fixes).
- modpost: remove incorrect code in do_eisa_entry() (git-fixes).
- module: abort module loading when sysfs setup suffer errors (git-fixes).
- mtd: rawnand: atmel: Fix possible memory leak (git-fixes).
- mtd: spi-nor: core: replace dummy buswidth from addr to data (git-fixes).
- nbd: fix race between timeout and normal completion (bsc#1230918).
- net/mlx5: Add missing masks and QoS bit masks for scheduling elements (git-fixes).
- net/mlx5: Added cond_resched() to crdump collection (git-fixes).
- net/mlx5: Check capability for fw_reset (git-fixes).
- net/mlx5: Check for invalid vector index on EQ creation (git-fixes).
- net/mlx5: Explicitly set scheduling element and TSAR type (git-fixes).
- net/mlx5: Fix command bitmask initialization (git-fixes).
- net/mlx5: Fix error handling in irq_pool_request_irq (git-fixes).
- net/mlx5: Lag, do bond only if slaves agree on roce state (git-fixes).
- net/mlx5: Lag, do not use the hardcoded value of the first port (git-fixes).
- net/mlx5: Stop waiting for PCI if pci channel is offline (git-fixes).
- net/mlx5: Unregister notifier on eswitch init failure (git-fixes).
- net/mlx5: Update the list of the PCI supported devices (git-fixes).
- net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (git-fixes).
- net/mlx5e: Add missing link mode to ptys2ext_ethtool_map (git-fixes).
- net/mlx5e: Add missing link modes to ptys2ethtool_map (git-fixes).
- net/mlx5e: Add mqprio_rl cleanup and free in mlx5e_priv_cleanup() (git-fixes).
- net/mlx5e: Correctly report errors for ethtool rx flows (git-fixes).
- net/mlx5e: Do not call cleanup on profile rollback failure (git-fixes).
- net/mlx5e: Fix IPsec tunnel mode offload feature check (git-fixes).
- net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes).
- net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets (git-fixes).
- net/mlx5e: Require mlx5 tc classifier action support for IPsec prio capability (git-fixes).
- net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (git-fixes).
- net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891).
- net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289).
- net: mdio-ipq4019: add missing error check (git-fixes).
- net: phy: Remove LED entry from LEDs list on unregister (git-fixes).
- net: phy: bcm84881: Fix some error handling paths (git-fixes).
- net: phy: dp83822: Fix reset pin definitions (git-fixes).
- net: phy: dp83869: fix memory corruption when enabling fiber (git-fixes).
- net: phy: ti: add PHY_RST_AFTER_CLK_EN flag (git-fixes).
- net: qede: sanitize 'rc' in qede_add_tc_flower_fltr() (git-fixes).
- net: qede: use return from qede_parse_actions() (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flow_spec (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flower (git-fixes).
- net: relax socket state check at accept time (git-fixes).
- net: stmmac: dwmac-tegra: Fix link bring-up sequence (git-fixes)
- net: sysfs: Fix /sys/class/net/<iface> path for statistics (git-fixes).
- net: test for not too small csum_start in virtio_net_hdr_to_skb() (git-fixes).
- net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (git-fixes).
- net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device (git-fixes).
- net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration (git-fixes).
- net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition (stable-fixes).
- net: usb: usbnet: fix name regression (get-fixes).
- net: usb: usbnet: fix race in probe failure (git-fixes).
- net: wwan: fix global oob in wwan_rtnl_policy (git-fixes).
- net: wwan: t7xx: Fix off-by-one error in t7xx_dpmaif_rx_buf_alloc() (git-fixes).
- net: xfrm: preserve kabi for xfrm_state (bsc#1233754).
- netdevsim: copy addresses for both in and out paths (git-fixes).
- netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes).
- netfilter: nf_tables: missing iterator type in lookup walk (git-fixes).
- nfs: Fix KMSAN warning in decode_getfattr_attrs() (git-fixes).
- nfs: avoid i_lock contention in nfs_clear_invalid_mapping (git-fixes).
- nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes).
- nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes).
- nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net (git-fixes).
- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes).
- nfsd: fix refcount leak when file is unhashed after being found (git-fixes).
- nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes).
- nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git-fixes).
- nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234121).
- nfsd: return -EINVAL when namelen is 0 (git-fixes).
- nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git-fixes).
- nilfs2: fix potential deadlock with newly created symlinks (git-fixes).
- nouveau/dmem: Fix privileged error in copy engine channel (git-fixes).
- nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git-fixes).
- nouveau/dp: handle retries for AUX CH transfers with GSP (git-fixes).
- nouveau/gsp: Avoid addressing beyond end of rpc->entries (stable-fixes).
- nouveau: fw: sync dma after setup is called (git-fixes).
- nouveau: handle EBUSY and EAGAIN for GSP aux errors (git-fixes).
- ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes).
- ntfs3: Add bounds checking to mi_enum_attr() (bsc#1233207)
- nvme-fabrics: fix kernel crash while shutting down controller (git-fixes).
- nvme-loop: flush off pending I/O while shutting down loop controller (git-fixes).
- nvme-multipath: suppress partition scan until the disk is ready (bsc#1228244).
- nvme-pci: fix freeing of the HMB descriptor table (git-fixes).
- nvme-pci: fix race condition between reset and nvme_dev_disable() (git-fixes).
- nvme-pci: qdepth 1 quirk (git-fixes).
- nvme-pci: reverse request order in nvme_queue_rqs (git-fixes).
- nvme-pci: set doorbell config before unquiescing (git-fixes).
- nvme/host: Fix RCU list traversal to use SRCU primitive (git-fixes).
- nvme: disable CC.CRIME (NVME_CC_CRIME) (jsc#PED-9901).
- nvme: null terminate nvme_tls_attrs (git-fixes).
- nvme: re-fix error-handling for io_uring nvme-passthrough (git-fixes).
- nvme: tcp: avoid race between queue_lock lock and destroy (git-fixes).
- nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes).
- ocfs2: Drop OCFS2 patch causing a regression (bsc#1233255)
- ocfs2: fix UBSAN warning in ocfs2_verify_volume() (git-fixes).
- ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes).
- ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes).
- ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes).
- ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (git-fixes).
- ocfs2: uncache inode which has failed entering the group (git-fixes).
- of: Add cleanup.h based auto release via __free(device_node) markings (bsc#1232386)
- parport: Proper fix for array out-of-bounds access (git-fixes).
- phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check (git-fixes).
- phy: qcom: qmp-combo: move driver data initialisation earlier (git-fixes).
- phy: qcom: qmp-usb: fix NULL-deref on runtime suspend (git-fixes).
- phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes).
- phy: ti: phy-j721e-wiz: fix usxgmii configuration (git-fixes).
- pinctrl: apple: check devm_kasprintf() returned value (git-fixes).
- pinctrl: k210: Undef K210_PC_DEFAULT (git-fixes).
- pinctrl: ocelot: fix system hang on level based interrupts (stable-fixes).
- pinctrl: qcom: spmi: fix debugfs drive strength (git-fixes).
- pinctrl: zynqmp: drop excess struct member description (git-fixes).
- platform/chrome: cros_ec_typec: fix missing fwnode reference decrement (git-fixes).
- platform/x86/amd/pmc: Detect when STB is not available (git-fixes).
- platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (git-fixes).
- platform/x86: dell-sysman: add support for alienware products (stable-fixes).
- platform/x86: dell-wmi: Ignore suspend notifications (stable-fixes).
- platform/x86: lenovo-ymc: Ignore the 0x0 state (stable-fixes).
- platform/x86: panasonic-laptop: Return errno correctly in show callback (git-fixes).
- platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes).
- posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone (bsc#1234098).
- power: reset: brcmstb: Do not go into infinite loop if reset fails (stable-fixes).
- power: supply: bq27xxx: Fix registers of bq27426 (git-fixes).
- power: supply: core: Remove might_sleep() from power_supply_put() (git-fixes).
- power: supply: rt9471: Fix wrong WDT function regfield declaration (git-fixes).
- power: supply: rt9471: Use IC status regfield to report real charger status (git-fixes).
- powercap: intel_rapl: Fix off by one in get_rpi() (git-fixes).
- powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869).
- powerpc/64s: Fix unnecessary copy to 0 when kernel is booted at address 0 (bsc#1215199).
- powerpc/atomic: Use YZ constraints for DS-form instructions (bsc#1194869).
- powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869).
- powerpc/boot: Only free if realloc() succeeds (bsc#1194869).
- powerpc/code-patching: Add generic memory patching (bsc#1194869).
- powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869).
- powerpc/crypto: do not build aes-gcm-p10 by default (bsc#1230501 ltc#208632).
- powerpc/crypto: fix missing skcipher dependency for aes-gcm-p10 (bsc#1230501 ltc#208632).
- powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() (bsc#1215199).
- powerpc/fadump: Refactor and prepare fadump_cma_init for late init (bsc#1215199).
- powerpc/kexec: Fix return of uninitialized variable (bsc#1194869).
- powerpc/mm/fault: Fix kfence page fault reporting (bsc#1194869).
- powerpc/mm: Fix boot crash with FLATMEM (bsc#1194869).
- powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL (bsc#1194869).
- powerpc/powernv: Free name on error in opal_event_init() (bsc#1194869).
- powerpc/pseries: Fix KVM guest detection for disabling hardlockup detector (bsc#1194869).
- powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore (bsc#1194869).
- powerpc/pseries: Use correct data types from pseries_hp_errorlog struct (bsc#1215199).
- powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869).
- powerpc/vdso: Inconditionally use CFUNC macro (bsc#1215199).
- powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869).
- powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729).
- printk: Add notation to console_srcu locking (bsc#1232183).
- pwm: imx-tpm: Use correct MODULO value for EPWM mode (git-fixes).
- qed: avoid truncating work queue length (git-fixes).
- rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631).
- rcu: Fix buffer overflow in print_cpu_stall_info() (bsc#1226623).
- regmap: detach regmap from dev on regmap_exit (git-fixes).
- regmap: irq: Set lockdep class for hierarchical IRQ domains (git-fixes).
- rpm/check-for-config-changes: add HAVE_RUST and RUSTC_SUPPORTS_ to IGNORED_CONFIGS_RE They depend on SHADOW_CALL_STACK.
- rpm/release-projects: Add SLFO projects (bsc#1231293).
- rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644)
- rpmsg: glink: Handle rejected intent request better (git-fixes).
- rtc: ab-eoz9: do not fail temperature reads on undervoltage notification (git-fixes).
- rtc: abx80x: Fix WDT bit position of the status register (git-fixes).
- rtc: bbnsm: add remove hook (git-fixes).
- rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (git-fixes).
- rtc: rzn1: fix BCD to rtc_time conversion errors (git-fixes).
- rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- runtime constants: add default dummy infrastructure (git-fixes).
- runtime constants: add x86 architecture support (git-fixes).
- s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747).
- s390/pci: Handle PCI error codes other than 0x3a (git-fixes bsc#1232629).
- s390/sclp: Deactivate sclp after all its users (git-fixes bsc#1232628).
- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232627).
- scsi: NCR5380: Check for phase match during PDMA fixup (git-fixes).
- scsi: NCR5380: Initialize buffer for MSG IN and STATUS transfers (git-fixes).
- scsi: Remove scsi device no_start_on_resume flag (git-fixes).
- scsi: aacraid: Rearrange order of struct aac_srb_unit (git-fixes).
- scsi: cdrom: kABI: fix cdrom_dev_ops change (git-fixes).
- scsi: core: Disable CDL by default (git-fixes).
- scsi: core: Fix handling of SCMD_FAIL_IF_RECOVERING (git-fixes).
- scsi: core: Fix the return value of scsi_logical_block_count() (git-fixes).
- scsi: core: Handle devices which return an unusually large VPD page count (git-fixes).
- scsi: core: alua: I/O errors for ALUA state transitions (git-fixes).
- scsi: fnic: Move flush_work initialization out of if block (bsc#1230055).
- scsi: hisi_sas: Handle the NCQ error returned by D2H frame (git-fixes).
- scsi: hpsa: Fix allocation size for Scsi_Host private data (git-fixes).
- scsi: kABI: restore no_start_on_resume to scsi_device (git-fixes).
- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (git-fixes).
- scsi: libsas: Fix the failure of adding phy with zero-address to port (git-fixes).
- scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757).
- scsi: lpfc: Add cleanup of nvmels_wq after HBA reset (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Call lpfc_sli4_queue_unset() in restart and rmmod paths (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check SLI_ACTIVE flag in FDMI cmpl before submitting follow up FDMI (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check devloss callbk done flag for potential stale NDLP ptrs (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Copyright updates for 14.4.0.6 patches (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757).
- scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757).
- scsi: lpfc: Modify CGN warning signal calculation based on EDC response (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Prevent NDLP reference count underflow in dev_loss_tmo callback (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Remove trailing space after \n newline (bsc#1232757).
- scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (bsc#1232757 bsc#1228119).
- scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757).
- scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757).
- scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757).
- scsi: lpfc: Update lpfc version to 14.4.0.6 (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Update lpfc_els_flush_cmd() to check for SLI_ACTIVE before BSG flag (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757).
- scsi: mac_scsi: Disallow bus errors during PDMA send (git-fixes).
- scsi: mac_scsi: Refactor polling loop (git-fixes).
- scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages (git-fixes).
- scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: mpi3mr: Avoid memcpy field-spanning write WARNING (git-fixes).
- scsi: mpi3mr: Avoid possible run-time warning with long manufacturer strings (git-fixes).
- scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes).
- scsi: mpi3mr: Validate SAS port assignments (git-fixes).
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: pm8001: Do not overwrite PCI queue mapping (git-fixes).
- scsi: pm80xx: Set phy->enable_completion only when we wait for it (git-fixes).
- scsi: qedf: Set qed_slowpath_params to zero before use (git-fixes).
- scsi: scsi_transport_fc: Allow setting rport state to current state (git-fixes).
- scsi: sd: Ignore command SYNCHRONIZE CACHE error if format in progress (git-fixes).
- scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer (git-fixes).
- scsi: smartpqi: correct stream detection (git-fixes).
- scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly (git-fixes).
- scsi: spi: Fix sshdr use (git-fixes).
- scsi: sr: Fix unintentional arithmetic wraparound (git-fixes).
- scsi: wd33c93: Do not use stale scsi_pointer value (git-fixes).
- security/keys: fix slab-out-of-bounds in key_task_permission (git-fixes).
- selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes).
- selftests/bpf: Add a test case to write strtol result into .rodata (git-fixes).
- selftests/bpf: Add test for sign extension in coerce_subreg_to_size_sx() (git-fixes).
- selftests/bpf: Add test for truncation after sign extension in coerce_reg_to_size_sx() (git-fixes).
- selftests/bpf: Add tests for ldsx of pkt data/data_end/data_meta accesses (git-fixes).
- selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes).
- selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes).
- selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git-fixes).
- serial: 8250: omap: Move pm_runtime_get_sync (git-fixes).
- serial: imx: Update mctrl old_status on RTSD interrupt (git-fixes).
- serial: protect uart_port_dtr_rts() in uart_shutdown() too (stable-fixes).
- signal: Replace BUG_ON()s (bsc#1234093).
- soc: fsl: rcpm: fix missing of_node_put() in copy_ippdexpcr1_setting() (git-fixes).
- soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (git-fixes).
- soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- soundwire: intel_bus_common: enable interrupts before exiting reset (stable-fixes).
- spi: Fix acpi deferred irq probe (git-fixes).
- spi: atmel-quadspi: Fix register name in verbose logging function (git-fixes).
- spi: atmel-quadspi: Fix wrong register value written to MR (git-fixes).
- spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes).
- spi: mtk-snfi: fix kerneldoc for mtk_snand_is_page_ops() (git-fixes).
- spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes).
- spi: spi-fsl-dspi: Fix crash when not using GPIO chip select (git-fixes).
- spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- spi: tegra210-quad: Avoid shift-out-of-bounds (git-fixes).
- splice: always fsnotify_access(in), fsnotify_modify(out) on success (git-fixes).
- splice: fsnotify_access(fd)/fsnotify_modify(fd) in vmsplice (git-fixes).
- splice: fsnotify_access(in), fsnotify_modify(out) on success in tee (git-fixes).
- srcu: Fix callbacks acceleration mishandling (git-fixes).
- staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() (git-fixes).
- sumversion: Fix a memory leak in get_src_version() (git-fixes).
- supported.conf: mark nhpoly1305 module as supported (bsc#1231035).
- supported.conf: mark ultravisor userspace access as supported (bsc#1232090).
- task_work: add kerneldoc annotation for 'data' argument (git-fixes).
- tcp: Fix refcnt handling in __inet_hash_connect() (git-fixes).
- thermal: core: Initialize thermal zones before registering them (git-fixes).
- thermal: int3400: Fix reading of current_uuid for active policy (git-fixes).
- thermal: intel: int340x: processor: Fix warning during module unload (git-fixes).
- thunderbolt: Honor TMU requirements in the domain when setting TMU mode (stable-fixes).
- thunderbolt: Improve DisplayPort tunnel setup process to be more robust (stable-fixes).
- tools/lib/thermal: Fix sampling handler context ptr (git-fixes).
- tools/power turbostat: Fix trailing '\n' parsing (git-fixes).
- tools/power turbostat: Increase the limit for fd opened (bsc#1233119).
- tools: hv: rm .*.cmd when make clean (git-fixes).
- tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 git-fixes).
- tpm: fix signed/unsigned bug when checking event logs (git-fixes).
- tracing/hwlat: Fix a race during cpuhp processing (git-fixes).
- tracing/osnoise: Fix build when timerlat is not enabled (git-fixes).
- tracing/osnoise: Skip running osnoise if all instances are off (git-fixes).
- tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (git-fixes).
- tracing/osnoise: Use a cpumask to know what threads are kthreads (git-fixes).
- tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread() (git-fixes).
- tracing/timerlat: Add user-space interface (git-fixes).
- tracing/timerlat: Drop interface_lock in stop_kthread() (git-fixes).
- tracing/timerlat: Fix a race during cpuhp processing (git-fixes).
- tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline (git-fixes).
- tracing/timerlat: Move hrtimer_init to timerlat_fd open() (git-fixes).
- tracing/timerlat: Only clear timer if a kthread exists (git-fixes).
- tracing: Consider the NULL character when validating the event length (git-fixes).
- tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler (git-fixes).
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (stable-fixes).
- u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one file (git-fixes).
- ubifs: Fix adding orphan entry twice for the same inode (git-fixes).
- ubifs: Fix unattached xattr inode if powercut happens after deleting (git-fixes).
- ubifs: add check for crypto_shash_tfm_digest (git-fixes).
- ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes).
- ucounts: fix counter leak in inc_rlimit_get_ucounts() (bsc#1233460).
- unicode: Do not special case ignorable code points (stable-fixes).
- unicode: Fix utf8_load() error path (git-fixes).
- uprobe: avoid out-of-bounds memory access of fetching args (git-fixes).
- uprobes: encapsulate preparation of uprobe args buffer (git-fixes).
- uprobes: introduce the global struct vm_special_mapping xol_mapping (bsc#1231114).
- uprobes: turn xol_area->pages into xol_area->page (bsc#1231114).
- usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes).
- usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes).
- usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG (git-fixes).
- usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes).
- usb: dwc3: gadget: Add missing check for single port RAM in TxFIFO resizing logic (git-fixes).
- usb: dwc3: gadget: Fix checking for number of TRBs left (git-fixes).
- usb: dwc3: gadget: Fix looping of queued SG entries (git-fixes).
- usb: ehci-spear: fix call balance of sehci clk handling routines (git-fixes).
- usb: gadget: core: force synchronous registration (git-fixes).
- usb: gadget: dummy_hcd: Set transfer interval to 1 microframe (stable-fixes).
- usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler (stable-fixes).
- usb: gadget: dummy_hcd: execute hrtimer callback in softirq context (git-fixes).
- usb: gadget: f_uac2: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: gadget: f_uac2: fix non-newline-terminated function name (stable-fixes).
- usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store (git-fixes).
- usb: musb: Fix hardware lockup on first Rx endpoint request (git-fixes).
- usb: musb: sunxi: Fix accessing an released usb phy (git-fixes).
- usb: phy: Fix API devm_usb_put_phy() can not release the phy (git-fixes).
- usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes).
- usb: typec: altmode should keep reference to parent (git-fixes).
- usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() (git-fixes).
- usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() (git-fixes).
- usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() (git-fixes).
- usb: xhci: Fix TD invalidation under pending Set TR Dequeue (git-fixes).
- usb: xhci: Fix problem with xhci resume from suspend (stable-fixes).
- usb: xhci: fix loss of data on Cadence xHC (git-fixes).
- usb: yurex: make waiting on yurex_write interruptible (git-fixes).
- usbip: tools: Fix detach_port() invalid port error path (git-fixes).
- usbnet: fix cyclical race on disconnect with work queue (git-fixes).
- vdpa: Fix an error handling path in eni_vdpa_probe() (git-fixes).
- vdpa_sim_blk: Fix the potential leak of mgmt_dev (git-fixes).
- vdpa_sim_blk: allocate the buffer zeroed (git-fixes).
- vduse: avoid using __GFP_NOFAIL (git-fixes).
- vfs: dcache: move hashlen_hash() from callers into d_hash() (git-fixes).
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes).
- vhost_vdpa: assign irq bypass producer token correctly (git-fixes).
- virtio_console: fix misc probe bugs (git-fixes).
- vmalloc: modify the alloc_vmap_area() error message for better diagnostics (jsc#PED-10978).
- vmxnet3: Add XDP support (bsc#1226498).
- vmxnet3: Fix missing reserved tailroom (bsc#1226498).
- vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame (bsc#1226498).
- vmxnet3: add command to allow disabling of offloads (bsc#1226498).
- vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498).
- vmxnet3: prepare for version 9 changes (bsc#1226498).
- vmxnet3: update to version 9 (bsc#1226498).
- vsock: Update msg_count on read_skb() (git-fixes).
- vt: prevent kernel-infoleak in con_font_get() (git-fixes).
- watchdog: apple: Actually flush writes after requesting watchdog restart (git-fixes).
- watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (git-fixes).
- watchdog: rti: of: honor timeout-sec property (git-fixes).
- wifi: ath10k: Fix memory leak in management tx (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss1 (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss2 (git-fixes).
- wifi: ath11k: Fix CE offset address calculation for WCN6750 in SSR (git-fixes).
- wifi: ath11k: Fix invalid ring usage in full monitor mode (git-fixes).
- wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes).
- wifi: ath12k: Skip Rx TID cleanup for self peer (git-fixes).
- wifi: ath12k: fix array out-of-bound access in SoC stats (stable-fixes).
- wifi: ath12k: fix crash when unbinding (git-fixes).
- wifi: ath12k: fix warning when unbinding (git-fixes).
- wifi: ath12k: remove msdu_end structure for WCN7850 (git-fixes).
- wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (git-fixes).
- wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable-fixes).
- wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes).
- wifi: brcm80211: BRCM_TRACING should depend on TRACING (git-fixes).
- wifi: brcmfmac: release 'root' node in all execution paths (git-fixes).
- wifi: cfg80211: Set correct chandef when starting CAC (stable-fixes).
- wifi: cfg80211: clear wdev->cqm_config pointer on free (git-fixes).
- wifi: cw1200: Fix potential NULL dereference (git-fixes).
- wifi: iwlegacy: Clear stale interrupts before resuming device (stable-fixes).
- wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd() (git-fixes).
- wifi: iwlwifi: allow only CN mcc from WRDD (stable-fixes).
- wifi: iwlwifi: config: label 'gl' devices as discrete (git-fixes).
- wifi: iwlwifi: mvm: Fix a race in scan abort flow (stable-fixes).
- wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (git-fixes).
- wifi: iwlwifi: mvm: avoid NULL pointer dereference (stable-fixes).
- wifi: iwlwifi: mvm: do not add default link in fw restart flow (git-fixes).
- wifi: iwlwifi: mvm: do not leak a link on AP removal (git-fixes).
- wifi: iwlwifi: mvm: drop wrong STA selection in TX (stable-fixes).
- wifi: iwlwifi: mvm: use correct key iteration (stable-fixes).
- wifi: iwlwifi: remove AX101, AX201 and AX203 support from LNL (stable-fixes).
- wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (git-fixes).
- wifi: mac80211: fix RCU list iterations (stable-fixes).
- wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys (git-fixes).
- wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation (stable-fixes).
- wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable (stable-fixes).
- wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (git-fixes).
- wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- wifi: rtw88: 8821cu: Remove VID/PID 0bda:c82c (stable-fixes).
- wifi: rtw88: Fix USB/SDIO devices not transmitting beacons (git-fixes).
- wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes).
- wifi: rtw89: avoid reading out of bounds when loading TX power FW elements (stable-fixes).
- wifi: rtw89: avoid to add interface to list twice when SER (stable-fixes).
- wifi: rtw89: correct base HT rate mask for firmware (stable-fixes).
- wifi: wfx: Fix error handling in wfx_core_init() (git-fixes).
- x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1233443).
- x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load (git-fixes).
- x86/Documentation: Indent 'note::' directive for protocol version number note (git-fixes).
- x86/PCI: Check pcie_find_root_port() return for NULL (git-fixes).
- x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h (git-fixes).
- x86/apic: Always explicitly disarm TSC-deadline timer (git-fixes).
- x86/apic: Make x2apic_disable() work correctly (git-fixes).
- x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes).
- x86/bugs: Skip RSB fill at VMEXIT (git-fixes).
- x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes).
- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes).
- x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes).
- x86/entry: Remove unwanted instrumentation in common_interrupt() (git-fixes).
- x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes).
- x86/microcode/intel: Remove unnecessary cache writeback and invalidation (git-fixes).
- x86/mm: Use IPIs to synchronize LAM enablement (git-fixes).
- x86/resctrl: Annotate get_mem_config() functions as __init (git-fixes).
- x86/resctrl: Avoid overflow in MB settings in bw_validate() (git-fixes).
- x86/resctrl: Remove hard-coded memory bandwidth limit (git-fixes).
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes).
- x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments() (git-fixes).
- x86/tdx: Dynamically disable SEPT violations from causing #VEs (git-fixes).
- x86/tdx: Enable CPU topology enumeration (git-fixes).
- x86/tdx: Introduce wrappers to read and write TD metadata (git-fixes).
- x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() (git-fixes).
- x86/traps: move kmsan check after instrumentation_begin (git-fixes).
- x86: Increase brk randomness entropy for 64-bit systems (git-fixes).
- x86: do the user address masking outside the user access area (git-fixes).
- x86: fix off-by-one in access_ok() (git-fixes).
- x86: fix user address masking non-canonical speculation issue (git-fixes).
- x86: make the masked_user_access_begin() macro use its argument only once (git-fixes).
- x86: support user address masking instead of non-speculative conditional (git-fixes).
- xfrm: Export symbol xfrm_dev_state_delete (bsc#1233754).
- xfrm: Fix unregister netdevice hang on hardware offload (bsc#1233754).
- xfs: check opcode and iovec count match in xlog_recover_attri_commit_pass2 (git-fixes).
- xfs: check shortform attr entry flags specifically (git-fixes).
- xfs: convert delayed extents to unwritten when zeroing post eof blocks (git-fixes).
- xfs: fix finding a last resort AG in xfs_filestream_pick_ag (git-fixes).
- xfs: fix freeing speculative preallocations for preallocated files (git-fixes).
- xfs: make sure sb_fdblocks is non-negative (git-fixes).
- xfs: make the seq argument to xfs_bmapi_convert_delalloc() optional (git-fixes).
- xfs: make xfs_bmapi_convert_delalloc() to allocate the target offset (git-fixes).
- xfs: remove a racy if_bytes check in xfs_reflink_end_cow_extent (git-fixes).
- xfs: validate recovered name buffers when recovering xattr items (git-fixes).
- xhci: Add a quirk for writing ERST in high-low order (git-fixes).
- xhci: Fix Link TRB DMA in command ring stopped completion event (git-fixes).
- xhci: Fix incorrect stream context type macro (git-fixes).
- xhci: Mitigate failed set dequeue pointer commands (git-fixes).
- xhci: Use pm_runtime_get to prevent RPM on unsupported systems (git-fixes).
- xhci: tegra: fix checked USB2 port number (git-fixes).
- zonefs: Improve error handling (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1082555SUSE bug 1194869SUSE bug 1215199SUSE bug 1217845SUSE bug 1218562SUSE bug 1218644SUSE bug 1219596SUSE bug 1219803SUSE bug 1220355SUSE bug 1220382SUSE bug 1221309SUSE bug 1222423SUSE bug 1222587SUSE bug 1222590SUSE bug 1223112SUSE bug 1223384SUSE bug 1223656SUSE bug 1223700SUSE bug 1223733SUSE bug 1223824SUSE bug 1223848SUSE bug 1224088SUSE bug 1224429SUSE bug 1224518SUSE bug 1224548SUSE bug 1224574SUSE bug 1224948SUSE bug 1225611SUSE bug 1225713SUSE bug 1225725SUSE bug 1225730SUSE bug 1225742SUSE bug 1225764SUSE bug 1225768SUSE bug 1225813SUSE bug 1225903SUSE bug 1226003SUSE bug 1226130SUSE bug 1226498SUSE bug 1226623SUSE bug 1226631SUSE bug 1226748SUSE bug 1226797SUSE bug 1226848SUSE bug 1226872SUSE bug 1227726SUSE bug 1227842SUSE bug 1228119SUSE bug 1228244SUSE bug 1228269SUSE bug 1228410SUSE bug 1228430SUSE bug 1228454SUSE bug 1228537SUSE bug 1228620SUSE bug 1228743SUSE bug 1228747SUSE bug 1228850SUSE bug 1228857SUSE bug 1229019SUSE bug 1229165SUSE bug 1229429SUSE bug 1229450SUSE bug 1229585SUSE bug 1229677SUSE bug 1229769SUSE bug 1229808SUSE bug 1229891SUSE bug 1230055SUSE bug 1230132SUSE bug 1230179SUSE bug 1230220SUSE bug 1230231SUSE bug 1230289SUSE bug 1230295SUSE bug 1230339SUSE bug 1230341SUSE bug 1230375SUSE bug 1230414SUSE bug 1230429SUSE bug 1230456SUSE bug 1230501SUSE bug 1230527SUSE bug 1230550SUSE bug 1230557SUSE bug 1230558SUSE bug 1230600SUSE bug 1230620SUSE bug 1230710SUSE bug 1230733SUSE bug 1230762SUSE bug 1230763SUSE bug 1230773SUSE bug 1230774SUSE bug 1230801SUSE bug 1230807SUSE bug 1230817SUSE bug 1230827SUSE bug 1230831SUSE bug 1230914SUSE bug 1230918SUSE bug 1230971SUSE bug 1231016SUSE bug 1231035SUSE bug 1231072SUSE bug 1231073SUSE bug 1231075SUSE bug 1231076SUSE bug 1231081SUSE bug 1231082SUSE bug 1231083SUSE bug 1231084SUSE bug 1231085SUSE bug 1231087SUSE bug 1231089SUSE bug 1231092SUSE bug 1231093SUSE bug 1231094SUSE bug 1231096SUSE bug 1231098SUSE bug 1231100SUSE bug 1231101SUSE bug 1231102SUSE bug 1231105SUSE bug 1231108SUSE bug 1231111SUSE bug 1231114SUSE bug 1231115SUSE bug 1231116SUSE bug 1231117SUSE bug 1231131SUSE bug 1231132SUSE bug 1231135SUSE bug 1231136SUSE bug 1231138SUSE bug 1231148SUSE bug 1231169SUSE bug 1231170SUSE bug 1231171SUSE bug 1231178SUSE bug 1231179SUSE bug 1231182SUSE bug 1231183SUSE bug 1231187SUSE bug 1231191SUSE bug 1231193SUSE bug 1231195SUSE bug 1231197SUSE bug 1231200SUSE bug 1231202SUSE bug 1231203SUSE bug 1231276SUSE bug 1231293SUSE bug 1231384SUSE bug 1231434SUSE bug 1231435SUSE bug 1231436SUSE bug 1231439SUSE bug 1231440SUSE bug 1231441SUSE bug 1231442SUSE bug 1231452SUSE bug 1231453SUSE bug 1231465SUSE bug 1231474SUSE bug 1231481SUSE bug 1231496SUSE bug 1231502SUSE bug 1231537SUSE bug 1231539SUSE bug 1231540SUSE bug 1231541SUSE bug 1231617SUSE bug 1231630SUSE bug 1231634SUSE bug 1231635SUSE bug 1231636SUSE bug 1231637SUSE bug 1231638SUSE bug 1231639SUSE bug 1231640SUSE bug 1231673SUSE bug 1231828SUSE bug 1231849SUSE bug 1231855SUSE bug 1231856SUSE bug 1231857SUSE bug 1231858SUSE bug 1231859SUSE bug 1231860SUSE bug 1231861SUSE bug 1231864SUSE bug 1231865SUSE bug 1231868SUSE bug 1231869SUSE bug 1231871SUSE bug 1231872SUSE bug 1231901SUSE bug 1231902SUSE bug 1231903SUSE bug 1231904SUSE bug 1231906SUSE bug 1231907SUSE bug 1231908SUSE bug 1231914SUSE bug 1231916SUSE bug 1231920SUSE bug 1231924SUSE bug 1231926SUSE bug 1231930SUSE bug 1231931SUSE bug 1231935SUSE bug 1231942SUSE bug 1231944SUSE bug 1231946SUSE bug 1231947SUSE bug 1231950SUSE bug 1231951SUSE bug 1231952SUSE bug 1231953SUSE bug 1231954SUSE bug 1231955SUSE bug 1231956SUSE bug 1231957SUSE bug 1231965SUSE bug 1231967SUSE bug 1231968SUSE bug 1231987SUSE bug 1231988SUSE bug 1231989SUSE bug 1231990SUSE bug 1231998SUSE bug 1232000SUSE bug 1232003SUSE bug 1232009SUSE bug 1232013SUSE bug 1232015SUSE bug 1232016SUSE bug 1232017SUSE bug 1232018SUSE bug 1232033SUSE bug 1232034SUSE bug 1232036SUSE bug 1232043SUSE bug 1232047SUSE bug 1232048SUSE bug 1232049SUSE bug 1232050SUSE bug 1232056SUSE bug 1232075SUSE bug 1232076SUSE bug 1232079SUSE bug 1232080SUSE bug 1232083SUSE bug 1232084SUSE bug 1232085SUSE bug 1232089SUSE bug 1232090SUSE bug 1232093SUSE bug 1232094SUSE bug 1232096SUSE bug 1232097SUSE bug 1232098SUSE bug 1232103SUSE bug 1232104SUSE bug 1232105SUSE bug 1232109SUSE bug 1232111SUSE bug 1232114SUSE bug 1232116SUSE bug 1232117SUSE bug 1232124SUSE bug 1232126SUSE bug 1232127SUSE bug 1232129SUSE bug 1232130SUSE bug 1232131SUSE bug 1232132SUSE bug 1232134SUSE bug 1232135SUSE bug 1232140SUSE bug 1232141SUSE bug 1232142SUSE bug 1232145SUSE bug 1232147SUSE bug 1232148SUSE bug 1232149SUSE bug 1232151SUSE bug 1232152SUSE bug 1232154SUSE bug 1232155SUSE bug 1232156SUSE bug 1232157SUSE bug 1232159SUSE bug 1232160SUSE bug 1232162SUSE bug 1232164SUSE bug 1232165SUSE bug 1232166SUSE bug 1232174SUSE bug 1232180SUSE bug 1232182SUSE bug 1232183SUSE bug 1232185SUSE bug 1232187SUSE bug 1232189SUSE bug 1232192SUSE bug 1232195SUSE bug 1232196SUSE bug 1232198SUSE bug 1232199SUSE bug 1232200SUSE bug 1232201SUSE bug 1232207SUSE bug 1232208SUSE bug 1232217SUSE bug 1232218SUSE bug 1232220SUSE bug 1232221SUSE bug 1232222SUSE bug 1232224SUSE bug 1232232SUSE bug 1232250SUSE bug 1232251SUSE bug 1232253SUSE bug 1232254SUSE bug 1232255SUSE bug 1232256SUSE bug 1232258SUSE bug 1232259SUSE bug 1232260SUSE bug 1232262SUSE bug 1232263SUSE bug 1232264SUSE bug 1232272SUSE bug 1232275SUSE bug 1232279SUSE bug 1232282SUSE bug 1232285SUSE bug 1232287SUSE bug 1232295SUSE bug 1232305SUSE bug 1232307SUSE bug 1232309SUSE bug 1232310SUSE bug 1232312SUSE bug 1232313SUSE bug 1232314SUSE bug 1232315SUSE bug 1232316SUSE bug 1232317SUSE bug 1232318SUSE bug 1232329SUSE bug 1232332SUSE bug 1232333SUSE bug 1232334SUSE bug 1232335SUSE bug 1232337SUSE bug 1232339SUSE bug 1232340SUSE bug 1232342SUSE bug 1232345SUSE bug 1232349SUSE bug 1232352SUSE bug 1232354SUSE bug 1232355SUSE bug 1232357SUSE bug 1232358SUSE bug 1232359SUSE bug 1232361SUSE bug 1232362SUSE bug 1232366SUSE bug 1232367SUSE bug 1232368SUSE bug 1232369SUSE bug 1232370SUSE bug 1232371SUSE bug 1232374SUSE bug 1232378SUSE bug 1232381SUSE bug 1232383SUSE bug 1232385SUSE bug 1232386SUSE bug 1232387SUSE bug 1232392SUSE bug 1232394SUSE bug 1232395SUSE bug 1232396SUSE bug 1232413SUSE bug 1232416SUSE bug 1232417SUSE bug 1232418SUSE bug 1232424SUSE bug 1232427SUSE bug 1232432SUSE bug 1232435SUSE bug 1232436SUSE bug 1232442SUSE bug 1232446SUSE bug 1232483SUSE bug 1232494SUSE bug 1232498SUSE bug 1232499SUSE bug 1232500SUSE bug 1232501SUSE bug 1232502SUSE bug 1232503SUSE bug 1232504SUSE bug 1232505SUSE bug 1232506SUSE bug 1232507SUSE bug 1232511SUSE bug 1232519SUSE bug 1232520SUSE bug 1232529SUSE bug 1232552SUSE bug 1232623SUSE bug 1232626SUSE bug 1232627SUSE bug 1232628SUSE bug 1232629SUSE bug 1232704SUSE bug 1232757SUSE bug 1232768SUSE bug 1232819SUSE bug 1232823SUSE bug 1232860SUSE bug 1232869SUSE bug 1232870SUSE bug 1232873SUSE bug 1232876SUSE bug 1232877SUSE bug 1232878SUSE bug 1232880SUSE bug 1232881SUSE bug 1232884SUSE bug 1232885SUSE bug 1232887SUSE bug 1232888SUSE bug 1232890SUSE bug 1232892SUSE bug 1232894SUSE bug 1232896SUSE bug 1232897SUSE bug 1232905SUSE bug 1232907SUSE bug 1232914SUSE bug 1232919SUSE bug 1232925SUSE bug 1232926SUSE bug 1232928SUSE bug 1232935SUSE bug 1233029SUSE bug 1233032SUSE bug 1233035SUSE bug 1233036SUSE bug 1233041SUSE bug 1233044SUSE bug 1233049SUSE bug 1233050SUSE bug 1233051SUSE bug 1233056SUSE bug 1233057SUSE bug 1233061SUSE bug 1233062SUSE bug 1233063SUSE bug 1233065SUSE bug 1233067SUSE bug 1233070SUSE bug 1233073SUSE bug 1233074SUSE bug 1233088SUSE bug 1233091SUSE bug 1233092SUSE bug 1233097SUSE bug 1233100SUSE bug 1233103SUSE bug 1233104SUSE bug 1233105SUSE bug 1233106SUSE bug 1233107SUSE bug 1233108SUSE bug 1233110SUSE bug 1233111SUSE bug 1233113SUSE bug 1233114SUSE bug 1233115SUSE bug 1233117SUSE bug 1233119SUSE bug 1233123SUSE bug 1233125SUSE bug 1233127SUSE bug 1233129SUSE bug 1233130SUSE bug 1233132SUSE bug 1233135SUSE bug 1233176SUSE bug 1233179SUSE bug 1233185SUSE bug 1233188SUSE bug 1233189SUSE bug 1233191SUSE bug 1233193SUSE bug 1233197SUSE bug 1233201SUSE bug 1233203SUSE bug 1233204SUSE bug 1233205SUSE bug 1233206SUSE bug 1233207SUSE bug 1233208SUSE bug 1233209SUSE bug 1233210SUSE bug 1233211SUSE bug 1233212SUSE bug 1233216SUSE bug 1233217SUSE bug 1233219SUSE bug 1233226SUSE bug 1233238SUSE bug 1233241SUSE bug 1233244SUSE bug 1233253SUSE bug 1233255SUSE bug 1233293SUSE bug 1233298SUSE bug 1233305SUSE bug 1233320SUSE bug 1233350SUSE bug 1233443SUSE bug 1233452SUSE bug 1233453SUSE bug 1233454SUSE bug 1233456SUSE bug 1233457SUSE bug 1233458SUSE bug 1233460SUSE bug 1233462SUSE bug 1233463SUSE bug 1233464SUSE bug 1233465SUSE bug 1233468SUSE bug 1233471SUSE bug 1233476SUSE bug 1233478SUSE bug 1233479SUSE bug 1233481SUSE bug 1233484SUSE bug 1233485SUSE bug 1233487SUSE bug 1233490SUSE bug 1233491SUSE bug 1233523SUSE bug 1233524SUSE bug 1233540SUSE bug 1233547SUSE bug 1233548SUSE bug 1233550SUSE bug 1233552SUSE bug 1233553SUSE bug 1233554SUSE bug 1233555SUSE bug 1233557SUSE bug 1233560SUSE bug 1233561SUSE bug 1233564SUSE bug 1233566SUSE bug 1233567SUSE bug 1233568SUSE bug 1233570SUSE bug 1233572SUSE bug 1233573SUSE bug 1233577SUSE bug 1233580SUSE bug 1233640SUSE bug 1233641SUSE bug 1233642SUSE bug 1233721SUSE bug 1233754SUSE bug 1233756SUSE bug 1233769SUSE bug 1233771SUSE bug 1233977SUSE bug 1234009SUSE bug 1234011SUSE bug 1234012SUSE bug 1234025SUSE bug 1234039SUSE bug 1234040SUSE bug 1234041SUSE bug 1234042SUSE bug 1234043SUSE bug 1234044SUSE bug 1234045SUSE bug 1234046SUSE bug 1234072SUSE bug 1234078SUSE bug 1234081SUSE bug 1234083SUSE bug 1234085SUSE bug 1234087SUSE bug 1234093SUSE bug 1234098SUSE bug 1234108SUSE bug 1234121SUSE bug 1234223CVE-2023-52766 at SUSECVE-2023-52766 at NVDCVE-2023-52778 at SUSECVE-2023-52778 at NVDCVE-2023-52800 at SUSECVE-2023-52800 at NVDCVE-2023-52881 at SUSECVE-2023-52881 at NVDCVE-2023-52917 at SUSECVE-2023-52917 at NVDCVE-2023-52918 at SUSECVE-2023-52918 at NVDCVE-2023-52919 at SUSECVE-2023-52919 at NVDCVE-2023-52920 at SUSECVE-2023-52920 at NVDCVE-2023-52921 at SUSECVE-2023-52921 at NVDCVE-2023-52922 at SUSECVE-2023-52922 at NVDCVE-2023-6270 at SUSECVE-2023-6270 at NVDCVE-2024-26596 at SUSECVE-2024-26596 at NVDCVE-2024-26703 at SUSECVE-2024-26703 at NVDCVE-2024-26741 at SUSECVE-2024-26741 at NVDCVE-2024-26758 at SUSECVE-2024-26758 at NVDCVE-2024-26761 at SUSECVE-2024-26761 at NVDCVE-2024-26767 at SUSECVE-2024-26767 at NVDCVE-2024-26782 at SUSECVE-2024-26782 at NVDCVE-2024-26864 at SUSECVE-2024-26864 at NVDCVE-2024-26943 at SUSECVE-2024-26943 at NVDCVE-2024-26953 at SUSECVE-2024-26953 at NVDCVE-2024-27017 at SUSECVE-2024-27017 at NVDCVE-2024-27026 at SUSECVE-2024-27026 at NVDCVE-2024-27043 at SUSECVE-2024-27043 at NVDCVE-2024-27407 at SUSECVE-2024-27407 at NVDCVE-2024-35888 at SUSECVE-2024-35888 at NVDCVE-2024-35980 at SUSECVE-2024-35980 at NVDCVE-2024-36000 at SUSECVE-2024-36000 at NVDCVE-2024-36031 at SUSECVE-2024-36031 at NVDCVE-2024-36244 at SUSECVE-2024-36244 at NVDCVE-2024-36484 at SUSECVE-2024-36484 at NVDCVE-2024-36883 at SUSECVE-2024-36883 at NVDCVE-2024-36886 at SUSECVE-2024-36886 at NVDCVE-2024-36905 at SUSECVE-2024-36905 at NVDCVE-2024-36920 at SUSECVE-2024-36920 at NVDCVE-2024-36927 at SUSECVE-2024-36927 at NVDCVE-2024-36954 at SUSECVE-2024-36954 at NVDCVE-2024-36968 at SUSECVE-2024-36968 at NVDCVE-2024-38576 at SUSECVE-2024-38576 at NVDCVE-2024-38577 at SUSECVE-2024-38577 at NVDCVE-2024-38589 at SUSECVE-2024-38589 at NVDCVE-2024-38599 at SUSECVE-2024-38599 at NVDCVE-2024-40914 at SUSECVE-2024-40914 at NVDCVE-2024-41016 at SUSECVE-2024-41016 at NVDCVE-2024-41023 at SUSECVE-2024-41023 at NVDCVE-2024-41031 at SUSECVE-2024-41031 at NVDCVE-2024-41047 at SUSECVE-2024-41047 at NVDCVE-2024-41082 at SUSECVE-2024-41082 at NVDCVE-2024-42102 at SUSECVE-2024-42102 at NVDCVE-2024-42145 at SUSECVE-2024-42145 at NVDCVE-2024-44932 at SUSECVE-2024-44932 at NVDCVE-2024-44958 at SUSECVE-2024-44958 at NVDCVE-2024-44964 at SUSECVE-2024-44964 at NVDCVE-2024-44995 at SUSECVE-2024-44995 at NVDCVE-2024-45016 at SUSECVE-2024-45016 at NVDCVE-2024-45025 at SUSECVE-2024-45025 at NVDCVE-2024-46678 at SUSECVE-2024-46678 at NVDCVE-2024-46680 at SUSECVE-2024-46680 at NVDCVE-2024-46681 at SUSECVE-2024-46681 at NVDCVE-2024-46721 at SUSECVE-2024-46721 at NVDCVE-2024-46754 at SUSECVE-2024-46754 at NVDCVE-2024-46765 at SUSECVE-2024-46765 at NVDCVE-2024-46766 at SUSECVE-2024-46766 at NVDCVE-2024-46770 at SUSECVE-2024-46770 at NVDCVE-2024-46775 at SUSECVE-2024-46775 at NVDCVE-2024-46777 at SUSECVE-2024-46777 at NVDCVE-2024-46788 at SUSECVE-2024-46788 at NVDCVE-2024-46797 at SUSECVE-2024-46797 at NVDCVE-2024-46800 at SUSECVE-2024-46800 at NVDCVE-2024-46802 at SUSECVE-2024-46802 at NVDCVE-2024-46803 at SUSECVE-2024-46803 at NVDCVE-2024-46804 at SUSECVE-2024-46804 at NVDCVE-2024-46805 at SUSECVE-2024-46805 at NVDCVE-2024-46806 at SUSECVE-2024-46806 at NVDCVE-2024-46807 at SUSECVE-2024-46807 at NVDCVE-2024-46809 at SUSECVE-2024-46809 at NVDCVE-2024-46810 at SUSECVE-2024-46810 at NVDCVE-2024-46811 at SUSECVE-2024-46811 at NVDCVE-2024-46812 at SUSECVE-2024-46812 at NVDCVE-2024-46813 at SUSECVE-2024-46813 at NVDCVE-2024-46814 at SUSECVE-2024-46814 at NVDCVE-2024-46815 at SUSECVE-2024-46815 at NVDCVE-2024-46816 at SUSECVE-2024-46816 at NVDCVE-2024-46817 at SUSECVE-2024-46817 at NVDCVE-2024-46818 at SUSECVE-2024-46818 at NVDCVE-2024-46819 at SUSECVE-2024-46819 at NVDCVE-2024-46821 at SUSECVE-2024-46821 at NVDCVE-2024-46825 at SUSECVE-2024-46825 at NVDCVE-2024-46826 at SUSECVE-2024-46826 at NVDCVE-2024-46827 at SUSECVE-2024-46827 at NVDCVE-2024-46828 at SUSECVE-2024-46828 at NVDCVE-2024-46830 at SUSECVE-2024-46830 at NVDCVE-2024-46831 at SUSECVE-2024-46831 at NVDCVE-2024-46834 at SUSECVE-2024-46834 at NVDCVE-2024-46835 at SUSECVE-2024-46835 at NVDCVE-2024-46836 at SUSECVE-2024-46836 at NVDCVE-2024-46840 at SUSECVE-2024-46840 at NVDCVE-2024-46841 at SUSECVE-2024-46841 at NVDCVE-2024-46842 at SUSECVE-2024-46842 at NVDCVE-2024-46843 at SUSECVE-2024-46843 at NVDCVE-2024-46845 at SUSECVE-2024-46845 at NVDCVE-2024-46846 at SUSECVE-2024-46846 at NVDCVE-2024-46848 at SUSECVE-2024-46848 at NVDCVE-2024-46849 at SUSECVE-2024-46849 at NVDCVE-2024-46851 at SUSECVE-2024-46851 at NVDCVE-2024-46852 at SUSECVE-2024-46852 at NVDCVE-2024-46853 at SUSECVE-2024-46853 at NVDCVE-2024-46854 at SUSECVE-2024-46854 at NVDCVE-2024-46855 at SUSECVE-2024-46855 at NVDCVE-2024-46857 at SUSECVE-2024-46857 at NVDCVE-2024-46859 at SUSECVE-2024-46859 at NVDCVE-2024-46860 at SUSECVE-2024-46860 at NVDCVE-2024-46861 at SUSECVE-2024-46861 at NVDCVE-2024-46864 at SUSECVE-2024-46864 at NVDCVE-2024-46870 at SUSECVE-2024-46870 at NVDCVE-2024-46871 at SUSECVE-2024-46871 at NVDCVE-2024-47658 at SUSECVE-2024-47658 at NVDCVE-2024-47660 at SUSECVE-2024-47660 at NVDCVE-2024-47661 at SUSECVE-2024-47661 at NVDCVE-2024-47662 at SUSECVE-2024-47662 at NVDCVE-2024-47663 at SUSECVE-2024-47663 at NVDCVE-2024-47664 at SUSECVE-2024-47664 at NVDCVE-2024-47665 at SUSECVE-2024-47665 at NVDCVE-2024-47666 at SUSECVE-2024-47666 at NVDCVE-2024-47667 at SUSECVE-2024-47667 at NVDCVE-2024-47668 at SUSECVE-2024-47668 at NVDCVE-2024-47669 at SUSECVE-2024-47669 at NVDCVE-2024-47670 at SUSECVE-2024-47670 at NVDCVE-2024-47671 at SUSECVE-2024-47671 at NVDCVE-2024-47672 at SUSECVE-2024-47672 at NVDCVE-2024-47673 at SUSECVE-2024-47673 at NVDCVE-2024-47674 at SUSECVE-2024-47674 at NVDCVE-2024-47675 at SUSECVE-2024-47675 at NVDCVE-2024-47679 at SUSECVE-2024-47679 at NVDCVE-2024-47681 at SUSECVE-2024-47681 at NVDCVE-2024-47682 at SUSECVE-2024-47682 at NVDCVE-2024-47684 at SUSECVE-2024-47684 at NVDCVE-2024-47685 at SUSECVE-2024-47685 at NVDCVE-2024-47686 at SUSECVE-2024-47686 at NVDCVE-2024-47687 at SUSECVE-2024-47687 at NVDCVE-2024-47688 at SUSECVE-2024-47688 at NVDCVE-2024-47692 at SUSECVE-2024-47692 at NVDCVE-2024-47693 at SUSECVE-2024-47693 at NVDCVE-2024-47695 at SUSECVE-2024-47695 at NVDCVE-2024-47696 at SUSECVE-2024-47696 at NVDCVE-2024-47697 at SUSECVE-2024-47697 at NVDCVE-2024-47698 at SUSECVE-2024-47698 at NVDCVE-2024-47699 at SUSECVE-2024-47699 at NVDCVE-2024-47701 at SUSECVE-2024-47701 at NVDCVE-2024-47702 at SUSECVE-2024-47702 at NVDCVE-2024-47703 at SUSECVE-2024-47703 at NVDCVE-2024-47704 at SUSECVE-2024-47704 at NVDCVE-2024-47705 at SUSECVE-2024-47705 at NVDCVE-2024-47706 at SUSECVE-2024-47706 at NVDCVE-2024-47707 at SUSECVE-2024-47707 at NVDCVE-2024-47709 at SUSECVE-2024-47709 at NVDCVE-2024-47710 at SUSECVE-2024-47710 at NVDCVE-2024-47712 at SUSECVE-2024-47712 at NVDCVE-2024-47713 at SUSECVE-2024-47713 at NVDCVE-2024-47714 at SUSECVE-2024-47714 at NVDCVE-2024-47715 at SUSECVE-2024-47715 at NVDCVE-2024-47718 at SUSECVE-2024-47718 at NVDCVE-2024-47719 at SUSECVE-2024-47719 at NVDCVE-2024-47720 at SUSECVE-2024-47720 at NVDCVE-2024-47723 at SUSECVE-2024-47723 at NVDCVE-2024-47727 at SUSECVE-2024-47727 at NVDCVE-2024-47728 at SUSECVE-2024-47728 at NVDCVE-2024-47730 at SUSECVE-2024-47730 at NVDCVE-2024-47731 at SUSECVE-2024-47731 at NVDCVE-2024-47732 at SUSECVE-2024-47732 at NVDCVE-2024-47735 at SUSECVE-2024-47735 at NVDCVE-2024-47737 at SUSECVE-2024-47737 at NVDCVE-2024-47738 at SUSECVE-2024-47738 at NVDCVE-2024-47739 at SUSECVE-2024-47739 at NVDCVE-2024-47741 at SUSECVE-2024-47741 at NVDCVE-2024-47742 at SUSECVE-2024-47742 at NVDCVE-2024-47743 at SUSECVE-2024-47743 at NVDCVE-2024-47744 at SUSECVE-2024-47744 at NVDCVE-2024-47745 at SUSECVE-2024-47745 at NVDCVE-2024-47747 at SUSECVE-2024-47747 at NVDCVE-2024-47748 at SUSECVE-2024-47748 at NVDCVE-2024-47749 at SUSECVE-2024-47749 at NVDCVE-2024-47750 at SUSECVE-2024-47750 at NVDCVE-2024-47751 at SUSECVE-2024-47751 at NVDCVE-2024-47752 at SUSECVE-2024-47752 at NVDCVE-2024-47753 at SUSECVE-2024-47753 at NVDCVE-2024-47754 at SUSECVE-2024-47754 at NVDCVE-2024-47756 at SUSECVE-2024-47756 at NVDCVE-2024-47757 at SUSECVE-2024-47757 at NVDCVE-2024-49850 at SUSECVE-2024-49850 at NVDCVE-2024-49851 at SUSECVE-2024-49851 at NVDCVE-2024-49852 at SUSECVE-2024-49852 at NVDCVE-2024-49853 at SUSECVE-2024-49853 at NVDCVE-2024-49855 at SUSECVE-2024-49855 at NVDCVE-2024-49858 at SUSECVE-2024-49858 at NVDCVE-2024-49860 at SUSECVE-2024-49860 at NVDCVE-2024-49861 at SUSECVE-2024-49861 at NVDCVE-2024-49862 at SUSECVE-2024-49862 at NVDCVE-2024-49863 at SUSECVE-2024-49863 at NVDCVE-2024-49864 at SUSECVE-2024-49864 at NVDCVE-2024-49866 at SUSECVE-2024-49866 at NVDCVE-2024-49867 at SUSECVE-2024-49867 at NVDCVE-2024-49868 at SUSECVE-2024-49868 at NVDCVE-2024-49870 at SUSECVE-2024-49870 at NVDCVE-2024-49871 at SUSECVE-2024-49871 at NVDCVE-2024-49874 at SUSECVE-2024-49874 at NVDCVE-2024-49875 at SUSECVE-2024-49875 at NVDCVE-2024-49877 at SUSECVE-2024-49877 at NVDCVE-2024-49878 at SUSECVE-2024-49878 at NVDCVE-2024-49879 at SUSECVE-2024-49879 at NVDCVE-2024-49881 at SUSECVE-2024-49881 at NVDCVE-2024-49882 at SUSECVE-2024-49882 at NVDCVE-2024-49883 at SUSECVE-2024-49883 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49886 at SUSECVE-2024-49886 at NVDCVE-2024-49888 at SUSECVE-2024-49888 at NVDCVE-2024-49890 at SUSECVE-2024-49890 at NVDCVE-2024-49891 at SUSECVE-2024-49891 at NVDCVE-2024-49892 at SUSECVE-2024-49892 at NVDCVE-2024-49894 at SUSECVE-2024-49894 at NVDCVE-2024-49895 at SUSECVE-2024-49895 at NVDCVE-2024-49896 at SUSECVE-2024-49896 at NVDCVE-2024-49897 at SUSECVE-2024-49897 at NVDCVE-2024-49898 at SUSECVE-2024-49898 at NVDCVE-2024-49899 at SUSECVE-2024-49899 at NVDCVE-2024-49900 at SUSECVE-2024-49900 at NVDCVE-2024-49901 at SUSECVE-2024-49901 at NVDCVE-2024-49902 at SUSECVE-2024-49902 at NVDCVE-2024-49903 at SUSECVE-2024-49903 at NVDCVE-2024-49905 at SUSECVE-2024-49905 at NVDCVE-2024-49906 at SUSECVE-2024-49906 at NVDCVE-2024-49907 at SUSECVE-2024-49907 at NVDCVE-2024-49908 at SUSECVE-2024-49908 at NVDCVE-2024-49909 at SUSECVE-2024-49909 at NVDCVE-2024-49911 at SUSECVE-2024-49911 at NVDCVE-2024-49912 at SUSECVE-2024-49912 at NVDCVE-2024-49913 at SUSECVE-2024-49913 at NVDCVE-2024-49914 at SUSECVE-2024-49914 at NVDCVE-2024-49917 at SUSECVE-2024-49917 at NVDCVE-2024-49918 at SUSECVE-2024-49918 at NVDCVE-2024-49919 at SUSECVE-2024-49919 at NVDCVE-2024-49920 at SUSECVE-2024-49920 at NVDCVE-2024-49921 at SUSECVE-2024-49921 at NVDCVE-2024-49922 at SUSECVE-2024-49922 at NVDCVE-2024-49923 at SUSECVE-2024-49923 at NVDCVE-2024-49925 at SUSECVE-2024-49925 at NVDCVE-2024-49928 at SUSECVE-2024-49928 at NVDCVE-2024-49929 at SUSECVE-2024-49929 at NVDCVE-2024-49930 at SUSECVE-2024-49930 at NVDCVE-2024-49931 at SUSECVE-2024-49931 at NVDCVE-2024-49933 at SUSECVE-2024-49933 at NVDCVE-2024-49934 at SUSECVE-2024-49934 at NVDCVE-2024-49935 at SUSECVE-2024-49935 at NVDCVE-2024-49936 at SUSECVE-2024-49936 at NVDCVE-2024-49937 at SUSECVE-2024-49937 at NVDCVE-2024-49938 at SUSECVE-2024-49938 at NVDCVE-2024-49939 at SUSECVE-2024-49939 at NVDCVE-2024-49944 at SUSECVE-2024-49944 at NVDCVE-2024-49945 at SUSECVE-2024-49945 at NVDCVE-2024-49946 at SUSECVE-2024-49946 at NVDCVE-2024-49947 at SUSECVE-2024-49947 at NVDCVE-2024-49949 at SUSECVE-2024-49949 at NVDCVE-2024-49950 at SUSECVE-2024-49950 at NVDCVE-2024-49952 at SUSECVE-2024-49952 at NVDCVE-2024-49953 at SUSECVE-2024-49953 at NVDCVE-2024-49954 at SUSECVE-2024-49954 at NVDCVE-2024-49955 at SUSECVE-2024-49955 at NVDCVE-2024-49957 at SUSECVE-2024-49957 at NVDCVE-2024-49958 at SUSECVE-2024-49958 at NVDCVE-2024-49959 at SUSECVE-2024-49959 at NVDCVE-2024-49960 at SUSECVE-2024-49960 at NVDCVE-2024-49961 at SUSECVE-2024-49961 at NVDCVE-2024-49962 at SUSECVE-2024-49962 at NVDCVE-2024-49963 at SUSECVE-2024-49963 at NVDCVE-2024-49965 at SUSECVE-2024-49965 at NVDCVE-2024-49966 at SUSECVE-2024-49966 at NVDCVE-2024-49967 at SUSECVE-2024-49967 at NVDCVE-2024-49968 at SUSECVE-2024-49968 at NVDCVE-2024-49969 at SUSECVE-2024-49969 at NVDCVE-2024-49972 at SUSECVE-2024-49972 at NVDCVE-2024-49973 at SUSECVE-2024-49973 at NVDCVE-2024-49974 at SUSECVE-2024-49974 at NVDCVE-2024-49975 at SUSECVE-2024-49975 at NVDCVE-2024-49976 at SUSECVE-2024-49976 at NVDCVE-2024-49981 at SUSECVE-2024-49981 at NVDCVE-2024-49982 at SUSECVE-2024-49982 at NVDCVE-2024-49983 at SUSECVE-2024-49983 at NVDCVE-2024-49985 at SUSECVE-2024-49985 at NVDCVE-2024-49986 at SUSECVE-2024-49986 at NVDCVE-2024-49987 at SUSECVE-2024-49987 at NVDCVE-2024-49989 at SUSECVE-2024-49989 at NVDCVE-2024-49991 at SUSECVE-2024-49991 at NVDCVE-2024-49993 at SUSECVE-2024-49993 at NVDCVE-2024-49995 at SUSECVE-2024-49995 at NVDCVE-2024-49996 at SUSECVE-2024-49996 at NVDCVE-2024-50000 at SUSECVE-2024-50000 at NVDCVE-2024-50001 at SUSECVE-2024-50001 at NVDCVE-2024-50002 at SUSECVE-2024-50002 at NVDCVE-2024-50003 at SUSECVE-2024-50003 at NVDCVE-2024-50004 at SUSECVE-2024-50004 at NVDCVE-2024-50006 at SUSECVE-2024-50006 at NVDCVE-2024-50007 at SUSECVE-2024-50007 at NVDCVE-2024-50008 at SUSECVE-2024-50008 at NVDCVE-2024-50009 at SUSECVE-2024-50009 at NVDCVE-2024-50012 at SUSECVE-2024-50012 at NVDCVE-2024-50013 at SUSECVE-2024-50013 at NVDCVE-2024-50014 at SUSECVE-2024-50014 at NVDCVE-2024-50015 at SUSECVE-2024-50015 at NVDCVE-2024-50017 at SUSECVE-2024-50017 at NVDCVE-2024-50019 at SUSECVE-2024-50019 at NVDCVE-2024-50020 at SUSECVE-2024-50020 at NVDCVE-2024-50021 at SUSECVE-2024-50021 at NVDCVE-2024-50022 at SUSECVE-2024-50022 at NVDCVE-2024-50023 at SUSECVE-2024-50023 at NVDCVE-2024-50024 at SUSECVE-2024-50024 at NVDCVE-2024-50025 at SUSECVE-2024-50025 at NVDCVE-2024-50026 at SUSECVE-2024-50026 at NVDCVE-2024-50027 at SUSECVE-2024-50027 at NVDCVE-2024-50028 at SUSECVE-2024-50028 at NVDCVE-2024-50031 at SUSECVE-2024-50031 at NVDCVE-2024-50033 at SUSECVE-2024-50033 at NVDCVE-2024-50035 at SUSECVE-2024-50035 at NVDCVE-2024-50040 at SUSECVE-2024-50040 at NVDCVE-2024-50041 at SUSECVE-2024-50041 at NVDCVE-2024-50042 at SUSECVE-2024-50042 at NVDCVE-2024-50044 at SUSECVE-2024-50044 at NVDCVE-2024-50045 at SUSECVE-2024-50045 at NVDCVE-2024-50046 at SUSECVE-2024-50046 at NVDCVE-2024-50047 at SUSECVE-2024-50047 at NVDCVE-2024-50048 at SUSECVE-2024-50048 at NVDCVE-2024-50049 at SUSECVE-2024-50049 at NVDCVE-2024-50055 at SUSECVE-2024-50055 at NVDCVE-2024-50058 at SUSECVE-2024-50058 at NVDCVE-2024-50059 at SUSECVE-2024-50059 at NVDCVE-2024-50060 at SUSECVE-2024-50060 at NVDCVE-2024-50061 at SUSECVE-2024-50061 at NVDCVE-2024-50062 at SUSECVE-2024-50062 at NVDCVE-2024-50063 at SUSECVE-2024-50063 at NVDCVE-2024-50064 at SUSECVE-2024-50064 at NVDCVE-2024-50067 at SUSECVE-2024-50067 at NVDCVE-2024-50069 at SUSECVE-2024-50069 at NVDCVE-2024-50073 at SUSECVE-2024-50073 at NVDCVE-2024-50074 at SUSECVE-2024-50074 at NVDCVE-2024-50075 at SUSECVE-2024-50075 at NVDCVE-2024-50076 at SUSECVE-2024-50076 at NVDCVE-2024-50077 at SUSECVE-2024-50077 at NVDCVE-2024-50078 at SUSECVE-2024-50078 at NVDCVE-2024-50080 at SUSECVE-2024-50080 at NVDCVE-2024-50081 at SUSECVE-2024-50081 at NVDCVE-2024-50082 at SUSECVE-2024-50082 at NVDCVE-2024-50084 at SUSECVE-2024-50084 at NVDCVE-2024-50087 at SUSECVE-2024-50087 at NVDCVE-2024-50088 at SUSECVE-2024-50088 at NVDCVE-2024-50089 at SUSECVE-2024-50089 at NVDCVE-2024-50093 at SUSECVE-2024-50093 at NVDCVE-2024-50095 at SUSECVE-2024-50095 at NVDCVE-2024-50096 at SUSECVE-2024-50096 at NVDCVE-2024-50098 at SUSECVE-2024-50098 at NVDCVE-2024-50099 at SUSECVE-2024-50099 at NVDCVE-2024-50100 at SUSECVE-2024-50100 at NVDCVE-2024-50101 at SUSECVE-2024-50101 at NVDCVE-2024-50102 at SUSECVE-2024-50102 at NVDCVE-2024-50103 at SUSECVE-2024-50103 at NVDCVE-2024-50108 at SUSECVE-2024-50108 at NVDCVE-2024-50110 at SUSECVE-2024-50110 at NVDCVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-50116 at SUSECVE-2024-50116 at NVDCVE-2024-50117 at SUSECVE-2024-50117 at NVDCVE-2024-50121 at SUSECVE-2024-50121 at NVDCVE-2024-50124 at SUSECVE-2024-50124 at NVDCVE-2024-50125 at SUSECVE-2024-50125 at NVDCVE-2024-50127 at SUSECVE-2024-50127 at NVDCVE-2024-50128 at SUSECVE-2024-50128 at NVDCVE-2024-50130 at SUSECVE-2024-50130 at NVDCVE-2024-50131 at SUSECVE-2024-50131 at NVDCVE-2024-50134 at SUSECVE-2024-50134 at NVDCVE-2024-50135 at SUSECVE-2024-50135 at NVDCVE-2024-50136 at SUSECVE-2024-50136 at NVDCVE-2024-50138 at SUSECVE-2024-50138 at NVDCVE-2024-50139 at SUSECVE-2024-50139 at NVDCVE-2024-50141 at SUSECVE-2024-50141 at NVDCVE-2024-50145 at SUSECVE-2024-50145 at NVDCVE-2024-50146 at SUSECVE-2024-50146 at NVDCVE-2024-50147 at SUSECVE-2024-50147 at NVDCVE-2024-50148 at SUSECVE-2024-50148 at NVDCVE-2024-50150 at SUSECVE-2024-50150 at NVDCVE-2024-50153 at SUSECVE-2024-50153 at NVDCVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-50155 at SUSECVE-2024-50155 at NVDCVE-2024-50156 at SUSECVE-2024-50156 at NVDCVE-2024-50157 at SUSECVE-2024-50157 at NVDCVE-2024-50158 at SUSECVE-2024-50158 at NVDCVE-2024-50159 at SUSECVE-2024-50159 at NVDCVE-2024-50160 at SUSECVE-2024-50160 at NVDCVE-2024-50166 at SUSECVE-2024-50166 at NVDCVE-2024-50167 at SUSECVE-2024-50167 at NVDCVE-2024-50169 at SUSECVE-2024-50169 at NVDCVE-2024-50171 at SUSECVE-2024-50171 at NVDCVE-2024-50172 at SUSECVE-2024-50172 at NVDCVE-2024-50175 at SUSECVE-2024-50175 at NVDCVE-2024-50176 at SUSECVE-2024-50176 at NVDCVE-2024-50177 at SUSECVE-2024-50177 at NVDCVE-2024-50179 at SUSECVE-2024-50179 at NVDCVE-2024-50180 at SUSECVE-2024-50180 at NVDCVE-2024-50181 at SUSECVE-2024-50181 at NVDCVE-2024-50182 at SUSECVE-2024-50182 at NVDCVE-2024-50183 at SUSECVE-2024-50183 at NVDCVE-2024-50184 at SUSECVE-2024-50184 at NVDCVE-2024-50186 at SUSECVE-2024-50186 at NVDCVE-2024-50187 at SUSECVE-2024-50187 at NVDCVE-2024-50188 at SUSECVE-2024-50188 at NVDCVE-2024-50189 at SUSECVE-2024-50189 at NVDCVE-2024-50192 at SUSECVE-2024-50192 at NVDCVE-2024-50194 at SUSECVE-2024-50194 at NVDCVE-2024-50195 at SUSECVE-2024-50195 at NVDCVE-2024-50196 at SUSECVE-2024-50196 at NVDCVE-2024-50198 at SUSECVE-2024-50198 at NVDCVE-2024-50200 at SUSECVE-2024-50200 at NVDCVE-2024-50201 at SUSECVE-2024-50201 at NVDCVE-2024-50205 at SUSECVE-2024-50205 at NVDCVE-2024-50208 at SUSECVE-2024-50208 at NVDCVE-2024-50209 at SUSECVE-2024-50209 at NVDCVE-2024-50210 at SUSECVE-2024-50210 at NVDCVE-2024-50215 at SUSECVE-2024-50215 at NVDCVE-2024-50216 at SUSECVE-2024-50216 at NVDCVE-2024-50218 at SUSECVE-2024-50218 at NVDCVE-2024-50221 at SUSECVE-2024-50221 at NVDCVE-2024-50224 at SUSECVE-2024-50224 at NVDCVE-2024-50225 at SUSECVE-2024-50225 at NVDCVE-2024-50228 at SUSECVE-2024-50228 at NVDCVE-2024-50229 at SUSECVE-2024-50229 at NVDCVE-2024-50230 at SUSECVE-2024-50230 at NVDCVE-2024-50231 at SUSECVE-2024-50231 at NVDCVE-2024-50232 at SUSECVE-2024-50232 at NVDCVE-2024-50233 at SUSECVE-2024-50233 at NVDCVE-2024-50234 at SUSECVE-2024-50234 at NVDCVE-2024-50235 at SUSECVE-2024-50235 at NVDCVE-2024-50236 at SUSECVE-2024-50236 at NVDCVE-2024-50237 at SUSECVE-2024-50237 at NVDCVE-2024-50240 at SUSECVE-2024-50240 at NVDCVE-2024-50245 at SUSECVE-2024-50245 at NVDCVE-2024-50246 at SUSECVE-2024-50246 at NVDCVE-2024-50248 at SUSECVE-2024-50248 at NVDCVE-2024-50249 at SUSECVE-2024-50249 at NVDCVE-2024-50250 at SUSECVE-2024-50250 at NVDCVE-2024-50252 at SUSECVE-2024-50252 at NVDCVE-2024-50255 at SUSECVE-2024-50255 at NVDCVE-2024-50257 at SUSECVE-2024-50257 at NVDCVE-2024-50261 at SUSECVE-2024-50261 at NVDCVE-2024-50264 at SUSECVE-2024-50264 at NVDCVE-2024-50265 at SUSECVE-2024-50265 at NVDCVE-2024-50267 at SUSECVE-2024-50267 at NVDCVE-2024-50268 at SUSECVE-2024-50268 at NVDCVE-2024-50269 at SUSECVE-2024-50269 at NVDCVE-2024-50271 at SUSECVE-2024-50271 at NVDCVE-2024-50273 at SUSECVE-2024-50273 at NVDCVE-2024-50274 at SUSECVE-2024-50274 at NVDCVE-2024-50275 at SUSECVE-2024-50275 at NVDCVE-2024-50276 at SUSECVE-2024-50276 at NVDCVE-2024-50279 at SUSECVE-2024-50279 at NVDCVE-2024-50282 at SUSECVE-2024-50282 at NVDCVE-2024-50287 at SUSECVE-2024-50287 at NVDCVE-2024-50289 at SUSECVE-2024-50289 at NVDCVE-2024-50290 at SUSECVE-2024-50290 at NVDCVE-2024-50292 at SUSECVE-2024-50292 at NVDCVE-2024-50295 at SUSECVE-2024-50295 at NVDCVE-2024-50296 at SUSECVE-2024-50296 at NVDCVE-2024-50298 at SUSECVE-2024-50298 at NVDCVE-2024-50301 at SUSECVE-2024-50301 at NVDCVE-2024-50302 at SUSECVE-2024-50302 at NVDCVE-2024-53042 at SUSECVE-2024-53042 at NVDCVE-2024-53043 at SUSECVE-2024-53043 at NVDCVE-2024-53045 at SUSECVE-2024-53045 at NVDCVE-2024-53048 at SUSECVE-2024-53048 at NVDCVE-2024-53051 at SUSECVE-2024-53051 at NVDCVE-2024-53052 at SUSECVE-2024-53052 at NVDCVE-2024-53055 at SUSECVE-2024-53055 at NVDCVE-2024-53056 at SUSECVE-2024-53056 at NVDCVE-2024-53058 at SUSECVE-2024-53058 at NVDCVE-2024-53059 at SUSECVE-2024-53059 at NVDCVE-2024-53060 at SUSECVE-2024-53060 at NVDCVE-2024-53061 at SUSECVE-2024-53061 at NVDCVE-2024-53063 at SUSECVE-2024-53063 at NVDCVE-2024-53066 at SUSECVE-2024-53066 at NVDCVE-2024-53068 at SUSECVE-2024-53068 at NVDCVE-2024-53072 at SUSECVE-2024-53072 at NVDCVE-2024-53074 at SUSECVE-2024-53074 at NVDCVE-2024-53076 at SUSECVE-2024-53076 at NVDCVE-2024-53079 at SUSECVE-2024-53079 at NVDCVE-2024-53081 at SUSECVE-2024-53081 at NVDCVE-2024-53082 at SUSECVE-2024-53082 at NVDCVE-2024-53085 at SUSECVE-2024-53085 at NVDCVE-2024-53088 at SUSECVE-2024-53088 at NVDCVE-2024-53093 at SUSECVE-2024-53093 at NVDCVE-2024-53094 at SUSECVE-2024-53094 at NVDCVE-2024-53095 at SUSECVE-2024-53095 at NVDCVE-2024-53096 at SUSECVE-2024-53096 at NVDCVE-2024-53100 at SUSECVE-2024-53100 at NVDCVE-2024-53101 at SUSECVE-2024-53101 at NVDCVE-2024-53104 at SUSECVE-2024-53104 at NVDCVE-2024-53106 at SUSECVE-2024-53106 at NVDCVE-2024-53108 at SUSECVE-2024-53108 at NVDCVE-2024-53110 at SUSECVE-2024-53110 at NVDCVE-2024-53112 at SUSECVE-2024-53112 at NVDCVE-2024-53114 at SUSECVE-2024-53114 at NVDCVE-2024-53121 at SUSECVE-2024-53121 at NVDCVE-2024-53138 at SUSECVE-2024-53138 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-53237: Fixed bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008)
- CVE-2024-56650: Fixed netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431)
ModerateSUSE bug 1235008SUSE bug 1235431CVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_11 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_11 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38678: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1248631SUSE bug 1249534CVE-2025-38664 at SUSECVE-2025-38664 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019)
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1246019SUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019)
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1246019SUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
- CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
- CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).
- CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (bsc#1248630).
- CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
- CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (bsc#1249182).
- CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
- CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
- CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
- CVE-2025-39683: tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286).
- CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).
- CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
- CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
- CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).
- CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
- CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).
- CVE-2025-39828: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control() (bsc#1250205).
- CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
- CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
- CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
- CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
- CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).
- CVE-2025-39898: e1000e: fix heap overflow in e1000_set_eeprom (bsc#1250742).
- CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
- CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
- CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
- CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
- CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
- CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
- CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
- CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
- CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
- CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).
- CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
- CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).
- CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
- CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
- CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774).
- CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree (bsc#1252918).
The following non-security bugs were fixed:
- ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path (stable-fixes).
- ACPI: battery: Add synchronization between interface updates (git-fixes).
- ACPI: battery: Check for error code from devm_mutex_init() call (git-fixes).
- ACPI: battery: allocate driver data through devm_ APIs (stable-fixes).
- ACPI: battery: initialize mutexes through devm_ APIs (stable-fixes).
- ACPI: button: Call input_free_device() on failing input device registration (git-fixes).
- ACPI: property: Add code comments explaining what is going on (stable-fixes).
- ACPI: property: Disregard references in data-only subnode lists (stable-fixes).
- ACPI: property: Do not pass NULL handles to acpi_attach_data() (stable-fixes git-fixes).
- ACPI: video: Fix use-after-free in acpi_video_switch_brightness() (git-fixes).
- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).
- ACPICA: Allow to skip Global Lock initialization (stable-fixes).
- ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings (git-fixes).
- ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card (git-fixes).
- ALSA: usb-audio: fix control pipe direction (git-fixes).
- ASoC: Intel: avs: Unprepare a stream when XRUN occurs (git-fixes).
- ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines tear down (git-fixes).
- ASoC: SOF: ipc4-topology: Correct the minimum host DMA buffer size (git-fixes).
- ASoC: amd: acp: Adjust pdm gain value (stable-fixes).
- ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec (git-fixes).
- ASoC: fsl_sai: fix bit order for DSD format (git-fixes).
- ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit (git-fixes).
- ASoC: nau8821: Cancel jdet_work before handling jack ejection (git-fixes).
- ASoC: nau8821: Generalize helper to clear IRQ status (git-fixes).
- ASoC: qdsp6: q6asm: do not sleep while atomic (git-fixes).
- ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue (stable-fixes).
- Bluetooth: btmtksdio: Add pmctrl handling for BT closed state during reset (git-fixes).
- Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 (stable-fixes).
- Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once (git-fixes).
- HID: hid-input: only ignore 0 battery events for digitizers (git-fixes).
- HID: multitouch: fix name of Stylus input devices (git-fixes).
- Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (git-fixes).
- KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).
- KVM: SEV: Read save fields from GHCB exactly once (git-fixes).
- KVM: SEV: Rename kvm_ghcb_get_sw_exit_code() to kvm_get_cached_sw_exit_code() (git-fixes).
- KVM: SEV: Validate XCR0 provided by guest in GHCB (git-fixes).
- KVM: SVM: Inject #GP if memory operand for INVPCID is non-canonical (git-fixes).
- KVM: SVM: Pass through GHCB MSR if and only if VM is an SEV-ES guest (git-fixes).
- KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow (git-fixes).
- KVM: x86/mmu: Prevent installing hugepages when mem attributes are changing (git-fixes).
- KVM: x86: Bypass register cache when querying CPL from kvm_sched_out() (git-fixes).
- KVM: x86: Clear pv_unhalted on all transitions to KVM_MP_STATE_RUNNABLE (git-fixes).
- KVM: x86: Do not bleed PVCLOCK_GUEST_STOPPED across PV clocks (git-fixes).
- KVM: x86: Do not inject PV async #PF if SEND_ALWAYS=0 and guest state is protected (git-fixes).
- KVM: x86: Introduce kvm_set_mp_state() (git-fixes).
- KVM: x86: Introduce kvm_x86_call() to simplify static calls of kvm_x86_ops (git-fixes).
- KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes).
- KVM: x86: Process "guest stopped request" once per guest time update (git-fixes).
- KVM: x86: Replace static_call_cond() with static_call() (git-fixes).
- KVM: x86: Set PVCLOCK_GUEST_STOPPED only for kvmclock, not for Xen PV clock (git-fixes).
- KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs (git-fixes).
- KVM: x86: Snapshot the host's DEBUGCTL in common x86 (git-fixes).
- KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer (git-fixes).
- NFSD: Define a proc_layoutcommit for the FlexFiles layout type (git-fixes).
- NFSD: Fix crash in nfsd4_read_release() (git-fixes).
- NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul() (git-fixes).
- NFSD: Minor cleanup in layoutcommit processing (git-fixes).
- NFSD: Rework encoding and decoding of nfsd4_deviceid (git-fixes).
- PCI/AER: Support errors introduced by PCIe r6.0 (stable-fixes).
- PCI: Add PCI_VDEVICE_SUB helper macro (stable-fixes).
- PCI: endpoint: Remove surplus return statement from pci_epf_test_clean_dma_chan() (stable-fixes).
- PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release (git-fixes).
- PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists (stable-fixes).
- PCI: j721e: Fix programming sequence of "strap" settings (git-fixes).
- PM: runtime: Add new devm functions (stable-fixes).
- Revert "KVM: VMX: Move LOAD_IA32_PERF_GLOBAL_CTRL errata handling out of setup_vmcs_config()" (git-fixes).
- USB: serial: option: add SIMCom 8230C compositions (git-fixes).
- USB: serial: option: add SIMCom 8230C compositions (stable-fixes).
- accel/ivpu: Add missing MODULE_FIRMWARE metadata (git-fixes).
- accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() (git-fixes).
- add bug reference to existing hv_netvsc change (bsc#1252265)
- arm64, mm: avoid always making PTE dirty in pte_mkwrite() (git-fixes)
- arm64: cputype: Add Neoverse-V3AE definitions (git-fixes)
- arm64: errata: Apply workarounds for Neoverse-V3AE (git-fixes)
- arm64: mte: Do not flag the zero page as PG_mte_tagged (git-fixes)
- bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364).
- bpf: Avoid RCU context warning when unpinning htab with internal structs (git-fixes).
- bpf: Check link_create.flags parameter for multi_kprobe (git-fixes).
- bpf: Check link_create.flags parameter for multi_uprobe (git-fixes).
- bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} (git-fixes).
- bpf: Use preempt_count() directly in bpf_send_signal_common() (git-fixes).
- btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (git-fixes).
- btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running (git-fixes).
- btrfs: fix the incorrect max_bytes value for find_lock_delalloc_range() (git-fixes).
- can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() (git-fixes).
- can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled (stable-fixes).
- can: netlink: can_changelink(): allow disabling of automatic restart (git-fixes).
- can: rcar_canfd: Fix controller mode setting (stable-fixes).
- clk: at91: peripheral: fix return value (git-fixes).
- clk: mediatek: clk-mux: Do not pass flags to clk_mux_determine_rate_flags() (git-fixes).
- clk: mediatek: mt8195-infra_ao: Fix parent for infra_ao_hdmi_26m (git-fixes).
- clk: tegra: do not overallocate memory for bpmp clocks (git-fixes).
- cpufreq: CPPC: fix perf_to_khz/khz_to_perf conversion exception (git-fixes).
- cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() (stable-fixes git-fixes).
- cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes).
- cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus() (git-fixes).
- cpufreq: scmi: Skip SCMI devices that are not used by the CPUs (stable-fixes).
- cpufreq: tegra186: Set target frequency for all cpus in policy (git-fixes).
- cpuidle: governors: menu: Avoid using invalid recent intervals data (git-fixes).
- cpuidle: menu: Avoid discarding useful information (stable-fixes).
- cpuidle: qcom-spm: fix device and OF node leaks at probe (git-fixes).
- crypto: essiv - Check ssize for decryption and in-place encryption (git-fixes).
- crypto: rng - Ensure set_ent is always present (git-fixes).
- driver core/PM: Set power.no_callbacks along with power.no_pm (stable-fixes).
- drivers/perf: arm_spe: Use perf_allow_kernel() for permissions (git-fixes).
- drm/amd/display: Add missing DCE6 SCL_HORZ_FILTER_INIT* SRIs (git-fixes).
- drm/amd/display: Disable scaling on DCE6 for now (git-fixes).
- drm/amd/display: Properly clear SCL_*_FILTER_CONTROL on DCE6 (git-fixes).
- drm/amd/display: Properly disable scaling on DCE6 (git-fixes).
- drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Fiji (git-fixes).
- drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Iceland (git-fixes).
- drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).
- drm/amd/powerplay: Fix CIK shutdown temperature (git-fixes).
- drm/amd: Check whether secure display TA loaded successfully (stable-fixes).
- drm/amdgpu: Add additional DCE6 SCL registers (git-fixes).
- drm/amdgpu: use atomic functions with memory barriers for vm fault info (git-fixes).
- drm/bridge: lt9211: Drop check for last nibble of version register (git-fixes).
- drm/etnaviv: fix flush sequence logic (git-fixes).
- drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions (stable-fixes).
- drm/exynos: exynos7_drm_decon: properly clear channels during bind (stable-fixes).
- drm/i915/guc: Skip communication warning on reset in progress (git-fixes).
- drm/mediatek: Fix device use-after-free on unbind (git-fixes).
- drm/msm/a6xx: Fix GMU firmware parser (git-fixes).
- drm/msm/adreno: De-spaghettify the use of memory barriers (stable-fixes).
- drm/msm/dpu: Fix pixel extension sub-sampling (git-fixes).
- drm/nouveau: fix bad ret code in nouveau_bo_move_prep (git-fixes).
- drm/panel: kingdisplay-kd097d04: Disable EoTp (git-fixes).
- drm/panel: sitronix-st7789v: fix sync flags for t28cp45tn89 (git-fixes).
- drm/rockchip: vop2: use correct destination rectangle height check (git-fixes).
- drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (git-fixes).
- drm/vmwgfx: Fix Use-after-free in validation (git-fixes).
- drm/vmwgfx: Fix a null-ptr access in the cursor snooper (git-fixes).
- drm/vmwgfx: Fix copy-paste typo in validation (git-fixes).
- ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (git-fixes).
- ext4: check fast symlink for ea_inode correctly (git-fixes).
- ext4: do not convert the unwritten extents if data writeback fails (git-fixes).
- ext4: do not try to clear the orphan_present feature block device is r/o (git-fixes).
- ext4: ensure i_size is smaller than maxbytes (git-fixes).
- ext4: factor out ext4_get_maxbytes() (git-fixes).
- ext4: fix calculation of credits for extent tree modification (git-fixes).
- ext4: fix checks for orphan inodes (bsc#1250119).
- ext4: fix fsmap end of range reporting with bigalloc (git-fixes).
- ext4: fix hole length calculation overflow in non-extent inodes (git-fixes).
- ext4: fix largest free orders lists corruption on mb_optimize_scan switch (git-fixes).
- ext4: fix reserved gdt blocks handling in fsmap (git-fixes).
- ext4: fix zombie groups in average fragment size lists (git-fixes).
- ext4: preserve SB_I_VERSION on remount (git-fixes).
- ext4: reorder capability check last (git-fixes).
- fbdev: Fix logic error in "offb" name match (git-fixes).
- fbdev: atyfb: Check if pll_ops->init_pll failed (git-fixes).
- fbdev: valkyriefb: Fix reference count leak in valkyriefb_init (git-fixes).
- firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode (git-fixes).
- fs: udf: fix OOB read in lengthAllocDescs handling (git-fixes).
- ftrace: fix incorrect hash size in register_ftrace_direct() (git-fixes).
- gpio: wcd934x: mark the GPIO controller as sleeping (git-fixes).
- hfs: validate record offset in hfsplus_bmap_alloc (git-fixes).
- hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() (git-fixes).
- hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() (git-fixes).
- hid: fix I2C read buffer overflow in raw_event() for mcp2221 (stable-fixes).
- i2c: ocores: use devm_ managed clks (git-fixes).
- iomap: Fix iomap_adjust_read_range for plen calculation (git-fixes).
- iomap: handle a post-direct I/O invalidate race in iomap_write_delalloc_release (git-fixes).
- iommu/vt-d: Disallow dirty tracking if incoherent page walk (git-fixes).
- iommu/vt-d: PRS isn't usable if PDS isn't supported (git-fixes).
- isofs: Verify inode mode when loading from disk (git-fixes).
- jbd2: do not try to recover wiped journal (git-fixes).
- kABI fix for KVM: x86: Snapshot the host's DEBUGCTL in common x86 (git-fixes).
- kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
- kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930).
- lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older (stable-fixes).
- locking/mutex: Introduce devm_mutex_init() (stable-fixes).
- locking/mutex: Mark devm_mutex_init() as __must_check (stable-fixes).
- mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop (git-fixes).
- mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes (git-fixes).
- mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call (git-fixes).
- media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe (git-fixes).
- media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() (stable-fixes).
- media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c) (git-fixes).
- media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes).
- media: tunner: xc5000: Refactor firmware load (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag (git-fixes).
- misc: fastrpc: Add missing dev_err newlines (stable-fixes).
- misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup (git-fixes).
- misc: fastrpc: Fix fastrpc_map_lookup operation (git-fixes).
- misc: fastrpc: Save actual DMA size in fastrpc_map structure (git-fixes).
- misc: fastrpc: Skip reference for DMA handles (git-fixes).
- misc: fastrpc: fix possible map leak in fastrpc_put_args (git-fixes).
- mmc: core: SPI mode remove cmd7 (stable-fixes).
- module: Prevent silent truncation of module name in delete_module(2) (git-fixes).
- most: usb: Fix use-after-free in hdm_disconnect (git-fixes).
- most: usb: hdm_probe: Fix calling put_device() before device initialization (git-fixes).
- mtd: rawnand: fsmc: Default to autodetect buswidth (stable-fixes).
- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
- net: phy: dp83869: fix STRAP_OPMODE bitmask (git-fixes).
- net: sysfs: Fix /sys/class/net/<iface> path (git-fixes).
- net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock (git-fixes).
- net: usb: asix_devices: Check return value of usbnet_get_endpoints (git-fixes).
- net: usb: lan78xx: Add error handling to lan78xx_init_mac_address (git-fixes).
- net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset (git-fixes).
- net: usb: rtl8150: Fix frame padding (git-fixes).
- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
- nfsd: nfserr_jukebox in nlm_fopen should lead to a retry (git-fixes).
- nvme-multipath: Skip nr_active increments in RETRY disposition (git-fixes).
- nvme-pci: Add TUXEDO IBS Gen8 to Samsung sleep quirk (git-fixes).
- nvme/tcp: handle tls partially sent records in write_space() (git-fixes).
- overlayfs: set ctime when setting mtime and atime (stable-fixes).
- ovl: Always reevaluate the file signature for IMA (stable-fixes).
- ovl: fix file reference leak when submitting aio (stable-fixes).
- ovl: fix incorrect fdput() on aio completion (stable-fixes).
- perf/amd/ibs: Fix ->config to sample period calculation for OP PMU (git-fixes).
- perf/amd/ibs: Fix perf_ibs_op.cnt_mask for CurCnt (git-fixes).
- perf/amd: Prevent grouping of IBS events (git-fixes).
- perf/aux: Fix pending disable flow when the AUX ring buffer overruns (git-fixes).
- perf/bpf: Robustify perf_event_free_bpf_prog() (git-fixes).
- perf/core: Fix WARN in perf_cgroup_switch() (git-fixes).
- perf/core: Fix broken throttling when max_samples_per_tick=1 (git-fixes).
- perf/core: Fix child_total_time_enabled accounting bug at task exit (git-fixes).
- perf/core: Fix low freq setting via IOC_PERIOD (git-fixes).
- perf/core: Fix pmus_lock vs. pmus_srcu ordering (git-fixes).
- perf/core: Fix small negative period being ignored (git-fixes).
- perf/core: Fix the WARN_ON_ONCE is out of lock protected region (git-fixes).
- perf/hw_breakpoint: Return EOPNOTSUPP for unsupported breakpoint type (git-fixes).
- perf/ring_buffer: Allow the EPOLLRDNORM flag for poll (git-fixes).
- perf/x86/amd: Warn only on new bits set (git-fixes).
- perf/x86/intel/ds: Unconditionally drain PEBS DS when changing PEBS_DATA_CFG (git-fixes).
- perf/x86/intel/pt: Fix sampling synchronization (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on ICX (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SPR (git-fixes).
- perf/x86/intel: Allow to setup LBR for counting event for BPF (git-fixes).
- perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).
- perf/x86/intel: Apply static call for drain_pebs (git-fixes).
- perf/x86/intel: Avoid disable PMU if !cpuc->enabled in sample read (git-fixes).
- perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes).
- perf/x86/intel: Only check the group flag for X86 leader (git-fixes).
- perf/x86/intel: Use better start period for frequency mode (git-fixes).
- perf/x86: Fix low freqency setting issue (git-fixes).
- perf/x86: Fix non-sampling (counting) events on certain x86 platforms (git-fixes).
- perf: Ensure bpf_perf_link path is properly serialized (git-fixes).
- perf: Extract a few helpers (git-fixes).
- perf: Fix cgroup state vs ERROR (git-fixes).
- phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling (git-fixes).
- phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
- phy: cdns-dphy: Store hs_clk_rate and return it (stable-fixes).
- platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list (stable-fixes).
- platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list (stable-fixes).
- powerpc/boot: Fix build with gcc 15 (bsc#1215199).
- powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
- powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
- powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
- powerpc: export MIN RMA size (bsc#1236743 ltc#211409).
- powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
- powerpc: increase MIN RMA size for CAS negotiation (bsc#1236743 ltc#211409 bsc#1252269 ltc#215957).
- proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
- proc: fix type confusion in pde_set_flags() (bsc#1248630)
- r8152: add error handling in rtl8152_driver_init (git-fixes).
- r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H (git-fixes).
- regmap: slimbus: fix bus_context pointer in regmap init calls (git-fixes).
- regulator: bd718x7: Fix voltages scaled by resistor divider (git-fixes).
- rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946).
- rtc: interface: Ensure alarm irq is enabled when UIE is enabled (stable-fixes).
- rtc: interface: Fix long-standing race when setting alarm (stable-fixes).
- rtc: optee: fix memory leak on driver removal (git-fixes).
- rtc: x1205: Fix Xicor X1205 vendor prefix (git-fixes).
- s390: Initialize psw mask in perf_arch_fetch_caller_regs() (git-fixes).
- samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora (git-fixes).
- sched/fair: set_load_weight() must also call reweight_task() (git-fixes)
- sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517).
- selftests/bpf: Add test for unpinning htab with internal timer struct (git-fixes).
- selftests/bpf: Fix C++ compile error from missing _Bool type (git-fixes).
- selftests/bpf: Fix a fd leak in error paths in open_netns (git-fixes).
- selftests/bpf: Fix backtrace printing for selftests crashes (git-fixes).
- selftests/bpf: Fix compile error from rlim_t in sk_storage_map.c (git-fixes).
- selftests/bpf: Fix compile if backtrace support missing in libc (git-fixes).
- selftests/bpf: Fix compiling core_reloc.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling flow_dissector.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling kfree_skb.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling parse_tcp_hdr_opt.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling tcp_rtt.c with musl-libc (git-fixes).
- selftests/bpf: Fix cross-compiling urandom_read (git-fixes).
- selftests/bpf: Fix error compiling bpf_iter_setsockopt.c with musl libc (git-fixes).
- selftests/bpf: Fix error compiling tc_redirect.c with musl libc (git-fixes).
- selftests/bpf: Fix error compiling test_lru_map.c (git-fixes).
- selftests/bpf: Fix errors compiling cg_storage_multi.h with musl libc (git-fixes).
- selftests/bpf: Fix errors compiling decap_sanity.c with musl libc (git-fixes).
- selftests/bpf: Fix errors compiling lwt_redirect.c with musl libc (git-fixes).
- selftests/bpf: Fix redefinition errors compiling lwt_reroute.c (git-fixes).
- selftests/bpf: Fix umount cgroup2 error in test_sockmap (git-fixes).
- selftests/bpf: Use bpf_link__destroy in fill_link_info tests (git-fixes).
- selftests/tracing: Fix event filter test to retry up to 10 times (git-fixes).
- selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len (git-fixes).
- serial: 8250_dw: handle reset control deassert error (git-fixes).
- skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
- smb: client: fix crypto buffers in non-linear memory (bsc#1250491, boo#1239206).
- smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886).
- spi: spi-nxp-fspi: add extra delay after dll locked (git-fixes).
- staging: axis-fifo: fix TX handling on copy_from_user() failure (git-fixes).
- staging: axis-fifo: fix maximum TX packet length check (git-fixes).
- staging: axis-fifo: flush RX FIFO on read errors (git-fixes).
- sunrpc: fix null pointer dereference on zero-length checksum (git-fixes).
- tcp: Do not call reqsk_fastopen_remove() in tcp_conn_request() (git-fixes).
- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
- tools/resolve_btfids: Fix build when cross compiling kernel with clang (git-fixes).
- tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single (git-fixes).
- tracing/selftests: Fix kprobe event name test for .isra. functions (git-fixes).
- tracing: Correct the refcount if the hist/hist_debug file fails to open (git-fixes).
- tracing: Fix filter string testing (git-fixes).
- tracing: Remove unneeded goto out logic (bsc#1249286).
- udf: Make sure i_lenExtents is uptodate on inode eviction (git-fixes).
- udf: Verify partition map count (git-fixes).
- usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm (git-fixes).
- usb: hub: Fix flushing of delayed work used for post resume purposes (git-fixes).
- usb: hub: fix detection of high tier USB3 devices behind suspended hubs (git-fixes).
- usb: phy: twl6030: Fix incorrect type for ret (git-fixes).
- usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes).
- usb: xhci: Limit Stop Endpoint retries (git-fixes).
- usb: xhci: Limit Stop Endpoint retries (git-fixes).
- usbnet: Fix using smp_processor_id() in preemptible code warnings (git-fixes).
- usbnet: Prevents free active kevent (git-fixes).
- wifi: ath10k: Fix memory leak on unsupported WMI command (git-fixes).
- wifi: ath11k: Add missing platform IDs for quirk table (git-fixes).
- wifi: ath12k: free skb during idr cleanup callback (git-fixes).
- wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (git-fixes).
- wifi: mac80211: reset FILS discovery and unsol probe resp intervals (git-fixes).
- wifi: mt76: mt7921u: Add VID/PID for Netgear A7500 (stable-fixes).
- wifi: rtlwifi: rtl8192cu: Do not claim USB ID 07b8:8188 (stable-fixes).
- x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).
- xfs: rename the old_crc variable in xlog_recover_process (git-fixes).
- xhci: dbc: enable back DbC in resume if it was enabled before suspend (git-fixes).
- xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1214954SUSE bug 1215143SUSE bug 1215199SUSE bug 1216396SUSE bug 1220419SUSE bug 1236743SUSE bug 1239206SUSE bug 1244939SUSE bug 1248211SUSE bug 1248230SUSE bug 1248517SUSE bug 1248630SUSE bug 1248754SUSE bug 1248886SUSE bug 1249161SUSE bug 1249182SUSE bug 1249224SUSE bug 1249286SUSE bug 1249302SUSE bug 1249317SUSE bug 1249319SUSE bug 1249320SUSE bug 1249512SUSE bug 1249595SUSE bug 1249608SUSE bug 1250032SUSE bug 1250119SUSE bug 1250202SUSE bug 1250205SUSE bug 1250237SUSE bug 1250274SUSE bug 1250296SUSE bug 1250379SUSE bug 1250400SUSE bug 1250455SUSE bug 1250491SUSE bug 1250519SUSE bug 1250650SUSE bug 1250702SUSE bug 1250704SUSE bug 1250721SUSE bug 1250742SUSE bug 1250946SUSE bug 1251024SUSE bug 1251027SUSE bug 1251028SUSE bug 1251031SUSE bug 1251035SUSE bug 1251038SUSE bug 1251043SUSE bug 1251045SUSE bug 1251052SUSE bug 1251053SUSE bug 1251054SUSE bug 1251056SUSE bug 1251057SUSE bug 1251059SUSE bug 1251060SUSE bug 1251065SUSE bug 1251066SUSE bug 1251067SUSE bug 1251068SUSE bug 1251071SUSE bug 1251076SUSE bug 1251079SUSE bug 1251081SUSE bug 1251083SUSE bug 1251084SUSE bug 1251100SUSE bug 1251105SUSE bug 1251106SUSE bug 1251108SUSE bug 1251113SUSE bug 1251114SUSE bug 1251119SUSE bug 1251123SUSE bug 1251126SUSE bug 1251132SUSE bug 1251134SUSE bug 1251143SUSE bug 1251146SUSE bug 1251150SUSE bug 1251152SUSE bug 1251153SUSE bug 1251159SUSE bug 1251161SUSE bug 1251170SUSE bug 1251177SUSE bug 1251180SUSE bug 1251206SUSE bug 1251215SUSE bug 1251216SUSE bug 1251222SUSE bug 1251230SUSE bug 1251232SUSE bug 1251233SUSE bug 1251247SUSE bug 1251268SUSE bug 1251269SUSE bug 1251270SUSE bug 1251282SUSE bug 1251283SUSE bug 1251286SUSE bug 1251290SUSE bug 1251319SUSE bug 1251321SUSE bug 1251323SUSE bug 1251328SUSE bug 1251529SUSE bug 1251721SUSE bug 1251732SUSE bug 1251742SUSE bug 1251743SUSE bug 1251746SUSE bug 1251748SUSE bug 1251749SUSE bug 1251750SUSE bug 1251754SUSE bug 1251755SUSE bug 1251756SUSE bug 1251758SUSE bug 1251759SUSE bug 1251760SUSE bug 1251762SUSE bug 1251763SUSE bug 1251764SUSE bug 1251769SUSE bug 1251771SUSE bug 1251772SUSE bug 1251777SUSE bug 1251780SUSE bug 1251804SUSE bug 1251810SUSE bug 1251930SUSE bug 1251967SUSE bug 1252033SUSE bug 1252035SUSE bug 1252039SUSE bug 1252044SUSE bug 1252047SUSE bug 1252051SUSE bug 1252052SUSE bug 1252056SUSE bug 1252060SUSE bug 1252062SUSE bug 1252064SUSE bug 1252065SUSE bug 1252069SUSE bug 1252070SUSE bug 1252072SUSE bug 1252074SUSE bug 1252075SUSE bug 1252078SUSE bug 1252079SUSE bug 1252082SUSE bug 1252083SUSE bug 1252265SUSE bug 1252269SUSE bug 1252332SUSE bug 1252336SUSE bug 1252346SUSE bug 1252348SUSE bug 1252349SUSE bug 1252364SUSE bug 1252479SUSE bug 1252481SUSE bug 1252489SUSE bug 1252490SUSE bug 1252492SUSE bug 1252495SUSE bug 1252496SUSE bug 1252499SUSE bug 1252534SUSE bug 1252536SUSE bug 1252537SUSE bug 1252550SUSE bug 1252553SUSE bug 1252559SUSE bug 1252561SUSE bug 1252564SUSE bug 1252565SUSE bug 1252566SUSE bug 1252632SUSE bug 1252668SUSE bug 1252678SUSE bug 1252679SUSE bug 1252685SUSE bug 1252688SUSE bug 1252772SUSE bug 1252774SUSE bug 1252775SUSE bug 1252785SUSE bug 1252787SUSE bug 1252789SUSE bug 1252797SUSE bug 1252822SUSE bug 1252826SUSE bug 1252841SUSE bug 1252848SUSE bug 1252849SUSE bug 1252850SUSE bug 1252851SUSE bug 1252854SUSE bug 1252858SUSE bug 1252865SUSE bug 1252866SUSE bug 1252873SUSE bug 1252902SUSE bug 1252904SUSE bug 1252909SUSE bug 1252918SUSE bug 1252939CVE-2023-53538 at SUSECVE-2023-53538 at NVDCVE-2023-53539 at SUSECVE-2023-53539 at NVDCVE-2023-53540 at SUSECVE-2023-53540 at NVDCVE-2023-53541 at SUSECVE-2023-53541 at NVDCVE-2023-53543 at SUSECVE-2023-53543 at NVDCVE-2023-53545 at SUSECVE-2023-53545 at NVDCVE-2023-53546 at SUSECVE-2023-53546 at NVDCVE-2023-53548 at SUSECVE-2023-53548 at NVDCVE-2023-53550 at SUSECVE-2023-53550 at NVDCVE-2023-53552 at SUSECVE-2023-53552 at NVDCVE-2023-53553 at SUSECVE-2023-53553 at NVDCVE-2023-53554 at SUSECVE-2023-53554 at NVDCVE-2023-53555 at SUSECVE-2023-53555 at NVDCVE-2023-53556 at SUSECVE-2023-53556 at NVDCVE-2023-53557 at SUSECVE-2023-53557 at NVDCVE-2023-53558 at SUSECVE-2023-53558 at NVDCVE-2023-53559 at SUSECVE-2023-53559 at NVDCVE-2023-53560 at SUSECVE-2023-53560 at NVDCVE-2023-53563 at SUSECVE-2023-53563 at NVDCVE-2023-53568 at SUSECVE-2023-53568 at NVDCVE-2023-53570 at SUSECVE-2023-53570 at NVDCVE-2023-53572 at SUSECVE-2023-53572 at NVDCVE-2023-53574 at SUSECVE-2023-53574 at NVDCVE-2023-53575 at SUSECVE-2023-53575 at NVDCVE-2023-53577 at SUSECVE-2023-53577 at NVDCVE-2023-53579 at SUSECVE-2023-53579 at NVDCVE-2023-53580 at SUSECVE-2023-53580 at NVDCVE-2023-53581 at SUSECVE-2023-53581 at NVDCVE-2023-53583 at SUSECVE-2023-53583 at NVDCVE-2023-53585 at SUSECVE-2023-53585 at NVDCVE-2023-53588 at SUSECVE-2023-53588 at NVDCVE-2023-53593 at SUSECVE-2023-53593 at NVDCVE-2023-53596 at SUSECVE-2023-53596 at NVDCVE-2023-53597 at SUSECVE-2023-53597 at NVDCVE-2023-53599 at SUSECVE-2023-53599 at NVDCVE-2023-53600 at SUSECVE-2023-53600 at NVDCVE-2023-53601 at SUSECVE-2023-53601 at NVDCVE-2023-53602 at SUSECVE-2023-53602 at NVDCVE-2023-53603 at SUSECVE-2023-53603 at NVDCVE-2023-53611 at SUSECVE-2023-53611 at NVDCVE-2023-53613 at SUSECVE-2023-53613 at NVDCVE-2023-53615 at SUSECVE-2023-53615 at NVDCVE-2023-53616 at SUSECVE-2023-53616 at NVDCVE-2023-53617 at SUSECVE-2023-53617 at NVDCVE-2023-53618 at SUSECVE-2023-53618 at NVDCVE-2023-53619 at SUSECVE-2023-53619 at NVDCVE-2023-53621 at SUSECVE-2023-53621 at NVDCVE-2023-53622 at SUSECVE-2023-53622 at NVDCVE-2023-53631 at SUSECVE-2023-53631 at NVDCVE-2023-53632 at SUSECVE-2023-53632 at NVDCVE-2023-53633 at SUSECVE-2023-53633 at NVDCVE-2023-53638 at SUSECVE-2023-53638 at NVDCVE-2023-53645 at SUSECVE-2023-53645 at NVDCVE-2023-53646 at SUSECVE-2023-53646 at NVDCVE-2023-53647 at SUSECVE-2023-53647 at NVDCVE-2023-53648 at SUSECVE-2023-53648 at NVDCVE-2023-53649 at SUSECVE-2023-53649 at NVDCVE-2023-53650 at SUSECVE-2023-53650 at NVDCVE-2023-53652 at SUSECVE-2023-53652 at NVDCVE-2023-53653 at SUSECVE-2023-53653 at NVDCVE-2023-53654 at SUSECVE-2023-53654 at NVDCVE-2023-53656 at SUSECVE-2023-53656 at NVDCVE-2023-53657 at SUSECVE-2023-53657 at NVDCVE-2023-53658 at SUSECVE-2023-53658 at NVDCVE-2023-53659 at SUSECVE-2023-53659 at NVDCVE-2023-53660 at SUSECVE-2023-53660 at NVDCVE-2023-53662 at SUSECVE-2023-53662 at NVDCVE-2023-53663 at SUSECVE-2023-53663 at NVDCVE-2023-53665 at SUSECVE-2023-53665 at NVDCVE-2023-53666 at SUSECVE-2023-53666 at NVDCVE-2023-53668 at SUSECVE-2023-53668 at NVDCVE-2023-53670 at SUSECVE-2023-53670 at NVDCVE-2023-53672 at SUSECVE-2023-53672 at NVDCVE-2023-53673 at SUSECVE-2023-53673 at NVDCVE-2023-53674 at SUSECVE-2023-53674 at NVDCVE-2023-53681 at SUSECVE-2023-53681 at NVDCVE-2023-53686 at SUSECVE-2023-53686 at NVDCVE-2023-53687 at SUSECVE-2023-53687 at NVDCVE-2023-53693 at SUSECVE-2023-53693 at NVDCVE-2023-53697 at SUSECVE-2023-53697 at NVDCVE-2023-53698 at SUSECVE-2023-53698 at NVDCVE-2023-53699 at SUSECVE-2023-53699 at NVDCVE-2023-53703 at SUSECVE-2023-53703 at NVDCVE-2023-53704 at SUSECVE-2023-53704 at NVDCVE-2023-53707 at SUSECVE-2023-53707 at NVDCVE-2023-53708 at SUSECVE-2023-53708 at NVDCVE-2023-53711 at SUSECVE-2023-53711 at NVDCVE-2023-53713 at SUSECVE-2023-53713 at NVDCVE-2023-53718 at SUSECVE-2023-53718 at NVDCVE-2023-53721 at SUSECVE-2023-53721 at NVDCVE-2023-53722 at SUSECVE-2023-53722 at NVDCVE-2023-53725 at SUSECVE-2023-53725 at NVDCVE-2023-53726 at SUSECVE-2023-53726 at NVDCVE-2023-53727 at SUSECVE-2023-53727 at NVDCVE-2023-53728 at SUSECVE-2023-53728 at NVDCVE-2023-53729 at SUSECVE-2023-53729 at NVDCVE-2023-53730 at SUSECVE-2023-53730 at NVDCVE-2023-53731 at SUSECVE-2023-53731 at NVDCVE-2023-53733 at SUSECVE-2023-53733 at NVDCVE-2025-38008 at SUSECVE-2025-38008 at NVDCVE-2025-38539 at SUSECVE-2025-38539 at NVDCVE-2025-38552 at SUSECVE-2025-38552 at NVDCVE-2025-38653 at SUSECVE-2025-38653 at NVDCVE-2025-38699 at SUSECVE-2025-38699 at NVDCVE-2025-38700 at SUSECVE-2025-38700 at NVDCVE-2025-38718 at SUSECVE-2025-38718 at NVDCVE-2025-39673 at SUSECVE-2025-39673 at NVDCVE-2025-39676 at SUSECVE-2025-39676 at NVDCVE-2025-39683 at SUSECVE-2025-39683 at NVDCVE-2025-39697 at SUSECVE-2025-39697 at NVDCVE-2025-39702 at SUSECVE-2025-39702 at NVDCVE-2025-39756 at SUSECVE-2025-39756 at NVDCVE-2025-39794 at SUSECVE-2025-39794 at NVDCVE-2025-39797 at SUSECVE-2025-39797 at NVDCVE-2025-39812 at SUSECVE-2025-39812 at NVDCVE-2025-39813 at SUSECVE-2025-39813 at NVDCVE-2025-39828 at SUSECVE-2025-39828 at NVDCVE-2025-39841 at SUSECVE-2025-39841 at NVDCVE-2025-39851 at SUSECVE-2025-39851 at NVDCVE-2025-39866 at SUSECVE-2025-39866 at NVDCVE-2025-39876 at SUSECVE-2025-39876 at NVDCVE-2025-39881 at SUSECVE-2025-39881 at NVDCVE-2025-39895 at SUSECVE-2025-39895 at NVDCVE-2025-39898 at SUSECVE-2025-39898 at NVDCVE-2025-39902 at SUSECVE-2025-39902 at NVDCVE-2025-39911 at SUSECVE-2025-39911 at NVDCVE-2025-39931 at SUSECVE-2025-39931 at NVDCVE-2025-39934 at SUSECVE-2025-39934 at NVDCVE-2025-39937 at SUSECVE-2025-39937 at NVDCVE-2025-39938 at SUSECVE-2025-39938 at NVDCVE-2025-39945 at SUSECVE-2025-39945 at NVDCVE-2025-39946 at SUSECVE-2025-39946 at NVDCVE-2025-39947 at SUSECVE-2025-39947 at NVDCVE-2025-39948 at SUSECVE-2025-39948 at NVDCVE-2025-39949 at SUSECVE-2025-39949 at NVDCVE-2025-39952 at SUSECVE-2025-39952 at NVDCVE-2025-39955 at SUSECVE-2025-39955 at NVDCVE-2025-39957 at SUSECVE-2025-39957 at NVDCVE-2025-39965 at SUSECVE-2025-39965 at NVDCVE-2025-39967 at SUSECVE-2025-39967 at NVDCVE-2025-39968 at SUSECVE-2025-39968 at NVDCVE-2025-39969 at SUSECVE-2025-39969 at NVDCVE-2025-39970 at SUSECVE-2025-39970 at NVDCVE-2025-39971 at SUSECVE-2025-39971 at NVDCVE-2025-39972 at SUSECVE-2025-39972 at NVDCVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-39978 at SUSECVE-2025-39978 at NVDCVE-2025-39981 at SUSECVE-2025-39981 at NVDCVE-2025-39982 at SUSECVE-2025-39982 at NVDCVE-2025-39985 at SUSECVE-2025-39985 at NVDCVE-2025-39986 at SUSECVE-2025-39986 at NVDCVE-2025-39987 at SUSECVE-2025-39987 at NVDCVE-2025-39988 at SUSECVE-2025-39988 at NVDCVE-2025-39991 at SUSECVE-2025-39991 at NVDCVE-2025-39993 at SUSECVE-2025-39993 at NVDCVE-2025-39994 at SUSECVE-2025-39994 at NVDCVE-2025-39995 at SUSECVE-2025-39995 at NVDCVE-2025-39996 at SUSECVE-2025-39996 at NVDCVE-2025-39997 at SUSECVE-2025-39997 at NVDCVE-2025-40000 at SUSECVE-2025-40000 at NVDCVE-2025-40005 at SUSECVE-2025-40005 at NVDCVE-2025-40010 at SUSECVE-2025-40010 at NVDCVE-2025-40011 at SUSECVE-2025-40011 at NVDCVE-2025-40013 at SUSECVE-2025-40013 at NVDCVE-2025-40016 at SUSECVE-2025-40016 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40019 at SUSECVE-2025-40019 at NVDCVE-2025-40020 at SUSECVE-2025-40020 at NVDCVE-2025-40029 at SUSECVE-2025-40029 at NVDCVE-2025-40032 at SUSECVE-2025-40032 at NVDCVE-2025-40035 at SUSECVE-2025-40035 at NVDCVE-2025-40036 at SUSECVE-2025-40036 at NVDCVE-2025-40043 at SUSECVE-2025-40043 at NVDCVE-2025-40044 at SUSECVE-2025-40044 at NVDCVE-2025-40049 at SUSECVE-2025-40049 at NVDCVE-2025-40051 at SUSECVE-2025-40051 at NVDCVE-2025-40052 at SUSECVE-2025-40052 at NVDCVE-2025-40056 at SUSECVE-2025-40056 at NVDCVE-2025-40058 at SUSECVE-2025-40058 at NVDCVE-2025-40060 at SUSECVE-2025-40060 at NVDCVE-2025-40061 at SUSECVE-2025-40061 at NVDCVE-2025-40062 at SUSECVE-2025-40062 at NVDCVE-2025-40071 at SUSECVE-2025-40071 at NVDCVE-2025-40078 at SUSECVE-2025-40078 at NVDCVE-2025-40080 at SUSECVE-2025-40080 at NVDCVE-2025-40082 at SUSECVE-2025-40082 at NVDCVE-2025-40085 at SUSECVE-2025-40085 at NVDCVE-2025-40087 at SUSECVE-2025-40087 at NVDCVE-2025-40088 at SUSECVE-2025-40088 at NVDCVE-2025-40096 at SUSECVE-2025-40096 at NVDCVE-2025-40100 at SUSECVE-2025-40100 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
- CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
- CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).
- CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (bsc#1248630).
- CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
- CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (bsc#1249182).
- CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
- CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
- CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
- CVE-2025-39683: tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286).
- CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).
- CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
- CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
- CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).
- CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
- CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).
- CVE-2025-39828: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control() (bsc#1250205).
- CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
- CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
- CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
- CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
- CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).
- CVE-2025-39898: e1000e: fix heap overflow in e1000_set_eeprom (bsc#1250742).
- CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
- CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
- CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
- CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
- CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
- CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
- CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
- CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
- CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
- CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).
- CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
- CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).
- CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
- CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
- CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774).
- CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree (bsc#1252918).
The following non-security bugs were fixed:
- ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path (stable-fixes).
- ACPI: battery: Add synchronization between interface updates (git-fixes).
- ACPI: battery: Check for error code from devm_mutex_init() call (git-fixes).
- ACPI: battery: allocate driver data through devm_ APIs (stable-fixes).
- ACPI: battery: initialize mutexes through devm_ APIs (stable-fixes).
- ACPI: button: Call input_free_device() on failing input device registration (git-fixes).
- ACPI: property: Add code comments explaining what is going on (stable-fixes).
- ACPI: property: Disregard references in data-only subnode lists (stable-fixes).
- ACPI: property: Do not pass NULL handles to acpi_attach_data() (stable-fixes git-fixes).
- ACPI: video: Fix use-after-free in acpi_video_switch_brightness() (git-fixes).
- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).
- ACPICA: Allow to skip Global Lock initialization (stable-fixes).
- ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings (git-fixes).
- ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card (git-fixes).
- ALSA: usb-audio: fix control pipe direction (git-fixes).
- ASoC: Intel: avs: Unprepare a stream when XRUN occurs (git-fixes).
- ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines tear down (git-fixes).
- ASoC: SOF: ipc4-topology: Correct the minimum host DMA buffer size (git-fixes).
- ASoC: amd: acp: Adjust pdm gain value (stable-fixes).
- ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec (git-fixes).
- ASoC: fsl_sai: fix bit order for DSD format (git-fixes).
- ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit (git-fixes).
- ASoC: nau8821: Cancel jdet_work before handling jack ejection (git-fixes).
- ASoC: nau8821: Generalize helper to clear IRQ status (git-fixes).
- ASoC: qdsp6: q6asm: do not sleep while atomic (git-fixes).
- ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue (stable-fixes).
- Bluetooth: btmtksdio: Add pmctrl handling for BT closed state during reset (git-fixes).
- Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 (stable-fixes).
- Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once (git-fixes).
- HID: hid-input: only ignore 0 battery events for digitizers (git-fixes).
- HID: multitouch: fix name of Stylus input devices (git-fixes).
- Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (git-fixes).
- KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).
- KVM: SEV: Read save fields from GHCB exactly once (git-fixes).
- KVM: SEV: Rename kvm_ghcb_get_sw_exit_code() to kvm_get_cached_sw_exit_code() (git-fixes).
- KVM: SEV: Validate XCR0 provided by guest in GHCB (git-fixes).
- KVM: SVM: Inject #GP if memory operand for INVPCID is non-canonical (git-fixes).
- KVM: SVM: Pass through GHCB MSR if and only if VM is an SEV-ES guest (git-fixes).
- KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow (git-fixes).
- KVM: x86/mmu: Prevent installing hugepages when mem attributes are changing (git-fixes).
- KVM: x86: Bypass register cache when querying CPL from kvm_sched_out() (git-fixes).
- KVM: x86: Clear pv_unhalted on all transitions to KVM_MP_STATE_RUNNABLE (git-fixes).
- KVM: x86: Do not bleed PVCLOCK_GUEST_STOPPED across PV clocks (git-fixes).
- KVM: x86: Do not inject PV async #PF if SEND_ALWAYS=0 and guest state is protected (git-fixes).
- KVM: x86: Introduce kvm_set_mp_state() (git-fixes).
- KVM: x86: Introduce kvm_x86_call() to simplify static calls of kvm_x86_ops (git-fixes).
- KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes).
- KVM: x86: Process "guest stopped request" once per guest time update (git-fixes).
- KVM: x86: Replace static_call_cond() with static_call() (git-fixes).
- KVM: x86: Set PVCLOCK_GUEST_STOPPED only for kvmclock, not for Xen PV clock (git-fixes).
- KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs (git-fixes).
- KVM: x86: Snapshot the host's DEBUGCTL in common x86 (git-fixes).
- KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer (git-fixes).
- NFSD: Define a proc_layoutcommit for the FlexFiles layout type (git-fixes).
- NFSD: Fix crash in nfsd4_read_release() (git-fixes).
- NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul() (git-fixes).
- NFSD: Minor cleanup in layoutcommit processing (git-fixes).
- NFSD: Rework encoding and decoding of nfsd4_deviceid (git-fixes).
- PCI/AER: Support errors introduced by PCIe r6.0 (stable-fixes).
- PCI: Add PCI_VDEVICE_SUB helper macro (stable-fixes).
- PCI: endpoint: Remove surplus return statement from pci_epf_test_clean_dma_chan() (stable-fixes).
- PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release (git-fixes).
- PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists (stable-fixes).
- PCI: j721e: Fix programming sequence of "strap" settings (git-fixes).
- PM: runtime: Add new devm functions (stable-fixes).
- Revert "KVM: VMX: Move LOAD_IA32_PERF_GLOBAL_CTRL errata handling out of setup_vmcs_config()" (git-fixes).
- USB: serial: option: add SIMCom 8230C compositions (git-fixes).
- USB: serial: option: add SIMCom 8230C compositions (stable-fixes).
- accel/ivpu: Add missing MODULE_FIRMWARE metadata (git-fixes).
- accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() (git-fixes).
- add bug reference to existing hv_netvsc change (bsc#1252265)
- arm64, mm: avoid always making PTE dirty in pte_mkwrite() (git-fixes)
- arm64: cputype: Add Neoverse-V3AE definitions (git-fixes)
- arm64: errata: Apply workarounds for Neoverse-V3AE (git-fixes)
- arm64: mte: Do not flag the zero page as PG_mte_tagged (git-fixes)
- bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364).
- bpf: Avoid RCU context warning when unpinning htab with internal structs (git-fixes).
- bpf: Check link_create.flags parameter for multi_kprobe (git-fixes).
- bpf: Check link_create.flags parameter for multi_uprobe (git-fixes).
- bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} (git-fixes).
- bpf: Use preempt_count() directly in bpf_send_signal_common() (git-fixes).
- btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (git-fixes).
- btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running (git-fixes).
- btrfs: fix the incorrect max_bytes value for find_lock_delalloc_range() (git-fixes).
- can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() (git-fixes).
- can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled (stable-fixes).
- can: netlink: can_changelink(): allow disabling of automatic restart (git-fixes).
- can: rcar_canfd: Fix controller mode setting (stable-fixes).
- clk: at91: peripheral: fix return value (git-fixes).
- clk: mediatek: clk-mux: Do not pass flags to clk_mux_determine_rate_flags() (git-fixes).
- clk: mediatek: mt8195-infra_ao: Fix parent for infra_ao_hdmi_26m (git-fixes).
- clk: tegra: do not overallocate memory for bpmp clocks (git-fixes).
- cpufreq: CPPC: fix perf_to_khz/khz_to_perf conversion exception (git-fixes).
- cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() (stable-fixes git-fixes).
- cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes).
- cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus() (git-fixes).
- cpufreq: scmi: Skip SCMI devices that are not used by the CPUs (stable-fixes).
- cpufreq: tegra186: Set target frequency for all cpus in policy (git-fixes).
- cpuidle: governors: menu: Avoid using invalid recent intervals data (git-fixes).
- cpuidle: menu: Avoid discarding useful information (stable-fixes).
- cpuidle: qcom-spm: fix device and OF node leaks at probe (git-fixes).
- crypto: essiv - Check ssize for decryption and in-place encryption (git-fixes).
- crypto: rng - Ensure set_ent is always present (git-fixes).
- driver core/PM: Set power.no_callbacks along with power.no_pm (stable-fixes).
- drivers/perf: arm_spe: Use perf_allow_kernel() for permissions (git-fixes).
- drm/amd/display: Add missing DCE6 SCL_HORZ_FILTER_INIT* SRIs (git-fixes).
- drm/amd/display: Disable scaling on DCE6 for now (git-fixes).
- drm/amd/display: Properly clear SCL_*_FILTER_CONTROL on DCE6 (git-fixes).
- drm/amd/display: Properly disable scaling on DCE6 (git-fixes).
- drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Fiji (git-fixes).
- drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Iceland (git-fixes).
- drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).
- drm/amd/powerplay: Fix CIK shutdown temperature (git-fixes).
- drm/amd: Check whether secure display TA loaded successfully (stable-fixes).
- drm/amdgpu: Add additional DCE6 SCL registers (git-fixes).
- drm/amdgpu: use atomic functions with memory barriers for vm fault info (git-fixes).
- drm/bridge: lt9211: Drop check for last nibble of version register (git-fixes).
- drm/etnaviv: fix flush sequence logic (git-fixes).
- drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions (stable-fixes).
- drm/exynos: exynos7_drm_decon: properly clear channels during bind (stable-fixes).
- drm/i915/guc: Skip communication warning on reset in progress (git-fixes).
- drm/mediatek: Fix device use-after-free on unbind (git-fixes).
- drm/msm/a6xx: Fix GMU firmware parser (git-fixes).
- drm/msm/adreno: De-spaghettify the use of memory barriers (stable-fixes).
- drm/msm/dpu: Fix pixel extension sub-sampling (git-fixes).
- drm/nouveau: fix bad ret code in nouveau_bo_move_prep (git-fixes).
- drm/panel: kingdisplay-kd097d04: Disable EoTp (git-fixes).
- drm/panel: sitronix-st7789v: fix sync flags for t28cp45tn89 (git-fixes).
- drm/rockchip: vop2: use correct destination rectangle height check (git-fixes).
- drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (git-fixes).
- drm/vmwgfx: Fix Use-after-free in validation (git-fixes).
- drm/vmwgfx: Fix a null-ptr access in the cursor snooper (git-fixes).
- drm/vmwgfx: Fix copy-paste typo in validation (git-fixes).
- ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (git-fixes).
- ext4: check fast symlink for ea_inode correctly (git-fixes).
- ext4: do not convert the unwritten extents if data writeback fails (git-fixes).
- ext4: do not try to clear the orphan_present feature block device is r/o (git-fixes).
- ext4: ensure i_size is smaller than maxbytes (git-fixes).
- ext4: factor out ext4_get_maxbytes() (git-fixes).
- ext4: fix calculation of credits for extent tree modification (git-fixes).
- ext4: fix checks for orphan inodes (bsc#1250119).
- ext4: fix fsmap end of range reporting with bigalloc (git-fixes).
- ext4: fix hole length calculation overflow in non-extent inodes (git-fixes).
- ext4: fix largest free orders lists corruption on mb_optimize_scan switch (git-fixes).
- ext4: fix reserved gdt blocks handling in fsmap (git-fixes).
- ext4: fix zombie groups in average fragment size lists (git-fixes).
- ext4: preserve SB_I_VERSION on remount (git-fixes).
- ext4: reorder capability check last (git-fixes).
- fbdev: Fix logic error in "offb" name match (git-fixes).
- fbdev: atyfb: Check if pll_ops->init_pll failed (git-fixes).
- fbdev: valkyriefb: Fix reference count leak in valkyriefb_init (git-fixes).
- firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode (git-fixes).
- fs: udf: fix OOB read in lengthAllocDescs handling (git-fixes).
- ftrace: fix incorrect hash size in register_ftrace_direct() (git-fixes).
- gpio: wcd934x: mark the GPIO controller as sleeping (git-fixes).
- hfs: validate record offset in hfsplus_bmap_alloc (git-fixes).
- hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() (git-fixes).
- hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() (git-fixes).
- hid: fix I2C read buffer overflow in raw_event() for mcp2221 (stable-fixes).
- i2c: ocores: use devm_ managed clks (git-fixes).
- iomap: Fix iomap_adjust_read_range for plen calculation (git-fixes).
- iomap: handle a post-direct I/O invalidate race in iomap_write_delalloc_release (git-fixes).
- iommu/vt-d: Disallow dirty tracking if incoherent page walk (git-fixes).
- iommu/vt-d: PRS isn't usable if PDS isn't supported (git-fixes).
- isofs: Verify inode mode when loading from disk (git-fixes).
- jbd2: do not try to recover wiped journal (git-fixes).
- kABI fix for KVM: x86: Snapshot the host's DEBUGCTL in common x86 (git-fixes).
- kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
- kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930).
- lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older (stable-fixes).
- locking/mutex: Introduce devm_mutex_init() (stable-fixes).
- locking/mutex: Mark devm_mutex_init() as __must_check (stable-fixes).
- mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop (git-fixes).
- mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes (git-fixes).
- mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call (git-fixes).
- media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe (git-fixes).
- media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() (stable-fixes).
- media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c) (git-fixes).
- media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes).
- media: tunner: xc5000: Refactor firmware load (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag (git-fixes).
- misc: fastrpc: Add missing dev_err newlines (stable-fixes).
- misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup (git-fixes).
- misc: fastrpc: Fix fastrpc_map_lookup operation (git-fixes).
- misc: fastrpc: Save actual DMA size in fastrpc_map structure (git-fixes).
- misc: fastrpc: Skip reference for DMA handles (git-fixes).
- misc: fastrpc: fix possible map leak in fastrpc_put_args (git-fixes).
- mmc: core: SPI mode remove cmd7 (stable-fixes).
- most: usb: Fix use-after-free in hdm_disconnect (git-fixes).
- most: usb: hdm_probe: Fix calling put_device() before device initialization (git-fixes).
- mtd: rawnand: fsmc: Default to autodetect buswidth (stable-fixes).
- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
- net: phy: dp83869: fix STRAP_OPMODE bitmask (git-fixes).
- net: sysfs: Fix /sys/class/net/<iface> path (git-fixes).
- net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock (git-fixes).
- net: usb: asix_devices: Check return value of usbnet_get_endpoints (git-fixes).
- net: usb: lan78xx: Add error handling to lan78xx_init_mac_address (git-fixes).
- net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset (git-fixes).
- net: usb: rtl8150: Fix frame padding (git-fixes).
- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
- nfsd: nfserr_jukebox in nlm_fopen should lead to a retry (git-fixes).
- nvme-multipath: Skip nr_active increments in RETRY disposition (git-fixes).
- nvme-pci: Add TUXEDO IBS Gen8 to Samsung sleep quirk (git-fixes).
- nvme/tcp: handle tls partially sent records in write_space() (git-fixes).
- overlayfs: set ctime when setting mtime and atime (stable-fixes).
- ovl: Always reevaluate the file signature for IMA (stable-fixes).
- ovl: fix file reference leak when submitting aio (stable-fixes).
- ovl: fix incorrect fdput() on aio completion (stable-fixes).
- perf/amd/ibs: Fix ->config to sample period calculation for OP PMU (git-fixes).
- perf/amd/ibs: Fix perf_ibs_op.cnt_mask for CurCnt (git-fixes).
- perf/amd: Prevent grouping of IBS events (git-fixes).
- perf/aux: Fix pending disable flow when the AUX ring buffer overruns (git-fixes).
- perf/bpf: Robustify perf_event_free_bpf_prog() (git-fixes).
- perf/core: Fix WARN in perf_cgroup_switch() (git-fixes).
- perf/core: Fix broken throttling when max_samples_per_tick=1 (git-fixes).
- perf/core: Fix child_total_time_enabled accounting bug at task exit (git-fixes).
- perf/core: Fix low freq setting via IOC_PERIOD (git-fixes).
- perf/core: Fix pmus_lock vs. pmus_srcu ordering (git-fixes).
- perf/core: Fix small negative period being ignored (git-fixes).
- perf/core: Fix the WARN_ON_ONCE is out of lock protected region (git-fixes).
- perf/hw_breakpoint: Return EOPNOTSUPP for unsupported breakpoint type (git-fixes).
- perf/ring_buffer: Allow the EPOLLRDNORM flag for poll (git-fixes).
- perf/x86/amd: Warn only on new bits set (git-fixes).
- perf/x86/intel/ds: Unconditionally drain PEBS DS when changing PEBS_DATA_CFG (git-fixes).
- perf/x86/intel/pt: Fix sampling synchronization (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on ICX (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SPR (git-fixes).
- perf/x86/intel: Allow to setup LBR for counting event for BPF (git-fixes).
- perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).
- perf/x86/intel: Apply static call for drain_pebs (git-fixes).
- perf/x86/intel: Avoid disable PMU if !cpuc->enabled in sample read (git-fixes).
- perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes).
- perf/x86/intel: Only check the group flag for X86 leader (git-fixes).
- perf/x86/intel: Use better start period for frequency mode (git-fixes).
- perf/x86: Fix low freqency setting issue (git-fixes).
- perf/x86: Fix non-sampling (counting) events on certain x86 platforms (git-fixes).
- perf: Ensure bpf_perf_link path is properly serialized (git-fixes).
- perf: Extract a few helpers (git-fixes).
- perf: Fix cgroup state vs ERROR (git-fixes).
- phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling (git-fixes).
- phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
- phy: cdns-dphy: Store hs_clk_rate and return it (stable-fixes).
- platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list (stable-fixes).
- platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list (stable-fixes).
- powerpc/boot: Fix build with gcc 15 (bsc#1215199).
- powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
- powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
- powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
- powerpc: export MIN RMA size (bsc#1236743 ltc#211409).
- powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
- powerpc: increase MIN RMA size for CAS negotiation (bsc#1236743 ltc#211409 bsc#1252269 ltc#215957).
- proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
- proc: fix type confusion in pde_set_flags() (bsc#1248630)
- r8152: add error handling in rtl8152_driver_init (git-fixes).
- r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H (git-fixes).
- regmap: slimbus: fix bus_context pointer in regmap init calls (git-fixes).
- regulator: bd718x7: Fix voltages scaled by resistor divider (git-fixes).
- rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946).
- rtc: interface: Ensure alarm irq is enabled when UIE is enabled (stable-fixes).
- rtc: interface: Fix long-standing race when setting alarm (stable-fixes).
- rtc: optee: fix memory leak on driver removal (git-fixes).
- rtc: x1205: Fix Xicor X1205 vendor prefix (git-fixes).
- s390: Initialize psw mask in perf_arch_fetch_caller_regs() (git-fixes).
- samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora (git-fixes).
- sched/fair: set_load_weight() must also call reweight_task() (git-fixes)
- sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517).
- selftests/bpf: Add test for unpinning htab with internal timer struct (git-fixes).
- selftests/bpf: Fix C++ compile error from missing _Bool type (git-fixes).
- selftests/bpf: Fix a fd leak in error paths in open_netns (git-fixes).
- selftests/bpf: Fix backtrace printing for selftests crashes (git-fixes).
- selftests/bpf: Fix compile error from rlim_t in sk_storage_map.c (git-fixes).
- selftests/bpf: Fix compile if backtrace support missing in libc (git-fixes).
- selftests/bpf: Fix compiling core_reloc.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling flow_dissector.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling kfree_skb.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling parse_tcp_hdr_opt.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling tcp_rtt.c with musl-libc (git-fixes).
- selftests/bpf: Fix cross-compiling urandom_read (git-fixes).
- selftests/bpf: Fix error compiling bpf_iter_setsockopt.c with musl libc (git-fixes).
- selftests/bpf: Fix error compiling tc_redirect.c with musl libc (git-fixes).
- selftests/bpf: Fix error compiling test_lru_map.c (git-fixes).
- selftests/bpf: Fix errors compiling cg_storage_multi.h with musl libc (git-fixes).
- selftests/bpf: Fix errors compiling decap_sanity.c with musl libc (git-fixes).
- selftests/bpf: Fix errors compiling lwt_redirect.c with musl libc (git-fixes).
- selftests/bpf: Fix redefinition errors compiling lwt_reroute.c (git-fixes).
- selftests/bpf: Fix umount cgroup2 error in test_sockmap (git-fixes).
- selftests/bpf: Use bpf_link__destroy in fill_link_info tests (git-fixes).
- selftests/tracing: Fix event filter test to retry up to 10 times (git-fixes).
- selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len (git-fixes).
- serial: 8250_dw: handle reset control deassert error (git-fixes).
- serial: jsm: fix NPE during jsm_uart_port_init (git fixes, bsc#1246244).
- skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
- smb: client: fix crypto buffers in non-linear memory (bsc#1250491, boo#1239206).
- smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886).
- spi: spi-nxp-fspi: add extra delay after dll locked (git-fixes).
- staging: axis-fifo: fix TX handling on copy_from_user() failure (git-fixes).
- staging: axis-fifo: fix maximum TX packet length check (git-fixes).
- staging: axis-fifo: flush RX FIFO on read errors (git-fixes).
- sunrpc: fix null pointer dereference on zero-length checksum (git-fixes).
- tcp: Do not call reqsk_fastopen_remove() in tcp_conn_request() (git-fixes).
- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
- tools/resolve_btfids: Fix build when cross compiling kernel with clang (git-fixes).
- tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single (git-fixes).
- tracing/selftests: Fix kprobe event name test for .isra. functions (git-fixes).
- tracing: Correct the refcount if the hist/hist_debug file fails to open (git-fixes).
- tracing: Fix filter string testing (git-fixes).
- tracing: Remove unneeded goto out logic (bsc#1249286).
- udf: Make sure i_lenExtents is uptodate on inode eviction (git-fixes).
- udf: Verify partition map count (git-fixes).
- usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm (git-fixes).
- usb: hub: Fix flushing of delayed work used for post resume purposes (git-fixes).
- usb: hub: fix detection of high tier USB3 devices behind suspended hubs (git-fixes).
- usb: phy: twl6030: Fix incorrect type for ret (git-fixes).
- usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes).
- usb: xhci: Limit Stop Endpoint retries (git-fixes).
- usbnet: Fix using smp_processor_id() in preemptible code warnings (git-fixes).
- usbnet: Prevents free active kevent (git-fixes).
- wifi: ath10k: Fix memory leak on unsupported WMI command (git-fixes).
- wifi: ath11k: Add missing platform IDs for quirk table (git-fixes).
- wifi: ath12k: free skb during idr cleanup callback (git-fixes).
- wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (git-fixes).
- wifi: mac80211: reset FILS discovery and unsol probe resp intervals (git-fixes).
- wifi: mt76: mt7921u: Add VID/PID for Netgear A7500 (stable-fixes).
- wifi: rtlwifi: rtl8192cu: Do not claim USB ID 07b8:8188 (stable-fixes).
- x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).
- xfs: rename the old_crc variable in xlog_recover_process (git-fixes).
- xhci: dbc: enable back DbC in resume if it was enabled before suspend (git-fixes).
- xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1214954SUSE bug 1215143SUSE bug 1215199SUSE bug 1216396SUSE bug 1220419SUSE bug 1236743SUSE bug 1239206SUSE bug 1244939SUSE bug 1246244SUSE bug 1248211SUSE bug 1248230SUSE bug 1248517SUSE bug 1248630SUSE bug 1248754SUSE bug 1248886SUSE bug 1249161SUSE bug 1249182SUSE bug 1249224SUSE bug 1249286SUSE bug 1249302SUSE bug 1249317SUSE bug 1249319SUSE bug 1249320SUSE bug 1249512SUSE bug 1249595SUSE bug 1249608SUSE bug 1250032SUSE bug 1250119SUSE bug 1250202SUSE bug 1250205SUSE bug 1250237SUSE bug 1250274SUSE bug 1250296SUSE bug 1250379SUSE bug 1250400SUSE bug 1250455SUSE bug 1250491SUSE bug 1250519SUSE bug 1250650SUSE bug 1250702SUSE bug 1250704SUSE bug 1250721SUSE bug 1250742SUSE bug 1250946SUSE bug 1251024SUSE bug 1251027SUSE bug 1251028SUSE bug 1251031SUSE bug 1251035SUSE bug 1251038SUSE bug 1251043SUSE bug 1251045SUSE bug 1251052SUSE bug 1251053SUSE bug 1251054SUSE bug 1251056SUSE bug 1251057SUSE bug 1251059SUSE bug 1251060SUSE bug 1251065SUSE bug 1251066SUSE bug 1251067SUSE bug 1251068SUSE bug 1251071SUSE bug 1251076SUSE bug 1251079SUSE bug 1251081SUSE bug 1251083SUSE bug 1251084SUSE bug 1251100SUSE bug 1251105SUSE bug 1251106SUSE bug 1251108SUSE bug 1251113SUSE bug 1251114SUSE bug 1251119SUSE bug 1251123SUSE bug 1251126SUSE bug 1251132SUSE bug 1251134SUSE bug 1251143SUSE bug 1251146SUSE bug 1251150SUSE bug 1251152SUSE bug 1251153SUSE bug 1251159SUSE bug 1251161SUSE bug 1251170SUSE bug 1251177SUSE bug 1251180SUSE bug 1251206SUSE bug 1251215SUSE bug 1251216SUSE bug 1251222SUSE bug 1251230SUSE bug 1251232SUSE bug 1251233SUSE bug 1251247SUSE bug 1251268SUSE bug 1251269SUSE bug 1251270SUSE bug 1251282SUSE bug 1251283SUSE bug 1251286SUSE bug 1251290SUSE bug 1251319SUSE bug 1251321SUSE bug 1251323SUSE bug 1251328SUSE bug 1251529SUSE bug 1251721SUSE bug 1251732SUSE bug 1251742SUSE bug 1251743SUSE bug 1251746SUSE bug 1251748SUSE bug 1251749SUSE bug 1251750SUSE bug 1251754SUSE bug 1251755SUSE bug 1251756SUSE bug 1251758SUSE bug 1251759SUSE bug 1251760SUSE bug 1251762SUSE bug 1251763SUSE bug 1251764SUSE bug 1251769SUSE bug 1251771SUSE bug 1251772SUSE bug 1251777SUSE bug 1251780SUSE bug 1251804SUSE bug 1251810SUSE bug 1251930SUSE bug 1251967SUSE bug 1252033SUSE bug 1252035SUSE bug 1252039SUSE bug 1252044SUSE bug 1252047SUSE bug 1252051SUSE bug 1252052SUSE bug 1252056SUSE bug 1252060SUSE bug 1252062SUSE bug 1252064SUSE bug 1252065SUSE bug 1252069SUSE bug 1252070SUSE bug 1252072SUSE bug 1252074SUSE bug 1252075SUSE bug 1252078SUSE bug 1252079SUSE bug 1252082SUSE bug 1252083SUSE bug 1252265SUSE bug 1252269SUSE bug 1252332SUSE bug 1252336SUSE bug 1252346SUSE bug 1252348SUSE bug 1252349SUSE bug 1252364SUSE bug 1252479SUSE bug 1252481SUSE bug 1252489SUSE bug 1252490SUSE bug 1252492SUSE bug 1252495SUSE bug 1252496SUSE bug 1252499SUSE bug 1252534SUSE bug 1252536SUSE bug 1252537SUSE bug 1252550SUSE bug 1252553SUSE bug 1252559SUSE bug 1252561SUSE bug 1252564SUSE bug 1252565SUSE bug 1252566SUSE bug 1252632SUSE bug 1252668SUSE bug 1252678SUSE bug 1252679SUSE bug 1252685SUSE bug 1252688SUSE bug 1252772SUSE bug 1252774SUSE bug 1252775SUSE bug 1252785SUSE bug 1252787SUSE bug 1252789SUSE bug 1252797SUSE bug 1252822SUSE bug 1252826SUSE bug 1252841SUSE bug 1252848SUSE bug 1252849SUSE bug 1252850SUSE bug 1252851SUSE bug 1252854SUSE bug 1252858SUSE bug 1252865SUSE bug 1252866SUSE bug 1252873SUSE bug 1252902SUSE bug 1252904SUSE bug 1252909SUSE bug 1252918SUSE bug 1252939CVE-2023-53538 at SUSECVE-2023-53538 at NVDCVE-2023-53539 at SUSECVE-2023-53539 at NVDCVE-2023-53540 at SUSECVE-2023-53540 at NVDCVE-2023-53541 at SUSECVE-2023-53541 at NVDCVE-2023-53543 at SUSECVE-2023-53543 at NVDCVE-2023-53545 at SUSECVE-2023-53545 at NVDCVE-2023-53546 at SUSECVE-2023-53546 at NVDCVE-2023-53548 at SUSECVE-2023-53548 at NVDCVE-2023-53550 at SUSECVE-2023-53550 at NVDCVE-2023-53552 at SUSECVE-2023-53552 at NVDCVE-2023-53553 at SUSECVE-2023-53553 at NVDCVE-2023-53554 at SUSECVE-2023-53554 at NVDCVE-2023-53555 at SUSECVE-2023-53555 at NVDCVE-2023-53556 at SUSECVE-2023-53556 at NVDCVE-2023-53557 at SUSECVE-2023-53557 at NVDCVE-2023-53558 at SUSECVE-2023-53558 at NVDCVE-2023-53559 at SUSECVE-2023-53559 at NVDCVE-2023-53560 at SUSECVE-2023-53560 at NVDCVE-2023-53563 at SUSECVE-2023-53563 at NVDCVE-2023-53568 at SUSECVE-2023-53568 at NVDCVE-2023-53570 at SUSECVE-2023-53570 at NVDCVE-2023-53572 at SUSECVE-2023-53572 at NVDCVE-2023-53574 at SUSECVE-2023-53574 at NVDCVE-2023-53575 at SUSECVE-2023-53575 at NVDCVE-2023-53577 at SUSECVE-2023-53577 at NVDCVE-2023-53579 at SUSECVE-2023-53579 at NVDCVE-2023-53580 at SUSECVE-2023-53580 at NVDCVE-2023-53581 at SUSECVE-2023-53581 at NVDCVE-2023-53583 at SUSECVE-2023-53583 at NVDCVE-2023-53585 at SUSECVE-2023-53585 at NVDCVE-2023-53588 at SUSECVE-2023-53588 at NVDCVE-2023-53593 at SUSECVE-2023-53593 at NVDCVE-2023-53596 at SUSECVE-2023-53596 at NVDCVE-2023-53597 at SUSECVE-2023-53597 at NVDCVE-2023-53599 at SUSECVE-2023-53599 at NVDCVE-2023-53600 at SUSECVE-2023-53600 at NVDCVE-2023-53601 at SUSECVE-2023-53601 at NVDCVE-2023-53602 at SUSECVE-2023-53602 at NVDCVE-2023-53603 at SUSECVE-2023-53603 at NVDCVE-2023-53611 at SUSECVE-2023-53611 at NVDCVE-2023-53613 at SUSECVE-2023-53613 at NVDCVE-2023-53615 at SUSECVE-2023-53615 at NVDCVE-2023-53616 at SUSECVE-2023-53616 at NVDCVE-2023-53617 at SUSECVE-2023-53617 at NVDCVE-2023-53618 at SUSECVE-2023-53618 at NVDCVE-2023-53619 at SUSECVE-2023-53619 at NVDCVE-2023-53621 at SUSECVE-2023-53621 at NVDCVE-2023-53622 at SUSECVE-2023-53622 at NVDCVE-2023-53631 at SUSECVE-2023-53631 at NVDCVE-2023-53632 at SUSECVE-2023-53632 at NVDCVE-2023-53633 at SUSECVE-2023-53633 at NVDCVE-2023-53638 at SUSECVE-2023-53638 at NVDCVE-2023-53645 at SUSECVE-2023-53645 at NVDCVE-2023-53646 at SUSECVE-2023-53646 at NVDCVE-2023-53647 at SUSECVE-2023-53647 at NVDCVE-2023-53648 at SUSECVE-2023-53648 at NVDCVE-2023-53649 at SUSECVE-2023-53649 at NVDCVE-2023-53650 at SUSECVE-2023-53650 at NVDCVE-2023-53652 at SUSECVE-2023-53652 at NVDCVE-2023-53653 at SUSECVE-2023-53653 at NVDCVE-2023-53654 at SUSECVE-2023-53654 at NVDCVE-2023-53656 at SUSECVE-2023-53656 at NVDCVE-2023-53657 at SUSECVE-2023-53657 at NVDCVE-2023-53658 at SUSECVE-2023-53658 at NVDCVE-2023-53659 at SUSECVE-2023-53659 at NVDCVE-2023-53660 at SUSECVE-2023-53660 at NVDCVE-2023-53662 at SUSECVE-2023-53662 at NVDCVE-2023-53663 at SUSECVE-2023-53663 at NVDCVE-2023-53665 at SUSECVE-2023-53665 at NVDCVE-2023-53666 at SUSECVE-2023-53666 at NVDCVE-2023-53668 at SUSECVE-2023-53668 at NVDCVE-2023-53670 at SUSECVE-2023-53670 at NVDCVE-2023-53672 at SUSECVE-2023-53672 at NVDCVE-2023-53673 at SUSECVE-2023-53673 at NVDCVE-2023-53674 at SUSECVE-2023-53674 at NVDCVE-2023-53681 at SUSECVE-2023-53681 at NVDCVE-2023-53686 at SUSECVE-2023-53686 at NVDCVE-2023-53687 at SUSECVE-2023-53687 at NVDCVE-2023-53693 at SUSECVE-2023-53693 at NVDCVE-2023-53697 at SUSECVE-2023-53697 at NVDCVE-2023-53698 at SUSECVE-2023-53698 at NVDCVE-2023-53699 at SUSECVE-2023-53699 at NVDCVE-2023-53703 at SUSECVE-2023-53703 at NVDCVE-2023-53704 at SUSECVE-2023-53704 at NVDCVE-2023-53707 at SUSECVE-2023-53707 at NVDCVE-2023-53708 at SUSECVE-2023-53708 at NVDCVE-2023-53711 at SUSECVE-2023-53711 at NVDCVE-2023-53713 at SUSECVE-2023-53713 at NVDCVE-2023-53718 at SUSECVE-2023-53718 at NVDCVE-2023-53721 at SUSECVE-2023-53721 at NVDCVE-2023-53722 at SUSECVE-2023-53722 at NVDCVE-2023-53725 at SUSECVE-2023-53725 at NVDCVE-2023-53726 at SUSECVE-2023-53726 at NVDCVE-2023-53727 at SUSECVE-2023-53727 at NVDCVE-2023-53728 at SUSECVE-2023-53728 at NVDCVE-2023-53729 at SUSECVE-2023-53729 at NVDCVE-2023-53730 at SUSECVE-2023-53730 at NVDCVE-2023-53731 at SUSECVE-2023-53731 at NVDCVE-2023-53733 at SUSECVE-2023-53733 at NVDCVE-2025-38008 at SUSECVE-2025-38008 at NVDCVE-2025-38539 at SUSECVE-2025-38539 at NVDCVE-2025-38552 at SUSECVE-2025-38552 at NVDCVE-2025-38653 at SUSECVE-2025-38653 at NVDCVE-2025-38699 at SUSECVE-2025-38699 at NVDCVE-2025-38700 at SUSECVE-2025-38700 at NVDCVE-2025-38718 at SUSECVE-2025-38718 at NVDCVE-2025-39673 at SUSECVE-2025-39673 at NVDCVE-2025-39676 at SUSECVE-2025-39676 at NVDCVE-2025-39683 at SUSECVE-2025-39683 at NVDCVE-2025-39697 at SUSECVE-2025-39697 at NVDCVE-2025-39702 at SUSECVE-2025-39702 at NVDCVE-2025-39756 at SUSECVE-2025-39756 at NVDCVE-2025-39794 at SUSECVE-2025-39794 at NVDCVE-2025-39797 at SUSECVE-2025-39797 at NVDCVE-2025-39812 at SUSECVE-2025-39812 at NVDCVE-2025-39813 at SUSECVE-2025-39813 at NVDCVE-2025-39828 at SUSECVE-2025-39828 at NVDCVE-2025-39841 at SUSECVE-2025-39841 at NVDCVE-2025-39851 at SUSECVE-2025-39851 at NVDCVE-2025-39866 at SUSECVE-2025-39866 at NVDCVE-2025-39876 at SUSECVE-2025-39876 at NVDCVE-2025-39881 at SUSECVE-2025-39881 at NVDCVE-2025-39895 at SUSECVE-2025-39895 at NVDCVE-2025-39898 at SUSECVE-2025-39898 at NVDCVE-2025-39902 at SUSECVE-2025-39902 at NVDCVE-2025-39911 at SUSECVE-2025-39911 at NVDCVE-2025-39931 at SUSECVE-2025-39931 at NVDCVE-2025-39934 at SUSECVE-2025-39934 at NVDCVE-2025-39937 at SUSECVE-2025-39937 at NVDCVE-2025-39938 at SUSECVE-2025-39938 at NVDCVE-2025-39945 at SUSECVE-2025-39945 at NVDCVE-2025-39946 at SUSECVE-2025-39946 at NVDCVE-2025-39947 at SUSECVE-2025-39947 at NVDCVE-2025-39948 at SUSECVE-2025-39948 at NVDCVE-2025-39949 at SUSECVE-2025-39949 at NVDCVE-2025-39952 at SUSECVE-2025-39952 at NVDCVE-2025-39955 at SUSECVE-2025-39955 at NVDCVE-2025-39957 at SUSECVE-2025-39957 at NVDCVE-2025-39965 at SUSECVE-2025-39965 at NVDCVE-2025-39967 at SUSECVE-2025-39967 at NVDCVE-2025-39968 at SUSECVE-2025-39968 at NVDCVE-2025-39969 at SUSECVE-2025-39969 at NVDCVE-2025-39970 at SUSECVE-2025-39970 at NVDCVE-2025-39971 at SUSECVE-2025-39971 at NVDCVE-2025-39972 at SUSECVE-2025-39972 at NVDCVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-39978 at SUSECVE-2025-39978 at NVDCVE-2025-39981 at SUSECVE-2025-39981 at NVDCVE-2025-39982 at SUSECVE-2025-39982 at NVDCVE-2025-39985 at SUSECVE-2025-39985 at NVDCVE-2025-39986 at SUSECVE-2025-39986 at NVDCVE-2025-39987 at SUSECVE-2025-39987 at NVDCVE-2025-39988 at SUSECVE-2025-39988 at NVDCVE-2025-39991 at SUSECVE-2025-39991 at NVDCVE-2025-39993 at SUSECVE-2025-39993 at NVDCVE-2025-39994 at SUSECVE-2025-39994 at NVDCVE-2025-39995 at SUSECVE-2025-39995 at NVDCVE-2025-39996 at SUSECVE-2025-39996 at NVDCVE-2025-39997 at SUSECVE-2025-39997 at NVDCVE-2025-40000 at SUSECVE-2025-40000 at NVDCVE-2025-40005 at SUSECVE-2025-40005 at NVDCVE-2025-40010 at SUSECVE-2025-40010 at NVDCVE-2025-40011 at SUSECVE-2025-40011 at NVDCVE-2025-40013 at SUSECVE-2025-40013 at NVDCVE-2025-40016 at SUSECVE-2025-40016 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40019 at SUSECVE-2025-40019 at NVDCVE-2025-40020 at SUSECVE-2025-40020 at NVDCVE-2025-40029 at SUSECVE-2025-40029 at NVDCVE-2025-40032 at SUSECVE-2025-40032 at NVDCVE-2025-40035 at SUSECVE-2025-40035 at NVDCVE-2025-40036 at SUSECVE-2025-40036 at NVDCVE-2025-40043 at SUSECVE-2025-40043 at NVDCVE-2025-40044 at SUSECVE-2025-40044 at NVDCVE-2025-40049 at SUSECVE-2025-40049 at NVDCVE-2025-40051 at SUSECVE-2025-40051 at NVDCVE-2025-40052 at SUSECVE-2025-40052 at NVDCVE-2025-40056 at SUSECVE-2025-40056 at NVDCVE-2025-40058 at SUSECVE-2025-40058 at NVDCVE-2025-40060 at SUSECVE-2025-40060 at NVDCVE-2025-40061 at SUSECVE-2025-40061 at NVDCVE-2025-40062 at SUSECVE-2025-40062 at NVDCVE-2025-40071 at SUSECVE-2025-40071 at NVDCVE-2025-40078 at SUSECVE-2025-40078 at NVDCVE-2025-40080 at SUSECVE-2025-40080 at NVDCVE-2025-40082 at SUSECVE-2025-40082 at NVDCVE-2025-40085 at SUSECVE-2025-40085 at NVDCVE-2025-40087 at SUSECVE-2025-40087 at NVDCVE-2025-40088 at SUSECVE-2025-40088 at NVDCVE-2025-40096 at SUSECVE-2025-40096 at NVDCVE-2025-40100 at SUSECVE-2025-40100 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1245778SUSE bug 1248672SUSE bug 1249537CVE-2024-53141 at SUSECVE-2024-53141 at NVDCVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1245778SUSE bug 1248672SUSE bug 1249537CVE-2024-53141 at SUSECVE-2024-53141 at NVDCVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for nvidia-open-driver-G06-signed (Important)SUSE Linux Micro 6.0
This update for nvidia-open-driver-G06-signed fixes the following issues:
Update CUDA variant to 570.133.20
Update non-CUDA variant to 570.144 (bsc#1241231)
Update non-CUDA variant to 570.133.07 (bsc#1239653)
- removed obsolete kernel-firmware-nvidia-gspx-G06-cuda; firmware
has moved to nvidia-common-G06 and
kernel-firmware-nvidia-gspx-G06 is no longer available either
(bsc#1239139)
Update CUDA variant to 570.124.06
Update non-CUDA variant to 570.124.04 (bsc#1237585)
Update non-CUDA variant to 570.124.02 (bsc#1237585)
In the module install path revert the order of the 'updates'
subdirectory and the package name & version. This satisfies
the kmp dependency checker (bsc#1237308).
update non-CUDA variant to 570.86.16 (bsc#1236658)
Update to 565.77
- non-CUDA variant:
* get rid of modprobe.d and dracut.d files and udev magic;
instead require nvidia-common-G06
* Supplements: switch to really supported devices; not only the
initially supported ones without graphical output
update non-CUDA and CUDA variant to 570.86.15
- preamble: let -cuda KMP conflict with no-cuda variants < 550.135
(bsc#1236191)
Update to 550.144.03 (bsc#1235461, bsc#1235871)
* fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869
ImportantSUSE bug 1235461SUSE bug 1235871SUSE bug 1236191SUSE bug 1236658SUSE bug 1236746SUSE bug 1237308SUSE bug 1237585SUSE bug 1239139SUSE bug 1239653SUSE bug 1241231CVE-2024-0131 at SUSECVE-2024-0131 at NVDCVE-2024-0147 at SUSECVE-2024-0147 at NVDCVE-2024-0149 at SUSECVE-2024-0149 at NVDCVE-2024-0150 at SUSECVE-2024-0150 at NVDCVE-2024-53869 at SUSECVE-2024-53869 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1248672SUSE bug 1249537CVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1248672SUSE bug 1249537CVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1248672SUSE bug 1249537CVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_11 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_12 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_12 fixes the following issues:
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1249537CVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1245778SUSE bug 1248672SUSE bug 1249537CVE-2024-53141 at SUSECVE-2024-53141 at NVDCVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1245778SUSE bug 1248672SUSE bug 1249537CVE-2024-53141 at SUSECVE-2024-53141 at NVDCVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075).
- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).
- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).
- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).
- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).
- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).
- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378).
- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).
- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).
- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).
The following non-security bugs were fixed:
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).
- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).
- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).
- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).
- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).
- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).
- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).
- ASoC: fsl_audmix: register card device depends on 'dais' property (stable-fixes).
- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).
- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).
- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).
- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).
- Bluetooth: hci_uart: fix race during initialization (stable-fixes).
- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).
- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).
- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).
- Drop PCI patch that caused a regression (bsc#1241123)
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)
- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)
- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)
- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)
- Revert "drivers: core: synchronize really_probe() and dev_uevent()" (stable-fixes).
- Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates" (git-fixes).
- Revert "tcp: Fix bind() regression for v6-only wildcard and"
- Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- USB: wdm: add annotation (git-fixes).
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).
- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).
- asus-laptop: Fix an uninitialized variable (git-fixes).
- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- badblocks: Fix error shitf ops (git-fixes).
- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).
- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).
- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).
- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).
- badblocks: return error if any badblock set fails (git-fixes).
- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).
- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).
- block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes).
- block: fix conversion of GPT partition name to 7-bit (git-fixes).
- block: fix resource leak in blk_register_queue() error path (git-fixes).
- block: integrity: Do not call set_page_dirty_lock() (git-fixes).
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).
- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).
- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).
- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).
- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).
- bpf: add find_containing_subprog() utility function (bsc#1241590).
- bpf: check changes_pkt_data property for extension programs (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).
- bpf: track changes_pkt_data property for global functions (bsc#1241590).
- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).
- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).
- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).
- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).
- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).
- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).
- char: misc: register chrdev region with all possible minors (git-fixes).
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).
- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).
- dm-bufio: do not schedule in atomic context (git-fixes).
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- dm-integrity: set ti->error on memory allocation failure (git-fixes).
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- dm: always update the array size in realloc_argv on success (git-fixes).
- dm: fix copying after src array boundaries (git-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).
- drivers: base: devres: Allow to release group on device release (stable-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).
- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).
- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).
- drm/amdkfd: clamp queue size to minimum (stable-fixes).
- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).
- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).
- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).
- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).
- drm/i915: Disable RPG during live selftest (git-fixes).
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).
- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/tests: Add helper to create mock crtc (stable-fixes).
- drm/tests: Add helper to create mock plane (stable-fixes).
- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).
- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: helpers: Add atomic helpers (stable-fixes).
- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).
- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).
- drm/tests: helpers: Fix compiler warning (git-fixes).
- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).
- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).
- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).
- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).
- e1000e: change k1 configuration on MTP and later platforms (git-fixes).
- eth: bnxt: fix missing ring index trim on error path (git-fixes).
- ethtool: Fix context creation with no parameters (git-fixes).
- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).
- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).
- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).
- ethtool: fix setting key and resetting indir at once (git-fixes).
- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).
- ethtool: netlink: do not return SQI value if link is down (git-fixes).
- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).
- ethtool: rss: echo the context number back (git-fixes).
- exfat: do not fallback to buffered write (git-fixes).
- exfat: drop ->i_size_ondisk (git-fixes).
- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).
- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).
- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).
- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).
- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).
- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).
- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).
- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).
- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).
- fbdev: omapfb: Add 'plane' value check (stable-fixes).
- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).
- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).
- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).
- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).
- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).
- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).
- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).
- gve: handle overflow when reporting TX consumed descriptors (git-fixes).
- gve: set xdp redirect target only when it is available (git-fixes).
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- ice: Add check for devm_kzalloc() (git-fixes).
- ice: fix reservation of resources for RDMA when disabled (git-fixes).
- ice: stop truncating queue ids when checking (git-fixes).
- idpf: check error for register_netdev() on init (git-fixes).
- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).
- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).
- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).
- igc: cleanup PTP module if probe fails (git-fixes).
- igc: fix PTM cycle trigger logic (git-fixes).
- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).
- igc: increase wait time before retrying PTM (git-fixes).
- igc: move ktime snapshot into PTM retry loop (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).
- ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git-fixes).
- irqchip/davinci: Remove leftover header (git-fixes).
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).
- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).
- jbd2: increase IO priority for writing revoke records (bsc#1242332).
- jbd2: increase the journal IO's priority (bsc#1242537).
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).
- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).
- jfs: add sanity check for agwidth in dbMount (git-fixes).
- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- kABI workaround for powercap update (bsc#1241010).
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).
- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).
- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).
- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).
- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).
- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212)
- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).
- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).
- mm/readahead: fix large folio support in async readahead (bsc#1242321).
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).
- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).
- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).
- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).
- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).
- net/mlx5: IRQ, Fix null string in debug print (git-fixes).
- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).
- net/mlx5: Start health poll after enable hca (git-fixes).
- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).
- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).
- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).
- net/tcp: refactor tcp_inet6_sk() (git-fixes).
- net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes).
- net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes).
- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).
- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).
- net: ethtool: Fix RSS setting (git-fixes).
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- net: mana: Switch to page pool for jumbo frames (git-fixes).
- net: mark racy access on sk->sk_rcvbuf (git-fixes).
- net: phy: leds: fix memory leak (git-fixes).
- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).
- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).
- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).
- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).
- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).
- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).
- nfs: add missing selections of CONFIG_CRC32 (git-fixes).
- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).
- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).
- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).
- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).
- nvmet-fcloop: swap list_add_tail arguments (git-fixes).
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).
- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).
- powerpc/boot: Check for ld-option support (bsc#1215199).
- powerpc/boot: Fix dash warning (bsc#1215199).
- powerpc: Do not use --- in kernel logs (git-fixes).
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).
- pwm: rcar: Improve register calculation (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).
- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).
- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes).
- scsi: mpi3mr: Fix locking in an error path (git-fixes).
- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).
- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).
- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).
- sctp: Fix undefined behavior in left shift operation (git-fixes).
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).
- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).
- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).
- sctp: fix busy polling (git-fixes).
- sctp: prefer struct_size over open coded arithmetic (git-fixes).
- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).
- selftests/bpf: Add a few tests to cover (git-fixes).
- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).
- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).
- selftests/bpf: test for changing packet data from global functions (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).
- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).
- serial: msm: Configure correct working mode before starting earlycon (git-fixes).
- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).
- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).
- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).
- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).
- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).
- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).
- tools/hv: update route parsing in kvp daemon (git-fixes).
- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).
- tools/power turbostat: report CoreThr per measurement interval (git-fixes).
- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).
- ublk: set_params: properly check if parameters can be applied (git-fixes).
- udf: Fix inode_getblk() return value (bsc#1242313).
- udf: Skip parent dir link count update if corrupted (bsc#1242315).
- udf: Verify inode link counts before performing rename (bsc#1242314).
- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).
- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).
- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).
- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).
- virtchnl: make proto and filter action count unsigned (git-fixes).
- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).
- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).
- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).
- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes).
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).
- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
- x86/bugs: Add RSB mitigation document (git-fixes).
- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).
- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).
- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).
- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).
- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).
- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).
- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).
- x86/microcode/intel: Set new revision only after a successful update (git-fixes).
- x86/microcode: Remove the driver announcement and version (git-fixes).
- x86/microcode: Rework early revisions reporting (git-fixes).
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).
- xfs: flush inodegc before swapon (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).
ImportantSUSE bug 1215199SUSE bug 1223809SUSE bug 1224013SUSE bug 1224597SUSE bug 1224757SUSE bug 1228659SUSE bug 1230764SUSE bug 1231103SUSE bug 1232493SUSE bug 1233075SUSE bug 1233098SUSE bug 1235501SUSE bug 1235526SUSE bug 1236086SUSE bug 1236704SUSE bug 1237111SUSE bug 1238212SUSE bug 1238471SUSE bug 1238527SUSE bug 1238714SUSE bug 1238737SUSE bug 1238742SUSE bug 1238745SUSE bug 1238862SUSE bug 1238961SUSE bug 1238983SUSE bug 1239079SUSE bug 1239108SUSE bug 1239470SUSE bug 1239476SUSE bug 1239487SUSE bug 1239510SUSE bug 1239997SUSE bug 1240181SUSE bug 1240557SUSE bug 1240576SUSE bug 1240655SUSE bug 1240709SUSE bug 1240712SUSE bug 1240713SUSE bug 1240717SUSE bug 1240740SUSE bug 1240785SUSE bug 1240802SUSE bug 1240809SUSE bug 1240811SUSE bug 1240835SUSE bug 1240934SUSE bug 1240936SUSE bug 1240944SUSE bug 1241010SUSE bug 1241038SUSE bug 1241051SUSE bug 1241123SUSE bug 1241151SUSE bug 1241167SUSE bug 1241175SUSE bug 1241204SUSE bug 1241250SUSE bug 1241265SUSE bug 1241266SUSE bug 1241280SUSE bug 1241332SUSE bug 1241333SUSE bug 1241341SUSE bug 1241343SUSE bug 1241344SUSE bug 1241347SUSE bug 1241357SUSE bug 1241361SUSE bug 1241369SUSE bug 1241371SUSE bug 1241373SUSE bug 1241378SUSE bug 1241394SUSE bug 1241402SUSE bug 1241412SUSE bug 1241413SUSE bug 1241416SUSE bug 1241424SUSE bug 1241426SUSE bug 1241433SUSE bug 1241436SUSE bug 1241441SUSE bug 1241442SUSE bug 1241443SUSE bug 1241451SUSE bug 1241452SUSE bug 1241456SUSE bug 1241458SUSE bug 1241459SUSE bug 1241526SUSE bug 1241528SUSE bug 1241537SUSE bug 1241541SUSE bug 1241545SUSE bug 1241547SUSE bug 1241548SUSE bug 1241550SUSE bug 1241573SUSE bug 1241574SUSE bug 1241575SUSE bug 1241578SUSE bug 1241590SUSE bug 1241593SUSE bug 1241598SUSE bug 1241599SUSE bug 1241601SUSE bug 1241626SUSE bug 1241640SUSE bug 1241648SUSE bug 1242006SUSE bug 1242044SUSE bug 1242172SUSE bug 1242283SUSE bug 1242307SUSE bug 1242313SUSE bug 1242314SUSE bug 1242315SUSE bug 1242321SUSE bug 1242326SUSE bug 1242327SUSE bug 1242328SUSE bug 1242332SUSE bug 1242333SUSE bug 1242335SUSE bug 1242336SUSE bug 1242342SUSE bug 1242343SUSE bug 1242344SUSE bug 1242345SUSE bug 1242346SUSE bug 1242347SUSE bug 1242348SUSE bug 1242414SUSE bug 1242526SUSE bug 1242528SUSE bug 1242534SUSE bug 1242535SUSE bug 1242536SUSE bug 1242537SUSE bug 1242538SUSE bug 1242539SUSE bug 1242540SUSE bug 1242546SUSE bug 1242556SUSE bug 1242596SUSE bug 1242710SUSE bug 1242778SUSE bug 1242831SUSE bug 1242985CVE-2023-53034 at SUSECVE-2023-53034 at NVDCVE-2024-27018 at SUSECVE-2024-27018 at NVDCVE-2024-27415 at SUSECVE-2024-27415 at NVDCVE-2024-28956 at SUSECVE-2024-28956 at NVDCVE-2024-35840 at SUSECVE-2024-35840 at NVDCVE-2024-46763 at SUSECVE-2024-46763 at NVDCVE-2024-46865 at SUSECVE-2024-46865 at NVDCVE-2024-50083 at SUSECVE-2024-50083 at NVDCVE-2024-50162 at SUSECVE-2024-50162 at NVDCVE-2024-50163 at SUSECVE-2024-50163 at NVDCVE-2024-56641 at SUSECVE-2024-56641 at NVDCVE-2024-56702 at SUSECVE-2024-56702 at NVDCVE-2024-57924 at SUSECVE-2024-57924 at NVDCVE-2024-57998 at SUSECVE-2024-57998 at NVDCVE-2024-58001 at SUSECVE-2024-58001 at NVDCVE-2024-58068 at SUSECVE-2024-58068 at NVDCVE-2024-58070 at SUSECVE-2024-58070 at NVDCVE-2024-58088 at SUSECVE-2024-58088 at NVDCVE-2024-58093 at SUSECVE-2024-58093 at NVDCVE-2024-58094 at SUSECVE-2024-58094 at NVDCVE-2024-58095 at SUSECVE-2024-58095 at NVDCVE-2024-58096 at SUSECVE-2024-58096 at NVDCVE-2024-58097 at SUSECVE-2024-58097 at NVDCVE-2025-21683 at SUSECVE-2025-21683 at NVDCVE-2025-21696 at SUSECVE-2025-21696 at NVDCVE-2025-21707 at SUSECVE-2025-21707 at NVDCVE-2025-21758 at SUSECVE-2025-21758 at NVDCVE-2025-21768 at SUSECVE-2025-21768 at NVDCVE-2025-21792 at SUSECVE-2025-21792 at NVDCVE-2025-21808 at SUSECVE-2025-21808 at NVDCVE-2025-21812 at SUSECVE-2025-21812 at NVDCVE-2025-21833 at SUSECVE-2025-21833 at NVDCVE-2025-21852 at SUSECVE-2025-21852 at NVDCVE-2025-21853 at SUSECVE-2025-21853 at NVDCVE-2025-21854 at SUSECVE-2025-21854 at NVDCVE-2025-21867 at SUSECVE-2025-21867 at NVDCVE-2025-21904 at SUSECVE-2025-21904 at NVDCVE-2025-21925 at SUSECVE-2025-21925 at NVDCVE-2025-21926 at SUSECVE-2025-21926 at NVDCVE-2025-21931 at SUSECVE-2025-21931 at NVDCVE-2025-21962 at SUSECVE-2025-21962 at NVDCVE-2025-21963 at SUSECVE-2025-21963 at NVDCVE-2025-21964 at SUSECVE-2025-21964 at NVDCVE-2025-21980 at SUSECVE-2025-21980 at NVDCVE-2025-21985 at SUSECVE-2025-21985 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-22004 at SUSECVE-2025-22004 at NVDCVE-2025-22015 at SUSECVE-2025-22015 at NVDCVE-2025-22016 at SUSECVE-2025-22016 at NVDCVE-2025-22017 at SUSECVE-2025-22017 at NVDCVE-2025-22018 at SUSECVE-2025-22018 at NVDCVE-2025-22020 at SUSECVE-2025-22020 at NVDCVE-2025-22025 at SUSECVE-2025-22025 at NVDCVE-2025-22027 at SUSECVE-2025-22027 at NVDCVE-2025-22029 at SUSECVE-2025-22029 at NVDCVE-2025-22033 at SUSECVE-2025-22033 at NVDCVE-2025-22036 at SUSECVE-2025-22036 at NVDCVE-2025-22044 at SUSECVE-2025-22044 at NVDCVE-2025-22045 at SUSECVE-2025-22045 at NVDCVE-2025-22050 at SUSECVE-2025-22050 at NVDCVE-2025-22053 at SUSECVE-2025-22053 at NVDCVE-2025-22055 at SUSECVE-2025-22055 at NVDCVE-2025-22058 at SUSECVE-2025-22058 at NVDCVE-2025-22060 at SUSECVE-2025-22060 at NVDCVE-2025-22062 at SUSECVE-2025-22062 at NVDCVE-2025-22064 at SUSECVE-2025-22064 at NVDCVE-2025-22065 at SUSECVE-2025-22065 at NVDCVE-2025-22075 at SUSECVE-2025-22075 at NVDCVE-2025-22080 at SUSECVE-2025-22080 at NVDCVE-2025-22086 at SUSECVE-2025-22086 at NVDCVE-2025-22088 at SUSECVE-2025-22088 at NVDCVE-2025-22090 at SUSECVE-2025-22090 at NVDCVE-2025-22093 at SUSECVE-2025-22093 at NVDCVE-2025-22097 at SUSECVE-2025-22097 at NVDCVE-2025-22102 at SUSECVE-2025-22102 at NVDCVE-2025-22104 at SUSECVE-2025-22104 at NVDCVE-2025-22105 at SUSECVE-2025-22105 at NVDCVE-2025-22106 at SUSECVE-2025-22106 at NVDCVE-2025-22107 at SUSECVE-2025-22107 at NVDCVE-2025-22108 at SUSECVE-2025-22108 at NVDCVE-2025-22109 at SUSECVE-2025-22109 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDCVE-2025-22116 at SUSECVE-2025-22116 at NVDCVE-2025-22121 at SUSECVE-2025-22121 at NVDCVE-2025-22128 at SUSECVE-2025-22128 at NVDCVE-2025-23129 at SUSECVE-2025-23129 at NVDCVE-2025-23131 at SUSECVE-2025-23131 at NVDCVE-2025-23133 at SUSECVE-2025-23133 at NVDCVE-2025-23136 at SUSECVE-2025-23136 at NVDCVE-2025-23138 at SUSECVE-2025-23138 at NVDCVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-37785 at SUSECVE-2025-37785 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37799 at SUSECVE-2025-37799 at NVDCVE-2025-37860 at SUSECVE-2025-37860 at NVDCVE-2025-39728 at SUSECVE-2025-39728 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1248672SUSE bug 1249537CVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1248672SUSE bug 1249537CVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_10 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_10 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_11 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_11 fixes the following issues:
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1249537CVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_12 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_12 fixes the following issues:
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1249537CVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075).
- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).
- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).
- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).
- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).
- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).
- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378).
- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).
- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).
- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).
The following non-security bugs were fixed:
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).
- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).
- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).
- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).
- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).
- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).
- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).
- ASoC: fsl_audmix: register card device depends on 'dais' property (stable-fixes).
- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).
- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).
- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).
- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).
- Bluetooth: hci_uart: fix race during initialization (stable-fixes).
- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).
- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).
- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).
- Correct the upsteram version numbers in the previous patches
- Drop PCI patch that caused a regression (bsc#1241123)
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- Move upstreamed smb patch into sorted section Also move other out-of-tree patches into the proper section
- Move upstreamed sound patch into sorted section
- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)
- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)
- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)
- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)
- Revert "drivers: core: synchronize really_probe() and dev_uevent()" (stable-fixes).
- Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates" (git-fixes).
- Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- USB: wdm: add annotation (git-fixes).
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).
- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).
- asus-laptop: Fix an uninitialized variable (git-fixes).
- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- badblocks: Fix error shitf ops (git-fixes).
- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).
- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).
- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).
- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).
- badblocks: return error if any badblock set fails (git-fixes).
- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).
- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).
- block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes).
- block: fix conversion of GPT partition name to 7-bit (git-fixes).
- block: fix resource leak in blk_register_queue() error path (git-fixes).
- block: integrity: Do not call set_page_dirty_lock() (git-fixes).
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).
- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).
- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).
- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).
- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).
- bpf: add find_containing_subprog() utility function (bsc#1241590).
- bpf: check changes_pkt_data property for extension programs (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).
- bpf: track changes_pkt_data property for global functions (bsc#1241590).
- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).
- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).
- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).
- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).
- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).
- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).
- char: misc: register chrdev region with all possible minors (git-fixes).
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).
- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).
- dm-bufio: do not schedule in atomic context (git-fixes).
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- dm-integrity: set ti->error on memory allocation failure (git-fixes).
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- dm: always update the array size in realloc_argv on success (git-fixes).
- dm: fix copying after src array boundaries (git-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).
- drivers: base: devres: Allow to release group on device release (stable-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).
- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).
- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).
- drm/amdkfd: clamp queue size to minimum (stable-fixes).
- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).
- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).
- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).
- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).
- drm/i915: Disable RPG during live selftest (git-fixes).
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).
- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/tests: Add helper to create mock crtc (stable-fixes).
- drm/tests: Add helper to create mock plane (stable-fixes).
- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).
- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: helpers: Add atomic helpers (stable-fixes).
- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).
- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).
- drm/tests: helpers: Fix compiler warning (git-fixes).
- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).
- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).
- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).
- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).
- e1000e: change k1 configuration on MTP and later platforms (git-fixes).
- eth: bnxt: fix missing ring index trim on error path (git-fixes).
- ethtool: Fix context creation with no parameters (git-fixes).
- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).
- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).
- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).
- ethtool: fix setting key and resetting indir at once (git-fixes).
- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).
- ethtool: netlink: do not return SQI value if link is down (git-fixes).
- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).
- ethtool: rss: echo the context number back (git-fixes).
- exfat: do not fallback to buffered write (git-fixes).
- exfat: drop ->i_size_ondisk (git-fixes).
- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).
- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).
- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).
- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).
- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).
- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).
- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).
- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).
- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).
- fbdev: omapfb: Add 'plane' value check (stable-fixes).
- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).
- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).
- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).
- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).
- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).
- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).
- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).
- gve: handle overflow when reporting TX consumed descriptors (git-fixes).
- gve: set xdp redirect target only when it is available (git-fixes).
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- ice: Add check for devm_kzalloc() (git-fixes).
- ice: fix reservation of resources for RDMA when disabled (git-fixes).
- ice: stop truncating queue ids when checking (git-fixes).
- idpf: check error for register_netdev() on init (git-fixes).
- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).
- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).
- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).
- igc: cleanup PTP module if probe fails (git-fixes).
- igc: fix PTM cycle trigger logic (git-fixes).
- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).
- igc: increase wait time before retrying PTM (git-fixes).
- igc: move ktime snapshot into PTM retry loop (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).
- ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git-fixes).
- irqchip/davinci: Remove leftover header (git-fixes).
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).
- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).
- jbd2: increase IO priority for writing revoke records (bsc#1242332).
- jbd2: increase the journal IO's priority (bsc#1242537).
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).
- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).
- jfs: add sanity check for agwidth in dbMount (git-fixes).
- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- kABI workaround for powercap update (bsc#1241010).
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).
- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).
- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).
- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).
- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).
- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212)
- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).
- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).
- mm/readahead: fix large folio support in async readahead (bsc#1242321).
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).
- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).
- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).
- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).
- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).
- net/mlx5: IRQ, Fix null string in debug print (git-fixes).
- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).
- net/mlx5: Start health poll after enable hca (git-fixes).
- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).
- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).
- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).
- net/tcp: refactor tcp_inet6_sk() (git-fixes).
- net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes).
- net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes).
- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).
- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).
- net: ethtool: Fix RSS setting (git-fixes).
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- net: mana: Switch to page pool for jumbo frames (git-fixes).
- net: mark racy access on sk->sk_rcvbuf (git-fixes).
- net: phy: leds: fix memory leak (git-fixes).
- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).
- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).
- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).
- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).
- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).
- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).
- nfs: add missing selections of CONFIG_CRC32 (git-fixes).
- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).
- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).
- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).
- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).
- nvmet-fcloop: swap list_add_tail arguments (git-fixes).
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).
- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).
- powerpc/boot: Check for ld-option support (bsc#1215199).
- powerpc/boot: Fix dash warning (bsc#1215199).
- powerpc: Do not use --- in kernel logs (git-fixes).
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).
- pwm: rcar: Improve register calculation (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).
- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).
- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes).
- scsi: mpi3mr: Fix locking in an error path (git-fixes).
- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).
- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).
- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).
- sctp: Fix undefined behavior in left shift operation (git-fixes).
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).
- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).
- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).
- sctp: fix busy polling (git-fixes).
- sctp: prefer struct_size over open coded arithmetic (git-fixes).
- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).
- selftests/bpf: Add a few tests to cover (git-fixes).
- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).
- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).
- selftests/bpf: test for changing packet data from global functions (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).
- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).
- serial: msm: Configure correct working mode before starting earlycon (git-fixes).
- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).
- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).
- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).
- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).
- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).
- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).
- tools/hv: update route parsing in kvp daemon (git-fixes).
- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).
- tools/power turbostat: report CoreThr per measurement interval (git-fixes).
- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).
- ublk: set_params: properly check if parameters can be applied (git-fixes).
- udf: Fix inode_getblk() return value (bsc#1242313).
- udf: Skip parent dir link count update if corrupted (bsc#1242315).
- udf: Verify inode link counts before performing rename (bsc#1242314).
- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).
- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).
- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).
- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).
- virtchnl: make proto and filter action count unsigned (git-fixes).
- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).
- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).
- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).
- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes).
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).
- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
- x86/bugs: Add RSB mitigation document (git-fixes).
- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).
- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).
- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).
- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).
- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).
- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).
- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).
- x86/microcode/intel: Set new revision only after a successful update (git-fixes).
- x86/microcode: Remove the driver announcement and version (git-fixes).
- x86/microcode: Rework early revisions reporting (git-fixes).
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(),
on non-FSRM/ERMS CPUs (git-fixes).
- xfs: flush inodegc before swapon (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).
ImportantSUSE bug 1215199SUSE bug 1223809SUSE bug 1224013SUSE bug 1224597SUSE bug 1224757SUSE bug 1228659SUSE bug 1230764SUSE bug 1231103SUSE bug 1232493SUSE bug 1233075SUSE bug 1233098SUSE bug 1235501SUSE bug 1235526SUSE bug 1236086SUSE bug 1236704SUSE bug 1237111SUSE bug 1238212SUSE bug 1238471SUSE bug 1238527SUSE bug 1238714SUSE bug 1238737SUSE bug 1238742SUSE bug 1238745SUSE bug 1238862SUSE bug 1238961SUSE bug 1238983SUSE bug 1239079SUSE bug 1239108SUSE bug 1239470SUSE bug 1239476SUSE bug 1239487SUSE bug 1239510SUSE bug 1239997SUSE bug 1240181SUSE bug 1240557SUSE bug 1240576SUSE bug 1240655SUSE bug 1240709SUSE bug 1240712SUSE bug 1240713SUSE bug 1240717SUSE bug 1240740SUSE bug 1240785SUSE bug 1240802SUSE bug 1240809SUSE bug 1240811SUSE bug 1240835SUSE bug 1240934SUSE bug 1240936SUSE bug 1240944SUSE bug 1241010SUSE bug 1241038SUSE bug 1241051SUSE bug 1241123SUSE bug 1241151SUSE bug 1241167SUSE bug 1241175SUSE bug 1241204SUSE bug 1241250SUSE bug 1241265SUSE bug 1241266SUSE bug 1241280SUSE bug 1241332SUSE bug 1241333SUSE bug 1241341SUSE bug 1241343SUSE bug 1241344SUSE bug 1241347SUSE bug 1241357SUSE bug 1241361SUSE bug 1241369SUSE bug 1241371SUSE bug 1241373SUSE bug 1241378SUSE bug 1241394SUSE bug 1241402SUSE bug 1241412SUSE bug 1241413SUSE bug 1241416SUSE bug 1241424SUSE bug 1241426SUSE bug 1241433SUSE bug 1241436SUSE bug 1241441SUSE bug 1241442SUSE bug 1241443SUSE bug 1241451SUSE bug 1241452SUSE bug 1241456SUSE bug 1241458SUSE bug 1241459SUSE bug 1241526SUSE bug 1241528SUSE bug 1241537SUSE bug 1241541SUSE bug 1241545SUSE bug 1241547SUSE bug 1241548SUSE bug 1241550SUSE bug 1241573SUSE bug 1241574SUSE bug 1241575SUSE bug 1241578SUSE bug 1241590SUSE bug 1241593SUSE bug 1241598SUSE bug 1241599SUSE bug 1241601SUSE bug 1241626SUSE bug 1241640SUSE bug 1241648SUSE bug 1242006SUSE bug 1242044SUSE bug 1242172SUSE bug 1242283SUSE bug 1242307SUSE bug 1242313SUSE bug 1242314SUSE bug 1242315SUSE bug 1242321SUSE bug 1242326SUSE bug 1242327SUSE bug 1242328SUSE bug 1242332SUSE bug 1242333SUSE bug 1242335SUSE bug 1242336SUSE bug 1242342SUSE bug 1242343SUSE bug 1242344SUSE bug 1242345SUSE bug 1242346SUSE bug 1242347SUSE bug 1242348SUSE bug 1242414SUSE bug 1242526SUSE bug 1242528SUSE bug 1242534SUSE bug 1242535SUSE bug 1242536SUSE bug 1242537SUSE bug 1242538SUSE bug 1242539SUSE bug 1242540SUSE bug 1242546SUSE bug 1242556SUSE bug 1242596SUSE bug 1242710SUSE bug 1242778SUSE bug 1242831SUSE bug 1242985CVE-2023-53034 at SUSECVE-2023-53034 at NVDCVE-2024-27018 at SUSECVE-2024-27018 at NVDCVE-2024-27415 at SUSECVE-2024-27415 at NVDCVE-2024-28956 at SUSECVE-2024-28956 at NVDCVE-2024-35840 at SUSECVE-2024-35840 at NVDCVE-2024-46763 at SUSECVE-2024-46763 at NVDCVE-2024-46865 at SUSECVE-2024-46865 at NVDCVE-2024-50083 at SUSECVE-2024-50083 at NVDCVE-2024-50162 at SUSECVE-2024-50162 at NVDCVE-2024-50163 at SUSECVE-2024-50163 at NVDCVE-2024-56641 at SUSECVE-2024-56641 at NVDCVE-2024-56702 at SUSECVE-2024-56702 at NVDCVE-2024-57924 at SUSECVE-2024-57924 at NVDCVE-2024-57998 at SUSECVE-2024-57998 at NVDCVE-2024-58001 at SUSECVE-2024-58001 at NVDCVE-2024-58068 at SUSECVE-2024-58068 at NVDCVE-2024-58070 at SUSECVE-2024-58070 at NVDCVE-2024-58088 at SUSECVE-2024-58088 at NVDCVE-2024-58093 at SUSECVE-2024-58093 at NVDCVE-2024-58094 at SUSECVE-2024-58094 at NVDCVE-2024-58095 at SUSECVE-2024-58095 at NVDCVE-2024-58096 at SUSECVE-2024-58096 at NVDCVE-2024-58097 at SUSECVE-2024-58097 at NVDCVE-2025-21683 at SUSECVE-2025-21683 at NVDCVE-2025-21696 at SUSECVE-2025-21696 at NVDCVE-2025-21707 at SUSECVE-2025-21707 at NVDCVE-2025-21758 at SUSECVE-2025-21758 at NVDCVE-2025-21768 at SUSECVE-2025-21768 at NVDCVE-2025-21792 at SUSECVE-2025-21792 at NVDCVE-2025-21808 at SUSECVE-2025-21808 at NVDCVE-2025-21812 at SUSECVE-2025-21812 at NVDCVE-2025-21833 at SUSECVE-2025-21833 at NVDCVE-2025-21852 at SUSECVE-2025-21852 at NVDCVE-2025-21853 at SUSECVE-2025-21853 at NVDCVE-2025-21854 at SUSECVE-2025-21854 at NVDCVE-2025-21867 at SUSECVE-2025-21867 at NVDCVE-2025-21904 at SUSECVE-2025-21904 at NVDCVE-2025-21925 at SUSECVE-2025-21925 at NVDCVE-2025-21926 at SUSECVE-2025-21926 at NVDCVE-2025-21931 at SUSECVE-2025-21931 at NVDCVE-2025-21962 at SUSECVE-2025-21962 at NVDCVE-2025-21963 at SUSECVE-2025-21963 at NVDCVE-2025-21964 at SUSECVE-2025-21964 at NVDCVE-2025-21980 at SUSECVE-2025-21980 at NVDCVE-2025-21985 at SUSECVE-2025-21985 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-22004 at SUSECVE-2025-22004 at NVDCVE-2025-22015 at SUSECVE-2025-22015 at NVDCVE-2025-22016 at SUSECVE-2025-22016 at NVDCVE-2025-22017 at SUSECVE-2025-22017 at NVDCVE-2025-22018 at SUSECVE-2025-22018 at NVDCVE-2025-22020 at SUSECVE-2025-22020 at NVDCVE-2025-22025 at SUSECVE-2025-22025 at NVDCVE-2025-22027 at SUSECVE-2025-22027 at NVDCVE-2025-22029 at SUSECVE-2025-22029 at NVDCVE-2025-22033 at SUSECVE-2025-22033 at NVDCVE-2025-22036 at SUSECVE-2025-22036 at NVDCVE-2025-22044 at SUSECVE-2025-22044 at NVDCVE-2025-22045 at SUSECVE-2025-22045 at NVDCVE-2025-22050 at SUSECVE-2025-22050 at NVDCVE-2025-22053 at SUSECVE-2025-22053 at NVDCVE-2025-22055 at SUSECVE-2025-22055 at NVDCVE-2025-22058 at SUSECVE-2025-22058 at NVDCVE-2025-22060 at SUSECVE-2025-22060 at NVDCVE-2025-22062 at SUSECVE-2025-22062 at NVDCVE-2025-22064 at SUSECVE-2025-22064 at NVDCVE-2025-22065 at SUSECVE-2025-22065 at NVDCVE-2025-22075 at SUSECVE-2025-22075 at NVDCVE-2025-22080 at SUSECVE-2025-22080 at NVDCVE-2025-22086 at SUSECVE-2025-22086 at NVDCVE-2025-22088 at SUSECVE-2025-22088 at NVDCVE-2025-22090 at SUSECVE-2025-22090 at NVDCVE-2025-22093 at SUSECVE-2025-22093 at NVDCVE-2025-22097 at SUSECVE-2025-22097 at NVDCVE-2025-22102 at SUSECVE-2025-22102 at NVDCVE-2025-22104 at SUSECVE-2025-22104 at NVDCVE-2025-22105 at SUSECVE-2025-22105 at NVDCVE-2025-22106 at SUSECVE-2025-22106 at NVDCVE-2025-22107 at SUSECVE-2025-22107 at NVDCVE-2025-22108 at SUSECVE-2025-22108 at NVDCVE-2025-22109 at SUSECVE-2025-22109 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDCVE-2025-22116 at SUSECVE-2025-22116 at NVDCVE-2025-22121 at SUSECVE-2025-22121 at NVDCVE-2025-22128 at SUSECVE-2025-22128 at NVDCVE-2025-23129 at SUSECVE-2025-23129 at NVDCVE-2025-23131 at SUSECVE-2025-23131 at NVDCVE-2025-23133 at SUSECVE-2025-23133 at NVDCVE-2025-23136 at SUSECVE-2025-23136 at NVDCVE-2025-23138 at SUSECVE-2025-23138 at NVDCVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-37785 at SUSECVE-2025-37785 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37799 at SUSECVE-2025-37799 at NVDCVE-2025-37860 at SUSECVE-2025-37860 at NVDCVE-2025-39728 at SUSECVE-2025-39728 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-50253: bpf: make sure skb->len != 0 when redirecting to a tunneling device (bsc#1249912).
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786).
- CVE-2025-21710: tcp: correct handling of extreme memory squeeze (bsc#1237888).
- CVE-2025-37916: pds_core: remove write-after-free of client_id (bsc#1243474).
- CVE-2025-38359: s390/mm: Fix in_atomic() handling in do_secure_storage_access() (bsc#1247076).
- CVE-2025-38361: drm/amd/display: Check dce_hwseq before dereferencing it (bsc#1247079).
- CVE-2025-39788: scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE (bsc#1249547).
- CVE-2025-39805: net: macb: fix unregister_netdev call order in macb_remove() (bsc#1249982).
- CVE-2025-39819: fs/smb: Fix inconsistent refcnt update (bsc#1250176).
- CVE-2025-39859: ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog (bsc#1250252).
- CVE-2025-39944: octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() (bsc#1251120).
- CVE-2025-39980: nexthop: Forbid FDB status change while nexthop is in a group (bsc#1252063).
- CVE-2025-40001: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (bsc#1252303).
- CVE-2025-40021: tracing: dynevent: Add a missing lockdown check on dynevent (bsc#1252681).
- CVE-2025-40027: net/9p: fix double req put in p9_fd_cancelled (bsc#1252763).
- CVE-2025-40030: pinctrl: check the return value of pinmux_ops::get_function_name() (bsc#1252773).
- CVE-2025-40038: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid (bsc#1252817).
- CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780).
- CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862).
- CVE-2025-40055: ocfs2: fix double free in user_cluster_connect() (bsc#1252821).
- CVE-2025-40059: coresight: Fix incorrect handling for return value of devm_kzalloc (bsc#1252809).
- CVE-2025-40064: smc: Fix use-after-free in __pnet_find_base_ndev() (bsc#1252845).
- CVE-2025-40070: pps: fix warning in pps_register_cdev when register device fail (bsc#1252836).
- CVE-2025-40074: net: dst_cache: annotate data-races around dst_cache->reset_ts (bsc#1252794).
- CVE-2025-40075: tcp_metrics: use dst_dev_net_rcu() (bsc#1252795).
- CVE-2025-40083: net/sched: sch_qfq: Fix null-deref in agg_dequeue (bsc#1252912).
- CVE-2025-40098: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (bsc#1252917).
- CVE-2025-40105: vfs: Don't leak disconnected dentries on umount (bsc#1252928).
- CVE-2025-40139: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (bsc#1253409).
- CVE-2025-40149: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (bsc#1253355).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253403).
- CVE-2025-40168: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (bsc#1253427).
- CVE-2025-40169: bpf: Reject negative offsets for ALU ops (bsc#1253416).
- CVE-2025-40173: net/ip6_tunnel: Prevent perpetual tunnel growth (bsc#1253421).
- CVE-2025-40176: tls: wait for pending async decryptions if tls_strp_msg_hold fails (bsc#1253425).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).
- CVE-2025-40206: Add missing bugzilla reference to net fix (bsc#1250237 bsc#1253393).
The following non-security bugs were fixed:
- ACPI: CPPC: Check _CPC validity for only the online CPUs (git-fixes).
- ACPI: CPPC: Limit perf ctrs in PCC check only to online CPUs (git-fixes).
- ACPI: CPPC: Perform fast check switch only for online CPUs (git-fixes).
- ACPI: PRM: Skip handlers with NULL handler_address or NULL VA (stable-fixes).
- ACPI: SBS: Fix present test in acpi_battery_read() (git-fixes).
- ACPI: property: Return present device nodes only on fwnode interface (stable-fixes).
- ACPI: scan: Add Intel CVS ACPI HIDs to acpi_ignore_dep_ids (stable-fixes).
- ACPICA: Update dsmethod.c to get rid of unused variable warning (stable-fixes).
- ACPICA: dispatcher: Use acpi_ds_clear_operands() in acpi_ds_call_control_method() (stable-fixes).
- ALSA: hda: Fix missing pointer check in hda_component_manager_init function (git-fixes).
- ALSA: serial-generic: remove shared static buffer (stable-fixes).
- ALSA: usb-audio: Add validation of UAC2/UAC3 effect units (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (git-fixes).
- ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (stable-fixes).
- ALSA: usb-audio: add mono main switch to Presonus S1824c (stable-fixes).
- ALSA: usb-audio: apply quirk for MOONDROP Quark2 (stable-fixes).
- ALSA: usb-audio: do not log messages meant for 1810c when initializing 1824c (git-fixes).
- ALSA: usb-audio: fix uac2 clock source at terminal parser (git-fixes).
- ASoC: codecs: va-macro: fix resource leak in probe error path (git-fixes).
- ASoC: cs4271: Fix regulator leak on probe failure (git-fixes).
- ASoC: max98090/91: fixed max98091 ALSA widget powering up/down (stable-fixes).
- ASoC: meson: aiu-encoder-i2s: fix bit clock polarity (stable-fixes).
- ASoC: qcom: sc8280xp: explicitly set S16LE format in sc8280xp_be_hw_params_fixup() (stable-fixes).
- ASoC: stm32: sai: manage context in set_sysclk callback (stable-fixes).
- ASoC: tlv320aic3x: Fix class-D initialization for tlv320aic3007 (stable-fixes).
- Bluetooth: 6lowpan: Do not hold spin lock over sleeping functions (git-fixes).
- Bluetooth: 6lowpan: add missing l2cap_chan_lock() (git-fixes).
- Bluetooth: 6lowpan: fix BDADDR_LE vs ADDR_LE_DEV address type confusion (git-fixes).
- Bluetooth: 6lowpan: reset link-local header on ipv6 recv path (git-fixes).
- Bluetooth: L2CAP: export l2cap_chan_hold for modules (stable-fixes).
- Bluetooth: MGMT: cancel mesh send timer when hdev removed (git-fixes).
- Bluetooth: SCO: Fix UAF on sco_conn_free (stable-fixes).
- Bluetooth: bcsp: receive data only if registered (stable-fixes).
- Bluetooth: btrtl: Fix memory leak in rtlbt_parse_firmware_v2() (git-fixes).
- Bluetooth: btusb: Check for unexpected bytes when defragmenting HCI frames (stable-fixes).
- Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (git-fixes).
- Bluetooth: hci_event: validate skb length for unknown CC opcode (git-fixes).
- Documentation: ACPI: i2c-muxes: fix I2C device references (git-fixes).
- Drivers: hv: vmbus: Add utility function for querying ring size (git-fixes).
- HID: amd_sfh: Stop sensor before starting (git-fixes).
- HID: hid-ntrig: Prevent memory leak in ntrig_report_version() (git-fixes).
- HID: quirks: avoid Cooler Master MM712 dongle wakeup bug (stable-fixes).
- HID: quirks: work around VID/PID conflict for 0x4c4a/0x4155 (git-fixes).
- HID: uclogic: Fix potential memory leak in error path (git-fixes).
- Input: atmel_mxt_ts - allow reset GPIO to sleep (stable-fixes).
- Input: imx_sc_key - fix memory corruption on unload (git-fixes).
- Input: pegasus-notetaker - fix potential out-of-bounds access (git-fixes).
- KVM: Pass new routing entries and irqfd when updating IRTEs (git-fixes).
- KVM: SVM: Delete IRTE link from previous vCPU before setting new IRTE (git-fixes).
- KVM: SVM: Delete IRTE link from previous vCPU irrespective of new routing (git-fixes).
- KVM: SVM: Emulate PERF_CNTR_GLOBAL_STATUS_SET for PerfMonV2 (git-fixes).
- KVM: SVM: Mark VMCB_LBR dirty when MSR_IA32_DEBUGCTLMSR is updated (git-fixes).
- KVM: SVM: Re-load current, not host, TSC_AUX on #VMEXIT from SEV-ES guest (git-fixes).
- KVM: SVM: Track per-vCPU IRTEs using kvm_kernel_irqfd structure (git-fixes).
- KVM: SVM: WARN if an invalid posted interrupt IRTE entry is added (git-fixes).
- KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported (git-fixes).
- KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes).
- KVM: VMX: Fix check for valid GVA on an EPT violation (git-fixes).
- KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest (git-fixes).
- KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs (git-fixes).
- KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter (git-fixes).
- KVM: x86/mmu: Locally cache whether a PFN is host MMIO when making a SPTE (git-fixes).
- KVM: x86: Add helper to retrieve current value of user return MSR (git-fixes).
- KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap (git-fixes).
- KVM: x86: Do not treat ENTER and LEAVE as branches, because they are not (git-fixes).
- KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag (git-fixes).
- NFS4: Fix state renewals missing after boot (git-fixes).
- NFS: check if suid/sgid was cleared after a write as needed (git-fixes).
- NFSD: Never cache a COMPOUND when the SEQUENCE operation fails (git-fixes).
- NFSD: Skip close replay processing if XDR encoding fails (git-fixes).
- NFSD: free copynotify stateid in nfs4_free_ol_stateid() (git-fixes).
- NFSv4.1: fix mount hang after CREATE_SESSION failure (git-fixes).
- NFSv4: handle ERR_GRACE on delegation recalls (git-fixes).
- PCI/P2PDMA: Fix incorrect pointer usage in devm_kfree() call (stable-fixes).
- PCI/PM: Skip resuming to D0 if device is disconnected (stable-fixes).
- PCI: Disable MSI on RDC PCI to PCIe bridges (stable-fixes).
- PCI: cadence: Check for the existence of cdns_pcie::ops before using it (stable-fixes).
- PCI: dwc: Verify the single eDMA IRQ in dw_pcie_edma_irq_verify() (stable-fixes).
- PCI: j721e: Fix incorrect error message in probe() (git-fixes).
- PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock (git-fixes).
- PCI: tegra194: Reset BARs when running in PCIe endpoint mode (git-fixes).
- RDMA/bnxt_re: Do not fail destroy QP and cleanup debugfs earlier (git-fixes)
- RDMA/bnxt_re: Fix a potential memory leak in destroy_gsi_sqp (git-fixes)
- RDMA/hns: Fix recv CQ and QP cache affinity (git-fixes)
- RDMA/hns: Fix the modification of max_send_sge (git-fixes)
- RDMA/hns: Fix wrong WQE data when QP wraps around (git-fixes)
- RDMA/irdma: Fix SD index calculation (git-fixes)
- RDMA/irdma: Set irdma_cq cq_num field during CQ create (git-fixes)
- Revert "drm/tegra: dsi: Clear enable register if powered by bootloader" (git-fixes).
- Revert "wifi: ath10k: avoid unnecessary wait for service ready message" (git-fixes).
- accel/habanalabs/gaudi2: fix BMON disable configuration (stable-fixes).
- accel/habanalabs/gaudi2: read preboot status after recovering from dirty state (stable-fixes).
- accel/habanalabs: return ENOMEM if less than requested pages were pinned (stable-fixes).
- accel/habanalabs: support mapping cb with vmalloc-backed coherent memory (stable-fixes).
- acpi,srat: Fix incorrect device handle check for Generic Initiator (git-fixes).
- amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw (stable-fixes).
- block: avoid possible overflow for chunk_sectors check in blk_stack_limits() (git-fixes).
- block: fix kobject double initialization in add_disk (git-fixes).
- btrfs: abort transaction on failure to add link to inode (git-fixes).
- btrfs: avoid page_lockend underflow in btrfs_punch_hole_lock_range() (git-fix).
- btrfs: avoid using fixed char array size for tree names (git-fix).
- btrfs: do not update last_log_commit when logging inode due to a new name (git-fixes).
- btrfs: fix COW handling in run_delalloc_nocow() (git-fix).
- btrfs: fix inode leak on failure to add link to inode (git-fixes).
- btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve (git-fix).
- btrfs: mark dirty extent range for out of bound prealloc extents (git-fixes).
- btrfs: qgroup: correctly model root qgroup rsv in convert (git-fix).
- btrfs: rename err to ret in btrfs_link() (git-fixes).
- btrfs: run btrfs_error_commit_super() early (git-fix).
- btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fix).
- btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fixes).
- btrfs: send: fix duplicated rmdir operations when using extrefs (git-fixes).
- btrfs: set inode flag BTRFS_INODE_COPY_EVERYTHING when logging new name (git-fixes).
- btrfs: simplify error handling logic for btrfs_link() (git-fixes).
- btrfs: tree-checker: add dev extent item checks (git-fix).
- btrfs: tree-checker: add type and sequence check for inline backrefs (git-fix).
- btrfs: tree-checker: fix the wrong output of data backref objectid (git-fix).
- btrfs: tree-checker: reject BTRFS_FT_UNKNOWN dir type (git-fix).
- btrfs: tree-checker: validate dref root and objectid (git-fix).
- btrfs: use smp_mb__after_atomic() when forcing COW in create_pending_snapshot() (git-fixes).
- char: misc: Does not request module for miscdevice with dynamic minor (stable-fixes).
- char: misc: Make misc_register() reentry for miscdevice who wants dynamic minor (stable-fixes).
- char: misc: restrict the dynamic range to exclude reserved minors (stable-fixes).
- cramfs: Verify inode mode when loading from disk (git-fixes).
- crypto: aspeed - fix double free caused by devm (git-fixes).
- crypto: aspeed-acry - Convert to platform remove callback returning void (stable-fixes).
- crypto: hisilicon/qm - Fix device reference leak in qm_get_qos_value (git-fixes).
- crypto: iaa - Do not clobber req->base.data (git-fixes).
- crypto: qat - use kcalloc() in qat_uclo_map_objs_from_mof() (stable-fixes).
- dmaengine: dw-edma: Set status for callback_result (stable-fixes).
- dmaengine: mv_xor: match alloc_wc and free_wc (stable-fixes).
- drm/amd/display: Add AVI infoframe copy in copy_stream_update_to_stream (stable-fixes).
- drm/amd/display: Disable VRR on DCE 6 (stable-fixes).
- drm/amd/display: Fix DVI-D/HDMI adapters (stable-fixes).
- drm/amd/display: Fix NULL deref in debugfs odm_combine_segments (git-fixes).
- drm/amd/display: Fix black screen with HDMI outputs (git-fixes).
- drm/amd/display: Increase AUX Intra-Hop Done Max Wait Duration (stable-fixes).
- drm/amd/display: add more cyan skillfish devices (stable-fixes).
- drm/amd/display: ensure committing streams is seamless (stable-fixes).
- drm/amd/display: update dpp/disp clock from smu clock table (stable-fixes).
- drm/amd/pm: Disable MCLK switching on SI at high pixel clocks (stable-fixes).
- drm/amd/pm: Use cached metrics data on aldebaran (stable-fixes).
- drm/amd/pm: Use cached metrics data on arcturus (stable-fixes).
- drm/amd: Avoid evicting resources at S5 (stable-fixes).
- drm/amd: Fix suspend failure with secure display TA (git-fixes).
- drm/amd: add more cyan skillfish PCI ids (stable-fixes).
- drm/amdgpu/jpeg: Hold pg_lock before jpeg poweroff (stable-fixes).
- drm/amdgpu: Allow kfd CRIU with no buffer objects (stable-fixes).
- drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices (stable-fixes).
- drm/amdgpu: Use memdup_array_user in amdgpu_cs_wait_fences_ioctl (stable-fixes).
- drm/amdgpu: add support for cyan skillfish gpu_info (stable-fixes).
- drm/amdgpu: do not enable SMU on cyan skillfish (stable-fixes).
- drm/amdgpu: reject gang submissions under SRIOV (stable-fixes).
- drm/amdkfd: Handle lack of READ permissions in SVM mapping (stable-fixes).
- drm/amdkfd: Tie UNMAP_LATENCY to queue_preemption (stable-fixes).
- drm/amdkfd: fix vram allocation failure for a special case (stable-fixes).
- drm/amdkfd: return -ENOTTY for unsupported IOCTLs (stable-fixes).
- drm/bridge: cdns-dsi: Do not fail on MIPI_DSI_MODE_VIDEO_BURST (stable-fixes).
- drm/bridge: cdns-dsi: Fix REG_WAKEUP_TIME value (stable-fixes).
- drm/bridge: display-connector: do not set OP_DETECT for DisplayPorts (stable-fixes).
- drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD (git-fixes).
- drm/i915: Fix conversion between clock ticks and nanoseconds (git-fixes).
- drm/msm/dsi/phy: Toggle back buffer resync after preparing PLL (stable-fixes).
- drm/msm/dsi/phy_7nm: Fix missing initial VCO rate (stable-fixes).
- drm/msm: make sure to not queue up recovery more than once (stable-fixes).
- drm/nouveau: replace snprintf() with scnprintf() in nvkm_snprintbf() (stable-fixes).
- drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb (git-fixes).
- drm/tegra: Add call to put_pid() (git-fixes).
- drm/tegra: dc: Fix reference leak in tegra_dc_couple() (git-fixes).
- drm/tidss: Set crtc modesetting parameters with adjusted mode (stable-fixes).
- drm/tidss: Use the crtc_* timings when programming the HW (stable-fixes).
- drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (git-fixes).
- exfat: limit log print for IO error (git-fixes).
- extcon: adc-jack: Cleanup wakeup source only if it was enabled (git-fixes).
- extcon: adc-jack: Fix wakeup source leaks on device unbind (stable-fixes).
- fbcon: Set fb_display[i]->mode to NULL when the mode is released (stable-fixes).
- fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (stable-fixes).
- fbdev: bitblit: bound-check glyph index in bit_putcs* (stable-fixes).
- fbdev: pvr2fb: Fix leftover reference to ONCHIP_NR_DMA_CHANNELS (stable-fixes).
- hwmon: (asus-ec-sensors) increase timeout for locking ACPI mutex (stable-fixes).
- hwmon: (dell-smm) Add support for Dell OptiPlex 7040 (stable-fixes).
- hwmon: (k10temp) Add device ID for Strix Halo (stable-fixes).
- hwmon: (k10temp) Add thermal support for AMD Family 1Ah-based models (stable-fixes).
- hwmon: (sbtsi_temp) AMD CPU extended temperature range support (stable-fixes).
- hwmon: sy7636a: add alias (stable-fixes).
- iio: adc: imx93_adc: load calibrated values even calibration failed (stable-fixes).
- iio: adc: spear_adc: mask SPEAR_ADC_STATUS channel and avg sample before setting register (stable-fixes).
- ima: do not clear IMA_DIGSIG flag when setting or removing non-IMA xattr (stable-fixes).
- iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE (git-fixes).
- isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe() (git-fixes).
- jfs: Verify inode mode when loading from disk (git-fixes).
- jfs: fix uninitialized waitqueue in transaction manager (git-fixes).
- kABI fix for KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes) (git-fixes).
- lib/crypto: curve25519-hacl64: Fix older clang KASAN workaround for GCC (git-fixes).
- md/raid1: fix data lost for writemostly rdev (git-fixes).
- md: fix mssing blktrace bio split events (git-fixes).
- media: adv7180: Add missing lock in suspend callback (stable-fixes).
- media: adv7180: Do not write format to device in set_fmt (stable-fixes).
- media: adv7180: Only validate format in querystd (stable-fixes).
- media: amphion: Delete v4l2_fh synchronously in .release() (stable-fixes).
- media: fix uninitialized symbol warnings (stable-fixes).
- media: i2c: Kconfig: Ensure a dependency on HAVE_CLK for VIDEO_CAMERA_SENSOR (stable-fixes).
- media: i2c: og01a1b: Specify monochrome media bus format instead of Bayer (stable-fixes).
- media: imon: make send_packet() more robust (stable-fixes).
- media: ov08x40: Fix the horizontal flip control (stable-fixes).
- media: redrat3: use int type to store negative error codes (stable-fixes).
- media: uvcvideo: Use heuristic to find stream entity (git-fixes).
- memstick: Add timeout to prevent indefinite waiting (stable-fixes).
- mfd: da9063: Split chip variant reading in two bus transactions (stable-fixes).
- mfd: madera: Work around false-positive -Wininitialized warning (stable-fixes).
- mfd: stmpe-i2c: Add missing MODULE_LICENSE (stable-fixes).
- mfd: stmpe: Remove IRQ domain upon removal (stable-fixes).
- minixfs: Verify inode mode when loading from disk (git-fixes).
- mm/mm_init: fix hash table order logging in alloc_large_system_hash() (git-fixes).
- mm/secretmem: fix use-after-free race in fault handler (git-fixes).
- mmc: host: renesas_sdhi: Fix the actual clock (stable-fixes).
- mmc: sdhci-msm: Enable tuning for SDR50 mode for SD card (stable-fixes).
- mmc: sdhci-of-dwcmshc: Change DLL_STRBIN_TAPNUM_DEFAULT to 0x4 (git-fixes).
- mtd: onenand: Pass correct pointer to IRQ handler (git-fixes).
- mtd: rawnand: cadence: fix DMA device NULL pointer dereference (git-fixes).
- mtdchar: fix integer overflow in read/write ioctls (git-fixes).
- net/mana: fix warning in the writer of client oob (git-fixes).
- net/smc: Remove validation of reserved bits in CLC Decline message (bsc#1253779).
- net: nfc: nci: Increase NCI_DATA_TIMEOUT to 3000 ms (stable-fixes).
- net: phy: clear link parameters on admin link down (stable-fixes).
- net: phy: fixed_phy: let fixed_phy_unregister free the phy_device (stable-fixes).
- net: phy: marvell: Fix 88e1510 downshift counter errata (stable-fixes).
- net: tcp: send zero-window ACK when no memory (bsc#1253779).
- net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (git-fixes).
- nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing (git-fixes).
- nfsd: do not defer requests during idmap lookup in v4 compound decode (bsc#1232223).
- nfsd: fix return error codes for nfsd_map_name_to_id (bsc#1232223).
- nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot (git-fixes).
- perf script: add --addr2line option (bsc#1247509).
- phy: cadence: cdns-dphy: Enable lower resolutions in dphy (stable-fixes).
- phy: renesas: r8a779f0-ether-serdes: add new step added to latest datasheet (stable-fixes).
- phy: rockchip: phy-rockchip-inno-csidphy: allow writes to grf register 0 (stable-fixes).
- pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc (git-fixes).
- pinctrl: s32cc: initialize gpio_pin_config::list after kmalloc() (git-fixes).
- pinctrl: single: fix bias pull up/down handling in pin_config_set (stable-fixes).
- platform/x86/intel/speed_select_if: Convert PCIBIOS_* return codes to errnos (git-fixes).
- power: supply: qcom_battmgr: add OOI chemistry (stable-fixes).
- power: supply: qcom_battmgr: handle charging state change notifications (stable-fixes).
- power: supply: sbs-charger: Support multiple devices (stable-fixes).
- regulator: fixed: fix GPIO descriptor leak on register failure (git-fixes).
- rtc: rx8025: fix incorrect register reference (git-fixes).
- s390/mm,fault: simplify kfence fault handling (bsc#1247076).
- scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans (git-fixes).
- scsi: aacraid: Stop using PCI_IRQ_AFFINITY (git-fixes).
- scsi: core: sysfs: Correct sysfs attributes access rights (git-fixes).
- scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() (git-fixes).
- scsi: libfc: Prevent integer overflow in fc_fcp_recv_data() (git-fixes).
- scsi: mpi3mr: Correctly handle ATA device errors (git-fixes).
- scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers (git-fixes).
- scsi: mpt3sas: Correctly handle ATA device errors (git-fixes).
- scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() (git-fixes).
- scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod (git-fixes).
- scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267).
- selftests/bpf: Close fd in error path in drop_on_reuseport (git-fixes).
- selftests/bpf: Close obj in error path in xdp_adjust_tail (git-fixes).
- selftests/bpf: Fix missing ARRAY_SIZE() definition in bench.c (git-fixes).
- selftests/bpf: Fix missing BUILD_BUG_ON() declaration (git-fixes).
- selftests/bpf: Fix missing UINT_MAX definitions in benchmarks (git-fixes).
- selftests/bpf: Fix string read in strncmp benchmark (git-fixes).
- selftests/bpf: Use pid_t consistently in test_progs.c (git-fixes).
- selftests/bpf: fix signedness bug in redir_partial() (git-fixes).
- serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 (git-fixes).
- serial: 8250_mtk: Enable baud clock and manage in runtime PM (git-fixes).
- soc/tegra: fuse: Add Tegra114 nvmem cells and fuse lookups (stable-fixes).
- soc: aspeed: socinfo: Add AST27xx silicon IDs (stable-fixes).
- soc: qcom: smem: Fix endian-unaware access of num_entries (stable-fixes).
- spi: Try to get ACPI GPIO IRQ earlier (git-fixes).
- spi: loopback-test: Do not use %pK through printk (stable-fixes).
- spi: rpc-if: Add resume support for RZ/G3E (stable-fixes).
- strparser: Fix signed/unsigned mismatch bug (git-fixes).
- tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork (bsc#1250705).
- thunderbolt: Use is_pciehp instead of is_hotplug_bridge (stable-fixes).
- tools/cpupower: Fix incorrect size in cpuidle_state_disable() (stable-fixes).
- tools/cpupower: fix error return value in cpupower_write_sysfs() (stable-fixes).
- tools/power x86_energy_perf_policy: Enhance HWP enable (stable-fixes).
- tools/power x86_energy_perf_policy: Fix incorrect fopen mode usage (stable-fixes).
- tools/power x86_energy_perf_policy: Prefer driver HWP limits (stable-fixes).
- tools: lib: thermal: do not preserve owner in install (stable-fixes).
- tools: lib: thermal: use pkg-config to locate libnl3 (stable-fixes).
- uio_hv_generic: Query the ringbuffer size for device (git-fixes).
- usb/core/quirks: Add Huawei ME906S to wakeup quirk (git-fixes).
- usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget (stable-fixes).
- usb: gadget: f_fs: Fix epfile null pointer access after ep enable (stable-fixes).
- usb: gadget: f_hid: Fix zero length packet transfer (stable-fixes).
- usb: gadget: f_ncm: Fix MAC assignment NCM ethernet (stable-fixes).
- usb: mon: Increase BUFF_MAX to 64 MiB to support multi-MB URBs (stable-fixes).
- usb: xhci: plat: Facilitate using autosuspend for xhci plat devices (stable-fixes).
- video: backlight: lp855x_bl: Set correct EPROM start for LP8556 (stable-fixes).
- watchdog: s3c2410_wdt: Fix max_timeout being calculated larger (stable-fixes).
- wifi: ath10k: Fix connection after GTK rekeying (stable-fixes).
- wifi: ath11k: zero init info->status in wmi_process_mgmt_tx_comp() (git-fixes).
- wifi: ath12k: Increase DP_REO_CMD_RING_SIZE to 256 (stable-fixes).
- wifi: mac80211: Fix HE capabilities element check (stable-fixes).
- wifi: mac80211: reject address change while connecting (git-fixes).
- wifi: mac80211: skip rate verification for not captured PSDUs (git-fixes).
- wifi: mac80211_hwsim: Limit destroy_on_close radio removal to netgroup (git-fixes).
- wifi: mt76: mt7921: Add 160MHz beamformee capability for mt7922 device (stable-fixes).
- wifi: mt76: mt7996: Temporarily disable EPCS (stable-fixes).
- wifi: mwl8k: inject DSSS Parameter Set element into beacons if missing (git-fixes).
- wifi: rtw88: sdio: use indirect IO for device registers before power-on (stable-fixes).
- wifi: zd1211rw: fix potential memory leak in __zd_usb_enable_rx() (git-fixes).
- x86/CPU/AMD: Add RDSEED fix for Zen5 (git-fixes).
- x86/CPU/AMD: Add additional fixed RDSEED microcode revisions (git-fixes).
- x86/CPU/AMD: Add missing terminator for zen5_rdseed_microcode (git-fixes).
- x86/CPU/AMD: Do the common init on future Zens too (git-fixes).
- x86/amd_nb: Add new PCI IDs for AMD family 0x1a (stable-fixes).
- x86/bugs: Fix reporting of LFENCE retpoline (git-fixes).
- x86/bugs: Report correct retbleed mitigation status (git-fixes).
- x86/vmscape: Add old Intel CPUs to affected list (git-fixes).
- xhci: dbc: Allow users to modify DbC poll interval via sysfs (stable-fixes).
- xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes).
- xhci: dbc: Improve performance by removing delay in transfer event polling (stable-fixes).
- xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event (git-fixes).
- xhci: dbc: poll at different rate depending on data transfer activity (stable-fixes).
ImportantSUSE bug 1232223SUSE bug 1237888SUSE bug 1243474SUSE bug 1245193SUSE bug 1247076SUSE bug 1247079SUSE bug 1247500SUSE bug 1247509SUSE bug 1249547SUSE bug 1249912SUSE bug 1249982SUSE bug 1250176SUSE bug 1250237SUSE bug 1250252SUSE bug 1250705SUSE bug 1251120SUSE bug 1251786SUSE bug 1252063SUSE bug 1252267SUSE bug 1252303SUSE bug 1252353SUSE bug 1252681SUSE bug 1252763SUSE bug 1252773SUSE bug 1252780SUSE bug 1252794SUSE bug 1252795SUSE bug 1252809SUSE bug 1252817SUSE bug 1252821SUSE bug 1252836SUSE bug 1252845SUSE bug 1252862SUSE bug 1252912SUSE bug 1252917SUSE bug 1252928SUSE bug 1253018SUSE bug 1253176SUSE bug 1253275SUSE bug 1253318SUSE bug 1253324SUSE bug 1253349SUSE bug 1253352SUSE bug 1253355SUSE bug 1253360SUSE bug 1253362SUSE bug 1253363SUSE bug 1253367SUSE bug 1253369SUSE bug 1253393SUSE bug 1253395SUSE bug 1253403SUSE bug 1253407SUSE bug 1253409SUSE bug 1253412SUSE bug 1253416SUSE bug 1253421SUSE bug 1253423SUSE bug 1253424SUSE bug 1253425SUSE bug 1253427SUSE bug 1253428SUSE bug 1253431SUSE bug 1253436SUSE bug 1253438SUSE bug 1253440SUSE bug 1253441SUSE bug 1253445SUSE bug 1253448SUSE bug 1253449SUSE bug 1253453SUSE bug 1253456SUSE bug 1253472SUSE bug 1253779CVE-2022-50253 at SUSECVE-2022-50253 at NVDCVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-21710 at SUSECVE-2025-21710 at NVDCVE-2025-37916 at SUSECVE-2025-37916 at NVDCVE-2025-38359 at SUSECVE-2025-38359 at NVDCVE-2025-38361 at SUSECVE-2025-38361 at NVDCVE-2025-39788 at SUSECVE-2025-39788 at NVDCVE-2025-39805 at SUSECVE-2025-39805 at NVDCVE-2025-39819 at SUSECVE-2025-39819 at NVDCVE-2025-39859 at SUSECVE-2025-39859 at NVDCVE-2025-39944 at SUSECVE-2025-39944 at NVDCVE-2025-39980 at SUSECVE-2025-39980 at NVDCVE-2025-40001 at SUSECVE-2025-40001 at NVDCVE-2025-40021 at SUSECVE-2025-40021 at NVDCVE-2025-40027 at SUSECVE-2025-40027 at NVDCVE-2025-40030 at SUSECVE-2025-40030 at NVDCVE-2025-40038 at SUSECVE-2025-40038 at NVDCVE-2025-40040 at SUSECVE-2025-40040 at NVDCVE-2025-40048 at SUSECVE-2025-40048 at NVDCVE-2025-40055 at SUSECVE-2025-40055 at NVDCVE-2025-40059 at SUSECVE-2025-40059 at NVDCVE-2025-40064 at SUSECVE-2025-40064 at NVDCVE-2025-40070 at SUSECVE-2025-40070 at NVDCVE-2025-40074 at SUSECVE-2025-40074 at NVDCVE-2025-40075 at SUSECVE-2025-40075 at NVDCVE-2025-40083 at SUSECVE-2025-40083 at NVDCVE-2025-40098 at SUSECVE-2025-40098 at NVDCVE-2025-40105 at SUSECVE-2025-40105 at NVDCVE-2025-40107 at SUSECVE-2025-40107 at NVDCVE-2025-40109 at SUSECVE-2025-40109 at NVDCVE-2025-40110 at SUSECVE-2025-40110 at NVDCVE-2025-40111 at SUSECVE-2025-40111 at NVDCVE-2025-40115 at SUSECVE-2025-40115 at NVDCVE-2025-40116 at SUSECVE-2025-40116 at NVDCVE-2025-40118 at SUSECVE-2025-40118 at NVDCVE-2025-40120 at SUSECVE-2025-40120 at NVDCVE-2025-40121 at SUSECVE-2025-40121 at NVDCVE-2025-40127 at SUSECVE-2025-40127 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40139 at SUSECVE-2025-40139 at NVDCVE-2025-40140 at SUSECVE-2025-40140 at NVDCVE-2025-40141 at SUSECVE-2025-40141 at NVDCVE-2025-40149 at SUSECVE-2025-40149 at NVDCVE-2025-40154 at SUSECVE-2025-40154 at NVDCVE-2025-40156 at SUSECVE-2025-40156 at NVDCVE-2025-40157 at SUSECVE-2025-40157 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-40164 at SUSECVE-2025-40164 at NVDCVE-2025-40168 at SUSECVE-2025-40168 at NVDCVE-2025-40169 at SUSECVE-2025-40169 at NVDCVE-2025-40171 at SUSECVE-2025-40171 at NVDCVE-2025-40172 at SUSECVE-2025-40172 at NVDCVE-2025-40173 at SUSECVE-2025-40173 at NVDCVE-2025-40176 at SUSECVE-2025-40176 at NVDCVE-2025-40180 at SUSECVE-2025-40180 at NVDCVE-2025-40183 at SUSECVE-2025-40183 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDCVE-2025-40188 at SUSECVE-2025-40188 at NVDCVE-2025-40194 at SUSECVE-2025-40194 at NVDCVE-2025-40198 at SUSECVE-2025-40198 at NVDCVE-2025-40200 at SUSECVE-2025-40200 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDCVE-2025-40205 at SUSECVE-2025-40205 at NVDCVE-2025-40206 at SUSECVE-2025-40206 at NVDCVE-2025-40207 at SUSECVE-2025-40207 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-33.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248670SUSE bug 1250192SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678)
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847)
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019)
ModerateSUSE bug 1233019SUSE bug 1233678SUSE bug 1234847CVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-53042 at SUSECVE-2024-53042 at NVDCVE-2024-53156 at SUSECVE-2024-53156 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1250192SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-24.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2024-57849: s390/cpum_sf: handle CPU hotplug remove during sampling (bsc#1235815).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1235815SUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2024-57849 at SUSECVE-2024-57849 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-29.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248670SUSE bug 1250192SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1250192SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-35.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-22.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678)
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847)
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019)
ModerateSUSE bug 1233019SUSE bug 1233678SUSE bug 1234847CVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-53042 at SUSECVE-2024-53042 at NVDCVE-2024-53156 at SUSECVE-2024-53156 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-24.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-29.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2024-53237: Bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008)
- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431)
- CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (CVE-2024-56600)
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916)
ModerateSUSE bug 1235008SUSE bug 1235218SUSE bug 1235431SUSE bug 1235916CVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-56600 at SUSECVE-2024-56600 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-50253: bpf: make sure skb->len != 0 when redirecting to a tunneling device (bsc#1249912).
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786).
- CVE-2025-21710: tcp: correct handling of extreme memory squeeze (bsc#1237888).
- CVE-2025-37916: pds_core: remove write-after-free of client_id (bsc#1243474).
- CVE-2025-38359: s390/mm: Fix in_atomic() handling in do_secure_storage_access() (bsc#1247076).
- CVE-2025-38361: drm/amd/display: Check dce_hwseq before dereferencing it (bsc#1247079).
- CVE-2025-39788: scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE (bsc#1249547).
- CVE-2025-39805: net: macb: fix unregister_netdev call order in macb_remove() (bsc#1249982).
- CVE-2025-39819: fs/smb: Fix inconsistent refcnt update (bsc#1250176).
- CVE-2025-39859: ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog (bsc#1250252).
- CVE-2025-39944: octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() (bsc#1251120).
- CVE-2025-39980: nexthop: Forbid FDB status change while nexthop is in a group (bsc#1252063).
- CVE-2025-40001: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (bsc#1252303).
- CVE-2025-40021: tracing: dynevent: Add a missing lockdown check on dynevent (bsc#1252681).
- CVE-2025-40027: net/9p: fix double req put in p9_fd_cancelled (bsc#1252763).
- CVE-2025-40030: pinctrl: check the return value of pinmux_ops::get_function_name() (bsc#1252773).
- CVE-2025-40038: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid (bsc#1252817).
- CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780).
- CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862).
- CVE-2025-40055: ocfs2: fix double free in user_cluster_connect() (bsc#1252821).
- CVE-2025-40059: coresight: Fix incorrect handling for return value of devm_kzalloc (bsc#1252809).
- CVE-2025-40064: smc: Fix use-after-free in __pnet_find_base_ndev() (bsc#1252845).
- CVE-2025-40070: pps: fix warning in pps_register_cdev when register device fail (bsc#1252836).
- CVE-2025-40074: ipv4: start using dst_dev_rcu() (bsc#1252794).
- CVE-2025-40075: tcp_metrics: use dst_dev_net_rcu() (bsc#1252795).
- CVE-2025-40083: net/sched: sch_qfq: Fix null-deref in agg_dequeue (bsc#1252912).
- CVE-2025-40098: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (bsc#1252917).
- CVE-2025-40105: vfs: Do not leak disconnected dentries on umount (bsc#1252928).
- CVE-2025-40139: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (bsc#1253409).
- CVE-2025-40149: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (bsc#1253355).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253403).
- CVE-2025-40168: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (bsc#1253427).
- CVE-2025-40169: bpf: Reject negative offsets for ALU ops (bsc#1253416).
- CVE-2025-40173: net/ip6_tunnel: Prevent perpetual tunnel growth (bsc#1253421).
- CVE-2025-40176: tls: wait for pending async decryptions if tls_strp_msg_hold fails (bsc#1253425).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).
- CVE-2025-40206: Add missing bugzilla reference to net fix (bsc#1253393).
The following non-security bugs were fixed:
- ACPI: CPPC: Check _CPC validity for only the online CPUs (git-fixes).
- ACPI: CPPC: Limit perf ctrs in PCC check only to online CPUs (git-fixes).
- ACPI: CPPC: Perform fast check switch only for online CPUs (git-fixes).
- ACPI: PRM: Skip handlers with NULL handler_address or NULL VA (stable-fixes).
- ACPI: SBS: Fix present test in acpi_battery_read() (git-fixes).
- ACPI: property: Return present device nodes only on fwnode interface (stable-fixes).
- ACPI: scan: Add Intel CVS ACPI HIDs to acpi_ignore_dep_ids (stable-fixes).
- ACPICA: Update dsmethod.c to get rid of unused variable warning (stable-fixes).
- ACPICA: dispatcher: Use acpi_ds_clear_operands() in acpi_ds_call_control_method() (stable-fixes).
- ALSA: hda: Fix missing pointer check in hda_component_manager_init function (git-fixes).
- ALSA: serial-generic: remove shared static buffer (stable-fixes).
- ALSA: usb-audio: Add validation of UAC2/UAC3 effect units (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (git-fixes).
- ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (stable-fixes).
- ALSA: usb-audio: add mono main switch to Presonus S1824c (stable-fixes).
- ALSA: usb-audio: apply quirk for MOONDROP Quark2 (stable-fixes).
- ALSA: usb-audio: do not log messages meant for 1810c when initializing 1824c (git-fixes).
- ALSA: usb-audio: fix uac2 clock source at terminal parser (git-fixes).
- ASoC: codecs: va-macro: fix resource leak in probe error path (git-fixes).
- ASoC: cs4271: Fix regulator leak on probe failure (git-fixes).
- ASoC: max98090/91: fixed max98091 ALSA widget powering up/down (stable-fixes).
- ASoC: meson: aiu-encoder-i2s: fix bit clock polarity (stable-fixes).
- ASoC: qcom: sc8280xp: explicitly set S16LE format in sc8280xp_be_hw_params_fixup() (stable-fixes).
- ASoC: stm32: sai: manage context in set_sysclk callback (stable-fixes).
- ASoC: tlv320aic3x: Fix class-D initialization for tlv320aic3007 (stable-fixes).
- Bluetooth: 6lowpan: Do not hold spin lock over sleeping functions (git-fixes).
- Bluetooth: 6lowpan: add missing l2cap_chan_lock() (git-fixes).
- Bluetooth: 6lowpan: fix BDADDR_LE vs ADDR_LE_DEV address type confusion (git-fixes).
- Bluetooth: 6lowpan: reset link-local header on ipv6 recv path (git-fixes).
- Bluetooth: L2CAP: export l2cap_chan_hold for modules (stable-fixes).
- Bluetooth: MGMT: cancel mesh send timer when hdev removed (git-fixes).
- Bluetooth: SCO: Fix UAF on sco_conn_free (stable-fixes).
- Bluetooth: bcsp: receive data only if registered (stable-fixes).
- Bluetooth: btrtl: Fix memory leak in rtlbt_parse_firmware_v2() (git-fixes).
- Bluetooth: btusb: Check for unexpected bytes when defragmenting HCI frames (stable-fixes).
- Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (git-fixes).
- Bluetooth: hci_event: validate skb length for unknown CC opcode (git-fixes).
- Documentation: ACPI: i2c-muxes: fix I2C device references (git-fixes).
- Drivers: hv: vmbus: Add utility function for querying ring size (git-fixes).
- HID: amd_sfh: Stop sensor before starting (git-fixes).
- HID: hid-ntrig: Prevent memory leak in ntrig_report_version() (git-fixes).
- HID: quirks: avoid Cooler Master MM712 dongle wakeup bug (stable-fixes).
- HID: quirks: work around VID/PID conflict for 0x4c4a/0x4155 (git-fixes).
- HID: uclogic: Fix potential memory leak in error path (git-fixes).
- Input: atmel_mxt_ts - allow reset GPIO to sleep (stable-fixes).
- Input: imx_sc_key - fix memory corruption on unload (git-fixes).
- Input: pegasus-notetaker - fix potential out-of-bounds access (git-fixes).
- KVM: Pass new routing entries and irqfd when updating IRTEs (git-fixes).
- KVM: SVM: Delete IRTE link from previous vCPU before setting new IRTE (git-fixes).
- KVM: SVM: Delete IRTE link from previous vCPU irrespective of new routing (git-fixes).
- KVM: SVM: Emulate PERF_CNTR_GLOBAL_STATUS_SET for PerfMonV2 (git-fixes).
- KVM: SVM: Mark VMCB_LBR dirty when MSR_IA32_DEBUGCTLMSR is updated (git-fixes).
- KVM: SVM: Re-load current, not host, TSC_AUX on #VMEXIT from SEV-ES guest (git-fixes).
- KVM: SVM: Track per-vCPU IRTEs using kvm_kernel_irqfd structure (git-fixes).
- KVM: SVM: WARN if an invalid posted interrupt IRTE entry is added (git-fixes).
- KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported (git-fixes).
- KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes) (git-fixes).
- KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes).
- KVM: VMX: Fix check for valid GVA on an EPT violation (git-fixes).
- KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest (git-fixes).
- KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs (git-fixes).
- KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter (git-fixes).
- KVM: x86/mmu: Locally cache whether a PFN is host MMIO when making a SPTE (git-fixes).
- KVM: x86: Add helper to retrieve current value of user return MSR (git-fixes).
- KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap (git-fixes).
- KVM: x86: Do not treat ENTER and LEAVE as branches, because they are not (git-fixes).
- KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag (git-fixes).
- NFS4: Fix state renewals missing after boot (git-fixes).
- NFS: check if suid/sgid was cleared after a write as needed (git-fixes).
- NFSD: Never cache a COMPOUND when the SEQUENCE operation fails (git-fixes).
- NFSD: Skip close replay processing if XDR encoding fails (git-fixes).
- NFSD: free copynotify stateid in nfs4_free_ol_stateid() (git-fixes).
- NFSv4.1: fix mount hang after CREATE_SESSION failure (git-fixes).
- NFSv4: handle ERR_GRACE on delegation recalls (git-fixes).
- PCI/P2PDMA: Fix incorrect pointer usage in devm_kfree() call (stable-fixes).
- PCI/PM: Skip resuming to D0 if device is disconnected (stable-fixes).
- PCI: Disable MSI on RDC PCI to PCIe bridges (stable-fixes).
- PCI: cadence: Check for the existence of cdns_pcie::ops before using it (stable-fixes).
- PCI: dwc: Verify the single eDMA IRQ in dw_pcie_edma_irq_verify() (stable-fixes).
- PCI: j721e: Fix incorrect error message in probe() (git-fixes).
- PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock (git-fixes).
- PCI: tegra194: Reset BARs when running in PCIe endpoint mode (git-fixes).
- RDMA/bnxt_re: Do not fail destroy QP and cleanup debugfs earlier (git-fixes)
- RDMA/bnxt_re: Fix a potential memory leak in destroy_gsi_sqp (git-fixes)
- RDMA/hns: Fix recv CQ and QP cache affinity (git-fixes)
- RDMA/hns: Fix the modification of max_send_sge (git-fixes)
- RDMA/hns: Fix wrong WQE data when QP wraps around (git-fixes)
- RDMA/irdma: Fix SD index calculation (git-fixes)
- RDMA/irdma: Set irdma_cq cq_num field during CQ create (git-fixes)
- accel/habanalabs/gaudi2: fix BMON disable configuration (stable-fixes).
- accel/habanalabs/gaudi2: read preboot status after recovering from dirty state (stable-fixes).
- accel/habanalabs: return ENOMEM if less than requested pages were pinned (stable-fixes).
- accel/habanalabs: support mapping cb with vmalloc-backed coherent memory (stable-fixes).
- acpi,srat: Fix incorrect device handle check for Generic Initiator (git-fixes).
- amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw (stable-fixes).
- block: avoid possible overflow for chunk_sectors check in blk_stack_limits() (git-fixes).
- block: fix kobject double initialization in add_disk (git-fixes).
- btrfs: abort transaction on failure to add link to inode (git-fixes).
- btrfs: avoid page_lockend underflow in btrfs_punch_hole_lock_range() (git-fix).
- btrfs: avoid using fixed char array size for tree names (git-fix).
- btrfs: do not update last_log_commit when logging inode due to a new name (git-fixes).
- btrfs: fix COW handling in run_delalloc_nocow() (git-fix).
- btrfs: fix inode leak on failure to add link to inode (git-fixes).
- btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve (git-fix).
- btrfs: mark dirty extent range for out of bound prealloc extents (git-fixes).
- btrfs: qgroup: correctly model root qgroup rsv in convert (git-fix).
- btrfs: rename err to ret in btrfs_link() (git-fixes).
- btrfs: run btrfs_error_commit_super() early (git-fix).
- btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fix).
- btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fixes).
- btrfs: send: fix duplicated rmdir operations when using extrefs (git-fixes).
- btrfs: set inode flag BTRFS_INODE_COPY_EVERYTHING when logging new name (git-fixes).
- btrfs: simplify error handling logic for btrfs_link() (git-fixes).
- btrfs: tree-checker: add dev extent item checks (git-fix).
- btrfs: tree-checker: add type and sequence check for inline backrefs (git-fix).
- btrfs: tree-checker: fix the wrong output of data backref objectid (git-fix).
- btrfs: tree-checker: reject BTRFS_FT_UNKNOWN dir type (git-fix).
- btrfs: tree-checker: validate dref root and objectid (git-fix).
- btrfs: use smp_mb__after_atomic() when forcing COW in create_pending_snapshot() (git-fixes).
- char: misc: Does not request module for miscdevice with dynamic minor (stable-fixes).
- char: misc: Make misc_register() reentry for miscdevice who wants dynamic minor (stable-fixes).
- char: misc: restrict the dynamic range to exclude reserved minors (stable-fixes).
- cramfs: Verify inode mode when loading from disk (git-fixes).
- crypto: aspeed - fix double free caused by devm (git-fixes).
- crypto: aspeed-acry - Convert to platform remove callback returning void (stable-fixes).
- crypto: hisilicon/qm - Fix device reference leak in qm_get_qos_value (git-fixes).
- crypto: iaa - Do not clobber req->base.data (git-fixes).
- crypto: qat - use kcalloc() in qat_uclo_map_objs_from_mof() (stable-fixes).
- dmaengine: dw-edma: Set status for callback_result (stable-fixes).
- dmaengine: mv_xor: match alloc_wc and free_wc (stable-fixes).
- drm/amd/display: Add AVI infoframe copy in copy_stream_update_to_stream (stable-fixes).
- drm/amd/display: Disable VRR on DCE 6 (stable-fixes).
- drm/amd/display: Fix DVI-D/HDMI adapters (stable-fixes).
- drm/amd/display: Fix NULL deref in debugfs odm_combine_segments (git-fixes).
- drm/amd/display: Fix black screen with HDMI outputs (git-fixes).
- drm/amd/display: Increase AUX Intra-Hop Done Max Wait Duration (stable-fixes).
- drm/amd/display: add more cyan skillfish devices (stable-fixes).
- drm/amd/display: ensure committing streams is seamless (stable-fixes).
- drm/amd/display: update dpp/disp clock from smu clock table (stable-fixes).
- drm/amd/pm: Disable MCLK switching on SI at high pixel clocks (stable-fixes).
- drm/amd/pm: Use cached metrics data on aldebaran (stable-fixes).
- drm/amd/pm: Use cached metrics data on arcturus (stable-fixes).
- drm/amd: Avoid evicting resources at S5 (stable-fixes).
- drm/amd: Fix suspend failure with secure display TA (git-fixes).
- drm/amd: add more cyan skillfish PCI ids (stable-fixes).
- drm/amdgpu/jpeg: Hold pg_lock before jpeg poweroff (stable-fixes).
- drm/amdgpu: Allow kfd CRIU with no buffer objects (stable-fixes).
- drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices (stable-fixes).
- drm/amdgpu: Use memdup_array_user in amdgpu_cs_wait_fences_ioctl (stable-fixes).
- drm/amdgpu: add support for cyan skillfish gpu_info (stable-fixes).
- drm/amdgpu: do not enable SMU on cyan skillfish (stable-fixes).
- drm/amdgpu: reject gang submissions under SRIOV (stable-fixes).
- drm/amdkfd: Handle lack of READ permissions in SVM mapping (stable-fixes).
- drm/amdkfd: Tie UNMAP_LATENCY to queue_preemption (stable-fixes).
- drm/amdkfd: fix vram allocation failure for a special case (stable-fixes).
- drm/amdkfd: return -ENOTTY for unsupported IOCTLs (stable-fixes).
- drm/bridge: cdns-dsi: Do not fail on MIPI_DSI_MODE_VIDEO_BURST (stable-fixes).
- drm/bridge: cdns-dsi: Fix REG_WAKEUP_TIME value (stable-fixes).
- drm/bridge: display-connector: do not set OP_DETECT for DisplayPorts (stable-fixes).
- drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD (git-fixes).
- drm/i915: Fix conversion between clock ticks and nanoseconds (git-fixes).
- drm/msm/dsi/phy: Toggle back buffer resync after preparing PLL (stable-fixes).
- drm/msm/dsi/phy_7nm: Fix missing initial VCO rate (stable-fixes).
- drm/msm: make sure to not queue up recovery more than once (stable-fixes).
- drm/nouveau: replace snprintf() with scnprintf() in nvkm_snprintbf() (stable-fixes).
- drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb (git-fixes).
- drm/tegra: Add call to put_pid() (git-fixes).
- drm/tegra: dc: Fix reference leak in tegra_dc_couple() (git-fixes).
- drm/tidss: Set crtc modesetting parameters with adjusted mode (stable-fixes).
- drm/tidss: Use the crtc_* timings when programming the HW (stable-fixes).
- drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (git-fixes).
- exfat: limit log print for IO error (git-fixes).
- extcon: adc-jack: Cleanup wakeup source only if it was enabled (git-fixes).
- extcon: adc-jack: Fix wakeup source leaks on device unbind (stable-fixes).
- fbcon: Set fb_display[i]->mode to NULL when the mode is released (stable-fixes).
- fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (stable-fixes).
- fbdev: bitblit: bound-check glyph index in bit_putcs* (stable-fixes).
- fbdev: pvr2fb: Fix leftover reference to ONCHIP_NR_DMA_CHANNELS (stable-fixes).
- hwmon: (asus-ec-sensors) increase timeout for locking ACPI mutex (stable-fixes).
- hwmon: (dell-smm) Add support for Dell OptiPlex 7040 (stable-fixes).
- hwmon: (k10temp) Add device ID for Strix Halo (stable-fixes).
- hwmon: (k10temp) Add thermal support for AMD Family 1Ah-based models (stable-fixes).
- hwmon: (sbtsi_temp) AMD CPU extended temperature range support (stable-fixes).
- hwmon: sy7636a: add alias (stable-fixes).
- iio: adc: imx93_adc: load calibrated values even calibration failed (stable-fixes).
- iio: adc: spear_adc: mask SPEAR_ADC_STATUS channel and avg sample before setting register (stable-fixes).
- ima: do not clear IMA_DIGSIG flag when setting or removing non-IMA xattr (stable-fixes).
- iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE (git-fixes).
- isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe() (git-fixes).
- jfs: Verify inode mode when loading from disk (git-fixes).
- jfs: fix uninitialized waitqueue in transaction manager (git-fixes).
- lib/crypto: curve25519-hacl64: Fix older clang KASAN workaround for GCC (git-fixes).
- md/raid1: fix data lost for writemostly rdev (git-fixes).
- md: fix mssing blktrace bio split events (git-fixes).
- media: adv7180: Add missing lock in suspend callback (stable-fixes).
- media: adv7180: Do not write format to device in set_fmt (stable-fixes).
- media: adv7180: Only validate format in querystd (stable-fixes).
- media: amphion: Delete v4l2_fh synchronously in .release() (stable-fixes).
- media: fix uninitialized symbol warnings (stable-fixes).
- media: i2c: Kconfig: Ensure a dependency on HAVE_CLK for VIDEO_CAMERA_SENSOR (stable-fixes).
- media: i2c: og01a1b: Specify monochrome media bus format instead of Bayer (stable-fixes).
- media: imon: make send_packet() more robust (stable-fixes).
- media: ov08x40: Fix the horizontal flip control (stable-fixes).
- media: redrat3: use int type to store negative error codes (stable-fixes).
- media: uvcvideo: Use heuristic to find stream entity (git-fixes).
- memstick: Add timeout to prevent indefinite waiting (stable-fixes).
- mfd: da9063: Split chip variant reading in two bus transactions (stable-fixes).
- mfd: madera: Work around false-positive -Wininitialized warning (stable-fixes).
- mfd: stmpe-i2c: Add missing MODULE_LICENSE (stable-fixes).
- mfd: stmpe: Remove IRQ domain upon removal (stable-fixes).
- minixfs: Verify inode mode when loading from disk (git-fixes).
- mm/mm_init: fix hash table order logging in alloc_large_system_hash() (git-fixes).
- mm/secretmem: fix use-after-free race in fault handler (git-fixes).
- mmc: host: renesas_sdhi: Fix the actual clock (stable-fixes).
- mmc: sdhci-msm: Enable tuning for SDR50 mode for SD card (stable-fixes).
- mmc: sdhci-of-dwcmshc: Change DLL_STRBIN_TAPNUM_DEFAULT to 0x4 (git-fixes).
- mtd: onenand: Pass correct pointer to IRQ handler (git-fixes).
- mtd: rawnand: cadence: fix DMA device NULL pointer dereference (git-fixes).
- mtdchar: fix integer overflow in read/write ioctls (git-fixes).
- net/mana: fix warning in the writer of client oob (git-fixes).
- net/smc: Remove validation of reserved bits in CLC Decline message (bsc#1253779).
- net: nfc: nci: Increase NCI_DATA_TIMEOUT to 3000 ms (stable-fixes).
- net: phy: clear link parameters on admin link down (stable-fixes).
- net: phy: fixed_phy: let fixed_phy_unregister free the phy_device (stable-fixes).
- net: phy: marvell: Fix 88e1510 downshift counter errata (stable-fixes).
- net: tcp: send zero-window ACK when no memory (bsc#1253779).
- net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (git-fixes).
- nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing (git-fixes).
- nfsd: do not defer requests during idmap lookup in v4 compound decode (bsc#1232223).
- nfsd: fix return error codes for nfsd_map_name_to_id (bsc#1232223).
- nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot (git-fixes).
- perf script: add --addr2line option (bsc#1247509).
- phy: cadence: cdns-dphy: Enable lower resolutions in dphy (stable-fixes).
- phy: renesas: r8a779f0-ether-serdes: add new step added to latest datasheet (stable-fixes).
- phy: rockchip: phy-rockchip-inno-csidphy: allow writes to grf register 0 (stable-fixes).
- pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc (git-fixes).
- pinctrl: s32cc: initialize gpio_pin_config::list after kmalloc() (git-fixes).
- pinctrl: single: fix bias pull up/down handling in pin_config_set (stable-fixes).
- platform/x86/intel/speed_select_if: Convert PCIBIOS_* return codes to errnos (git-fixes).
- power: supply: qcom_battmgr: add OOI chemistry (stable-fixes).
- power: supply: qcom_battmgr: handle charging state change notifications (stable-fixes).
- power: supply: sbs-charger: Support multiple devices (stable-fixes).
- regulator: fixed: fix GPIO descriptor leak on register failure (git-fixes).
- rtc: rx8025: fix incorrect register reference (git-fixes).
- s390/mm,fault: simplify kfence fault handling (bsc#1247076).
- scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans (git-fixes).
- scsi: aacraid: Stop using PCI_IRQ_AFFINITY (git-fixes).
- scsi: core: sysfs: Correct sysfs attributes access rights (git-fixes).
- scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() (git-fixes).
- scsi: libfc: Prevent integer overflow in fc_fcp_recv_data() (git-fixes).
- scsi: mpi3mr: Correctly handle ATA device errors (git-fixes).
- scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers (git-fixes).
- scsi: mpt3sas: Correctly handle ATA device errors (git-fixes).
- scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() (git-fixes).
- scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod (git-fixes).
- scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267).
- selftests/bpf: Close fd in error path in drop_on_reuseport (git-fixes).
- selftests/bpf: Close obj in error path in xdp_adjust_tail (git-fixes).
- selftests/bpf: Fix missing ARRAY_SIZE() definition in bench.c (git-fixes).
- selftests/bpf: Fix missing BUILD_BUG_ON() declaration (git-fixes).
- selftests/bpf: Fix missing UINT_MAX definitions in benchmarks (git-fixes).
- selftests/bpf: Fix string read in strncmp benchmark (git-fixes).
- selftests/bpf: Mitigate sockmap_ktls disconnect_after_delete failure (git-fixes).
- selftests/bpf: Use pid_t consistently in test_progs.c (git-fixes).
- selftests/bpf: fix signedness bug in redir_partial() (git-fixes).
- serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 (git-fixes).
- serial: 8250_mtk: Enable baud clock and manage in runtime PM (git-fixes).
- soc/tegra: fuse: Add Tegra114 nvmem cells and fuse lookups (stable-fixes).
- soc: aspeed: socinfo: Add AST27xx silicon IDs (stable-fixes).
- soc: qcom: smem: Fix endian-unaware access of num_entries (stable-fixes).
- spi: Try to get ACPI GPIO IRQ earlier (git-fixes).
- spi: loopback-test: Do not use %pK through printk (stable-fixes).
- spi: rpc-if: Add resume support for RZ/G3E (stable-fixes).
- strparser: Fix signed/unsigned mismatch bug (git-fixes).
- tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork (bsc#1250705).
- thunderbolt: Use is_pciehp instead of is_hotplug_bridge (stable-fixes).
- tools/cpupower: Fix incorrect size in cpuidle_state_disable() (stable-fixes).
- tools/cpupower: fix error return value in cpupower_write_sysfs() (stable-fixes).
- tools/power x86_energy_perf_policy: Enhance HWP enable (stable-fixes).
- tools/power x86_energy_perf_policy: Fix incorrect fopen mode usage (stable-fixes).
- tools/power x86_energy_perf_policy: Prefer driver HWP limits (stable-fixes).
- tools: lib: thermal: do not preserve owner in install (stable-fixes).
- tools: lib: thermal: use pkg-config to locate libnl3 (stable-fixes).
- uio_hv_generic: Query the ringbuffer size for device (git-fixes).
- usb/core/quirks: Add Huawei ME906S to wakeup quirk (git-fixes).
- usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget (stable-fixes).
- usb: gadget: f_fs: Fix epfile null pointer access after ep enable (stable-fixes).
- usb: gadget: f_hid: Fix zero length packet transfer (stable-fixes).
- usb: gadget: f_ncm: Fix MAC assignment NCM ethernet (stable-fixes).
- usb: mon: Increase BUFF_MAX to 64 MiB to support multi-MB URBs (stable-fixes).
- usb: xhci: plat: Facilitate using autosuspend for xhci plat devices (stable-fixes).
- video: backlight: lp855x_bl: Set correct EPROM start for LP8556 (stable-fixes).
- watchdog: s3c2410_wdt: Fix max_timeout being calculated larger (stable-fixes).
- wifi: ath10k: Fix connection after GTK rekeying (stable-fixes).
- wifi: ath11k: zero init info->status in wmi_process_mgmt_tx_comp() (git-fixes).
- wifi: ath12k: Increase DP_REO_CMD_RING_SIZE to 256 (stable-fixes).
- wifi: mac80211: Fix HE capabilities element check (stable-fixes).
- wifi: mac80211: reject address change while connecting (git-fixes).
- wifi: mac80211: skip rate verification for not captured PSDUs (git-fixes).
- wifi: mac80211_hwsim: Limit destroy_on_close radio removal to netgroup (git-fixes).
- wifi: mt76: mt7921: Add 160MHz beamformee capability for mt7922 device (stable-fixes).
- wifi: mt76: mt7996: Temporarily disable EPCS (stable-fixes).
- wifi: mwl8k: inject DSSS Parameter Set element into beacons if missing (git-fixes).
- wifi: rtw88: sdio: use indirect IO for device registers before power-on (stable-fixes).
- wifi: zd1211rw: fix potential memory leak in __zd_usb_enable_rx() (git-fixes).
- x86/CPU/AMD: Add RDSEED fix for Zen5 (git-fixes).
- x86/CPU/AMD: Add additional fixed RDSEED microcode revisions (git-fixes).
- x86/CPU/AMD: Add missing terminator for zen5_rdseed_microcode (git-fixes).
- x86/CPU/AMD: Do the common init on future Zens too (git-fixes).
- x86/amd_nb: Add new PCI IDs for AMD family 0x1a (stable-fixes).
- x86/bugs: Fix reporting of LFENCE retpoline (git-fixes).
- x86/bugs: Report correct retbleed mitigation status (git-fixes).
- x86/vmscape: Add old Intel CPUs to affected list (git-fixes).
- xhci: dbc: Allow users to modify DbC poll interval via sysfs (stable-fixes).
- xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes).
- xhci: dbc: Improve performance by removing delay in transfer event polling (stable-fixes).
- xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event (git-fixes).
- xhci: dbc: poll at different rate depending on data transfer activity (stable-fixes).
ImportantSUSE bug 1232223SUSE bug 1237888SUSE bug 1243474SUSE bug 1245193SUSE bug 1247076SUSE bug 1247079SUSE bug 1247500SUSE bug 1247509SUSE bug 1249547SUSE bug 1249912SUSE bug 1249982SUSE bug 1250176SUSE bug 1250237SUSE bug 1250252SUSE bug 1250705SUSE bug 1251120SUSE bug 1251786SUSE bug 1252063SUSE bug 1252267SUSE bug 1252303SUSE bug 1252353SUSE bug 1252681SUSE bug 1252763SUSE bug 1252773SUSE bug 1252780SUSE bug 1252794SUSE bug 1252795SUSE bug 1252809SUSE bug 1252817SUSE bug 1252821SUSE bug 1252836SUSE bug 1252845SUSE bug 1252862SUSE bug 1252912SUSE bug 1252917SUSE bug 1252928SUSE bug 1253018SUSE bug 1253176SUSE bug 1253275SUSE bug 1253318SUSE bug 1253324SUSE bug 1253349SUSE bug 1253352SUSE bug 1253355SUSE bug 1253360SUSE bug 1253362SUSE bug 1253363SUSE bug 1253367SUSE bug 1253369SUSE bug 1253393SUSE bug 1253395SUSE bug 1253403SUSE bug 1253407SUSE bug 1253409SUSE bug 1253412SUSE bug 1253416SUSE bug 1253421SUSE bug 1253423SUSE bug 1253424SUSE bug 1253425SUSE bug 1253427SUSE bug 1253428SUSE bug 1253431SUSE bug 1253436SUSE bug 1253438SUSE bug 1253440SUSE bug 1253441SUSE bug 1253445SUSE bug 1253448SUSE bug 1253449SUSE bug 1253453SUSE bug 1253456SUSE bug 1253472SUSE bug 1253779CVE-2022-50253 at SUSECVE-2022-50253 at NVDCVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-21710 at SUSECVE-2025-21710 at NVDCVE-2025-37916 at SUSECVE-2025-37916 at NVDCVE-2025-38359 at SUSECVE-2025-38359 at NVDCVE-2025-38361 at SUSECVE-2025-38361 at NVDCVE-2025-39788 at SUSECVE-2025-39788 at NVDCVE-2025-39805 at SUSECVE-2025-39805 at NVDCVE-2025-39819 at SUSECVE-2025-39819 at NVDCVE-2025-39859 at SUSECVE-2025-39859 at NVDCVE-2025-39944 at SUSECVE-2025-39944 at NVDCVE-2025-39980 at SUSECVE-2025-39980 at NVDCVE-2025-40001 at SUSECVE-2025-40001 at NVDCVE-2025-40021 at SUSECVE-2025-40021 at NVDCVE-2025-40027 at SUSECVE-2025-40027 at NVDCVE-2025-40030 at SUSECVE-2025-40030 at NVDCVE-2025-40038 at SUSECVE-2025-40038 at NVDCVE-2025-40040 at SUSECVE-2025-40040 at NVDCVE-2025-40048 at SUSECVE-2025-40048 at NVDCVE-2025-40055 at SUSECVE-2025-40055 at NVDCVE-2025-40059 at SUSECVE-2025-40059 at NVDCVE-2025-40064 at SUSECVE-2025-40064 at NVDCVE-2025-40070 at SUSECVE-2025-40070 at NVDCVE-2025-40074 at SUSECVE-2025-40074 at NVDCVE-2025-40075 at SUSECVE-2025-40075 at NVDCVE-2025-40083 at SUSECVE-2025-40083 at NVDCVE-2025-40098 at SUSECVE-2025-40098 at NVDCVE-2025-40105 at SUSECVE-2025-40105 at NVDCVE-2025-40107 at SUSECVE-2025-40107 at NVDCVE-2025-40109 at SUSECVE-2025-40109 at NVDCVE-2025-40110 at SUSECVE-2025-40110 at NVDCVE-2025-40111 at SUSECVE-2025-40111 at NVDCVE-2025-40115 at SUSECVE-2025-40115 at NVDCVE-2025-40116 at SUSECVE-2025-40116 at NVDCVE-2025-40118 at SUSECVE-2025-40118 at NVDCVE-2025-40120 at SUSECVE-2025-40120 at NVDCVE-2025-40121 at SUSECVE-2025-40121 at NVDCVE-2025-40127 at SUSECVE-2025-40127 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40139 at SUSECVE-2025-40139 at NVDCVE-2025-40140 at SUSECVE-2025-40140 at NVDCVE-2025-40141 at SUSECVE-2025-40141 at NVDCVE-2025-40149 at SUSECVE-2025-40149 at NVDCVE-2025-40154 at SUSECVE-2025-40154 at NVDCVE-2025-40156 at SUSECVE-2025-40156 at NVDCVE-2025-40157 at SUSECVE-2025-40157 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-40164 at SUSECVE-2025-40164 at NVDCVE-2025-40168 at SUSECVE-2025-40168 at NVDCVE-2025-40169 at SUSECVE-2025-40169 at NVDCVE-2025-40171 at SUSECVE-2025-40171 at NVDCVE-2025-40172 at SUSECVE-2025-40172 at NVDCVE-2025-40173 at SUSECVE-2025-40173 at NVDCVE-2025-40176 at SUSECVE-2025-40176 at NVDCVE-2025-40180 at SUSECVE-2025-40180 at NVDCVE-2025-40183 at SUSECVE-2025-40183 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDCVE-2025-40188 at SUSECVE-2025-40188 at NVDCVE-2025-40194 at SUSECVE-2025-40194 at NVDCVE-2025-40198 at SUSECVE-2025-40198 at NVDCVE-2025-40200 at SUSECVE-2025-40200 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDCVE-2025-40205 at SUSECVE-2025-40205 at NVDCVE-2025-40206 at SUSECVE-2025-40206 at NVDCVE-2025-40207 at SUSECVE-2025-40207 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-33.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1253439SUSE bug 1253473CVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916)
ModerateSUSE bug 1235916CVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-24.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-29.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1253439SUSE bug 1253473CVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-35.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1253439SUSE bug 1253473CVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1253439SUSE bug 1253473CVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678)
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847)
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019)
ModerateSUSE bug 1233019SUSE bug 1233678SUSE bug 1234847CVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-53042 at SUSECVE-2024-53042 at NVDCVE-2024-53156 at SUSECVE-2024-53156 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim (bsc#1256280).
- CVE-2025-38321: smb: Log an error when close_all_cached_dirs fails (bsc#1246328).
- CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256).
- CVE-2025-39880: libceph: fix invalid accesses to ceph_connection_v1_info (bsc#1250388).
- CVE-2025-39890: wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (bsc#1250334).
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046).
- CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342).
- CVE-2025-40024: vhost: Take a reference on the task in struct vhost_task (bsc#1252686).
- CVE-2025-40033: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (bsc#1252824).
- CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861).
- CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808).
- CVE-2025-40081: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (bsc#1252776).
- CVE-2025-40102: KVM: arm64: Prevent access to vCPU events before init (bsc#1252919).
- CVE-2025-40123: bpf: Enforce expected_attach_type for tailcall compatibility (bsc#1253365).
- CVE-2025-40134: dm: fix NULL pointer dereference in __dm_suspend() (bsc#1253386).
- CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342).
- CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408).
- CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402).
- CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400).
- CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458).
- CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413).
- CVE-2025-40178: pid: Add a judgment for ns null in pid_nr_ns (bsc#1253463).
- CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442).
- CVE-2025-40187: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (bsc#1253647).
- CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623).
- CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959).
- CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520).
- CVE-2025-40231: vsock: fix lock inversion in vsock_assign_transport() (bsc#1254815).
- CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
- CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871).
- CVE-2025-40240: sctp: avoid NULL dereference when chunk data buffer is missing (bsc#1254869).
- CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075).
- CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864).
- CVE-2025-40250: net/mlx5: Clean up only new IRQ glue on request_irq() failure (bsc#1254854).
- CVE-2025-40251: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (bsc#1254856).
- CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (bsc#1254849).
- CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852).
- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843).
- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
- CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).
- CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).
- CVE-2025-40268: cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082).
- CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297).
- CVE-2025-40274: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (bsc#1254830).
- CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825).
- CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846).
- CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847).
- CVE-2025-40287: exfat: fix improper check of dentry.stream.valid_size (bsc#1255030).
- CVE-2025-40289: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM (bsc#1255042).
- CVE-2025-40292: virtio-net: fix received length check in big packets (bsc#1255175).
- CVE-2025-40293: iommufd: Don't overflow during division for dirty tracking (bsc#1255179).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255187).
- CVE-2025-40307: exfat: validate cluster allocation bits of the allocation bitmap (bsc#1255039).
- CVE-2025-40319: bpf: Sync pending IRQ work before freeing ring buffer (bsc#1254794).
- CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624).
- CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615).
- CVE-2025-40337: net: stmmac: Correctly handle Rx checksum offload errors (bsc#1255081).
- CVE-2025-40338: ASoC: Intel: avs: Do not share the name pointer between components (bsc#1255273).
- CVE-2025-40339: drm/amdgpu: fix nullptr err of vm_handle_moved (bsc#1255428).
- CVE-2025-40346: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (bsc#1255318).
- CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260).
- CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261).
- CVE-2025-40360: drm/sysfb: Do not dereference NULL pointer in plane reset (bsc#1255095).
- CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
- CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255).
- CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).
- CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).
- CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).
- CVE-2025-68190: drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked() (bsc#1255131).
- CVE-2025-68200: bpf: Add bpf_prog_run_data_pointers() (bsc#1255241).
- CVE-2025-68201: drm/amdgpu: remove two invalid BUG_ON()s (bsc#1255136).
- CVE-2025-68204: pmdomain: arm: scmi: Fix genpd leak on provider registration failure (bsc#1255224).
- CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142).
- CVE-2025-68208: bpf: account for current allocated stack depth in widen_imprecise_scalars() (bsc#1255227).
- CVE-2025-68209: mlx5: Fix default values in create CQ (bsc#1255230).
- CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).
- CVE-2025-68230: drm/amdgpu: fix gpu page fault after hibernation on PF passthrough (bsc#1255134).
- CVE-2025-68239: binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272).
- CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).
- CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
- CVE-2025-68255: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing (bsc#1255395).
- CVE-2025-68259: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (bsc#1255199).
- CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).
- CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).
- CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
- CVE-2025-68297: ceph: fix crash in process_v2_sparse_read() for encrypted directories (bsc#1255403).
- CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120).
- CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).
- CVE-2025-68325: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (bsc#1255417).
- CVE-2025-68327: usb: renesas_usbhs: Fix synchronous external abort on unbind (bsc#1255488).
- CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482).
- CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507).
- CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (bsc#1255544).
- CVE-2025-68363: bpf: Check skb->transport_header is set in bpf_skb_check_mtu (bsc#1255552).
- CVE-2025-68365: fs/ntfs3: Initialize allocated memory before use (bsc#1255548).
- CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).
- CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).
- CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
- CVE-2025-68378: bpf: Refactor stack map trace depth calculation into helper function (bsc#1255614).
- CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
- CVE-2025-68727: ntfs3: Fix uninit buffer allocated by __getname() (bsc#1255568).
- CVE-2025-68728: ntfs3: fix uninit memory after failed mi_read in mi_format_new (bsc#1255539).
- CVE-2025-68733: smack: fix bug: unprivileged task can create labels (bsc#1255615).
- CVE-2025-68742: bpf: Improve program stats run-time calculation (bsc#1255707).
- CVE-2025-68744: bpf: Free special fields when update [lru_,]percpu_hash maps (bsc#1255709).
- CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).
- CVE-2025-68768: inet: frags: add inet_frag_queue_flush() (bsc#1256579).
- CVE-2025-68770: bnxt_en: Fix XDP_TX path (bsc#1256584).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).
- CVE-2025-68776: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (bsc#1256659).
- CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
- CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
- CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).
- CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (bsc#1256646).
- CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).
- CVE-2025-68803: nfsd: set security label during create operations (bsc#1256770).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-68814: io_uring: fix filename leak in __io_openat_prep() (bsc#1256651).
- CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict (bsc#1256680).
- CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
- CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754).
- CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645).
- CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).
- CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).
- CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed() (bsc#1256773).
- CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).
- CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).
- CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).
- CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606).
- CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects (bsc#1256607).
- CVE-2025-71098: ip6_gre: make ip6gre_header() robust (bsc#1256591).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2025-71123: ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757).
- CVE-2025-71133: RDMA/irdma: avoid invalid read in irdma_net_event (bsc#1256733).
- CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (bsc#1256761).
- CVE-2025-71137: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" (bsc#1256760).
- CVE-2025-71149: io_uring/poll: correctly handle io_poll_add() return value on update (bsc#1257164).
- CVE-2026-22976: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (bsc#1257035).
- CVE-2026-22977: net: sock: fix hardened usercopy panic in sock_recv_errqueue (bsc#1257053).
- CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handle_auth_done() (bsc#1257217).
- CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221).
- CVE-2026-22991: libceph: make free_choose_arg_map() resilient to partial allocation (bsc#1257220).
- CVE-2026-22992: libceph: return the handler error from mon_handle_auth_done() (bsc#1257218).
- CVE-2026-22993: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (bsc#1257180).
- CVE-2026-22996: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv.
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).
- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).
- CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).
- CVE-2026-23010: ipv6: Fix use-after-free in inet6_addr_del() (bsc#1257332).
- CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).
The following non security issues were fixed:
- ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).
- Disable CONFIG_CPU5_WDT The cpu5wdt driver doesn't implement a
proper watchdog interface and has many code issues. It only handles
obscure and obsolete hardware. Stop building and supporting this driver
(jsc#PED-14062).
- Update config files (jsc#PED-12554 jsc#PED-6996
bsc#1243677 ltc#213602 bsc#1243678 ltc#213596)
CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y
CONFIG_INTEGRITY_CA_MACHINE_KEYRING_MAX=y
- Update config files: disable CONFIG_DEVPORT for arm64 (bsc#1256792)
- bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).
- bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).
- cifs: Fix copy offload to flush destination region (bsc#1252511).
- cifs: Fix flushing, invalidation and file size with copy_file_range() (bsc#1252511).
- cifs: Fix uncached read into ITER_KVEC iterator (bsc#1245449).
- cifs: make cifs_chan_update_iface() a void function (git-fixes).
- cifs: update dstaddr whenever channel iface is updated (git-fixes).
- cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026).
- dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386)
- drm/amdgpu: update mappings not managed by KFD (bsc#1255428)
- ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378).
- ext4: wait for ongoing I/O to complete before freeing blocks (bsc#1256366).
- fs: dlm: allow to F_SETLKW getting interrupted (bsc#1255025).
- ice: use netif_get_num_default_rss_queues() (bsc#1247712).
- media: atomisp: Prefix firmware paths with "intel/ipu/" (bsc#1252973).
- media: atomisp: Remove firmware_name module parameter (bsc#1252973).
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1254447 bsc#1253087).
- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
- net: tcp: allow zero-window ACK update the window (bsc#1254767).
- net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes).
- powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).
- powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event
handling (bsc#1253262 ltc#216029).
- powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285
bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493
bsc#1254244 ltc#216496).
- sched: Increase sched_tick_remote timeout (bsc#1254510).
- scsi: lpfc: Add capability to register Platform Name ID to fabric (bsc#1254119).
- scsi: lpfc: Allow support for BB credit recovery in point-to-point topology (bsc#1254119).
- scsi: lpfc: Ensure unregistration of rpis for received PLOGIs (bsc#1254119).
- scsi: lpfc: Fix leaked ndlp krefs when in point-to-point topology (bsc#1254119).
- scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (bsc#1254119).
- scsi: lpfc: Modify kref handling for Fabric Controller ndlps (bsc#1254119).
- scsi: lpfc: Remove redundant NULL ptr assignment in lpfc_els_free_iocb() (bsc#1254119).
- scsi: lpfc: Revise discovery related function headers and comments (bsc#1254119).
- scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256861).
- scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119).
- scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256861).
- scsi: lpfc: Update various NPIV diagnostic log messaging (bsc#1254119).
- scsi: qla2xxx: Add Speed in SFP print information (bsc#1256863).
- scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256863).
- scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256863).
- scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256863).
- scsi: qla2xxx: Allow recovery for tape devices (bsc#1256863).
- scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256863).
- scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256863).
- scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256863).
- scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256863).
- scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256863).
- scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256863).
- scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256863).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748,bsc#1257154).
- smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes).
- smb: improve directory cache reuse for readdir operations (bsc#1252712).
- soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes).
- spi: tegra210-quad: Check hardware status on timeout (bsc#1253155)
- spi: tegra210-quad: Fix timeout handling (bsc#1253155)
- spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155)
- spi: tegra210-quad: Update dummy sequence configuration (git-fixes)
- supported.conf: Mark lan 743x supported (jsc#PED-14571)
- tracing: Fix access to trace_event_file (bsc#1254373).
- wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes).
- x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).
- x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528).
- x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528).
- x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528).
- x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528).
- x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any
unreleased standalone Zen5 microcode patches (bsc#1256528).
- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528).
- x86/microcode/AMD: Fix __apply_microcode_amd()'s return value (bsc#1256528).
- x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528).
- x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528).
- x86/microcode/AMD: Select which microcode patch to load (bsc#1256528).
- x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528).
- x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1194869SUSE bug 1205462SUSE bug 1214285SUSE bug 1214635SUSE bug 1214847SUSE bug 1215146SUSE bug 1215199SUSE bug 1215211SUSE bug 1215344SUSE bug 1216062SUSE bug 1216436SUSE bug 1219165SUSE bug 1220419SUSE bug 1223731SUSE bug 1223800SUSE bug 1228490SUSE bug 1233563SUSE bug 1234163SUSE bug 1234842SUSE bug 1241437SUSE bug 1242909SUSE bug 1243677SUSE bug 1243678SUSE bug 1245193SUSE bug 1245449SUSE bug 1246184SUSE bug 1246328SUSE bug 1246447SUSE bug 1247030SUSE bug 1247500SUSE bug 1247712SUSE bug 1248211SUSE bug 1248886SUSE bug 1249256SUSE bug 1249307SUSE bug 1250032SUSE bug 1250082SUSE bug 1250334SUSE bug 1250388SUSE bug 1250705SUSE bug 1250748SUSE bug 1252046SUSE bug 1252342SUSE bug 1252511SUSE bug 1252686SUSE bug 1252712SUSE bug 1252776SUSE bug 1252808SUSE bug 1252824SUSE bug 1252861SUSE bug 1252891SUSE bug 1252900SUSE bug 1252919SUSE bug 1252973SUSE bug 1253087SUSE bug 1253155SUSE bug 1253262SUSE bug 1253342SUSE bug 1253365SUSE bug 1253386SUSE bug 1253400SUSE bug 1253402SUSE bug 1253408SUSE bug 1253413SUSE bug 1253442SUSE bug 1253451SUSE bug 1253458SUSE bug 1253463SUSE bug 1253623SUSE bug 1253647SUSE bug 1253739SUSE bug 1254119SUSE bug 1254126SUSE bug 1254244SUSE bug 1254373SUSE bug 1254378SUSE bug 1254447SUSE bug 1254465SUSE bug 1254510SUSE bug 1254518SUSE bug 1254520SUSE bug 1254599SUSE bug 1254606SUSE bug 1254611SUSE bug 1254613SUSE bug 1254615SUSE bug 1254621SUSE bug 1254623SUSE bug 1254624SUSE bug 1254626SUSE bug 1254648SUSE bug 1254649SUSE bug 1254653SUSE bug 1254655SUSE bug 1254657SUSE bug 1254660SUSE bug 1254661SUSE bug 1254663SUSE bug 1254669SUSE bug 1254677SUSE bug 1254678SUSE bug 1254688SUSE bug 1254690SUSE bug 1254691SUSE bug 1254693SUSE bug 1254695SUSE bug 1254698SUSE bug 1254701SUSE bug 1254704SUSE bug 1254705SUSE bug 1254707SUSE bug 1254712SUSE bug 1254715SUSE bug 1254717SUSE bug 1254723SUSE bug 1254724SUSE bug 1254732SUSE bug 1254733SUSE bug 1254737SUSE bug 1254739SUSE bug 1254742SUSE bug 1254743SUSE bug 1254749SUSE bug 1254750SUSE bug 1254753SUSE bug 1254754SUSE bug 1254758SUSE bug 1254761SUSE bug 1254762SUSE bug 1254765SUSE bug 1254767SUSE bug 1254782SUSE bug 1254791SUSE bug 1254793SUSE bug 1254794SUSE bug 1254795SUSE bug 1254796SUSE bug 1254797SUSE bug 1254798SUSE bug 1254813SUSE bug 1254815SUSE bug 1254825SUSE bug 1254828SUSE bug 1254829SUSE bug 1254830SUSE bug 1254832SUSE bug 1254835SUSE bug 1254839SUSE bug 1254840SUSE bug 1254842SUSE bug 1254843SUSE bug 1254845SUSE bug 1254846SUSE bug 1254847SUSE bug 1254849SUSE bug 1254850SUSE bug 1254851SUSE bug 1254852SUSE bug 1254854SUSE bug 1254856SUSE bug 1254858SUSE bug 1254860SUSE bug 1254864SUSE bug 1254869SUSE bug 1254871SUSE bug 1254894SUSE bug 1254918SUSE bug 1254957SUSE bug 1254959SUSE bug 1254983SUSE bug 1255005SUSE bug 1255009SUSE bug 1255025SUSE bug 1255026SUSE bug 1255030SUSE bug 1255033SUSE bug 1255034SUSE bug 1255035SUSE bug 1255039SUSE bug 1255041SUSE bug 1255042SUSE bug 1255046SUSE bug 1255057SUSE bug 1255062SUSE bug 1255064SUSE bug 1255065SUSE bug 1255068SUSE bug 1255072SUSE bug 1255075SUSE bug 1255077SUSE bug 1255081SUSE bug 1255082SUSE bug 1255083SUSE bug 1255092SUSE bug 1255094SUSE bug 1255095SUSE bug 1255100SUSE bug 1255102SUSE bug 1255120SUSE bug 1255122SUSE bug 1255128SUSE bug 1255131SUSE bug 1255134SUSE bug 1255135SUSE bug 1255136SUSE bug 1255138SUSE bug 1255140SUSE bug 1255142SUSE bug 1255146SUSE bug 1255149SUSE bug 1255152SUSE bug 1255154SUSE bug 1255155SUSE bug 1255157SUSE bug 1255163SUSE bug 1255164SUSE bug 1255167SUSE bug 1255169SUSE bug 1255171SUSE bug 1255172SUSE bug 1255175SUSE bug 1255179SUSE bug 1255182SUSE bug 1255187SUSE bug 1255190SUSE bug 1255193SUSE bug 1255197SUSE bug 1255199SUSE bug 1255202SUSE bug 1255203SUSE bug 1255206SUSE bug 1255209SUSE bug 1255216SUSE bug 1255218SUSE bug 1255221SUSE bug 1255224SUSE bug 1255227SUSE bug 1255230SUSE bug 1255233SUSE bug 1255241SUSE bug 1255245SUSE bug 1255246SUSE bug 1255251SUSE bug 1255252SUSE bug 1255253SUSE bug 1255255SUSE bug 1255259SUSE bug 1255260SUSE bug 1255261SUSE bug 1255262SUSE bug 1255266SUSE bug 1255268SUSE bug 1255269SUSE bug 1255272SUSE bug 1255273SUSE bug 1255274SUSE bug 1255276SUSE bug 1255279SUSE bug 1255280SUSE bug 1255281SUSE bug 1255297SUSE bug 1255318SUSE bug 1255325SUSE bug 1255327SUSE bug 1255329SUSE bug 1255351SUSE bug 1255377SUSE bug 1255380SUSE bug 1255395SUSE bug 1255401SUSE bug 1255403SUSE bug 1255415SUSE bug 1255417SUSE bug 1255428SUSE bug 1255480SUSE bug 1255482SUSE bug 1255483SUSE bug 1255488SUSE bug 1255489SUSE bug 1255493SUSE bug 1255495SUSE bug 1255505SUSE bug 1255507SUSE bug 1255537SUSE bug 1255538SUSE bug 1255539SUSE bug 1255540SUSE bug 1255544SUSE bug 1255545SUSE bug 1255547SUSE bug 1255548SUSE bug 1255549SUSE bug 1255550SUSE bug 1255552SUSE bug 1255553SUSE bug 1255557SUSE bug 1255558SUSE bug 1255563SUSE bug 1255564SUSE bug 1255567SUSE bug 1255568SUSE bug 1255569SUSE bug 1255570SUSE bug 1255578SUSE bug 1255579SUSE bug 1255580SUSE bug 1255583SUSE bug 1255591SUSE bug 1255601SUSE bug 1255603SUSE bug 1255605SUSE bug 1255611SUSE bug 1255614SUSE bug 1255615SUSE bug 1255616SUSE bug 1255617SUSE bug 1255618SUSE bug 1255621SUSE bug 1255622SUSE bug 1255628SUSE bug 1255629SUSE bug 1255630SUSE bug 1255632SUSE bug 1255636SUSE bug 1255688SUSE bug 1255691SUSE bug 1255695SUSE bug 1255702SUSE bug 1255704SUSE bug 1255706SUSE bug 1255707SUSE bug 1255709SUSE bug 1255722SUSE bug 1255758SUSE bug 1255759SUSE bug 1255760SUSE bug 1255763SUSE bug 1255769SUSE bug 1255770SUSE bug 1255772SUSE bug 1255774SUSE bug 1255775SUSE bug 1255776SUSE bug 1255780SUSE bug 1255785SUSE bug 1255786SUSE bug 1255789SUSE bug 1255790SUSE bug 1255792SUSE bug 1255793SUSE bug 1255795SUSE bug 1255798SUSE bug 1255800SUSE bug 1255801SUSE bug 1255806SUSE bug 1255807SUSE bug 1255809SUSE bug 1255810SUSE bug 1255812SUSE bug 1255814SUSE bug 1255820SUSE bug 1255838SUSE bug 1255842SUSE bug 1255843SUSE bug 1255872SUSE bug 1255875SUSE bug 1255879SUSE bug 1255883SUSE bug 1255884SUSE bug 1255886SUSE bug 1255888SUSE bug 1255890SUSE bug 1255891SUSE bug 1255892SUSE bug 1255899SUSE bug 1255902SUSE bug 1255907SUSE bug 1255911SUSE bug 1255915SUSE bug 1255918SUSE bug 1255921SUSE bug 1255924SUSE bug 1255925SUSE bug 1255930SUSE bug 1255931SUSE bug 1255932SUSE bug 1255934SUSE bug 1255943SUSE bug 1255944SUSE bug 1255949SUSE bug 1255951SUSE bug 1255952SUSE bug 1255955SUSE bug 1255957SUSE bug 1255961SUSE bug 1255963SUSE bug 1255964SUSE bug 1255967SUSE bug 1255974SUSE bug 1255978SUSE bug 1255984SUSE bug 1255988SUSE bug 1255990SUSE bug 1255992SUSE bug 1255993SUSE bug 1255994SUSE bug 1255996SUSE bug 1256033SUSE bug 1256034SUSE bug 1256045SUSE bug 1256050SUSE bug 1256058SUSE bug 1256071SUSE bug 1256074SUSE bug 1256081SUSE bug 1256082SUSE bug 1256083SUSE bug 1256084SUSE bug 1256085SUSE bug 1256090SUSE bug 1256093SUSE bug 1256094SUSE bug 1256095SUSE bug 1256096SUSE bug 1256099SUSE bug 1256100SUSE bug 1256104SUSE bug 1256106SUSE bug 1256107SUSE bug 1256117SUSE bug 1256119SUSE bug 1256121SUSE bug 1256145SUSE bug 1256153SUSE bug 1256178SUSE bug 1256197SUSE bug 1256231SUSE bug 1256233SUSE bug 1256234SUSE bug 1256238SUSE bug 1256263SUSE bug 1256267SUSE bug 1256268SUSE bug 1256271SUSE bug 1256273SUSE bug 1256274SUSE bug 1256279SUSE bug 1256280SUSE bug 1256285SUSE bug 1256291SUSE bug 1256292SUSE bug 1256300SUSE bug 1256301SUSE bug 1256302SUSE bug 1256335SUSE bug 1256348SUSE bug 1256351SUSE bug 1256354SUSE bug 1256358SUSE bug 1256361SUSE bug 1256364SUSE bug 1256366SUSE bug 1256367SUSE bug 1256368SUSE bug 1256369SUSE bug 1256370SUSE bug 1256371SUSE bug 1256373SUSE bug 1256375SUSE bug 1256379SUSE bug 1256387SUSE bug 1256394SUSE bug 1256395SUSE bug 1256396SUSE bug 1256528SUSE bug 1256579SUSE bug 1256582SUSE bug 1256584SUSE bug 1256586SUSE bug 1256591SUSE bug 1256593SUSE bug 1256597SUSE bug 1256605SUSE bug 1256606SUSE bug 1256607SUSE bug 1256609SUSE bug 1256610SUSE bug 1256611SUSE bug 1256612SUSE bug 1256613SUSE bug 1256616SUSE bug 1256617SUSE bug 1256619SUSE bug 1256622SUSE bug 1256623SUSE bug 1256625SUSE bug 1256628SUSE bug 1256630SUSE bug 1256638SUSE bug 1256641SUSE bug 1256645SUSE bug 1256646SUSE bug 1256650SUSE bug 1256651SUSE bug 1256653SUSE bug 1256654SUSE bug 1256655SUSE bug 1256659SUSE bug 1256660SUSE bug 1256664SUSE bug 1256665SUSE bug 1256674SUSE bug 1256680SUSE bug 1256682SUSE bug 1256688SUSE bug 1256689SUSE bug 1256726SUSE bug 1256728SUSE bug 1256730SUSE bug 1256733SUSE bug 1256737SUSE bug 1256741SUSE bug 1256742SUSE bug 1256744SUSE bug 1256752SUSE bug 1256754SUSE bug 1256757SUSE bug 1256759SUSE bug 1256760SUSE bug 1256761SUSE bug 1256763SUSE bug 1256770SUSE bug 1256773SUSE bug 1256774SUSE bug 1256777SUSE bug 1256779SUSE bug 1256781SUSE bug 1256785SUSE bug 1256792SUSE bug 1256861SUSE bug 1256863SUSE bug 1257035SUSE bug 1257053SUSE bug 1257154SUSE bug 1257155SUSE bug 1257158SUSE bug 1257163SUSE bug 1257164SUSE bug 1257180SUSE bug 1257202SUSE bug 1257204SUSE bug 1257207SUSE bug 1257208SUSE bug 1257215SUSE bug 1257217SUSE bug 1257218SUSE bug 1257220SUSE bug 1257221SUSE bug 1257227SUSE bug 1257232SUSE bug 1257234SUSE bug 1257236SUSE bug 1257245SUSE bug 1257277SUSE bug 1257282SUSE bug 1257296SUSE bug 1257332SUSE bug 1257473SUSE bug 1257603CVE-2023-42752 at SUSECVE-2023-42752 at NVDCVE-2023-53714 at SUSECVE-2023-53714 at NVDCVE-2023-53743 at SUSECVE-2023-53743 at NVDCVE-2023-53750 at SUSECVE-2023-53750 at NVDCVE-2023-53752 at SUSECVE-2023-53752 at NVDCVE-2023-53759 at SUSECVE-2023-53759 at NVDCVE-2023-53762 at SUSECVE-2023-53762 at NVDCVE-2023-53766 at SUSECVE-2023-53766 at NVDCVE-2023-53768 at SUSECVE-2023-53768 at NVDCVE-2023-53777 at SUSECVE-2023-53777 at NVDCVE-2023-53778 at SUSECVE-2023-53778 at NVDCVE-2023-53782 at SUSECVE-2023-53782 at NVDCVE-2023-53784 at SUSECVE-2023-53784 at NVDCVE-2023-53785 at SUSECVE-2023-53785 at NVDCVE-2023-53787 at SUSECVE-2023-53787 at NVDCVE-2023-53791 at SUSECVE-2023-53791 at NVDCVE-2023-53792 at SUSECVE-2023-53792 at NVDCVE-2023-53793 at SUSECVE-2023-53793 at NVDCVE-2023-53794 at SUSECVE-2023-53794 at NVDCVE-2023-53795 at SUSECVE-2023-53795 at NVDCVE-2023-53797 at SUSECVE-2023-53797 at NVDCVE-2023-53799 at SUSECVE-2023-53799 at NVDCVE-2023-53807 at SUSECVE-2023-53807 at NVDCVE-2023-53808 at SUSECVE-2023-53808 at NVDCVE-2023-53813 at SUSECVE-2023-53813 at NVDCVE-2023-53815 at SUSECVE-2023-53815 at NVDCVE-2023-53819 at SUSECVE-2023-53819 at NVDCVE-2023-53821 at SUSECVE-2023-53821 at NVDCVE-2023-53823 at SUSECVE-2023-53823 at NVDCVE-2023-53825 at SUSECVE-2023-53825 at NVDCVE-2023-53828 at SUSECVE-2023-53828 at NVDCVE-2023-53831 at SUSECVE-2023-53831 at NVDCVE-2023-53834 at SUSECVE-2023-53834 at NVDCVE-2023-53836 at SUSECVE-2023-53836 at NVDCVE-2023-53839 at SUSECVE-2023-53839 at NVDCVE-2023-53841 at SUSECVE-2023-53841 at NVDCVE-2023-53842 at SUSECVE-2023-53842 at NVDCVE-2023-53843 at SUSECVE-2023-53843 at NVDCVE-2023-53844 at SUSECVE-2023-53844 at NVDCVE-2023-53846 at SUSECVE-2023-53846 at NVDCVE-2023-53847 at SUSECVE-2023-53847 at NVDCVE-2023-53848 at SUSECVE-2023-53848 at NVDCVE-2023-53850 at SUSECVE-2023-53850 at NVDCVE-2023-53851 at SUSECVE-2023-53851 at NVDCVE-2023-53852 at SUSECVE-2023-53852 at NVDCVE-2023-53855 at SUSECVE-2023-53855 at NVDCVE-2023-53856 at SUSECVE-2023-53856 at NVDCVE-2023-53857 at SUSECVE-2023-53857 at NVDCVE-2023-53858 at SUSECVE-2023-53858 at NVDCVE-2023-53860 at SUSECVE-2023-53860 at NVDCVE-2023-53861 at SUSECVE-2023-53861 at NVDCVE-2023-53863 at SUSECVE-2023-53863 at NVDCVE-2023-53864 at SUSECVE-2023-53864 at NVDCVE-2023-53865 at SUSECVE-2023-53865 at NVDCVE-2023-53989 at SUSECVE-2023-53989 at NVDCVE-2023-53992 at SUSECVE-2023-53992 at NVDCVE-2023-53994 at SUSECVE-2023-53994 at NVDCVE-2023-53995 at SUSECVE-2023-53995 at NVDCVE-2023-53996 at SUSECVE-2023-53996 at NVDCVE-2023-53997 at SUSECVE-2023-53997 at NVDCVE-2023-53998 at SUSECVE-2023-53998 at NVDCVE-2023-53999 at SUSECVE-2023-53999 at NVDCVE-2023-54000 at SUSECVE-2023-54000 at NVDCVE-2023-54001 at SUSECVE-2023-54001 at NVDCVE-2023-54005 at SUSECVE-2023-54005 at NVDCVE-2023-54006 at SUSECVE-2023-54006 at NVDCVE-2023-54008 at SUSECVE-2023-54008 at NVDCVE-2023-54013 at SUSECVE-2023-54013 at NVDCVE-2023-54014 at SUSECVE-2023-54014 at NVDCVE-2023-54016 at SUSECVE-2023-54016 at NVDCVE-2023-54017 at SUSECVE-2023-54017 at NVDCVE-2023-54019 at SUSECVE-2023-54019 at NVDCVE-2023-54022 at SUSECVE-2023-54022 at NVDCVE-2023-54023 at SUSECVE-2023-54023 at NVDCVE-2023-54025 at SUSECVE-2023-54025 at NVDCVE-2023-54026 at SUSECVE-2023-54026 at NVDCVE-2023-54027 at SUSECVE-2023-54027 at NVDCVE-2023-54030 at SUSECVE-2023-54030 at NVDCVE-2023-54031 at SUSECVE-2023-54031 at NVDCVE-2023-54032 at SUSECVE-2023-54032 at NVDCVE-2023-54035 at SUSECVE-2023-54035 at NVDCVE-2023-54037 at SUSECVE-2023-54037 at NVDCVE-2023-54038 at SUSECVE-2023-54038 at NVDCVE-2023-54042 at SUSECVE-2023-54042 at NVDCVE-2023-54045 at SUSECVE-2023-54045 at NVDCVE-2023-54048 at SUSECVE-2023-54048 at NVDCVE-2023-54049 at SUSECVE-2023-54049 at NVDCVE-2023-54051 at SUSECVE-2023-54051 at NVDCVE-2023-54052 at SUSECVE-2023-54052 at NVDCVE-2023-54060 at SUSECVE-2023-54060 at NVDCVE-2023-54064 at SUSECVE-2023-54064 at NVDCVE-2023-54066 at SUSECVE-2023-54066 at NVDCVE-2023-54067 at SUSECVE-2023-54067 at NVDCVE-2023-54069 at SUSECVE-2023-54069 at NVDCVE-2023-54070 at SUSECVE-2023-54070 at NVDCVE-2023-54072 at SUSECVE-2023-54072 at NVDCVE-2023-54076 at SUSECVE-2023-54076 at NVDCVE-2023-54080 at SUSECVE-2023-54080 at NVDCVE-2023-54081 at SUSECVE-2023-54081 at NVDCVE-2023-54083 at SUSECVE-2023-54083 at NVDCVE-2023-54088 at SUSECVE-2023-54088 at NVDCVE-2023-54089 at SUSECVE-2023-54089 at NVDCVE-2023-54091 at SUSECVE-2023-54091 at NVDCVE-2023-54092 at SUSECVE-2023-54092 at NVDCVE-2023-54093 at SUSECVE-2023-54093 at NVDCVE-2023-54094 at SUSECVE-2023-54094 at NVDCVE-2023-54095 at SUSECVE-2023-54095 at NVDCVE-2023-54096 at SUSECVE-2023-54096 at NVDCVE-2023-54099 at SUSECVE-2023-54099 at NVDCVE-2023-54101 at SUSECVE-2023-54101 at NVDCVE-2023-54104 at SUSECVE-2023-54104 at NVDCVE-2023-54106 at SUSECVE-2023-54106 at NVDCVE-2023-54112 at SUSECVE-2023-54112 at NVDCVE-2023-54113 at SUSECVE-2023-54113 at NVDCVE-2023-54115 at SUSECVE-2023-54115 at NVDCVE-2023-54117 at SUSECVE-2023-54117 at NVDCVE-2023-54121 at SUSECVE-2023-54121 at NVDCVE-2023-54125 at SUSECVE-2023-54125 at NVDCVE-2023-54127 at SUSECVE-2023-54127 at NVDCVE-2023-54133 at SUSECVE-2023-54133 at NVDCVE-2023-54134 at SUSECVE-2023-54134 at NVDCVE-2023-54135 at SUSECVE-2023-54135 at NVDCVE-2023-54136 at SUSECVE-2023-54136 at NVDCVE-2023-54137 at SUSECVE-2023-54137 at NVDCVE-2023-54140 at SUSECVE-2023-54140 at NVDCVE-2023-54141 at SUSECVE-2023-54141 at NVDCVE-2023-54142 at SUSECVE-2023-54142 at NVDCVE-2023-54143 at SUSECVE-2023-54143 at NVDCVE-2023-54145 at SUSECVE-2023-54145 at NVDCVE-2023-54148 at SUSECVE-2023-54148 at NVDCVE-2023-54149 at SUSECVE-2023-54149 at NVDCVE-2023-54153 at SUSECVE-2023-54153 at NVDCVE-2023-54154 at SUSECVE-2023-54154 at NVDCVE-2023-54155 at SUSECVE-2023-54155 at NVDCVE-2023-54156 at SUSECVE-2023-54156 at NVDCVE-2023-54164 at SUSECVE-2023-54164 at NVDCVE-2023-54166 at SUSECVE-2023-54166 at NVDCVE-2023-54169 at SUSECVE-2023-54169 at NVDCVE-2023-54170 at SUSECVE-2023-54170 at NVDCVE-2023-54171 at SUSECVE-2023-54171 at NVDCVE-2023-54172 at SUSECVE-2023-54172 at NVDCVE-2023-54173 at SUSECVE-2023-54173 at NVDCVE-2023-54177 at SUSECVE-2023-54177 at NVDCVE-2023-54178 at SUSECVE-2023-54178 at NVDCVE-2023-54179 at SUSECVE-2023-54179 at NVDCVE-2023-54181 at SUSECVE-2023-54181 at NVDCVE-2023-54183 at SUSECVE-2023-54183 at NVDCVE-2023-54185 at SUSECVE-2023-54185 at NVDCVE-2023-54189 at SUSECVE-2023-54189 at NVDCVE-2023-54194 at SUSECVE-2023-54194 at NVDCVE-2023-54201 at SUSECVE-2023-54201 at NVDCVE-2023-54204 at SUSECVE-2023-54204 at NVDCVE-2023-54207 at SUSECVE-2023-54207 at NVDCVE-2023-54209 at SUSECVE-2023-54209 at NVDCVE-2023-54210 at SUSECVE-2023-54210 at NVDCVE-2023-54211 at SUSECVE-2023-54211 at NVDCVE-2023-54215 at SUSECVE-2023-54215 at NVDCVE-2023-54219 at SUSECVE-2023-54219 at NVDCVE-2023-54220 at SUSECVE-2023-54220 at NVDCVE-2023-54221 at SUSECVE-2023-54221 at NVDCVE-2023-54223 at SUSECVE-2023-54223 at NVDCVE-2023-54224 at SUSECVE-2023-54224 at NVDCVE-2023-54225 at SUSECVE-2023-54225 at NVDCVE-2023-54227 at SUSECVE-2023-54227 at NVDCVE-2023-54229 at SUSECVE-2023-54229 at NVDCVE-2023-54230 at SUSECVE-2023-54230 at NVDCVE-2023-54235 at SUSECVE-2023-54235 at NVDCVE-2023-54240 at SUSECVE-2023-54240 at NVDCVE-2023-54241 at SUSECVE-2023-54241 at NVDCVE-2023-54246 at SUSECVE-2023-54246 at NVDCVE-2023-54247 at SUSECVE-2023-54247 at NVDCVE-2023-54251 at SUSECVE-2023-54251 at NVDCVE-2023-54253 at SUSECVE-2023-54253 at NVDCVE-2023-54254 at SUSECVE-2023-54254 at NVDCVE-2023-54255 at SUSECVE-2023-54255 at NVDCVE-2023-54258 at SUSECVE-2023-54258 at NVDCVE-2023-54261 at SUSECVE-2023-54261 at NVDCVE-2023-54263 at SUSECVE-2023-54263 at NVDCVE-2023-54264 at SUSECVE-2023-54264 at NVDCVE-2023-54266 at SUSECVE-2023-54266 at NVDCVE-2023-54267 at SUSECVE-2023-54267 at NVDCVE-2023-54271 at SUSECVE-2023-54271 at NVDCVE-2023-54276 at SUSECVE-2023-54276 at NVDCVE-2023-54278 at SUSECVE-2023-54278 at NVDCVE-2023-54281 at SUSECVE-2023-54281 at NVDCVE-2023-54282 at SUSECVE-2023-54282 at NVDCVE-2023-54283 at SUSECVE-2023-54283 at NVDCVE-2023-54285 at SUSECVE-2023-54285 at NVDCVE-2023-54289 at SUSECVE-2023-54289 at NVDCVE-2023-54291 at SUSECVE-2023-54291 at NVDCVE-2023-54292 at SUSECVE-2023-54292 at NVDCVE-2023-54293 at SUSECVE-2023-54293 at NVDCVE-2023-54296 at SUSECVE-2023-54296 at NVDCVE-2023-54297 at SUSECVE-2023-54297 at NVDCVE-2023-54299 at SUSECVE-2023-54299 at NVDCVE-2023-54300 at SUSECVE-2023-54300 at NVDCVE-2023-54302 at SUSECVE-2023-54302 at NVDCVE-2023-54303 at SUSECVE-2023-54303 at NVDCVE-2023-54304 at SUSECVE-2023-54304 at NVDCVE-2023-54309 at SUSECVE-2023-54309 at NVDCVE-2023-54312 at SUSECVE-2023-54312 at NVDCVE-2023-54313 at SUSECVE-2023-54313 at NVDCVE-2023-54314 at SUSECVE-2023-54314 at NVDCVE-2023-54315 at SUSECVE-2023-54315 at NVDCVE-2023-54316 at SUSECVE-2023-54316 at NVDCVE-2023-54318 at SUSECVE-2023-54318 at NVDCVE-2023-54319 at SUSECVE-2023-54319 at NVDCVE-2023-54322 at SUSECVE-2023-54322 at NVDCVE-2023-54324 at SUSECVE-2023-54324 at NVDCVE-2023-54326 at SUSECVE-2023-54326 at NVDCVE-2024-26944 at SUSECVE-2024-26944 at NVDCVE-2024-27005 at SUSECVE-2024-27005 at NVDCVE-2024-42103 at SUSECVE-2024-42103 at NVDCVE-2024-53070 at SUSECVE-2024-53070 at NVDCVE-2024-53149 at SUSECVE-2024-53149 at NVDCVE-2025-22047 at SUSECVE-2025-22047 at NVDCVE-2025-37813 at SUSECVE-2025-37813 at NVDCVE-2025-38243 at SUSECVE-2025-38243 at NVDCVE-2025-38321 at SUSECVE-2025-38321 at NVDCVE-2025-38322 at SUSECVE-2025-38322 at NVDCVE-2025-38379 at SUSECVE-2025-38379 at NVDCVE-2025-38539 at SUSECVE-2025-38539 at NVDCVE-2025-38728 at SUSECVE-2025-38728 at NVDCVE-2025-39689 at SUSECVE-2025-39689 at NVDCVE-2025-39813 at SUSECVE-2025-39813 at NVDCVE-2025-39829 at SUSECVE-2025-39829 at NVDCVE-2025-39880 at SUSECVE-2025-39880 at NVDCVE-2025-39890 at SUSECVE-2025-39890 at NVDCVE-2025-39913 at SUSECVE-2025-39913 at NVDCVE-2025-39977 at SUSECVE-2025-39977 at NVDCVE-2025-40006 at SUSECVE-2025-40006 at NVDCVE-2025-40024 at SUSECVE-2025-40024 at NVDCVE-2025-40033 at SUSECVE-2025-40033 at NVDCVE-2025-40042 at SUSECVE-2025-40042 at NVDCVE-2025-40053 at SUSECVE-2025-40053 at NVDCVE-2025-40081 at SUSECVE-2025-40081 at NVDCVE-2025-40097 at SUSECVE-2025-40097 at NVDCVE-2025-40102 at SUSECVE-2025-40102 at NVDCVE-2025-40106 at SUSECVE-2025-40106 at NVDCVE-2025-40123 at SUSECVE-2025-40123 at NVDCVE-2025-40134 at SUSECVE-2025-40134 at NVDCVE-2025-40135 at SUSECVE-2025-40135 at NVDCVE-2025-40153 at SUSECVE-2025-40153 at NVDCVE-2025-40158 at SUSECVE-2025-40158 at NVDCVE-2025-40160 at SUSECVE-2025-40160 at NVDCVE-2025-40167 at SUSECVE-2025-40167 at NVDCVE-2025-40170 at SUSECVE-2025-40170 at NVDCVE-2025-40178 at SUSECVE-2025-40178 at NVDCVE-2025-40179 at SUSECVE-2025-40179 at NVDCVE-2025-40187 at SUSECVE-2025-40187 at NVDCVE-2025-40190 at SUSECVE-2025-40190 at NVDCVE-2025-40202 at SUSECVE-2025-40202 at NVDCVE-2025-40211 at SUSECVE-2025-40211 at NVDCVE-2025-40215 at SUSECVE-2025-40215 at NVDCVE-2025-40219 at SUSECVE-2025-40219 at NVDCVE-2025-40220 at SUSECVE-2025-40220 at NVDCVE-2025-40223 at SUSECVE-2025-40223 at NVDCVE-2025-40231 at SUSECVE-2025-40231 at NVDCVE-2025-40233 at SUSECVE-2025-40233 at NVDCVE-2025-40238 at SUSECVE-2025-40238 at NVDCVE-2025-40240 at SUSECVE-2025-40240 at NVDCVE-2025-40242 at SUSECVE-2025-40242 at NVDCVE-2025-40244 at SUSECVE-2025-40244 at NVDCVE-2025-40248 at SUSECVE-2025-40248 at NVDCVE-2025-40250 at SUSECVE-2025-40250 at NVDCVE-2025-40251 at SUSECVE-2025-40251 at NVDCVE-2025-40252 at SUSECVE-2025-40252 at NVDCVE-2025-40254 at SUSECVE-2025-40254 at NVDCVE-2025-40256 at SUSECVE-2025-40256 at NVDCVE-2025-40257 at SUSECVE-2025-40257 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40259 at SUSECVE-2025-40259 at NVDCVE-2025-40261 at SUSECVE-2025-40261 at NVDCVE-2025-40262 at SUSECVE-2025-40262 at NVDCVE-2025-40263 at SUSECVE-2025-40263 at NVDCVE-2025-40264 at SUSECVE-2025-40264 at NVDCVE-2025-40268 at SUSECVE-2025-40268 at NVDCVE-2025-40269 at SUSECVE-2025-40269 at NVDCVE-2025-40271 at SUSECVE-2025-40271 at NVDCVE-2025-40272 at SUSECVE-2025-40272 at NVDCVE-2025-40273 at SUSECVE-2025-40273 at NVDCVE-2025-40274 at SUSECVE-2025-40274 at NVDCVE-2025-40275 at SUSECVE-2025-40275 at NVDCVE-2025-40277 at SUSECVE-2025-40277 at NVDCVE-2025-40278 at SUSECVE-2025-40278 at NVDCVE-2025-40279 at SUSECVE-2025-40279 at NVDCVE-2025-40280 at SUSECVE-2025-40280 at NVDCVE-2025-40282 at SUSECVE-2025-40282 at NVDCVE-2025-40283 at SUSECVE-2025-40283 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40287 at SUSECVE-2025-40287 at NVDCVE-2025-40288 at SUSECVE-2025-40288 at NVDCVE-2025-40289 at SUSECVE-2025-40289 at NVDCVE-2025-40292 at SUSECVE-2025-40292 at NVDCVE-2025-40293 at SUSECVE-2025-40293 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-40301 at SUSECVE-2025-40301 at NVDCVE-2025-40304 at SUSECVE-2025-40304 at NVDCVE-2025-40306 at SUSECVE-2025-40306 at NVDCVE-2025-40307 at SUSECVE-2025-40307 at NVDCVE-2025-40308 at SUSECVE-2025-40308 at NVDCVE-2025-40309 at SUSECVE-2025-40309 at NVDCVE-2025-40310 at SUSECVE-2025-40310 at NVDCVE-2025-40311 at SUSECVE-2025-40311 at NVDCVE-2025-40312 at SUSECVE-2025-40312 at NVDCVE-2025-40314 at SUSECVE-2025-40314 at NVDCVE-2025-40315 at SUSECVE-2025-40315 at NVDCVE-2025-40316 at SUSECVE-2025-40316 at NVDCVE-2025-40317 at SUSECVE-2025-40317 at NVDCVE-2025-40318 at SUSECVE-2025-40318 at NVDCVE-2025-40319 at SUSECVE-2025-40319 at NVDCVE-2025-40320 at SUSECVE-2025-40320 at NVDCVE-2025-40321 at SUSECVE-2025-40321 at NVDCVE-2025-40322 at SUSECVE-2025-40322 at NVDCVE-2025-40323 at SUSECVE-2025-40323 at NVDCVE-2025-40324 at SUSECVE-2025-40324 at NVDCVE-2025-40328 at SUSECVE-2025-40328 at NVDCVE-2025-40329 at SUSECVE-2025-40329 at NVDCVE-2025-40331 at SUSECVE-2025-40331 at NVDCVE-2025-40337 at SUSECVE-2025-40337 at NVDCVE-2025-40338 at SUSECVE-2025-40338 at NVDCVE-2025-40339 at SUSECVE-2025-40339 at NVDCVE-2025-40342 at SUSECVE-2025-40342 at NVDCVE-2025-40343 at SUSECVE-2025-40343 at NVDCVE-2025-40345 at SUSECVE-2025-40345 at NVDCVE-2025-40346 at SUSECVE-2025-40346 at NVDCVE-2025-40347 at SUSECVE-2025-40347 at NVDCVE-2025-40349 at SUSECVE-2025-40349 at NVDCVE-2025-40350 at SUSECVE-2025-40350 at NVDCVE-2025-40351 at SUSECVE-2025-40351 at NVDCVE-2025-40355 at SUSECVE-2025-40355 at NVDCVE-2025-40360 at SUSECVE-2025-40360 at NVDCVE-2025-40363 at SUSECVE-2025-40363 at NVDCVE-2025-68168 at SUSECVE-2025-68168 at NVDCVE-2025-68171 at SUSECVE-2025-68171 at NVDCVE-2025-68172 at SUSECVE-2025-68172 at NVDCVE-2025-68174 at SUSECVE-2025-68174 at NVDCVE-2025-68176 at SUSECVE-2025-68176 at NVDCVE-2025-68178 at SUSECVE-2025-68178 at NVDCVE-2025-68180 at SUSECVE-2025-68180 at NVDCVE-2025-68183 at SUSECVE-2025-68183 at NVDCVE-2025-68185 at SUSECVE-2025-68185 at NVDCVE-2025-68188 at SUSECVE-2025-68188 at NVDCVE-2025-68190 at SUSECVE-2025-68190 at NVDCVE-2025-68192 at SUSECVE-2025-68192 at NVDCVE-2025-68194 at SUSECVE-2025-68194 at NVDCVE-2025-68195 at SUSECVE-2025-68195 at NVDCVE-2025-68200 at SUSECVE-2025-68200 at NVDCVE-2025-68201 at SUSECVE-2025-68201 at NVDCVE-2025-68204 at SUSECVE-2025-68204 at NVDCVE-2025-68206 at SUSECVE-2025-68206 at NVDCVE-2025-68208 at SUSECVE-2025-68208 at NVDCVE-2025-68209 at SUSECVE-2025-68209 at NVDCVE-2025-68217 at SUSECVE-2025-68217 at NVDCVE-2025-68218 at SUSECVE-2025-68218 at NVDCVE-2025-68222 at SUSECVE-2025-68222 at NVDCVE-2025-68227 at SUSECVE-2025-68227 at NVDCVE-2025-68230 at SUSECVE-2025-68230 at NVDCVE-2025-68233 at SUSECVE-2025-68233 at NVDCVE-2025-68235 at SUSECVE-2025-68235 at NVDCVE-2025-68237 at SUSECVE-2025-68237 at NVDCVE-2025-68238 at SUSECVE-2025-68238 at NVDCVE-2025-68239 at SUSECVE-2025-68239 at NVDCVE-2025-68241 at SUSECVE-2025-68241 at NVDCVE-2025-68244 at SUSECVE-2025-68244 at NVDCVE-2025-68245 at SUSECVE-2025-68245 at NVDCVE-2025-68249 at SUSECVE-2025-68249 at NVDCVE-2025-68252 at SUSECVE-2025-68252 at NVDCVE-2025-68254 at SUSECVE-2025-68254 at NVDCVE-2025-68255 at SUSECVE-2025-68255 at NVDCVE-2025-68256 at SUSECVE-2025-68256 at NVDCVE-2025-68257 at SUSECVE-2025-68257 at NVDCVE-2025-68258 at SUSECVE-2025-68258 at NVDCVE-2025-68259 at SUSECVE-2025-68259 at NVDCVE-2025-68261 at SUSECVE-2025-68261 at NVDCVE-2025-68264 at SUSECVE-2025-68264 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68286 at SUSECVE-2025-68286 at NVDCVE-2025-68287 at SUSECVE-2025-68287 at NVDCVE-2025-68289 at SUSECVE-2025-68289 at NVDCVE-2025-68290 at SUSECVE-2025-68290 at NVDCVE-2025-68296 at SUSECVE-2025-68296 at NVDCVE-2025-68297 at SUSECVE-2025-68297 at NVDCVE-2025-68301 at SUSECVE-2025-68301 at NVDCVE-2025-68303 at SUSECVE-2025-68303 at NVDCVE-2025-68305 at SUSECVE-2025-68305 at NVDCVE-2025-68307 at SUSECVE-2025-68307 at NVDCVE-2025-68308 at SUSECVE-2025-68308 at NVDCVE-2025-68312 at SUSECVE-2025-68312 at NVDCVE-2025-68313 at SUSECVE-2025-68313 at NVDCVE-2025-68320 at SUSECVE-2025-68320 at NVDCVE-2025-68325 at SUSECVE-2025-68325 at NVDCVE-2025-68327 at SUSECVE-2025-68327 at NVDCVE-2025-68328 at SUSECVE-2025-68328 at NVDCVE-2025-68330 at SUSECVE-2025-68330 at NVDCVE-2025-68331 at SUSECVE-2025-68331 at NVDCVE-2025-68332 at SUSECVE-2025-68332 at NVDCVE-2025-68335 at SUSECVE-2025-68335 at NVDCVE-2025-68337 at SUSECVE-2025-68337 at NVDCVE-2025-68339 at SUSECVE-2025-68339 at NVDCVE-2025-68340 at SUSECVE-2025-68340 at NVDCVE-2025-68345 at SUSECVE-2025-68345 at NVDCVE-2025-68346 at SUSECVE-2025-68346 at NVDCVE-2025-68347 at SUSECVE-2025-68347 at NVDCVE-2025-68349 at SUSECVE-2025-68349 at NVDCVE-2025-68351 at SUSECVE-2025-68351 at NVDCVE-2025-68354 at SUSECVE-2025-68354 at NVDCVE-2025-68362 at SUSECVE-2025-68362 at NVDCVE-2025-68363 at SUSECVE-2025-68363 at NVDCVE-2025-68365 at SUSECVE-2025-68365 at NVDCVE-2025-68366 at SUSECVE-2025-68366 at NVDCVE-2025-68367 at SUSECVE-2025-68367 at NVDCVE-2025-68372 at SUSECVE-2025-68372 at NVDCVE-2025-68378 at SUSECVE-2025-68378 at NVDCVE-2025-68379 at SUSECVE-2025-68379 at NVDCVE-2025-68380 at SUSECVE-2025-68380 at NVDCVE-2025-68724 at SUSECVE-2025-68724 at NVDCVE-2025-68725 at SUSECVE-2025-68725 at NVDCVE-2025-68727 at SUSECVE-2025-68727 at NVDCVE-2025-68728 at SUSECVE-2025-68728 at NVDCVE-2025-68732 at SUSECVE-2025-68732 at NVDCVE-2025-68733 at SUSECVE-2025-68733 at NVDCVE-2025-68734 at SUSECVE-2025-68734 at NVDCVE-2025-68740 at SUSECVE-2025-68740 at NVDCVE-2025-68742 at SUSECVE-2025-68742 at NVDCVE-2025-68744 at SUSECVE-2025-68744 at NVDCVE-2025-68746 at SUSECVE-2025-68746 at NVDCVE-2025-68750 at SUSECVE-2025-68750 at NVDCVE-2025-68753 at SUSECVE-2025-68753 at NVDCVE-2025-68757 at SUSECVE-2025-68757 at NVDCVE-2025-68758 at SUSECVE-2025-68758 at NVDCVE-2025-68759 at SUSECVE-2025-68759 at NVDCVE-2025-68764 at SUSECVE-2025-68764 at NVDCVE-2025-68765 at SUSECVE-2025-68765 at NVDCVE-2025-68766 at SUSECVE-2025-68766 at NVDCVE-2025-68768 at SUSECVE-2025-68768 at NVDCVE-2025-68770 at SUSECVE-2025-68770 at NVDCVE-2025-68771 at SUSECVE-2025-68771 at NVDCVE-2025-68773 at SUSECVE-2025-68773 at NVDCVE-2025-68775 at SUSECVE-2025-68775 at NVDCVE-2025-68776 at SUSECVE-2025-68776 at NVDCVE-2025-68777 at SUSECVE-2025-68777 at NVDCVE-2025-68783 at SUSECVE-2025-68783 at NVDCVE-2025-68788 at SUSECVE-2025-68788 at NVDCVE-2025-68789 at SUSECVE-2025-68789 at NVDCVE-2025-68795 at SUSECVE-2025-68795 at NVDCVE-2025-68797 at SUSECVE-2025-68797 at NVDCVE-2025-68798 at SUSECVE-2025-68798 at NVDCVE-2025-68800 at SUSECVE-2025-68800 at NVDCVE-2025-68801 at SUSECVE-2025-68801 at NVDCVE-2025-68803 at SUSECVE-2025-68803 at NVDCVE-2025-68804 at SUSECVE-2025-68804 at NVDCVE-2025-68808 at SUSECVE-2025-68808 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-68814 at SUSECVE-2025-68814 at NVDCVE-2025-68815 at SUSECVE-2025-68815 at NVDCVE-2025-68816 at SUSECVE-2025-68816 at NVDCVE-2025-68819 at SUSECVE-2025-68819 at NVDCVE-2025-68820 at SUSECVE-2025-68820 at NVDCVE-2025-71064 at SUSECVE-2025-71064 at NVDCVE-2025-71066 at SUSECVE-2025-71066 at NVDCVE-2025-71077 at SUSECVE-2025-71077 at NVDCVE-2025-71078 at SUSECVE-2025-71078 at NVDCVE-2025-71079 at SUSECVE-2025-71079 at NVDCVE-2025-71081 at SUSECVE-2025-71081 at NVDCVE-2025-71082 at SUSECVE-2025-71082 at NVDCVE-2025-71083 at SUSECVE-2025-71083 at NVDCVE-2025-71084 at SUSECVE-2025-71084 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDCVE-2025-71086 at SUSECVE-2025-71086 at NVDCVE-2025-71087 at SUSECVE-2025-71087 at NVDCVE-2025-71088 at SUSECVE-2025-71088 at NVDCVE-2025-71089 at SUSECVE-2025-71089 at NVDCVE-2025-71091 at SUSECVE-2025-71091 at NVDCVE-2025-71093 at SUSECVE-2025-71093 at NVDCVE-2025-71094 at SUSECVE-2025-71094 at NVDCVE-2025-71095 at SUSECVE-2025-71095 at NVDCVE-2025-71096 at SUSECVE-2025-71096 at NVDCVE-2025-71097 at SUSECVE-2025-71097 at NVDCVE-2025-71098 at SUSECVE-2025-71098 at NVDCVE-2025-71100 at SUSECVE-2025-71100 at NVDCVE-2025-71108 at SUSECVE-2025-71108 at NVDCVE-2025-71111 at SUSECVE-2025-71111 at NVDCVE-2025-71112 at SUSECVE-2025-71112 at NVDCVE-2025-71114 at SUSECVE-2025-71114 at NVDCVE-2025-71116 at SUSECVE-2025-71116 at NVDCVE-2025-71118 at SUSECVE-2025-71118 at NVDCVE-2025-71119 at SUSECVE-2025-71119 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2025-71123 at SUSECVE-2025-71123 at NVDCVE-2025-71130 at SUSECVE-2025-71130 at NVDCVE-2025-71131 at SUSECVE-2025-71131 at NVDCVE-2025-71132 at SUSECVE-2025-71132 at NVDCVE-2025-71133 at SUSECVE-2025-71133 at NVDCVE-2025-71135 at SUSECVE-2025-71135 at NVDCVE-2025-71136 at SUSECVE-2025-71136 at NVDCVE-2025-71137 at SUSECVE-2025-71137 at NVDCVE-2025-71138 at SUSECVE-2025-71138 at NVDCVE-2025-71145 at SUSECVE-2025-71145 at NVDCVE-2025-71147 at SUSECVE-2025-71147 at NVDCVE-2025-71149 at SUSECVE-2025-71149 at NVDCVE-2025-71154 at SUSECVE-2025-71154 at NVDCVE-2025-71162 at SUSECVE-2025-71162 at NVDCVE-2025-71163 at SUSECVE-2025-71163 at NVDCVE-2026-22976 at SUSECVE-2026-22976 at NVDCVE-2026-22977 at SUSECVE-2026-22977 at NVDCVE-2026-22978 at SUSECVE-2026-22978 at NVDCVE-2026-22984 at SUSECVE-2026-22984 at NVDCVE-2026-22985 at SUSECVE-2026-22985 at NVDCVE-2026-22988 at SUSECVE-2026-22988 at NVDCVE-2026-22990 at SUSECVE-2026-22990 at NVDCVE-2026-22991 at SUSECVE-2026-22991 at NVDCVE-2026-22992 at SUSECVE-2026-22992 at NVDCVE-2026-22993 at SUSECVE-2026-22993 at NVDCVE-2026-22996 at SUSECVE-2026-22996 at NVDCVE-2026-22997 at SUSECVE-2026-22997 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23000 at SUSECVE-2026-23000 at NVDCVE-2026-23001 at SUSECVE-2026-23001 at NVDCVE-2026-23005 at SUSECVE-2026-23005 at NVDCVE-2026-23006 at SUSECVE-2026-23006 at NVDCVE-2026-23010 at SUSECVE-2026-23010 at NVDCVE-2026-23011 at SUSECVE-2026-23011 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_16 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_16 fixes the following issues:
Initial livepatch for Update 16 of kernel default.
Importantcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise kernel 6.4.0-29.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678)
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847)
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019)
ModerateSUSE bug 1233019SUSE bug 1233678SUSE bug 1234847CVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-53042 at SUSECVE-2024-53042 at NVDCVE-2024-53156 at SUSECVE-2024-53156 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() (bsc#1254992).
- CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055).
- CVE-2025-39748: bpf: Forget ranges when refining tnum after JSET (bsc#1249587).
- CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966).
- CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911).
- CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924).
- CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379).
- CVE-2025-68295: smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129).
- CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530).
- CVE-2025-68736: landlock: Fix handling of disconnected directories (bsc#1255698).
- CVE-2025-68778: btrfs: don't log conflicting inode if it's a dir moved in the current transaction (bsc#1256683).
- CVE-2025-68785: net: openvswitch: fix middle attribute validation in push_nsh() action (bsc#1256640).
- CVE-2025-68810: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (bsc#1256679).
- CVE-2025-71071: iommu/mediatek: fix use-after-free on probe deferral (bsc#1256802).
- CVE-2025-71104: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708).
- CVE-2025-71113: crypto: af_alg - zero initialize memory allocated via sock_kmalloc (bsc#1256716).
- CVE-2025-71126: mptcp: reset fallback status gracefully at disconnect() time (bsc#1256755).
- CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159).
- CVE-2025-71184: btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635).
- CVE-2025-71194: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (bsc#1257687).
- CVE-2025-71225: md: suspend array while updating raid_disks via sysfs (bsc#1258411).
- CVE-2026-22979: net: fix memory leak in skb_segment_list for GRO packets (bsc#1257228).
- CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179).
- CVE-2026-22998: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (bsc#1257209).
- CVE-2026-23003: geneve: Fix incorrect inner network header offset when innerprotoinherit is set (bsc#1257246).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231).
- CVE-2026-23017: idpf: fix error handling in the init_task on load (bsc#1257552).
- CVE-2026-23035: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (bsc#1257559).
- CVE-2026-23053: NFS: Fix a deadlock involving nfs_release_folio() (bsc#1257718).
- CVE-2026-23057: vsock/virtio: Coalesce only linear skb (bsc#1257740).
- CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735).
- CVE-2026-23064: net/sched: act_ife: avoid possible NULL deref (bsc#1257765).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749).
- CVE-2026-23083: fou: Don't allow 0 for FOU_ATTR_IPPROTO (bsc#1257745).
- CVE-2026-23084: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (bsc#1257830).
- CVE-2026-23085: irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758).
- CVE-2026-23086: vsock/virtio: cap TX credit to local buffer size (bsc#1257757).
- CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790).
- CVE-2026-23095: gue: Fix skb memleak with inner IP protocol 0 (bsc#1257808).
- CVE-2026-23099: bonding: limit BOND_MODE_8023AD to Ethernet devices (bsc#1257816).
- CVE-2026-23102: arm64/fpsimd: signal: Mandate SVE payload for streaming-mode state (bsc#1257772).
- CVE-2026-23104: ice: fix devlink reload call trace (bsc#1257763).
- CVE-2026-23105: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (bsc#1257775).
- CVE-2026-23107: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762).
- CVE-2026-23110: scsi: core: Wake up the error handler when final completions race against each other (bsc#1257761).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258181).
- CVE-2026-23112: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (bsc#1258184).
- CVE-2026-23113: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (bsc#1258278).
- CVE-2026-23116: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (bsc#1258277).
- CVE-2026-23119: bonding: provide a net pointer to __skb_flow_dissect() (bsc#1258273).
- CVE-2026-23139: netfilter: nf_conncount: update last_gc only when GC has been performed (bsc#1258304).
- CVE-2026-23141: btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377).
- CVE-2026-23166: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (bsc#1258272).
- CVE-2026-23171: net: bonding: update the slave array for broadcast mode (bsc#1258349).
- CVE-2026-23173: net/mlx5e: TC, delete flows only for existing peers (bsc#1258520).
- CVE-2026-23179: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (bsc#1258394).
- CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395).
- CVE-2026-23198: KVM: Don't clobber irqfd routing type when deassigning irqfd (bsc#1258321).
- CVE-2026-23208: ALSA: usb-audio: Prevent excessive number of frames (bsc#1258468).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518).
- CVE-2026-23213: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (bsc#1258465).
- CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-only (bsc#1258464).
The following non security issues were fixed:
- ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes).
- ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes).
- ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes).
- HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes).
- PM: sleep: wakeirq: Update outdated documentation comments (git-fixes).
- Update "drm/mgag200: fix mgag200_bmc_stop_scanout()" bug number (bsc#1258153)
- Update upstreamed net and powerpc patch references and sorting
- bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691).
- btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes).
- clocksource: Print durations for sync check unconditionally (bsc#1241345).
- clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1241345).
- drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes).
- ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes).
- landlock: Optimize file path walks and prepare for audit support (bsc#1255698).
- media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes).
- shrink_slab_memcg: clear_bits of skipped shrinkers (bsc#1256564).
- spi: tegra210-quad: Move curr_xfer read inside spinlock (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer assignment in (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer check in IRQ handler (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer clearing in (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (bsc#1257952)
- spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed (bsc#1257952)
- staging: rtl8723bs: fix missing status update on sdio_alloc_irq() failure (stable-fixes).
- wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes).
- workqueue: mark power efficient workqueue as unbounded if (bsc#1257891)
ImportantSUSE bug 1241345SUSE bug 1243055SUSE bug 1249587SUSE bug 1251966SUSE bug 1252911SUSE bug 1252924SUSE bug 1253691SUSE bug 1254992SUSE bug 1255129SUSE bug 1255265SUSE bug 1255379SUSE bug 1255530SUSE bug 1255698SUSE bug 1256564SUSE bug 1256640SUSE bug 1256679SUSE bug 1256683SUSE bug 1256708SUSE bug 1256716SUSE bug 1256755SUSE bug 1256802SUSE bug 1256863SUSE bug 1257159SUSE bug 1257179SUSE bug 1257209SUSE bug 1257228SUSE bug 1257231SUSE bug 1257246SUSE bug 1257552SUSE bug 1257554SUSE bug 1257557SUSE bug 1257559SUSE bug 1257560SUSE bug 1257562SUSE bug 1257570SUSE bug 1257573SUSE bug 1257576SUSE bug 1257579SUSE bug 1257580SUSE bug 1257586SUSE bug 1257635SUSE bug 1257679SUSE bug 1257687SUSE bug 1257704SUSE bug 1257706SUSE bug 1257707SUSE bug 1257714SUSE bug 1257715SUSE bug 1257716SUSE bug 1257718SUSE bug 1257722SUSE bug 1257723SUSE bug 1257729SUSE bug 1257735SUSE bug 1257739SUSE bug 1257740SUSE bug 1257741SUSE bug 1257743SUSE bug 1257745SUSE bug 1257749SUSE bug 1257750SUSE bug 1257757SUSE bug 1257758SUSE bug 1257759SUSE bug 1257761SUSE bug 1257762SUSE bug 1257763SUSE bug 1257765SUSE bug 1257768SUSE bug 1257770SUSE bug 1257772SUSE bug 1257775SUSE bug 1257776SUSE bug 1257788SUSE bug 1257789SUSE bug 1257790SUSE bug 1257805SUSE bug 1257808SUSE bug 1257809SUSE bug 1257811SUSE bug 1257813SUSE bug 1257816SUSE bug 1257830SUSE bug 1257891SUSE bug 1257942SUSE bug 1257952SUSE bug 1258153SUSE bug 1258181SUSE bug 1258184SUSE bug 1258222SUSE bug 1258234SUSE bug 1258237SUSE bug 1258245SUSE bug 1258249SUSE bug 1258252SUSE bug 1258256SUSE bug 1258259SUSE bug 1258272SUSE bug 1258273SUSE bug 1258277SUSE bug 1258278SUSE bug 1258279SUSE bug 1258299SUSE bug 1258304SUSE bug 1258309SUSE bug 1258313SUSE bug 1258317SUSE bug 1258321SUSE bug 1258326SUSE bug 1258338SUSE bug 1258349SUSE bug 1258354SUSE bug 1258358SUSE bug 1258374SUSE bug 1258377SUSE bug 1258379SUSE bug 1258394SUSE bug 1258395SUSE bug 1258397SUSE bug 1258411SUSE bug 1258415SUSE bug 1258419SUSE bug 1258422SUSE bug 1258424SUSE bug 1258429SUSE bug 1258442SUSE bug 1258464SUSE bug 1258465SUSE bug 1258468SUSE bug 1258469SUSE bug 1258484SUSE bug 1258518SUSE bug 1258519SUSE bug 1258520SUSE bug 1258524SUSE bug 1258544SUSE bug 1258660SUSE bug 1258824SUSE bug 1258928SUSE bug 1259070CVE-2023-53817 at SUSECVE-2023-53817 at NVDCVE-2025-37861 at SUSECVE-2025-37861 at NVDCVE-2025-39748 at SUSECVE-2025-39748 at NVDCVE-2025-39964 at SUSECVE-2025-39964 at NVDCVE-2025-40099 at SUSECVE-2025-40099 at NVDCVE-2025-40103 at SUSECVE-2025-40103 at NVDCVE-2025-68283 at SUSECVE-2025-68283 at NVDCVE-2025-68295 at SUSECVE-2025-68295 at NVDCVE-2025-68374 at SUSECVE-2025-68374 at NVDCVE-2025-68736 at SUSECVE-2025-68736 at NVDCVE-2025-68778 at SUSECVE-2025-68778 at NVDCVE-2025-68785 at SUSECVE-2025-68785 at NVDCVE-2025-68810 at SUSECVE-2025-68810 at NVDCVE-2025-71071 at SUSECVE-2025-71071 at NVDCVE-2025-71104 at SUSECVE-2025-71104 at NVDCVE-2025-71113 at SUSECVE-2025-71113 at NVDCVE-2025-71126 at SUSECVE-2025-71126 at NVDCVE-2025-71148 at SUSECVE-2025-71148 at NVDCVE-2025-71182 at SUSECVE-2025-71182 at NVDCVE-2025-71184 at SUSECVE-2025-71184 at NVDCVE-2025-71185 at SUSECVE-2025-71185 at NVDCVE-2025-71188 at SUSECVE-2025-71188 at NVDCVE-2025-71189 at SUSECVE-2025-71189 at NVDCVE-2025-71190 at SUSECVE-2025-71190 at NVDCVE-2025-71191 at SUSECVE-2025-71191 at NVDCVE-2025-71192 at SUSECVE-2025-71192 at NVDCVE-2025-71194 at SUSECVE-2025-71194 at NVDCVE-2025-71195 at SUSECVE-2025-71195 at NVDCVE-2025-71196 at SUSECVE-2025-71196 at NVDCVE-2025-71197 at SUSECVE-2025-71197 at NVDCVE-2025-71198 at SUSECVE-2025-71198 at NVDCVE-2025-71199 at SUSECVE-2025-71199 at NVDCVE-2025-71200 at SUSECVE-2025-71200 at NVDCVE-2025-71222 at SUSECVE-2025-71222 at NVDCVE-2025-71224 at SUSECVE-2025-71224 at NVDCVE-2025-71225 at SUSECVE-2025-71225 at NVDCVE-2025-71229 at SUSECVE-2025-71229 at NVDCVE-2025-71231 at SUSECVE-2025-71231 at NVDCVE-2025-71232 at SUSECVE-2025-71232 at NVDCVE-2025-71234 at SUSECVE-2025-71234 at NVDCVE-2025-71235 at SUSECVE-2025-71235 at NVDCVE-2025-71236 at SUSECVE-2025-71236 at NVDCVE-2026-22979 at SUSECVE-2026-22979 at NVDCVE-2026-22982 at SUSECVE-2026-22982 at NVDCVE-2026-22998 at SUSECVE-2026-22998 at NVDCVE-2026-23003 at SUSECVE-2026-23003 at NVDCVE-2026-23004 at SUSECVE-2026-23004 at NVDCVE-2026-23017 at SUSECVE-2026-23017 at NVDCVE-2026-23021 at SUSECVE-2026-23021 at NVDCVE-2026-23026 at SUSECVE-2026-23026 at NVDCVE-2026-23033 at SUSECVE-2026-23033 at NVDCVE-2026-23035 at SUSECVE-2026-23035 at NVDCVE-2026-23037 at SUSECVE-2026-23037 at NVDCVE-2026-23049 at SUSECVE-2026-23049 at NVDCVE-2026-23053 at SUSECVE-2026-23053 at NVDCVE-2026-23056 at SUSECVE-2026-23056 at NVDCVE-2026-23057 at SUSECVE-2026-23057 at NVDCVE-2026-23058 at SUSECVE-2026-23058 at NVDCVE-2026-23060 at SUSECVE-2026-23060 at NVDCVE-2026-23061 at SUSECVE-2026-23061 at NVDCVE-2026-23063 at SUSECVE-2026-23063 at NVDCVE-2026-23064 at SUSECVE-2026-23064 at NVDCVE-2026-23068 at SUSECVE-2026-23068 at NVDCVE-2026-23071 at SUSECVE-2026-23071 at NVDCVE-2026-23073 at SUSECVE-2026-23073 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23076 at SUSECVE-2026-23076 at NVDCVE-2026-23078 at SUSECVE-2026-23078 at NVDCVE-2026-23080 at SUSECVE-2026-23080 at NVDCVE-2026-23082 at SUSECVE-2026-23082 at NVDCVE-2026-23083 at SUSECVE-2026-23083 at NVDCVE-2026-23084 at SUSECVE-2026-23084 at NVDCVE-2026-23085 at SUSECVE-2026-23085 at NVDCVE-2026-23086 at SUSECVE-2026-23086 at NVDCVE-2026-23089 at SUSECVE-2026-23089 at NVDCVE-2026-23090 at SUSECVE-2026-23090 at NVDCVE-2026-23091 at SUSECVE-2026-23091 at NVDCVE-2026-23094 at SUSECVE-2026-23094 at NVDCVE-2026-23095 at SUSECVE-2026-23095 at NVDCVE-2026-23096 at SUSECVE-2026-23096 at NVDCVE-2026-23099 at SUSECVE-2026-23099 at NVDCVE-2026-23101 at SUSECVE-2026-23101 at NVDCVE-2026-23102 at SUSECVE-2026-23102 at NVDCVE-2026-23104 at SUSECVE-2026-23104 at NVDCVE-2026-23105 at SUSECVE-2026-23105 at NVDCVE-2026-23107 at SUSECVE-2026-23107 at NVDCVE-2026-23108 at SUSECVE-2026-23108 at NVDCVE-2026-23110 at SUSECVE-2026-23110 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23112 at SUSECVE-2026-23112 at NVDCVE-2026-23113 at SUSECVE-2026-23113 at NVDCVE-2026-23116 at SUSECVE-2026-23116 at NVDCVE-2026-23119 at SUSECVE-2026-23119 at NVDCVE-2026-23121 at SUSECVE-2026-23121 at NVDCVE-2026-23129 at SUSECVE-2026-23129 at NVDCVE-2026-23133 at SUSECVE-2026-23133 at NVDCVE-2026-23135 at SUSECVE-2026-23135 at NVDCVE-2026-23139 at SUSECVE-2026-23139 at NVDCVE-2026-23141 at SUSECVE-2026-23141 at NVDCVE-2026-23145 at SUSECVE-2026-23145 at NVDCVE-2026-23146 at SUSECVE-2026-23146 at NVDCVE-2026-23150 at SUSECVE-2026-23150 at NVDCVE-2026-23151 at SUSECVE-2026-23151 at NVDCVE-2026-23152 at SUSECVE-2026-23152 at NVDCVE-2026-23155 at SUSECVE-2026-23155 at NVDCVE-2026-23156 at SUSECVE-2026-23156 at NVDCVE-2026-23163 at SUSECVE-2026-23163 at NVDCVE-2026-23166 at SUSECVE-2026-23166 at NVDCVE-2026-23167 at SUSECVE-2026-23167 at NVDCVE-2026-23170 at SUSECVE-2026-23170 at NVDCVE-2026-23171 at SUSECVE-2026-23171 at NVDCVE-2026-23172 at SUSECVE-2026-23172 at NVDCVE-2026-23173 at SUSECVE-2026-23173 at NVDCVE-2026-23176 at SUSECVE-2026-23176 at NVDCVE-2026-23178 at SUSECVE-2026-23178 at NVDCVE-2026-23179 at SUSECVE-2026-23179 at NVDCVE-2026-23182 at SUSECVE-2026-23182 at NVDCVE-2026-23190 at SUSECVE-2026-23190 at NVDCVE-2026-23191 at SUSECVE-2026-23191 at NVDCVE-2026-23198 at SUSECVE-2026-23198 at NVDCVE-2026-23202 at SUSECVE-2026-23202 at NVDCVE-2026-23207 at SUSECVE-2026-23207 at NVDCVE-2026-23208 at SUSECVE-2026-23208 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDCVE-2026-23213 at SUSECVE-2026-23213 at NVDCVE-2026-23214 at SUSECVE-2026-23214 at NVDCVE-2026-23221 at SUSECVE-2026-23221 at NVDCVE-2026-23222 at SUSECVE-2026-23222 at NVDCVE-2026-23229 at SUSECVE-2026-23229 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_17 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_17 fixes the following issues:
Initial livepatch for Update 17 of SLE Micro 6.0 and 6.1 kernel.
Importantcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() (bsc#1254992).
- CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055).
- CVE-2025-38321: smb: Log an error when close_all_cached_dirs fails (bsc#1246328).
- CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256).
- CVE-2025-39748: bpf: Forget ranges when refining tnum after JSET (bsc#1249587).
- CVE-2025-39880: libceph: fix invalid accesses to ceph_connection_v1_info (bsc#1250388).
- CVE-2025-39890: wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (bsc#1250334).
- CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966).
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046).
- CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342).
- CVE-2025-40024: vhost: Take a reference on the task in struct vhost_task (bsc#1252686).
- CVE-2025-40033: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (bsc#1252824).
- CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861).
- CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808).
- CVE-2025-40081: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (bsc#1252776).
- CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911).
- CVE-2025-40102: KVM: arm64: Prevent access to vCPU events before init (bsc#1252919).
- CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924).
- CVE-2025-40123: bpf: Enforce expected_attach_type for tailcall compatibility (bsc#1253365).
- CVE-2025-40134: dm: fix NULL pointer dereference in __dm_suspend() (bsc#1253386).
- CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342).
- CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408).
- CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402).
- CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400).
- CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458).
- CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413).
- CVE-2025-40178: pid: Add a judgment for ns null in pid_nr_ns (bsc#1253463).
- CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442).
- CVE-2025-40187: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (bsc#1253647).
- CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623).
- CVE-2025-40192: Revert "ipmi: fix msg stack when IPMI is disconnected" (bsc#1253622).
- CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520).
- CVE-2025-40231: vsock: fix lock inversion in vsock_assign_transport() (bsc#1254815).
- CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
- CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871).
- CVE-2025-40240: sctp: avoid NULL dereference when chunk data buffer is missing (bsc#1254869).
- CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075).
- CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864).
- CVE-2025-40250: net/mlx5: Clean up only new IRQ glue on request_irq() failure (bsc#1254854).
- CVE-2025-40251: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (bsc#1254856).
- CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (bsc#1254849).
- CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852).
- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843).
- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
- CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).
- CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).
- CVE-2025-40268: cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082).
- CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297).
- CVE-2025-40274: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (bsc#1254830).
- CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825).
- CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846).
- CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847).
- CVE-2025-40289: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM (bsc#1255042).
- CVE-2025-40292: virtio-net: fix received length check in big packets (bsc#1255175).
- CVE-2025-40293: iommufd: Don't overflow during division for dirty tracking (bsc#1255179).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255187).
- CVE-2025-40307: exfat: validate cluster allocation bits of the allocation bitmap (bsc#1255039).
- CVE-2025-40319: bpf: Sync pending IRQ work before freeing ring buffer (bsc#1254794).
- CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624).
- CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615).
- CVE-2025-40338: ASoC: Intel: avs: Do not share the name pointer between components (bsc#1255273).
- CVE-2025-40339: drm/amdgpu: fix nullptr err of vm_handle_moved (bsc#1255428).
- CVE-2025-40346: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (bsc#1255318).
- CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260).
- CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261).
- CVE-2025-40360: drm/sysfb: Do not dereference NULL pointer in plane reset (bsc#1255095).
- CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
- CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255).
- CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).
- CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).
- CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).
- CVE-2025-68190: drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked() (bsc#1255131).
- CVE-2025-68200: bpf: Add bpf_prog_run_data_pointers() (bsc#1255241).
- CVE-2025-68201: drm/amdgpu: remove two invalid BUG_ON()s (bsc#1255136).
- CVE-2025-68204: pmdomain: arm: scmi: Fix genpd leak on provider registration failure (bsc#1255224).
- CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142).
- CVE-2025-68208: bpf: account for current allocated stack depth in widen_imprecise_scalars() (bsc#1255227).
- CVE-2025-68209: mlx5: Fix default values in create CQ (bsc#1255230).
- CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).
- CVE-2025-68230: drm/amdgpu: fix gpu page fault after hibernation on PF passthrough (bsc#1255134).
- CVE-2025-68239: binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272).
- CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).
- CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
- CVE-2025-68255: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing (bsc#1255395).
- CVE-2025-68259: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (bsc#1255199).
- CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).
- CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380).
- CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).
- CVE-2025-68295: smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129).
- CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
- CVE-2025-68297: ceph: fix crash in process_v2_sparse_read() for encrypted directories (bsc#1255403).
- CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120).
- CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).
- CVE-2025-68325: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (bsc#1255417).
- CVE-2025-68327: usb: renesas_usbhs: Fix synchronous external abort on unbind (bsc#1255488).
- CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482).
- CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507).
- CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (bsc#1255544).
- CVE-2025-68363: bpf: Check skb->transport_header is set in bpf_skb_check_mtu (bsc#1255552).
- CVE-2025-68365: fs/ntfs3: Initialize allocated memory before use (bsc#1255548).
- CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).
- CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).
- CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
- CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530).
- CVE-2025-68378: bpf: Refactor stack map trace depth calculation into helper function (bsc#1255614).
- CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
- CVE-2025-68727: ntfs3: Fix uninit buffer allocated by __getname() (bsc#1255568).
- CVE-2025-68728: ntfs3: fix uninit memory after failed mi_read in mi_format_new (bsc#1255539).
- CVE-2025-68733: smack: fix bug: unprivileged task can create labels (bsc#1255615).
- CVE-2025-68736: landlock: Fix handling of disconnected directories (bsc#1255698).
- CVE-2025-68742: bpf: Improve program stats run-time calculation (bsc#1255707).
- CVE-2025-68744: bpf: Free special fields when update [lru_,]percpu_hash maps (bsc#1255709).
- CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).
- CVE-2025-68768: inet: frags: add inet_frag_queue_flush() (bsc#1256579).
- CVE-2025-68770: bnxt_en: Fix XDP_TX path (bsc#1256584).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).
- CVE-2025-68776: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (bsc#1256659).
- CVE-2025-68778: btrfs: don't log conflicting inode if it's a dir moved in the current transaction (bsc#1256683).
- CVE-2025-68785: net: openvswitch: fix middle attribute validation in push_nsh() action (bsc#1256640).
- CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
- CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
- CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).
- CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (bsc#1256646).
- CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).
- CVE-2025-68803: nfsd: set security label during create operations (bsc#1256770).
- CVE-2025-68810: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (bsc#1256679).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-68814: io_uring: fix filename leak in __io_openat_prep() (bsc#1256651).
- CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict (bsc#1256680).
- CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
- CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754).
- CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645).
- CVE-2025-71071: iommu/mediatek: fix use-after-free on probe deferral (bsc#1256802).
- CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).
- CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).
- CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed() (bsc#1256773).
- CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).
- CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).
- CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).
- CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606).
- CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects (bsc#1256607).
- CVE-2025-71104: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71113: crypto: af_alg - zero initialize memory allocated via sock_kmalloc (bsc#1256716).
- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2025-71123: ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757).
- CVE-2025-71126: mptcp: reset fallback status gracefully at disconnect() time (bsc#1256755).
- CVE-2025-71133: RDMA/irdma: avoid invalid read in irdma_net_event (bsc#1256733).
- CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (bsc#1256761).
- CVE-2025-71137: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" (bsc#1256760).
- CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159).
- CVE-2025-71149: io_uring/poll: correctly handle io_poll_add() return value on update (bsc#1257164).
- CVE-2025-71184: btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635).
- CVE-2025-71194: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (bsc#1257687).
- CVE-2025-71225: md: suspend array while updating raid_disks via sysfs (bsc#1258411).
- CVE-2026-22976: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (bsc#1257035).
- CVE-2026-22977: net: sock: fix hardened usercopy panic in sock_recv_errqueue (bsc#1257053).
- CVE-2026-22979: net: fix memory leak in skb_segment_list for GRO packets (bsc#1257228).
- CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179).
- CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handle_auth_done() (bsc#1257217).
- CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221).
- CVE-2026-22991: libceph: make free_choose_arg_map() resilient to partial allocation (bsc#1257220).
- CVE-2026-22992: libceph: return the handler error from mon_handle_auth_done() (bsc#1257218).
- CVE-2026-22996: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv.
- CVE-2026-22998: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (bsc#1257209).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).
- CVE-2026-23001: macvlan: Use 'hash' iterators to simplify code (bsc#1257232).
- CVE-2026-23003: geneve: Fix incorrect inner network header offset when innerprotoinherit is set (bsc#1257246).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231).
- CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).
- CVE-2026-23010: ipv6: Fix use-after-free in inet6_addr_del() (bsc#1257332).
- CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).
- CVE-2026-23017: idpf: fix error handling in the init_task on load (bsc#1257552).
- CVE-2026-23035: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (bsc#1257559).
- CVE-2026-23053: NFS: Fix a deadlock involving nfs_release_folio() (bsc#1257718).
- CVE-2026-23057: vsock/virtio: Coalesce only linear skb (bsc#1257740).
- CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735).
- CVE-2026-23064: net/sched: act_ife: avoid possible NULL deref (bsc#1257765).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749).
- CVE-2026-23083: fou: Don't allow 0 for FOU_ATTR_IPPROTO (bsc#1257745).
- CVE-2026-23084: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (bsc#1257830).
- CVE-2026-23085: irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758).
- CVE-2026-23086: vsock/virtio: cap TX credit to local buffer size (bsc#1257757).
- CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790).
- CVE-2026-23095: gue: Fix skb memleak with inner IP protocol 0 (bsc#1257808).
- CVE-2026-23099: bonding: limit BOND_MODE_8023AD to Ethernet devices (bsc#1257816).
- CVE-2026-23102: arm64/fpsimd: signal: Mandate SVE payload for streaming-mode state (bsc#1257772).
- CVE-2026-23104: ice: fix devlink reload call trace (bsc#1257763).
- CVE-2026-23105: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (bsc#1257775).
- CVE-2026-23107: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762).
- CVE-2026-23110: scsi: core: Wake up the error handler when final completions race against each other (bsc#1257761).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258181).
- CVE-2026-23112: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (bsc#1258184).
- CVE-2026-23113: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (bsc#1258278).
- CVE-2026-23116: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (bsc#1258277).
- CVE-2026-23119: bonding: provide a net pointer to __skb_flow_dissect() (bsc#1258273).
- CVE-2026-23139: netfilter: nf_conncount: update last_gc only when GC has been performed (bsc#1258304).
- CVE-2026-23141: btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377).
- CVE-2026-23166: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (bsc#1258272).
- CVE-2026-23171: net: bonding: update the slave array for broadcast mode (bsc#1258349).
- CVE-2026-23173: net/mlx5e: TC, delete flows only for existing peers (bsc#1258520).
- CVE-2026-23179: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (bsc#1258394).
- CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395).
- CVE-2026-23198: KVM: Don't clobber irqfd routing type when deassigning irqfd (bsc#1258321).
- CVE-2026-23208: ALSA: usb-audio: Prevent excessive number of frames (bsc#1258468).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518).
- CVE-2026-23213: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (bsc#1258465).
- CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-only (bsc#1258464).
The following non-security bugs were fixed:
- ACPI: CPPC: Fix missing PCC check for guaranteed_perf (git-fixes).
- ACPI: CPPC: Fix remaining for_each_possible_cpu() to use online CPUs (git-fixes).
- ACPI: PCC: Fix race condition by removing static qualifier (git-fixes).
- ACPI: PM: Add unused power resource quirk for THUNDEROBOT ZERO (git-fixes).
- ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() (stable-fixes).
- ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4 (git-fixes).
- ACPI: property: Fix fwnode refcount leak in acpi_fwnode_graph_parse_endpoint() (git-fixes).
- ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint() only (stable-fixes).
- ACPICA: Abort AML bytecode execution when executing AML_FATAL_OP (stable-fixes).
- ACPICA: Avoid walking the Namespace if start_node is NULL (stable-fixes).
- ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch() (git-fixes).
- ALSA: ac97: fix a double free in snd_ac97_controller_register() (git-fixes).
- ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes).
- ALSA: dice: fix buffer overflow in detect_stream_formats() (git-fixes).
- ALSA: firewire-motu: add bounds check in put_user loop for DSP events (git-fixes).
- ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events (git-fixes).
- ALSA: hda/conexant: Add headset mic fix for MECHREVO Wujie 15X Pro (stable-fixes).
- ALSA: hda/realtek - fixed speaker no sound (stable-fixes).
- ALSA: hda/realtek: Add quirk for Inspur S14-G1 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU (stable-fixes).
- ALSA: hda/realtek: Really fix headset mic for TongFang X6AR55xU (git-fixes).
- ALSA: hda/realtek: add HP Laptop 15s-eq1xxx mute LED quirk (stable-fixes).
- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (stable-fixes).
- ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() (git-fixes).
- ALSA: pcmcia: Fix resource leak in snd_pdacf_probe error path (git-fixes).
- ALSA: scarlett2: Fix buffer overflow in config retrieval (git-fixes).
- ALSA: uapi: Fix typo in asound.h comment (git-fixes).
- ALSA: usb-audio: Add DSD quirk for LEAK Stereo 230 (stable-fixes).
- ALSA: usb-audio: Add iface reset and delay quirk for AB13X USB Audio (stable-fixes).
- ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series (stable-fixes).
- ALSA: usb-audio: Add sanity check for OOB writes at silencing (stable-fixes).
- ALSA: usb-audio: Avoid implicit feedback mode on DIYINHK USB Audio 2.0 (stable-fixes).
- ALSA: usb-audio: Cap the packet size pre-calculations (git-fixes).
- ALSA: usb-audio: Check max frame size for implicit feedback mode, too (stable-fixes).
- ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (git-fixes).
- ALSA: usb-audio: Remove VALIDATE_RATES quirk for Focusrite devices (git-fixes).
- ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).
- ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes).
- ALSA: usb-audio: Use correct version for UAC3 header validation (git-fixes).
- ALSA: usb-audio: Use inclusive terms (git-fixes).
- ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes).
- ALSA: usb-mixer: us16x08: validate meter packet indices (git-fixes).
- ALSA: usb: Increase volume range that triggers a warning (git-fixes).
- ALSA: vxpocket: Fix resource leak in vxpocket_probe error path (git-fixes).
- APEI/GHES: ensure that won't go past CPER allocated record (stable-fixes).
- ASoC: Intel: catpt: Fix error path in hw_params() (git-fixes).
- ASoC: Intel: sof_es8336: Add DMI quirk for Huawei BOD-WXX9 (stable-fixes).
- ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes).
- ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes).
- ASoC: SOF: ipc4-control: Keep the payload size up to date (git-fixes).
- ASoC: SOF: ipc4-control: Use the correct size for scontrol->ipc_control_data (git-fixes).
- ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls (git-fixes).
- ASoC: ak4458: Disable regulator when error happens (git-fixes).
- ASoC: ak5558: Disable regulator when error happens (git-fixes).
- ASoC: amd: drop unused Kconfig symbols (git-fixes).
- ASoC: amd: fix memory leak in acp3x pdm dma ops (git-fixes).
- ASoC: amd: yc: Add ASUS ExpertBook PM1503CDA to quirks list (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for ASUS Vivobook Pro 15X M6501RR (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for Acer TravelMate P216-41-TCO (stable-fixes).
- ASoC: amd: yc: Add quirk for HP 200 G2a 16 (stable-fixes).
- ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025 (stable-fixes).
- ASoC: amd: yc: Fix microphone on ASUS M6500RE (stable-fixes).
- ASoC: bcm: bcm63xx-pcm-whistler: Check return value of of_dma_configure() (git-fixes).
- ASoC: codecs: max98390: Check return value of devm_gpiod_get_optional() in max98390_i2c_probe() (stable-fixes).
- ASoC: codecs: wcd938x: fix OF node leaks on probe failure (git-fixes).
- ASoC: codecs: wsa881x: Drop unused version readout (stable-fixes).
- ASoC: codecs: wsa881x: fix unnecessary initialisation (git-fixes).
- ASoC: codecs: wsa883x: fix unnecessary initialisation (git-fixes).
- ASoC: codecs: wsa884x: fix codec initialisation (git-fixes).
- ASoC: cs35l45: Corrects ASP_TX5 DAPM widget channel (stable-fixes).
- ASoC: davinci-evm: Fix reference leak in davinci_evm_probe (stable-fixes).
- ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes).
- ASoC: fsl_sai: Add missing registers to cache default (stable-fixes).
- ASoC: fsl_xcvr: clear the channel status control memory (git-fixes).
- ASoC: nau8821: Avoid unnecessary blocking in IRQ handler (stable-fixes).
- ASoC: nau8821: Cancel delayed work on component remove (git-fixes).
- ASoC: nau8821: Cancel pending work before suspend (git-fixes).
- ASoC: nau8821: Consistently clear interrupts before unmasking (git-fixes).
- ASoC: nau8821: Fixup nau8821_enable_jack_detect() (git-fixes).
- ASoC: pxa: drop unused Kconfig symbol (git-fixes).
- ASoC: qcom: q6adm: the the copp device only during last instance (git-fixes).
- ASoC: qcom: q6apm-dai: set flags to reflect correct operation of appl_ptr (git-fixes).
- ASoC: qcom: q6asm-dai: perform correct state check before closing (git-fixes).
- ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: rockchip: i2s-tdm: Use param rate if not provided by set_sysclk (git-fixes).
- ASoC: stm32: sai: fix OF node leak on probe (git-fixes).
- ASoC: stm32: sai: fix clk prepare imbalance on probe failure (git-fixes).
- ASoC: stm32: sai: fix device leak on probe (git-fixes).
- ASoC: sun4i-spdif: Add missing kerneldoc fields for sun4i_spdif_quirks (git-fixes).
- ASoC: sunxi: sun50i-dmic: Add missing check for devm_regmap_init_mmio (stable-fixes).
- ASoC: tlv320adcx140: Propagate error codes during probe (stable-fixes).
- ASoC: tlv320adcx140: fix null pointer (git-fixes).
- ASoC: tlv320adcx140: fix word length (git-fixes).
- ASoC: wm8962: Add WM8962_ADC_MONOMIX to "3D Coefficients" mask (stable-fixes).
- ASoC: wm8962: Do not report a microphone if it's shorted to ground on plug (stable-fixes).
- Add dtb-spacemit SpacemiT boards include MilkV-Jupiter, Banana Pi F3 and Orange Pi RV2.
- Bluetooth: HCI: Fix tracking of advertisement set/instance 0x00 (git-fixes).
- Bluetooth: L2CAP: Fix invalid response to L2CAP_ECRED_RECONF_REQ (git-fixes).
- Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ (git-fixes).
- Bluetooth: L2CAP: Fix not checking output MTU is acceptable on L2CAP_ECRED_CONN_REQ (git-fixes).
- Bluetooth: L2CAP: Fix response to L2CAP_ECRED_CONN_REQ (git-fixes).
- Bluetooth: MGMT: Fix memory leak in set_ssp_complete (git-fixes).
- Bluetooth: SMP: Fix not generating mackey and ltk when repairing (git-fixes).
- Bluetooth: btrtl: Avoid loading the config file on security chips (stable-fixes).
- Bluetooth: btusb: Add USB ID 7392:e611 for Edimax EW-7611UXB (stable-fixes).
- Bluetooth: btusb: Add device ID for Realtek RTL8761BU (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV (stable-fixes).
- Bluetooth: btusb: Add new VID/PID for RTL8852CE (stable-fixes).
- Bluetooth: btusb: revert use of devm_kzalloc in btusb (git-fixes).
- Bluetooth: hci_conn: Set link_policy on incoming ACL connections (stable-fixes).
- Bluetooth: hci_conn: use mod_delayed_work for active mode timeout (stable-fixes).
- Bluetooth: hci_qca: Cleanup on all setup failures (git-fixes).
- Bluetooth: hci_sock: Prevent race in socket write iter and sock bind (git-fixes).
- Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (git-fixes).
- Documentation/kernel-parameters: fix typo in retbleed= kernel parameter description (git-fixes).
- Documentation: PCI: endpoint: Fix ntb/vntb copy & paste errors (git-fixes).
- Documentation: hid-alps: Fix packet format section headings (git-fixes).
- Documentation: mailbox: mbox_chan_ops.flush() is optional (git-fixes).
- Documentation: parport-lowlevel: Separate function listing code blocks (git-fixes).
- HID: Apply quirk HID_QUIRK_ALWAYS_POLL to Edifier QR30 (2d99:a101) (stable-fixes).
- HID: apple: Add "SONiX KN85 Keyboard" to the list of non-apple keyboards (stable-fixes).
- HID: apple: Add SONiX AK870 PRO to non_apple_keyboards quirk list (stable-fixes).
- HID: elecom: Add support for ELECOM HUGE Plus M-HT1MRBK (stable-fixes).
- HID: elecom: Add support for ELECOM M-XT3URBK (018F) (stable-fixes).
- HID: hid-input: Extend Elan ignore battery quirk to USB (stable-fixes).
- HID: hid-pl: handle probe errors (git-fixes).
- HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() (stable-fixes).
- HID: input: map HID_GD_Z to ABS_DISTANCE for stylus/pen (stable-fixes).
- HID: intel-ish-hid: Reset enum_devices_done before enumeration (stable-fixes).
- HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes).
- HID: logitech-dj: Remove duplicate error logging (git-fixes).
- HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() (stable-fixes).
- HID: logitech-hidpp: Do not assume FAP in hidpp_send_message_sync() (git-fixes).
- HID: magicmouse: Do not crash on missing msc->input (stable-fixes).
- HID: multitouch: add MT_QUIRK_STICKY_FINGERS to MT_CLS_VTL (stable-fixes).
- HID: multitouch: add eGalaxTouch EXC3188 support (stable-fixes).
- HID: playstation: Add missing check for input_ff_create_memless (git-fixes).
- HID: playstation: Center initial joystick axes to prevent spurious events (stable-fixes).
- HID: prodikeys: Check presence of pm->input_ep82 (stable-fixes).
- HID: quirks: Add another Chicony HP 5MP Cameras to hid_ignore_list (stable-fixes).
- HID: quirks: work around VID/PID conflict for appledisplay (git-fixes).
- HID: usbhid: paper over wrong bNumDescriptor field (stable-fixes).
- Input: atkbd - skip deactivate for HONOR FMB-P's internal keyboard (git-fixes).
- Input: cros_ec_keyb - fix an invalid memory access (stable-fixes).
- Input: goodix - add support for ACPI ID GDIX1003 (stable-fixes).
- Input: goodix - add support for ACPI ID GDX9110 (stable-fixes).
- Input: i8042 - add TUXEDO InfinityBook Max Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes).
- Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes).
- Input: stmfts - correct wording for the warning message (git-fixes).
- Input: stmfts - make comments correct (git-fixes).
- Input: ti_am335x_tsc - fix off-by-one error in wire_order validation (git-fixes).
- KEYS: trusted: Fix a memory leak in tpm2_load_cmd (git-fixes).
- KEYS: trusted_tpm1: Compare HMAC values in constant time (git-fixes).
- Move upstreamed SCSI patches into sorted section
- Move upstreamed ath12k patch into sorted section
- Move upstreamed mm and SCSI patches into sorted section
- NTB: ntb_transport: Fix too small buffer for debugfs_name (git-fixes).
- PCI/ACPI: Restrict program_hpx_type2() to AER bits (git-fixes).
- PCI/IOV: Fix race between SR-IOV enable/disable and hotplug (git-fixes).
- PCI/MSI: Unmap MSI-X region on error (stable-fixes).
- PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails (git-fixes).
- PCI/PM: Avoid redundant delays on D3hot->D3cold (git-fixes).
- PCI/PM: Reinstate clearing state_saved in legacy and !PM codepaths (git-fixes).
- PCI/portdrv: Fix potential resource leak (git-fixes).
- PCI: Add ACS quirk for Pericom PI7C9X2G404 switches [12d8:b404] (git-fixes).
- PCI: Add ACS quirk for Qualcomm Hamoa & Glymur (stable-fixes).
- PCI: Add PCIE_MSG_CODE_ASSERT_INTx message macros (stable-fixes).
- PCI: Add defines for bridge window indexing (stable-fixes).
- PCI: Correct PCI_CAP_EXP_ENDPOINT_SIZEOF_V2 value (git-fixes).
- PCI: Do not attempt to set ExtTag for VFs (git-fixes).
- PCI: Enable ACS after configuring IOMMU for OF platforms (stable-fixes).
- PCI: Fix pci_slot_lock () device locking (stable-fixes).
- PCI: Fix pci_slot_trylock() error handling (git-fixes).
- PCI: Initialize RCB from pci_configure_device() (git-fixes).
- PCI: Log bridge info when first enumerating bridge (stable-fixes).
- PCI: Log bridge windows conditionally (stable-fixes).
- PCI: Mark 3ware-9650SA Root Port Extended Tags as broken (git-fixes).
- PCI: Mark ASM1164 SATA controller to avoid bus reset (stable-fixes).
- PCI: Mark Nvidia GB10 to avoid bus reset (stable-fixes).
- PCI: Move pci_read_bridge_windows() below individual window accessors (stable-fixes).
- PCI: Supply bridge device, not secondary bus, to read window details (stable-fixes).
- PCI: dw-rockchip: Disable BAR 0 and BAR 1 for Root Port (stable-fixes).
- PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition (git-fixes).
- PCI: endpoint: Fix swapped parameters in pci_{primary/secondary}_epc_epf_unlink() functions (git-fixes).
- PCI: keystone: Exit ks_pcie_probe() for invalid mode (git-fixes).
- PCI: mediatek: Fix IRQ domain leak when MSI allocation fails (git-fixes).
- PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2 (git-fixes).
- PM: runtime: Do not clear needs_force_resume with enabled runtime PM (git-fixes).
- PM: sleep: wakeirq: Update outdated documentation comments (git-fixes).
- PM: sleep: wakeirq: harden dev_pm_clear_wake_irq() against races (git-fixes).
- PM: wakeup: Handle empty list in wakeup_sources_walk_start() (git-fixes).
- USB: Fix descriptor count when handling invalid MBIM extended descriptor (git-fixes).
- USB: OHCI/UHCI: Add soft dependencies on ehci_platform (stable-fixes).
- USB: lpc32xx_udc: Fix error handling in probe (git-fixes).
- USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC (git-fixes).
- USB: serial: ftdi_sio: add support for PICAXE AXE027 cable (stable-fixes).
- USB: serial: ftdi_sio: add support for u-blox EVK-M101 (stable-fixes).
- USB: serial: ftdi_sio: match on interface number for jtag (stable-fixes).
- USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC (git-fixes).
- USB: serial: option: add Foxconn T99W760 (stable-fixes).
- USB: serial: option: add Quectel RG255C (stable-fixes).
- USB: serial: option: add Telit Cinterion FE910C04 new compositions (stable-fixes).
- USB: serial: option: add Telit FN920C04 ECM compositions (stable-fixes).
- USB: serial: option: add Telit FN920C04 RNDIS compositions (stable-fixes).
- USB: serial: option: add Telit LE910 MBIM composition (stable-fixes).
- USB: serial: option: add UNISOC UIS7720 (stable-fixes).
- USB: serial: option: add support for Rolling RW101R-GL (stable-fixes).
- USB: serial: option: move Telit 0x10c7 composition in the right place (stable-fixes).
- USB: storage: Remove subclass and protocol overrides from Novatek quirk (git-fixes).
- Update config files: disable CONFIG_DEVPORT for arm64 (bsc#1256792)
- Workaround for hybrid git workflow in SLFO 1.0/1.1
- arm64: zynqmp: Fix usb node drive strength and slew rate (git-fixes)
- arm64: zynqmp: Revert usb node drive strength and slew rate for (git-fixes)
- ata: libata: Add cpr_log to ata_dev_print_features() early return (git-fixes).
- ata: libata: avoid long timeouts on hot-unplugged SATA DAS (stable-fixes).
- ata: pata_ftide010: Fix some DMA timings (git-fixes).
- atm/fore200e: Fix possible data race in fore200e_open() (git-fixes).
- atm: Fix dma_free_coherent() size (git-fixes).
- atm: fore200e: fix use-after-free in tasklets during device removal (git-fixes).
- atm: idt77252: Add missing `dma_map_error()` (stable-fixes).
- auxdisplay: arm-charlcd: fix release_mem_region() size (git-fixes).
- backlight: led-bl: Add devlink to supplier LEDs (git-fixes).
- backlight: lp855x: Fix lp855x.h kernel-doc warnings (git-fixes).
- backlight: qcom-wled: Change PM8950 WLED configurations (git-fixes).
- backlight: qcom-wled: Support ovp values for PMI8994 (git-fixes).
- bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691).
- bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).
- bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).
- bpf: Reject bpf_timer for PREEMPT_RT (git-fixes).
- broadcom: b44: prevent uninitialized value usage (git-fixes).
- bs-upload-kernel: Fix cve branch uploads
- btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes).
- btrfs: make sure extent and csum paths are always released in scrub_raid56_parity_stripe() (git-fixes).
- btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes).
- bus: fsl-mc: Replace snprintf and sprintf with sysfs_emit in sysfs show functions (stable-fixes).
- bus: fsl-mc: fix an error handling in fsl_mc_device_add() (git-fixes).
- bus: fsl-mc: fix use-after-free in driver_override_show() (git-fixes).
- can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit (git-fixes).
- can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: etas_es58x: allow partial RX URB allocation to succeed (git-fixes).
- can: gs_usb: gs_can_open(): fix error handling (git-fixes).
- can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (git-fixes).
- can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error (git-fixes).
- can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs (git-fixes).
- can: j1939: make j1939_session_activate() fail if device is no longer registered (stable-fixes).
- can: j1939: make j1939_sk_bind() fail if device is no longer registered (git-fixes).
- can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: kvaser_usb: leaf: Fix potential infinite loop in command parsers (git-fixes).
- can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: sja1000: fix max irq loop handling (git-fixes).
- can: sun4i_can: sun4i_can_interrupt(): fix max irq loop handling (git-fixes).
- can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak (git-fixes).
- char: applicom: fix NULL pointer dereference in ac_ioctl (stable-fixes).
- char: tpm: cr50: Remove IRQF_ONESHOT (stable-fixes).
- cifs: Fix copy offload to flush destination region (bsc#1252511).
- cifs: Fix flushing, invalidation and file size with copy_file_range() (bsc#1252511).
- cifs: Fix uncached read into ITER_KVEC iterator (bsc#1245449).
- cifs: add new field to track the last access time of cfid (git-fixes).
- cifs: add xid to query server interface call (git-fixes).
- cifs: after disabling multichannel, mark tcon for reconnect (git-fixes).
- cifs: avoid redundant calls to disable multichannel (git-fixes).
- cifs: cifs_pick_channel should try selecting active channels (git-fixes).
- cifs: deal with the channel loading lag while picking channels (git-fixes).
- cifs: dns resolution is needed only for primary channel (git-fixes).
- cifs: do not disable interface polling on failure (git-fixes).
- cifs: do not search for channel if server is terminating (git-fixes).
- cifs: fix a pending undercount of srv_count (git-fixes).
- cifs: fix lock ordering while disabling multichannel (git-fixes).
- cifs: fix stray unlock in cifs_chan_skip_or_disable (git-fixes).
- cifs: fix use after free for iface while disabling secondary channels (git-fixes).
- cifs: handle servers that still advertise multichannel after disabling (git-fixes).
- cifs: handle when server starts supporting multichannel (git-fixes).
- cifs: handle when server stops supporting multichannel (git-fixes).
- cifs: make cifs_chan_update_iface() a void function (git-fixes).
- cifs: make sure server interfaces are requested only for SMB3+ (git-fixes).
- cifs: make sure that channel scaling is done only once (git-fixes).
- cifs: reconnect worker should take reference on server struct unconditionally (git-fixes).
- cifs: reset connections for all channels when reconnect requested (git-fixes).
- cifs: reset iface weights when we cannot find a candidate (git-fixes).
- cifs: serialize other channels when query server interfaces is pending (git-fixes).
- cifs: update dstaddr whenever channel iface is updated (git-fixes).
- clk: clk-apple-nco: Add "apple,t8103-nco" compatible (git-fixes).
- clk: mediatek: Fix error handling in runtime PM setup (git-fixes).
- clk: meson: g12a: Limit the HDMI PLL OD to /4 (git-fixes).
- clk: meson: gxbb: Limit the HDMI PLL OD to /4 on GXL/GXM SoCs (git-fixes).
- clk: qcom: camcc-sm6350: Fix PLL config of PLL2 (git-fixes).
- clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to other (git-fixes).
- clk: qcom: dispcc-sdm845: Enable parents for pixel clocks (git-fixes).
- clk: qcom: gcc-msm8917: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes).
- clk: qcom: gcc-msm8953: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes).
- clk: qcom: gfx3d: add parent to parent request map (git-fixes).
- clk: qcom: rcg2: compute 2d using duty fraction directly (git-fixes).
- clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback (git-fixes).
- clk: renesas: r9a06g032: Fix memory leak in error path (git-fixes).
- clk: renesas: rzg2l: Fix intin variable size (git-fixes).
- clk: renesas: rzg2l: Select correct div round macro (git-fixes).
- clk: tegra: tegra124-emc: Fix potential memory leak in tegra124_clk_register_emc() (git-fixes).
- clk: tegra: tegra124-emc: fix device leak on set_rate() (git-fixes).
- clocksource: Print durations for sync check unconditionally (bsc#1241345).
- clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1241345).
- comedi: Fix getting range information for subdevices 16 to 255 (git-fixes).
- comedi: c6xdigio: Fix invalid PNP driver unregistration (git-fixes).
- comedi: check device's attached status in compat ioctls (git-fixes).
- comedi: dmm32at: serialize use of paged registers (git-fixes).
- comedi: fix divide-by-zero in comedi_buf_munge() (stable-fixes).
- comedi: multiq3: sanitize config options in multiq3_attach() (git-fixes).
- comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() (git-fixes).
- cpufreq: intel_pstate: Check IDA only before MSR_IA32_PERF_CTL writes (git-fixes).
- cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026).
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (git-fixes).
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (git-fixes).
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (git-fixes).
- crypto: cavium - fix dma_free_coherent() size (git-fixes).
- crypto: ccp - Add an S4 restore flow (git-fixes).
- crypto: ccree - Correctly handle return of sg_nents_for_len (git-fixes).
- crypto: hisilicon/qm - restore original qos values (git-fixes).
- crypto: hisilicon/sec2 - support skcipher/aead fallback for hardware queue unavailable (git-fixes).
- crypto: iaa - Fix incorrect return value in save_iaa_wq() (git-fixes).
- crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode (git-fixes).
- crypto: octeontx - Fix length check to avoid truncation in ucode_load_store (git-fixes).
- crypto: octeontx - fix dma_free_coherent() size (git-fixes).
- crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly (git-fixes).
- crypto: qat - fix duplicate restarting msg during AER error (git-fixes).
- crypto: qat - fix parameter order used in ICP_QAT_FW_COMN_FLAGS_BUILD (git-fixes).
- crypto: qat - fix warning on adf_pfvf_pf_proto.c (git-fixes).
- crypto: rockchip - drop redundant crypto_skcipher_ivsize() calls (git-fixes).
- crypto: seqiv - Do not use req->iv after crypto_aead_encrypt (git-fixes).
- crypto: virtio - Add spinlock protection with virtqueue notification (git-fixes).
- crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req (git-fixes).
- device property: Allow secondary lookup in fwnode_get_next_child_node() (git-fixes).
- dm-integrity: limit MAX_TAG_SIZE to 255 (git-fixes).
- dm-verity: fix unreliable memory allocation (git-fixes).
- dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386)
- dma: dma-axi-dmac: fix SW cyclic transfers (git-fixes).
- dmaengine: apple-admac: Add "apple,t8103-admac" compatible (git-fixes).
- dmaengine: at_hdmac: fix device leak on of_dma_xlate() (git-fixes).
- dmaengine: bcm-sba-raid: fix device leak on probe (git-fixes).
- dmaengine: dw: dmamux: fix OF node leak on route allocation failure (git-fixes).
- dmaengine: idxd: fix device leaks on compat bind and unbind (git-fixes).
- dmaengine: lpc18xx-dmamux: fix device leak on route allocation (git-fixes).
- dmaengine: mediatek: uart-apdma: Fix above 4G addressing TX/RX (git-fixes).
- dmaengine: omap-dma: fix dma_pool resource leak in error paths (git-fixes).
- dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() (git-fixes).
- dmaengine: sh: rz-dmac: Fix rz_dmac_terminate_all() (git-fixes).
- dmaengine: sun6i: Choose appropriate burst length under maxburst (stable-fixes).
- dmaengine: tegra-adma: Fix use-after-free (git-fixes).
- dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation (git-fixes).
- dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation (git-fixes).
- dmaengine: ti: k3-udma: fix device leak on udma lookup (git-fixes).
- dmaengine: xilinx: xdma: Fix regmap max_register (git-fixes).
- dmaengine: xilinx_dma: Fix uninitialized addr_width when "xlnx,addrwidth" property is missing (git-fixes).
- docs: ABI: sysfs-devices-soc: Fix swapped sample values (git-fixes).
- docs: fix WARNING document not included in any toctree (stable-fixes).
- docs: w1: fix w1-netlink invalid URL (git-fixes).
- dpll: Prevent duplicate registrations (git-fixes).
- dpll: fix device-id-get and pin-id-get to return errors properly (git-fixes).
- dpll: fix return value check for kmemdup (git-fixes).
- dpll: indent DPLL option type by a tab (git-fixes).
- dpll: spec: add missing module-name and clock-id to pin-get reply (git-fixes).
- drivers/usb/dwc3: fix PCI parent check (git-fixes).
- drivers: iio: mpu3050: use dev_err_probe for regulator request (git-fixes).
- drm/amd/display: Avoid updating surface with the same surface under MPO (stable-fixes).
- drm/amd/display: Bump the HDMI clock to 340MHz (stable-fixes).
- drm/amd/display: Check NULL before accessing (stable-fixes).
- drm/amd/display: Fix DP no audio issue (stable-fixes).
- drm/amd/display: Fix logical vs bitwise bug in get_embedded_panel_info_v2_1() (git-fixes).
- drm/amd/display: Increase DPCD read retries (stable-fixes).
- drm/amd/display: Move sleep into each retry for retrieve_link_cap() (stable-fixes).
- drm/amd/display: Use GFP_ATOMIC in dc_create_plane_state() (stable-fixes).
- drm/amd/display: Use same max plane scaling limits for all 64 bpp formats (git-fixes).
- drm/amd/display: fix wrong color value mapping on MCM shaper LUT (git-fixes).
- drm/amd/pm: Do not clear SI SMC table when setting power limit (git-fixes).
- drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2) (git-fixes).
- drm/amd/pm: fix race in power state check before mutex lock (git-fixes).
- drm/amd: Clean up kfd node on surprise disconnect (stable-fixes).
- drm/amd: Fix hang on amdgpu unload by using pci_dev_is_disconnected() (git-fixes).
- drm/amdgpu/gfx10: fix wptr reset in KGQ init (stable-fixes).
- drm/amdgpu/gfx11: fix wptr reset in KGQ init (stable-fixes).
- drm/amdgpu/soc21: fix xclk for APUs (stable-fixes).
- drm/amdgpu: Add HAINAN clock adjustment (stable-fixes).
- drm/amdgpu: Adjust usleep_range in fence wait (stable-fixes).
- drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc() (git-fixes).
- drm/amdgpu: Fix memory leak in amdgpu_ras_init() (git-fixes).
- drm/amdgpu: Forward VMID reservation errors (git-fixes).
- drm/amdgpu: Skip emit de meta data on gfx11 with rs64 enabled (stable-fixes).
- drm/amdgpu: add missing lock to amdgpu_ttm_access_memory_sdma (git-fixes).
- drm/amdgpu: add support for HDP IP version 6.1.1 (stable-fixes).
- drm/amdgpu: avoid a warning in timedout job handler (stable-fixes).
- drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (git-fixes).
- drm/amdgpu: fix cyan_skillfish2 gpu info fw handling (git-fixes).
- drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify (git-fixes).
- drm/amdgpu: update mappings not managed by KFD (bsc#1255428)
- drm/amdkfd: Fix GART PTE for non-4K pagesize in svm_migrate_gart_map() (stable-fixes).
- drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (stable-fixes).
- drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 (git-fixes).
- drm/amdkfd: fix a memory leak in device_queue_manager_init() (git-fixes).
- drm/amdkfd: fix debug watchpoints for logical devices (stable-fixes).
- drm/atmel-hlcdc: do not reject the commit if the src rect has fractional parts (stable-fixes).
- drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback (stable-fixes).
- drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release (stable-fixes).
- drm/bridge: samsung-dsim: Fix memory leak in error path (git-fixes).
- drm/bridge: ti-sn65dsi86: Enable HPD polling if IRQ is not used (git-fixes).
- drm/buddy: Prevent BUG_ON by validating rounded allocation (git-fixes).
- drm/display/dp_mst: Add protection against 0 vcpi (stable-fixes).
- drm/gma500: Remove unused helper psb_fbdev_fb_setcolreg() (git-fixes).
- drm/i915/acpi: free _DSM package when no connectors (git-fixes).
- drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer (git-fixes).
- drm/i915/wakeref: clean up INTEL_WAKEREF_PUT_* flag macros (stable-fixes).
- drm/imx/tve: fix probe device leak (git-fixes).
- drm/logicvc: Fix device node reference leak in logicvc_drm_config_parse() (git-fixes).
- drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue (git-fixes).
- drm/mediatek: Fix device node reference leak in mtk_dp_dt_parse() (git-fixes).
- drm/mgag200: Fix big-endian support (git-fixes).
- drm/mgag200: fix mgag200_bmc_stop_scanout() (git-fixes).
- drm/msm/a2xx: fix pixel shader start on A225 (git-fixes).
- drm/msm/a2xx: stop over-complaining about the legacy firmware (git-fixes).
- drm/msm/a6xx: Fix out of bound IO access in a6xx_get_gmu_registers (git-fixes).
- drm/msm/a6xx: Flush LRZ cache before PT switch (git-fixes).
- drm/msm/dpu: Add missing NULL pointer check for pingpong interface (git-fixes).
- drm/msm/dpu: Remove dead-code in dpu_encoder_helper_reset_mixers() (git-fixes).
- drm/msm/dpu: fix CMD panels on DPU 1.x - 3.x (git-fixes).
- drm/nouveau/disp/nv50-: Set lock_core in curs507a_prepare (git-fixes).
- drm/nouveau/dispnv50: Do not call drm_atomic_get_crtc_state() in prepare_fb (git-fixes).
- drm/nouveau: add missing DCB connector types (git-fixes).
- drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors (git-fixes).
- drm/nouveau: restrict the flush page to a 32-bit address (git-fixes).
- drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel (git-fixes).
- drm/panel: sony-td4353-jdi: Enable prepare_prev_first (git-fixes).
- drm/pl111: Fix error handling in pl111_amba_probe (git-fixes).
- drm/radeon: Add HAINAN clock adjustment (stable-fixes).
- drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[] (stable-fixes).
- drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes).
- drm/tegra: dsi: fix device leak on probe (git-fixes).
- drm/tegra: hdmi: sor: Fix error: variable ‘j’ set but not used (stable-fixes).
- drm/tilcdc: request and mapp iomem with devres (stable-fixes).
- drm/ttm: Avoid NULL pointer deref for evicted BOs (git-fixes).
- drm/v3d: Set DMA segment size to avoid debug warnings (stable-fixes).
- drm/vgem-fence: Fix potential deadlock on release (git-fixes).
- drm/vmwgfx: Fix an error return check in vmw_compat_shader_add() (git-fixes).
- drm/vmwgfx: Fix invalid kref_put callback in vmw_bo_dirty_release (git-fixes).
- drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (git-fixes).
- drm/vmwgfx: Use kref in vmw_bo_dirty (stable-fixes).
- drm: Account property blob allocations to memcg (stable-fixes).
- drm: nouveau: Replace sprintf() with sysfs_emit() (git-fixes).
- drm: sti: fix device leaks at component probe (git-fixes).
- efi/libstub: Describe missing 'out' parameter in efi_load_initrd (git-fixes).
- efi/libstub: Fix page table access in 5-level to 4-level paging transition (git-fixes).
- efi: Fix reservation of unaccepted memory table (git-fixes).
- efivarfs: fix error propagation in efivar_entry_get() (git-fixes).
- exfat: add a check for invalid data size (git-fixes).
- exfat: using hweight instead of internal logic (git-fixes).
- ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes).
- ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378).
- ext4: wait for ongoing I/O to complete before freeing blocks (bsc#1256366).
- fbcon: check return value of con2fb_acquire_newinfo() (git-fixes).
- fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe() (git-fixes).
- fbdev: ffb: fix corrupted video output on Sun FFB1 (stable-fixes).
- fbdev: gbefb: fix to use physical address instead of dma address (stable-fixes).
- fbdev: of: display_timing: fix refcount leak in of_get_display_timings() (git-fixes).
- fbdev: pxafb: Fix multiple clamped values in pxafb_adjust_timing (git-fixes).
- fbdev: rivafb: fix divide error in nv3_arb() (git-fixes).
- fbdev: smscufx: properly copy ioctl memory to kernelspace (stable-fixes).
- fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe() (git-fixes).
- fbdev: tcx.c fix mem_map to correct smem_start offset (git-fixes).
- fbdev: vt8500lcdfb: fix missing dma_free_coherent() (git-fixes).
- firewire: nosy: Fix dma_free_coherent() size (git-fixes).
- firmware: imx: scu-irq: Init workqueue before request mbox channel (stable-fixes).
- firmware: imx: scu-irq: fix OF node leak in (git-fixes).
- firmware: stratix10-svc: Add mutex in stratix10 memory management (git-fixes).
- firmware: stratix10-svc: fix bug in saving controller data (git-fixes).
- firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc (git-fixes).
- fix it87_wdt early reboot by reporting running timer (stable-fixes).
- fpga: dfl: use subsys_initcall to allow built-in drivers to be added (git-fixes).
- fpga: of-fpga-region: Fail if any bridge is missing (stable-fixes).
- fs: dlm: allow to F_SETLKW getting interrupted (bsc#1255025).
- genalloc.h: fix htmldocs warning (git-fixes).
- gpio: aspeed-sgpio: Change the macro to support deferred probe (stable-fixes).
- gpio: omap: do not register driver in probe() (git-fixes).
- gpio: pca953x: Add support for level-triggered interrupts (stable-fixes).
- gpio: pca953x: Utilise dev_err_probe() where it makes sense (stable-fixes).
- gpio: pca953x: Utilise temporary variable for struct device (stable-fixes).
- gpio: pca953x: fix wrong error probe return value (git-fixes).
- gpio: pca953x: handle short interrupt pulses on PCAL devices (git-fixes).
- gpio: pca953x: mask interrupts in irq shutdown (stable-fixes).
- gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes).
- gpio: rockchip: mark the GPIO controller as sleeping (git-fixes).
- gpio: sprd: Change sprd_gpio lock to raw_spin_lock (stable-fixes).
- gpu: host1x: Fix race in syncpt alloc/free (git-fixes).
- hwmon: (f71882fg) Add F81968 support (stable-fixes).
- hwmon: (ibmpex) fix use-after-free in high/low store (git-fixes).
- hwmon: (max16065) Use READ/WRITE_ONCE to avoid compiler optimization induced race (git-fixes).
- hwmon: (max16065) Use local variable to avoid TOCTOU (git-fixes).
- hwmon: (nct6775) Add ASUS Pro WS WRX90E-SAGE SE (stable-fixes).
- hwmon: (occ) Mark occ_init_attribute() as __printf (git-fixes).
- hwmon: (tmp401) fix overflow caused by default conversion rate value (git-fixes).
- hwmon: (w83791d) Convert macros to functions to avoid TOCTOU (git-fixes).
- hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU (git-fixes).
- hwmon: sy7636a: Fix regulator_enable resource leak on error path (git-fixes).
- i2c: amd-mp2: fix reference leak in MP2 PCI device (git-fixes).
- i2c: designware: Disable SMBus interrupts to prevent storms from mis-configured firmware (stable-fixes).
- i2c: i2c.h: fix a bad kernel-doc line (git-fixes).
- i3c: Move device name assignment after i3c_bus_init (git-fixes).
- i3c: dw: Initialize spinlock to avoid upsetting lockdep (git-fixes).
- i3c: fix refcount inconsistency in i3c_master_register (git-fixes).
- i3c: master: Inherit DMA masks and parameters from parent device (stable-fixes).
- i3c: master: svc: Initialize 'dev' to NULL in svc_i3c_master_ibi_isr() (stable-fixes).
- i3c: master: svc: Prevent incomplete IBI transaction (git-fixes).
- ice: use netif_get_num_default_rss_queues() (bsc#1247712).
- idr: fix idr_alloc() returning an ID out of range (git-fixes).
- iio: Use IRQF_NO_THREAD (stable-fixes).
- iio: accel: bmc150: Fix irq assumption regression (stable-fixes).
- iio: accel: fix ADXL355 startup race condition (git-fixes).
- iio: accel: iis328dq: fix gain values (git-fixes).
- iio: adc: ad7280a: fix ad7280_store_balance_timer() (git-fixes).
- iio: adc: ad7280a: handle spi_setup() errors in probe() (git-fixes).
- iio: adc: ad9467: fix ad9434 vref mask (git-fixes).
- iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver (git-fixes).
- iio: adc: ti_am335x_adc: Limit step_avg to valid range for gcc complains (stable-fixes).
- iio: core: Clean up device correctly on iio_device_alloc() failure (git-fixes).
- iio: core: add missing mutex_destroy in iio_dev_release() (git-fixes).
- iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl (git-fixes).
- iio: gyro: itg3200: Fix unchecked return value in read_raw (git-fixes).
- iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member (git-fixes).
- iio: imu: st_lsm6dsx: fix array size for st_lsm6dsx_settings fields (git-fixes).
- iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection (git-fixes).
- iio: magnetometer: Remove IRQF_ONESHOT (stable-fixes).
- iio: sca3000: Fix a resource leak in sca3000_probe() (git-fixes).
- iio: st_lsm6dsx: Fixed calibrated timestamp calculation (git-fixes).
- iio:common:ssp_sensors: Fix an error handling path ssp_probe() (git-fixes).
- ima: Handle error code returned by ima_filter_rule_match() (git-fixes).
- intel_th: Fix error handling in intel_th_output_open (git-fixes).
- intel_th: fix device leak on output open() (git-fixes).
- iomap: account for unaligned end offsets when truncating read range (git-fixes).
- ipmi: Fix __scan_channels() failing to rescan channels (stable-fixes).
- ipmi: Fix handling of messages with provided receive message pointer (git-fixes).
- ipmi: Fix the race between __scan_channels() and deliver_response() (stable-fixes).
- ipmi: Rework user message limit handling (git-fixes).
- ipmi: ipmb: initialise event handler read bytes (git-fixes).
- irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() (git-fixes).
- kABI workaround for HCI_LE_ADV_0 addition (git-fixes).
- kconfig/mconf: Initialize the default locale at startup (stable-fixes).
- kconfig/nconf: Initialize the default locale at startup (stable-fixes).
- kernel-binary: Require libdw in Factory Libdw is required for gendwarfksyms
- kernel-binary: Support building gendwarfksyms on SLE/Leap 15
- landlock: Optimize file path walks and prepare for audit support (bsc#1255698).
- leds: led-class: Only Add LED to leds_list when it is fully ready (git-fixes).
- leds: leds-lp50xx: Allow LED 0 to be added to module bank (git-fixes).
- leds: leds-lp50xx: Enable chip before any communication (git-fixes).
- leds: leds-lp50xx: LP5009 supports 3 modules for a total of 9 LEDs (git-fixes).
- leds: netxbig: Fix GPIO descriptor leak in error paths (git-fixes).
- leds: qcom-lpg: Check the return value of regmap_bulk_write() (git-fixes).
- lib/crypto: aes: Fix missing MMU protection for AES S-box (git-fixes).
- lib/vsprintf: Check pointer before dereferencing in time_and_date() (git-fixes).
- mISDN: annotate data-race around dev->work (git-fixes).
- mailbox: mailbox-test: Fix debugfs_create_dir error checking (git-fixes).
- media: TDA1997x: Remove redundant cancel_delayed_work in probe (git-fixes).
- media: adv7180: fix frame interval in progressive mode (stable-fixes).
- media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() (git-fixes).
- media: amphion: Add a frame flush mode for decoder (stable-fixes).
- media: amphion: Cancel message work before releasing the VPU core (git-fixes).
- media: amphion: Clear last_buffer_dequeued flag for DEC_CMD_START (stable-fixes).
- media: amphion: Make some vpu_v4l2 functions static (stable-fixes).
- media: amphion: Remove vpu_vb_is_codecconfig (git-fixes).
- media: atomisp: Prefix firmware paths with "intel/ipu/" (bsc#1252973).
- media: atomisp: Remove firmware_name module parameter (bsc#1252973).
- media: ccs: Accommodate C-PHY into the calculation (git-fixes).
- media: ccs: Avoid possible division by zero (git-fixes).
- media: cec: Fix debugfs leak on bus_register() failure (git-fixes).
- media: cx23885: Add missing unmap in snd_cx23885_hw_params() (git-fixes).
- media: cx25821: Add missing unmap in snd_cx25821_hw_params() (git-fixes).
- media: cx25821: Fix a resource leak in cx25821_dev_setup() (stable-fixes).
- media: cx88: Add missing unmap in snd_cx88_hw_params() (git-fixes).
- media: dvb-core: dmxdevfilter must always flush bufs (stable-fixes).
- media: dvb-core: fix wrong reinitialization of ringbuffer on reopen (git-fixes).
- media: dvb-net: fix OOB access in ULE extension header tables (git-fixes).
- media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() (git-fixes).
- media: i2c/tw9903: Fix potential memory leak in tw9903_probe() (git-fixes).
- media: i2c/tw9906: Fix potential memory leak in tw9906_probe() (git-fixes).
- media: i2c: ADV7604: Remove redundant cancel_delayed_work in probe (git-fixes).
- media: i2c: adv7842: Remove redundant cancel_delayed_work in probe (git-fixes).
- media: i2c: ov5647: Correct minimum VBLANK value (git-fixes).
- media: i2c: ov5647: Correct pixel array offset (git-fixes).
- media: i2c: ov5647: Fix PIXEL_RATE value for VGA mode (git-fixes).
- media: i2c: ov5647: Initialize subdev before controls (git-fixes).
- media: i2c: ov5647: Sensor should report RAW color space (git-fixes).
- media: i2c: ov5647: use our own mutex for the ctrl lock (git-fixes).
- media: msp3400: Avoid possible out-of-bounds array accesses in msp3400c_thread() (git-fixes).
- media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() (git-fixes).
- media: mtk-mdp: Fix error handling in probe function (git-fixes).
- media: omap3isp: isp_video_mbus_to_pix/pix_to_mbus fixes (stable-fixes).
- media: omap3isp: isppreview: always clamp in preview_try_format() (stable-fixes).
- media: omap3isp: set initial format (stable-fixes).
- media: pvrusb2: Fix incorrect variable used in trace message (git-fixes).
- media: pvrusb2: fix URB leak in pvr2_send_request_ex (stable-fixes).
- media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes).
- media: radio-keene: fix memory leak in error path (git-fixes).
- media: rc: st_rc: Fix reset control resource leak (git-fixes).
- media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled (git-fixes).
- media: rkisp1: Fix filter mode register configuration (stable-fixes).
- media: samsung: exynos4-is: fix potential ABBA deadlock on init (git-fixes).
- media: solo6x10: Check for out of bounds chip_id (stable-fixes).
- media: uvcvideo: Fix allocation for small frame sizes (git-fixes).
- media: v4l2-mem2mem: Fix outdated documentation (git-fixes).
- media: venus: vdec: fix error state assignment for zero bytesused (git-fixes).
- media: verisilicon: Fix CPU stalls on G2 bus error (git-fixes).
- media: verisilicon: Protect G2 HEVC decoder against invalid DPB index (git-fixes).
- media: verisilicon: Store chroma and motion vectors offset (stable-fixes).
- media: verisilicon: g2: Use common helpers to compute chroma and mv offsets (stable-fixes).
- media: videobuf2: Fix device reference leak in vb2_dc_alloc error path (git-fixes).
- media: vidtv: initialize local pointers upon transfer of memory ownership (git-fixes).
- media: vpif_capture: fix section mismatch (git-fixes).
- media: vpif_display: fix section mismatch (git-fixes).
- mei: me: add nova lake point S DID (stable-fixes).
- mei: me: add wildcat lake P DID (stable-fixes).
- mfd: altera-sysmgr: Fix device leak on sysmgr regmap lookup (git-fixes).
- mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure (git-fixes).
- mfd: core: Add locking around 'mfd_of_node_list' (git-fixes).
- mfd: da9055: Fix missing regmap_del_irq_chip() in error path (git-fixes).
- mfd: max77620: Fix potential IRQ chip conflict when probing two devices (git-fixes).
- mfd: mt6358-irq: Fix missing irq_domain_remove() in error path (git-fixes).
- mfd: mt6397-irq: Fix missing irq_domain_remove() in error path (git-fixes).
- mfd: tps6105x: Fix kernel-doc warnings relating to the core struct and tps6105x_mode (git-fixes).
- mfd: wm8350-core: Use IRQF_ONESHOT (git-fixes).
- misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read() (stable-fixes).
- misc: eeprom: Fix EWEN/EWDS/ERAL commands for 93xx56 and 93xx66 (stable-fixes).
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1254447 bsc#1253087).
- mmc: mmci: Fix device_node reference leak in of_get_dml_pipe_index() (git-fixes).
- mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function (git-fixes).
- mmc: rtsx_pci_sdmmc: increase power-on settling delay to 5ms (git-fixes).
- mmc: sdhci-esdhc-imx: add alternate ARCH_S32 dependency to Kconfig (git-fixes).
- mmc: sdhci-msm: Avoid early clock doubling during HS400 transition (stable-fixes).
- mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode (git-fixes).
- most: usb: fix double free on late probe failure (git-fixes).
- mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() (git-fixes).
- mtd: lpddr_cmds: fix signed shifts in lpddr_cmds (git-fixes).
- mtd: maps: pcmciamtd: fix potential memory leak in pcmciamtd_detach() (git-fixes).
- mtd: nand: relax ECC parameter validation check (git-fixes).
- mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse() (git-fixes).
- mtd: parsers: ofpart: fix OF node refcount leak in parse_fixed_partitions() (git-fixes).
- mtd: rawnand: cadence: Fix return type of CDMA send-and-wait helper (git-fixes).
- mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe error and remove (git-fixes).
- mtd: rawnand: pl353: Fix software ECC support (git-fixes).
- mtd: rawnand: renesas: Handle devm_pm_runtime_enable() errors (git-fixes).
- mtd: spinand: Fix kernel doc (git-fixes).
- myri10ge: avoid uninitialized variable use (stable-fixes).
- net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts (git-fixes).
- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
- net: mdio: aspeed: add dummy read to avoid read-after-write issue (git-fixes).
- net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write (git-fixes).
- net: nfc: nci: Fix parameter validation for packet data (git-fixes).
- net: phy: adin1100: Fix software power-down ready condition (git-fixes).
- net: phy: mxl-gpy: fix bogus error on USXGMII and integrated PHY (git-fixes).
- net: phy: mxl-gpy: fix link properties on USXGMII and internal PHYs (git-fixes).
- net: rose: fix invalid array index in rose_kill_by_device() (git-fixes).
- net: tcp: allow zero-window ACK update the window (bsc#1254767).
- net: usb: catc: enable basic endpoint checking (git-fixes).
- net: usb: dm9601: remove broken SR9700 support (git-fixes).
- net: usb: kalmia: validate USB endpoints (git-fixes).
- net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode (git-fixes).
- net: usb: kaweth: validate USB endpoints (git-fixes).
- net: usb: lan78xx: scan all MDIO addresses on LAN7801 (git-fixes).
- net: usb: pegasus: enable basic endpoint checking (git-fixes).
- net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes).
- net: usb: r8152: fix transmit queue timeout (stable-fixes).
- net: usb: rtl8150: fix memory leak on usb_submit_urb() failure (git-fixes).
- net: usb: sr9700: fix incorrect command used to write single register (git-fixes).
- net: usb: sr9700: remove code to drive nonexistent multicast filter (stable-fixes).
- net: usb: sr9700: support devices with virtual driver CD (stable-fixes).
- net: wan/fsl_ucc_hdlc: Fix dma_free_coherent() in uhdlc_memclean() (git-fixes).
- net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets (git-fixes).
- net: wwan: iosm: Fix memory leak in ipc_mux_deinit() (git-fixes).
- net: wwan: t7xx: fix potential skb->frags overflow in RX path (git-fixes).
- nfc: hci: shdlc: Stop timers and work before freeing context (git-fixes).
- nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame() (git-fixes).
- nfc: nci: Fix race between rfkill and nci_unregister_device() (git-fixes).
- nfc: nxp-nci: remove interrupt trigger type (stable-fixes).
- nfc: pn533: Fix error code in pn533_acr122_poweron_rdr() (git-fixes).
- nfc: pn533: properly drop the usb interface reference on disconnect (git-fixes).
- ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access (stable-fixes).
- ntb: ntb_hw_switchtec: Fix shift-out-of-bounds for 0 mw lut (stable-fixes).
- nvme: Use non zero KATO for persistent discovery connections (git-fixes).
- of: fix reference count leak in of_alias_scan() (git-fixes).
- of: platform: Use default match table for /firmware (git-fixes).
- orangefs: fix xattr related buffer overflow.. (git-fixes).
- phy: broadcom: bcm63xx-usbh: fix section mismatches (git-fixes).
- phy: freescale: imx8m-pcie: assert phy reset during power on (stable-fixes).
- phy: fsl-imx8mq-usb: disable bind/unbind platform driver feature (stable-fixes).
- phy: mvebu-cp110-utmi: fix dr_mode property read from dts (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Fix an error handling path in rcar_gen3_phy_usb2_probe() (git-fixes).
- phy: rockchip: inno-usb2: fix communication disruption in gadget mode (git-fixes).
- phy: rockchip: inno-usb2: fix disconnection in gadget mode (git-fixes).
- phy: stm32-usphyc: Fix off by one in probe() (git-fixes).
- phy: tegra: xusb: Explicitly configure HS_DISCON_LEVEL to 0x7 (git-fixes).
- pinctrl: equilibrium: Fix device node reference leak in pinbank_init() (git-fixes).
- pinctrl: meson: mark the GPIO controller as sleeping (git-fixes).
- pinctrl: qcom: lpass-lpi: mark the GPIO controller as sleeping (git-fixes).
- pinctrl: qcom: msm: Fix deadlock in pinmux configuration (stable-fixes).
- pinctrl: qcom: sm8250-lpass-lpi: Fix i2s2_data_groups definition (git-fixes).
- pinctrl: single: Fix PIN_CONFIG_BIAS_DISABLE handling (stable-fixes).
- pinctrl: single: Fix incorrect type for error return variable (git-fixes).
- pinctrl: single: fix refcount leak in pcs_add_gpio_func() (git-fixes).
- pinctrl: stm32: fix hwspinlock resource leak in probe function (git-fixes).
- platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver (git-fixes).
- platform/chrome: cros_ec_lightbar: Fix response size initialization (git-fixes).
- platform/chrome: cros_typec_switch: Do not touch struct fwnode_handle::dev (git-fixes).
- platform/mellanox: mlxbf-pmc: Remove trailing whitespaces from event names (git-fixes).
- platform/x86/amd/pmc: Add quirk for MECHREVO Wujie 15X Pro (stable-fixes).
- platform/x86/amd/pmc: Add spurious_8042 to Xbox Ally (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Legion Go 2 to pmc quirk list (stable-fixes).
- platform/x86/intel/hid: Add Dell Pro Rugged 10/12 tablet to VGBS DMI quirks (stable-fixes).
- platform/x86: acer-wmi: Ignore backlight event (stable-fixes).
- platform/x86: asus-wmi: use brightness_set_blocking() for kbd led (git-fixes).
- platform/x86: classmate-laptop: Add missing NULL pointer checks (stable-fixes).
- platform/x86: huawei-wmi: add keys for HONOR models (stable-fixes).
- platform/x86: ibm_rtl: fix EBDA signature search pointer arithmetic (git-fixes).
- platform/x86: intel: chtwc_int33fe: do not dereference swnode args (git-fixes).
- platform/x86: intel: punit_ipc: fix memory corruption (git-fixes).
- platform/x86: intel_telemetry: Fix PSS event register mask (git-fixes).
- platform/x86: intel_telemetry: Fix swapped arrays in PSS output (git-fixes).
- platform/x86: msi-laptop: add missing sysfs_remove_group() (git-fixes).
- platform/x86: panasonic-laptop: Fix sysfs group leak in error path (stable-fixes).
- platform/x86: toshiba_haps: Fix memory leaks in add/remove routines (git-fixes).
- power: reset: nvmem-reboot-mode: respect cell size for nvmem_cell_write (git-fixes).
- power: supply: ab8500: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: act8945a: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: apm_power: only unset own apm_get_power_status (git-fixes).
- power: supply: bq256xx: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: bq25980: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: bq27xxx: fix wrong errno when bus ops are unsupported (git-fixes).
- power: supply: cpcap-battery: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: cw2015: Check devm_delayed_work_autocancel() return code (git-fixes).
- power: supply: goldfish: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: qcom_battmgr: Recognize "LiP" as lithium-polymer (git-fixes).
- power: supply: rt9455: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: rt9467: Prevent using uninitialized local variable in rt9467_set_value_from_ranges() (git-fixes).
- power: supply: rt9467: Return error on failure in rt9467_set_value_from_ranges() (git-fixes).
- power: supply: sbs-battery: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: wm831x: Check wm831x_set_bits() return value (git-fixes).
- power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed() (git-fixes).
- powercap: fix race condition in register_control_type() (stable-fixes).
- powercap: fix sscanf() error return value handling (stable-fixes).
- powercap: intel_rapl_tpmi: Remove FW_BUG from invalid version check (git-fixes).
- powerpc/64s/slb: Fix SLB multihit issue during SLB preload (bac#1236022 ltc#211187).
- powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).
- powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling (bsc#1253262 ltc#216029).
- powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285 bsc#1205462 bsc#1253739 bsc#1254244).
- pwm: bcm2835: Make sure the channel is enabled after pwm_request() (git-fixes).
- rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net() (git-fixes).
- regmap: Fix race condition in hwspinlock irqsave routine (git-fixes).
- regmap: maple: free entry on mas_store_gfp() failure (stable-fixes).
- regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex (git-fixes).
- regulator: core: disable supply if enabling main regulator fails (git-fixes).
- regulator: core: fix locking in regulator_resolve_supply() error path (git-fixes).
- regulator: core: move supply check earlier in set_machine_constraints() (git-fixes).
- remove a bpf CVE change which is already part of the base kernel
- remove an Intel CPU model change which is already part of the base kernel
- reset: fix BIT macro reference (stable-fixes).
- rpm/mkspec-dtb: add riscv64 dtb-thead subpackage
- rpmsg: core: fix race in driver_override_show() and use core helper (git-fixes).
- rpmsg: glink: fix rpmsg device leak (git-fixes).
- rtc: gamecube: Check the return value of ioremap() (git-fixes).
- rtc: interface: Alarm race handling should not discard preceding error (git-fixes).
- rtc: zynqmp: correct frequency value (stable-fixes).
- sched: Increase sched_tick_remote timeout (bsc#1254510).
- scripts/python/git_sort/git_sort.yaml: add cifs for-next repository
- scripts: obsapi: Support URL trailing / in oscrc
- scripts: teaapi: Add paging
- scripts: uploader: Fix no change condition for _maintainership.json
- scripts: uploader: Handle missing upstream in is_pr_open
- scrits: teaapi: Add list_repos
- scsi: lpfc: Add capability to register Platform Name ID to fabric (bsc#1254119).
- scsi: lpfc: Allow support for BB credit recovery in point-to-point topology (bsc#1254119).
- scsi: lpfc: Ensure unregistration of rpis for received PLOGIs (bsc#1254119).
- scsi: lpfc: Fix leaked ndlp krefs when in point-to-point topology (bsc#1254119).
- scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (bsc#1254119).
- scsi: lpfc: Modify kref handling for Fabric Controller ndlps (bsc#1254119).
- scsi: lpfc: Remove redundant NULL ptr assignment in lpfc_els_free_iocb() (bsc#1254119).
- scsi: lpfc: Revise discovery related function headers and comments (bsc#1254119).
- scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256861).
- scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119).
- scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256861).
- scsi: lpfc: Update various NPIV diagnostic log messaging (bsc#1254119).
- scsi: qla2xxx: Add Speed in SFP print information (bsc#1256863).
- scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256863).
- scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256863).
- scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256863).
- scsi: qla2xxx: Allow recovery for tape devices (bsc#1256863).
- scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256863).
- scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256863).
- scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256863).
- scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256863).
- scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256863).
- scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256863).
- scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256863).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- selftests/bpf: Skip timer cases when bpf_timer is not supported (git-fixes).
- serial: 8250: 8250_omap.c: Clear DMA RX running status only after DMA termination is done (stable-fixes).
- serial: 8250_dw: handle clock enable errors in runtime_resume (stable-fixes).
- serial: 8250_pci: Fix broken RS485 for F81504/508/512 (git-fixes).
- serial: SH_SCI: improve "DMA support" prompt (git-fixes).
- serial: add support of CPCI cards (stable-fixes).
- serial: amba-pl011: prefer dma_mapping_error() over explicit address checking (git-fixes).
- serial: imx: change SERIAL_IMX_CONSOLE to bool (git-fixes).
- serial: sprd: Return -EPROBE_DEFER when uart clock is not ready (stable-fixes).
- shrink_slab_memcg: clear_bits of skipped shrinkers (bsc#1256564).
- slimbus: core: fix OF node leak on registration failure (git-fixes).
- slimbus: core: fix device reference leak on report present (git-fixes).
- slimbus: core: fix of_slim_get_device() kernel doc (git-fixes).
- slimbus: core: fix runtime PM imbalance on report present (git-fixes).
- slimbus: ngd: Fix reference count leak in qcom_slim_ngd_notify_slaves (git-fixes).
- smb3: add missing null server pointer check (git-fixes).
- smb: change return type of cached_dir_lease_break() to bool (git-fixes).
- smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid (git-fixes).
- smb: client: fix cifs_pick_channel when channel needs reconnect (git-fixes).
- smb: client: fix warning when reconnecting channel (git-fixes).
- smb: client: introduce close_cached_dir_locked() (git-fixes).
- smb: client: remove unused fid_lock (git-fixes).
- smb: client: short-circuit in open_cached_dir_by_dentry() if !dentry (git-fixes).
- smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748,bsc#1257154).
- smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes).
- smb: improve directory cache reuse for readdir operations (bsc#1252712).
- smc91x: fix broken irq-context in PREEMPT_RT (git-fixes).
- soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes).
- soc: amlogic: canvas: fix device leak on lookup (git-fixes).
- soc: mediatek: svs: Fix memory leak in svs_enable_debug_write() (git-fixes).
- soc: qcom: cmd-db: Use devm_memremap() to fix memory leak in cmd_db_dev_probe (git-fixes).
- soc: qcom: ocmem: fix device leak on lookup (git-fixes).
- soc: qcom: smem: fix hwspinlock resource leak in probe error paths (git-fixes).
- soc: qcom: smem: handle ENOMEM error during probe (git-fixes).
- soc: ti: k3-socinfo: Fix regmap leak on probe failure (git-fixes).
- soc: ti: pruss: Fix double free in pruss_clk_mux_setup() (git-fixes).
- soundwire: dmi-quirks: add mapping for Avell B.ON (OEM rebranded of NUC15) (stable-fixes).
- spi-geni-qcom: initialize mode related registers to 0 (stable-fixes).
- spi-geni-qcom: use xfer->bits_per_word for can_dma() (stable-fixes).
- spi: amlogic-spifc-a1: Handle devm_pm_runtime_enable() errors (git-fixes).
- spi: bcm63xx: drop wrong casts in probe() (git-fixes).
- spi: bcm63xx: fix premature CS deassertion on RX-only transactions (git-fixes).
- spi: fsl-cpm: Check length parity before switching to 16 bit mode (git-fixes).
- spi: imx: keep dma request disabled before dma transfer setup (stable-fixes).
- spi: spi-mem: Limit octal DTR constraints to octal DTR situations (stable-fixes).
- spi: spi-mem: Protect dirmap_create() with spi_mem_access_start/end (stable-fixes).
- spi: spi-sprd-adi: Fix double free in probe error path (git-fixes).
- spi: sprd-adi: switch to use spi_alloc_host() (stable-fixes).
- spi: sprd: adi: Use devm_register_restart_handler() (stable-fixes).
- spi: stm32: fix Overrun issue at < 8bpw (stable-fixes).
- spi: tegra114: Preserve SPI mode bits in def_command1_reg (git-fixes).
- spi: tegra210-qspi: Remove cache operations (git-fixes)
- spi: tegra210-quad: Add support for internal DMA (git-fixes)
- spi: tegra210-quad: Check hardware status on timeout (bsc#1253155)
- spi: tegra210-quad: Fix timeout handling (bsc#1253155)
- spi: tegra210-quad: Fix timeout handling (git-fixes).
- spi: tegra210-quad: Move curr_xfer read inside spinlock (bsc#1257952)
- spi: tegra210-quad: Move curr_xfer read inside spinlock (git-fixes).
- spi: tegra210-quad: Protect curr_xfer assignment in (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer assignment in tegra_qspi_setup_transfer_one (git-fixes).
- spi: tegra210-quad: Protect curr_xfer check in IRQ handler (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer check in IRQ handler (git-fixes).
- spi: tegra210-quad: Protect curr_xfer clearing in (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer clearing in tegra_qspi_non_combined_seq_xfer (git-fixes).
- spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (git-fixes).
- spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155)
- spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed (bsc#1257952)
- spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed transfer (git-fixes).
- spi: tegra210-quad: Update dummy sequence configuration (git-fixes)
- spi: tegra: Fix a memory leak in tegra_slink_probe() (git-fixes).
- spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() (git-fixes).
- spi: wpcm-fiu: Fix uninitialized res (git-fixes).
- spi: wpcm-fiu: Simplify with dev_err_probe() (stable-fixes).
- spi: wpcm-fiu: Use devm_platform_ioremap_resource_byname() (stable-fixes).
- spi: xilinx: increase number of retries before declaring stall (stable-fixes).
- staging: fbtft: core: fix potential memory leak in fbtft_probe_common() (git-fixes).
- staging: rtl8723bs: fix memory leak on failure path (stable-fixes).
- staging: rtl8723bs: fix null dereference in find_network (git-fixes).
- staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing (stable-fixes).
- staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser (stable-fixes).
- supported.conf: Mark lan 743x supported (jsc#PED-14571)
- thermal: int340x: Fix sysfs group leak on DLVR registration failure (stable-fixes).
- thunderbolt: Add support for Intel Wildcat Lake (stable-fixes).
- tools/power cpupower: Reset errno before strtoull() (stable-fixes).
- tools/power/x86/intel-speed-select: Fix file descriptor leak in isolate_cpus() (git-fixes).
- tpm: st33zp24: Fix missing cleanup on get_burstcount() error (git-fixes).
- tpm: tpm_i2c_infineon: Fix locality leak on get_burstcount() failure (git-fixes).
- tracing: Fix access to trace_event_file (bsc#1254373).
- uacce: ensure safe queue release with state management (git-fixes).
- uacce: fix cdev handling in the cleanup path (git-fixes).
- uacce: fix isolate sysfs check condition (git-fixes).
- uacce: implement mremap in uacce_vm_ops to return -EPERM (git-fixes).
- uio: uio_fsl_elbc_gpcm:: Add null pointer check to uio_fsl_elbc_gpcm_probe (git-fixes).
- usb: bdc: fix sleep during atomic (git-fixes).
- usb: cdns3: Fix double resource release in cdns3_pci_probe (git-fixes).
- usb: chaoskey: fix locking for O_NONBLOCK (git-fixes).
- usb: chipidea: udc: limit usb request length to max 16KB (stable-fixes).
- usb: core: add USB_QUIRK_NO_BOS for devices that hang on BOS descriptor (stable-fixes).
- usb: dwc2: disable platform lowlevel hw resources during shutdown (stable-fixes).
- usb: dwc2: fix hang during shutdown if set as peripheral (git-fixes).
- usb: dwc2: fix hang during suspend if set as peripheral (git-fixes).
- usb: dwc2: fix resume failure if dr_mode is host (git-fixes).
- usb: dwc3: Abort suspend on soft disconnect failure (git-fixes).
- usb: dwc3: Check for USB4 IP_NAME (stable-fixes).
- usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths (git-fixes).
- usb: dwc3: keep susphy enabled during exit to avoid controller faults (git-fixes).
- usb: dwc3: of-simple: fix clock resource leak in dwc3_of_simple_probe (git-fixes).
- usb: dwc3: pci: Sort out the Intel device IDs (stable-fixes).
- usb: dwc3: pci: add support for the Intel Nova Lake -S (stable-fixes).
- usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes).
- usb: gadget: f_eem: Fix memory leak in eem_unwrap (git-fixes).
- usb: gadget: lpc32xx_udc: fix clock imbalance in error path (git-fixes).
- usb: gadget: renesas_usbf: Handle devm_pm_runtime_enable() errors (git-fixes).
- usb: gadget: tegra-xudc: Add handling for BLCG_COREPLL_PWRDN (git-fixes).
- usb: gadget: tegra-xudc: Always reinitialize data toggle when clear halt (git-fixes).
- usb: ohci-nxp: Use helper function devm_clk_get_enabled() (stable-fixes).
- usb: ohci-nxp: fix device leak on probe failure (git-fixes).
- usb: phy: Initialize struct usb_phy list_head (git-fixes).
- usb: phy: isp1301: fix non-OF device reference imbalance (git-fixes).
- usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE (git-fixes).
- usb: raw-gadget: do not limit transfer length (git-fixes).
- usb: renesas_usbhs: Fix a resource leak in usbhs_pipe_malloc() (git-fixes).
- usb: storage: Fix memory leak in USB bulk transport (git-fixes).
- usb: storage: sddr55: Reject out-of-bound new_pba (stable-fixes).
- usb: typec: tipd: Clear interrupts first (git-fixes).
- usb: typec: ucsi: Handle incorrect num_connectors capability (stable-fixes).
- usb: typec: ucsi: psy: Set max current to zero when disconnected (git-fixes).
- usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer (git-fixes).
- usb: udc: Add trace event for usb_gadget_set_state (stable-fixes).
- usb: usb-storage: Maintain minimal modifications to the bcdDevice range (git-fixes).
- usb: usb-storage: No additional quirks need to be added to the EL-R12 optical drive (stable-fixes).
- usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes).
- usb: xhci: limit run_graceperiod for only usb 3.0 devices (stable-fixes).
- usbip: Fix locking bug in RT-enabled kernels (stable-fixes).
- usbnet: limit max_mtu based on device's hard_mtu (git-fixes).
- via_wdt: fix critical boot hang due to unnamed resource allocation (stable-fixes).
- virtio_console: fix order of fields cols and rows (stable-fixes).
- w1: fix redundant counter decrement in w1_attach_slave_device() (git-fixes).
- w1: therm: Fix off-by-one buffer overflow in alarms_store (git-fixes).
- watchdog: imx7ulp_wdt: handle the nowayout option (stable-fixes).
- watchdog: wdat_wdt: Fix ACPI table leak in probe function (git-fixes).
- wifi: ath10k: fix dma_free_coherent() pointer (git-fixes).
- wifi: ath10k: fix lock protection in ath10k_wmi_event_peer_sta_ps_state_chg() (stable-fixes).
- wifi: ath10k: sdio: add missing lock protection in ath10k_sdio_fw_crashed_dump() (git-fixes).
- wifi: ath11k: add pm quirk for Thinkpad Z13/Z16 Gen1 (stable-fixes).
- wifi: ath11k: fix peer HE MCS assignment (git-fixes).
- wifi: ath11k: restore register window after global reset (git-fixes).
- wifi: ath12k: fix dma_free_coherent() pointer (git-fixes).
- wifi: ath12k: fix preferred hardware mode calculation (stable-fixes).
- wifi: ath9k: debug.h: fix kernel-doc bad lines and struct ath_tx_stats (git-fixes).
- wifi: ath9k: fix kernel-doc warnings in common-debug.h (git-fixes).
- wifi: avoid kernel-infoleak from struct iw_point (git-fixes).
- wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet (stable-fixes).
- wifi: cfg80211: Fix bitrate calculation overflow for HE rates (stable-fixes).
- wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes).
- wifi: cfg80211: cancel rfkill_block work in wiphy_unregister() (git-fixes).
- wifi: cfg80211: sme: store capped length in __cfg80211_connect_result() (git-fixes).
- wifi: cfg80211: stop NAN and P2P in cfg80211_leave (git-fixes).
- wifi: cfg80211: wext: fix IGTK key ID off-by-one (git-fixes).
- wifi: cw1200: Fix potential memory leak in cw1200_bh_rx_helper() (git-fixes).
- wifi: ieee80211: correct FILS status codes (git-fixes).
- wifi: iwlegacy: add missing mutex protection in il3945_store_measurement() (stable-fixes).
- wifi: iwlegacy: add missing mutex protection in il4965_store_tx_power() (stable-fixes).
- wifi: iwlwifi: mvm: check the validity of noa_len (stable-fixes).
- wifi: libertas: fix WARNING in usb_tx_block (stable-fixes).
- wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration (git-fixes).
- wifi: mac80211: collect station statistics earlier when disconnect (stable-fixes).
- wifi: mac80211: correctly check if CSA is active (stable-fixes).
- wifi: mac80211: correctly decode TTLM with default link map (git-fixes).
- wifi: mac80211: do not increment crypto_tx_tailroom_needed_cnt twice (stable-fixes).
- wifi: mac80211: do not use old MBSSID elements (git-fixes).
- wifi: mac80211: fix CMAC functions not handling errors (git-fixes).
- wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() (git-fixes).
- wifi: mac80211: ocb: skip rx_no_sta when interface is not joined (stable-fixes).
- wifi: mac80211: restore non-chanctx injection behaviour (git-fixes).
- wifi: mt76: Fix DTS power-limits on little endian systems (git-fixes).
- wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes).
- wifi: nl80211: vendor-cmd: intel: fix a blank kernel-doc line warning (git-fixes).
- wifi: radiotap: reject radiotap with unknown bits (git-fixes).
- wifi: rsi: Fix memory corruption due to not set vif driver data size (git-fixes).
- wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() (git-fixes).
- wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() (git-fixes).
- wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add (git-fixes).
- wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc() (git-fixes).
- wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode() (stable-fixes).
- wifi: rtw88: Add USB ID 2001:3329 for D-Link AC13U rev. A1 (stable-fixes).
- wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() (git-fixes).
- wifi: rtw88: fix DTIM period handling when conf->dtim_period is zero (stable-fixes).
- wifi: rtw88: limit indirect IO under powered off for RTL8822CS (git-fixes).
- wifi: rtw88: rtw8821cu: Add ID for Mercusys MU6H (stable-fixes).
- wifi: rtw89: pci: restore LDO setting after device resume (stable-fixes).
- wifi: rtw89: wow: add reason codes for disassociation in WoWLAN mode (stable-fixes).
- wifi: wlcore: ensure skb headroom before skb_push (stable-fixes).
- workqueue: mark power efficient workqueue as unbounded if (bsc#1257891)
- x86/hyperv: Fix APIC ID and VP index confusion in hv_snp_boot_ap() (git-fixes).
- x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).
- x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528).
- x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528).
- x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528).
- x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528).
- x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (bsc#1256528).
- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528).
- x86/microcode/AMD: Fix __apply_microcode_amd()'s return value (bsc#1256528).
- x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528).
- x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528).
- x86/microcode/AMD: Select which microcode patch to load (bsc#1256528).
- x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528).
- x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528).
- x86: make page fault handling disable interrupts properly (git-fixes).
- xhci: dbgtty: fix device unregister (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1194869SUSE bug 1205462SUSE bug 1214285SUSE bug 1214635SUSE bug 1214847SUSE bug 1215146SUSE bug 1215199SUSE bug 1215211SUSE bug 1215344SUSE bug 1216062SUSE bug 1216436SUSE bug 1219165SUSE bug 1220419SUSE bug 1223731SUSE bug 1223800SUSE bug 1228490SUSE bug 1233563SUSE bug 1233640SUSE bug 1234163SUSE bug 1234842SUSE bug 1236022SUSE bug 1241345SUSE bug 1241437SUSE bug 1242909SUSE bug 1243055SUSE bug 1243677SUSE bug 1243678SUSE bug 1245193SUSE bug 1245449SUSE bug 1246184SUSE bug 1246328SUSE bug 1246447SUSE bug 1247030SUSE bug 1247500SUSE bug 1247712SUSE bug 1248211SUSE bug 1248886SUSE bug 1249256SUSE bug 1249307SUSE bug 1249587SUSE bug 1250032SUSE bug 1250082SUSE bug 1250334SUSE bug 1250388SUSE bug 1250705SUSE bug 1250748SUSE bug 1251966SUSE bug 1252046SUSE bug 1252342SUSE bug 1252511SUSE bug 1252686SUSE bug 1252712SUSE bug 1252776SUSE bug 1252808SUSE bug 1252824SUSE bug 1252861SUSE bug 1252891SUSE bug 1252900SUSE bug 1252911SUSE bug 1252919SUSE bug 1252924SUSE bug 1252973SUSE bug 1253087SUSE bug 1253155SUSE bug 1253262SUSE bug 1253342SUSE bug 1253365SUSE bug 1253386SUSE bug 1253400SUSE bug 1253402SUSE bug 1253408SUSE bug 1253413SUSE bug 1253442SUSE bug 1253451SUSE bug 1253458SUSE bug 1253463SUSE bug 1253622SUSE bug 1253623SUSE bug 1253647SUSE bug 1253691SUSE bug 1253739SUSE bug 1254119SUSE bug 1254126SUSE bug 1254244SUSE bug 1254373SUSE bug 1254378SUSE bug 1254447SUSE bug 1254465SUSE bug 1254510SUSE bug 1254518SUSE bug 1254520SUSE bug 1254599SUSE bug 1254606SUSE bug 1254611SUSE bug 1254613SUSE bug 1254615SUSE bug 1254621SUSE bug 1254623SUSE bug 1254624SUSE bug 1254626SUSE bug 1254648SUSE bug 1254649SUSE bug 1254653SUSE bug 1254655SUSE bug 1254657SUSE bug 1254660SUSE bug 1254661SUSE bug 1254663SUSE bug 1254669SUSE bug 1254677SUSE bug 1254678SUSE bug 1254688SUSE bug 1254690SUSE bug 1254691SUSE bug 1254693SUSE bug 1254695SUSE bug 1254698SUSE bug 1254701SUSE bug 1254704SUSE bug 1254705SUSE bug 1254707SUSE bug 1254712SUSE bug 1254715SUSE bug 1254717SUSE bug 1254723SUSE bug 1254724SUSE bug 1254732SUSE bug 1254733SUSE bug 1254737SUSE bug 1254739SUSE bug 1254742SUSE bug 1254743SUSE bug 1254749SUSE bug 1254750SUSE bug 1254753SUSE bug 1254754SUSE bug 1254758SUSE bug 1254761SUSE bug 1254762SUSE bug 1254765SUSE bug 1254767SUSE bug 1254782SUSE bug 1254791SUSE bug 1254793SUSE bug 1254794SUSE bug 1254795SUSE bug 1254796SUSE bug 1254797SUSE bug 1254798SUSE bug 1254813SUSE bug 1254815SUSE bug 1254825SUSE bug 1254828SUSE bug 1254829SUSE bug 1254830SUSE bug 1254832SUSE bug 1254835SUSE bug 1254839SUSE bug 1254840SUSE bug 1254842SUSE bug 1254843SUSE bug 1254845SUSE bug 1254846SUSE bug 1254847SUSE bug 1254849SUSE bug 1254850SUSE bug 1254851SUSE bug 1254852SUSE bug 1254854SUSE bug 1254856SUSE bug 1254858SUSE bug 1254860SUSE bug 1254864SUSE bug 1254869SUSE bug 1254871SUSE bug 1254894SUSE bug 1254918SUSE bug 1254957SUSE bug 1254959SUSE bug 1254983SUSE bug 1254992SUSE bug 1255005SUSE bug 1255009SUSE bug 1255025SUSE bug 1255026SUSE bug 1255030SUSE bug 1255033SUSE bug 1255034SUSE bug 1255035SUSE bug 1255039SUSE bug 1255041SUSE bug 1255042SUSE bug 1255046SUSE bug 1255057SUSE bug 1255062SUSE bug 1255064SUSE bug 1255065SUSE bug 1255068SUSE bug 1255072SUSE bug 1255075SUSE bug 1255077SUSE bug 1255081SUSE bug 1255082SUSE bug 1255083SUSE bug 1255092SUSE bug 1255094SUSE bug 1255095SUSE bug 1255100SUSE bug 1255102SUSE bug 1255120SUSE bug 1255122SUSE bug 1255128SUSE bug 1255129SUSE bug 1255131SUSE bug 1255134SUSE bug 1255135SUSE bug 1255136SUSE bug 1255138SUSE bug 1255140SUSE bug 1255142SUSE bug 1255146SUSE bug 1255149SUSE bug 1255152SUSE bug 1255154SUSE bug 1255155SUSE bug 1255157SUSE bug 1255163SUSE bug 1255164SUSE bug 1255167SUSE bug 1255169SUSE bug 1255171SUSE bug 1255172SUSE bug 1255175SUSE bug 1255179SUSE bug 1255182SUSE bug 1255187SUSE bug 1255190SUSE bug 1255193SUSE bug 1255197SUSE bug 1255199SUSE bug 1255202SUSE bug 1255203SUSE bug 1255206SUSE bug 1255209SUSE bug 1255216SUSE bug 1255218SUSE bug 1255221SUSE bug 1255224SUSE bug 1255227SUSE bug 1255230SUSE bug 1255233SUSE bug 1255241SUSE bug 1255245SUSE bug 1255246SUSE bug 1255251SUSE bug 1255252SUSE bug 1255253SUSE bug 1255255SUSE bug 1255259SUSE bug 1255260SUSE bug 1255261SUSE bug 1255262SUSE bug 1255265SUSE bug 1255266SUSE bug 1255268SUSE bug 1255269SUSE bug 1255272SUSE bug 1255273SUSE bug 1255274SUSE bug 1255276SUSE bug 1255279SUSE bug 1255280SUSE bug 1255281SUSE bug 1255297SUSE bug 1255318SUSE bug 1255325SUSE bug 1255327SUSE bug 1255329SUSE bug 1255351SUSE bug 1255377SUSE bug 1255379SUSE bug 1255380SUSE bug 1255395SUSE bug 1255401SUSE bug 1255403SUSE bug 1255415SUSE bug 1255417SUSE bug 1255428SUSE bug 1255480SUSE bug 1255482SUSE bug 1255483SUSE bug 1255488SUSE bug 1255489SUSE bug 1255493SUSE bug 1255495SUSE bug 1255505SUSE bug 1255507SUSE bug 1255530SUSE bug 1255537SUSE bug 1255538SUSE bug 1255539SUSE bug 1255540SUSE bug 1255544SUSE bug 1255545SUSE bug 1255547SUSE bug 1255548SUSE bug 1255549SUSE bug 1255550SUSE bug 1255552SUSE bug 1255553SUSE bug 1255557SUSE bug 1255558SUSE bug 1255563SUSE bug 1255564SUSE bug 1255567SUSE bug 1255568SUSE bug 1255569SUSE bug 1255570SUSE bug 1255578SUSE bug 1255579SUSE bug 1255580SUSE bug 1255583SUSE bug 1255591SUSE bug 1255601SUSE bug 1255603SUSE bug 1255605SUSE bug 1255611SUSE bug 1255614SUSE bug 1255615SUSE bug 1255616SUSE bug 1255617SUSE bug 1255618SUSE bug 1255621SUSE bug 1255622SUSE bug 1255628SUSE bug 1255629SUSE bug 1255630SUSE bug 1255632SUSE bug 1255636SUSE bug 1255688SUSE bug 1255691SUSE bug 1255695SUSE bug 1255698SUSE bug 1255702SUSE bug 1255704SUSE bug 1255706SUSE bug 1255707SUSE bug 1255709SUSE bug 1255722SUSE bug 1255758SUSE bug 1255759SUSE bug 1255760SUSE bug 1255763SUSE bug 1255769SUSE bug 1255770SUSE bug 1255772SUSE bug 1255774SUSE bug 1255775SUSE bug 1255776SUSE bug 1255780SUSE bug 1255785SUSE bug 1255786SUSE bug 1255789SUSE bug 1255790SUSE bug 1255792SUSE bug 1255793SUSE bug 1255795SUSE bug 1255798SUSE bug 1255800SUSE bug 1255801SUSE bug 1255806SUSE bug 1255807SUSE bug 1255809SUSE bug 1255810SUSE bug 1255812SUSE bug 1255814SUSE bug 1255820SUSE bug 1255838SUSE bug 1255842SUSE bug 1255843SUSE bug 1255872SUSE bug 1255875SUSE bug 1255879SUSE bug 1255883SUSE bug 1255884SUSE bug 1255886SUSE bug 1255888SUSE bug 1255890SUSE bug 1255891SUSE bug 1255892SUSE bug 1255899SUSE bug 1255902SUSE bug 1255907SUSE bug 1255911SUSE bug 1255915SUSE bug 1255918SUSE bug 1255921SUSE bug 1255924SUSE bug 1255925SUSE bug 1255930SUSE bug 1255931SUSE bug 1255932SUSE bug 1255934SUSE bug 1255943SUSE bug 1255944SUSE bug 1255949SUSE bug 1255951SUSE bug 1255952SUSE bug 1255955SUSE bug 1255957SUSE bug 1255961SUSE bug 1255963SUSE bug 1255964SUSE bug 1255967SUSE bug 1255974SUSE bug 1255978SUSE bug 1255984SUSE bug 1255988SUSE bug 1255990SUSE bug 1255992SUSE bug 1255993SUSE bug 1255994SUSE bug 1255996SUSE bug 1256033SUSE bug 1256034SUSE bug 1256045SUSE bug 1256050SUSE bug 1256058SUSE bug 1256071SUSE bug 1256074SUSE bug 1256081SUSE bug 1256082SUSE bug 1256083SUSE bug 1256084SUSE bug 1256085SUSE bug 1256090SUSE bug 1256093SUSE bug 1256094SUSE bug 1256095SUSE bug 1256096SUSE bug 1256099SUSE bug 1256100SUSE bug 1256104SUSE bug 1256106SUSE bug 1256107SUSE bug 1256117SUSE bug 1256119SUSE bug 1256121SUSE bug 1256145SUSE bug 1256153SUSE bug 1256178SUSE bug 1256197SUSE bug 1256231SUSE bug 1256233SUSE bug 1256234SUSE bug 1256238SUSE bug 1256263SUSE bug 1256267SUSE bug 1256268SUSE bug 1256271SUSE bug 1256273SUSE bug 1256274SUSE bug 1256279SUSE bug 1256280SUSE bug 1256285SUSE bug 1256291SUSE bug 1256292SUSE bug 1256300SUSE bug 1256301SUSE bug 1256302SUSE bug 1256335SUSE bug 1256348SUSE bug 1256351SUSE bug 1256354SUSE bug 1256358SUSE bug 1256361SUSE bug 1256364SUSE bug 1256366SUSE bug 1256367SUSE bug 1256368SUSE bug 1256369SUSE bug 1256370SUSE bug 1256371SUSE bug 1256373SUSE bug 1256375SUSE bug 1256379SUSE bug 1256387SUSE bug 1256394SUSE bug 1256395SUSE bug 1256396SUSE bug 1256528SUSE bug 1256564SUSE bug 1256579SUSE bug 1256582SUSE bug 1256584SUSE bug 1256586SUSE bug 1256591SUSE bug 1256593SUSE bug 1256597SUSE bug 1256605SUSE bug 1256606SUSE bug 1256607SUSE bug 1256609SUSE bug 1256610SUSE bug 1256611SUSE bug 1256612SUSE bug 1256613SUSE bug 1256616SUSE bug 1256617SUSE bug 1256619SUSE bug 1256622SUSE bug 1256623SUSE bug 1256625SUSE bug 1256628SUSE bug 1256630SUSE bug 1256638SUSE bug 1256640SUSE bug 1256641SUSE bug 1256645SUSE bug 1256646SUSE bug 1256650SUSE bug 1256651SUSE bug 1256653SUSE bug 1256654SUSE bug 1256655SUSE bug 1256659SUSE bug 1256660SUSE bug 1256664SUSE bug 1256665SUSE bug 1256674SUSE bug 1256679SUSE bug 1256680SUSE bug 1256682SUSE bug 1256683SUSE bug 1256688SUSE bug 1256689SUSE bug 1256708SUSE bug 1256716SUSE bug 1256726SUSE bug 1256728SUSE bug 1256730SUSE bug 1256733SUSE bug 1256737SUSE bug 1256741SUSE bug 1256742SUSE bug 1256744SUSE bug 1256752SUSE bug 1256754SUSE bug 1256755SUSE bug 1256757SUSE bug 1256759SUSE bug 1256760SUSE bug 1256761SUSE bug 1256763SUSE bug 1256770SUSE bug 1256773SUSE bug 1256774SUSE bug 1256777SUSE bug 1256779SUSE bug 1256781SUSE bug 1256785SUSE bug 1256792SUSE bug 1256802SUSE bug 1256861SUSE bug 1256863SUSE bug 1257035SUSE bug 1257053SUSE bug 1257154SUSE bug 1257155SUSE bug 1257158SUSE bug 1257159SUSE bug 1257163SUSE bug 1257164SUSE bug 1257179SUSE bug 1257180SUSE bug 1257202SUSE bug 1257204SUSE bug 1257207SUSE bug 1257208SUSE bug 1257209SUSE bug 1257215SUSE bug 1257217SUSE bug 1257218SUSE bug 1257220SUSE bug 1257221SUSE bug 1257227SUSE bug 1257228SUSE bug 1257231SUSE bug 1257232SUSE bug 1257234SUSE bug 1257236SUSE bug 1257245SUSE bug 1257246SUSE bug 1257277SUSE bug 1257282SUSE bug 1257296SUSE bug 1257332SUSE bug 1257473SUSE bug 1257552SUSE bug 1257554SUSE bug 1257557SUSE bug 1257559SUSE bug 1257560SUSE bug 1257562SUSE bug 1257570SUSE bug 1257573SUSE bug 1257576SUSE bug 1257579SUSE bug 1257580SUSE bug 1257586SUSE bug 1257603SUSE bug 1257635SUSE bug 1257679SUSE bug 1257687SUSE bug 1257704SUSE bug 1257706SUSE bug 1257707SUSE bug 1257714SUSE bug 1257715SUSE bug 1257716SUSE bug 1257718SUSE bug 1257722SUSE bug 1257723SUSE bug 1257729SUSE bug 1257735SUSE bug 1257739SUSE bug 1257740SUSE bug 1257741SUSE bug 1257743SUSE bug 1257745SUSE bug 1257749SUSE bug 1257750SUSE bug 1257757SUSE bug 1257758SUSE bug 1257759SUSE bug 1257761SUSE bug 1257762SUSE bug 1257763SUSE bug 1257765SUSE bug 1257768SUSE bug 1257770SUSE bug 1257772SUSE bug 1257775SUSE bug 1257776SUSE bug 1257788SUSE bug 1257789SUSE bug 1257790SUSE bug 1257805SUSE bug 1257808SUSE bug 1257809SUSE bug 1257811SUSE bug 1257813SUSE bug 1257816SUSE bug 1257830SUSE bug 1257891SUSE bug 1257952SUSE bug 1258153SUSE bug 1258181SUSE bug 1258184SUSE bug 1258222SUSE bug 1258234SUSE bug 1258237SUSE bug 1258245SUSE bug 1258249SUSE bug 1258252SUSE bug 1258256SUSE bug 1258259SUSE bug 1258272SUSE bug 1258273SUSE bug 1258277SUSE bug 1258278SUSE bug 1258279SUSE bug 1258299SUSE bug 1258304SUSE bug 1258309SUSE bug 1258313SUSE bug 1258317SUSE bug 1258321SUSE bug 1258326SUSE bug 1258338SUSE bug 1258349SUSE bug 1258354SUSE bug 1258358SUSE bug 1258374SUSE bug 1258377SUSE bug 1258379SUSE bug 1258394SUSE bug 1258395SUSE bug 1258397SUSE bug 1258411SUSE bug 1258415SUSE bug 1258419SUSE bug 1258422SUSE bug 1258424SUSE bug 1258429SUSE bug 1258442SUSE bug 1258464SUSE bug 1258465SUSE bug 1258468SUSE bug 1258469SUSE bug 1258484SUSE bug 1258518SUSE bug 1258519SUSE bug 1258520SUSE bug 1258524SUSE bug 1258544SUSE bug 1258660SUSE bug 1258824SUSE bug 1258928SUSE bug 1259070CVE-2023-42752 at SUSECVE-2023-42752 at NVDCVE-2023-53714 at SUSECVE-2023-53714 at NVDCVE-2023-53743 at SUSECVE-2023-53743 at NVDCVE-2023-53750 at SUSECVE-2023-53750 at NVDCVE-2023-53752 at SUSECVE-2023-53752 at NVDCVE-2023-53759 at SUSECVE-2023-53759 at NVDCVE-2023-53762 at SUSECVE-2023-53762 at NVDCVE-2023-53766 at SUSECVE-2023-53766 at NVDCVE-2023-53768 at SUSECVE-2023-53768 at NVDCVE-2023-53777 at SUSECVE-2023-53777 at NVDCVE-2023-53778 at SUSECVE-2023-53778 at NVDCVE-2023-53782 at SUSECVE-2023-53782 at NVDCVE-2023-53784 at SUSECVE-2023-53784 at NVDCVE-2023-53785 at SUSECVE-2023-53785 at NVDCVE-2023-53787 at SUSECVE-2023-53787 at NVDCVE-2023-53791 at SUSECVE-2023-53791 at NVDCVE-2023-53792 at SUSECVE-2023-53792 at NVDCVE-2023-53793 at SUSECVE-2023-53793 at NVDCVE-2023-53794 at SUSECVE-2023-53794 at NVDCVE-2023-53795 at SUSECVE-2023-53795 at NVDCVE-2023-53797 at SUSECVE-2023-53797 at NVDCVE-2023-53799 at SUSECVE-2023-53799 at NVDCVE-2023-53807 at SUSECVE-2023-53807 at NVDCVE-2023-53808 at SUSECVE-2023-53808 at NVDCVE-2023-53813 at SUSECVE-2023-53813 at NVDCVE-2023-53815 at SUSECVE-2023-53815 at NVDCVE-2023-53817 at SUSECVE-2023-53817 at NVDCVE-2023-53819 at SUSECVE-2023-53819 at NVDCVE-2023-53821 at SUSECVE-2023-53821 at NVDCVE-2023-53823 at SUSECVE-2023-53823 at NVDCVE-2023-53825 at SUSECVE-2023-53825 at NVDCVE-2023-53828 at SUSECVE-2023-53828 at NVDCVE-2023-53831 at SUSECVE-2023-53831 at NVDCVE-2023-53834 at SUSECVE-2023-53834 at NVDCVE-2023-53836 at SUSECVE-2023-53836 at NVDCVE-2023-53839 at SUSECVE-2023-53839 at NVDCVE-2023-53841 at SUSECVE-2023-53841 at NVDCVE-2023-53842 at SUSECVE-2023-53842 at NVDCVE-2023-53843 at SUSECVE-2023-53843 at NVDCVE-2023-53844 at SUSECVE-2023-53844 at NVDCVE-2023-53846 at SUSECVE-2023-53846 at NVDCVE-2023-53847 at SUSECVE-2023-53847 at NVDCVE-2023-53848 at SUSECVE-2023-53848 at NVDCVE-2023-53850 at SUSECVE-2023-53850 at NVDCVE-2023-53851 at SUSECVE-2023-53851 at NVDCVE-2023-53852 at SUSECVE-2023-53852 at NVDCVE-2023-53855 at SUSECVE-2023-53855 at NVDCVE-2023-53856 at SUSECVE-2023-53856 at NVDCVE-2023-53857 at SUSECVE-2023-53857 at NVDCVE-2023-53858 at SUSECVE-2023-53858 at NVDCVE-2023-53860 at SUSECVE-2023-53860 at NVDCVE-2023-53861 at SUSECVE-2023-53861 at NVDCVE-2023-53863 at SUSECVE-2023-53863 at NVDCVE-2023-53864 at SUSECVE-2023-53864 at NVDCVE-2023-53865 at SUSECVE-2023-53865 at NVDCVE-2023-53989 at SUSECVE-2023-53989 at NVDCVE-2023-53992 at SUSECVE-2023-53992 at NVDCVE-2023-53994 at SUSECVE-2023-53994 at NVDCVE-2023-53995 at SUSECVE-2023-53995 at NVDCVE-2023-53996 at SUSECVE-2023-53996 at NVDCVE-2023-53997 at SUSECVE-2023-53997 at NVDCVE-2023-53998 at SUSECVE-2023-53998 at NVDCVE-2023-53999 at SUSECVE-2023-53999 at NVDCVE-2023-54000 at SUSECVE-2023-54000 at NVDCVE-2023-54001 at SUSECVE-2023-54001 at NVDCVE-2023-54005 at SUSECVE-2023-54005 at NVDCVE-2023-54006 at SUSECVE-2023-54006 at NVDCVE-2023-54008 at SUSECVE-2023-54008 at NVDCVE-2023-54013 at SUSECVE-2023-54013 at NVDCVE-2023-54014 at SUSECVE-2023-54014 at NVDCVE-2023-54016 at SUSECVE-2023-54016 at NVDCVE-2023-54017 at SUSECVE-2023-54017 at NVDCVE-2023-54019 at SUSECVE-2023-54019 at NVDCVE-2023-54022 at SUSECVE-2023-54022 at NVDCVE-2023-54023 at SUSECVE-2023-54023 at NVDCVE-2023-54025 at SUSECVE-2023-54025 at NVDCVE-2023-54026 at SUSECVE-2023-54026 at NVDCVE-2023-54027 at SUSECVE-2023-54027 at NVDCVE-2023-54030 at SUSECVE-2023-54030 at NVDCVE-2023-54031 at SUSECVE-2023-54031 at NVDCVE-2023-54032 at SUSECVE-2023-54032 at NVDCVE-2023-54035 at SUSECVE-2023-54035 at NVDCVE-2023-54037 at SUSECVE-2023-54037 at NVDCVE-2023-54038 at SUSECVE-2023-54038 at NVDCVE-2023-54042 at SUSECVE-2023-54042 at NVDCVE-2023-54045 at SUSECVE-2023-54045 at NVDCVE-2023-54048 at SUSECVE-2023-54048 at NVDCVE-2023-54049 at SUSECVE-2023-54049 at NVDCVE-2023-54051 at SUSECVE-2023-54051 at NVDCVE-2023-54052 at SUSECVE-2023-54052 at NVDCVE-2023-54060 at SUSECVE-2023-54060 at NVDCVE-2023-54064 at SUSECVE-2023-54064 at NVDCVE-2023-54066 at SUSECVE-2023-54066 at NVDCVE-2023-54067 at SUSECVE-2023-54067 at NVDCVE-2023-54069 at SUSECVE-2023-54069 at NVDCVE-2023-54070 at SUSECVE-2023-54070 at NVDCVE-2023-54072 at SUSECVE-2023-54072 at NVDCVE-2023-54076 at SUSECVE-2023-54076 at NVDCVE-2023-54080 at SUSECVE-2023-54080 at NVDCVE-2023-54081 at SUSECVE-2023-54081 at NVDCVE-2023-54083 at SUSECVE-2023-54083 at NVDCVE-2023-54088 at SUSECVE-2023-54088 at NVDCVE-2023-54089 at SUSECVE-2023-54089 at NVDCVE-2023-54091 at SUSECVE-2023-54091 at NVDCVE-2023-54092 at SUSECVE-2023-54092 at NVDCVE-2023-54093 at SUSECVE-2023-54093 at NVDCVE-2023-54094 at SUSECVE-2023-54094 at NVDCVE-2023-54095 at SUSECVE-2023-54095 at NVDCVE-2023-54096 at SUSECVE-2023-54096 at NVDCVE-2023-54099 at SUSECVE-2023-54099 at NVDCVE-2023-54101 at SUSECVE-2023-54101 at NVDCVE-2023-54104 at SUSECVE-2023-54104 at NVDCVE-2023-54106 at SUSECVE-2023-54106 at NVDCVE-2023-54112 at SUSECVE-2023-54112 at NVDCVE-2023-54113 at SUSECVE-2023-54113 at NVDCVE-2023-54115 at SUSECVE-2023-54115 at NVDCVE-2023-54117 at SUSECVE-2023-54117 at NVDCVE-2023-54121 at SUSECVE-2023-54121 at NVDCVE-2023-54125 at SUSECVE-2023-54125 at NVDCVE-2023-54127 at SUSECVE-2023-54127 at NVDCVE-2023-54133 at SUSECVE-2023-54133 at NVDCVE-2023-54134 at SUSECVE-2023-54134 at NVDCVE-2023-54135 at SUSECVE-2023-54135 at NVDCVE-2023-54136 at SUSECVE-2023-54136 at NVDCVE-2023-54137 at SUSECVE-2023-54137 at NVDCVE-2023-54140 at SUSECVE-2023-54140 at NVDCVE-2023-54141 at SUSECVE-2023-54141 at NVDCVE-2023-54142 at SUSECVE-2023-54142 at NVDCVE-2023-54143 at SUSECVE-2023-54143 at NVDCVE-2023-54145 at SUSECVE-2023-54145 at NVDCVE-2023-54148 at SUSECVE-2023-54148 at NVDCVE-2023-54149 at SUSECVE-2023-54149 at NVDCVE-2023-54153 at SUSECVE-2023-54153 at NVDCVE-2023-54154 at SUSECVE-2023-54154 at NVDCVE-2023-54155 at SUSECVE-2023-54155 at NVDCVE-2023-54156 at SUSECVE-2023-54156 at NVDCVE-2023-54164 at SUSECVE-2023-54164 at NVDCVE-2023-54166 at SUSECVE-2023-54166 at NVDCVE-2023-54169 at SUSECVE-2023-54169 at NVDCVE-2023-54170 at SUSECVE-2023-54170 at NVDCVE-2023-54171 at SUSECVE-2023-54171 at NVDCVE-2023-54172 at SUSECVE-2023-54172 at NVDCVE-2023-54173 at SUSECVE-2023-54173 at NVDCVE-2023-54177 at SUSECVE-2023-54177 at NVDCVE-2023-54178 at SUSECVE-2023-54178 at NVDCVE-2023-54179 at SUSECVE-2023-54179 at NVDCVE-2023-54181 at SUSECVE-2023-54181 at NVDCVE-2023-54183 at SUSECVE-2023-54183 at NVDCVE-2023-54185 at SUSECVE-2023-54185 at NVDCVE-2023-54189 at SUSECVE-2023-54189 at NVDCVE-2023-54194 at SUSECVE-2023-54194 at NVDCVE-2023-54201 at SUSECVE-2023-54201 at NVDCVE-2023-54204 at SUSECVE-2023-54204 at NVDCVE-2023-54207 at SUSECVE-2023-54207 at NVDCVE-2023-54209 at SUSECVE-2023-54209 at NVDCVE-2023-54210 at SUSECVE-2023-54210 at NVDCVE-2023-54211 at SUSECVE-2023-54211 at NVDCVE-2023-54215 at SUSECVE-2023-54215 at NVDCVE-2023-54219 at SUSECVE-2023-54219 at NVDCVE-2023-54220 at SUSECVE-2023-54220 at NVDCVE-2023-54221 at SUSECVE-2023-54221 at NVDCVE-2023-54223 at SUSECVE-2023-54223 at NVDCVE-2023-54224 at SUSECVE-2023-54224 at NVDCVE-2023-54225 at SUSECVE-2023-54225 at NVDCVE-2023-54227 at SUSECVE-2023-54227 at NVDCVE-2023-54229 at SUSECVE-2023-54229 at NVDCVE-2023-54230 at SUSECVE-2023-54230 at NVDCVE-2023-54235 at SUSECVE-2023-54235 at NVDCVE-2023-54240 at SUSECVE-2023-54240 at NVDCVE-2023-54241 at SUSECVE-2023-54241 at NVDCVE-2023-54246 at SUSECVE-2023-54246 at NVDCVE-2023-54247 at SUSECVE-2023-54247 at NVDCVE-2023-54251 at SUSECVE-2023-54251 at NVDCVE-2023-54253 at SUSECVE-2023-54253 at NVDCVE-2023-54254 at SUSECVE-2023-54254 at NVDCVE-2023-54255 at SUSECVE-2023-54255 at NVDCVE-2023-54258 at SUSECVE-2023-54258 at NVDCVE-2023-54261 at SUSECVE-2023-54261 at NVDCVE-2023-54263 at SUSECVE-2023-54263 at NVDCVE-2023-54264 at SUSECVE-2023-54264 at NVDCVE-2023-54266 at SUSECVE-2023-54266 at NVDCVE-2023-54267 at SUSECVE-2023-54267 at NVDCVE-2023-54271 at SUSECVE-2023-54271 at NVDCVE-2023-54276 at SUSECVE-2023-54276 at NVDCVE-2023-54278 at SUSECVE-2023-54278 at NVDCVE-2023-54281 at SUSECVE-2023-54281 at NVDCVE-2023-54282 at SUSECVE-2023-54282 at NVDCVE-2023-54283 at SUSECVE-2023-54283 at NVDCVE-2023-54285 at SUSECVE-2023-54285 at NVDCVE-2023-54289 at SUSECVE-2023-54289 at NVDCVE-2023-54291 at SUSECVE-2023-54291 at NVDCVE-2023-54292 at SUSECVE-2023-54292 at NVDCVE-2023-54293 at SUSECVE-2023-54293 at NVDCVE-2023-54296 at SUSECVE-2023-54296 at NVDCVE-2023-54297 at SUSECVE-2023-54297 at NVDCVE-2023-54299 at SUSECVE-2023-54299 at NVDCVE-2023-54300 at SUSECVE-2023-54300 at NVDCVE-2023-54302 at SUSECVE-2023-54302 at NVDCVE-2023-54303 at SUSECVE-2023-54303 at NVDCVE-2023-54304 at SUSECVE-2023-54304 at NVDCVE-2023-54309 at SUSECVE-2023-54309 at NVDCVE-2023-54312 at SUSECVE-2023-54312 at NVDCVE-2023-54313 at SUSECVE-2023-54313 at NVDCVE-2023-54314 at SUSECVE-2023-54314 at NVDCVE-2023-54315 at SUSECVE-2023-54315 at NVDCVE-2023-54316 at SUSECVE-2023-54316 at NVDCVE-2023-54318 at SUSECVE-2023-54318 at NVDCVE-2023-54319 at SUSECVE-2023-54319 at NVDCVE-2023-54322 at SUSECVE-2023-54322 at NVDCVE-2023-54324 at SUSECVE-2023-54324 at NVDCVE-2023-54326 at SUSECVE-2023-54326 at NVDCVE-2024-26944 at SUSECVE-2024-26944 at NVDCVE-2024-27005 at SUSECVE-2024-27005 at NVDCVE-2024-42103 at SUSECVE-2024-42103 at NVDCVE-2024-53070 at SUSECVE-2024-53070 at NVDCVE-2024-53093 at SUSECVE-2024-53093 at NVDCVE-2024-53149 at SUSECVE-2024-53149 at NVDCVE-2025-22047 at SUSECVE-2025-22047 at NVDCVE-2025-37813 at SUSECVE-2025-37813 at NVDCVE-2025-37861 at SUSECVE-2025-37861 at NVDCVE-2025-38243 at SUSECVE-2025-38243 at NVDCVE-2025-38321 at SUSECVE-2025-38321 at NVDCVE-2025-38322 at SUSECVE-2025-38322 at NVDCVE-2025-38379 at SUSECVE-2025-38379 at NVDCVE-2025-38539 at SUSECVE-2025-38539 at NVDCVE-2025-38728 at SUSECVE-2025-38728 at NVDCVE-2025-39689 at SUSECVE-2025-39689 at NVDCVE-2025-39748 at SUSECVE-2025-39748 at NVDCVE-2025-39813 at SUSECVE-2025-39813 at NVDCVE-2025-39829 at SUSECVE-2025-39829 at NVDCVE-2025-39880 at SUSECVE-2025-39880 at NVDCVE-2025-39890 at SUSECVE-2025-39890 at NVDCVE-2025-39913 at SUSECVE-2025-39913 at NVDCVE-2025-39964 at SUSECVE-2025-39964 at NVDCVE-2025-39977 at SUSECVE-2025-39977 at NVDCVE-2025-40006 at SUSECVE-2025-40006 at NVDCVE-2025-40024 at SUSECVE-2025-40024 at NVDCVE-2025-40033 at SUSECVE-2025-40033 at NVDCVE-2025-40042 at SUSECVE-2025-40042 at NVDCVE-2025-40053 at SUSECVE-2025-40053 at NVDCVE-2025-40081 at SUSECVE-2025-40081 at NVDCVE-2025-40097 at SUSECVE-2025-40097 at NVDCVE-2025-40099 at SUSECVE-2025-40099 at NVDCVE-2025-40102 at SUSECVE-2025-40102 at NVDCVE-2025-40103 at SUSECVE-2025-40103 at NVDCVE-2025-40106 at SUSECVE-2025-40106 at NVDCVE-2025-40123 at SUSECVE-2025-40123 at NVDCVE-2025-40134 at SUSECVE-2025-40134 at NVDCVE-2025-40135 at SUSECVE-2025-40135 at NVDCVE-2025-40153 at SUSECVE-2025-40153 at NVDCVE-2025-40158 at SUSECVE-2025-40158 at NVDCVE-2025-40160 at SUSECVE-2025-40160 at NVDCVE-2025-40167 at SUSECVE-2025-40167 at NVDCVE-2025-40170 at SUSECVE-2025-40170 at NVDCVE-2025-40178 at SUSECVE-2025-40178 at NVDCVE-2025-40179 at SUSECVE-2025-40179 at NVDCVE-2025-40187 at SUSECVE-2025-40187 at NVDCVE-2025-40190 at SUSECVE-2025-40190 at NVDCVE-2025-40192 at SUSECVE-2025-40192 at NVDCVE-2025-40202 at SUSECVE-2025-40202 at NVDCVE-2025-40211 at SUSECVE-2025-40211 at NVDCVE-2025-40215 at SUSECVE-2025-40215 at NVDCVE-2025-40219 at SUSECVE-2025-40219 at NVDCVE-2025-40220 at SUSECVE-2025-40220 at NVDCVE-2025-40223 at SUSECVE-2025-40223 at NVDCVE-2025-40231 at SUSECVE-2025-40231 at NVDCVE-2025-40233 at SUSECVE-2025-40233 at NVDCVE-2025-40238 at SUSECVE-2025-40238 at NVDCVE-2025-40240 at SUSECVE-2025-40240 at NVDCVE-2025-40242 at SUSECVE-2025-40242 at NVDCVE-2025-40244 at SUSECVE-2025-40244 at NVDCVE-2025-40248 at SUSECVE-2025-40248 at NVDCVE-2025-40250 at SUSECVE-2025-40250 at NVDCVE-2025-40251 at SUSECVE-2025-40251 at NVDCVE-2025-40252 at SUSECVE-2025-40252 at NVDCVE-2025-40254 at SUSECVE-2025-40254 at NVDCVE-2025-40256 at SUSECVE-2025-40256 at NVDCVE-2025-40257 at SUSECVE-2025-40257 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40259 at SUSECVE-2025-40259 at NVDCVE-2025-40261 at SUSECVE-2025-40261 at NVDCVE-2025-40262 at SUSECVE-2025-40262 at NVDCVE-2025-40263 at SUSECVE-2025-40263 at NVDCVE-2025-40264 at SUSECVE-2025-40264 at NVDCVE-2025-40268 at SUSECVE-2025-40268 at NVDCVE-2025-40269 at SUSECVE-2025-40269 at NVDCVE-2025-40271 at SUSECVE-2025-40271 at NVDCVE-2025-40272 at SUSECVE-2025-40272 at NVDCVE-2025-40273 at SUSECVE-2025-40273 at NVDCVE-2025-40274 at SUSECVE-2025-40274 at NVDCVE-2025-40275 at SUSECVE-2025-40275 at NVDCVE-2025-40277 at SUSECVE-2025-40277 at NVDCVE-2025-40278 at SUSECVE-2025-40278 at NVDCVE-2025-40279 at SUSECVE-2025-40279 at NVDCVE-2025-40280 at SUSECVE-2025-40280 at NVDCVE-2025-40282 at SUSECVE-2025-40282 at NVDCVE-2025-40283 at SUSECVE-2025-40283 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40287 at SUSECVE-2025-40287 at NVDCVE-2025-40288 at SUSECVE-2025-40288 at NVDCVE-2025-40289 at SUSECVE-2025-40289 at NVDCVE-2025-40292 at SUSECVE-2025-40292 at NVDCVE-2025-40293 at SUSECVE-2025-40293 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-40301 at SUSECVE-2025-40301 at NVDCVE-2025-40304 at SUSECVE-2025-40304 at NVDCVE-2025-40306 at SUSECVE-2025-40306 at NVDCVE-2025-40307 at SUSECVE-2025-40307 at NVDCVE-2025-40308 at SUSECVE-2025-40308 at NVDCVE-2025-40309 at SUSECVE-2025-40309 at NVDCVE-2025-40310 at SUSECVE-2025-40310 at NVDCVE-2025-40311 at SUSECVE-2025-40311 at NVDCVE-2025-40312 at SUSECVE-2025-40312 at NVDCVE-2025-40314 at SUSECVE-2025-40314 at NVDCVE-2025-40315 at SUSECVE-2025-40315 at NVDCVE-2025-40316 at SUSECVE-2025-40316 at NVDCVE-2025-40317 at SUSECVE-2025-40317 at NVDCVE-2025-40318 at SUSECVE-2025-40318 at NVDCVE-2025-40319 at SUSECVE-2025-40319 at NVDCVE-2025-40320 at SUSECVE-2025-40320 at NVDCVE-2025-40321 at SUSECVE-2025-40321 at NVDCVE-2025-40322 at SUSECVE-2025-40322 at NVDCVE-2025-40323 at SUSECVE-2025-40323 at NVDCVE-2025-40324 at SUSECVE-2025-40324 at NVDCVE-2025-40328 at SUSECVE-2025-40328 at NVDCVE-2025-40329 at SUSECVE-2025-40329 at NVDCVE-2025-40331 at SUSECVE-2025-40331 at NVDCVE-2025-40337 at SUSECVE-2025-40337 at NVDCVE-2025-40338 at SUSECVE-2025-40338 at NVDCVE-2025-40339 at SUSECVE-2025-40339 at NVDCVE-2025-40342 at SUSECVE-2025-40342 at NVDCVE-2025-40343 at SUSECVE-2025-40343 at NVDCVE-2025-40345 at SUSECVE-2025-40345 at NVDCVE-2025-40346 at SUSECVE-2025-40346 at NVDCVE-2025-40347 at SUSECVE-2025-40347 at NVDCVE-2025-40349 at SUSECVE-2025-40349 at NVDCVE-2025-40350 at SUSECVE-2025-40350 at NVDCVE-2025-40351 at SUSECVE-2025-40351 at NVDCVE-2025-40355 at SUSECVE-2025-40355 at NVDCVE-2025-40360 at SUSECVE-2025-40360 at NVDCVE-2025-40363 at SUSECVE-2025-40363 at NVDCVE-2025-68168 at SUSECVE-2025-68168 at NVDCVE-2025-68171 at SUSECVE-2025-68171 at NVDCVE-2025-68172 at SUSECVE-2025-68172 at NVDCVE-2025-68174 at SUSECVE-2025-68174 at NVDCVE-2025-68176 at SUSECVE-2025-68176 at NVDCVE-2025-68178 at SUSECVE-2025-68178 at NVDCVE-2025-68180 at SUSECVE-2025-68180 at NVDCVE-2025-68183 at SUSECVE-2025-68183 at NVDCVE-2025-68185 at SUSECVE-2025-68185 at NVDCVE-2025-68188 at SUSECVE-2025-68188 at NVDCVE-2025-68190 at SUSECVE-2025-68190 at NVDCVE-2025-68192 at SUSECVE-2025-68192 at NVDCVE-2025-68194 at SUSECVE-2025-68194 at NVDCVE-2025-68195 at SUSECVE-2025-68195 at NVDCVE-2025-68200 at SUSECVE-2025-68200 at NVDCVE-2025-68201 at SUSECVE-2025-68201 at NVDCVE-2025-68204 at SUSECVE-2025-68204 at NVDCVE-2025-68206 at SUSECVE-2025-68206 at NVDCVE-2025-68208 at SUSECVE-2025-68208 at NVDCVE-2025-68209 at SUSECVE-2025-68209 at NVDCVE-2025-68217 at SUSECVE-2025-68217 at NVDCVE-2025-68218 at SUSECVE-2025-68218 at NVDCVE-2025-68222 at SUSECVE-2025-68222 at NVDCVE-2025-68227 at SUSECVE-2025-68227 at NVDCVE-2025-68230 at SUSECVE-2025-68230 at NVDCVE-2025-68233 at SUSECVE-2025-68233 at NVDCVE-2025-68235 at SUSECVE-2025-68235 at NVDCVE-2025-68237 at SUSECVE-2025-68237 at NVDCVE-2025-68238 at SUSECVE-2025-68238 at NVDCVE-2025-68239 at SUSECVE-2025-68239 at NVDCVE-2025-68241 at SUSECVE-2025-68241 at NVDCVE-2025-68244 at SUSECVE-2025-68244 at NVDCVE-2025-68245 at SUSECVE-2025-68245 at NVDCVE-2025-68249 at SUSECVE-2025-68249 at NVDCVE-2025-68252 at SUSECVE-2025-68252 at NVDCVE-2025-68254 at SUSECVE-2025-68254 at NVDCVE-2025-68255 at SUSECVE-2025-68255 at NVDCVE-2025-68256 at SUSECVE-2025-68256 at NVDCVE-2025-68257 at SUSECVE-2025-68257 at NVDCVE-2025-68258 at SUSECVE-2025-68258 at NVDCVE-2025-68259 at SUSECVE-2025-68259 at NVDCVE-2025-68261 at SUSECVE-2025-68261 at NVDCVE-2025-68264 at SUSECVE-2025-68264 at NVDCVE-2025-68283 at SUSECVE-2025-68283 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68286 at SUSECVE-2025-68286 at NVDCVE-2025-68287 at SUSECVE-2025-68287 at NVDCVE-2025-68289 at SUSECVE-2025-68289 at NVDCVE-2025-68290 at SUSECVE-2025-68290 at NVDCVE-2025-68295 at SUSECVE-2025-68295 at NVDCVE-2025-68296 at SUSECVE-2025-68296 at NVDCVE-2025-68297 at SUSECVE-2025-68297 at NVDCVE-2025-68301 at SUSECVE-2025-68301 at NVDCVE-2025-68303 at SUSECVE-2025-68303 at NVDCVE-2025-68305 at SUSECVE-2025-68305 at NVDCVE-2025-68307 at SUSECVE-2025-68307 at NVDCVE-2025-68308 at SUSECVE-2025-68308 at NVDCVE-2025-68312 at SUSECVE-2025-68312 at NVDCVE-2025-68313 at SUSECVE-2025-68313 at NVDCVE-2025-68320 at SUSECVE-2025-68320 at NVDCVE-2025-68325 at SUSECVE-2025-68325 at NVDCVE-2025-68327 at SUSECVE-2025-68327 at NVDCVE-2025-68328 at SUSECVE-2025-68328 at NVDCVE-2025-68330 at SUSECVE-2025-68330 at NVDCVE-2025-68331 at SUSECVE-2025-68331 at NVDCVE-2025-68332 at SUSECVE-2025-68332 at NVDCVE-2025-68335 at SUSECVE-2025-68335 at NVDCVE-2025-68337 at SUSECVE-2025-68337 at NVDCVE-2025-68339 at SUSECVE-2025-68339 at NVDCVE-2025-68340 at SUSECVE-2025-68340 at NVDCVE-2025-68345 at SUSECVE-2025-68345 at NVDCVE-2025-68346 at SUSECVE-2025-68346 at NVDCVE-2025-68347 at SUSECVE-2025-68347 at NVDCVE-2025-68349 at SUSECVE-2025-68349 at NVDCVE-2025-68351 at SUSECVE-2025-68351 at NVDCVE-2025-68354 at SUSECVE-2025-68354 at NVDCVE-2025-68362 at SUSECVE-2025-68362 at NVDCVE-2025-68363 at SUSECVE-2025-68363 at NVDCVE-2025-68365 at SUSECVE-2025-68365 at NVDCVE-2025-68366 at SUSECVE-2025-68366 at NVDCVE-2025-68367 at SUSECVE-2025-68367 at NVDCVE-2025-68372 at SUSECVE-2025-68372 at NVDCVE-2025-68374 at SUSECVE-2025-68374 at NVDCVE-2025-68378 at SUSECVE-2025-68378 at NVDCVE-2025-68379 at SUSECVE-2025-68379 at NVDCVE-2025-68380 at SUSECVE-2025-68380 at NVDCVE-2025-68724 at SUSECVE-2025-68724 at NVDCVE-2025-68725 at SUSECVE-2025-68725 at NVDCVE-2025-68727 at SUSECVE-2025-68727 at NVDCVE-2025-68728 at SUSECVE-2025-68728 at NVDCVE-2025-68732 at SUSECVE-2025-68732 at NVDCVE-2025-68733 at SUSECVE-2025-68733 at NVDCVE-2025-68734 at SUSECVE-2025-68734 at NVDCVE-2025-68736 at SUSECVE-2025-68736 at NVDCVE-2025-68740 at SUSECVE-2025-68740 at NVDCVE-2025-68742 at SUSECVE-2025-68742 at NVDCVE-2025-68744 at SUSECVE-2025-68744 at NVDCVE-2025-68746 at SUSECVE-2025-68746 at NVDCVE-2025-68750 at SUSECVE-2025-68750 at NVDCVE-2025-68753 at SUSECVE-2025-68753 at NVDCVE-2025-68757 at SUSECVE-2025-68757 at NVDCVE-2025-68758 at SUSECVE-2025-68758 at NVDCVE-2025-68759 at SUSECVE-2025-68759 at NVDCVE-2025-68764 at SUSECVE-2025-68764 at NVDCVE-2025-68765 at SUSECVE-2025-68765 at NVDCVE-2025-68766 at SUSECVE-2025-68766 at NVDCVE-2025-68768 at SUSECVE-2025-68768 at NVDCVE-2025-68770 at SUSECVE-2025-68770 at NVDCVE-2025-68771 at SUSECVE-2025-68771 at NVDCVE-2025-68773 at SUSECVE-2025-68773 at NVDCVE-2025-68775 at SUSECVE-2025-68775 at NVDCVE-2025-68776 at SUSECVE-2025-68776 at NVDCVE-2025-68777 at SUSECVE-2025-68777 at NVDCVE-2025-68778 at SUSECVE-2025-68778 at NVDCVE-2025-68783 at SUSECVE-2025-68783 at NVDCVE-2025-68785 at SUSECVE-2025-68785 at NVDCVE-2025-68788 at SUSECVE-2025-68788 at NVDCVE-2025-68789 at SUSECVE-2025-68789 at NVDCVE-2025-68795 at SUSECVE-2025-68795 at NVDCVE-2025-68797 at SUSECVE-2025-68797 at NVDCVE-2025-68798 at SUSECVE-2025-68798 at NVDCVE-2025-68800 at SUSECVE-2025-68800 at NVDCVE-2025-68801 at SUSECVE-2025-68801 at NVDCVE-2025-68803 at SUSECVE-2025-68803 at NVDCVE-2025-68804 at SUSECVE-2025-68804 at NVDCVE-2025-68808 at SUSECVE-2025-68808 at NVDCVE-2025-68810 at SUSECVE-2025-68810 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-68814 at SUSECVE-2025-68814 at NVDCVE-2025-68815 at SUSECVE-2025-68815 at NVDCVE-2025-68816 at SUSECVE-2025-68816 at NVDCVE-2025-68819 at SUSECVE-2025-68819 at NVDCVE-2025-68820 at SUSECVE-2025-68820 at NVDCVE-2025-71064 at SUSECVE-2025-71064 at NVDCVE-2025-71066 at SUSECVE-2025-71066 at NVDCVE-2025-71071 at SUSECVE-2025-71071 at NVDCVE-2025-71077 at SUSECVE-2025-71077 at NVDCVE-2025-71078 at SUSECVE-2025-71078 at NVDCVE-2025-71079 at SUSECVE-2025-71079 at NVDCVE-2025-71081 at SUSECVE-2025-71081 at NVDCVE-2025-71082 at SUSECVE-2025-71082 at NVDCVE-2025-71083 at SUSECVE-2025-71083 at NVDCVE-2025-71084 at SUSECVE-2025-71084 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDCVE-2025-71086 at SUSECVE-2025-71086 at NVDCVE-2025-71087 at SUSECVE-2025-71087 at NVDCVE-2025-71088 at SUSECVE-2025-71088 at NVDCVE-2025-71089 at SUSECVE-2025-71089 at NVDCVE-2025-71091 at SUSECVE-2025-71091 at NVDCVE-2025-71093 at SUSECVE-2025-71093 at NVDCVE-2025-71094 at SUSECVE-2025-71094 at NVDCVE-2025-71095 at SUSECVE-2025-71095 at NVDCVE-2025-71096 at SUSECVE-2025-71096 at NVDCVE-2025-71097 at SUSECVE-2025-71097 at NVDCVE-2025-71098 at SUSECVE-2025-71098 at NVDCVE-2025-71100 at SUSECVE-2025-71100 at NVDCVE-2025-71104 at SUSECVE-2025-71104 at NVDCVE-2025-71108 at SUSECVE-2025-71108 at NVDCVE-2025-71111 at SUSECVE-2025-71111 at NVDCVE-2025-71112 at SUSECVE-2025-71112 at NVDCVE-2025-71113 at SUSECVE-2025-71113 at NVDCVE-2025-71114 at SUSECVE-2025-71114 at NVDCVE-2025-71116 at SUSECVE-2025-71116 at NVDCVE-2025-71118 at SUSECVE-2025-71118 at NVDCVE-2025-71119 at SUSECVE-2025-71119 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2025-71123 at SUSECVE-2025-71123 at NVDCVE-2025-71126 at SUSECVE-2025-71126 at NVDCVE-2025-71130 at SUSECVE-2025-71130 at NVDCVE-2025-71131 at SUSECVE-2025-71131 at NVDCVE-2025-71132 at SUSECVE-2025-71132 at NVDCVE-2025-71133 at SUSECVE-2025-71133 at NVDCVE-2025-71135 at SUSECVE-2025-71135 at NVDCVE-2025-71136 at SUSECVE-2025-71136 at NVDCVE-2025-71137 at SUSECVE-2025-71137 at NVDCVE-2025-71138 at SUSECVE-2025-71138 at NVDCVE-2025-71145 at SUSECVE-2025-71145 at NVDCVE-2025-71147 at SUSECVE-2025-71147 at NVDCVE-2025-71148 at SUSECVE-2025-71148 at NVDCVE-2025-71149 at SUSECVE-2025-71149 at NVDCVE-2025-71154 at SUSECVE-2025-71154 at NVDCVE-2025-71162 at SUSECVE-2025-71162 at NVDCVE-2025-71163 at SUSECVE-2025-71163 at NVDCVE-2025-71182 at SUSECVE-2025-71182 at NVDCVE-2025-71184 at SUSECVE-2025-71184 at NVDCVE-2025-71185 at SUSECVE-2025-71185 at NVDCVE-2025-71188 at SUSECVE-2025-71188 at NVDCVE-2025-71189 at SUSECVE-2025-71189 at NVDCVE-2025-71190 at SUSECVE-2025-71190 at NVDCVE-2025-71191 at SUSECVE-2025-71191 at NVDCVE-2025-71192 at SUSECVE-2025-71192 at NVDCVE-2025-71194 at SUSECVE-2025-71194 at NVDCVE-2025-71195 at SUSECVE-2025-71195 at NVDCVE-2025-71196 at SUSECVE-2025-71196 at NVDCVE-2025-71197 at SUSECVE-2025-71197 at NVDCVE-2025-71198 at SUSECVE-2025-71198 at NVDCVE-2025-71199 at SUSECVE-2025-71199 at NVDCVE-2025-71200 at SUSECVE-2025-71200 at NVDCVE-2025-71222 at SUSECVE-2025-71222 at NVDCVE-2025-71224 at SUSECVE-2025-71224 at NVDCVE-2025-71225 at SUSECVE-2025-71225 at NVDCVE-2025-71229 at SUSECVE-2025-71229 at NVDCVE-2025-71231 at SUSECVE-2025-71231 at NVDCVE-2025-71232 at SUSECVE-2025-71232 at NVDCVE-2025-71234 at SUSECVE-2025-71234 at NVDCVE-2025-71235 at SUSECVE-2025-71235 at NVDCVE-2025-71236 at SUSECVE-2025-71236 at NVDCVE-2026-22976 at SUSECVE-2026-22976 at NVDCVE-2026-22977 at SUSECVE-2026-22977 at NVDCVE-2026-22978 at SUSECVE-2026-22978 at NVDCVE-2026-22979 at SUSECVE-2026-22979 at NVDCVE-2026-22982 at SUSECVE-2026-22982 at NVDCVE-2026-22984 at SUSECVE-2026-22984 at NVDCVE-2026-22985 at SUSECVE-2026-22985 at NVDCVE-2026-22988 at SUSECVE-2026-22988 at NVDCVE-2026-22990 at SUSECVE-2026-22990 at NVDCVE-2026-22991 at SUSECVE-2026-22991 at NVDCVE-2026-22992 at SUSECVE-2026-22992 at NVDCVE-2026-22993 at SUSECVE-2026-22993 at NVDCVE-2026-22996 at SUSECVE-2026-22996 at NVDCVE-2026-22997 at SUSECVE-2026-22997 at NVDCVE-2026-22998 at SUSECVE-2026-22998 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23000 at SUSECVE-2026-23000 at NVDCVE-2026-23001 at SUSECVE-2026-23001 at NVDCVE-2026-23003 at SUSECVE-2026-23003 at NVDCVE-2026-23004 at SUSECVE-2026-23004 at NVDCVE-2026-23005 at SUSECVE-2026-23005 at NVDCVE-2026-23006 at SUSECVE-2026-23006 at NVDCVE-2026-23010 at SUSECVE-2026-23010 at NVDCVE-2026-23011 at SUSECVE-2026-23011 at NVDCVE-2026-23017 at SUSECVE-2026-23017 at NVDCVE-2026-23021 at SUSECVE-2026-23021 at NVDCVE-2026-23026 at SUSECVE-2026-23026 at NVDCVE-2026-23033 at SUSECVE-2026-23033 at NVDCVE-2026-23035 at SUSECVE-2026-23035 at NVDCVE-2026-23037 at SUSECVE-2026-23037 at NVDCVE-2026-23049 at SUSECVE-2026-23049 at NVDCVE-2026-23053 at SUSECVE-2026-23053 at NVDCVE-2026-23056 at SUSECVE-2026-23056 at NVDCVE-2026-23057 at SUSECVE-2026-23057 at NVDCVE-2026-23058 at SUSECVE-2026-23058 at NVDCVE-2026-23060 at SUSECVE-2026-23060 at NVDCVE-2026-23061 at SUSECVE-2026-23061 at NVDCVE-2026-23063 at SUSECVE-2026-23063 at NVDCVE-2026-23064 at SUSECVE-2026-23064 at NVDCVE-2026-23068 at SUSECVE-2026-23068 at NVDCVE-2026-23071 at SUSECVE-2026-23071 at NVDCVE-2026-23073 at SUSECVE-2026-23073 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23076 at SUSECVE-2026-23076 at NVDCVE-2026-23078 at SUSECVE-2026-23078 at NVDCVE-2026-23080 at SUSECVE-2026-23080 at NVDCVE-2026-23082 at SUSECVE-2026-23082 at NVDCVE-2026-23083 at SUSECVE-2026-23083 at NVDCVE-2026-23084 at SUSECVE-2026-23084 at NVDCVE-2026-23085 at SUSECVE-2026-23085 at NVDCVE-2026-23086 at SUSECVE-2026-23086 at NVDCVE-2026-23089 at SUSECVE-2026-23089 at NVDCVE-2026-23090 at SUSECVE-2026-23090 at NVDCVE-2026-23091 at SUSECVE-2026-23091 at NVDCVE-2026-23094 at SUSECVE-2026-23094 at NVDCVE-2026-23095 at SUSECVE-2026-23095 at NVDCVE-2026-23096 at SUSECVE-2026-23096 at NVDCVE-2026-23099 at SUSECVE-2026-23099 at NVDCVE-2026-23101 at SUSECVE-2026-23101 at NVDCVE-2026-23102 at SUSECVE-2026-23102 at NVDCVE-2026-23104 at SUSECVE-2026-23104 at NVDCVE-2026-23105 at SUSECVE-2026-23105 at NVDCVE-2026-23107 at SUSECVE-2026-23107 at NVDCVE-2026-23108 at SUSECVE-2026-23108 at NVDCVE-2026-23110 at SUSECVE-2026-23110 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23112 at SUSECVE-2026-23112 at NVDCVE-2026-23113 at SUSECVE-2026-23113 at NVDCVE-2026-23116 at SUSECVE-2026-23116 at NVDCVE-2026-23119 at SUSECVE-2026-23119 at NVDCVE-2026-23121 at SUSECVE-2026-23121 at NVDCVE-2026-23129 at SUSECVE-2026-23129 at NVDCVE-2026-23133 at SUSECVE-2026-23133 at NVDCVE-2026-23135 at SUSECVE-2026-23135 at NVDCVE-2026-23139 at SUSECVE-2026-23139 at NVDCVE-2026-23141 at SUSECVE-2026-23141 at NVDCVE-2026-23145 at SUSECVE-2026-23145 at NVDCVE-2026-23146 at SUSECVE-2026-23146 at NVDCVE-2026-23150 at SUSECVE-2026-23150 at NVDCVE-2026-23151 at SUSECVE-2026-23151 at NVDCVE-2026-23152 at SUSECVE-2026-23152 at NVDCVE-2026-23155 at SUSECVE-2026-23155 at NVDCVE-2026-23156 at SUSECVE-2026-23156 at NVDCVE-2026-23163 at SUSECVE-2026-23163 at NVDCVE-2026-23166 at SUSECVE-2026-23166 at NVDCVE-2026-23167 at SUSECVE-2026-23167 at NVDCVE-2026-23170 at SUSECVE-2026-23170 at NVDCVE-2026-23171 at SUSECVE-2026-23171 at NVDCVE-2026-23172 at SUSECVE-2026-23172 at NVDCVE-2026-23173 at SUSECVE-2026-23173 at NVDCVE-2026-23176 at SUSECVE-2026-23176 at NVDCVE-2026-23178 at SUSECVE-2026-23178 at NVDCVE-2026-23179 at SUSECVE-2026-23179 at NVDCVE-2026-23182 at SUSECVE-2026-23182 at NVDCVE-2026-23190 at SUSECVE-2026-23190 at NVDCVE-2026-23191 at SUSECVE-2026-23191 at NVDCVE-2026-23198 at SUSECVE-2026-23198 at NVDCVE-2026-23202 at SUSECVE-2026-23202 at NVDCVE-2026-23207 at SUSECVE-2026-23207 at NVDCVE-2026-23208 at SUSECVE-2026-23208 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDCVE-2026-23213 at SUSECVE-2026-23213 at NVDCVE-2026-23214 at SUSECVE-2026-23214 at NVDCVE-2026-23221 at SUSECVE-2026-23221 at NVDCVE-2026-23222 at SUSECVE-2026-23222 at NVDCVE-2026-23229 at SUSECVE-2026-23229 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer (bsc#1257118).
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257118SUSE bug 1257629SUSE bug 1257669CVE-2025-21738 at SUSECVE-2025-21738 at NVDCVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257629SUSE bug 1257669CVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257629SUSE bug 1257669CVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095).
- CVE-2024-35839: kABI fix for netfilter: bridge: replace physindev with physinif in nf_bridge_info (bsc#1224726).
- CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
- CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809).
- CVE-2024-44996: vsock: fix recursive ->recvmsg calls (bsc#1230205).
- CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request (bsc#1235705).
- CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854).
- CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (bsc#1235727).
- CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init() (bsc#1232161).
- CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed (bsc#1232158).
- CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from frag_list (bsc#1232101).
- CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087).
- CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419).
- CVE-2024-50039: kABI: Restore deleted EXPORT_SYMBOL(__qdisc_calculate_pkt_len) (bsc#1231909).
- CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038).
- CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055).
- CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
- CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324).
- CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200).
- CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239).
- CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized
delayed_work on cache_ctr error (bsc#1233467 bsc#1233469).
- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).
- CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488).
- CVE-2024-53050: drm/i915/hdcp: Add encoder check in hdcp2_get_capability (bsc#1233546).
- CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464).
- CVE-2024-53090: afs: Fix lock recursion (bsc#1233637).
- CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx (bsc#1233638).
- CVE-2024-53099: bpf: Check validity of link->type in bpf_link_show_fdinfo() (bsc#1233772).
- CVE-2024-53105: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() (bsc#1234069).
- CVE-2024-53111: mm/mremap: fix address wraparound in move_page_tables() (bsc#1234086).
- CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077).
- CVE-2024-53117: virtio/vsock: Improve MSG_ZEROCOPY error handling (bsc#1234079).
- CVE-2024-53118: vsock: Fix sk_error_queue memory leak (bsc#1234071).
- CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073).
- CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219).
- CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220).
- CVE-2024-53133: drm/amd/display: Handle dml allocation failure to avoid crash (bsc#1234221)
- CVE-2024-53134: pmdomain: imx93-blk-ctrl: correct remove path (bsc#1234159).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).
- CVE-2024-53160: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu (bsc#1234810).
- CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856).
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
- CVE-2024-53170: block: fix uaf for flush rq while iterating tags (bsc#1234888).
- CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching (bsc#1234898).
- CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns (bsc#1234893).
- CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).
- CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey() (bsc#1234901).
- CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
- CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use (bsc#1234957).
- CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction (bsc#1234906).
- CVE-2024-53198: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() (bsc#1234923).
- CVE-2024-53203: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() (bsc#1235001).
- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).
- CVE-2024-53216: nfsd: fix UAF when access ex_uuid or ex_stats (bsc#1235003).
- CVE-2024-53222: zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974).
- CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011).
- CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050).
- CVE-2024-53234: erofs: handle NONHEAD !delta[1] lclusters gracefully (bsc#1235045).
- CVE-2024-53236: xsk: Free skb when TX metadata options are invalid (bsc#1235000).
- CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
- CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282).
- CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720).
- CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree node (bsc#1235737).
- CVE-2024-55881: KVM: x86: Play nice with protected guests in complete_hypercall_exit() (bsc#1235745).
- CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753).
- CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912).
- CVE-2024-56566: mm/slub: Avoid list corruption when removing a slab from the full list (bsc#1235033).
- CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032).
- CVE-2024-56569: ftrace: Fix regression with module command in stack_trace_filter (bsc#1235031).
- CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035).
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235128).
- CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123).
- CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption model (bsc#1235241).
- CVE-2024-56599: wifi: ath10k: avoid NULL pointer error during sdio remove (bsc#1235138).
- CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217).
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230).
- CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521).
- CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in can_create() (bsc#1235415).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (bsc#1235487).
- CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock (bsc#1235390).
- CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM (bsc#1235391).
- CVE-2024-56614: xsk: fix OOB map writes when deleting elements (bsc#1235424).
- CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements (bsc#1235426).
- CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (bsc#1235429).
- CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled (bsc#1235227).
- CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251).
- CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480).
- CVE-2024-56635: net: avoid potential UAF in default_operstate() (bsc#1235519).
- CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb() (bsc#1235520).
- CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a module (bsc#1235523).
- CVE-2024-56641: net/smc: initialize close_work early to avoid warning (bsc#1235526).
- CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv (bsc#1235132).
- CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451).
- CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not support (bsc#1235449).
- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430).
- CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (bsc#1235444).
- CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439).
- CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference (bsc#1235437).
- CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249).
- CVE-2024-56665: bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog (bsc#1235489).
- CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (bsc#1235555).
- CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (bsc#1235498).
- CVE-2024-56693: brd: defer automatic disk creation until module initialization succeeds (bsc#1235418).
- CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS (bsc#1235412).
- CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
- CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (bsc#1235545).
- CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload (bsc#1235564).
- CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path (bsc#1235565).
- CVE-2024-56715: ionic: Fix netdev notifier unregister on failure (bsc#1235612).
- CVE-2024-56716: netdevsim: prevent bad user input in nsim_dev_health_break_write() (bsc#1235587).
- CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (bsc#1235578).
- CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (bsc#1235582).
- CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (bsc#1235583).
- CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (bsc#1235656).
- CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops (bsc#1235503).
- CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934).
- CVE-2024-56748: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (bsc#1235627).
- CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920).
- CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645).
- CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write (bsc#1235638).
- CVE-2024-56774: btrfs: add a sanity check for btrfs root in btrfs_search_slot() (bsc#1235653).
- CVE-2024-56775: drm/amd/display: Fix handling of plane refcount (bsc#1235657).
- CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759).
- CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768).
- CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device (bsc#1235906).
- CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without loaded flag (bsc#1235940).
- CVE-2024-57802: netrom: check buffer length before accessing it (bsc#1235941).
- CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs (bsc#1235779).
- CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL (bsc#1235793).
- CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings (bsc#1235798).
- CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946).
- CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (bsc#1235948).
- CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (bsc#1235964).
- CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount (bsc#1235965).
- CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
- CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap (bsc#1236127).
- CVE-2024-57929: dm array: fix releasing a faulty array block twice in dm_array_cursor_end (bsc#1236096).
- CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
- CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues (bsc#1236190).
- CVE-2024-57933: gve: guard XSK operations on the existence of queues (bsc#1236178).
- CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in sctp_association_init() (bsc#1236182).
- CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend (bsc#1236247).
- CVE-2025-21632: x86/fpu: Ensure shadow stack is active before "getting" registers (bsc#1236106).
- CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08 devices (bsc#1236143).
- CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue (bsc#1236144).
- CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145).
- CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink() (bsc#1236160).
- CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (bsc#1236161).
- CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period (bsc#1236163).
- CVE-2025-21662: net/mlx5: Fix variable not being completed when function returns (bsc#1236198).
- CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device tree (bsc#1236260).
- CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first function (bsc#1236262).
- CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel (bsc#1236688).
- CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error (bsc#1236696).
- CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing, fix null-deref (bsc#1236703).
The following non-security bugs were fixed:
- 9p: v9fs_fid_find: also lookup by inode if not found dentry (git-fixes).
- ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294)
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes).
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable-fixes).
- ACPI: PCC: Add PCC shared memory region command and status bitfields (stable-fixes).
- ACPI: PRM: Add PRM handler direct call support (jsc#PED-10467).
- ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
- ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (stable-fixes).
- ACPI: resource: Fix memory resource type union access (git-fixes).
- ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Acer Iconia One 8 A1-840 (stable-fixes).
- ACPI: x86: Clean up Asus entries in acpi_quirk_skip_dmi_ids[] (stable-fixes).
- ACPI: x86: Make UART skip quirks work on PCI UARTs without an UID (stable-fixes).
- ACPICA: events/evxfregn: do not release the ContextMutex that was never acquired (git-fixes).
- ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio (stable-fixes).
- ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31 laptop (git-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes).
- ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on Acer Nitro 5 (stable-fixes).
- ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130 (bsc#1235686).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: seq: Check UMP support for midi_version change (git-fixes).
- ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes).
- ALSA: seq: ump: Fix seq port updates per FB info notify (git-fixes).
- ALSA: seq: ump: Use automatic cleanup of kfree() (stable-fixes).
- ALSA: seq: ump: Use guard() for locking (stable-fixes).
- ALSA: ump: Use guard() for locking (stable-fixes).
- ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
- ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5 (stable-fixes).
- ALSA: usb-audio: Notify xrun for low-latency mode (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: US16x08: Initialize array before use (git-fixes).
- ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C (stable-fixes).
- ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP (stable-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
- ASoC: amd: yc: Add a quirk for microfone on Lenovo ThinkPad P14s Gen 5 21MES00B00 (stable-fixes).
- ASoC: amd: yc: Add quirk for microphone on Lenovo Thinkpad T14s Gen 6 21M1CTO1WW (stable-fixes).
- ASoC: amd: yc: Fix the wrong return value (git-fixes).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: fix internal mic on Redmi G 2022 (stable-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: hdmi-codec: reorder channel allocation list (stable-fixes).
- ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
- ASoC: rt722: add delay time to wait for the calibration procedure (stable-fixes).
- ASoC: samsung: Add missing depends on I2C (git-fixes).
- ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
- ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
- ASoC: wm8994: Add depends on MFD core (stable-fixes).
- Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
- Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() (stable-fixes).
- Bluetooth: ISO: Reassociate a socket with an active BIS (stable-fixes).
- Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection (git-fixes).
- Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (stable-fixes).
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
- Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes).
- Bluetooth: MGMT: Fix possible deadlocks (git-fixes).
- Bluetooth: SCO: Add support for 16 bits transparent voice setting (git-fixes).
- Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes).
- Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
- Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (stable-fixes).
- Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes).
- Bluetooth: btusb: add callback function in btusb suspend/resume (stable-fixes).
- Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes).
- Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (stable-fixes).
- Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating (git-fixes).
- Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes).
- Bluetooth: iso: Fix recursive locking warning (git-fixes).
- Delete XHCI patch for regression (bsc#1235550)
- Disable ceph (jsc#PED-7242)
- Documentation: PM: Clarify pm_runtime_resume_and_get() return value (git-fixes).
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes).
- Drop downstream TPM fix patch (bsc#1233260 bsc#1233259 bsc#1232421)
- Drop uvcvideo fix due to regression (bsc#1235894)
- EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
- HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (git-fixes).
- HID: fix generic desktop D-Pad controls (git-fixes).
- HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
- HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check (git-fixes).
- HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support (stable-fixes).
- HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
- Input: atkbd - map F23 key to support default copilot shortcut (stable-fixes).
- Input: bbnsm_pwrkey - add remove hook (git-fixes).
- Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes).
- Input: davinci-keyscan - remove leftover header (git-fixes).
- Input: xpad - add QH Electronics VID/PID (stable-fixes).
- Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-fixes).
- Input: xpad - add support for Nacon Pro Compact (stable-fixes).
- Input: xpad - add support for wooting two he (arm) (stable-fixes).
- Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-fixes).
- Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
- KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635).
- KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235776).
- KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235777).
- KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235778).
- NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git-fixes).
- NFSD: Async COPY result needs to return a write verifier (git-fixes).
- NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (git-fixes).
- NFSD: Fix nfsd4_shutdown_copy() (git-fixes).
- NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes).
- NFSD: Prevent a potential integer overflow (git-fixes).
- NFSD: Remove a never-true comparison (git-fixes).
- NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point (git-fixes).
- NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git-fixes).
- NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
- NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
- Octeontx2-pf: Free send queue buffers incase of leaf to inner (git-fixes).
- PCI/AER: Disable AER service on suspend (stable-fixes).
- PCI/MSI: Handle lack of irqdomain gracefully (git-fixes).
- PCI: Add 'reset_subordinate' to reset hierarchy below bridge (stable-fixes).
- PCI: Add ACS quirk for Broadcom BCM5760X NIC (stable-fixes).
- PCI: Add ACS quirk for Wangxun FF5xxx NICs (stable-fixes).
- PCI: Add T_PERST_CLK_US macro (git-fixes).
- PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-fixes).
- PCI: Detect and trust built-in Thunderbolt chips (stable-fixes).
- PCI: Fix use-after-free of slot->bus on hot remove (stable-fixes).
- PCI: Use preserve_config in place of pci_flags (stable-fixes).
- PCI: cadence: Extract link setup sequence from cdns_pcie_host_setup() (stable-fixes).
- PCI: cadence: Set cdns_pcie_host_init() global (stable-fixes).
- PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads (stable-fixes).
- PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
- PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-fixes).
- PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar() (git-fixes).
- PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
- PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-fixes).
- PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
- PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-fixes).
- PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-fixes).
- PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
- PCI: j721e: Add PCIe 4x lane selection support (stable-fixes).
- PCI: j721e: Add per platform maximum lane settings (stable-fixes).
- PCI: j721e: Add reset GPIO to struct j721e_pcie (stable-fixes).
- PCI: j721e: Add suspend and resume support (git-fixes).
- PCI: j721e: Use T_PERST_CLK_US macro (git-fixes).
- PCI: microchip: Set inbound address translation for coherent or non-coherent mode (git-fixes).
- PCI: qcom: Add support for IPQ9574 (stable-fixes).
- PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() (git-fixes).
- PCI: vmd: Add DID 8086:B06F and 8086:B60B for Intel client SKUs (stable-fixes).
- PCI: vmd: Set devices to D0 before enabling PM L1 Substates (stable-fixes).
- PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
- RAS/AMD/ATL: Translate normalized to system physical addresses using PRM (jsc#PED-10467).
- RDMA/bnxt_re: Add check for path mtu in modify_qp (git-fixes)
- RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
- RDMA/bnxt_re: Avoid initializing the software queue for user queues (git-fixes)
- RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (git-fixes)
- RDMA/bnxt_re: Disable use of reserved wqes (git-fixes)
- RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
- RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
- RDMA/bnxt_re: Fix max_qp_wrs reported (git-fixes)
- RDMA/bnxt_re: Fix reporting hw_ver in query_device (git-fixes)
- RDMA/bnxt_re: Fix the check for 9060 condition (git-fixes)
- RDMA/bnxt_re: Fix the locking while accessing the QP table (git-fixes)
- RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
- RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
- RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-fixes)
- RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
- RDMA/bnxt_re: Remove always true dattr validity check (git-fixes)
- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)
- RDMA/hns: Fix accessing invalid dip_ctx during destroying QP (git-fixes)
- RDMA/hns: Fix mapping error of zero-hop WQE buffer (git-fixes)
- RDMA/hns: Fix missing flush CQE for DWQE (git-fixes)
- RDMA/hns: Fix warning storm caused by invalid input in IO path (git-fixes)
- RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-fixes)
- RDMA/mlx5: Enforce same type port association for multiport RoCE (git-fixes)
- RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-fixes)
- RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
- RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
- RDMA/rtrs: Ensure 'ib_sge list' is accessible (git-fixes)
- RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
- RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
- RDMA/srp: Fix error handling in srp_add_port (git-fixes)
- RDMA/uverbs: Prevent integer overflow issue (git-fixes)
- Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-fixes).
- Revert "block/mq-deadline: use correct way to throttling write requests" (bsc#1234146).
- Revert "btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)"
- Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
- Revert "igb: Disable threaded IRQ for igb_msix_other" (git-fixes).
- Revert "mm, kmsan: fix infinite recursion due to RCU critical section" (bsc#1230413)
- Revert "mm/sparsemem: fix race in accessing memory_section->usage" (bsc#1230413)
- Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()" (bsc#1230413)
- Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" (git-fixes).
- Revert "unicode: Do not special case ignorable code points" (stable-fixes).
- Revert "usb: gadget: u_serial: Disable ep before setting port to null
to fix the crash caused by port being null" (stable-fixes).
- Revert 'arm64: Kconfig: Make SME depend on BROKEN for now'
- Revert 0dd78566990 ("Disable ceph (jsc#PED-7242)")
- SUNRPC: make sure cache entry active before cache_show (git-fixes).
- SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT (git-fixes).
- USB: core: Disable LPM only for non-suspended ports (git-fixes).
- USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes).
- USB: serial: option: add MediaTek T7XX compositions (stable-fixes).
- USB: serial: option: add MeiG Smart SLM770A (stable-fixes).
- USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
- USB: serial: option: add Neoway N723-EA support (stable-fixes).
- USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (stable-fixes).
- USB: serial: option: add TCL IK512 MBIM & ECM (stable-fixes).
- USB: serial: option: add Telit FE910C04 rmnet compositions (stable-fixes).
- USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-fixes).
- USB: usblp: return error when setting unsupported protocol (git-fixes).
- VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
- VMCI: fix reference to ioctl-number.rst (git-fixes).
- accel/habanalabs/gaudi2: unsecure tpc count registers (stable-fixes).
- accel/habanalabs: export dma-buf only if size/offset multiples of PAGE_SIZE (stable-fixes).
- accel/habanalabs: fix debugfs files permissions (stable-fixes).
- accel/habanalabs: increase HL_MAX_STR to 64 bytes to avoid warnings (stable-fixes).
- acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (git-fixes).
- af_unix: Call manage_oob() for every skb in unix_stream_read_generic() (bsc#1234725).
- afs: Automatically generate trace tag enums (git-fixes).
- afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
- afs: Fix cleanup of immediately failed async calls (git-fixes).
- afs: Fix directory format encoding struct (git-fixes).
- afs: Fix missing subdir edit when renamed between parent dirs (git-fixes).
- afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
- afs: Fix the maximum cell name length (git-fixes).
- amdgpu/uvd: get ring reference from rq scheduler (git-fixes).
- arch: Introduce arch_{,try_}_cmpxchg128{,_local}() (bsc#1220773).
- arch: Remove cmpxchg_double (bsc#1220773).
- arch: consolidate arch_irq_work_raise prototypes (git-fixes).
- arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
- arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605)
- arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
- arm64: Force position-independent veneers (git-fixes).
- arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245)
- arm64: dts: imx8mp: correct sdhc ipg clk (git-fixes).
- arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-fixes)
- arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes).
- arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
- arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git-fixes).
- arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
- arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
- arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
- ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-fixes).
- autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes).
- batman-adv: Do not let TT changes list grows indefinitely (git-fixes).
- batman-adv: Do not send uninitialized TT changes (git-fixes).
- batman-adv: Remove uninitialized data in full table TT response (git-fixes).
- blk-cgroup: Fix UAF in blkcg_unpin_online() (bsc#1234726).
- blk-core: use pr_warn_ratelimited() in bio_check_ro() (bsc#1234139).
- blk-iocost: Fix an UBSAN shift-out-of-bounds warning (bsc#1234144).
- blk-iocost: do not WARN if iocg was already offlined (bsc#1234147).
- blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" (bsc#1234140).
- block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator() (bsc#1234149).
- block, bfq: do not break merge chain in bfq_split_bfqq() (bsc#1234150).
- block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234160).
- block, bfq: fix procress reference leakage for bfqq in merge chain (bsc#1234280).
- block, bfq: fix uaf for accessing waker_bfqq after splitting (bsc#1234279).
- block/mq-deadline: Fix the tag reservation code (bsc#1234148).
- block: Call .limit_depth() after .hctx has been set (bsc#1234148).
- block: Fix where bio IO priority gets set (bsc#1234145).
- block: prevent an integer overflow in bvec_try_merge_hw_page (bsc#1234142).
- block: update the stable_writes flag in bdev_add (bsc#1234141).
- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
- bnxt_en: Fix receive ring space parameters when XDP is active (git-fixes).
- bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (git-fixes).
- bnxt_en: Set backplane link modes correctly for ethtool (git-fixes).
- bpf, x86: Fix PROBE_MEM runtime load check (git-fixes).
- bpf: verifier: prevent userspace memory access (git-fixes).
- btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445).
- btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)
- btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445).
- bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-fixes).
- can: gs_usb: add VID/PID for Xylanta SAINT3 product family (stable-fixes).
- can: j1939: fix error in J1939 documentation (stable-fixes).
- ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592).
- checkpatch: always parse orig_commit in fixes tag (git-fixes).
- checkpatch: check for missing Fixes tags (stable-fixes).
- cleanup: Add conditional guard support (stable-fixes).
- cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-fixes).
- cleanup: Remove address space of returned pointer (git-fixes).
- clocksource/drivers/timer-ti-dm: Fix child node refcount handling (git-fixes).
- clocksource/drivers:sp804: Make user selectable (git-fixes).
- counter: stm32-timer-cnt: Add check for clk_enable() (git-fixes).
- counter: ti-ecap-capture: Add check for clk_enable() (git-fixes).
- cpufreq: ACPI: Fix max-frequency computation (git-fixes).
- cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
- cpufreq: amd-pstate: remove global header file (git-fixes).
- cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo() (bsc#1234619).
- cpufreq: intel_pstate: Do not update global.turbo_disabled after initialization (bsc#1234619).
- cpufreq: intel_pstate: Drop redundant locking from intel_pstate_driver_cleanup() (bsc#1234619).
- cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619).
- cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller (bsc#1234619).
- cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations (bsc#1234619).
- cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
- cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619).
- cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo() (bsc#1234619).
- cpufreq: intel_pstate: Refine computation of P-state for given frequency (bsc#1234619).
- cpufreq: intel_pstate: Replace three global.turbo_disabled checks (bsc#1234619).
- cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619).
- cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
- cpufreq: intel_pstate: Update the maximum CPU frequency consistently (bsc#1234619).
- cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-fixes).
- cpufreq: intel_pstate: Use __ro_after_init for three variables (bsc#1234619).
- cpufreq: intel_pstate: Wait for canceled delayed work to complete (bsc#1234619).
- cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call back (git-fixes).
- cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
- cpupower: fix TSC MHz calculation (git-fixes).
- crypto: caam - use JobR's space to access page 0 regs (git-fixes).
- crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes (git-fixes).
- crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-fixes).
- crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable-fixes).
- crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes).
- crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable-fixes).
- crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async' (git-fixes).
- crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-fixes).
- crypto: qat - disable IOV in adf_dev_stop() (git-fixes).
- crypto: qce - fix goto jump in error path (git-fixes).
- crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
- crypto: qce - unregister previously registered algos in error path (git-fixes).
- crypto: x86/sha256 - Add parentheses around macros' single arguments (stable-fixes).
- cyrpto/b128ops: Remove struct u128 (bsc#1220773).
- devcoredump: cleanup some comments (git-fixes).
- devlink: Fix length of eswitch inline-mode (git-fixes).
- dlm: fix possible lkb_resource null dereference (git-fixes).
- dma-buf: fix dma_fence_array_signaled v4 (stable-fixes).
- dma-debug: fix a possible deadlock on radix_lock (stable-fixes).
- dmaengine: apple-admac: Avoid accessing registers in probe (git-fixes).
- dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (git-fixes).
- dmaengine: dw: Select only supported masters for ACPI devices (git-fixes).
- dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357).
- dmaengine: mv_xor: fix child node refcount handling in early exit (git-fixes).
- dmaengine: tegra: Return correct DMA status when paused (git-fixes).
- dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
- docs: media: update location of the media patches (stable-fixes).
- docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-fixes).
- driver core: Add FWLINK_FLAG_IGNORE to completely ignore a fwnode link (stable-fixes).
- driver core: class: Fix wild pointer dereferences in API class_dev_iter_next() (git-fixes).
- driver core: fw_devlink: Improve logs for cycle detection (stable-fixes).
- driver core: fw_devlink: Stop trying to optimize cycle detection logic (git-fixes).
- drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
- drivers: net: ionic: add missed debugfs cleanup to ionic_probe() error path (git-fixes).
- drm/amd/display: Add HDR workaround for specific eDP (stable-fixes).
- drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw (stable-fixes).
- drm/amd/display: Add check for granularity in dml ceil/floor helpers (stable-fixes).
- drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes).
- drm/amd/display: Avoid overflow assignment in link_dp_cts (stable-fixes).
- drm/amd/display: Fix DSC-re-computing (stable-fixes).
- drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable-fixes).
- drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes).
- drm/amd/display: Revert Avoid overflow assignment (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
- drm/amd/display: Use gpuvm_min_page_size_kbytes for DML2 surfaces (stable-fixes).
- drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable-fixes).
- drm/amd/pm: Fix an error handling path in vega10_enable_se_edc_force_stall_config() (git-fixes).
- drm/amd/pm: fix the high voltage issue after unload (stable-fixes).
- drm/amd/pm: update current_socclk and current_uclk in gpu_metrics on smu v13.0.7 (stable-fixes).
- drm/amdgpu/gfx10: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/gfx11: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/gfx9: properly handle error ints on all pipes (stable-fixes).
- drm/amdgpu/gfx9: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/hdp5.2: do a posting read when flushing HDP (stable-fixes).
- drm/amdgpu/pm: Remove gpu_od if it's an empty directory (stable-fixes).
- drm/amdgpu/umsch: do not execute umsch test when GPU is in reset/suspend (stable-fixes).
- drm/amdgpu/umsch: reinitialize write pointer in hw init (stable-fixes).
- drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
- drm/amdgpu/vcn: reset fw_shared when VCPU buffers corrupted on vcn v4.0.3 (stable-fixes).
- drm/amdgpu: Block MMR_READ IOCTL in reset (stable-fixes).
- drm/amdgpu: Dereference the ATCS ACPI buffer (stable-fixes).
- drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (git-fixes).
- drm/amdgpu: add raven1 gfxoff quirk (stable-fixes).
- drm/amdgpu: add smu 14.0.1 discovery support (stable-fixes).
- drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
- drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts for vega20_ih (stable-fixes).
- drm/amdgpu: differentiate external rev id for gfx 11.5.0 (stable-fixes).
- drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable-fixes).
- drm/amdgpu: do not access invalid sched (git-fixes).
- drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes).
- drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable-fixes).
- drm/amdgpu: fix usage slab after free (stable-fixes).
- drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes).
- drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr (stable-fixes).
- drm/amdgpu: set the right AMDGPU sg segment limitation (stable-fixes).
- drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
- drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov (stable-fixes).
- drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini() (git-fixes).
- drm/amdkfd: Correct the migration DMA map direction (stable-fixes).
- drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes).
- drm/amdkfd: Use device based logging for errors (stable-fixes).
- drm/amdkfd: Use the correct wptr size (stable-fixes).
- drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes).
- drm/amdkfd: pause autosuspend when creating pdd (stable-fixes).
- drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes).
- drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
- drm/bridge: it6505: Enable module autoloading (stable-fixes).
- drm/bridge: it6505: Fix inverted reset polarity (git-fixes).
- drm/bridge: it6505: update usleep_range for RC circuit charge time (stable-fixes).
- drm/display: Fix building with GCC 15 (stable-fixes).
- drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes).
- drm/dp_mst: Fix MST sideband message body length check (stable-fixes).
- drm/dp_mst: Fix resetting msg rx state after topology removal (git-fixes).
- drm/dp_mst: Verify request type in the corresponding down message reply (stable-fixes).
- drm/etnaviv: Fix page property being used for non writecombine buffers (git-fixes).
- drm/etnaviv: flush shader L1 cache after user commandstream (stable-fixes).
- drm/i915/dg1: Fix power gate sequence (git-fixes).
- drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
- drm/i915: Fix NULL pointer dereference in capture_engine (git-fixes).
- drm/i915: Fix memory leak by correcting cache object name in error handler (git-fixes).
- drm/mcde: Enable module autoloading (stable-fixes).
- drm/mediatek: Add return value check when reading DPCD (git-fixes).
- drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes).
- drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes).
- drm/mediatek: Fix mode valid issue for dp (git-fixes).
- drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes).
- drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes).
- drm/mediatek: stop selecting foreign drivers (git-fixes).
- drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() (stable-fixes).
- drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
- drm/msm: Check return value of of_dma_configure() (git-fixes).
- drm/msm: do not clean up priv->kms prematurely (git-fixes).
- drm/nouveau/gsp: Use the sg allocator for level 2 of radix3 (stable-fixes).
- drm/panel: novatek-nt35950: fix return value check in nt35950_probe() (git-fixes).
- drm/panel: simple: Add Microchip AC69T88A LVDS Display panel (stable-fixes).
- drm/printer: Allow NULL data in devcoredump printer (stable-fixes).
- drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable-fixes).
- drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (stable-fixes).
- drm/radeon: Fix spurious unplug event on radeon HDMI (git-fixes).
- drm/radeon: add helper rdev_to_drm(rdev) (stable-fixes).
- drm/radeon: change rdev->ddev to rdev_to_drm(rdev) (stable-fixes).
- drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
- drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
- drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8 (git-fixes).
- drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-fixes).
- drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
- drm/sched: memset() 'job' in drm_sched_job_init() (stable-fixes).
- drm/tidss: Clear the interrupt status for interrupts being disabled (git-fixes).
- drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
- drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
- drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes).
- drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
- drm/vc4: hdmi: Avoid log spam for audio start failure (stable-fixes).
- drm/vc4: hvs: Set AXI panic modes for the HVS (stable-fixes).
- drm/vmwgfx: Add new keep_resv BO param (git-fixes).
- drm: adv7511: Drop dsi single lane support (git-fixes).
- drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Founder edition (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK (stable-fixes).
- drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- erofs: avoid debugging output for (de)compressed data (git-fixes).
- exfat: ensure that ctime is updated whenever the mtime is (git-fixes).
- exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes).
- exfat: fix the infinite loop in exfat_readdir() (git-fixes).
- exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes).
- ext4: add a new helper to check if es must be kept (bsc#1234170).
- ext4: add correct group descriptors and reserved GDT blocks to system zone (bsc#1234164).
- ext4: add missed brelse in update_backups (bsc#1234171).
- ext4: allow for the last group to be marked as trimmed (bsc#1234278).
- ext4: avoid buffer_head leak in ext4_mark_inode_used() (bsc#1234191).
- ext4: avoid excessive credit estimate in ext4_tmpfile() (bsc#1234180).
- ext4: avoid negative min_clusters in find_group_orlov() (bsc#1234193).
- ext4: avoid overlapping preallocations due to overflow (bsc#1234162).
- ext4: avoid potential buffer_head leak in __ext4_new_inode() (bsc#1234192).
- ext4: avoid writing unitialized memory to disk in EA inodes (bsc#1234187).
- ext4: check the extent status again before inserting delalloc block (bsc#1234186).
- ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard (bsc#1234190).
- ext4: convert to exclusive lock while inserting delalloc extents (bsc#1234178).
- ext4: correct best extent lstart adjustment logic (bsc#1234179).
- ext4: correct grp validation in ext4_mb_good_group (bsc#1234163).
- ext4: correct return value of ext4_convert_meta_bg (bsc#1234172).
- ext4: correct the hole length returned by ext4_map_blocks() (bsc#1234178).
- ext4: correct the start block of counting reserved clusters (bsc#1234169).
- ext4: do not let fstrim block system suspend (bsc#1234166).
- ext4: do not trim the group with corrupted block bitmap (bsc#1234177).
- ext4: factor out __es_alloc_extent() and __es_free_extent() (bsc#1234170).
- ext4: factor out a common helper to query extent map (bsc#1234186).
- ext4: fix inconsistent between segment fstrim and full fstrim (bsc#1234176).
- ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space() (bsc#1234188).
- ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit() (bsc#1234188).
- ext4: fix incorrect tid assumption in jbd2_journal_shrink_checkpoint_list() (bsc#1234188).
- ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (bsc#1214954).
- ext4: fix potential unnitialized variable (bsc#1234183).
- ext4: fix race between writepages and remount (bsc#1234168).
- ext4: fix rec_len verify error (bsc#1234167).
- ext4: fix slab-use-after-free in ext4_es_insert_extent() (bsc#1234170).
- ext4: fix uninitialized variable in ext4_inlinedir_to_tree (bsc#1234185).
- ext4: forbid commit inconsistent quota data when errors=remount-ro (bsc#1234178).
- ext4: make ext4_es_insert_delayed_block() return void (bsc#1234170).
- ext4: make ext4_es_insert_extent() return void (bsc#1234170).
- ext4: make ext4_es_remove_extent() return void (bsc#1234170).
- ext4: make ext4_zeroout_es() return void (bsc#1234170).
- ext4: make sure allocate pending entry not fail (bsc#1234170).
- ext4: mark buffer new if it is unwritten to avoid stale data exposure (bsc#1234175).
- ext4: move 'ix' sanity check to corrent position (bsc#1234174).
- ext4: move setting of trimmed bit into ext4_try_to_trim_range() (bsc#1234165).
- ext4: nested locking for xattr inode (bsc#1234189).
- ext4: propagate errors from ext4_find_extent() in ext4_insert_range() (bsc#1234194).
- ext4: refactor ext4_da_map_blocks() (bsc#1234178).
- ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks (bsc#1234173).
- ext4: remove the redundant folio_wait_stable() (bsc#1234184).
- ext4: set the type of max_zeroout to unsigned int to avoid overflow (bsc#1234182).
- ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow (bsc#1234181).
- ext4: use pre-allocated es in __es_insert_extent() (bsc#1234170).
- ext4: use pre-allocated es in __es_remove_extent() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_insert_delayed_block() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_insert_extent() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_remove_extent() (bsc#1234170).
- fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-fixes).
- filemap: Fix bounds checking in filemap_read() (bsc#1234209).
- filemap: add a per-mapping stable writes flag (bsc#1234141).
- firmware: arm_scmi: Reject clear channel request on A2P (stable-fixes).
- fs-writeback: do not requeue a clean inode having skipped pages (bsc#1234200).
- fs/writeback: bail out if there is no more inodes for IO and queued once (bsc#1234207).
- fsnotify: fix sending inotify event with unexpected filename (bsc#1234198).
- genirq/cpuhotplug: Retry with cpu_online_mask when migration fails (git-fixes).
- genirq/cpuhotplug: Skip suspended interrupts when restoring affinity (git-fixes).
- genirq/irqdesc: Honor caller provided affinity in alloc_desc() (git-fixes).
- genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
- genksyms: fix memory leak when the same symbol is added from source (git-fixes).
- genksyms: fix memory leak when the same symbol is read from *.symref file (git-fixes).
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
- gpio: grgpio: Add NULL check in grgpio_probe (git-fixes).
- gpio: grgpio: use a helper variable to store the address of ofdev->dev (stable-fixes).
- gpio: mxc: remove dead code after switch to DT-only (git-fixes).
- gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
- hfsplus: do not query the device logical block size multiple times (git-fixes).
- hvc/xen: fix console unplug (git-fixes).
- hvc/xen: fix error path in xen_hvc_init() to always register frontend driver (git-fixes).
- hvc/xen: fix event channel handling for secondary consoles (git-fixes).
- hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes).
- hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
- hwmon: (nct6775) Add 665-ACE/600M-CL to ASUS WMI monitoring list (stable-fixes).
- hwmon: (pmbus/core) clear faults after setting smbalert mask (git-fixes).
- hwmon: (pmbus_core) Allow to hook PMBUS_SMBALERT_MASK (stable-fixes).
- hwmon: (tmp513) Do not use "proxy" headers (stable-fixes).
- hwmon: (tmp513) Fix Current Register value interpretation (git-fixes).
- hwmon: (tmp513) Fix division of negative numbers (git-fixes).
- hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit Registers (git-fixes).
- hwmon: (tmp513) Fix interpretation of values of Temperature Result and Limit Registers (git-fixes).
- hwmon: (tmp513) Simplify with dev_err_probe() (stable-fixes).
- hwmon: (tmp513) Use SI constants from units.h (stable-fixes).
- hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
- i2c: core: fix reference leak in i2c_register_adapter() (git-fixes).
- i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
- i2c: i801: Add support for Intel Panther Lake (stable-fixes).
- i2c: imx: add imx7d compatible string for applying erratum ERR007805 (git-fixes).
- i2c: microchip-core: actually use repeated sends (git-fixes).
- i2c: microchip-core: fix "ghost" detections (git-fixes).
- i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes).
- i2c: pnx: Fix timeout in wait functions (git-fixes).
- i2c: rcar: fix NACK handling when being a target (git-fixes).
- i2c: riic: Always round-up when calculating bus period (git-fixes).
- i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable-fixes).
- i40e: Fix handling changed priv flags (git-fixes).
- i915/guc: Accumulate active runtime on gt reset (git-fixes).
- i915/guc: Ensure busyness counter increases motonically (git-fixes).
- i915/guc: Reset engine utilization buffer before registration (git-fixes).
- ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
- ice: Unbind the workqueue (bsc#1234989)
- ice: change q_index variable type to s16 to store -1 value (git-fixes).
- ice: consistently use q_idx in ice_vc_cfg_qs_msg() (git-fixes).
- ice: fix PHY Clock Recovery availability check (git-fixes).
- idpf: add support for SW triggered interrupts (bsc#1235507).
- idpf: enable WB_ON_ITR (bsc#1235507).
- idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507).
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes).
- igb: Fix potential invalid memory access in igb_init_module() (git-fixes).
- iio: adc: ad7124: Disable all channels at probe time (git-fixes).
- iio: adc: ad_sigma_delta: Handle CS assertion as intended in ad_sd_read_reg_raw() (git-fixes).
- iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes).
- iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes).
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes).
- iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes).
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes).
- iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes).
- iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-fixes).
- iio: imu: kmx61: fix information leak in triggered buffer (git-fixes).
- iio: inkern: call iio_device_put() only on mapped devices (git-fixes).
- iio: light: as73211: fix channel handling in only-color triggered buffer (git-fixes).
- iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes).
- iio: magnetometer: yas530: use signed integer type for clamp limits (git-fixes).
- iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes).
- iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes).
- instrumentation: Wire up cmpxchg128() (bsc#1220773).
- intel_th: core: fix kernel-doc warnings (git-fixes).
- io_uring/rw: avoid punting to io-wq directly (git-fixes).
- io_uring/tctx: work around xa_store() allocation error issue (git-fixes).
- io_uring: Fix registered ring file refcount leak (git-fixes).
- io_uring: always lock __io_cqring_overflow_flush (git-fixes).
- io_uring: check if iowq is killed before queuing (git-fixes).
- iommu/io-pgtable-arm: Fix stage-2 map/unmap for concatenated tables (git-fixes).
- ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
- ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-fixes).
- irqchip/gic-v3: Force propagation of the active state with a read-back (stable-fixes).
- irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (stable-fixes).
- irqflags: Explicitly ignore lockdep_hrtimer_exit() argument (git-fixes).
- isofs: handle CDs with bad root inode but good Joliet root directory (bsc#1234199).
- ixgbe: downgrade logging of unsupported VF API version to debug (git-fixes).
- ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (git-fixes).
- jffs2: Fix rtime decompressor (git-fixes).
- jffs2: Prevent rtime decompress memory corruption (git-fixes).
- jffs2: fix use of uninitialized variable (git-fixes).
- jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git-fixes).
- jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes).
- jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes).
- jfs: fix shift-out-of-bounds in dbSplit (git-fixes).
- jfs: xattr: check invalid xattr size more strictly (git-fixes).
- kABI workaround for struct auto_pin_cfg_item change (git-fixes).
- kABI workaround for struct drm_dp_mst_topology_mgr (git-fixes).
- kabi/severities: make vcap_find_actionfield PASS (bsc#1220773)
- kasan: make report_lock a raw spinlock (git-fixes).
- kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-fixes).
- kdb: Fix buffer overflow during tab-complete (bsc#1234652).
- kdb: Fix console handling when editing and tab-completing commands (bsc#1234655).
- kdb: Merge identical case statements in kdb_read() (bsc#1234657).
- kdb: Use format-specifiers rather than memset() for padding in kdb_read() (bsc#1234658).
- kdb: Use format-strings rather than '\0' injection in kdb_read() (bsc#1234654).
- kdb: Use the passed prompt in kdb_position_cursor() (bsc#1234654).
- kdb: address -Wformat-security warnings (bsc#1234659).
- kgdb: Flush console before entering kgdb on panic (bsc#1234651).
- kheaders: Ignore silly-rename files (stable-fixes).
- ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
- ktest.pl: Check kernelrelease return in get_version (git-fixes).
- ktest.pl: Fix typo "accesing" (git-fixes).
- ktest.pl: Fix typo in comment (git-fixes).
- ktest.pl: Remove unused declarations in run_bisect_test function (git-fixes).
- ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-fixes).
- landlock: Handle weird files (git-fixes).
- latencytop: use correct kernel-doc format for func params (git-fixes).
- leds: class: Protect brightness_show() with led_cdev->led_access mutex (stable-fixes).
- leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
- leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata() (git-fixes).
- lib/inflate.c: remove dead code (git-fixes).
- lib/stackdepot: print disabled message only if truly disabled (git-fixes).
- linux/dmaengine.h: fix a few kernel-doc warnings (git-fixes).
- locking/atomic/x86: Correct the definition of __arch_try_cmpxchg128() (bsc#1220773 git-fix).
- loop: fix the the direct I/O support check when used on top of block devices (bsc#1234143).
- mac80211: fix user-power when emulating chanctx (stable-fixes).
- mac802154: check local interfaces before deleting sdata list (stable-fixes).
- mailbox: pcc: Add support for platform notification handling (stable-fixes).
- mailbox: pcc: Support shared interrupt for multiple subspaces (stable-fixes).
- mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
- maple_tree: simplify split calculation (git-fixes).
- media: camif-core: Add check for clk_enable() (git-fixes).
- media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
- media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
- media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
- media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (stable-fixes).
- media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (git-fixes).
- media: dvb-usb-v2: af9035: fix ISO C90 compilation error on af9035_i2c_master_xfer (git-fixes).
- media: i2c: imx412: Add missing newline to prints (git-fixes).
- media: i2c: ov9282: Correct the exposure offset (git-fixes).
- media: imx-jpeg: Fix potential error pointer dereference in detach_pm() (git-fixes).
- media: imx296: Add standby delay during probe (git-fixes).
- media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
- media: marvell: Add check for clk_enable() (git-fixes).
- media: mc: fix endpoint iteration (git-fixes).
- media: mipi-csis: Add check for clk_enable() (git-fixes).
- media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
- media: ov5640: fix get_light_freq on auto (git-fixes).
- media: rc: iguanair: handle timeouts (git-fixes).
- media: rkisp1: Fix unused value issue (git-fixes).
- media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (stable-fixes).
- media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
- media: uvcvideo: Fix double free in error path (git-fixes).
- media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
- media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes).
- media: uvcvideo: Only save async fh if success (git-fixes).
- media: uvcvideo: Propagate buf->error to userspace (git-fixes).
- media: uvcvideo: RealSense D421 Depth module metadata (stable-fixes).
- media: uvcvideo: Remove dangling pointers (git-fixes).
- media: uvcvideo: Remove redundant NULL assignment (git-fixes).
- media: uvcvideo: Support partial control reads (git-fixes).
- memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git-fixes).
- memory-failure: use a folio in me_huge_page() (git-fixes).
- memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() (git-fixes).
- mfd: da9052-spi: Change read-mask to write-mask (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device (git-fixes).
- misc: fastrpc: Deregister device nodes properly in error scenarios (git-fixes).
- misc: fastrpc: Fix copy buffer page size (git-fixes).
- misc: fastrpc: Fix registered buffer page address (git-fixes).
- misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes).
- misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes).
- misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-fixes).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list (git-fixes).
- mm/filemap: avoid buffered read/write race to read inconsistent data (bsc#1234204).
- mm/memory-failure: cast index to loff_t before shifting it (git-fixes).
- mm/memory-failure: check the mapcount of the precise page (git-fixes).
- mm/memory-failure: fix crash in split_huge_page_to_list from soft_offline_page (git-fixes).
- mm/memory-failure: pass the folio and the page to collect_procs() (git-fixes).
- mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git-fixes).
- mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
- mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes).
- mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
- mm/memory_hotplug: use pfn math in place of direct struct page manipulation (git-fixes).
- mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes).
- mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git-fixes).
- mm/migrate: putback split folios when numa hint migration fails (git-fixes).
- mm/migrate: split source folio if it is on deferred split list (git-fixes).
- mm/page_owner: remove free_ts from page_owner output (git-fixes).
- mm/readahead: do not allow order-1 folio (bsc#1234205).
- mm/readahead: limit page cache size in page_cache_ra_order() (bsc#1234208).
- mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
- mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes).
- mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git-fixes).
- mm: memory-failure: fetch compound head after extra page refcnt is held (git-fixes).
- mm: memory-failure: fix potential page refcnt leak in memory_failure() (git-fixes).
- mm: memory-failure: fix race window when trying to get hugetlb folio (git-fixes).
- mm: memory-failure: remove unneeded PageHuge() check (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- mmc: core: Add SD card quirk for broken poweroff notification (stable-fixes).
- mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting (git-fixes).
- mmc: mtk-sd: fix devm_clk_get_optional usage (stable-fixes).
- mmc: sdhci-esdhc-imx: enable quirks SDHCI_QUIRK_NO_LED (stable-fixes).
- mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia Edu Atla 10 tablet (stable-fixes).
- mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (git-fixes).
- modpost: fix the missed iteration for the max bit in do_input() (git-fixes).
- mtd: diskonchip: Cast an operand to prevent potential overflow (git-fixes).
- mtd: hyperbus: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes).
- mtd: hyperbus: rpc-if: Convert to platform remove callback returning void (stable-fixes).
- mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
- mtd: rawnand: arasan: Fix double assertion of chip-select (git-fixes).
- mtd: rawnand: arasan: Fix missing de-registration of NAND (git-fixes).
- mtd: rawnand: fix double free in atmel_pmecc_create_user() (git-fixes).
- mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
- net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (git-fixes).
- net/ipv6: release expired exception dst cached in socket (bsc#1216813).
- net/mlx5e: CT: Fix null-ptr-deref in add rule err flow (git-fixes).
- net/mlx5e: Remove workaround to avoid syndrome for internal port (git-fixes).
- net/mlx5e: clear xdp features on non-uplink representors (git-fixes).
- net/qed: allow old cards not supporting "num_images" to work (git-fixes).
- net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
- net: Return error from sk_stream_wait_connect() if sk_wait_event() fails (git-fixes).
- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246).
- net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset (git-fixes).
- net: rose: fix timer races against user threads (git-fixes).
- net: usb: qmi_wwan: add Quectel RG650V (stable-fixes).
- net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes).
- net: usb: rtl8150: enable basic endpoint checking (git-fixes).
- net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() (git-fixes).
- net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
- netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778 ZDI-24-1454).
- nfs: ignore SB_RDONLY when mounting nfs (git-fixes).
- nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (git-fixes).
- nfsd: make sure exp active before svc_export_show (git-fixes).
- nfsd: release svc_expkey/svc_export with rcu_work (git-fixes).
- nfsd: restore callback functionality for NFSv4.0 (git-fixes).
- nilfs2: fix buffer head leaks in calls to truncate_inode_pages() (git-fixes).
- nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
- nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes).
- nilfs2: prevent use of deleted inode (git-fixes).
- nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes).
- nvme-rdma: unquiesce admin_q before destroy it (git-fixes).
- nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
- nvme-tcp: fix the memleak while create new ctrl failed (git-fixes).
- nvme/multipath: Fix RCU list traversal to use SRCU primitive (git-fixes).
- nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
- nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
- nvme: apple: fix device reference counting (git-fixes).
- nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-fixes).
- nvme: fix metadata handling in nvme-passthrough (git-fixes).
- nvmet-loop: avoid using mutex in IO hotpath (git-fixes).
- nvmet: propagate npwg topology (git-fixes).
- ocfs2: fix uninitialized value in ocfs2_file_read_iter() (git-fixes).
- ocfs2: free inode when ocfs2_get_init_inode() fails (git-fixes).
- of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (git-fixes).
- of: Fix error path in of_parse_phandle_with_args_map() (git-fixes).
- of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (git-fixes).
- of: address: Report error on resource bounds overflow (stable-fixes).
- padata: add pd get/put refcnt helper (git-fixes).
- padata: avoid UAF for reorder_work (git-fixes).
- padata: fix UAF in padata_reorder (git-fixes).
- parisc: Raise minimal GCC version (bsc#1220773).
- parisc: Raise minimal GCC version to 12.0.0 (bsc#1220773 git-fix).
- percpu: Add {raw,this}_cpu_try_cmpxchg() (bsc#1220773).
- percpu: Fix self-assignment of __old in raw_cpu_generic_try_cmpxchg() (bsc#1220773 git-fix).
- percpu: Wire up cmpxchg128 (bsc#1220773).
- phy: core: Fix an OF node refcount leakage in _of_phy_get() (git-fixes).
- phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (git-fixes).
- phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (git-fixes).
- phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (git-fixes).
- phy: core: Fix that API devm_phy_put() fails to release the phy (git-fixes).
- phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP (git-fixes).
- phy: rockchip: naneng-combphy: fix phy reset (git-fixes).
- phy: usb: Toggle the PHY power during init (git-fixes).
- pinctrl: amd: Take suspend type into consideration which pins are non-wake (git-fixes).
- pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes).
- pinctrl: qcom-pmic-gpio: add support for PM8937 (stable-fixes).
- pinctrl: qcom: spmi-mpp: Add PM8937 compatible (stable-fixes).
- pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional() fails (git-fixes).
- pinmux: Use sequential access to access desc->pinmux data (stable-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1225897).
- platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes).
- platform/x86: dell-smbios-base: Extends support to Alienware products (stable-fixes).
- platform/x86: dell-wmi-base: Handle META key Lock/Unlock events (stable-fixes).
- platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW showing incorrect fan speed (stable-fixes).
- pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
- power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
- power: supply: gpio-charger: Fix set charge current limits (git-fixes).
- powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108).
- powerpc/iommu: Move pSeries specific functions to pseries/iommu.c (bsc#1220711 ltc#205755).
- powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755).
- powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
- powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW (bsc#1218470 ltc#204531).
- powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825).
- pps: add an error check in parport_attach (git-fixes).
- pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- printk: Add is_printk_legacy_deferred() (bsc#1236733).
- printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
- proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git-fixes).
- pwm: stm32-lp: Add check for clk_enable() (git-fixes).
- pwm: stm32: Add check for clk_enable() (git-fixes).
- quota: Fix rcu annotations of inode dquot pointers (bsc#1234197).
- quota: explicitly forbid quota files from being encrypted (bsc#1234196).
- quota: flush quota_release_work upon quota writeback (bsc#1234195).
- quota: simplify drop_dquot_ref() (bsc#1234197).
- rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
- rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
- rcu: Dump memory object info if callback function is invalid (git-fixes)
- rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
- rcuscale: Move rcu_scale_writer() (git-fixes)
- rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
- readahead: use ilog2 instead of a while loop in page_cache_ra_order() (bsc#1234208).
- regmap: Use correct format specifier for logging range errors (stable-fixes).
- regulator: core: Add missing newline character (git-fixes).
- regulator: of: Implement the unwind path of of_regulator_match() (git-fixes).
- regulator: rk808: Add apply_bit for BUCK3 on RK809 (stable-fixes).
- remoteproc: core: Fix ida_free call while not allocated (git-fixes).
- rtc: cmos: avoid taking rtc_lock for extended period of time (stable-fixes).
- rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
- rtc: zynqmp: Fix optional clock name property (git-fixes).
- s390/cio: Do not unregister the subchannel based on DNV (git-fixes).
- s390/cpum_sf: Convert to cmpxchg128() (bsc#1220773).
- s390/cpum_sf: Handle CPU hotplug remove during sampling (git-fixes).
- s390/cpum_sf: Remove WARN_ON_ONCE statements (git-fixes).
- s390/facility: Disable compile time optimization for decompressor code (git-fixes).
- s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (git-fixes).
- s390/pageattr: Implement missing kernel_page_present() (git-fixes).
- s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
- samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
- scatterlist: fix incorrect func name in kernel-doc (git-fixes).
- sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat (bsc#1235865).
- sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi (bsc#1235865).
- sched/numa: fix memory leak due to the overwritten vma->numab_state (git fixes (sched/numa)).
- scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409).
- scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409).
- scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409).
- scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409).
- scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409).
- scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409).
- scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409).
- scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409).
- scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409).
- scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409).
- scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406).
- scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406).
- scsi: qla2xxx: Fix use after free on unload (bsc#1235406).
- scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406).
- scsi: qla2xxx: Remove the unused 'del_list_entry' field in struct fc_port (bsc#1235406).
- scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406).
- scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406).
- scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes).
- scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-fixes).
- seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
- selftest: media_tests: fix trivial UAF typo (git-fixes).
- selftests/alsa: Fix circular dependency involving global-timer (stable-fixes).
- selftests/bpf: Test PROBE_MEM of VSYSCALL_ADDR on x86-64 (git-fixes).
- selftests/landlock: Fix error message (git-fixes).
- selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
- selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
- selftests: harness: fix printing of mismatch values in __EXPECT() (git-fixes).
- selftests: mptcp: avoid spurious errors on disconnect (git-fixes).
- selftests: tc-testing: reduce rshift value (stable-fixes).
- selftests: timers: clocksource-switch: Adapt progress to kselftest framework (git-fixes).
- selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
- serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
- serial: 8250_dw: Add Sophgo SG2044 quirk (stable-fixes).
- serial: 8250_dw: Do not use struct dw8250_data outside of 8250_dw (git-fixes).
- serial: 8250_dw: Replace ACPI device check by a quirk (git-fixes).
- serial: 8250_fintek: Add support for F81216E (stable-fixes).
- serial: Do not hold the port lock when setting rx-during-tx GPIO (git-fixes).
- serial: amba-pl011: Fix RX stall when DMA is used (git-fixes).
- serial: amba-pl011: Use port lock wrappers (stable-fixes).
- serial: amba-pl011: fix build regression (git-fixes).
- serial: do not use uninitialized value in uart_poll_init() (git-fixes).
- serial: imx: only set receiver level if it is zero (git-fixes).
- serial: imx: set receiver level before starting uart (git-fixes).
- serial: qcom-geni: Do not cancel/abort if we can't get the port lock (git-fixes).
- serial: qcom-geni: disable interrupts during console writes (git-fixes).
- serial: qcom-geni: fix arg types for qcom_geni_serial_poll_bit() (git-fixes).
- serial: qcom-geni: fix console corruption (git-fixes).
- serial: qcom-geni: fix dma rx cancellation (git-fixes).
- serial: qcom-geni: fix false console tx restart (git-fixes).
- serial: qcom-geni: fix fifo polling timeout (git-fixes).
- serial: qcom-geni: fix hard lockup on buffer flush (git-fixes).
- serial: qcom-geni: fix polled console corruption (git-fixes).
- serial: qcom-geni: fix polled console initialisation (git-fixes).
- serial: qcom-geni: fix receiver enable (git-fixes).
- serial: qcom-geni: fix shutdown race (git-fixes).
- serial: qcom-geni: fix soft lockup on sw flow control and suspend (git-fixes).
- serial: qcom-geni: introduce qcom_geni_serial_poll_bitfield() (git-fixes).
- serial: qcom-geni: revert broken hibernation support (git-fixes).
- serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (git-fixes).
- serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
- serial: stm32: Return IRQ_NONE in the ISR if no handling happend (git-fixes).
- serial: stm32: do not always set SER_RS485_RX_DURING_TX if RS485 is enabled (git-fixes).
- slub: Replace cmpxchg_double() (bsc#1220773).
- slub: Replace cmpxchg_double() - KABI fix (bsc#1220773).
- smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: fix issue described in bsc#1233642]
- soc/fsl: cpm: qmc: Convert to platform remove callback returning void (stable-fixes).
- soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
- soc: fsl: cpm1: qmc: Fix blank line and spaces (stable-fixes).
- soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its CPM1 version (stable-fixes).
- soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their CPM1 version (stable-fixes).
- soc: fsl: cpm1: qmc: Re-order probe() operations (stable-fixes).
- soc: fsl: cpm1: qmc: Set the ret error code on platform_get_irq() failure (git-fixes).
- soc: imx8m: Probe the SoC driver as platform driver (stable-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
- soc: qcom: Add check devm_kasprintf() returned value (stable-fixes).
- soc: qcom: geni-se: Add M_TX_FIFO_NOT_EMPTY bit definition (git-fixes).
- soc: qcom: geni-se: add GP_LENGTH/IRQ_EN_SET/IRQ_EN_CLEAR registers (git-fixes).
- soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
- soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
- soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (git-fixes).
- sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
- sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes).
- spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() (git-fixes).
- spi: zynq-qspi: Add check for clk_enable() (git-fixes).
- srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
- srcu: Only accelerate on enqueue time (git-fixes)
- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
- staging: iio: ad9832: Correct phase range check (git-fixes).
- staging: iio: ad9834: Correct phase range check (git-fixes).
- staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-fixes).
- staging: media: max96712: fix kernel oops when removing module (git-fixes).
- sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (git-fixes).
- sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (git-fixes).
- sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() (git-fixes).
- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8645)
- svcrdma: Address an integer overflow (git-fixes).
- svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git-fixes).
- swiotlb: Enforce page alignment in swiotlb_alloc() (git-fixes).
- swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE (git-fixes).
- thermal/drivers/qcom/tsens-v1: Add support for MSM8937 tsens (stable-fixes).
- thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes).
- thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
- thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes).
- tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
- tools: Sync if_xdp.h uapi tooling header (git-fixes).
- tools: hv: change permissions of NetworkManager configuration file (git-fixes).
- tpm/eventlog: Limit memory allocations for event logs with excessive size (bsc#1233260 bsc#1233259 bsc#1232421).
- tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421).
- tpm_tis_spi: Release chip select when flow control fails (bsc#1234338)
- tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes).
- tty: serial: kgdboc: Fix 8250_* kgdb over serial (git-fixes).
- types: Introduce [us]128 (bsc#1220773).
- ubifs: Correct the total block count by deducting journal reservation (git-fixes).
- ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git-fixes).
- ubifs: skip dumping tnc tree when zroot is null (git-fixes).
- udf: Fix lock ordering in udf_evict_inode() (bsc#1234238).
- udf: fix uninit-value use in udf_get_fileshortad (bsc#1234243).
- udf: prevent integer overflow in udf_bitmap_free_blocks() (bsc#1234239).
- udf: refactor inode_bmap() to handle error (bsc#1234242).
- udf: refactor udf_current_aext() to handle error (bsc#1234240).
- udf: refactor udf_next_aext() to handle error (bsc#1234241).
- udf: udftime: prevent overflow in udf_disk_stamp_to_time() (bsc#1234237).
- uio: Fix return value of poll (git-fixes).
- uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-fixes).
- usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
- usb: add support for new USB device ID 0x17EF:0x3098 for the r8152 driver (stable-fixes).
- usb: cdns3-ti: Add workaround for Errata i2409 (stable-fixes).
- usb: cdns3: Add quirk flag to enable suspend residency (stable-fixes).
- usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes).
- usb: chipidea: udc: handle USB Error Interrupt if IOC not set (stable-fixes).
- usb: dwc2: Fix HCD port connection race (git-fixes).
- usb: dwc2: Fix HCD resume (git-fixes).
- usb: dwc2: gadget: Do not write invalid mapped sg entries into dma_desc with iommu enabled (stable-fixes).
- usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (git-fixes).
- usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
- usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
- usb: dwc3: ep0: Do not clear ep0 DWC3_EP_TRANSFER_STARTED (git-fixes).
- usb: dwc3: ep0: Do not reset resource alloc flag (git-fixes).
- usb: dwc3: ep0: Do not reset resource alloc flag (including ep0) (git-fixes).
- usb: dwc3: gadget: Rewrite endpoint allocation flow (stable-fixes).
- usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
- usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode (git-fixes).
- usb: ehci-hcd: fix call balance of clocks handling routines (git-fixes).
- usb: fix reference leak in usb_new_device() (git-fixes).
- usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes).
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes).
- usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
- usb: gadget: f_tcm: Do not free command immediately (git-fixes).
- usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
- usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
- usb: gadget: f_tcm: Translate error to sense (git-fixes).
- usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes).
- usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes).
- usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (git-fixes).
- usb: host: max3421-hcd: Correctly abort a USB request (git-fixes).
- usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
- usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe() (git-fixes).
- usb: typec: anx7411: fix fwnode_handle reference leak (git-fixes).
- usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (bsc#1235001)
- usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes).
- usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (git-fixes).
- usb: typec: use cleanup facility for 'altmodes_node' (stable-fixes).
- usbnet: ipheth: break up NCM header size computation (git-fixes).
- usbnet: ipheth: check that DPE points past NCM header (git-fixes).
- usbnet: ipheth: fix DPE OoB read (git-fixes).
- usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
- usbnet: ipheth: refactor NCM datagram loop (git-fixes).
- usbnet: ipheth: use static NDP16 location in URB (git-fixes).
- vDPA/ifcvf: Fix pci_read_config_byte() return code handling (git-fixes).
- vdpa/mlx5: Fix PA offset with unaligned starting iotlb map (git-fixes).
- vdpa/mlx5: Fix suboptimal range on iotlb iteration (git-fixes).
- vdpa: solidrun: Fix UB bug with devres (git-fixes).
- vfs: fix readahead(2) on block devices (bsc#1234201).
- vmscan,migrate: fix page count imbalance on node stats when demoting pages (git-fixes).
- watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes).
- watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset (stable-fixes).
- watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes).
- wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855 (git-fixes).
- wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
- wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-fixes).
- wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
- wifi: ath5k: add PCI ID for Arcadyan devices (git-fixes).
- wifi: ath5k: add PCI ID for SX76X (git-fixes).
- wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (stable-fixes).
- wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
- wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
- wifi: cfg80211: sme: init n_channels before channels[] access (git-fixes).
- wifi: cw1200: Fix potential NULL dereference (git-fixes).
- wifi: ipw2x00: libipw_rx_any(): fix bad alignment (stable-fixes).
- wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
- wifi: iwlwifi: mvm: Use the sync timepoint API in suspend (stable-fixes).
- wifi: mac80211: Add non-atomic station iterator (stable-fixes).
- wifi: mac80211: Fix common size calculation for ML element (git-fixes).
- wifi: mac80211: clean up 'ret' in sta_link_apply_parameters() (stable-fixes).
- wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
- wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable-fixes).
- wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes).
- wifi: mac80211: fix station NSS capability initialization order (git-fixes).
- wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
- wifi: mac80211: init cnt before accessing elem in ieee80211_copy_mbssid_beacon (git-fixes).
- wifi: mac80211: prohibit deactivating all links (git-fixes).
- wifi: mac80211: wake the queues in case of failure in resume (stable-fixes).
- wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO (git-fixes).
- wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
- wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916 (git-fixes).
- wifi: mt76: mt7915: firmware restart on devices with a second pcie link (git-fixes).
- wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-fixes).
- wifi: mt76: mt7915: fix register mapping (git-fixes).
- wifi: mt76: mt7921: fix using incorrect group cipher after disconnection (git-fixes).
- wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
- wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
- wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
- wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
- wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
- wifi: mt76: mt7996: fix ldpc setting (git-fixes).
- wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-fixes).
- wifi: mt76: mt7996: fix register mapping (git-fixes).
- wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-fixes).
- wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-fixes).
- wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one (git-fixes).
- wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures (stable-fixes).
- wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
- wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
- wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
- wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-fixes).
- wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-fixes).
- wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
- wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (git-fixes).
- wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
- wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop (git-fixes).
- wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
- wifi: rtlwifi: wait for firmware loading before releasing memory (git-fixes).
- wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes).
- wifi: rtw89: check return value of ieee80211_probereq_get() for RNR (stable-fixes).
- wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
- wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
- wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
- workqueue: Add rcu lock check at the end of work item execution (bsc#1236732).
- workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416).
- writeback, cgroup: switch inodes with dirty timestamps to release dying cgwbs (bsc#1234203).
- x86,amd_iommu: Replace cmpxchg_double() (bsc#1220773).
- x86,intel_iommu: Replace cmpxchg_double() (bsc#1220773).
- x86/hyperv: Fix hv tsc page based sched_clock for hibernation (git-fixes).
- x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes).
- xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
- xfs: Propagate errors from xfs_reflink_cancel_cow_range in xfs_dax_write_iomap_end (git-fixes).
- xfs: do not allocate COW extents when unsharing a hole (git-fixes).
- xfs: fix sb_spino_align checks for large fsblock sizes (git-fixes).
- xfs: remove unknown compat feature check in superblock write validation (git-fixes).
- xfs: return from xfs_symlink_verify early on V4 filesystems (git-fixes).
- xfs: sb_spino_align is not verified (git-fixes).
- xhci: Add usb cold attach (CAS) as a reason to resume root hub (git-fixes).
- xhci: Allow RPM on the USB controller (1022:43f7) by default (stable-fixes).
- xhci: fix possible null pointer deref during xhci urb enqueue (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1194869SUSE bug 1214954SUSE bug 1215199SUSE bug 1216813SUSE bug 1218470SUSE bug 1220711SUSE bug 1220773SUSE bug 1224095SUSE bug 1224726SUSE bug 1225743SUSE bug 1225820SUSE bug 1225897SUSE bug 1226980SUSE bug 1227445SUSE bug 1228526SUSE bug 1228592SUSE bug 1229809SUSE bug 1229833SUSE bug 1230205SUSE bug 1230413SUSE bug 1230697SUSE bug 1231016SUSE bug 1231854SUSE bug 1231909SUSE bug 1231963SUSE bug 1232087SUSE bug 1232101SUSE bug 1232158SUSE bug 1232161SUSE bug 1232193SUSE bug 1232198SUSE bug 1232201SUSE bug 1232418SUSE bug 1232419SUSE bug 1232420SUSE bug 1232421SUSE bug 1232436SUSE bug 1232882SUSE bug 1233038SUSE bug 1233055SUSE bug 1233070SUSE bug 1233096SUSE bug 1233112SUSE bug 1233200SUSE bug 1233204SUSE bug 1233239SUSE bug 1233259SUSE bug 1233260SUSE bug 1233324SUSE bug 1233328SUSE bug 1233461SUSE bug 1233467SUSE bug 1233469SUSE bug 1233488SUSE bug 1233546SUSE bug 1233558SUSE bug 1233637SUSE bug 1233638SUSE bug 1233642SUSE bug 1233772SUSE bug 1233778SUSE bug 1233837SUSE bug 1234024SUSE bug 1234069SUSE bug 1234071SUSE bug 1234073SUSE bug 1234075SUSE bug 1234076SUSE bug 1234077SUSE bug 1234079SUSE bug 1234086SUSE bug 1234139SUSE bug 1234140SUSE bug 1234141SUSE bug 1234142SUSE bug 1234143SUSE bug 1234144SUSE bug 1234145SUSE bug 1234146SUSE bug 1234147SUSE bug 1234148SUSE bug 1234149SUSE bug 1234150SUSE bug 1234153SUSE bug 1234155SUSE bug 1234156SUSE bug 1234158SUSE bug 1234159SUSE bug 1234160SUSE bug 1234161SUSE bug 1234162SUSE bug 1234163SUSE bug 1234164SUSE bug 1234165SUSE bug 1234166SUSE bug 1234167SUSE bug 1234168SUSE bug 1234169SUSE bug 1234170SUSE bug 1234171SUSE bug 1234172SUSE bug 1234173SUSE bug 1234174SUSE bug 1234175SUSE bug 1234176SUSE bug 1234177SUSE bug 1234178SUSE bug 1234179SUSE bug 1234180SUSE bug 1234181SUSE bug 1234182SUSE bug 1234183SUSE bug 1234184SUSE bug 1234185SUSE bug 1234186SUSE bug 1234187SUSE bug 1234188SUSE bug 1234189SUSE bug 1234190SUSE bug 1234191SUSE bug 1234192SUSE bug 1234193SUSE bug 1234194SUSE bug 1234195SUSE bug 1234196SUSE bug 1234197SUSE bug 1234198SUSE bug 1234199SUSE bug 1234200SUSE bug 1234201SUSE bug 1234203SUSE bug 1234204SUSE bug 1234205SUSE bug 1234207SUSE bug 1234208SUSE bug 1234209SUSE bug 1234219SUSE bug 1234220SUSE bug 1234221SUSE bug 1234237SUSE bug 1234238SUSE bug 1234239SUSE bug 1234240SUSE bug 1234241SUSE bug 1234242SUSE bug 1234243SUSE bug 1234278SUSE bug 1234279SUSE bug 1234280SUSE bug 1234281SUSE bug 1234282SUSE bug 1234294SUSE bug 1234338SUSE bug 1234357SUSE bug 1234381SUSE bug 1234454SUSE bug 1234464SUSE bug 1234605SUSE bug 1234619SUSE bug 1234635SUSE bug 1234651SUSE bug 1234652SUSE bug 1234654SUSE bug 1234655SUSE bug 1234657SUSE bug 1234658SUSE bug 1234659SUSE bug 1234668SUSE bug 1234683SUSE bug 1234690SUSE bug 1234693SUSE bug 1234725SUSE bug 1234726SUSE bug 1234810SUSE bug 1234811SUSE bug 1234825SUSE bug 1234826SUSE bug 1234827SUSE bug 1234829SUSE bug 1234832SUSE bug 1234834SUSE bug 1234843SUSE bug 1234846SUSE bug 1234848SUSE bug 1234853SUSE bug 1234855SUSE bug 1234856SUSE bug 1234863SUSE bug 1234884SUSE bug 1234887SUSE bug 1234888SUSE bug 1234889SUSE bug 1234891SUSE bug 1234893SUSE bug 1234898SUSE bug 1234899SUSE bug 1234900SUSE bug 1234901SUSE bug 1234905SUSE bug 1234906SUSE bug 1234907SUSE bug 1234909SUSE bug 1234911SUSE bug 1234912SUSE bug 1234916SUSE bug 1234918SUSE bug 1234920SUSE bug 1234921SUSE bug 1234922SUSE bug 1234923SUSE bug 1234929SUSE bug 1234930SUSE bug 1234931SUSE bug 1234934SUSE bug 1234937SUSE bug 1234947SUSE bug 1234948SUSE bug 1234950SUSE bug 1234952SUSE bug 1234957SUSE bug 1234960SUSE bug 1234962SUSE bug 1234963SUSE bug 1234968SUSE bug 1234969SUSE bug 1234970SUSE bug 1234971SUSE bug 1234973SUSE bug 1234974SUSE bug 1234989SUSE bug 1234999SUSE bug 1235000SUSE bug 1235001SUSE bug 1235002SUSE bug 1235003SUSE bug 1235004SUSE bug 1235007SUSE bug 1235009SUSE bug 1235011SUSE bug 1235016SUSE bug 1235019SUSE bug 1235031SUSE bug 1235032SUSE bug 1235033SUSE bug 1235035SUSE bug 1235037SUSE bug 1235038SUSE bug 1235039SUSE bug 1235040SUSE bug 1235042SUSE bug 1235043SUSE bug 1235045SUSE bug 1235046SUSE bug 1235050SUSE bug 1235051SUSE bug 1235053SUSE bug 1235054SUSE bug 1235056SUSE bug 1235057SUSE bug 1235059SUSE bug 1235061SUSE bug 1235065SUSE bug 1235070SUSE bug 1235073SUSE bug 1235075SUSE bug 1235100SUSE bug 1235108SUSE bug 1235112SUSE bug 1235115SUSE bug 1235117SUSE bug 1235122SUSE bug 1235123SUSE bug 1235125SUSE bug 1235128SUSE bug 1235132SUSE bug 1235133SUSE bug 1235134SUSE bug 1235138SUSE bug 1235155SUSE bug 1235160SUSE bug 1235217SUSE bug 1235219SUSE bug 1235220SUSE bug 1235222SUSE bug 1235223SUSE bug 1235224SUSE bug 1235227SUSE bug 1235230SUSE bug 1235241SUSE bug 1235246SUSE bug 1235249SUSE bug 1235251SUSE bug 1235252SUSE bug 1235389SUSE bug 1235390SUSE bug 1235391SUSE bug 1235406SUSE bug 1235409SUSE bug 1235410SUSE bug 1235412SUSE bug 1235413SUSE bug 1235415SUSE bug 1235416SUSE bug 1235417SUSE bug 1235418SUSE bug 1235423SUSE bug 1235424SUSE bug 1235425SUSE bug 1235426SUSE bug 1235427SUSE bug 1235428SUSE bug 1235429SUSE bug 1235430SUSE bug 1235433SUSE bug 1235437SUSE bug 1235439SUSE bug 1235444SUSE bug 1235445SUSE bug 1235449SUSE bug 1235451SUSE bug 1235454SUSE bug 1235458SUSE bug 1235459SUSE bug 1235464SUSE bug 1235466SUSE bug 1235473SUSE bug 1235479SUSE bug 1235480SUSE bug 1235483SUSE bug 1235486SUSE bug 1235487SUSE bug 1235488SUSE bug 1235489SUSE bug 1235491SUSE bug 1235494SUSE bug 1235495SUSE bug 1235496SUSE bug 1235497SUSE bug 1235498SUSE bug 1235500SUSE bug 1235502SUSE bug 1235503SUSE bug 1235507SUSE bug 1235519SUSE bug 1235520SUSE bug 1235521SUSE bug 1235523SUSE bug 1235526SUSE bug 1235528SUSE bug 1235532SUSE bug 1235533SUSE bug 1235534SUSE bug 1235537SUSE bug 1235538SUSE bug 1235545SUSE bug 1235550SUSE bug 1235552SUSE bug 1235555SUSE bug 1235557SUSE bug 1235563SUSE bug 1235564SUSE bug 1235565SUSE bug 1235568SUSE bug 1235570SUSE bug 1235571SUSE bug 1235577SUSE bug 1235578SUSE bug 1235582SUSE bug 1235583SUSE bug 1235584SUSE bug 1235587SUSE bug 1235611SUSE bug 1235612SUSE bug 1235616SUSE bug 1235622SUSE bug 1235627SUSE bug 1235632SUSE bug 1235635SUSE bug 1235638SUSE bug 1235641SUSE bug 1235643SUSE bug 1235645SUSE bug 1235646SUSE bug 1235647SUSE bug 1235650SUSE bug 1235653SUSE bug 1235656SUSE bug 1235657SUSE bug 1235663SUSE bug 1235686SUSE bug 1235700SUSE bug 1235705SUSE bug 1235707SUSE bug 1235708SUSE bug 1235710SUSE bug 1235714SUSE bug 1235716SUSE bug 1235720SUSE bug 1235723SUSE bug 1235727SUSE bug 1235730SUSE bug 1235737SUSE bug 1235739SUSE bug 1235745SUSE bug 1235747SUSE bug 1235750SUSE bug 1235753SUSE bug 1235759SUSE bug 1235764SUSE bug 1235768SUSE bug 1235776SUSE bug 1235777SUSE bug 1235778SUSE bug 1235779SUSE bug 1235793SUSE bug 1235798SUSE bug 1235806SUSE bug 1235808SUSE bug 1235812SUSE bug 1235814SUSE bug 1235818SUSE bug 1235842SUSE bug 1235865SUSE bug 1235894SUSE bug 1235902SUSE bug 1235903SUSE bug 1235906SUSE bug 1235918SUSE bug 1235919SUSE bug 1235920SUSE bug 1235924SUSE bug 1235940SUSE bug 1235941SUSE bug 1235946SUSE bug 1235948SUSE bug 1235952SUSE bug 1235964SUSE bug 1235965SUSE bug 1235967SUSE bug 1235969SUSE bug 1235976SUSE bug 1235977SUSE bug 1236078SUSE bug 1236080SUSE bug 1236082SUSE bug 1236088SUSE bug 1236090SUSE bug 1236091SUSE bug 1236096SUSE bug 1236097SUSE bug 1236098SUSE bug 1236101SUSE bug 1236102SUSE bug 1236104SUSE bug 1236106SUSE bug 1236120SUSE bug 1236125SUSE bug 1236127SUSE bug 1236131SUSE bug 1236138SUSE bug 1236143SUSE bug 1236144SUSE bug 1236145SUSE bug 1236160SUSE bug 1236161SUSE bug 1236163SUSE bug 1236168SUSE bug 1236178SUSE bug 1236180SUSE bug 1236181SUSE bug 1236182SUSE bug 1236190SUSE bug 1236192SUSE bug 1236198SUSE bug 1236227SUSE bug 1236245SUSE bug 1236247SUSE bug 1236248SUSE bug 1236260SUSE bug 1236262SUSE bug 1236628SUSE bug 1236688SUSE bug 1236696SUSE bug 1236703SUSE bug 1236732SUSE bug 1236733CVE-2023-52923 at SUSECVE-2023-52923 at NVDCVE-2024-26924 at SUSECVE-2024-26924 at NVDCVE-2024-27397 at SUSECVE-2024-27397 at NVDCVE-2024-35839 at SUSECVE-2024-35839 at NVDCVE-2024-36476 at SUSECVE-2024-36476 at NVDCVE-2024-36908 at SUSECVE-2024-36908 at NVDCVE-2024-39282 at SUSECVE-2024-39282 at NVDCVE-2024-39480 at SUSECVE-2024-39480 at NVDCVE-2024-41042 at SUSECVE-2024-41042 at NVDCVE-2024-43913 at SUSECVE-2024-43913 at NVDCVE-2024-44934 at SUSECVE-2024-44934 at NVDCVE-2024-44996 at SUSECVE-2024-44996 at NVDCVE-2024-45828 at SUSECVE-2024-45828 at NVDCVE-2024-46896 at SUSECVE-2024-46896 at NVDCVE-2024-47141 at SUSECVE-2024-47141 at NVDCVE-2024-47143 at SUSECVE-2024-47143 at NVDCVE-2024-47678 at SUSECVE-2024-47678 at NVDCVE-2024-47809 at SUSECVE-2024-47809 at NVDCVE-2024-48873 at SUSECVE-2024-48873 at NVDCVE-2024-48881 at SUSECVE-2024-48881 at NVDCVE-2024-49569 at SUSECVE-2024-49569 at NVDCVE-2024-49854 at SUSECVE-2024-49854 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49915 at SUSECVE-2024-49915 at NVDCVE-2024-49948 at SUSECVE-2024-49948 at NVDCVE-2024-49951 at SUSECVE-2024-49951 at NVDCVE-2024-49978 at SUSECVE-2024-49978 at NVDCVE-2024-49998 at SUSECVE-2024-49998 at NVDCVE-2024-50016 at SUSECVE-2024-50016 at NVDCVE-2024-50018 at SUSECVE-2024-50018 at NVDCVE-2024-50039 at SUSECVE-2024-50039 at NVDCVE-2024-50047 at SUSECVE-2024-50047 at NVDCVE-2024-50051 at SUSECVE-2024-50051 at NVDCVE-2024-50106 at SUSECVE-2024-50106 at NVDCVE-2024-50143 at SUSECVE-2024-50143 at NVDCVE-2024-50151 at SUSECVE-2024-50151 at NVDCVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-50199 at SUSECVE-2024-50199 at NVDCVE-2024-50202 at SUSECVE-2024-50202 at NVDCVE-2024-50203 at SUSECVE-2024-50203 at NVDCVE-2024-50211 at SUSECVE-2024-50211 at NVDCVE-2024-50228 at SUSECVE-2024-50228 at NVDCVE-2024-50256 at SUSECVE-2024-50256 at NVDCVE-2024-50262 at SUSECVE-2024-50262 at NVDCVE-2024-50272 at SUSECVE-2024-50272 at NVDCVE-2024-50278 at SUSECVE-2024-50278 at NVDCVE-2024-50280 at SUSECVE-2024-50280 at NVDCVE-2024-50299 at SUSECVE-2024-50299 at NVDCVE-2024-52332 at SUSECVE-2024-52332 at NVDCVE-2024-53050 at SUSECVE-2024-53050 at NVDCVE-2024-53064 at SUSECVE-2024-53064 at NVDCVE-2024-53090 at SUSECVE-2024-53090 at NVDCVE-2024-53091 at SUSECVE-2024-53091 at NVDCVE-2024-53095 at SUSECVE-2024-53095 at NVDCVE-2024-53099 at SUSECVE-2024-53099 at NVDCVE-2024-53103 at SUSECVE-2024-53103 at NVDCVE-2024-53105 at SUSECVE-2024-53105 at NVDCVE-2024-53111 at SUSECVE-2024-53111 at NVDCVE-2024-53113 at SUSECVE-2024-53113 at NVDCVE-2024-53117 at SUSECVE-2024-53117 at NVDCVE-2024-53118 at SUSECVE-2024-53118 at NVDCVE-2024-53119 at SUSECVE-2024-53119 at NVDCVE-2024-53120 at SUSECVE-2024-53120 at NVDCVE-2024-53122 at SUSECVE-2024-53122 at NVDCVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-53126 at SUSECVE-2024-53126 at NVDCVE-2024-53127 at SUSECVE-2024-53127 at NVDCVE-2024-53129 at SUSECVE-2024-53129 at NVDCVE-2024-53130 at SUSECVE-2024-53130 at NVDCVE-2024-53131 at SUSECVE-2024-53131 at NVDCVE-2024-53133 at SUSECVE-2024-53133 at NVDCVE-2024-53134 at SUSECVE-2024-53134 at NVDCVE-2024-53136 at SUSECVE-2024-53136 at NVDCVE-2024-53141 at SUSECVE-2024-53141 at NVDCVE-2024-53142 at SUSECVE-2024-53142 at NVDCVE-2024-53144 at SUSECVE-2024-53144 at NVDCVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53148 at SUSECVE-2024-53148 at NVDCVE-2024-53150 at SUSECVE-2024-53150 at NVDCVE-2024-53151 at SUSECVE-2024-53151 at NVDCVE-2024-53154 at SUSECVE-2024-53154 at NVDCVE-2024-53155 at SUSECVE-2024-53155 at NVDCVE-2024-53156 at SUSECVE-2024-53156 at NVDCVE-2024-53157 at SUSECVE-2024-53157 at NVDCVE-2024-53158 at SUSECVE-2024-53158 at NVDCVE-2024-53159 at SUSECVE-2024-53159 at NVDCVE-2024-53160 at SUSECVE-2024-53160 at NVDCVE-2024-53161 at SUSECVE-2024-53161 at NVDCVE-2024-53162 at SUSECVE-2024-53162 at NVDCVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2024-53169 at SUSECVE-2024-53169 at NVDCVE-2024-53170 at SUSECVE-2024-53170 at NVDCVE-2024-53171 at SUSECVE-2024-53171 at NVDCVE-2024-53172 at SUSECVE-2024-53172 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53174 at SUSECVE-2024-53174 at NVDCVE-2024-53175 at SUSECVE-2024-53175 at NVDCVE-2024-53179 at SUSECVE-2024-53179 at NVDCVE-2024-53180 at SUSECVE-2024-53180 at NVDCVE-2024-53185 at SUSECVE-2024-53185 at NVDCVE-2024-53187 at SUSECVE-2024-53187 at NVDCVE-2024-53188 at SUSECVE-2024-53188 at NVDCVE-2024-53190 at SUSECVE-2024-53190 at NVDCVE-2024-53191 at SUSECVE-2024-53191 at NVDCVE-2024-53194 at SUSECVE-2024-53194 at NVDCVE-2024-53195 at SUSECVE-2024-53195 at NVDCVE-2024-53196 at SUSECVE-2024-53196 at NVDCVE-2024-53197 at SUSECVE-2024-53197 at NVDCVE-2024-53198 at SUSECVE-2024-53198 at NVDCVE-2024-53200 at SUSECVE-2024-53200 at NVDCVE-2024-53201 at SUSECVE-2024-53201 at NVDCVE-2024-53202 at SUSECVE-2024-53202 at NVDCVE-2024-53203 at SUSECVE-2024-53203 at NVDCVE-2024-53206 at SUSECVE-2024-53206 at NVDCVE-2024-53207 at SUSECVE-2024-53207 at NVDCVE-2024-53208 at SUSECVE-2024-53208 at NVDCVE-2024-53209 at SUSECVE-2024-53209 at NVDCVE-2024-53210 at SUSECVE-2024-53210 at NVDCVE-2024-53213 at SUSECVE-2024-53213 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-53215 at SUSECVE-2024-53215 at NVDCVE-2024-53216 at SUSECVE-2024-53216 at NVDCVE-2024-53217 at SUSECVE-2024-53217 at NVDCVE-2024-53222 at SUSECVE-2024-53222 at NVDCVE-2024-53224 at SUSECVE-2024-53224 at NVDCVE-2024-53227 at SUSECVE-2024-53227 at NVDCVE-2024-53229 at SUSECVE-2024-53229 at NVDCVE-2024-53230 at SUSECVE-2024-53230 at NVDCVE-2024-53231 at SUSECVE-2024-53231 at NVDCVE-2024-53232 at SUSECVE-2024-53232 at NVDCVE-2024-53233 at SUSECVE-2024-53233 at NVDCVE-2024-53234 at SUSECVE-2024-53234 at NVDCVE-2024-53236 at SUSECVE-2024-53236 at NVDCVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-53239 at SUSECVE-2024-53239 at NVDCVE-2024-53240 at SUSECVE-2024-53240 at NVDCVE-2024-53241 at SUSECVE-2024-53241 at NVDCVE-2024-53685 at SUSECVE-2024-53685 at NVDCVE-2024-53690 at SUSECVE-2024-53690 at NVDCVE-2024-54680 at SUSECVE-2024-54680 at NVDCVE-2024-55639 at SUSECVE-2024-55639 at NVDCVE-2024-55881 at SUSECVE-2024-55881 at NVDCVE-2024-55916 at SUSECVE-2024-55916 at NVDCVE-2024-56369 at SUSECVE-2024-56369 at NVDCVE-2024-56372 at SUSECVE-2024-56372 at NVDCVE-2024-56531 at SUSECVE-2024-56531 at NVDCVE-2024-56532 at SUSECVE-2024-56532 at NVDCVE-2024-56533 at SUSECVE-2024-56533 at NVDCVE-2024-56536 at SUSECVE-2024-56536 at NVDCVE-2024-56538 at SUSECVE-2024-56538 at NVDCVE-2024-56539 at SUSECVE-2024-56539 at NVDCVE-2024-56543 at SUSECVE-2024-56543 at NVDCVE-2024-56546 at SUSECVE-2024-56546 at NVDCVE-2024-56548 at SUSECVE-2024-56548 at NVDCVE-2024-56549 at SUSECVE-2024-56549 at NVDCVE-2024-56551 at SUSECVE-2024-56551 at NVDCVE-2024-56557 at SUSECVE-2024-56557 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-56562 at SUSECVE-2024-56562 at NVDCVE-2024-56566 at SUSECVE-2024-56566 at NVDCVE-2024-56567 at SUSECVE-2024-56567 at NVDCVE-2024-56568 at SUSECVE-2024-56568 at NVDCVE-2024-56569 at SUSECVE-2024-56569 at NVDCVE-2024-56570 at SUSECVE-2024-56570 at NVDCVE-2024-56571 at SUSECVE-2024-56571 at NVDCVE-2024-56572 at SUSECVE-2024-56572 at NVDCVE-2024-56573 at SUSECVE-2024-56573 at NVDCVE-2024-56574 at SUSECVE-2024-56574 at NVDCVE-2024-56575 at SUSECVE-2024-56575 at NVDCVE-2024-56576 at SUSECVE-2024-56576 at NVDCVE-2024-56577 at SUSECVE-2024-56577 at NVDCVE-2024-56578 at SUSECVE-2024-56578 at NVDCVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56584 at SUSECVE-2024-56584 at NVDCVE-2024-56587 at SUSECVE-2024-56587 at NVDCVE-2024-56588 at SUSECVE-2024-56588 at NVDCVE-2024-56589 at SUSECVE-2024-56589 at NVDCVE-2024-56590 at SUSECVE-2024-56590 at NVDCVE-2024-56593 at SUSECVE-2024-56593 at NVDCVE-2024-56594 at SUSECVE-2024-56594 at NVDCVE-2024-56595 at SUSECVE-2024-56595 at NVDCVE-2024-56596 at SUSECVE-2024-56596 at NVDCVE-2024-56597 at SUSECVE-2024-56597 at NVDCVE-2024-56598 at SUSECVE-2024-56598 at NVDCVE-2024-56599 at SUSECVE-2024-56599 at NVDCVE-2024-56600 at SUSECVE-2024-56600 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56602 at SUSECVE-2024-56602 at NVDCVE-2024-56603 at SUSECVE-2024-56603 at NVDCVE-2024-56604 at SUSECVE-2024-56604 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDCVE-2024-56606 at SUSECVE-2024-56606 at NVDCVE-2024-56607 at SUSECVE-2024-56607 at NVDCVE-2024-56608 at SUSECVE-2024-56608 at NVDCVE-2024-56609 at SUSECVE-2024-56609 at NVDCVE-2024-56610 at SUSECVE-2024-56610 at NVDCVE-2024-56611 at SUSECVE-2024-56611 at NVDCVE-2024-56614 at SUSECVE-2024-56614 at NVDCVE-2024-56615 at SUSECVE-2024-56615 at NVDCVE-2024-56616 at SUSECVE-2024-56616 at NVDCVE-2024-56617 at SUSECVE-2024-56617 at NVDCVE-2024-56619 at SUSECVE-2024-56619 at NVDCVE-2024-56620 at SUSECVE-2024-56620 at NVDCVE-2024-56622 at SUSECVE-2024-56622 at NVDCVE-2024-56623 at SUSECVE-2024-56623 at NVDCVE-2024-56625 at SUSECVE-2024-56625 at NVDCVE-2024-56629 at SUSECVE-2024-56629 at NVDCVE-2024-56630 at SUSECVE-2024-56630 at NVDCVE-2024-56631 at SUSECVE-2024-56631 at NVDCVE-2024-56632 at SUSECVE-2024-56632 at NVDCVE-2024-56634 at SUSECVE-2024-56634 at NVDCVE-2024-56635 at SUSECVE-2024-56635 at NVDCVE-2024-56636 at SUSECVE-2024-56636 at NVDCVE-2024-56637 at SUSECVE-2024-56637 at NVDCVE-2024-56641 at SUSECVE-2024-56641 at NVDCVE-2024-56642 at SUSECVE-2024-56642 at NVDCVE-2024-56643 at SUSECVE-2024-56643 at NVDCVE-2024-56644 at SUSECVE-2024-56644 at NVDCVE-2024-56645 at SUSECVE-2024-56645 at NVDCVE-2024-56648 at SUSECVE-2024-56648 at NVDCVE-2024-56649 at SUSECVE-2024-56649 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-56651 at SUSECVE-2024-56651 at NVDCVE-2024-56654 at SUSECVE-2024-56654 at NVDCVE-2024-56656 at SUSECVE-2024-56656 at NVDCVE-2024-56659 at SUSECVE-2024-56659 at NVDCVE-2024-56660 at SUSECVE-2024-56660 at NVDCVE-2024-56661 at SUSECVE-2024-56661 at NVDCVE-2024-56662 at SUSECVE-2024-56662 at NVDCVE-2024-56663 at SUSECVE-2024-56663 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2024-56665 at SUSECVE-2024-56665 at NVDCVE-2024-56667 at SUSECVE-2024-56667 at NVDCVE-2024-56670 at SUSECVE-2024-56670 at NVDCVE-2024-56672 at SUSECVE-2024-56672 at NVDCVE-2024-56675 at SUSECVE-2024-56675 at NVDCVE-2024-56677 at SUSECVE-2024-56677 at NVDCVE-2024-56678 at SUSECVE-2024-56678 at NVDCVE-2024-56679 at SUSECVE-2024-56679 at NVDCVE-2024-56681 at SUSECVE-2024-56681 at NVDCVE-2024-56683 at SUSECVE-2024-56683 at NVDCVE-2024-56687 at SUSECVE-2024-56687 at NVDCVE-2024-56688 at SUSECVE-2024-56688 at NVDCVE-2024-56690 at SUSECVE-2024-56690 at NVDCVE-2024-56691 at SUSECVE-2024-56691 at NVDCVE-2024-56693 at SUSECVE-2024-56693 at NVDCVE-2024-56694 at SUSECVE-2024-56694 at NVDCVE-2024-56698 at SUSECVE-2024-56698 at NVDCVE-2024-56700 at SUSECVE-2024-56700 at NVDCVE-2024-56701 at SUSECVE-2024-56701 at NVDCVE-2024-56704 at SUSECVE-2024-56704 at NVDCVE-2024-56705 at SUSECVE-2024-56705 at NVDCVE-2024-56707 at SUSECVE-2024-56707 at NVDCVE-2024-56708 at SUSECVE-2024-56708 at NVDCVE-2024-56709 at SUSECVE-2024-56709 at NVDCVE-2024-56712 at SUSECVE-2024-56712 at NVDCVE-2024-56715 at SUSECVE-2024-56715 at NVDCVE-2024-56716 at SUSECVE-2024-56716 at NVDCVE-2024-56722 at SUSECVE-2024-56722 at NVDCVE-2024-56723 at SUSECVE-2024-56723 at NVDCVE-2024-56724 at SUSECVE-2024-56724 at NVDCVE-2024-56725 at SUSECVE-2024-56725 at NVDCVE-2024-56726 at SUSECVE-2024-56726 at NVDCVE-2024-56727 at SUSECVE-2024-56727 at NVDCVE-2024-56728 at SUSECVE-2024-56728 at NVDCVE-2024-56729 at SUSECVE-2024-56729 at NVDCVE-2024-56739 at SUSECVE-2024-56739 at NVDCVE-2024-56741 at SUSECVE-2024-56741 at NVDCVE-2024-56745 at SUSECVE-2024-56745 at NVDCVE-2024-56746 at SUSECVE-2024-56746 at NVDCVE-2024-56747 at SUSECVE-2024-56747 at NVDCVE-2024-56748 at SUSECVE-2024-56748 at NVDCVE-2024-56752 at SUSECVE-2024-56752 at NVDCVE-2024-56754 at SUSECVE-2024-56754 at NVDCVE-2024-56755 at SUSECVE-2024-56755 at NVDCVE-2024-56756 at SUSECVE-2024-56756 at NVDCVE-2024-56759 at SUSECVE-2024-56759 at NVDCVE-2024-56760 at SUSECVE-2024-56760 at NVDCVE-2024-56763 at SUSECVE-2024-56763 at NVDCVE-2024-56765 at SUSECVE-2024-56765 at NVDCVE-2024-56766 at SUSECVE-2024-56766 at NVDCVE-2024-56767 at SUSECVE-2024-56767 at NVDCVE-2024-56769 at SUSECVE-2024-56769 at NVDCVE-2024-56774 at SUSECVE-2024-56774 at NVDCVE-2024-56775 at SUSECVE-2024-56775 at NVDCVE-2024-56776 at SUSECVE-2024-56776 at NVDCVE-2024-56777 at SUSECVE-2024-56777 at NVDCVE-2024-56778 at SUSECVE-2024-56778 at NVDCVE-2024-56779 at SUSECVE-2024-56779 at NVDCVE-2024-56780 at SUSECVE-2024-56780 at NVDCVE-2024-56787 at SUSECVE-2024-56787 at NVDCVE-2024-57791 at SUSECVE-2024-57791 at NVDCVE-2024-57792 at SUSECVE-2024-57792 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57795 at SUSECVE-2024-57795 at NVDCVE-2024-57798 at SUSECVE-2024-57798 at NVDCVE-2024-57801 at SUSECVE-2024-57801 at NVDCVE-2024-57802 at SUSECVE-2024-57802 at NVDCVE-2024-57804 at SUSECVE-2024-57804 at NVDCVE-2024-57809 at SUSECVE-2024-57809 at NVDCVE-2024-57838 at SUSECVE-2024-57838 at NVDCVE-2024-57849 at SUSECVE-2024-57849 at NVDCVE-2024-57850 at SUSECVE-2024-57850 at NVDCVE-2024-57857 at SUSECVE-2024-57857 at NVDCVE-2024-57874 at SUSECVE-2024-57874 at NVDCVE-2024-57876 at SUSECVE-2024-57876 at NVDCVE-2024-57884 at SUSECVE-2024-57884 at NVDCVE-2024-57887 at SUSECVE-2024-57887 at NVDCVE-2024-57888 at SUSECVE-2024-57888 at NVDCVE-2024-57890 at SUSECVE-2024-57890 at NVDCVE-2024-57892 at SUSECVE-2024-57892 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2024-57896 at SUSECVE-2024-57896 at NVDCVE-2024-57897 at SUSECVE-2024-57897 at NVDCVE-2024-57899 at SUSECVE-2024-57899 at NVDCVE-2024-57903 at SUSECVE-2024-57903 at NVDCVE-2024-57904 at SUSECVE-2024-57904 at NVDCVE-2024-57906 at SUSECVE-2024-57906 at NVDCVE-2024-57907 at SUSECVE-2024-57907 at NVDCVE-2024-57908 at SUSECVE-2024-57908 at NVDCVE-2024-57910 at SUSECVE-2024-57910 at NVDCVE-2024-57911 at SUSECVE-2024-57911 at NVDCVE-2024-57912 at SUSECVE-2024-57912 at NVDCVE-2024-57913 at SUSECVE-2024-57913 at NVDCVE-2024-57915 at SUSECVE-2024-57915 at NVDCVE-2024-57916 at SUSECVE-2024-57916 at NVDCVE-2024-57917 at SUSECVE-2024-57917 at NVDCVE-2024-57922 at SUSECVE-2024-57922 at NVDCVE-2024-57926 at SUSECVE-2024-57926 at NVDCVE-2024-57929 at SUSECVE-2024-57929 at NVDCVE-2024-57931 at SUSECVE-2024-57931 at NVDCVE-2024-57932 at SUSECVE-2024-57932 at NVDCVE-2024-57933 at SUSECVE-2024-57933 at NVDCVE-2024-57935 at SUSECVE-2024-57935 at NVDCVE-2024-57936 at SUSECVE-2024-57936 at NVDCVE-2024-57938 at SUSECVE-2024-57938 at NVDCVE-2024-57940 at SUSECVE-2024-57940 at NVDCVE-2024-57946 at SUSECVE-2024-57946 at NVDCVE-2024-8805 at SUSECVE-2024-8805 at NVDCVE-2025-21632 at SUSECVE-2025-21632 at NVDCVE-2025-21645 at SUSECVE-2025-21645 at NVDCVE-2025-21646 at SUSECVE-2025-21646 at NVDCVE-2025-21649 at SUSECVE-2025-21649 at NVDCVE-2025-21650 at SUSECVE-2025-21650 at NVDCVE-2025-21651 at SUSECVE-2025-21651 at NVDCVE-2025-21652 at SUSECVE-2025-21652 at NVDCVE-2025-21653 at SUSECVE-2025-21653 at NVDCVE-2025-21655 at SUSECVE-2025-21655 at NVDCVE-2025-21656 at SUSECVE-2025-21656 at NVDCVE-2025-21662 at SUSECVE-2025-21662 at NVDCVE-2025-21663 at SUSECVE-2025-21663 at NVDCVE-2025-21664 at SUSECVE-2025-21664 at NVDCVE-2025-21674 at SUSECVE-2025-21674 at NVDCVE-2025-21676 at SUSECVE-2025-21676 at NVDCVE-2025-21682 at SUSECVE-2025-21682 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_5 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916)
ModerateSUSE bug 1235916CVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257629SUSE bug 1257669CVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-37.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer (bsc#1257118).
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257118SUSE bug 1257629SUSE bug 1257669CVE-2025-21738 at SUSECVE-2025-21738 at NVDCVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257629SUSE bug 1257669CVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257629SUSE bug 1257669CVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-49855: nbd: fix race between timeout and normal completion (bsc#1232900)
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1232900SUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-49855 at SUSECVE-2024-49855 at NVDCVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues
The following security issues were fixed:
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2024-49855: nbd: fix race between timeout and normal completion (bsc#1232900)
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1232900SUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-49855 at SUSECVE-2024-49855 at NVDCVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-37.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.0
This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-49855: nbd: fix race between timeout and normal completion (bsc#1232900)
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1232900SUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-49855 at SUSECVE-2024-49855 at NVDCVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2024-49855: nbd: fix race between timeout and normal completion (bsc#1232900)
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1232900SUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-49855 at SUSECVE-2024-49855 at NVDCVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_5 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095).
- CVE-2024-35839: kABI fix for netfilter: bridge: replace physindev with physinif in nf_bridge_info (bsc#1224726).
- CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
- CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809).
- CVE-2024-44996: vsock: fix recursive ->recvmsg calls (bsc#1230205).
- CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request (bsc#1235705).
- CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854).
- CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (bsc#1235727).
- CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init() (bsc#1232161).
- CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed (bsc#1232158).
- CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from frag_list (bsc#1232101).
- CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087).
- CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419).
- CVE-2024-50039: kABI: Restore deleted EXPORT_SYMBOL(__qdisc_calculate_pkt_len) (bsc#1231909).
- CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038).
- CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055).
- CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
- CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324).
- CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200).
- CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239).
- CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467 bsc#1233469).
- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).
- CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488).
- CVE-2024-53050: drm/i915/hdcp: Add encoder check in hdcp2_get_capability (bsc#1233546).
- CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464).
- CVE-2024-53090: afs: Fix lock recursion (bsc#1233637).
- CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx (bsc#1233638).
- CVE-2024-53099: bpf: Check validity of link->type in bpf_link_show_fdinfo() (bsc#1233772).
- CVE-2024-53105: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() (bsc#1234069).
- CVE-2024-53111: mm/mremap: fix address wraparound in move_page_tables() (bsc#1234086).
- CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077).
- CVE-2024-53117: virtio/vsock: Improve MSG_ZEROCOPY error handling (bsc#1234079).
- CVE-2024-53118: vsock: Fix sk_error_queue memory leak (bsc#1234071).
- CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073).
- CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219).
- CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220).
- CVE-2024-53133: drm/amd/display: Handle dml allocation failure to avoid crash (bsc#1234221)
- CVE-2024-53134: pmdomain: imx93-blk-ctrl: correct remove path (bsc#1234159).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).
- CVE-2024-53160: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu (bsc#1234810).
- CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856).
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
- CVE-2024-53170: block: fix uaf for flush rq while iterating tags (bsc#1234888).
- CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching (bsc#1234898).
- CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns (bsc#1234893).
- CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).
- CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey() (bsc#1234901).
- CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
- CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use (bsc#1234957).
- CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction (bsc#1234906).
- CVE-2024-53198: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() (bsc#1234923).
- CVE-2024-53203: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() (bsc#1235001).
- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).
- CVE-2024-53216: nfsd: fix UAF when access ex_uuid or ex_stats (bsc#1235003).
- CVE-2024-53222: zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974).
- CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011).
- CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050).
- CVE-2024-53234: erofs: handle NONHEAD !delta[1] lclusters gracefully (bsc#1235045).
- CVE-2024-53236: xsk: Free skb when TX metadata options are invalid (bsc#1235000).
- CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
- CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282).
- CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720).
- CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree node (bsc#1235737).
- CVE-2024-55881: KVM: x86: Play nice with protected guests in complete_hypercall_exit() (bsc#1235745).
- CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753).
- CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912).
- CVE-2024-56566: mm/slub: Avoid list corruption when removing a slab from the full list (bsc#1235033).
- CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032).
- CVE-2024-56569: ftrace: Fix regression with module command in stack_trace_filter (bsc#1235031).
- CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035).
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235128).
- CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123).
- CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption model (bsc#1235241).
- CVE-2024-56599: wifi: ath10k: avoid NULL pointer error during sdio remove (bsc#1235138).
- CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217).
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230).
- CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521).
- CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in can_create() (bsc#1235415).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (bsc#1235487).
- CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock (bsc#1235390).
- CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM (bsc#1235391).
- CVE-2024-56614: xsk: fix OOB map writes when deleting elements (bsc#1235424).
- CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements (bsc#1235426).
- CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (bsc#1235429).
- CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled (bsc#1235227).
- CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251).
- CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480).
- CVE-2024-56635: net: avoid potential UAF in default_operstate() (bsc#1235519).
- CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb() (bsc#1235520).
- CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a module (bsc#1235523).
- CVE-2024-56641: net/smc: initialize close_work early to avoid warning (bsc#1235526).
- CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv (bsc#1235132).
- CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451).
- CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not support (bsc#1235449).
- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430).
- CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (bsc#1235444).
- CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439).
- CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference (bsc#1235437).
- CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249).
- CVE-2024-56665: bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog (bsc#1235489).
- CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (bsc#1235555).
- CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (bsc#1235498).
- CVE-2024-56693: brd: defer automatic disk creation until module initialization succeeds (bsc#1235418).
- CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS (bsc#1235412).
- CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
- CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (bsc#1235545).
- CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload (bsc#1235564).
- CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path (bsc#1235565).
- CVE-2024-56715: ionic: Fix netdev notifier unregister on failure (bsc#1235612).
- CVE-2024-56716: netdevsim: prevent bad user input in nsim_dev_health_break_write() (bsc#1235587).
- CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (bsc#1235578).
- CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (bsc#1235582).
- CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (bsc#1235583).
- CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (bsc#1235656).
- CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops (bsc#1235503).
- CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934).
- CVE-2024-56748: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (bsc#1235627).
- CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920).
- CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645).
- CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write (bsc#1235638).
- CVE-2024-56774: btrfs: add a sanity check for btrfs root in btrfs_search_slot() (bsc#1235653).
- CVE-2024-56775: drm/amd/display: Fix handling of plane refcount (bsc#1235657).
- CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759).
- CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768).
- CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device (bsc#1235906).
- CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without loaded flag (bsc#1235940).
- CVE-2024-57802: netrom: check buffer length before accessing it (bsc#1235941).
- CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs (bsc#1235779).
- CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL (bsc#1235793).
- CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings (bsc#1235798).
- CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946).
- CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (bsc#1235948).
- CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (bsc#1235964).
- CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount (bsc#1235965).
- CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
- CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap (bsc#1236127).
- CVE-2024-57929: dm array: fix releasing a faulty array block twice in dm_array_cursor_end (bsc#1236096).
- CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
- CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues (bsc#1236190).
- CVE-2024-57933: gve: guard XSK operations on the existence of queues (bsc#1236178).
- CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in sctp_association_init() (bsc#1236182).
- CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend (bsc#1236247).
- CVE-2025-21632: x86/fpu: Ensure shadow stack is active before "getting" registers (bsc#1236106).
- CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08 devices (bsc#1236143).
- CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue (bsc#1236144).
- CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145).
- CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink() (bsc#1236160).
- CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (bsc#1236161).
- CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period (bsc#1236163).
- CVE-2025-21662: net/mlx5: Fix variable not being completed when function returns (bsc#1236198).
- CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device tree (bsc#1236260).
- CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first function (bsc#1236262).
- CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel (bsc#1236688).
- CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error (bsc#1236696).
- CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing, fix null-deref (bsc#1236703).
Features added:
* - Disable ceph (jsc#PED-7242)
* - RAS/AMD/ATL: Translate normalized to system physical addresses using PRM (jsc#PED-10467).
* - ACPI: PRM: Add PRM handler direct call support (jsc#PED-10467).
* - supported.conf: Add support for v4l2-dv-timings (jsc#PED-8645)
The following non-security bugs were fixed:
- 9p: v9fs_fid_find: also lookup by inode if not found dentry (git-fixes).
- ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294)
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes).
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable-fixes).
- ACPI: PCC: Add PCC shared memory region command and status bitfields (stable-fixes).
- ACPI: PRM: Add PRM handler direct call support (jsc#PED-10467).
- ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
- ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (stable-fixes).
- ACPI: resource: Fix memory resource type union access (git-fixes).
- ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Acer Iconia One 8 A1-840 (stable-fixes).
- ACPI: x86: Clean up Asus entries in acpi_quirk_skip_dmi_ids[] (stable-fixes).
- ACPI: x86: Make UART skip quirks work on PCI UARTs without an UID (stable-fixes).
- ACPICA: events/evxfregn: do not release the ContextMutex that was never acquired (git-fixes).
- ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio (stable-fixes).
- ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31 laptop (git-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes).
- ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on Acer Nitro 5 (stable-fixes).
- ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130 (bsc#1235686).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: seq: Check UMP support for midi_version change (git-fixes).
- ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes).
- ALSA: seq: ump: Fix seq port updates per FB info notify (git-fixes).
- ALSA: seq: ump: Use automatic cleanup of kfree() (stable-fixes).
- ALSA: seq: ump: Use guard() for locking (stable-fixes).
- ALSA: ump: Use guard() for locking (stable-fixes).
- ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
- ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5 (stable-fixes).
- ALSA: usb-audio: Notify xrun for low-latency mode (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: US16x08: Initialize array before use (git-fixes).
- ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C (stable-fixes).
- ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP (stable-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
- ASoC: amd: yc: Add a quirk for microfone on Lenovo ThinkPad P14s Gen 5 21MES00B00 (stable-fixes).
- ASoC: amd: yc: Add quirk for microphone on Lenovo Thinkpad T14s Gen 6 21M1CTO1WW (stable-fixes).
- ASoC: amd: yc: Fix the wrong return value (git-fixes).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: fix internal mic on Redmi G 2022 (stable-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: hdmi-codec: reorder channel allocation list (stable-fixes).
- ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
- ASoC: rt722: add delay time to wait for the calibration procedure (stable-fixes).
- ASoC: samsung: Add missing depends on I2C (git-fixes).
- ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
- ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
- ASoC: wm8994: Add depends on MFD core (stable-fixes).
- Add already cherry-picked ids to AMDGPU patch
- Align git commit ID abbreviation guidelines and checks (git-fixes).
- Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
- Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() (stable-fixes).
- Bluetooth: ISO: Reassociate a socket with an active BIS (stable-fixes).
- Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection (git-fixes).
- Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (stable-fixes).
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
- Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes).
- Bluetooth: MGMT: Fix possible deadlocks (git-fixes).
- Bluetooth: SCO: Add support for 16 bits transparent voice setting (git-fixes).
- Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes).
- Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
- Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (stable-fixes).
- Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes).
- Bluetooth: btusb: add callback function in btusb suspend/resume (stable-fixes).
- Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes).
- Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (stable-fixes).
- Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating (git-fixes).
- Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes).
- Bluetooth: iso: Fix recursive locking warning (git-fixes).
- Delete XHCI patch for regression (bsc#1235550)
- Disable ceph (jsc#PED-7242)
- Documentation: PM: Clarify pm_runtime_resume_and_get() return value (git-fixes).
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes).
- Drop downstream TPM fix patch (bsc#1233260 bsc#1233259 bsc#1232421)
- Drop uvcvideo fix due to regression (bsc#1235894)
- EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
- HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (git-fixes).
- HID: fix generic desktop D-Pad controls (git-fixes).
- HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
- HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check (git-fixes).
- HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support (stable-fixes).
- HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
- Input: atkbd - map F23 key to support default copilot shortcut (stable-fixes).
- Input: bbnsm_pwrkey - add remove hook (git-fixes).
- Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes).
- Input: davinci-keyscan - remove leftover header (git-fixes).
- Input: xpad - add QH Electronics VID/PID (stable-fixes).
- Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-fixes).
- Input: xpad - add support for Nacon Pro Compact (stable-fixes).
- Input: xpad - add support for wooting two he (arm) (stable-fixes).
- Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-fixes).
- Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
- KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635).
- KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235776).
- KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235777).
- KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235778).
- Move kABI workaround patch to correct folder
- Move upstreamed DRM patch into sorted section
- Move upstreamed NFS patch into sorted section
- Move upstreamed TPM patch into sorted section
- Move upstreamed lpfc patches into sorted section
- Move upstreamed ppc patch into sorted section
- Move upstreamed sound patch into sorted section
- Move upstreamed sound patches into sorted section
- NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git-fixes).
- NFSD: Async COPY result needs to return a write verifier (git-fixes).
- NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (git-fixes).
- NFSD: Fix nfsd4_shutdown_copy() (git-fixes).
- NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes).
- NFSD: Prevent a potential integer overflow (git-fixes).
- NFSD: Remove a never-true comparison (git-fixes).
- NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point (git-fixes).
- NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git-fixes).
- NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
- NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
- Octeontx2-pf: Free send queue buffers incase of leaf to inner (git-fixes).
- PCI/AER: Disable AER service on suspend (stable-fixes).
- PCI/MSI: Handle lack of irqdomain gracefully (git-fixes).
- PCI: Add 'reset_subordinate' to reset hierarchy below bridge (stable-fixes).
- PCI: Add ACS quirk for Broadcom BCM5760X NIC (stable-fixes).
- PCI: Add ACS quirk for Wangxun FF5xxx NICs (stable-fixes).
- PCI: Add T_PERST_CLK_US macro (git-fixes).
- PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-fixes).
- PCI: Detect and trust built-in Thunderbolt chips (stable-fixes).
- PCI: Fix use-after-free of slot->bus on hot remove (stable-fixes).
- PCI: Use preserve_config in place of pci_flags (stable-fixes).
- PCI: cadence: Extract link setup sequence from cdns_pcie_host_setup() (stable-fixes).
- PCI: cadence: Set cdns_pcie_host_init() global (stable-fixes).
- PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads (stable-fixes).
- PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
- PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-fixes).
- PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar() (git-fixes).
- PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
- PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-fixes).
- PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
- PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-fixes).
- PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-fixes).
- PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
- PCI: j721e: Add PCIe 4x lane selection support (stable-fixes).
- PCI: j721e: Add per platform maximum lane settings (stable-fixes).
- PCI: j721e: Add reset GPIO to struct j721e_pcie (stable-fixes).
- PCI: j721e: Add suspend and resume support (git-fixes).
- PCI: j721e: Use T_PERST_CLK_US macro (git-fixes).
- PCI: microchip: Set inbound address translation for coherent or non-coherent mode (git-fixes).
- PCI: qcom: Add support for IPQ9574 (stable-fixes).
- PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() (git-fixes).
- PCI: vmd: Add DID 8086:B06F and 8086:B60B for Intel client SKUs (stable-fixes).
- PCI: vmd: Set devices to D0 before enabling PM L1 Substates (stable-fixes).
- PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
- RAS/AMD/ATL: Translate normalized to system physical addresses using PRM (jsc#PED-10467).
- RDMA/bnxt_re: Add check for path mtu in modify_qp (git-fixes)
- RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
- RDMA/bnxt_re: Avoid initializing the software queue for user queues (git-fixes)
- RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (git-fixes)
- RDMA/bnxt_re: Disable use of reserved wqes (git-fixes)
- RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
- RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
- RDMA/bnxt_re: Fix max_qp_wrs reported (git-fixes)
- RDMA/bnxt_re: Fix reporting hw_ver in query_device (git-fixes)
- RDMA/bnxt_re: Fix the check for 9060 condition (git-fixes)
- RDMA/bnxt_re: Fix the locking while accessing the QP table (git-fixes)
- RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
- RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
- RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-fixes)
- RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
- RDMA/bnxt_re: Remove always true dattr validity check (git-fixes)
- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)
- RDMA/hns: Fix accessing invalid dip_ctx during destroying QP (git-fixes)
- RDMA/hns: Fix mapping error of zero-hop WQE buffer (git-fixes)
- RDMA/hns: Fix missing flush CQE for DWQE (git-fixes)
- RDMA/hns: Fix warning storm caused by invalid input in IO path (git-fixes)
- RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-fixes)
- RDMA/mlx5: Enforce same type port association for multiport RoCE (git-fixes)
- RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-fixes)
- RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
- RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
- RDMA/rtrs: Ensure 'ib_sge list' is accessible (git-fixes)
- RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
- RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
- RDMA/srp: Fix error handling in srp_add_port (git-fixes)
- RDMA/uverbs: Prevent integer overflow issue (git-fixes)
- README.BRANCH: Remove copy of branch name
- Refresh patches.suse/ALSA-hda-realtek-Add-support-for-Samsung-Galaxy-Book.patch.
- Refresh patches.suse/cpufreq-intel_pstate-Temporarily-boost-P-state-when-.patch.
- Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-fixes).
- Revert "block/mq-deadline: use correct way to throttling write requests" (bsc#1234146).
- Revert "btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)"
- Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
- Revert "igb: Disable threaded IRQ for igb_msix_other" (git-fixes).
- Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" (git-fixes).
- Revert "unicode: Do not special case ignorable code points" (stable-fixes).
- Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" (stable-fixes).
- Revert 'arm64: Kconfig: Make SME depend on BROKEN for now' This reverts commit 2ccfee6be929dd4ea49ef59a7ae686473aae40b6 CONFIG_ARM64_SME is enabled by default so some customers may rely on SME. We need further analysis to evaluate to what extent we are impacted and in case we'll disable SME support later.
- Revert 0dd78566990 ("Disable ceph (jsc#PED-7242)") Apparently, jsc#PED-7242 is only deprecate ceph for 15-SP6 and disable for 15-SP7. Revert the disabling.
- SUNRPC: make sure cache entry active before cache_show (git-fixes).
- SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT (git-fixes).
- USB: core: Disable LPM only for non-suspended ports (git-fixes).
- USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes).
- USB: serial: option: add MediaTek T7XX compositions (stable-fixes).
- USB: serial: option: add MeiG Smart SLM770A (stable-fixes).
- USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
- USB: serial: option: add Neoway N723-EA support (stable-fixes).
- USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (stable-fixes).
- USB: serial: option: add TCL IK512 MBIM & ECM (stable-fixes).
- USB: serial: option: add Telit FE910C04 rmnet compositions (stable-fixes).
- USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-fixes).
- USB: usblp: return error when setting unsupported protocol (git-fixes).
- VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
- VMCI: fix reference to ioctl-number.rst (git-fixes).
- accel/habanalabs/gaudi2: unsecure tpc count registers (stable-fixes).
- accel/habanalabs: export dma-buf only if size/offset multiples of PAGE_SIZE (stable-fixes).
- accel/habanalabs: fix debugfs files permissions (stable-fixes).
- accel/habanalabs: increase HL_MAX_STR to 64 bytes to avoid warnings (stable-fixes).
- acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (git-fixes).
- af_unix: Call manage_oob() for every skb in unix_stream_read_generic() (bsc#1234725).
- afs: Automatically generate trace tag enums (git-fixes).
- afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
- afs: Fix cleanup of immediately failed async calls (git-fixes).
- afs: Fix directory format encoding struct (git-fixes).
- afs: Fix missing subdir edit when renamed between parent dirs (git-fixes).
- afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
- afs: Fix the maximum cell name length (git-fixes).
- amdgpu/uvd: get ring reference from rq scheduler (git-fixes).
- arch: Introduce arch_{,try_}_cmpxchg128{,_local}() (bsc#1220773).
- arch: Remove cmpxchg_double (bsc#1220773).
- arch: consolidate arch_irq_work_raise prototypes (git-fixes).
- arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
- arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605)
- arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
- arm64: Force position-independent veneers (git-fixes).
- arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245) Update arm64 default configuration file
- arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes).
- arm64: dts: imx8mp: correct sdhc ipg clk (git-fixes).
- arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-fixes)
- arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes).
- arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
- arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git-fixes).
- arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
- arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
- arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
- ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-fixes).
- autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes).
- batman-adv: Do not let TT changes list grows indefinitely (git-fixes).
- batman-adv: Do not send uninitialized TT changes (git-fixes).
- batman-adv: Remove uninitialized data in full table TT response (git-fixes).
- blacklist.conf: printk/sysctl: breaks kernel without pre-requisite patches (bsc#1229025)
- blk-cgroup: Fix UAF in blkcg_unpin_online() (bsc#1234726).
- blk-core: use pr_warn_ratelimited() in bio_check_ro() (bsc#1234139).
- blk-iocost: Fix an UBSAN shift-out-of-bounds warning (bsc#1234144).
- blk-iocost: do not WARN if iocg was already offlined (bsc#1234147).
- blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" (bsc#1234140).
- block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator() (bsc#1234149).
- block, bfq: do not break merge chain in bfq_split_bfqq() (bsc#1234150).
- block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234160).
- block, bfq: fix procress reference leakage for bfqq in merge chain (bsc#1234280).
- block, bfq: fix uaf for accessing waker_bfqq after splitting (bsc#1234279).
- block/mq-deadline: Fix the tag reservation code (bsc#1234148).
- block: Call .limit_depth() after .hctx has been set (bsc#1234148).
- block: Fix where bio IO priority gets set (bsc#1234145).
- block: prevent an integer overflow in bvec_try_merge_hw_page (bsc#1234142).
- block: update the stable_writes flag in bdev_add (bsc#1234141).
- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
- bnxt_en: Fix receive ring space parameters when XDP is active (git-fixes).
- bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (git-fixes).
- bnxt_en: Set backplane link modes correctly for ethtool (git-fixes).
- bpf, x86: Fix PROBE_MEM runtime load check (git-fixes).
- bpf: verifier: prevent userspace memory access (git-fixes).
- btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445).
- btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)
- btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445).
- bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-fixes).
- can: gs_usb: add VID/PID for Xylanta SAINT3 product family (stable-fixes).
- can: j1939: fix error in J1939 documentation (stable-fixes).
- ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592).
- checkpatch: always parse orig_commit in fixes tag (git-fixes).
- checkpatch: check for missing Fixes tags (stable-fixes).
- cleanup: Add conditional guard support (stable-fixes).
- cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-fixes).
- cleanup: Remove address space of returned pointer (git-fixes).
- clocksource/drivers/timer-ti-dm: Fix child node refcount handling (git-fixes).
- clocksource/drivers:sp804: Make user selectable (git-fixes).
- counter: stm32-timer-cnt: Add check for clk_enable() (git-fixes).
- counter: ti-ecap-capture: Add check for clk_enable() (git-fixes).
- cpufreq: ACPI: Fix max-frequency computation (git-fixes).
- cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
- cpufreq: amd-pstate: remove global header file (git-fixes).
- cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo() (bsc#1234619).
- cpufreq: intel_pstate: Do not update global.turbo_disabled after initialization (bsc#1234619).
- cpufreq: intel_pstate: Drop redundant locking from intel_pstate_driver_cleanup() (bsc#1234619).
- cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619).
- cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller (bsc#1234619).
- cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations (bsc#1234619).
- cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
- cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619).
- cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo() (bsc#1234619).
- cpufreq: intel_pstate: Refine computation of P-state for given frequency (bsc#1234619).
- cpufreq: intel_pstate: Replace three global.turbo_disabled checks (bsc#1234619).
- cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619).
- cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
- cpufreq: intel_pstate: Update the maximum CPU frequency consistently (bsc#1234619).
- cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-fixes).
- cpufreq: intel_pstate: Use __ro_after_init for three variables (bsc#1234619).
- cpufreq: intel_pstate: Wait for canceled delayed work to complete (bsc#1234619).
- cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call back (git-fixes).
- cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
- cpupower: fix TSC MHz calculation (git-fixes).
- crypto: caam - use JobR's space to access page 0 regs (git-fixes).
- crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes (git-fixes).
- crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-fixes).
- crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable-fixes).
- crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes).
- crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable-fixes).
- crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async' (git-fixes).
- crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-fixes).
- crypto: qat - disable IOV in adf_dev_stop() (git-fixes).
- crypto: qce - fix goto jump in error path (git-fixes).
- crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
- crypto: qce - unregister previously registered algos in error path (git-fixes).
- crypto: x86/sha256 - Add parentheses around macros' single arguments (stable-fixes).
- cyrpto/b128ops: Remove struct u128 (bsc#1220773).
- devcoredump: cleanup some comments (git-fixes).
- devlink: Fix length of eswitch inline-mode (git-fixes).
- dlm: fix possible lkb_resource null dereference (git-fixes).
- dma-buf: fix dma_fence_array_signaled v4 (stable-fixes).
- dma-debug: fix a possible deadlock on radix_lock (stable-fixes).
- dmaengine: apple-admac: Avoid accessing registers in probe (git-fixes).
- dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (git-fixes).
- dmaengine: dw: Select only supported masters for ACPI devices (git-fixes).
- dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357).
- dmaengine: mv_xor: fix child node refcount handling in early exit (git-fixes).
- dmaengine: tegra: Return correct DMA status when paused (git-fixes).
- dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
- docs: media: update location of the media patches (stable-fixes).
- docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-fixes).
- driver core: Add FWLINK_FLAG_IGNORE to completely ignore a fwnode link (stable-fixes).
- driver core: class: Fix wild pointer dereferences in API class_dev_iter_next() (git-fixes).
- driver core: fw_devlink: Improve logs for cycle detection (stable-fixes).
- driver core: fw_devlink: Stop trying to optimize cycle detection logic (git-fixes).
- drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
- drivers: net: ionic: add missed debugfs cleanup to ionic_probe() error path (git-fixes).
- drm/amd/display: Add HDR workaround for specific eDP (stable-fixes).
- drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw (stable-fixes).
- drm/amd/display: Add check for granularity in dml ceil/floor helpers (stable-fixes).
- drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes).
- drm/amd/display: Avoid overflow assignment in link_dp_cts (stable-fixes).
- drm/amd/display: Fix DSC-re-computing (stable-fixes).
- drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable-fixes).
- drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes).
- drm/amd/display: Revert Avoid overflow assignment (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
- drm/amd/display: Use gpuvm_min_page_size_kbytes for DML2 surfaces (stable-fixes).
- drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable-fixes).
- drm/amd/pm: Fix an error handling path in vega10_enable_se_edc_force_stall_config() (git-fixes).
- drm/amd/pm: fix the high voltage issue after unload (stable-fixes).
- drm/amd/pm: update current_socclk and current_uclk in gpu_metrics on smu v13.0.7 (stable-fixes).
- drm/amdgpu/gfx10: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/gfx11: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/gfx9: properly handle error ints on all pipes (stable-fixes).
- drm/amdgpu/gfx9: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/hdp5.2: do a posting read when flushing HDP (stable-fixes).
- drm/amdgpu/pm: Remove gpu_od if it's an empty directory (stable-fixes).
- drm/amdgpu/umsch: do not execute umsch test when GPU is in reset/suspend (stable-fixes).
- drm/amdgpu/umsch: reinitialize write pointer in hw init (stable-fixes).
- drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
- drm/amdgpu/vcn: reset fw_shared when VCPU buffers corrupted on vcn v4.0.3 (stable-fixes).
- drm/amdgpu: Block MMR_READ IOCTL in reset (stable-fixes).
- drm/amdgpu: Dereference the ATCS ACPI buffer (stable-fixes).
- drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (git-fixes).
- drm/amdgpu: add raven1 gfxoff quirk (stable-fixes).
- drm/amdgpu: add smu 14.0.1 discovery support (stable-fixes).
- drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
- drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts for vega20_ih (stable-fixes).
- drm/amdgpu: differentiate external rev id for gfx 11.5.0 (stable-fixes).
- drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable-fixes).
- drm/amdgpu: do not access invalid sched (git-fixes).
- drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes).
- drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable-fixes).
- drm/amdgpu: fix usage slab after free (stable-fixes).
- drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes).
- drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr (stable-fixes).
- drm/amdgpu: set the right AMDGPU sg segment limitation (stable-fixes).
- drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
- drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov (stable-fixes).
- drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini() (git-fixes).
- drm/amdkfd: Correct the migration DMA map direction (stable-fixes).
- drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes).
- drm/amdkfd: Use device based logging for errors (stable-fixes).
- drm/amdkfd: Use the correct wptr size (stable-fixes).
- drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes).
- drm/amdkfd: pause autosuspend when creating pdd (stable-fixes).
- drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes).
- drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
- drm/bridge: it6505: Enable module autoloading (stable-fixes).
- drm/bridge: it6505: Fix inverted reset polarity (git-fixes).
- drm/bridge: it6505: update usleep_range for RC circuit charge time (stable-fixes).
- drm/display: Fix building with GCC 15 (stable-fixes).
- drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes).
- drm/dp_mst: Fix MST sideband message body length check (stable-fixes).
- drm/dp_mst: Fix resetting msg rx state after topology removal (git-fixes).
- drm/dp_mst: Verify request type in the corresponding down message reply (stable-fixes).
- drm/etnaviv: Fix page property being used for non writecombine buffers (git-fixes).
- drm/etnaviv: flush shader L1 cache after user commandstream (stable-fixes).
- drm/i915/dg1: Fix power gate sequence (git-fixes).
- drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
- drm/i915: Fix NULL pointer dereference in capture_engine (git-fixes).
- drm/i915: Fix memory leak by correcting cache object name in error handler (git-fixes).
- drm/mcde: Enable module autoloading (stable-fixes).
- drm/mediatek: Add return value check when reading DPCD (git-fixes).
- drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes).
- drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes).
- drm/mediatek: Fix mode valid issue for dp (git-fixes).
- drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes).
- drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes).
- drm/mediatek: stop selecting foreign drivers (git-fixes).
- drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() (stable-fixes).
- drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
- drm/msm: Check return value of of_dma_configure() (git-fixes).
- drm/msm: do not clean up priv->kms prematurely (git-fixes).
- drm/nouveau/gsp: Use the sg allocator for level 2 of radix3 (stable-fixes).
- drm/panel: novatek-nt35950: fix return value check in nt35950_probe() (git-fixes).
- drm/panel: simple: Add Microchip AC69T88A LVDS Display panel (stable-fixes).
- drm/printer: Allow NULL data in devcoredump printer (stable-fixes).
- drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable-fixes).
- drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (stable-fixes).
- drm/radeon: Fix spurious unplug event on radeon HDMI (git-fixes).
- drm/radeon: add helper rdev_to_drm(rdev) (stable-fixes).
- drm/radeon: change rdev->ddev to rdev_to_drm(rdev) (stable-fixes).
- drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
- drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
- drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8 (git-fixes).
- drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-fixes).
- drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
- drm/sched: memset() 'job' in drm_sched_job_init() (stable-fixes).
- drm/tidss: Clear the interrupt status for interrupts being disabled (git-fixes).
- drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
- drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
- drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes).
- drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
- drm/vc4: hdmi: Avoid log spam for audio start failure (stable-fixes).
- drm/vc4: hvs: Set AXI panic modes for the HVS (stable-fixes).
- drm/vmwgfx: Add new keep_resv BO param (git-fixes).
- drm: adv7511: Drop dsi single lane support (git-fixes).
- drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Founder edition (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK (stable-fixes).
- drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- erofs: avoid debugging output for (de)compressed data (git-fixes).
- exfat: ensure that ctime is updated whenever the mtime is (git-fixes).
- exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes).
- exfat: fix the infinite loop in exfat_readdir() (git-fixes).
- exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes).
- ext4: add a new helper to check if es must be kept (bsc#1234170).
- ext4: add correct group descriptors and reserved GDT blocks to system zone (bsc#1234164).
- ext4: add missed brelse in update_backups (bsc#1234171).
- ext4: allow for the last group to be marked as trimmed (bsc#1234278).
- ext4: avoid buffer_head leak in ext4_mark_inode_used() (bsc#1234191).
- ext4: avoid excessive credit estimate in ext4_tmpfile() (bsc#1234180).
- ext4: avoid negative min_clusters in find_group_orlov() (bsc#1234193).
- ext4: avoid overlapping preallocations due to overflow (bsc#1234162).
- ext4: avoid potential buffer_head leak in __ext4_new_inode() (bsc#1234192).
- ext4: avoid writing unitialized memory to disk in EA inodes (bsc#1234187).
- ext4: check the extent status again before inserting delalloc block (bsc#1234186).
- ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard (bsc#1234190).
- ext4: convert to exclusive lock while inserting delalloc extents (bsc#1234178).
- ext4: correct best extent lstart adjustment logic (bsc#1234179).
- ext4: correct grp validation in ext4_mb_good_group (bsc#1234163).
- ext4: correct return value of ext4_convert_meta_bg (bsc#1234172).
- ext4: correct the hole length returned by ext4_map_blocks() (bsc#1234178).
- ext4: correct the start block of counting reserved clusters (bsc#1234169).
- ext4: do not let fstrim block system suspend (https://bugzilla.kernel.org/show_bug.cgi?id=216322 bsc#1234166).
- ext4: do not trim the group with corrupted block bitmap (bsc#1234177).
- ext4: factor out __es_alloc_extent() and __es_free_extent() (bsc#1234170).
- ext4: factor out a common helper to query extent map (bsc#1234186).
- ext4: fix inconsistent between segment fstrim and full fstrim (bsc#1234176).
- ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space() (bsc#1234188).
- ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit() (bsc#1234188).
- ext4: fix incorrect tid assumption in jbd2_journal_shrink_checkpoint_list() (bsc#1234188).
- ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (bsc#1214954).
- ext4: fix potential unnitialized variable (bsc#1234183).
- ext4: fix race between writepages and remount (bsc#1234168).
- ext4: fix rec_len verify error (bsc#1234167).
- ext4: fix slab-use-after-free in ext4_es_insert_extent() (bsc#1234170).
- ext4: fix uninitialized variable in ext4_inlinedir_to_tree (bsc#1234185).
- ext4: forbid commit inconsistent quota data when errors=remount-ro (bsc#1234178).
- ext4: make ext4_es_insert_delayed_block() return void (bsc#1234170).
- ext4: make ext4_es_insert_extent() return void (bsc#1234170).
- ext4: make ext4_es_remove_extent() return void (bsc#1234170).
- ext4: make ext4_zeroout_es() return void (bsc#1234170).
- ext4: make sure allocate pending entry not fail (bsc#1234170).
- ext4: mark buffer new if it is unwritten to avoid stale data exposure (bsc#1234175).
- ext4: move 'ix' sanity check to corrent position (bsc#1234174).
- ext4: move setting of trimmed bit into ext4_try_to_trim_range() (bsc#1234165).
- ext4: nested locking for xattr inode (bsc#1234189).
- ext4: propagate errors from ext4_find_extent() in ext4_insert_range() (bsc#1234194).
- ext4: refactor ext4_da_map_blocks() (bsc#1234178).
- ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks (bsc#1234173).
- ext4: remove the redundant folio_wait_stable() (bsc#1234184).
- ext4: set the type of max_zeroout to unsigned int to avoid overflow (bsc#1234182).
- ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow (bsc#1234181).
- ext4: use pre-allocated es in __es_insert_extent() (bsc#1234170).
- ext4: use pre-allocated es in __es_remove_extent() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_insert_delayed_block() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_insert_extent() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_remove_extent() (bsc#1234170).
- fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-fixes).
- filemap: Fix bounds checking in filemap_read() (bsc#1234209).
- filemap: add a per-mapping stable writes flag (bsc#1234141).
- firmware: arm_scmi: Reject clear channel request on A2P (stable-fixes).
- fs-writeback: do not requeue a clean inode having skipped pages (bsc#1234200).
- fs/writeback: bail out if there is no more inodes for IO and queued once (bsc#1234207).
- fsnotify: fix sending inotify event with unexpected filename (bsc#1234198).
- genirq/cpuhotplug: Retry with cpu_online_mask when migration fails (git-fixes).
- genirq/cpuhotplug: Skip suspended interrupts when restoring affinity (git-fixes).
- genirq/irqdesc: Honor caller provided affinity in alloc_desc() (git-fixes).
- genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
- genksyms: fix memory leak when the same symbol is added from source (git-fixes).
- genksyms: fix memory leak when the same symbol is read from *.symref file (git-fixes).
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
- gpio: grgpio: Add NULL check in grgpio_probe (git-fixes).
- gpio: grgpio: use a helper variable to store the address of ofdev->dev (stable-fixes).
- gpio: mxc: remove dead code after switch to DT-only (git-fixes).
- gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
- hfsplus: do not query the device logical block size multiple times (git-fixes).
- hvc/xen: fix console unplug (git-fixes).
- hvc/xen: fix error path in xen_hvc_init() to always register frontend driver (git-fixes).
- hvc/xen: fix event channel handling for secondary consoles (git-fixes).
- hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes).
- hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
- hwmon: (nct6775) Add 665-ACE/600M-CL to ASUS WMI monitoring list (stable-fixes).
- hwmon: (pmbus/core) clear faults after setting smbalert mask (git-fixes).
- hwmon: (pmbus_core) Allow to hook PMBUS_SMBALERT_MASK (stable-fixes).
- hwmon: (tmp513) Do not use "proxy" headers (stable-fixes).
- hwmon: (tmp513) Fix Current Register value interpretation (git-fixes).
- hwmon: (tmp513) Fix division of negative numbers (git-fixes).
- hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit Registers (git-fixes).
- hwmon: (tmp513) Fix interpretation of values of Temperature Result and Limit Registers (git-fixes).
- hwmon: (tmp513) Simplify with dev_err_probe() (stable-fixes).
- hwmon: (tmp513) Use SI constants from units.h (stable-fixes).
- hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
- i2c: core: fix reference leak in i2c_register_adapter() (git-fixes).
- i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
- i2c: i801: Add support for Intel Panther Lake (stable-fixes).
- i2c: imx: add imx7d compatible string for applying erratum ERR007805 (git-fixes).
- i2c: microchip-core: actually use repeated sends (git-fixes).
- i2c: microchip-core: fix "ghost" detections (git-fixes).
- i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes).
- i2c: pnx: Fix timeout in wait functions (git-fixes).
- i2c: rcar: fix NACK handling when being a target (git-fixes).
- i2c: riic: Always round-up when calculating bus period (git-fixes).
- i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable-fixes).
- i40e: Fix handling changed priv flags (git-fixes).
- i915/guc: Accumulate active runtime on gt reset (git-fixes).
- i915/guc: Ensure busyness counter increases motonically (git-fixes).
- i915/guc: Reset engine utilization buffer before registration (git-fixes).
- ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
- ice: Unbind the workqueue (bsc#1234989)
- ice: change q_index variable type to s16 to store -1 value (git-fixes).
- ice: consistently use q_idx in ice_vc_cfg_qs_msg() (git-fixes).
- ice: fix PHY Clock Recovery availability check (git-fixes).
- idpf: add support for SW triggered interrupts (bsc#1235507).
- idpf: enable WB_ON_ITR (bsc#1235507).
- idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507).
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes).
- igb: Fix potential invalid memory access in igb_init_module() (git-fixes).
- iio: adc: ad7124: Disable all channels at probe time (git-fixes).
- iio: adc: ad_sigma_delta: Handle CS assertion as intended in ad_sd_read_reg_raw() (git-fixes).
- iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes).
- iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes).
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes).
- iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes).
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes).
- iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes).
- iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-fixes).
- iio: imu: kmx61: fix information leak in triggered buffer (git-fixes).
- iio: inkern: call iio_device_put() only on mapped devices (git-fixes).
- iio: light: as73211: fix channel handling in only-color triggered buffer (git-fixes).
- iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes).
- iio: magnetometer: yas530: use signed integer type for clamp limits (git-fixes).
- iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes).
- iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes).
- instrumentation: Wire up cmpxchg128() (bsc#1220773).
- intel_th: core: fix kernel-doc warnings (git-fixes).
- io_uring/rw: avoid punting to io-wq directly (git-fixes).
- io_uring/tctx: work around xa_store() allocation error issue (git-fixes).
- io_uring: Fix registered ring file refcount leak (git-fixes).
- io_uring: always lock __io_cqring_overflow_flush (git-fixes).
- io_uring: check if iowq is killed before queuing (git-fixes).
- iommu/io-pgtable-arm: Fix stage-2 map/unmap for concatenated tables (git-fixes).
- ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
- ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-fixes).
- irqchip/gic-v3: Force propagation of the active state with a read-back (stable-fixes).
- irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (stable-fixes).
- irqflags: Explicitly ignore lockdep_hrtimer_exit() argument (git-fixes).
- isofs: handle CDs with bad root inode but good Joliet root directory (bsc#1234199).
- ixgbe: downgrade logging of unsupported VF API version to debug (git-fixes).
- ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (git-fixes).
- jffs2: Fix rtime decompressor (git-fixes).
- jffs2: Prevent rtime decompress memory corruption (git-fixes).
- jffs2: fix use of uninitialized variable (git-fixes).
- jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git-fixes).
- jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes).
- jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes).
- jfs: fix shift-out-of-bounds in dbSplit (git-fixes).
- jfs: xattr: check invalid xattr size more strictly (git-fixes).
- kABI workaround for struct auto_pin_cfg_item change (git-fixes).
- kABI workaround for struct drm_dp_mst_topology_mgr (git-fixes).
- kabi/severities: make vcap_find_actionfield PASS (bsc#1220773)
- kasan: make report_lock a raw spinlock (git-fixes).
- kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-fixes).
- kdb: Fix buffer overflow during tab-complete (bsc#1234652).
- kdb: Fix console handling when editing and tab-completing commands (bsc#1234655).
- kdb: Merge identical case statements in kdb_read() (bsc#1234657).
- kdb: Use format-specifiers rather than memset() for padding in kdb_read() (bsc#1234658).
- kdb: Use format-strings rather than '\0' injection in kdb_read() (bsc#1234654).
- kdb: Use the passed prompt in kdb_position_cursor() (bsc#1234654).
- kdb: address -Wformat-security warnings (bsc#1234659).
- kgdb: Flush console before entering kgdb on panic (bsc#1234651).
- kheaders: Ignore silly-rename files (stable-fixes).
- ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
- ktest.pl: Check kernelrelease return in get_version (git-fixes).
- ktest.pl: Fix typo "accesing" (git-fixes).
- ktest.pl: Fix typo in comment (git-fixes).
- ktest.pl: Remove unused declarations in run_bisect_test function (git-fixes).
- ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-fixes).
- landlock: Handle weird files (git-fixes).
- latencytop: use correct kernel-doc format for func params (git-fixes).
- leds: class: Protect brightness_show() with led_cdev->led_access mutex (stable-fixes).
- leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
- leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata() (git-fixes).
- lib/inflate.c: remove dead code (git-fixes).
- lib/stackdepot: print disabled message only if truly disabled (git-fixes).
- linux/dmaengine.h: fix a few kernel-doc warnings (git-fixes).
- locking/atomic/x86: Correct the definition of __arch_try_cmpxchg128() (bsc#1220773 git-fix).
- loop: fix the the direct I/O support check when used on top of block devices (bsc#1234143).
- mac80211: fix user-power when emulating chanctx (stable-fixes).
- mac802154: check local interfaces before deleting sdata list (stable-fixes).
- mailbox: pcc: Add support for platform notification handling (stable-fixes).
- mailbox: pcc: Support shared interrupt for multiple subspaces (stable-fixes).
- mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
- maple_tree: simplify split calculation (git-fixes).
- media: camif-core: Add check for clk_enable() (git-fixes).
- media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
- media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
- media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
- media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (stable-fixes).
- media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (git-fixes).
- media: dvb-usb-v2: af9035: fix ISO C90 compilation error on af9035_i2c_master_xfer (git-fixes).
- media: i2c: imx412: Add missing newline to prints (git-fixes).
- media: i2c: ov9282: Correct the exposure offset (git-fixes).
- media: imx-jpeg: Fix potential error pointer dereference in detach_pm() (git-fixes).
- media: imx296: Add standby delay during probe (git-fixes).
- media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
- media: marvell: Add check for clk_enable() (git-fixes).
- media: mc: fix endpoint iteration (git-fixes).
- media: mipi-csis: Add check for clk_enable() (git-fixes).
- media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
- media: ov5640: fix get_light_freq on auto (git-fixes).
- media: rc: iguanair: handle timeouts (git-fixes).
- media: rkisp1: Fix unused value issue (git-fixes).
- media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (stable-fixes).
- media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
- media: uvcvideo: Fix double free in error path (git-fixes).
- media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
- media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes).
- media: uvcvideo: Only save async fh if success (git-fixes).
- media: uvcvideo: Propagate buf->error to userspace (git-fixes).
- media: uvcvideo: RealSense D421 Depth module metadata (stable-fixes).
- media: uvcvideo: Remove dangling pointers (git-fixes).
- media: uvcvideo: Remove redundant NULL assignment (git-fixes).
- media: uvcvideo: Support partial control reads (git-fixes).
- memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git-fixes).
- memory-failure: use a folio in me_huge_page() (git-fixes).
- memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() (git-fixes).
- mfd: da9052-spi: Change read-mask to write-mask (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device (git-fixes).
- misc: fastrpc: Deregister device nodes properly in error scenarios (git-fixes).
- misc: fastrpc: Fix copy buffer page size (git-fixes).
- misc: fastrpc: Fix registered buffer page address (git-fixes).
- misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes).
- misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes).
- misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-fixes).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list (git-fixes).
- mm/filemap: avoid buffered read/write race to read inconsistent data (bsc#1234204).
- mm/memory-failure: cast index to loff_t before shifting it (git-fixes).
- mm/memory-failure: check the mapcount of the precise page (git-fixes).
- mm/memory-failure: fix crash in split_huge_page_to_list from soft_offline_page (git-fixes).
- mm/memory-failure: pass the folio and the page to collect_procs() (git-fixes).
- mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git-fixes).
- mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
- mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes).
- mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
- mm/memory_hotplug: use pfn math in place of direct struct page manipulation (git-fixes).
- mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes).
- mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git-fixes).
- mm/migrate: putback split folios when numa hint migration fails (git-fixes).
- mm/migrate: split source folio if it is on deferred split list (git-fixes).
- mm/page_owner: remove free_ts from page_owner output (git-fixes).
- mm/readahead: do not allow order-1 folio (bsc#1234205).
- mm/readahead: limit page cache size in page_cache_ra_order() (bsc#1234208).
- mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
- mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes).
- mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git-fixes).
- mm: memory-failure: fetch compound head after extra page refcnt is held (git-fixes).
- mm: memory-failure: fix potential page refcnt leak in memory_failure() (git-fixes).
- mm: memory-failure: fix race window when trying to get hugetlb folio (git-fixes).
- mm: memory-failure: remove unneeded PageHuge() check (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- mmc: core: Add SD card quirk for broken poweroff notification (stable-fixes).
- mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting (git-fixes).
- mmc: mtk-sd: fix devm_clk_get_optional usage (stable-fixes).
- mmc: sdhci-esdhc-imx: enable quirks SDHCI_QUIRK_NO_LED (stable-fixes).
- mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia Edu Atla 10 tablet (stable-fixes).
- mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (git-fixes).
- modpost: fix the missed iteration for the max bit in do_input() (git-fixes).
- mtd: diskonchip: Cast an operand to prevent potential overflow (git-fixes).
- mtd: hyperbus: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes).
- mtd: hyperbus: rpc-if: Convert to platform remove callback returning void (stable-fixes).
- mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
- mtd: rawnand: arasan: Fix double assertion of chip-select (git-fixes).
- mtd: rawnand: arasan: Fix missing de-registration of NAND (git-fixes).
- mtd: rawnand: fix double free in atmel_pmecc_create_user() (git-fixes).
- mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
- net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (git-fixes).
- net/ipv6: release expired exception dst cached in socket (bsc#1216813).
- net/mlx5e: CT: Fix null-ptr-deref in add rule err flow (git-fixes).
- net/mlx5e: Remove workaround to avoid syndrome for internal port (git-fixes).
- net/mlx5e: clear xdp features on non-uplink representors (git-fixes).
- net/qed: allow old cards not supporting "num_images" to work (git-fixes).
- net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
- net: Return error from sk_stream_wait_connect() if sk_wait_event() fails (git-fixes).
- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246).
- net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset (git-fixes).
- net: rose: fix timer races against user threads (git-fixes).
- net: usb: qmi_wwan: add Quectel RG650V (stable-fixes).
- net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes).
- net: usb: rtl8150: enable basic endpoint checking (git-fixes).
- net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() (git-fixes).
- net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
- netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778 ZDI-24-1454).
- nfs: ignore SB_RDONLY when mounting nfs (git-fixes).
- nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (git-fixes).
- nfsd: make sure exp active before svc_export_show (git-fixes).
- nfsd: release svc_expkey/svc_export with rcu_work (git-fixes).
- nfsd: restore callback functionality for NFSv4.0 (git-fixes).
- nilfs2: fix buffer head leaks in calls to truncate_inode_pages() (git-fixes).
- nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
- nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes).
- nilfs2: prevent use of deleted inode (git-fixes).
- nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes).
- nvme-rdma: unquiesce admin_q before destroy it (git-fixes).
- nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
- nvme-tcp: fix the memleak while create new ctrl failed (git-fixes).
- nvme/multipath: Fix RCU list traversal to use SRCU primitive (git-fixes).
- nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
- nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
- nvme: apple: fix device reference counting (git-fixes).
- nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-fixes).
- nvme: fix metadata handling in nvme-passthrough (git-fixes).
- nvmet-loop: avoid using mutex in IO hotpath (git-fixes).
- nvmet: propagate npwg topology (git-fixes).
- ocfs2: fix uninitialized value in ocfs2_file_read_iter() (git-fixes).
- ocfs2: free inode when ocfs2_get_init_inode() fails (git-fixes).
- of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (git-fixes).
- of: Fix error path in of_parse_phandle_with_args_map() (git-fixes).
- of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (git-fixes).
- of: address: Report error on resource bounds overflow (stable-fixes).
- padata: add pd get/put refcnt helper (git-fixes).
- padata: avoid UAF for reorder_work (git-fixes).
- padata: fix UAF in padata_reorder (git-fixes).
- parisc: Raise minimal GCC version (bsc#1220773).
- parisc: Raise minimal GCC version to 12.0.0 (bsc#1220773 git-fix).
- percpu: Add {raw,this}_cpu_try_cmpxchg() (bsc#1220773).
- percpu: Fix self-assignment of __old in raw_cpu_generic_try_cmpxchg() (bsc#1220773 git-fix).
- percpu: Wire up cmpxchg128 (bsc#1220773).
- phy: core: Fix an OF node refcount leakage in _of_phy_get() (git-fixes).
- phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (git-fixes).
- phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (git-fixes).
- phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (git-fixes).
- phy: core: Fix that API devm_phy_put() fails to release the phy (git-fixes).
- phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP (git-fixes).
- phy: rockchip: naneng-combphy: fix phy reset (git-fixes).
- phy: usb: Toggle the PHY power during init (git-fixes).
- pinctrl: amd: Take suspend type into consideration which pins are non-wake (git-fixes).
- pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes).
- pinctrl: qcom-pmic-gpio: add support for PM8937 (stable-fixes).
- pinctrl: qcom: spmi-mpp: Add PM8937 compatible (stable-fixes).
- pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional() fails (git-fixes).
- pinmux: Use sequential access to access desc->pinmux data (stable-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1225897).
- platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes).
- platform/x86: dell-smbios-base: Extends support to Alienware products (stable-fixes).
- platform/x86: dell-wmi-base: Handle META key Lock/Unlock events (stable-fixes).
- platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW showing incorrect fan speed (stable-fixes).
- pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
- power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
- power: supply: gpio-charger: Fix set charge current limits (git-fixes).
- powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108).
- powerpc/iommu: Move pSeries specific functions to pseries/iommu.c (bsc#1220711 ltc#205755).
- powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755).
- powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
- powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW (bsc#1218470 ltc#204531).
- powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825).
- pps: add an error check in parport_attach (git-fixes).
- pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- printk: Add is_printk_legacy_deferred() (bsc#1236733).
- printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
- proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git-fixes).
- pwm: stm32-lp: Add check for clk_enable() (git-fixes).
- pwm: stm32: Add check for clk_enable() (git-fixes).
- quota: Fix rcu annotations of inode dquot pointers (bsc#1234197).
- quota: explicitly forbid quota files from being encrypted (bsc#1234196).
- quota: flush quota_release_work upon quota writeback (bsc#1234195).
- quota: simplify drop_dquot_ref() (bsc#1234197).
- rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
- rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
- rcu: Dump memory object info if callback function is invalid (git-fixes)
- rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
- rcuscale: Move rcu_scale_writer() (git-fixes)
- rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
- readahead: use ilog2 instead of a while loop in page_cache_ra_order() (bsc#1234208).
- regmap: Use correct format specifier for logging range errors (stable-fixes).
- regulator: core: Add missing newline character (git-fixes).
- regulator: of: Implement the unwind path of of_regulator_match() (git-fixes).
- regulator: rk808: Add apply_bit for BUCK3 on RK809 (stable-fixes).
- remoteproc: core: Fix ida_free call while not allocated (git-fixes).
- rtc: cmos: avoid taking rtc_lock for extended period of time (stable-fixes).
- rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
- rtc: zynqmp: Fix optional clock name property (git-fixes).
- s390/cio: Do not unregister the subchannel based on DNV (git-fixes).
- s390/cpum_sf: Convert to cmpxchg128() (bsc#1220773).
- s390/cpum_sf: Handle CPU hotplug remove during sampling (git-fixes).
- s390/cpum_sf: Remove WARN_ON_ONCE statements (git-fixes).
- s390/facility: Disable compile time optimization for decompressor code (git-fixes).
- s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (git-fixes).
- s390/pageattr: Implement missing kernel_page_present() (git-fixes).
- s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
- samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
- scatterlist: fix incorrect func name in kernel-doc (git-fixes).
- sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat (bsc#1235865).
- sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi (bsc#1235865).
- sched/numa: fix memory leak due to the overwritten vma->numab_state (git fixes (sched/numa)).
- scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409).
- scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409).
- scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409).
- scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409).
- scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409).
- scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409).
- scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409).
- scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409).
- scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409).
- scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409).
- scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406).
- scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406).
- scsi: qla2xxx: Fix use after free on unload (bsc#1235406).
- scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406).
- scsi: qla2xxx: Remove the unused 'del_list_entry' field in struct fc_port (bsc#1235406).
- scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406).
- scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406).
- scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes).
- scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-fixes).
- seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
- selftest: media_tests: fix trivial UAF typo (git-fixes).
- selftests/alsa: Fix circular dependency involving global-timer (stable-fixes).
- selftests/bpf: Test PROBE_MEM of VSYSCALL_ADDR on x86-64 (git-fixes).
- selftests/landlock: Fix error message (git-fixes).
- selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
- selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
- selftests: harness: fix printing of mismatch values in __EXPECT() (git-fixes).
- selftests: mptcp: avoid spurious errors on disconnect (git-fixes).
- selftests: tc-testing: reduce rshift value (stable-fixes).
- selftests: timers: clocksource-switch: Adapt progress to kselftest framework (git-fixes).
- selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
- serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
- serial: 8250_dw: Add Sophgo SG2044 quirk (stable-fixes).
- serial: 8250_dw: Do not use struct dw8250_data outside of 8250_dw (git-fixes).
- serial: 8250_dw: Replace ACPI device check by a quirk (git-fixes).
- serial: 8250_fintek: Add support for F81216E (stable-fixes).
- serial: Do not hold the port lock when setting rx-during-tx GPIO (git-fixes).
- serial: amba-pl011: Fix RX stall when DMA is used (git-fixes).
- serial: amba-pl011: Use port lock wrappers (stable-fixes).
- serial: amba-pl011: fix build regression (git-fixes).
- serial: do not use uninitialized value in uart_poll_init() (git-fixes).
- serial: imx: only set receiver level if it is zero (git-fixes).
- serial: imx: set receiver level before starting uart (git-fixes).
- serial: qcom-geni: Do not cancel/abort if we can't get the port lock (git-fixes).
- serial: qcom-geni: disable interrupts during console writes (git-fixes).
- serial: qcom-geni: fix arg types for qcom_geni_serial_poll_bit() (git-fixes).
- serial: qcom-geni: fix console corruption (git-fixes).
- serial: qcom-geni: fix dma rx cancellation (git-fixes).
- serial: qcom-geni: fix false console tx restart (git-fixes).
- serial: qcom-geni: fix fifo polling timeout (git-fixes).
- serial: qcom-geni: fix hard lockup on buffer flush (git-fixes).
- serial: qcom-geni: fix polled console corruption (git-fixes).
- serial: qcom-geni: fix polled console initialisation (git-fixes).
- serial: qcom-geni: fix receiver enable (git-fixes).
- serial: qcom-geni: fix shutdown race (git-fixes).
- serial: qcom-geni: fix soft lockup on sw flow control and suspend (git-fixes).
- serial: qcom-geni: introduce qcom_geni_serial_poll_bitfield() (git-fixes).
- serial: qcom-geni: revert broken hibernation support (git-fixes).
- serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (git-fixes).
- serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
- serial: stm32: Return IRQ_NONE in the ISR if no handling happend (git-fixes).
- serial: stm32: do not always set SER_RS485_RX_DURING_TX if RS485 is enabled (git-fixes).
- series.conf: temporarily disable upstream patch patches.suse/ocfs2-fix-UBSAN-warning-in-ocfs2_verify_volume.patch (bsc#1236138)
- slub: Replace cmpxchg_double() (bsc#1220773).
- slub: Replace cmpxchg_double() - KABI fix (bsc#1220773).
- smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: fix issue described in bsc#1233642]
- soc/fsl: cpm: qmc: Convert to platform remove callback returning void (stable-fixes).
- soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
- soc: fsl: cpm1: qmc: Fix blank line and spaces (stable-fixes).
- soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its CPM1 version (stable-fixes).
- soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their CPM1 version (stable-fixes).
- soc: fsl: cpm1: qmc: Re-order probe() operations (stable-fixes).
- soc: fsl: cpm1: qmc: Set the ret error code on platform_get_irq() failure (git-fixes).
- soc: imx8m: Probe the SoC driver as platform driver (stable-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
- soc: qcom: Add check devm_kasprintf() returned value (stable-fixes).
- soc: qcom: geni-se: Add M_TX_FIFO_NOT_EMPTY bit definition (git-fixes).
- soc: qcom: geni-se: add GP_LENGTH/IRQ_EN_SET/IRQ_EN_CLEAR registers (git-fixes).
- soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
- soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
- soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (git-fixes).
- sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
- sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes).
- spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() (git-fixes).
- spi: zynq-qspi: Add check for clk_enable() (git-fixes).
- srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
- srcu: Only accelerate on enqueue time (git-fixes)
- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
- staging: iio: ad9832: Correct phase range check (git-fixes).
- staging: iio: ad9834: Correct phase range check (git-fixes).
- staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-fixes).
- staging: media: max96712: fix kernel oops when removing module (git-fixes).
- sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (git-fixes).
- sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (git-fixes).
- sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() (git-fixes).
- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8645)
- svcrdma: Address an integer overflow (git-fixes).
- svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git-fixes).
- swiotlb: Enforce page alignment in swiotlb_alloc() (git-fixes).
- swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE (git-fixes).
- thermal/drivers/qcom/tsens-v1: Add support for MSM8937 tsens (stable-fixes).
- thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes).
- thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
- thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes).
- tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
- tools: Sync if_xdp.h uapi tooling header (git-fixes).
- tools: hv: change permissions of NetworkManager configuration file (git-fixes).
- tpm/eventlog: Limit memory allocations for event logs with excessive size (bsc#1233260 bsc#1233259 bsc#1232421).
- tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421).
- tpm_tis_spi: Release chip select when flow control fails (bsc#1234338)
- tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes).
- tty: serial: kgdboc: Fix 8250_* kgdb over serial (git-fixes).
- types: Introduce [us]128 (bsc#1220773).
- ubifs: Correct the total block count by deducting journal reservation (git-fixes).
- ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git-fixes).
- ubifs: skip dumping tnc tree when zroot is null (git-fixes).
- udf: Fix lock ordering in udf_evict_inode() (bsc#1234238).
- udf: fix uninit-value use in udf_get_fileshortad (bsc#1234243).
- udf: prevent integer overflow in udf_bitmap_free_blocks() (bsc#1234239).
- udf: refactor inode_bmap() to handle error (bsc#1234242).
- udf: refactor udf_current_aext() to handle error (bsc#1234240).
- udf: refactor udf_next_aext() to handle error (bsc#1234241).
- udf: udftime: prevent overflow in udf_disk_stamp_to_time() (bsc#1234237).
- uio: Fix return value of poll (git-fixes).
- uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-fixes).
- usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
- usb: add support for new USB device ID 0x17EF:0x3098 for the r8152 driver (stable-fixes).
- usb: cdns3-ti: Add workaround for Errata i2409 (stable-fixes).
- usb: cdns3: Add quirk flag to enable suspend residency (stable-fixes).
- usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes).
- usb: chipidea: udc: handle USB Error Interrupt if IOC not set (stable-fixes).
- usb: dwc2: Fix HCD port connection race (git-fixes).
- usb: dwc2: Fix HCD resume (git-fixes).
- usb: dwc2: gadget: Do not write invalid mapped sg entries into dma_desc with iommu enabled (stable-fixes).
- usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (git-fixes).
- usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
- usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
- usb: dwc3: ep0: Do not clear ep0 DWC3_EP_TRANSFER_STARTED (git-fixes).
- usb: dwc3: ep0: Do not reset resource alloc flag (git-fixes).
- usb: dwc3: ep0: Do not reset resource alloc flag (including ep0) (git-fixes).
- usb: dwc3: gadget: Rewrite endpoint allocation flow (stable-fixes).
- usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
- usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode (git-fixes).
- usb: ehci-hcd: fix call balance of clocks handling routines (git-fixes).
- usb: fix reference leak in usb_new_device() (git-fixes).
- usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes).
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes).
- usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
- usb: gadget: f_tcm: Do not free command immediately (git-fixes).
- usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
- usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
- usb: gadget: f_tcm: Translate error to sense (git-fixes).
- usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes).
- usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes).
- usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (git-fixes).
- usb: host: max3421-hcd: Correctly abort a USB request (git-fixes).
- usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
- usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe() (git-fixes).
- usb: typec: anx7411: fix fwnode_handle reference leak (git-fixes).
- usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (bsc#1235001)
- usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes).
- usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (git-fixes).
- usb: typec: use cleanup facility for 'altmodes_node' (stable-fixes).
- usbnet: ipheth: break up NCM header size computation (git-fixes).
- usbnet: ipheth: check that DPE points past NCM header (git-fixes).
- usbnet: ipheth: fix DPE OoB read (git-fixes).
- usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
- usbnet: ipheth: refactor NCM datagram loop (git-fixes).
- usbnet: ipheth: use static NDP16 location in URB (git-fixes).
- vDPA/ifcvf: Fix pci_read_config_byte() return code handling (git-fixes).
- vdpa/mlx5: Fix PA offset with unaligned starting iotlb map (git-fixes).
- vdpa/mlx5: Fix suboptimal range on iotlb iteration (git-fixes).
- vdpa: solidrun: Fix UB bug with devres (git-fixes).
- vfs: fix readahead(2) on block devices (bsc#1234201).
- vmscan,migrate: fix page count imbalance on node stats when demoting pages (git-fixes).
- watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes).
- watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset (stable-fixes).
- watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes).
- wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855 (git-fixes).
- wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
- wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-fixes).
- wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
- wifi: ath5k: add PCI ID for Arcadyan devices (git-fixes).
- wifi: ath5k: add PCI ID for SX76X (git-fixes).
- wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (stable-fixes).
- wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
- wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
- wifi: cfg80211: sme: init n_channels before channels[] access (git-fixes).
- wifi: cw1200: Fix potential NULL dereference (git-fixes).
- wifi: ipw2x00: libipw_rx_any(): fix bad alignment (stable-fixes).
- wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
- wifi: iwlwifi: mvm: Use the sync timepoint API in suspend (stable-fixes).
- wifi: mac80211: Add non-atomic station iterator (stable-fixes).
- wifi: mac80211: Fix common size calculation for ML element (git-fixes).
- wifi: mac80211: clean up 'ret' in sta_link_apply_parameters() (stable-fixes).
- wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
- wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable-fixes).
- wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes).
- wifi: mac80211: fix station NSS capability initialization order (git-fixes).
- wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
- wifi: mac80211: init cnt before accessing elem in ieee80211_copy_mbssid_beacon (git-fixes).
- wifi: mac80211: prohibit deactivating all links (git-fixes).
- wifi: mac80211: wake the queues in case of failure in resume (stable-fixes).
- wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO (git-fixes).
- wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
- wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916 (git-fixes).
- wifi: mt76: mt7915: firmware restart on devices with a second pcie link (git-fixes).
- wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-fixes).
- wifi: mt76: mt7915: fix register mapping (git-fixes).
- wifi: mt76: mt7921: fix using incorrect group cipher after disconnection (git-fixes).
- wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
- wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
- wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
- wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
- wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
- wifi: mt76: mt7996: fix ldpc setting (git-fixes).
- wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-fixes).
- wifi: mt76: mt7996: fix register mapping (git-fixes).
- wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-fixes).
- wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-fixes).
- wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one (git-fixes).
- wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures (stable-fixes).
- wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
- wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
- wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
- wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-fixes).
- wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-fixes).
- wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
- wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (git-fixes).
- wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
- wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop (git-fixes).
- wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
- wifi: rtlwifi: wait for firmware loading before releasing memory (git-fixes).
- wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes).
- wifi: rtw89: check return value of ieee80211_probereq_get() for RNR (stable-fixes).
- wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
- wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
- wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
- workqueue: Add rcu lock check at the end of work item execution (bsc#1236732).
- workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416).
- writeback, cgroup: switch inodes with dirty timestamps to release dying cgwbs (bsc#1234203).
- x86,amd_iommu: Replace cmpxchg_double() (bsc#1220773).
- x86,intel_iommu: Replace cmpxchg_double() (bsc#1220773).
- x86/hyperv: Fix hv tsc page based sched_clock for hibernation (git-fixes).
- x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes).
- xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
- xfs: Propagate errors from xfs_reflink_cancel_cow_range in xfs_dax_write_iomap_end (git-fixes).
- xfs: do not allocate COW extents when unsharing a hole (git-fixes).
- xfs: fix sb_spino_align checks for large fsblock sizes (git-fixes).
- xfs: remove unknown compat feature check in superblock write validation (git-fixes).
- xfs: return from xfs_symlink_verify early on V4 filesystems (git-fixes).
- xfs: sb_spino_align is not verified (git-fixes).
- xhci: Add usb cold attach (CAS) as a reason to resume root hub (git-fixes).
- xhci: Allow RPM on the USB controller (1022:43f7) by default (stable-fixes).
- xhci: fix possible null pointer deref during xhci urb enqueue (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1181674SUSE bug 1194869SUSE bug 1207948SUSE bug 1214954SUSE bug 1215199SUSE bug 1216702SUSE bug 1216813SUSE bug 1218470SUSE bug 1219170SUSE bug 1219596SUSE bug 1220021SUSE bug 1220328SUSE bug 1220430SUSE bug 1220711SUSE bug 1220773SUSE bug 1221044SUSE bug 1221303SUSE bug 1221858SUSE bug 1222426SUSE bug 1222608SUSE bug 1222721SUSE bug 1222775SUSE bug 1222780SUSE bug 1223020SUSE bug 1223023SUSE bug 1223024SUSE bug 1223038SUSE bug 1223039SUSE bug 1223041SUSE bug 1223046SUSE bug 1223051SUSE bug 1223052SUSE bug 1223058SUSE bug 1223061SUSE bug 1223076SUSE bug 1223113SUSE bug 1223187SUSE bug 1223285SUSE bug 1223315SUSE bug 1223591SUSE bug 1223592SUSE bug 1223633SUSE bug 1223637SUSE bug 1223641SUSE bug 1223649SUSE bug 1223650SUSE bug 1223651SUSE bug 1223652SUSE bug 1223654SUSE bug 1223660SUSE bug 1223661SUSE bug 1223665SUSE bug 1223666SUSE bug 1223671SUSE bug 1223675SUSE bug 1223677SUSE bug 1223678SUSE bug 1223696SUSE bug 1223698SUSE bug 1223705SUSE bug 1223712SUSE bug 1223718SUSE bug 1223728SUSE bug 1223739SUSE bug 1223741SUSE bug 1223744SUSE bug 1223747SUSE bug 1223748SUSE bug 1223750SUSE bug 1223752SUSE bug 1223754SUSE bug 1223757SUSE bug 1223759SUSE bug 1223761SUSE bug 1223762SUSE bug 1223782SUSE bug 1223787SUSE bug 1223788SUSE bug 1223789SUSE bug 1223790SUSE bug 1223802SUSE bug 1223805SUSE bug 1223827SUSE bug 1223831SUSE bug 1223834SUSE bug 1223869SUSE bug 1223874SUSE bug 1224095SUSE bug 1224174SUSE bug 1224177SUSE bug 1224180SUSE bug 1224423SUSE bug 1224432SUSE bug 1224433SUSE bug 1224437SUSE bug 1224438SUSE bug 1224443SUSE bug 1224445SUSE bug 1224449SUSE bug 1224479SUSE bug 1224480SUSE bug 1224482SUSE bug 1224486SUSE bug 1224487SUSE bug 1224491SUSE bug 1224492SUSE bug 1224494SUSE bug 1224495SUSE bug 1224500SUSE bug 1224501SUSE bug 1224504SUSE bug 1224505SUSE bug 1224506SUSE bug 1224507SUSE bug 1224508SUSE bug 1224509SUSE bug 1224513SUSE bug 1224517SUSE bug 1224519SUSE bug 1224521SUSE bug 1224524SUSE bug 1224526SUSE bug 1224537SUSE bug 1224542SUSE bug 1224546SUSE bug 1224552SUSE bug 1224555SUSE bug 1224557SUSE bug 1224558SUSE bug 1224559SUSE bug 1224562SUSE bug 1224566SUSE bug 1224567SUSE bug 1224568SUSE bug 1224569SUSE bug 1224571SUSE bug 1224573SUSE bug 1224576SUSE bug 1224577SUSE bug 1224578SUSE bug 1224579SUSE bug 1224582SUSE bug 1224585SUSE bug 1224586SUSE bug 1224587SUSE bug 1224588SUSE bug 1224592SUSE bug 1224596SUSE bug 1224598SUSE bug 1224600SUSE bug 1224601SUSE bug 1224603SUSE bug 1224605SUSE bug 1224607SUSE bug 1224609SUSE bug 1224611SUSE bug 1224613SUSE bug 1224615SUSE bug 1224617SUSE bug 1224618SUSE bug 1224620SUSE bug 1224622SUSE bug 1224623SUSE bug 1224624SUSE bug 1224626SUSE bug 1224627SUSE bug 1224629SUSE bug 1224630SUSE bug 1224632SUSE bug 1224633SUSE bug 1224634SUSE bug 1224637SUSE bug 1224639SUSE bug 1224640SUSE bug 1224643SUSE bug 1224644SUSE bug 1224646SUSE bug 1224647SUSE bug 1224650SUSE bug 1224651SUSE bug 1224653SUSE bug 1224654SUSE bug 1224657SUSE bug 1224660SUSE bug 1224663SUSE bug 1224665SUSE bug 1224666SUSE bug 1224671SUSE bug 1224675SUSE bug 1224676SUSE bug 1224677SUSE bug 1224680SUSE bug 1224681SUSE bug 1224682SUSE bug 1224683SUSE bug 1224685SUSE bug 1224686SUSE bug 1224687SUSE bug 1224688SUSE bug 1224692SUSE bug 1224696SUSE bug 1224697SUSE bug 1224699SUSE bug 1224701SUSE bug 1224703SUSE bug 1224704SUSE bug 1224705SUSE bug 1224706SUSE bug 1224707SUSE bug 1224709SUSE bug 1224710SUSE bug 1224712SUSE bug 1224714SUSE bug 1224716SUSE bug 1224717SUSE bug 1224719SUSE bug 1224722SUSE bug 1224723SUSE bug 1224726SUSE bug 1224728SUSE bug 1224729SUSE bug 1224730SUSE bug 1224731SUSE bug 1224732SUSE bug 1224733SUSE bug 1224736SUSE bug 1224738SUSE bug 1224739SUSE bug 1224740SUSE bug 1224741SUSE bug 1224747SUSE bug 1224749SUSE bug 1224803SUSE bug 1224804SUSE bug 1225502SUSE bug 1225579SUSE bug 1225593SUSE bug 1225692SUSE bug 1225694SUSE bug 1225695SUSE bug 1225698SUSE bug 1225699SUSE bug 1225704SUSE bug 1225705SUSE bug 1225708SUSE bug 1225710SUSE bug 1225715SUSE bug 1225720SUSE bug 1225722SUSE bug 1225728SUSE bug 1225734SUSE bug 1225735SUSE bug 1225736SUSE bug 1225743SUSE bug 1225747SUSE bug 1225748SUSE bug 1225749SUSE bug 1225750SUSE bug 1225769SUSE bug 1225775SUSE bug 1225820SUSE bug 1225897SUSE bug 1226980SUSE bug 1227445SUSE bug 1228526SUSE bug 1228592SUSE bug 1229025SUSE bug 1229809SUSE bug 1229833SUSE bug 1230205SUSE bug 1230697SUSE bug 1231016SUSE bug 1231854SUSE bug 1231909SUSE bug 1231963SUSE bug 1232087SUSE bug 1232101SUSE bug 1232158SUSE bug 1232161SUSE bug 1232193SUSE bug 1232198SUSE bug 1232201SUSE bug 1232418SUSE bug 1232419SUSE bug 1232420SUSE bug 1232421SUSE bug 1232436SUSE bug 1232882SUSE bug 1233038SUSE bug 1233055SUSE bug 1233070SUSE bug 1233096SUSE bug 1233112SUSE bug 1233200SUSE bug 1233204SUSE bug 1233239SUSE bug 1233259SUSE bug 1233260SUSE bug 1233324SUSE bug 1233328SUSE bug 1233461SUSE bug 1233467SUSE bug 1233469SUSE bug 1233488SUSE bug 1233546SUSE bug 1233558SUSE bug 1233637SUSE bug 1233638SUSE bug 1233642SUSE bug 1233772SUSE bug 1233778SUSE bug 1233837SUSE bug 1234024SUSE bug 1234069SUSE bug 1234071SUSE bug 1234073SUSE bug 1234075SUSE bug 1234076SUSE bug 1234077SUSE bug 1234079SUSE bug 1234086SUSE bug 1234139SUSE bug 1234140SUSE bug 1234141SUSE bug 1234142SUSE bug 1234143SUSE bug 1234144SUSE bug 1234145SUSE bug 1234146SUSE bug 1234147SUSE bug 1234148SUSE bug 1234149SUSE bug 1234150SUSE bug 1234153SUSE bug 1234155SUSE bug 1234156SUSE bug 1234158SUSE bug 1234159SUSE bug 1234160SUSE bug 1234161SUSE bug 1234162SUSE bug 1234163SUSE bug 1234164SUSE bug 1234165SUSE bug 1234166SUSE bug 1234167SUSE bug 1234168SUSE bug 1234169SUSE bug 1234170SUSE bug 1234171SUSE bug 1234172SUSE bug 1234173SUSE bug 1234174SUSE bug 1234175SUSE bug 1234176SUSE bug 1234177SUSE bug 1234178SUSE bug 1234179SUSE bug 1234180SUSE bug 1234181SUSE bug 1234182SUSE bug 1234183SUSE bug 1234184SUSE bug 1234185SUSE bug 1234186SUSE bug 1234187SUSE bug 1234188SUSE bug 1234189SUSE bug 1234190SUSE bug 1234191SUSE bug 1234192SUSE bug 1234193SUSE bug 1234194SUSE bug 1234195SUSE bug 1234196SUSE bug 1234197SUSE bug 1234198SUSE bug 1234199SUSE bug 1234200SUSE bug 1234201SUSE bug 1234203SUSE bug 1234204SUSE bug 1234205SUSE bug 1234207SUSE bug 1234208SUSE bug 1234209SUSE bug 1234219SUSE bug 1234220SUSE bug 1234221SUSE bug 1234237SUSE bug 1234238SUSE bug 1234239SUSE bug 1234240SUSE bug 1234241SUSE bug 1234242SUSE bug 1234243SUSE bug 1234278SUSE bug 1234279SUSE bug 1234280SUSE bug 1234281SUSE bug 1234282SUSE bug 1234294SUSE bug 1234338SUSE bug 1234357SUSE bug 1234381SUSE bug 1234454SUSE bug 1234464SUSE bug 1234605SUSE bug 1234619SUSE bug 1234635SUSE bug 1234651SUSE bug 1234652SUSE bug 1234654SUSE bug 1234655SUSE bug 1234657SUSE bug 1234658SUSE bug 1234659SUSE bug 1234668SUSE bug 1234683SUSE bug 1234690SUSE bug 1234693SUSE bug 1234725SUSE bug 1234726SUSE bug 1234810SUSE bug 1234811SUSE bug 1234825SUSE bug 1234826SUSE bug 1234827SUSE bug 1234829SUSE bug 1234832SUSE bug 1234834SUSE bug 1234843SUSE bug 1234846SUSE bug 1234848SUSE bug 1234853SUSE bug 1234855SUSE bug 1234856SUSE bug 1234863SUSE bug 1234884SUSE bug 1234887SUSE bug 1234888SUSE bug 1234889SUSE bug 1234891SUSE bug 1234893SUSE bug 1234898SUSE bug 1234899SUSE bug 1234900SUSE bug 1234901SUSE bug 1234905SUSE bug 1234906SUSE bug 1234907SUSE bug 1234909SUSE bug 1234911SUSE bug 1234912SUSE bug 1234916SUSE bug 1234918SUSE bug 1234920SUSE bug 1234921SUSE bug 1234922SUSE bug 1234923SUSE bug 1234929SUSE bug 1234930SUSE bug 1234931SUSE bug 1234934SUSE bug 1234937SUSE bug 1234947SUSE bug 1234948SUSE bug 1234950SUSE bug 1234952SUSE bug 1234957SUSE bug 1234960SUSE bug 1234962SUSE bug 1234963SUSE bug 1234968SUSE bug 1234969SUSE bug 1234970SUSE bug 1234971SUSE bug 1234973SUSE bug 1234974SUSE bug 1234989SUSE bug 1234999SUSE bug 1235000SUSE bug 1235001SUSE bug 1235002SUSE bug 1235003SUSE bug 1235004SUSE bug 1235007SUSE bug 1235009SUSE bug 1235011SUSE bug 1235016SUSE bug 1235019SUSE bug 1235031SUSE bug 1235032SUSE bug 1235033SUSE bug 1235035SUSE bug 1235037SUSE bug 1235038SUSE bug 1235039SUSE bug 1235040SUSE bug 1235042SUSE bug 1235043SUSE bug 1235045SUSE bug 1235046SUSE bug 1235050SUSE bug 1235051SUSE bug 1235053SUSE bug 1235054SUSE bug 1235056SUSE bug 1235057SUSE bug 1235059SUSE bug 1235061SUSE bug 1235065SUSE bug 1235070SUSE bug 1235073SUSE bug 1235075SUSE bug 1235100SUSE bug 1235108SUSE bug 1235112SUSE bug 1235115SUSE bug 1235117SUSE bug 1235122SUSE bug 1235123SUSE bug 1235125SUSE bug 1235128SUSE bug 1235132SUSE bug 1235133SUSE bug 1235134SUSE bug 1235138SUSE bug 1235155SUSE bug 1235160SUSE bug 1235217SUSE bug 1235219SUSE bug 1235220SUSE bug 1235222SUSE bug 1235223SUSE bug 1235224SUSE bug 1235227SUSE bug 1235230SUSE bug 1235241SUSE bug 1235246SUSE bug 1235249SUSE bug 1235251SUSE bug 1235252SUSE bug 1235389SUSE bug 1235390SUSE bug 1235391SUSE bug 1235406SUSE bug 1235409SUSE bug 1235410SUSE bug 1235412SUSE bug 1235413SUSE bug 1235415SUSE bug 1235416SUSE bug 1235417SUSE bug 1235418SUSE bug 1235423SUSE bug 1235424SUSE bug 1235425SUSE bug 1235426SUSE bug 1235427SUSE bug 1235428SUSE bug 1235429SUSE bug 1235430SUSE bug 1235433SUSE bug 1235437SUSE bug 1235439SUSE bug 1235444SUSE bug 1235445SUSE bug 1235449SUSE bug 1235451SUSE bug 1235454SUSE bug 1235458SUSE bug 1235459SUSE bug 1235464SUSE bug 1235466SUSE bug 1235473SUSE bug 1235479SUSE bug 1235480SUSE bug 1235483SUSE bug 1235486SUSE bug 1235487SUSE bug 1235488SUSE bug 1235489SUSE bug 1235491SUSE bug 1235494SUSE bug 1235495SUSE bug 1235496SUSE bug 1235497SUSE bug 1235498SUSE bug 1235500SUSE bug 1235502SUSE bug 1235503SUSE bug 1235507SUSE bug 1235519SUSE bug 1235520SUSE bug 1235521SUSE bug 1235523SUSE bug 1235526SUSE bug 1235528SUSE bug 1235532SUSE bug 1235533SUSE bug 1235534SUSE bug 1235537SUSE bug 1235538SUSE bug 1235545SUSE bug 1235550SUSE bug 1235552SUSE bug 1235555SUSE bug 1235557SUSE bug 1235563SUSE bug 1235564SUSE bug 1235565SUSE bug 1235568SUSE bug 1235570SUSE bug 1235571SUSE bug 1235577SUSE bug 1235578SUSE bug 1235582SUSE bug 1235583SUSE bug 1235584SUSE bug 1235587SUSE bug 1235611SUSE bug 1235612SUSE bug 1235616SUSE bug 1235622SUSE bug 1235627SUSE bug 1235632SUSE bug 1235635SUSE bug 1235638SUSE bug 1235641SUSE bug 1235643SUSE bug 1235645SUSE bug 1235646SUSE bug 1235647SUSE bug 1235650SUSE bug 1235653SUSE bug 1235656SUSE bug 1235657SUSE bug 1235663SUSE bug 1235686SUSE bug 1235700SUSE bug 1235705SUSE bug 1235707SUSE bug 1235708SUSE bug 1235710SUSE bug 1235714SUSE bug 1235716SUSE bug 1235720SUSE bug 1235723SUSE bug 1235727SUSE bug 1235730SUSE bug 1235737SUSE bug 1235739SUSE bug 1235745SUSE bug 1235747SUSE bug 1235750SUSE bug 1235753SUSE bug 1235759SUSE bug 1235764SUSE bug 1235768SUSE bug 1235776SUSE bug 1235777SUSE bug 1235778SUSE bug 1235779SUSE bug 1235793SUSE bug 1235798SUSE bug 1235806SUSE bug 1235808SUSE bug 1235812SUSE bug 1235814SUSE bug 1235818SUSE bug 1235842SUSE bug 1235865SUSE bug 1235894SUSE bug 1235902SUSE bug 1235903SUSE bug 1235906SUSE bug 1235918SUSE bug 1235919SUSE bug 1235920SUSE bug 1235924SUSE bug 1235940SUSE bug 1235941SUSE bug 1235946SUSE bug 1235948SUSE bug 1235952SUSE bug 1235964SUSE bug 1235965SUSE bug 1235967SUSE bug 1235969SUSE bug 1235976SUSE bug 1235977SUSE bug 1236078SUSE bug 1236080SUSE bug 1236082SUSE bug 1236088SUSE bug 1236090SUSE bug 1236091SUSE bug 1236096SUSE bug 1236097SUSE bug 1236098SUSE bug 1236101SUSE bug 1236102SUSE bug 1236104SUSE bug 1236106SUSE bug 1236120SUSE bug 1236125SUSE bug 1236127SUSE bug 1236131SUSE bug 1236138SUSE bug 1236143SUSE bug 1236144SUSE bug 1236145SUSE bug 1236160SUSE bug 1236161SUSE bug 1236163SUSE bug 1236168SUSE bug 1236178SUSE bug 1236180SUSE bug 1236181SUSE bug 1236182SUSE bug 1236190SUSE bug 1236192SUSE bug 1236198SUSE bug 1236227SUSE bug 1236245SUSE bug 1236247SUSE bug 1236248SUSE bug 1236260SUSE bug 1236262SUSE bug 1236628SUSE bug 1236688SUSE bug 1236696SUSE bug 1236703SUSE bug 1236732SUSE bug 1236733CVE-2023-47233 at SUSECVE-2023-47233 at NVDCVE-2023-52463 at SUSECVE-2023-52463 at NVDCVE-2023-52472 at SUSECVE-2023-52472 at NVDCVE-2023-52591 at SUSECVE-2023-52591 at NVDCVE-2023-52653 at SUSECVE-2023-52653 at NVDCVE-2023-52657 at SUSECVE-2023-52657 at NVDCVE-2023-52658 at SUSECVE-2023-52658 at NVDCVE-2023-52660 at SUSECVE-2023-52660 at NVDCVE-2023-52661 at SUSECVE-2023-52661 at NVDCVE-2023-52662 at SUSECVE-2023-52662 at NVDCVE-2023-52663 at SUSECVE-2023-52663 at NVDCVE-2023-52664 at SUSECVE-2023-52664 at NVDCVE-2023-52667 at SUSECVE-2023-52667 at NVDCVE-2023-52669 at SUSECVE-2023-52669 at NVDCVE-2023-52670 at SUSECVE-2023-52670 at NVDCVE-2023-52671 at SUSECVE-2023-52671 at NVDCVE-2023-52673 at SUSECVE-2023-52673 at NVDCVE-2023-52675 at SUSECVE-2023-52675 at NVDCVE-2023-52676 at SUSECVE-2023-52676 at NVDCVE-2023-52678 at SUSECVE-2023-52678 at NVDCVE-2023-52679 at SUSECVE-2023-52679 at NVDCVE-2023-52681 at SUSECVE-2023-52681 at NVDCVE-2023-52683 at SUSECVE-2023-52683 at NVDCVE-2023-52685 at SUSECVE-2023-52685 at NVDCVE-2023-52686 at SUSECVE-2023-52686 at NVDCVE-2023-52687 at SUSECVE-2023-52687 at NVDCVE-2023-52690 at SUSECVE-2023-52690 at NVDCVE-2023-52691 at SUSECVE-2023-52691 at NVDCVE-2023-52693 at SUSECVE-2023-52693 at NVDCVE-2023-52694 at SUSECVE-2023-52694 at NVDCVE-2023-52695 at SUSECVE-2023-52695 at NVDCVE-2023-52696 at SUSECVE-2023-52696 at NVDCVE-2023-52697 at SUSECVE-2023-52697 at NVDCVE-2023-52882 at SUSECVE-2023-52882 at NVDCVE-2023-52923 at SUSECVE-2023-52923 at NVDCVE-2024-22099 at SUSECVE-2024-22099 at NVDCVE-2024-26611 at SUSECVE-2024-26611 at NVDCVE-2024-26742 at SUSECVE-2024-26742 at NVDCVE-2024-26761 at SUSECVE-2024-26761 at NVDCVE-2024-26764 at SUSECVE-2024-26764 at NVDCVE-2024-26786 at SUSECVE-2024-26786 at NVDCVE-2024-26794 at SUSECVE-2024-26794 at NVDCVE-2024-26846 at SUSECVE-2024-26846 at NVDCVE-2024-26853 at SUSECVE-2024-26853 at NVDCVE-2024-26854 at SUSECVE-2024-26854 at NVDCVE-2024-26855 at SUSECVE-2024-26855 at NVDCVE-2024-26856 at SUSECVE-2024-26856 at NVDCVE-2024-26857 at SUSECVE-2024-26857 at NVDCVE-2024-26858 at SUSECVE-2024-26858 at NVDCVE-2024-26861 at SUSECVE-2024-26861 at NVDCVE-2024-26866 at SUSECVE-2024-26866 at NVDCVE-2024-26868 at SUSECVE-2024-26868 at NVDCVE-2024-26870 at SUSECVE-2024-26870 at NVDCVE-2024-26881 at SUSECVE-2024-26881 at NVDCVE-2024-26900 at SUSECVE-2024-26900 at NVDCVE-2024-26903 at SUSECVE-2024-26903 at NVDCVE-2024-26922 at SUSECVE-2024-26922 at NVDCVE-2024-26924 at SUSECVE-2024-26924 at NVDCVE-2024-26932 at SUSECVE-2024-26932 at NVDCVE-2024-26934 at SUSECVE-2024-26934 at NVDCVE-2024-26935 at SUSECVE-2024-26935 at NVDCVE-2024-26937 at SUSECVE-2024-26937 at NVDCVE-2024-26938 at SUSECVE-2024-26938 at NVDCVE-2024-26940 at SUSECVE-2024-26940 at NVDCVE-2024-26943 at SUSECVE-2024-26943 at NVDCVE-2024-26949 at SUSECVE-2024-26949 at NVDCVE-2024-26950 at SUSECVE-2024-26950 at NVDCVE-2024-26951 at SUSECVE-2024-26951 at NVDCVE-2024-26957 at SUSECVE-2024-26957 at NVDCVE-2024-26961 at SUSECVE-2024-26961 at NVDCVE-2024-26962 at SUSECVE-2024-26962 at NVDCVE-2024-26963 at SUSECVE-2024-26963 at NVDCVE-2024-26964 at SUSECVE-2024-26964 at NVDCVE-2024-26973 at SUSECVE-2024-26973 at NVDCVE-2024-26983 at SUSECVE-2024-26983 at NVDCVE-2024-26984 at SUSECVE-2024-26984 at NVDCVE-2024-26986 at SUSECVE-2024-26986 at NVDCVE-2024-26988 at SUSECVE-2024-26988 at NVDCVE-2024-26989 at SUSECVE-2024-26989 at NVDCVE-2024-26994 at SUSECVE-2024-26994 at NVDCVE-2024-26995 at SUSECVE-2024-26995 at NVDCVE-2024-26996 at SUSECVE-2024-26996 at NVDCVE-2024-26997 at SUSECVE-2024-26997 at NVDCVE-2024-26999 at SUSECVE-2024-26999 at NVDCVE-2024-27000 at SUSECVE-2024-27000 at NVDCVE-2024-27001 at SUSECVE-2024-27001 at NVDCVE-2024-27002 at SUSECVE-2024-27002 at NVDCVE-2024-27003 at SUSECVE-2024-27003 at NVDCVE-2024-27004 at SUSECVE-2024-27004 at NVDCVE-2024-27008 at SUSECVE-2024-27008 at NVDCVE-2024-27027 at SUSECVE-2024-27027 at NVDCVE-2024-27028 at SUSECVE-2024-27028 at NVDCVE-2024-27029 at SUSECVE-2024-27029 at NVDCVE-2024-27030 at SUSECVE-2024-27030 at NVDCVE-2024-27031 at SUSECVE-2024-27031 at NVDCVE-2024-27046 at SUSECVE-2024-27046 at NVDCVE-2024-27057 at SUSECVE-2024-27057 at NVDCVE-2024-27062 at SUSECVE-2024-27062 at NVDCVE-2024-27067 at SUSECVE-2024-27067 at NVDCVE-2024-27080 at SUSECVE-2024-27080 at NVDCVE-2024-27388 at SUSECVE-2024-27388 at NVDCVE-2024-27389 at SUSECVE-2024-27389 at NVDCVE-2024-27397 at SUSECVE-2024-27397 at NVDCVE-2024-27398 at SUSECVE-2024-27398 at NVDCVE-2024-27399 at SUSECVE-2024-27399 at NVDCVE-2024-27400 at SUSECVE-2024-27400 at NVDCVE-2024-27405 at SUSECVE-2024-27405 at NVDCVE-2024-27410 at SUSECVE-2024-27410 at NVDCVE-2024-27411 at SUSECVE-2024-27411 at NVDCVE-2024-27412 at SUSECVE-2024-27412 at NVDCVE-2024-27413 at SUSECVE-2024-27413 at NVDCVE-2024-27416 at SUSECVE-2024-27416 at NVDCVE-2024-27432 at SUSECVE-2024-27432 at NVDCVE-2024-27434 at SUSECVE-2024-27434 at NVDCVE-2024-27435 at SUSECVE-2024-27435 at NVDCVE-2024-27436 at SUSECVE-2024-27436 at NVDCVE-2024-35784 at SUSECVE-2024-35784 at NVDCVE-2024-35786 at SUSECVE-2024-35786 at NVDCVE-2024-35788 at SUSECVE-2024-35788 at NVDCVE-2024-35789 at SUSECVE-2024-35789 at NVDCVE-2024-35790 at SUSECVE-2024-35790 at NVDCVE-2024-35794 at SUSECVE-2024-35794 at NVDCVE-2024-35795 at SUSECVE-2024-35795 at NVDCVE-2024-35796 at SUSECVE-2024-35796 at NVDCVE-2024-35799 at SUSECVE-2024-35799 at NVDCVE-2024-35800 at SUSECVE-2024-35800 at NVDCVE-2024-35801 at SUSECVE-2024-35801 at NVDCVE-2024-35806 at SUSECVE-2024-35806 at NVDCVE-2024-35808 at SUSECVE-2024-35808 at NVDCVE-2024-35809 at SUSECVE-2024-35809 at NVDCVE-2024-35810 at SUSECVE-2024-35810 at NVDCVE-2024-35811 at SUSECVE-2024-35811 at NVDCVE-2024-35812 at SUSECVE-2024-35812 at NVDCVE-2024-35813 at SUSECVE-2024-35813 at NVDCVE-2024-35815 at SUSECVE-2024-35815 at NVDCVE-2024-35817 at SUSECVE-2024-35817 at NVDCVE-2024-35819 at SUSECVE-2024-35819 at NVDCVE-2024-35821 at SUSECVE-2024-35821 at NVDCVE-2024-35822 at SUSECVE-2024-35822 at NVDCVE-2024-35823 at SUSECVE-2024-35823 at NVDCVE-2024-35824 at SUSECVE-2024-35824 at NVDCVE-2024-35825 at SUSECVE-2024-35825 at NVDCVE-2024-35828 at SUSECVE-2024-35828 at NVDCVE-2024-35829 at SUSECVE-2024-35829 at NVDCVE-2024-35830 at SUSECVE-2024-35830 at NVDCVE-2024-35833 at SUSECVE-2024-35833 at NVDCVE-2024-35834 at SUSECVE-2024-35834 at NVDCVE-2024-35835 at SUSECVE-2024-35835 at NVDCVE-2024-35836 at SUSECVE-2024-35836 at NVDCVE-2024-35837 at SUSECVE-2024-35837 at NVDCVE-2024-35838 at SUSECVE-2024-35838 at NVDCVE-2024-35839 at SUSECVE-2024-35839 at NVDCVE-2024-35841 at SUSECVE-2024-35841 at NVDCVE-2024-35842 at SUSECVE-2024-35842 at NVDCVE-2024-35845 at SUSECVE-2024-35845 at NVDCVE-2024-35847 at SUSECVE-2024-35847 at NVDCVE-2024-35849 at SUSECVE-2024-35849 at NVDCVE-2024-35850 at SUSECVE-2024-35850 at NVDCVE-2024-35851 at SUSECVE-2024-35851 at NVDCVE-2024-35875 at SUSECVE-2024-35875 at NVDCVE-2024-35878 at SUSECVE-2024-35878 at NVDCVE-2024-35879 at SUSECVE-2024-35879 at NVDCVE-2024-35883 at SUSECVE-2024-35883 at NVDCVE-2024-35885 at SUSECVE-2024-35885 at NVDCVE-2024-35887 at SUSECVE-2024-35887 at NVDCVE-2024-35889 at SUSECVE-2024-35889 at NVDCVE-2024-35891 at SUSECVE-2024-35891 at NVDCVE-2024-35901 at SUSECVE-2024-35901 at NVDCVE-2024-35904 at SUSECVE-2024-35904 at NVDCVE-2024-35907 at SUSECVE-2024-35907 at NVDCVE-2024-35909 at SUSECVE-2024-35909 at NVDCVE-2024-35911 at SUSECVE-2024-35911 at NVDCVE-2024-35912 at SUSECVE-2024-35912 at NVDCVE-2024-35914 at SUSECVE-2024-35914 at NVDCVE-2024-35915 at SUSECVE-2024-35915 at NVDCVE-2024-35916 at SUSECVE-2024-35916 at NVDCVE-2024-35922 at SUSECVE-2024-35922 at NVDCVE-2024-35924 at SUSECVE-2024-35924 at NVDCVE-2024-35927 at SUSECVE-2024-35927 at NVDCVE-2024-35928 at SUSECVE-2024-35928 at NVDCVE-2024-35930 at SUSECVE-2024-35930 at NVDCVE-2024-35932 at SUSECVE-2024-35932 at NVDCVE-2024-35933 at SUSECVE-2024-35933 at NVDCVE-2024-35936 at SUSECVE-2024-35936 at NVDCVE-2024-35937 at SUSECVE-2024-35937 at NVDCVE-2024-35938 at SUSECVE-2024-35938 at NVDCVE-2024-35940 at SUSECVE-2024-35940 at NVDCVE-2024-35945 at SUSECVE-2024-35945 at NVDCVE-2024-35946 at SUSECVE-2024-35946 at NVDCVE-2024-35947 at SUSECVE-2024-35947 at NVDCVE-2024-35950 at SUSECVE-2024-35950 at NVDCVE-2024-35951 at SUSECVE-2024-35951 at NVDCVE-2024-35952 at SUSECVE-2024-35952 at NVDCVE-2024-35953 at SUSECVE-2024-35953 at NVDCVE-2024-35954 at SUSECVE-2024-35954 at NVDCVE-2024-35955 at SUSECVE-2024-35955 at NVDCVE-2024-35958 at SUSECVE-2024-35958 at NVDCVE-2024-35959 at SUSECVE-2024-35959 at NVDCVE-2024-35960 at SUSECVE-2024-35960 at NVDCVE-2024-35961 at SUSECVE-2024-35961 at NVDCVE-2024-35963 at SUSECVE-2024-35963 at NVDCVE-2024-35965 at SUSECVE-2024-35965 at NVDCVE-2024-35966 at SUSECVE-2024-35966 at NVDCVE-2024-35967 at SUSECVE-2024-35967 at NVDCVE-2024-35971 at SUSECVE-2024-35971 at NVDCVE-2024-35972 at SUSECVE-2024-35972 at NVDCVE-2024-35973 at SUSECVE-2024-35973 at NVDCVE-2024-35974 at SUSECVE-2024-35974 at NVDCVE-2024-35975 at SUSECVE-2024-35975 at NVDCVE-2024-35977 at SUSECVE-2024-35977 at NVDCVE-2024-35978 at SUSECVE-2024-35978 at NVDCVE-2024-35982 at SUSECVE-2024-35982 at NVDCVE-2024-35984 at SUSECVE-2024-35984 at NVDCVE-2024-35986 at SUSECVE-2024-35986 at NVDCVE-2024-35989 at SUSECVE-2024-35989 at NVDCVE-2024-35990 at SUSECVE-2024-35990 at NVDCVE-2024-35992 at SUSECVE-2024-35992 at NVDCVE-2024-35995 at SUSECVE-2024-35995 at NVDCVE-2024-35997 at SUSECVE-2024-35997 at NVDCVE-2024-36002 at SUSECVE-2024-36002 at NVDCVE-2024-36009 at SUSECVE-2024-36009 at NVDCVE-2024-36011 at SUSECVE-2024-36011 at NVDCVE-2024-36012 at SUSECVE-2024-36012 at NVDCVE-2024-36014 at SUSECVE-2024-36014 at NVDCVE-2024-36018 at SUSECVE-2024-36018 at NVDCVE-2024-36019 at SUSECVE-2024-36019 at NVDCVE-2024-36020 at SUSECVE-2024-36020 at NVDCVE-2024-36021 at SUSECVE-2024-36021 at NVDCVE-2024-36025 at SUSECVE-2024-36025 at NVDCVE-2024-36026 at SUSECVE-2024-36026 at NVDCVE-2024-36029 at SUSECVE-2024-36029 at NVDCVE-2024-36032 at SUSECVE-2024-36032 at NVDCVE-2024-36476 at SUSECVE-2024-36476 at NVDCVE-2024-36880 at SUSECVE-2024-36880 at NVDCVE-2024-36885 at SUSECVE-2024-36885 at NVDCVE-2024-36891 at SUSECVE-2024-36891 at NVDCVE-2024-36893 at SUSECVE-2024-36893 at NVDCVE-2024-36894 at SUSECVE-2024-36894 at NVDCVE-2024-36895 at SUSECVE-2024-36895 at NVDCVE-2024-36896 at SUSECVE-2024-36896 at NVDCVE-2024-36897 at SUSECVE-2024-36897 at NVDCVE-2024-36898 at SUSECVE-2024-36898 at NVDCVE-2024-36906 at SUSECVE-2024-36906 at NVDCVE-2024-36908 at SUSECVE-2024-36908 at NVDCVE-2024-36921 at SUSECVE-2024-36921 at NVDCVE-2024-36922 at SUSECVE-2024-36922 at NVDCVE-2024-36928 at SUSECVE-2024-36928 at NVDCVE-2024-36930 at SUSECVE-2024-36930 at NVDCVE-2024-36931 at SUSECVE-2024-36931 at NVDCVE-2024-36940 at SUSECVE-2024-36940 at NVDCVE-2024-36941 at SUSECVE-2024-36941 at NVDCVE-2024-36942 at SUSECVE-2024-36942 at NVDCVE-2024-36944 at SUSECVE-2024-36944 at NVDCVE-2024-36949 at SUSECVE-2024-36949 at NVDCVE-2024-36950 at SUSECVE-2024-36950 at NVDCVE-2024-36951 at SUSECVE-2024-36951 at NVDCVE-2024-36955 at SUSECVE-2024-36955 at NVDCVE-2024-36959 at SUSECVE-2024-36959 at NVDCVE-2024-39282 at SUSECVE-2024-39282 at NVDCVE-2024-39480 at SUSECVE-2024-39480 at NVDCVE-2024-41042 at SUSECVE-2024-41042 at NVDCVE-2024-43913 at SUSECVE-2024-43913 at NVDCVE-2024-44934 at SUSECVE-2024-44934 at NVDCVE-2024-44996 at SUSECVE-2024-44996 at NVDCVE-2024-45828 at SUSECVE-2024-45828 at NVDCVE-2024-46896 at SUSECVE-2024-46896 at NVDCVE-2024-47141 at SUSECVE-2024-47141 at NVDCVE-2024-47143 at SUSECVE-2024-47143 at NVDCVE-2024-47678 at SUSECVE-2024-47678 at NVDCVE-2024-47809 at SUSECVE-2024-47809 at NVDCVE-2024-48873 at SUSECVE-2024-48873 at NVDCVE-2024-48881 at SUSECVE-2024-48881 at NVDCVE-2024-49569 at SUSECVE-2024-49569 at NVDCVE-2024-49854 at SUSECVE-2024-49854 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49915 at SUSECVE-2024-49915 at NVDCVE-2024-49948 at SUSECVE-2024-49948 at NVDCVE-2024-49951 at SUSECVE-2024-49951 at NVDCVE-2024-49978 at SUSECVE-2024-49978 at NVDCVE-2024-49998 at SUSECVE-2024-49998 at NVDCVE-2024-50016 at SUSECVE-2024-50016 at NVDCVE-2024-50018 at SUSECVE-2024-50018 at NVDCVE-2024-50039 at SUSECVE-2024-50039 at NVDCVE-2024-50047 at SUSECVE-2024-50047 at NVDCVE-2024-50051 at SUSECVE-2024-50051 at NVDCVE-2024-50106 at SUSECVE-2024-50106 at NVDCVE-2024-50143 at SUSECVE-2024-50143 at NVDCVE-2024-50151 at SUSECVE-2024-50151 at NVDCVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-50199 at SUSECVE-2024-50199 at NVDCVE-2024-50202 at SUSECVE-2024-50202 at NVDCVE-2024-50203 at SUSECVE-2024-50203 at NVDCVE-2024-50211 at SUSECVE-2024-50211 at NVDCVE-2024-50228 at SUSECVE-2024-50228 at NVDCVE-2024-50256 at SUSECVE-2024-50256 at NVDCVE-2024-50262 at SUSECVE-2024-50262 at NVDCVE-2024-50272 at SUSECVE-2024-50272 at NVDCVE-2024-50278 at SUSECVE-2024-50278 at NVDCVE-2024-50280 at SUSECVE-2024-50280 at NVDCVE-2024-50299 at SUSECVE-2024-50299 at NVDCVE-2024-52332 at SUSECVE-2024-52332 at NVDCVE-2024-53050 at SUSECVE-2024-53050 at NVDCVE-2024-53064 at SUSECVE-2024-53064 at NVDCVE-2024-53090 at SUSECVE-2024-53090 at NVDCVE-2024-53091 at SUSECVE-2024-53091 at NVDCVE-2024-53095 at SUSECVE-2024-53095 at NVDCVE-2024-53099 at SUSECVE-2024-53099 at NVDCVE-2024-53103 at SUSECVE-2024-53103 at NVDCVE-2024-53105 at SUSECVE-2024-53105 at NVDCVE-2024-53111 at SUSECVE-2024-53111 at NVDCVE-2024-53113 at SUSECVE-2024-53113 at NVDCVE-2024-53117 at SUSECVE-2024-53117 at NVDCVE-2024-53118 at SUSECVE-2024-53118 at NVDCVE-2024-53119 at SUSECVE-2024-53119 at NVDCVE-2024-53120 at SUSECVE-2024-53120 at NVDCVE-2024-53122 at SUSECVE-2024-53122 at NVDCVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-53126 at SUSECVE-2024-53126 at NVDCVE-2024-53127 at SUSECVE-2024-53127 at NVDCVE-2024-53129 at SUSECVE-2024-53129 at NVDCVE-2024-53130 at SUSECVE-2024-53130 at NVDCVE-2024-53131 at SUSECVE-2024-53131 at NVDCVE-2024-53133 at SUSECVE-2024-53133 at NVDCVE-2024-53134 at SUSECVE-2024-53134 at NVDCVE-2024-53136 at SUSECVE-2024-53136 at NVDCVE-2024-53141 at SUSECVE-2024-53141 at NVDCVE-2024-53142 at SUSECVE-2024-53142 at NVDCVE-2024-53144 at SUSECVE-2024-53144 at NVDCVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53148 at SUSECVE-2024-53148 at NVDCVE-2024-53150 at SUSECVE-2024-53150 at NVDCVE-2024-53151 at SUSECVE-2024-53151 at NVDCVE-2024-53154 at SUSECVE-2024-53154 at NVDCVE-2024-53155 at SUSECVE-2024-53155 at NVDCVE-2024-53156 at SUSECVE-2024-53156 at NVDCVE-2024-53157 at SUSECVE-2024-53157 at NVDCVE-2024-53158 at SUSECVE-2024-53158 at NVDCVE-2024-53159 at SUSECVE-2024-53159 at NVDCVE-2024-53160 at SUSECVE-2024-53160 at NVDCVE-2024-53161 at SUSECVE-2024-53161 at NVDCVE-2024-53162 at SUSECVE-2024-53162 at NVDCVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2024-53169 at SUSECVE-2024-53169 at NVDCVE-2024-53170 at SUSECVE-2024-53170 at NVDCVE-2024-53171 at SUSECVE-2024-53171 at NVDCVE-2024-53172 at SUSECVE-2024-53172 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53174 at SUSECVE-2024-53174 at NVDCVE-2024-53175 at SUSECVE-2024-53175 at NVDCVE-2024-53179 at SUSECVE-2024-53179 at NVDCVE-2024-53180 at SUSECVE-2024-53180 at NVDCVE-2024-53185 at SUSECVE-2024-53185 at NVDCVE-2024-53187 at SUSECVE-2024-53187 at NVDCVE-2024-53188 at SUSECVE-2024-53188 at NVDCVE-2024-53190 at SUSECVE-2024-53190 at NVDCVE-2024-53191 at SUSECVE-2024-53191 at NVDCVE-2024-53194 at SUSECVE-2024-53194 at NVDCVE-2024-53195 at SUSECVE-2024-53195 at NVDCVE-2024-53196 at SUSECVE-2024-53196 at NVDCVE-2024-53197 at SUSECVE-2024-53197 at NVDCVE-2024-53198 at SUSECVE-2024-53198 at NVDCVE-2024-53200 at SUSECVE-2024-53200 at NVDCVE-2024-53201 at SUSECVE-2024-53201 at NVDCVE-2024-53202 at SUSECVE-2024-53202 at NVDCVE-2024-53203 at SUSECVE-2024-53203 at NVDCVE-2024-53206 at SUSECVE-2024-53206 at NVDCVE-2024-53207 at SUSECVE-2024-53207 at NVDCVE-2024-53208 at SUSECVE-2024-53208 at NVDCVE-2024-53209 at SUSECVE-2024-53209 at NVDCVE-2024-53210 at SUSECVE-2024-53210 at NVDCVE-2024-53213 at SUSECVE-2024-53213 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-53215 at SUSECVE-2024-53215 at NVDCVE-2024-53216 at SUSECVE-2024-53216 at NVDCVE-2024-53217 at SUSECVE-2024-53217 at NVDCVE-2024-53222 at SUSECVE-2024-53222 at NVDCVE-2024-53224 at SUSECVE-2024-53224 at NVDCVE-2024-53227 at SUSECVE-2024-53227 at NVDCVE-2024-53229 at SUSECVE-2024-53229 at NVDCVE-2024-53230 at SUSECVE-2024-53230 at NVDCVE-2024-53231 at SUSECVE-2024-53231 at NVDCVE-2024-53232 at SUSECVE-2024-53232 at NVDCVE-2024-53233 at SUSECVE-2024-53233 at NVDCVE-2024-53234 at SUSECVE-2024-53234 at NVDCVE-2024-53236 at SUSECVE-2024-53236 at NVDCVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-53239 at SUSECVE-2024-53239 at NVDCVE-2024-53240 at SUSECVE-2024-53240 at NVDCVE-2024-53241 at SUSECVE-2024-53241 at NVDCVE-2024-53685 at SUSECVE-2024-53685 at NVDCVE-2024-53690 at SUSECVE-2024-53690 at NVDCVE-2024-54680 at SUSECVE-2024-54680 at NVDCVE-2024-55639 at SUSECVE-2024-55639 at NVDCVE-2024-55881 at SUSECVE-2024-55881 at NVDCVE-2024-55916 at SUSECVE-2024-55916 at NVDCVE-2024-56369 at SUSECVE-2024-56369 at NVDCVE-2024-56372 at SUSECVE-2024-56372 at NVDCVE-2024-56531 at SUSECVE-2024-56531 at NVDCVE-2024-56532 at SUSECVE-2024-56532 at NVDCVE-2024-56533 at SUSECVE-2024-56533 at NVDCVE-2024-56536 at SUSECVE-2024-56536 at NVDCVE-2024-56538 at SUSECVE-2024-56538 at NVDCVE-2024-56539 at SUSECVE-2024-56539 at NVDCVE-2024-56543 at SUSECVE-2024-56543 at NVDCVE-2024-56546 at SUSECVE-2024-56546 at NVDCVE-2024-56548 at SUSECVE-2024-56548 at NVDCVE-2024-56549 at SUSECVE-2024-56549 at NVDCVE-2024-56551 at SUSECVE-2024-56551 at NVDCVE-2024-56557 at SUSECVE-2024-56557 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-56562 at SUSECVE-2024-56562 at NVDCVE-2024-56566 at SUSECVE-2024-56566 at NVDCVE-2024-56567 at SUSECVE-2024-56567 at NVDCVE-2024-56568 at SUSECVE-2024-56568 at NVDCVE-2024-56569 at SUSECVE-2024-56569 at NVDCVE-2024-56570 at SUSECVE-2024-56570 at NVDCVE-2024-56571 at SUSECVE-2024-56571 at NVDCVE-2024-56572 at SUSECVE-2024-56572 at NVDCVE-2024-56573 at SUSECVE-2024-56573 at NVDCVE-2024-56574 at SUSECVE-2024-56574 at NVDCVE-2024-56575 at SUSECVE-2024-56575 at NVDCVE-2024-56576 at SUSECVE-2024-56576 at NVDCVE-2024-56577 at SUSECVE-2024-56577 at NVDCVE-2024-56578 at SUSECVE-2024-56578 at NVDCVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56584 at SUSECVE-2024-56584 at NVDCVE-2024-56587 at SUSECVE-2024-56587 at NVDCVE-2024-56588 at SUSECVE-2024-56588 at NVDCVE-2024-56589 at SUSECVE-2024-56589 at NVDCVE-2024-56590 at SUSECVE-2024-56590 at NVDCVE-2024-56593 at SUSECVE-2024-56593 at NVDCVE-2024-56594 at SUSECVE-2024-56594 at NVDCVE-2024-56595 at SUSECVE-2024-56595 at NVDCVE-2024-56596 at SUSECVE-2024-56596 at NVDCVE-2024-56597 at SUSECVE-2024-56597 at NVDCVE-2024-56598 at SUSECVE-2024-56598 at NVDCVE-2024-56599 at SUSECVE-2024-56599 at NVDCVE-2024-5660 at SUSECVE-2024-5660 at NVDCVE-2024-56600 at SUSECVE-2024-56600 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56602 at SUSECVE-2024-56602 at NVDCVE-2024-56603 at SUSECVE-2024-56603 at NVDCVE-2024-56604 at SUSECVE-2024-56604 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDCVE-2024-56606 at SUSECVE-2024-56606 at NVDCVE-2024-56607 at SUSECVE-2024-56607 at NVDCVE-2024-56608 at SUSECVE-2024-56608 at NVDCVE-2024-56609 at SUSECVE-2024-56609 at NVDCVE-2024-56610 at SUSECVE-2024-56610 at NVDCVE-2024-56611 at SUSECVE-2024-56611 at NVDCVE-2024-56614 at SUSECVE-2024-56614 at NVDCVE-2024-56615 at SUSECVE-2024-56615 at NVDCVE-2024-56616 at SUSECVE-2024-56616 at NVDCVE-2024-56617 at SUSECVE-2024-56617 at NVDCVE-2024-56619 at SUSECVE-2024-56619 at NVDCVE-2024-56620 at SUSECVE-2024-56620 at NVDCVE-2024-56622 at SUSECVE-2024-56622 at NVDCVE-2024-56623 at SUSECVE-2024-56623 at NVDCVE-2024-56625 at SUSECVE-2024-56625 at NVDCVE-2024-56629 at SUSECVE-2024-56629 at NVDCVE-2024-56630 at SUSECVE-2024-56630 at NVDCVE-2024-56631 at SUSECVE-2024-56631 at NVDCVE-2024-56632 at SUSECVE-2024-56632 at NVDCVE-2024-56634 at SUSECVE-2024-56634 at NVDCVE-2024-56635 at SUSECVE-2024-56635 at NVDCVE-2024-56636 at SUSECVE-2024-56636 at NVDCVE-2024-56637 at SUSECVE-2024-56637 at NVDCVE-2024-56641 at SUSECVE-2024-56641 at NVDCVE-2024-56642 at SUSECVE-2024-56642 at NVDCVE-2024-56643 at SUSECVE-2024-56643 at NVDCVE-2024-56644 at SUSECVE-2024-56644 at NVDCVE-2024-56645 at SUSECVE-2024-56645 at NVDCVE-2024-56648 at SUSECVE-2024-56648 at NVDCVE-2024-56649 at SUSECVE-2024-56649 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-56651 at SUSECVE-2024-56651 at NVDCVE-2024-56654 at SUSECVE-2024-56654 at NVDCVE-2024-56656 at SUSECVE-2024-56656 at NVDCVE-2024-56659 at SUSECVE-2024-56659 at NVDCVE-2024-56660 at SUSECVE-2024-56660 at NVDCVE-2024-56661 at SUSECVE-2024-56661 at NVDCVE-2024-56662 at SUSECVE-2024-56662 at NVDCVE-2024-56663 at SUSECVE-2024-56663 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2024-56665 at SUSECVE-2024-56665 at NVDCVE-2024-56667 at SUSECVE-2024-56667 at NVDCVE-2024-56670 at SUSECVE-2024-56670 at NVDCVE-2024-56672 at SUSECVE-2024-56672 at NVDCVE-2024-56675 at SUSECVE-2024-56675 at NVDCVE-2024-56677 at SUSECVE-2024-56677 at NVDCVE-2024-56678 at SUSECVE-2024-56678 at NVDCVE-2024-56679 at SUSECVE-2024-56679 at NVDCVE-2024-56681 at SUSECVE-2024-56681 at NVDCVE-2024-56683 at SUSECVE-2024-56683 at NVDCVE-2024-56687 at SUSECVE-2024-56687 at NVDCVE-2024-56688 at SUSECVE-2024-56688 at NVDCVE-2024-56690 at SUSECVE-2024-56690 at NVDCVE-2024-56691 at SUSECVE-2024-56691 at NVDCVE-2024-56693 at SUSECVE-2024-56693 at NVDCVE-2024-56694 at SUSECVE-2024-56694 at NVDCVE-2024-56698 at SUSECVE-2024-56698 at NVDCVE-2024-56700 at SUSECVE-2024-56700 at NVDCVE-2024-56701 at SUSECVE-2024-56701 at NVDCVE-2024-56704 at SUSECVE-2024-56704 at NVDCVE-2024-56705 at SUSECVE-2024-56705 at NVDCVE-2024-56707 at SUSECVE-2024-56707 at NVDCVE-2024-56708 at SUSECVE-2024-56708 at NVDCVE-2024-56709 at SUSECVE-2024-56709 at NVDCVE-2024-56712 at SUSECVE-2024-56712 at NVDCVE-2024-56715 at SUSECVE-2024-56715 at NVDCVE-2024-56716 at SUSECVE-2024-56716 at NVDCVE-2024-56722 at SUSECVE-2024-56722 at NVDCVE-2024-56723 at SUSECVE-2024-56723 at NVDCVE-2024-56724 at SUSECVE-2024-56724 at NVDCVE-2024-56725 at SUSECVE-2024-56725 at NVDCVE-2024-56726 at SUSECVE-2024-56726 at NVDCVE-2024-56727 at SUSECVE-2024-56727 at NVDCVE-2024-56728 at SUSECVE-2024-56728 at NVDCVE-2024-56729 at SUSECVE-2024-56729 at NVDCVE-2024-56739 at SUSECVE-2024-56739 at NVDCVE-2024-56741 at SUSECVE-2024-56741 at NVDCVE-2024-56745 at SUSECVE-2024-56745 at NVDCVE-2024-56746 at SUSECVE-2024-56746 at NVDCVE-2024-56747 at SUSECVE-2024-56747 at NVDCVE-2024-56748 at SUSECVE-2024-56748 at NVDCVE-2024-56752 at SUSECVE-2024-56752 at NVDCVE-2024-56754 at SUSECVE-2024-56754 at NVDCVE-2024-56755 at SUSECVE-2024-56755 at NVDCVE-2024-56756 at SUSECVE-2024-56756 at NVDCVE-2024-56759 at SUSECVE-2024-56759 at NVDCVE-2024-56760 at SUSECVE-2024-56760 at NVDCVE-2024-56763 at SUSECVE-2024-56763 at NVDCVE-2024-56765 at SUSECVE-2024-56765 at NVDCVE-2024-56766 at SUSECVE-2024-56766 at NVDCVE-2024-56767 at SUSECVE-2024-56767 at NVDCVE-2024-56769 at SUSECVE-2024-56769 at NVDCVE-2024-56774 at SUSECVE-2024-56774 at NVDCVE-2024-56775 at SUSECVE-2024-56775 at NVDCVE-2024-56776 at SUSECVE-2024-56776 at NVDCVE-2024-56777 at SUSECVE-2024-56777 at NVDCVE-2024-56778 at SUSECVE-2024-56778 at NVDCVE-2024-56779 at SUSECVE-2024-56779 at NVDCVE-2024-56780 at SUSECVE-2024-56780 at NVDCVE-2024-56787 at SUSECVE-2024-56787 at NVDCVE-2024-57791 at SUSECVE-2024-57791 at NVDCVE-2024-57792 at SUSECVE-2024-57792 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57795 at SUSECVE-2024-57795 at NVDCVE-2024-57798 at SUSECVE-2024-57798 at NVDCVE-2024-57801 at SUSECVE-2024-57801 at NVDCVE-2024-57802 at SUSECVE-2024-57802 at NVDCVE-2024-57804 at SUSECVE-2024-57804 at NVDCVE-2024-57809 at SUSECVE-2024-57809 at NVDCVE-2024-57838 at SUSECVE-2024-57838 at NVDCVE-2024-57849 at SUSECVE-2024-57849 at NVDCVE-2024-57850 at SUSECVE-2024-57850 at NVDCVE-2024-57857 at SUSECVE-2024-57857 at NVDCVE-2024-57874 at SUSECVE-2024-57874 at NVDCVE-2024-57876 at SUSECVE-2024-57876 at NVDCVE-2024-57884 at SUSECVE-2024-57884 at NVDCVE-2024-57887 at SUSECVE-2024-57887 at NVDCVE-2024-57888 at SUSECVE-2024-57888 at NVDCVE-2024-57890 at SUSECVE-2024-57890 at NVDCVE-2024-57892 at SUSECVE-2024-57892 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2024-57896 at SUSECVE-2024-57896 at NVDCVE-2024-57897 at SUSECVE-2024-57897 at NVDCVE-2024-57899 at SUSECVE-2024-57899 at NVDCVE-2024-57903 at SUSECVE-2024-57903 at NVDCVE-2024-57904 at SUSECVE-2024-57904 at NVDCVE-2024-57906 at SUSECVE-2024-57906 at NVDCVE-2024-57907 at SUSECVE-2024-57907 at NVDCVE-2024-57908 at SUSECVE-2024-57908 at NVDCVE-2024-57910 at SUSECVE-2024-57910 at NVDCVE-2024-57911 at SUSECVE-2024-57911 at NVDCVE-2024-57912 at SUSECVE-2024-57912 at NVDCVE-2024-57913 at SUSECVE-2024-57913 at NVDCVE-2024-57915 at SUSECVE-2024-57915 at NVDCVE-2024-57916 at SUSECVE-2024-57916 at NVDCVE-2024-57917 at SUSECVE-2024-57917 at NVDCVE-2024-57922 at SUSECVE-2024-57922 at NVDCVE-2024-57926 at SUSECVE-2024-57926 at NVDCVE-2024-57929 at SUSECVE-2024-57929 at NVDCVE-2024-57931 at SUSECVE-2024-57931 at NVDCVE-2024-57932 at SUSECVE-2024-57932 at NVDCVE-2024-57933 at SUSECVE-2024-57933 at NVDCVE-2024-57935 at SUSECVE-2024-57935 at NVDCVE-2024-57936 at SUSECVE-2024-57936 at NVDCVE-2024-57938 at SUSECVE-2024-57938 at NVDCVE-2024-57940 at SUSECVE-2024-57940 at NVDCVE-2024-57946 at SUSECVE-2024-57946 at NVDCVE-2024-8805 at SUSECVE-2024-8805 at NVDCVE-2025-21632 at SUSECVE-2025-21632 at NVDCVE-2025-21645 at SUSECVE-2025-21645 at NVDCVE-2025-21646 at SUSECVE-2025-21646 at NVDCVE-2025-21649 at SUSECVE-2025-21649 at NVDCVE-2025-21650 at SUSECVE-2025-21650 at NVDCVE-2025-21651 at SUSECVE-2025-21651 at NVDCVE-2025-21652 at SUSECVE-2025-21652 at NVDCVE-2025-21653 at SUSECVE-2025-21653 at NVDCVE-2025-21655 at SUSECVE-2025-21655 at NVDCVE-2025-21656 at SUSECVE-2025-21656 at NVDCVE-2025-21662 at SUSECVE-2025-21662 at NVDCVE-2025-21663 at SUSECVE-2025-21663 at NVDCVE-2025-21664 at SUSECVE-2025-21664 at NVDCVE-2025-21674 at SUSECVE-2025-21674 at NVDCVE-2025-21676 at SUSECVE-2025-21676 at NVDCVE-2025-21682 at SUSECVE-2025-21682 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
The following non-security bugs were fixed:
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- drm: Add valid clones check (stable-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- Drop AMDGPU patch that may cause regressions (bsc#1243782)
- exfat: fix potential wrong error return from get_block (git-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add more controllers (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kernel-obs-qa: Use srchash for dependency as well
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: delete redundant judgment statements (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug (git-fixes)
- Refresh fixes for cBPF issue (bsc#1242778)
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" (stable-fixes).
- Revert "drm/amdgpu: do not allow userspace to create a doorbell BO" (stable-fixes).
- Revert "drm/amd: Keep display off while going into S4" (git-fixes).
- Revert "drm/amd: Stop evicting resources on APUs in suspend" (stable-fixes).
- Revert "rndis_host: Flag RNDIS modems as WWAN devices" (git-fixes).
- Revert "wifi: mt76: mt7996: fill txd by host driver" (stable-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: Improve CDL control (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's "next" indication (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
ImportantSUSE bug 1220112SUSE bug 1223096SUSE bug 1226498SUSE bug 1228557SUSE bug 1228854SUSE bug 1229491SUSE bug 1230581SUSE bug 1231016SUSE bug 1232649SUSE bug 1232882SUSE bug 1233192SUSE bug 1234154SUSE bug 1235149SUSE bug 1235968SUSE bug 1236142SUSE bug 1236208SUSE bug 1237312SUSE bug 1238212SUSE bug 1238473SUSE bug 1238774SUSE bug 1238992SUSE bug 1239691SUSE bug 1239925SUSE bug 1240593SUSE bug 1240823SUSE bug 1240866SUSE bug 1240966SUSE bug 1241148SUSE bug 1241282SUSE bug 1241305SUSE bug 1241340SUSE bug 1241351SUSE bug 1241376SUSE bug 1241448SUSE bug 1241457SUSE bug 1241492SUSE bug 1241519SUSE bug 1241525SUSE bug 1241533SUSE bug 1241538SUSE bug 1241576SUSE bug 1241590SUSE bug 1241595SUSE bug 1241596SUSE bug 1241597SUSE bug 1241625SUSE bug 1241627SUSE bug 1241635SUSE bug 1241638SUSE bug 1241644SUSE bug 1241654SUSE bug 1241657SUSE bug 1242012SUSE bug 1242035SUSE bug 1242044SUSE bug 1242163SUSE bug 1242203SUSE bug 1242343SUSE bug 1242414SUSE bug 1242417SUSE bug 1242501SUSE bug 1242502SUSE bug 1242506SUSE bug 1242507SUSE bug 1242509SUSE bug 1242510SUSE bug 1242512SUSE bug 1242513SUSE bug 1242514SUSE bug 1242520SUSE bug 1242523SUSE bug 1242524SUSE bug 1242529SUSE bug 1242530SUSE bug 1242531SUSE bug 1242532SUSE bug 1242559SUSE bug 1242563SUSE bug 1242564SUSE bug 1242565SUSE bug 1242566SUSE bug 1242567SUSE bug 1242568SUSE bug 1242569SUSE bug 1242574SUSE bug 1242575SUSE bug 1242578SUSE bug 1242584SUSE bug 1242585SUSE bug 1242587SUSE bug 1242591SUSE bug 1242709SUSE bug 1242727SUSE bug 1242758SUSE bug 1242760SUSE bug 1242761SUSE bug 1242762SUSE bug 1242763SUSE bug 1242764SUSE bug 1242766SUSE bug 1242770SUSE bug 1242778SUSE bug 1242781SUSE bug 1242782SUSE bug 1242785SUSE bug 1242786SUSE bug 1242792SUSE bug 1242849SUSE bug 1242852SUSE bug 1242854SUSE bug 1242856SUSE bug 1242859SUSE bug 1242860SUSE bug 1242861SUSE bug 1242866SUSE bug 1242867SUSE bug 1242868SUSE bug 1242871SUSE bug 1242873SUSE bug 1242875SUSE bug 1242906SUSE bug 1242908SUSE bug 1242924SUSE bug 1242930SUSE bug 1242944SUSE bug 1242945SUSE bug 1242948SUSE bug 1242949SUSE bug 1242951SUSE bug 1242953SUSE bug 1242955SUSE bug 1242957SUSE bug 1242959SUSE bug 1242961SUSE bug 1242962SUSE bug 1242973SUSE bug 1242974SUSE bug 1242977SUSE bug 1242990SUSE bug 1242993SUSE bug 1243000SUSE bug 1243006SUSE bug 1243011SUSE bug 1243015SUSE bug 1243044SUSE bug 1243049SUSE bug 1243056SUSE bug 1243074SUSE bug 1243076SUSE bug 1243077SUSE bug 1243082SUSE bug 1243090SUSE bug 1243330SUSE bug 1243342SUSE bug 1243456SUSE bug 1243469SUSE bug 1243470SUSE bug 1243471SUSE bug 1243472SUSE bug 1243473SUSE bug 1243476SUSE bug 1243509SUSE bug 1243511SUSE bug 1243513SUSE bug 1243515SUSE bug 1243516SUSE bug 1243517SUSE bug 1243519SUSE bug 1243522SUSE bug 1243524SUSE bug 1243528SUSE bug 1243529SUSE bug 1243530SUSE bug 1243534SUSE bug 1243536SUSE bug 1243539SUSE bug 1243540SUSE bug 1243541SUSE bug 1243543SUSE bug 1243545SUSE bug 1243547SUSE bug 1243559SUSE bug 1243560SUSE bug 1243562SUSE bug 1243567SUSE bug 1243573SUSE bug 1243574SUSE bug 1243575SUSE bug 1243589SUSE bug 1243621SUSE bug 1243624SUSE bug 1243625SUSE bug 1243626SUSE bug 1243627SUSE bug 1243649SUSE bug 1243657SUSE bug 1243658SUSE bug 1243659SUSE bug 1243660SUSE bug 1243664SUSE bug 1243737SUSE bug 1243782SUSE bug 1243805SUSE bug 1243963SUSE bug 1244145SUSE bug 1244261CVE-2023-52888 at SUSECVE-2023-52888 at NVDCVE-2023-53146 at SUSECVE-2023-53146 at NVDCVE-2024-43869 at SUSECVE-2024-43869 at NVDCVE-2024-46713 at SUSECVE-2024-46713 at NVDCVE-2024-50106 at SUSECVE-2024-50106 at NVDCVE-2024-50223 at SUSECVE-2024-50223 at NVDCVE-2024-53135 at SUSECVE-2024-53135 at NVDCVE-2024-54458 at SUSECVE-2024-54458 at NVDCVE-2024-58098 at SUSECVE-2024-58098 at NVDCVE-2024-58099 at SUSECVE-2024-58099 at NVDCVE-2024-58100 at SUSECVE-2024-58100 at NVDCVE-2024-58237 at SUSECVE-2024-58237 at NVDCVE-2025-21629 at SUSECVE-2025-21629 at NVDCVE-2025-21648 at SUSECVE-2025-21648 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-21787 at SUSECVE-2025-21787 at NVDCVE-2025-21814 at SUSECVE-2025-21814 at NVDCVE-2025-21919 at SUSECVE-2025-21919 at NVDCVE-2025-21997 at SUSECVE-2025-21997 at NVDCVE-2025-22005 at SUSECVE-2025-22005 at NVDCVE-2025-22021 at SUSECVE-2025-22021 at NVDCVE-2025-22030 at SUSECVE-2025-22030 at NVDCVE-2025-22056 at SUSECVE-2025-22056 at NVDCVE-2025-22057 at SUSECVE-2025-22057 at NVDCVE-2025-22063 at SUSECVE-2025-22063 at NVDCVE-2025-22066 at SUSECVE-2025-22066 at NVDCVE-2025-22070 at SUSECVE-2025-22070 at NVDCVE-2025-22089 at SUSECVE-2025-22089 at NVDCVE-2025-22095 at SUSECVE-2025-22095 at NVDCVE-2025-22103 at SUSECVE-2025-22103 at NVDCVE-2025-22119 at SUSECVE-2025-22119 at NVDCVE-2025-22124 at SUSECVE-2025-22124 at NVDCVE-2025-22125 at SUSECVE-2025-22125 at NVDCVE-2025-22126 at SUSECVE-2025-22126 at NVDCVE-2025-23140 at SUSECVE-2025-23140 at NVDCVE-2025-23141 at SUSECVE-2025-23141 at NVDCVE-2025-23142 at SUSECVE-2025-23142 at NVDCVE-2025-23144 at SUSECVE-2025-23144 at NVDCVE-2025-23146 at SUSECVE-2025-23146 at NVDCVE-2025-23147 at SUSECVE-2025-23147 at NVDCVE-2025-23148 at SUSECVE-2025-23148 at NVDCVE-2025-23149 at SUSECVE-2025-23149 at NVDCVE-2025-23150 at SUSECVE-2025-23150 at NVDCVE-2025-23151 at SUSECVE-2025-23151 at NVDCVE-2025-23156 at SUSECVE-2025-23156 at NVDCVE-2025-23157 at SUSECVE-2025-23157 at NVDCVE-2025-23158 at SUSECVE-2025-23158 at NVDCVE-2025-23159 at SUSECVE-2025-23159 at NVDCVE-2025-23160 at SUSECVE-2025-23160 at NVDCVE-2025-23161 at SUSECVE-2025-23161 at NVDCVE-2025-37740 at SUSECVE-2025-37740 at NVDCVE-2025-37741 at SUSECVE-2025-37741 at NVDCVE-2025-37742 at SUSECVE-2025-37742 at NVDCVE-2025-37743 at SUSECVE-2025-37743 at NVDCVE-2025-37747 at SUSECVE-2025-37747 at NVDCVE-2025-37748 at SUSECVE-2025-37748 at NVDCVE-2025-37749 at SUSECVE-2025-37749 at NVDCVE-2025-37750 at SUSECVE-2025-37750 at NVDCVE-2025-37754 at SUSECVE-2025-37754 at NVDCVE-2025-37755 at SUSECVE-2025-37755 at NVDCVE-2025-37758 at SUSECVE-2025-37758 at NVDCVE-2025-37765 at SUSECVE-2025-37765 at NVDCVE-2025-37766 at SUSECVE-2025-37766 at NVDCVE-2025-37767 at SUSECVE-2025-37767 at NVDCVE-2025-37768 at SUSECVE-2025-37768 at NVDCVE-2025-37769 at SUSECVE-2025-37769 at NVDCVE-2025-37770 at SUSECVE-2025-37770 at NVDCVE-2025-37771 at SUSECVE-2025-37771 at NVDCVE-2025-37772 at SUSECVE-2025-37772 at NVDCVE-2025-37773 at SUSECVE-2025-37773 at NVDCVE-2025-37780 at SUSECVE-2025-37780 at NVDCVE-2025-37781 at SUSECVE-2025-37781 at NVDCVE-2025-37782 at SUSECVE-2025-37782 at NVDCVE-2025-37787 at SUSECVE-2025-37787 at NVDCVE-2025-37788 at SUSECVE-2025-37788 at NVDCVE-2025-37789 at SUSECVE-2025-37789 at NVDCVE-2025-37790 at SUSECVE-2025-37790 at NVDCVE-2025-37792 at SUSECVE-2025-37792 at NVDCVE-2025-37793 at SUSECVE-2025-37793 at NVDCVE-2025-37794 at SUSECVE-2025-37794 at NVDCVE-2025-37796 at SUSECVE-2025-37796 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37800 at SUSECVE-2025-37800 at NVDCVE-2025-37803 at SUSECVE-2025-37803 at NVDCVE-2025-37804 at SUSECVE-2025-37804 at NVDCVE-2025-37805 at SUSECVE-2025-37805 at NVDCVE-2025-37809 at SUSECVE-2025-37809 at NVDCVE-2025-37810 at SUSECVE-2025-37810 at NVDCVE-2025-37812 at SUSECVE-2025-37812 at NVDCVE-2025-37815 at SUSECVE-2025-37815 at NVDCVE-2025-37819 at SUSECVE-2025-37819 at NVDCVE-2025-37820 at SUSECVE-2025-37820 at NVDCVE-2025-37823 at SUSECVE-2025-37823 at NVDCVE-2025-37824 at SUSECVE-2025-37824 at NVDCVE-2025-37829 at SUSECVE-2025-37829 at NVDCVE-2025-37830 at SUSECVE-2025-37830 at NVDCVE-2025-37831 at SUSECVE-2025-37831 at NVDCVE-2025-37833 at SUSECVE-2025-37833 at NVDCVE-2025-37836 at SUSECVE-2025-37836 at NVDCVE-2025-37839 at SUSECVE-2025-37839 at NVDCVE-2025-37840 at SUSECVE-2025-37840 at NVDCVE-2025-37841 at SUSECVE-2025-37841 at NVDCVE-2025-37842 at SUSECVE-2025-37842 at NVDCVE-2025-37849 at SUSECVE-2025-37849 at NVDCVE-2025-37850 at SUSECVE-2025-37850 at NVDCVE-2025-37851 at SUSECVE-2025-37851 at NVDCVE-2025-37852 at SUSECVE-2025-37852 at NVDCVE-2025-37853 at SUSECVE-2025-37853 at NVDCVE-2025-37854 at SUSECVE-2025-37854 at NVDCVE-2025-37858 at SUSECVE-2025-37858 at NVDCVE-2025-37867 at SUSECVE-2025-37867 at NVDCVE-2025-37870 at SUSECVE-2025-37870 at NVDCVE-2025-37871 at SUSECVE-2025-37871 at NVDCVE-2025-37873 at SUSECVE-2025-37873 at NVDCVE-2025-37875 at SUSECVE-2025-37875 at NVDCVE-2025-37879 at SUSECVE-2025-37879 at NVDCVE-2025-37881 at SUSECVE-2025-37881 at NVDCVE-2025-37886 at SUSECVE-2025-37886 at NVDCVE-2025-37887 at SUSECVE-2025-37887 at NVDCVE-2025-37889 at SUSECVE-2025-37889 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-37891 at SUSECVE-2025-37891 at NVDCVE-2025-37892 at SUSECVE-2025-37892 at NVDCVE-2025-37897 at SUSECVE-2025-37897 at NVDCVE-2025-37900 at SUSECVE-2025-37900 at NVDCVE-2025-37901 at SUSECVE-2025-37901 at NVDCVE-2025-37903 at SUSECVE-2025-37903 at NVDCVE-2025-37905 at SUSECVE-2025-37905 at NVDCVE-2025-37911 at SUSECVE-2025-37911 at NVDCVE-2025-37912 at SUSECVE-2025-37912 at NVDCVE-2025-37913 at SUSECVE-2025-37913 at NVDCVE-2025-37914 at SUSECVE-2025-37914 at NVDCVE-2025-37915 at SUSECVE-2025-37915 at NVDCVE-2025-37918 at SUSECVE-2025-37918 at NVDCVE-2025-37925 at SUSECVE-2025-37925 at NVDCVE-2025-37928 at SUSECVE-2025-37928 at NVDCVE-2025-37929 at SUSECVE-2025-37929 at NVDCVE-2025-37930 at SUSECVE-2025-37930 at NVDCVE-2025-37931 at SUSECVE-2025-37931 at NVDCVE-2025-37932 at SUSECVE-2025-37932 at NVDCVE-2025-37937 at SUSECVE-2025-37937 at NVDCVE-2025-37943 at SUSECVE-2025-37943 at NVDCVE-2025-37944 at SUSECVE-2025-37944 at NVDCVE-2025-37948 at SUSECVE-2025-37948 at NVDCVE-2025-37949 at SUSECVE-2025-37949 at NVDCVE-2025-37951 at SUSECVE-2025-37951 at NVDCVE-2025-37953 at SUSECVE-2025-37953 at NVDCVE-2025-37954 at SUSECVE-2025-37954 at NVDCVE-2025-37957 at SUSECVE-2025-37957 at NVDCVE-2025-37958 at SUSECVE-2025-37958 at NVDCVE-2025-37959 at SUSECVE-2025-37959 at NVDCVE-2025-37960 at SUSECVE-2025-37960 at NVDCVE-2025-37963 at SUSECVE-2025-37963 at NVDCVE-2025-37969 at SUSECVE-2025-37969 at NVDCVE-2025-37970 at SUSECVE-2025-37970 at NVDCVE-2025-37972 at SUSECVE-2025-37972 at NVDCVE-2025-37974 at SUSECVE-2025-37974 at NVDCVE-2025-37978 at SUSECVE-2025-37978 at NVDCVE-2025-37979 at SUSECVE-2025-37979 at NVDCVE-2025-37980 at SUSECVE-2025-37980 at NVDCVE-2025-37982 at SUSECVE-2025-37982 at NVDCVE-2025-37983 at SUSECVE-2025-37983 at NVDCVE-2025-37985 at SUSECVE-2025-37985 at NVDCVE-2025-37986 at SUSECVE-2025-37986 at NVDCVE-2025-37989 at SUSECVE-2025-37989 at NVDCVE-2025-37990 at SUSECVE-2025-37990 at NVDCVE-2025-38104 at SUSECVE-2025-38104 at NVDCVE-2025-38152 at SUSECVE-2025-38152 at NVDCVE-2025-38240 at SUSECVE-2025-38240 at NVDCVE-2025-38637 at SUSECVE-2025-38637 at NVDCVE-2025-39735 at SUSECVE-2025-39735 at NVDCVE-2025-40014 at SUSECVE-2025-40014 at NVDCVE-2025-40325 at SUSECVE-2025-40325 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-21938: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr (bsc#1240723).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related
to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).
- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).
- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).
- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).
- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (bsc#1243537).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).
- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).
- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
The following non-security bugs were fixed:
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- Drop AMDGPU patch that may cause regressions (bsc#1243782)
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add more controllers (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- Move upstreamed patches into sorted section
- Move upstreamed tpm patch into sorted section
- NFS: Do not allow waiting for exiting tasks (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- Refresh fixes for cBPF issue (bsc#1242778)
- Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" (stable-fixes).
- Revert "drm/amd: Keep display off while going into S4" (git-fixes).
- Revert "drm/amd: Stop evicting resources on APUs in suspend" (stable-fixes).
- Revert "drm/amdgpu: do not allow userspace to create a doorbell BO" (stable-fixes).
- Revert "rndis_host: Flag RNDIS modems as WWAN devices" (git-fixes).
- Revert "wifi: mt76: mt7996: fill txd by host driver" (stable-fixes).
- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).
- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).
- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).
- SUNRPC: rpcbind should never reset the port to the value '0' (git-fixes).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- drm: Add valid clones check (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- exfat: fix potential wrong error return from get_block (git-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- iommu: Protect against overflow in iommu_pgsize() (git-fixes).
- ip6mr: fix tables suspicious RCU usage (git-fixes).
- ip_tunnel: annotate data-races around t->parms.link (git-fixes).
- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).
- ipmr: fix tables suspicious RCU usage (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Convert ip_route_input() to dscp_t (git-fixes).
- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: save dontfrag in cork (git-fixes).
- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kABI: ipv6: save dontfrag in cork (git-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).
- neighbour: delete redundant judgment statements (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/neighbor: clear error in case strict check is not set (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: add rcu safety to rtnl_prop_list_size() (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: fix udp gso skb_segment after pull from frag_list (git-fixes).
- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- net: linkwatch: use system_unbound_wq (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net: page_pool: fix warning code (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).
- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).
- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).
- net: sched: fix erspan_opt settings in cls_flower (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).
- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- orangefs: Do not truncate file size (git-fixes).
- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).
- pstore: Change kmsg_bytes storage size to u32 (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- scsi: Improve CDL control (git-fixes).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).
- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (git-fixes).
- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- udp: annotate data-races around up->pending (git-fixes).
- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).
- udp: fix receiving fraglist GSO packets (git-fixes).
- udp: preserve the connected status if only UDP cmsg (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in
mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's "next" indication (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).
ImportantSUSE bug 1215199SUSE bug 1220112SUSE bug 1223096SUSE bug 1226498SUSE bug 1228557SUSE bug 1228854SUSE bug 1229491SUSE bug 1230581SUSE bug 1231016SUSE bug 1232504SUSE bug 1232649SUSE bug 1232882SUSE bug 1233192SUSE bug 1234154SUSE bug 1235149SUSE bug 1235728SUSE bug 1235968SUSE bug 1236142SUSE bug 1236208SUSE bug 1237312SUSE bug 1238212SUSE bug 1238473SUSE bug 1238774SUSE bug 1238992SUSE bug 1239691SUSE bug 1239925SUSE bug 1240180SUSE bug 1240593SUSE bug 1240723SUSE bug 1240823SUSE bug 1240866SUSE bug 1240966SUSE bug 1241148SUSE bug 1241282SUSE bug 1241305SUSE bug 1241340SUSE bug 1241351SUSE bug 1241376SUSE bug 1241448SUSE bug 1241457SUSE bug 1241492SUSE bug 1241519SUSE bug 1241525SUSE bug 1241533SUSE bug 1241538SUSE bug 1241576SUSE bug 1241590SUSE bug 1241595SUSE bug 1241596SUSE bug 1241597SUSE bug 1241617SUSE bug 1241625SUSE bug 1241627SUSE bug 1241635SUSE bug 1241638SUSE bug 1241644SUSE bug 1241654SUSE bug 1241657SUSE bug 1242012SUSE bug 1242035SUSE bug 1242044SUSE bug 1242086SUSE bug 1242163SUSE bug 1242203SUSE bug 1242343SUSE bug 1242414SUSE bug 1242417SUSE bug 1242501SUSE bug 1242502SUSE bug 1242504SUSE bug 1242506SUSE bug 1242507SUSE bug 1242509SUSE bug 1242510SUSE bug 1242512SUSE bug 1242513SUSE bug 1242514SUSE bug 1242520SUSE bug 1242523SUSE bug 1242524SUSE bug 1242529SUSE bug 1242530SUSE bug 1242531SUSE bug 1242532SUSE bug 1242559SUSE bug 1242563SUSE bug 1242564SUSE bug 1242565SUSE bug 1242566SUSE bug 1242567SUSE bug 1242568SUSE bug 1242569SUSE bug 1242573SUSE bug 1242574SUSE bug 1242575SUSE bug 1242578SUSE bug 1242584SUSE bug 1242585SUSE bug 1242587SUSE bug 1242591SUSE bug 1242709SUSE bug 1242727SUSE bug 1242758SUSE bug 1242760SUSE bug 1242761SUSE bug 1242762SUSE bug 1242763SUSE bug 1242764SUSE bug 1242766SUSE bug 1242770SUSE bug 1242778SUSE bug 1242781SUSE bug 1242782SUSE bug 1242785SUSE bug 1242786SUSE bug 1242792SUSE bug 1242846SUSE bug 1242849SUSE bug 1242850SUSE bug 1242852SUSE bug 1242854SUSE bug 1242856SUSE bug 1242859SUSE bug 1242860SUSE bug 1242861SUSE bug 1242866SUSE bug 1242867SUSE bug 1242868SUSE bug 1242871SUSE bug 1242873SUSE bug 1242875SUSE bug 1242906SUSE bug 1242908SUSE bug 1242924SUSE bug 1242930SUSE bug 1242940SUSE bug 1242944SUSE bug 1242945SUSE bug 1242946SUSE bug 1242948SUSE bug 1242949SUSE bug 1242951SUSE bug 1242953SUSE bug 1242954SUSE bug 1242955SUSE bug 1242957SUSE bug 1242959SUSE bug 1242961SUSE bug 1242962SUSE bug 1242973SUSE bug 1242974SUSE bug 1242977SUSE bug 1242982SUSE bug 1242990SUSE bug 1242993SUSE bug 1243000SUSE bug 1243006SUSE bug 1243011SUSE bug 1243015SUSE bug 1243044SUSE bug 1243049SUSE bug 1243056SUSE bug 1243074SUSE bug 1243076SUSE bug 1243077SUSE bug 1243082SUSE bug 1243090SUSE bug 1243330SUSE bug 1243342SUSE bug 1243456SUSE bug 1243469SUSE bug 1243470SUSE bug 1243471SUSE bug 1243472SUSE bug 1243473SUSE bug 1243475SUSE bug 1243476SUSE bug 1243509SUSE bug 1243511SUSE bug 1243513SUSE bug 1243515SUSE bug 1243516SUSE bug 1243517SUSE bug 1243519SUSE bug 1243522SUSE bug 1243524SUSE bug 1243528SUSE bug 1243529SUSE bug 1243530SUSE bug 1243534SUSE bug 1243536SUSE bug 1243537SUSE bug 1243539SUSE bug 1243540SUSE bug 1243541SUSE bug 1243542SUSE bug 1243543SUSE bug 1243545SUSE bug 1243547SUSE bug 1243559SUSE bug 1243560SUSE bug 1243562SUSE bug 1243567SUSE bug 1243571SUSE bug 1243572SUSE bug 1243573SUSE bug 1243574SUSE bug 1243575SUSE bug 1243589SUSE bug 1243621SUSE bug 1243624SUSE bug 1243625SUSE bug 1243626SUSE bug 1243627SUSE bug 1243628SUSE bug 1243649SUSE bug 1243657SUSE bug 1243658SUSE bug 1243659SUSE bug 1243660SUSE bug 1243664SUSE bug 1243737SUSE bug 1243782SUSE bug 1243805SUSE bug 1243836SUSE bug 1243963SUSE bug 1244145SUSE bug 1244261CVE-2023-52888 at SUSECVE-2023-52888 at NVDCVE-2023-53146 at SUSECVE-2023-53146 at NVDCVE-2024-43869 at SUSECVE-2024-43869 at NVDCVE-2024-46713 at SUSECVE-2024-46713 at NVDCVE-2024-49568 at SUSECVE-2024-49568 at NVDCVE-2024-50106 at SUSECVE-2024-50106 at NVDCVE-2024-50223 at SUSECVE-2024-50223 at NVDCVE-2024-53135 at SUSECVE-2024-53135 at NVDCVE-2024-54458 at SUSECVE-2024-54458 at NVDCVE-2024-58098 at SUSECVE-2024-58098 at NVDCVE-2024-58099 at SUSECVE-2024-58099 at NVDCVE-2024-58100 at SUSECVE-2024-58100 at NVDCVE-2024-58237 at SUSECVE-2024-58237 at NVDCVE-2025-21629 at SUSECVE-2025-21629 at NVDCVE-2025-21648 at SUSECVE-2025-21648 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-21787 at SUSECVE-2025-21787 at NVDCVE-2025-21814 at SUSECVE-2025-21814 at NVDCVE-2025-21868 at SUSECVE-2025-21868 at NVDCVE-2025-21919 at SUSECVE-2025-21919 at NVDCVE-2025-21938 at SUSECVE-2025-21938 at NVDCVE-2025-21997 at SUSECVE-2025-21997 at NVDCVE-2025-22005 at SUSECVE-2025-22005 at NVDCVE-2025-22021 at SUSECVE-2025-22021 at NVDCVE-2025-22030 at SUSECVE-2025-22030 at NVDCVE-2025-22056 at SUSECVE-2025-22056 at NVDCVE-2025-22057 at SUSECVE-2025-22057 at NVDCVE-2025-22063 at SUSECVE-2025-22063 at NVDCVE-2025-22066 at SUSECVE-2025-22066 at NVDCVE-2025-22070 at SUSECVE-2025-22070 at NVDCVE-2025-22089 at SUSECVE-2025-22089 at NVDCVE-2025-22095 at SUSECVE-2025-22095 at NVDCVE-2025-22103 at SUSECVE-2025-22103 at NVDCVE-2025-22113 at SUSECVE-2025-22113 at NVDCVE-2025-22119 at SUSECVE-2025-22119 at NVDCVE-2025-22124 at SUSECVE-2025-22124 at NVDCVE-2025-22125 at SUSECVE-2025-22125 at NVDCVE-2025-22126 at SUSECVE-2025-22126 at NVDCVE-2025-23140 at SUSECVE-2025-23140 at NVDCVE-2025-23141 at SUSECVE-2025-23141 at NVDCVE-2025-23142 at SUSECVE-2025-23142 at NVDCVE-2025-23144 at SUSECVE-2025-23144 at NVDCVE-2025-23146 at SUSECVE-2025-23146 at NVDCVE-2025-23147 at SUSECVE-2025-23147 at NVDCVE-2025-23148 at SUSECVE-2025-23148 at NVDCVE-2025-23149 at SUSECVE-2025-23149 at NVDCVE-2025-23150 at SUSECVE-2025-23150 at NVDCVE-2025-23151 at SUSECVE-2025-23151 at NVDCVE-2025-23155 at SUSECVE-2025-23155 at NVDCVE-2025-23156 at SUSECVE-2025-23156 at NVDCVE-2025-23157 at SUSECVE-2025-23157 at NVDCVE-2025-23158 at SUSECVE-2025-23158 at NVDCVE-2025-23159 at SUSECVE-2025-23159 at NVDCVE-2025-23160 at SUSECVE-2025-23160 at NVDCVE-2025-23161 at SUSECVE-2025-23161 at NVDCVE-2025-37738 at SUSECVE-2025-37738 at NVDCVE-2025-37740 at SUSECVE-2025-37740 at NVDCVE-2025-37741 at SUSECVE-2025-37741 at NVDCVE-2025-37742 at SUSECVE-2025-37742 at NVDCVE-2025-37743 at SUSECVE-2025-37743 at NVDCVE-2025-37747 at SUSECVE-2025-37747 at NVDCVE-2025-37748 at SUSECVE-2025-37748 at NVDCVE-2025-37749 at SUSECVE-2025-37749 at NVDCVE-2025-37750 at SUSECVE-2025-37750 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37754 at SUSECVE-2025-37754 at NVDCVE-2025-37755 at SUSECVE-2025-37755 at NVDCVE-2025-37758 at SUSECVE-2025-37758 at NVDCVE-2025-37765 at SUSECVE-2025-37765 at NVDCVE-2025-37766 at SUSECVE-2025-37766 at NVDCVE-2025-37767 at SUSECVE-2025-37767 at NVDCVE-2025-37768 at SUSECVE-2025-37768 at NVDCVE-2025-37769 at SUSECVE-2025-37769 at NVDCVE-2025-37770 at SUSECVE-2025-37770 at NVDCVE-2025-37771 at SUSECVE-2025-37771 at NVDCVE-2025-37772 at SUSECVE-2025-37772 at NVDCVE-2025-37773 at SUSECVE-2025-37773 at NVDCVE-2025-37780 at SUSECVE-2025-37780 at NVDCVE-2025-37781 at SUSECVE-2025-37781 at NVDCVE-2025-37782 at SUSECVE-2025-37782 at NVDCVE-2025-37787 at SUSECVE-2025-37787 at NVDCVE-2025-37788 at SUSECVE-2025-37788 at NVDCVE-2025-37789 at SUSECVE-2025-37789 at NVDCVE-2025-37790 at SUSECVE-2025-37790 at NVDCVE-2025-37792 at SUSECVE-2025-37792 at NVDCVE-2025-37793 at SUSECVE-2025-37793 at NVDCVE-2025-37794 at SUSECVE-2025-37794 at NVDCVE-2025-37796 at SUSECVE-2025-37796 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37800 at SUSECVE-2025-37800 at NVDCVE-2025-37801 at SUSECVE-2025-37801 at NVDCVE-2025-37803 at SUSECVE-2025-37803 at NVDCVE-2025-37804 at SUSECVE-2025-37804 at NVDCVE-2025-37805 at SUSECVE-2025-37805 at NVDCVE-2025-37809 at SUSECVE-2025-37809 at NVDCVE-2025-37810 at SUSECVE-2025-37810 at NVDCVE-2025-37812 at SUSECVE-2025-37812 at NVDCVE-2025-37815 at SUSECVE-2025-37815 at NVDCVE-2025-37819 at SUSECVE-2025-37819 at NVDCVE-2025-37820 at SUSECVE-2025-37820 at NVDCVE-2025-37823 at SUSECVE-2025-37823 at NVDCVE-2025-37824 at SUSECVE-2025-37824 at NVDCVE-2025-37829 at SUSECVE-2025-37829 at NVDCVE-2025-37830 at SUSECVE-2025-37830 at NVDCVE-2025-37831 at SUSECVE-2025-37831 at NVDCVE-2025-37833 at SUSECVE-2025-37833 at NVDCVE-2025-37836 at SUSECVE-2025-37836 at NVDCVE-2025-37839 at SUSECVE-2025-37839 at NVDCVE-2025-37840 at SUSECVE-2025-37840 at NVDCVE-2025-37841 at SUSECVE-2025-37841 at NVDCVE-2025-37842 at SUSECVE-2025-37842 at NVDCVE-2025-37844 at SUSECVE-2025-37844 at NVDCVE-2025-37849 at SUSECVE-2025-37849 at NVDCVE-2025-37850 at SUSECVE-2025-37850 at NVDCVE-2025-37851 at SUSECVE-2025-37851 at NVDCVE-2025-37852 at SUSECVE-2025-37852 at NVDCVE-2025-37853 at SUSECVE-2025-37853 at NVDCVE-2025-37854 at SUSECVE-2025-37854 at NVDCVE-2025-37858 at SUSECVE-2025-37858 at NVDCVE-2025-37862 at SUSECVE-2025-37862 at NVDCVE-2025-37865 at SUSECVE-2025-37865 at NVDCVE-2025-37867 at SUSECVE-2025-37867 at NVDCVE-2025-37870 at SUSECVE-2025-37870 at NVDCVE-2025-37871 at SUSECVE-2025-37871 at NVDCVE-2025-37873 at SUSECVE-2025-37873 at NVDCVE-2025-37874 at SUSECVE-2025-37874 at NVDCVE-2025-37875 at SUSECVE-2025-37875 at NVDCVE-2025-37879 at SUSECVE-2025-37879 at NVDCVE-2025-37881 at SUSECVE-2025-37881 at NVDCVE-2025-37886 at SUSECVE-2025-37886 at NVDCVE-2025-37887 at SUSECVE-2025-37887 at NVDCVE-2025-37889 at SUSECVE-2025-37889 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-37891 at SUSECVE-2025-37891 at NVDCVE-2025-37892 at SUSECVE-2025-37892 at NVDCVE-2025-37897 at SUSECVE-2025-37897 at NVDCVE-2025-37900 at SUSECVE-2025-37900 at NVDCVE-2025-37901 at SUSECVE-2025-37901 at NVDCVE-2025-37903 at SUSECVE-2025-37903 at NVDCVE-2025-37905 at SUSECVE-2025-37905 at NVDCVE-2025-37911 at SUSECVE-2025-37911 at NVDCVE-2025-37912 at SUSECVE-2025-37912 at NVDCVE-2025-37913 at SUSECVE-2025-37913 at NVDCVE-2025-37914 at SUSECVE-2025-37914 at NVDCVE-2025-37915 at SUSECVE-2025-37915 at NVDCVE-2025-37917 at SUSECVE-2025-37917 at NVDCVE-2025-37918 at SUSECVE-2025-37918 at NVDCVE-2025-37925 at SUSECVE-2025-37925 at NVDCVE-2025-37928 at SUSECVE-2025-37928 at NVDCVE-2025-37929 at SUSECVE-2025-37929 at NVDCVE-2025-37930 at SUSECVE-2025-37930 at NVDCVE-2025-37931 at SUSECVE-2025-37931 at NVDCVE-2025-37932 at SUSECVE-2025-37932 at NVDCVE-2025-37933 at SUSECVE-2025-37933 at NVDCVE-2025-37936 at SUSECVE-2025-37936 at NVDCVE-2025-37937 at SUSECVE-2025-37937 at NVDCVE-2025-37943 at SUSECVE-2025-37943 at NVDCVE-2025-37944 at SUSECVE-2025-37944 at NVDCVE-2025-37948 at SUSECVE-2025-37948 at NVDCVE-2025-37949 at SUSECVE-2025-37949 at NVDCVE-2025-37951 at SUSECVE-2025-37951 at NVDCVE-2025-37953 at SUSECVE-2025-37953 at NVDCVE-2025-37954 at SUSECVE-2025-37954 at NVDCVE-2025-37957 at SUSECVE-2025-37957 at NVDCVE-2025-37958 at SUSECVE-2025-37958 at NVDCVE-2025-37959 at SUSECVE-2025-37959 at NVDCVE-2025-37960 at SUSECVE-2025-37960 at NVDCVE-2025-37963 at SUSECVE-2025-37963 at NVDCVE-2025-37967 at SUSECVE-2025-37967 at NVDCVE-2025-37968 at SUSECVE-2025-37968 at NVDCVE-2025-37969 at SUSECVE-2025-37969 at NVDCVE-2025-37970 at SUSECVE-2025-37970 at NVDCVE-2025-37972 at SUSECVE-2025-37972 at NVDCVE-2025-37974 at SUSECVE-2025-37974 at NVDCVE-2025-37978 at SUSECVE-2025-37978 at NVDCVE-2025-37979 at SUSECVE-2025-37979 at NVDCVE-2025-37980 at SUSECVE-2025-37980 at NVDCVE-2025-37982 at SUSECVE-2025-37982 at NVDCVE-2025-37983 at SUSECVE-2025-37983 at NVDCVE-2025-37985 at SUSECVE-2025-37985 at NVDCVE-2025-37986 at SUSECVE-2025-37986 at NVDCVE-2025-37987 at SUSECVE-2025-37987 at NVDCVE-2025-37989 at SUSECVE-2025-37989 at NVDCVE-2025-37990 at SUSECVE-2025-37990 at NVDCVE-2025-37998 at SUSECVE-2025-37998 at NVDCVE-2025-38104 at SUSECVE-2025-38104 at NVDCVE-2025-38152 at SUSECVE-2025-38152 at NVDCVE-2025-38240 at SUSECVE-2025-38240 at NVDCVE-2025-38637 at SUSECVE-2025-38637 at NVDCVE-2025-39735 at SUSECVE-2025-39735 at NVDCVE-2025-40014 at SUSECVE-2025-40014 at NVDCVE-2025-40325 at SUSECVE-2025-40325 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231)
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233708)
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233680)
- CVE-2024-53074: wifi: iwlwifi: mvm: don't leak a link on AP removal (bsc#1235086)
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235129)
- CVE-2024-53208: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (bsc#1236244)
- CVE-2024-50257: netfilter: fix use-after-free in get_info() (bsc#1233245)
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232908)
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062)
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232929)
- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232927)
ImportantSUSE bug 1232908SUSE bug 1232927SUSE bug 1232929SUSE bug 1233245SUSE bug 1233680SUSE bug 1233708SUSE bug 1235062SUSE bug 1235086SUSE bug 1235129SUSE bug 1235231SUSE bug 1236244CVE-2024-50124 at SUSECVE-2024-50124 at NVDCVE-2024-50125 at SUSECVE-2024-50125 at NVDCVE-2024-50127 at SUSECVE-2024-50127 at NVDCVE-2024-50257 at SUSECVE-2024-50257 at NVDCVE-2024-50279 at SUSECVE-2024-50279 at NVDCVE-2024-50301 at SUSECVE-2024-50301 at NVDCVE-2024-53074 at SUSECVE-2024-53074 at NVDCVE-2024-53208 at SUSECVE-2024-53208 at NVDCVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232927)
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232908)
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232929)
- CVE-2024-50257: netfilter: fix use-after-free in get_info() (bsc#1233245)
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233680)
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233708)
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062)
- CVE-2024-53074: wifi: iwlwifi: mvm: don't leak a link on AP removal (bsc#1235086)
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235129)
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231)
- CVE-2024-53208: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (bsc#1236244)
ModerateSUSE bug 1232908SUSE bug 1232927SUSE bug 1232929SUSE bug 1233245SUSE bug 1233680SUSE bug 1233708SUSE bug 1235062SUSE bug 1235086SUSE bug 1235129SUSE bug 1235231SUSE bug 1236244CVE-2024-50124 at SUSECVE-2024-50124 at NVDCVE-2024-50125 at SUSECVE-2024-50125 at NVDCVE-2024-50127 at SUSECVE-2024-50127 at NVDCVE-2024-50257 at SUSECVE-2024-50257 at NVDCVE-2024-50279 at SUSECVE-2024-50279 at NVDCVE-2024-50301 at SUSECVE-2024-50301 at NVDCVE-2024-53074 at SUSECVE-2024-53074 at NVDCVE-2024-53208 at SUSECVE-2024-53208 at NVDCVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231)
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235129)
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062)
ImportantSUSE bug 1235062SUSE bug 1235129SUSE bug 1235231CVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231)
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233708)
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233680)
- CVE-2024-53074: wifi: iwlwifi: mvm: don't leak a link on AP removal (bsc#1235086)
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235129)
- CVE-2024-53208: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (bsc#1236244)
- CVE-2024-50257: netfilter: fix use-after-free in get_info() (bsc#1233245)
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232908)
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062)
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232929)
- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232927)
ImportantSUSE bug 1232908SUSE bug 1232927SUSE bug 1232929SUSE bug 1233245SUSE bug 1233680SUSE bug 1233708SUSE bug 1235062SUSE bug 1235086SUSE bug 1235129SUSE bug 1235231SUSE bug 1236244CVE-2024-50124 at SUSECVE-2024-50124 at NVDCVE-2024-50125 at SUSECVE-2024-50125 at NVDCVE-2024-50127 at SUSECVE-2024-50127 at NVDCVE-2024-50257 at SUSECVE-2024-50257 at NVDCVE-2024-50279 at SUSECVE-2024-50279 at NVDCVE-2024-50301 at SUSECVE-2024-50301 at NVDCVE-2024-53074 at SUSECVE-2024-53074 at NVDCVE-2024-53208 at SUSECVE-2024-53208 at NVDCVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231)
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233708)
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233680)
- CVE-2024-53074: wifi: iwlwifi: mvm: don't leak a link on AP removal (bsc#1235086)
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235129)
- CVE-2024-53208: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (bsc#1236244)
- CVE-2024-50257: netfilter: fix use-after-free in get_info() (bsc#1233245)
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232908)
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062)
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232929)
- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232927)
ImportantSUSE bug 1232908SUSE bug 1232927SUSE bug 1232929SUSE bug 1233245SUSE bug 1233680SUSE bug 1233708SUSE bug 1235062SUSE bug 1235086SUSE bug 1235129SUSE bug 1235231SUSE bug 1236244CVE-2024-50124 at SUSECVE-2024-50124 at NVDCVE-2024-50125 at SUSECVE-2024-50125 at NVDCVE-2024-50127 at SUSECVE-2024-50127 at NVDCVE-2024-50257 at SUSECVE-2024-50257 at NVDCVE-2024-50279 at SUSECVE-2024-50279 at NVDCVE-2024-50301 at SUSECVE-2024-50301 at NVDCVE-2024-53074 at SUSECVE-2024-53074 at NVDCVE-2024-53208 at SUSECVE-2024-53208 at NVDCVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062)
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235129)
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231)
ImportantSUSE bug 1235062SUSE bug 1235129SUSE bug 1235231CVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-57882: Fixed mptcp: fix TCP options overflow. (bsc#1235916)
- CVE-2024-46818: Fixed drm/amd/display: check gpio_id before used as array index (bsc#1231204)
- CVE-2024-46815: Fixed drm/amd/display: check num_valid_sets before accessing reader_wm_sets[] (bsc#1231196)
- CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452)
- CVE-2024-50302: Fixed HID: core: zero-initialize the report buffer (bsc#1233679)
- CVE-2024-53104: Fixed media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783)
- CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails (bsc#1230998)
- CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993)
ImportantSUSE bug 1230998SUSE bug 1231196SUSE bug 1231204SUSE bug 1231993SUSE bug 1233679SUSE bug 1235452SUSE bug 1235916SUSE bug 1236783CVE-2024-45016 at SUSECVE-2024-45016 at NVDCVE-2024-46815 at SUSECVE-2024-46815 at NVDCVE-2024-46818 at SUSECVE-2024-46818 at NVDCVE-2024-47684 at SUSECVE-2024-47684 at NVDCVE-2024-50302 at SUSECVE-2024-50302 at NVDCVE-2024-53104 at SUSECVE-2024-53104 at NVDCVE-2024-56648 at SUSECVE-2024-56648 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).
- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).
- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).
- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).
- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).
- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).
- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).
- CVE-2025-22111: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).
- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).
- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).
- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).
- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).
- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).
- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).
- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).
- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).
- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).
- CVE-2025-37938: tracing: Verify event formats that have "%*p.." (bsc#1243544).
- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).
- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).
- CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698).
- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).
- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).
- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).
- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).
- CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).
The following non-security bugs were fixed:
- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).
- ACPI: battery: negate current when discharging (stable-fixes).
- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).
- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).
- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).
- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).
- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).
- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).
- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).
- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).
- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).
- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).
- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).
- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).
- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).
- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).
- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).
- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).
- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).
- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).
- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).
- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).
- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).
- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).
- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).
- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).
- Bluetooth: MGMT: Fix sparse errors (git-fixes).
- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).
- Bluetooth: Remove pending ACL connection attempts (stable-fixes).
- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).
- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).
- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).
- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).
- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).
- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).
- HID: wacom: fix kobject reference count leak (git-fixes).
- HID: wacom: fix memory leak on kobject creation failure (git-fixes).
- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).
- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).
- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).
- NFC: nci: uart: Set tty->disc_data only in success path (git-fixes).
- PCI/DPC: Log Error Source ID only when valid (git-fixes).
- PCI/DPC: Use defines with DPC reason fields (git-fixes).
- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).
- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).
- PCI: apple: Set only available ports up (git-fixes).
- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).
- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).
- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)
- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
- Revert "ALSA: usb-audio: Skip setting clock selector for single connections" (stable-fixes).
- Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)
- Revert "ipv6: save dontfrag in cork (git-fixes)."
- Revert "kABI: ipv6: save dontfrag in cork (git-fixes)."
- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).
- add bug reference to existing hv_storvsc change (bsc#1245455).
- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).
- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).
- bnxt: properly flush XDP redirect lists (git-fixes).
- bpf: Force uprobe bpf program to always return 0 (git-fixes).
- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).
- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).
- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).
- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).
- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).
- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).
- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).
- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).
- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).
- ceph: Fix incorrect flush end position calculation (git-fixes).
- ceph: allocate sparse_ext map only for sparse reads (git-fixes).
- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).
- clocksource: Fix brown-bag boolean thinko in (git-fixes)
- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).
- devlink: fix port dump cmd type (git-fixes).
- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).
- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
- drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes).
- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).
- drm/i915: fix build error some more (git-fixes).
- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).
- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).
- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).
- fbcon: Make sure modelist not set on unregistered console (stable-fixes).
- fgraph: Still initialize idle shadow stacks when starting (git-fixes).
- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).
- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).
- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).
- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).
- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).
- hwmon: (occ) fix unaligned accesses (git-fixes).
- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).
- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).
- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).
- i2c: npcm: Add clock toggle recovery (stable-fixes).
- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).
- i2c: tiny-usb: disable zero-length read messages (git-fixes).
- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).
- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).
- ice: Fix LACP bonds without SRIOV environment (git-fixes).
- ice: create new Tx scheduler nodes for new queues only (git-fixes).
- ice: fix Tx scheduler error handling in XDP callback (git-fixes).
- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).
- ice: fix vf->num_mac count with port representors (git-fixes).
- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).
- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)
- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- kabi: restore layout of struct cgroup_subsys (bsc#1241166).
- kabi: restore layout of struct mem_control (jsc#PED-12551).
- kabi: restore layout of struct page_counter (jsc#PED-12551).
- loop: add file_start_write() and file_end_write() (git-fixes).
- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).
- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).
- mmc: Add quirk to disable DDR50 tuning (stable-fixes).
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).
- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).
- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).
- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).
- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).
- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
- net/mlx5: Fix return value when searching for existing flow group (git-fixes).
- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).
- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).
- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
- net: ice: Perform accurate aRFS flow match (git-fixes).
- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
- net: mana: Record doorbell physical address in PF mode (bsc#1244229).
- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)
- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
- net_sched: prio: fix a race in prio_tune() (git-fixes).
- net_sched: red: fix a race in __red_change() (git-fixes).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: reject invalid perturb period (git-fixes).
- net_sched: tbf: fix a race in tbf_change() (git-fixes).
- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).
- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).
- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).
- ntp: Clamp maxerror and esterror to operating range (git-fixes)
- ntp: Remove invalid cast in time offset math (git-fixes)
- ntp: Safeguard against time_constant overflow (git-fixes)
- nvme-fc: do not reference lsrsp after failure (bsc#1245193).
- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).
- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
- nvme-pci: add quirks for device 126f:1001 (git-fixes).
- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).
- nvme: fix command limits status code (git-fixes).
- nvme: fix implicit bool to flags conversion (git-fixes).
- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
- nvmet-fc: take tgtport refs for portentry (bsc#1245193).
- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).
- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).
- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).
- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
- nvmet-fcloop: prevent double port deletion (bsc#1245193).
- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).
- nvmet-fcloop: remove nport from list on last user (bsc#1245193).
- nvmet-fcloop: track ref counts for nports (bsc#1245193).
- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).
- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).
- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).
- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).
- platform/x86: dell_rbu: Fix list usage (git-fixes).
- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).
- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).
- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).
- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes).
- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).
- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).
- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)
- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).
- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).
- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).
- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).
- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).
- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).
- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).
- scsi: mpi3mr: Add level check to control event logging (git-fixes).
- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).
- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).
- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).
- scsi: st: ERASE does not change tape location (git-fixes).
- scsi: st: Restore some drive settings after reset (git-fixes).
- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).
- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).
- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).
- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).
- struct usci: hide additional member (git-fixes).
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).
- thunderbolt: Do not double dequeue a configuration request (stable-fixes).
- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).
- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).
- tracing: Add __print_dynamic_array() helper (bsc#1243544).
- tracing: Add __string_len() example (bsc#1243544).
- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).
- tracing: Fix compilation warning on arm32 (bsc#1243551).
- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).
- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).
- ucsi_debugfs_entry: hide signedness change (git-fixes).
- uprobes: Use kzalloc to allocate xol area (git-fixes).
- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).
- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).
- usb: typec: ucsi: Only enable supported notifications (git-fixes).
- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).
- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).
- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).
- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).
- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).
- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).
- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).
- vmxnet3: update MTU after device quiesce (bsc#1244626).
- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).
- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).
- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).
- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).
- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).
- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).
- wifi: ath11k: do not wait when there is no vdev started (git-fixes).
- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).
- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).
- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).
- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).
- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).
- wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes).
- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).
- wifi: ath12k: fix incorrect CE addresses (stable-fixes).
- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).
- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).
- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).
- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).
- wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).
- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).
- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).
- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).
- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).
- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).
- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).
- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
- x86/microcode/AMD: Add get_patch_level() (git-fixes).
- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).
- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).
- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).
- x86/microcode: Consolidate the loader enablement checking (git-fixes).
- x86/mm/init: Handle the special case of device private pages in
add_pages(), to not increase max_pfn and trigger dma_addressing_limited()
bounce buffers (git-fixes).
- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).
- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
- xen/x86: fix initial memory balloon target (git-fixes).
ImportantSUSE bug 1210025SUSE bug 1211226SUSE bug 1215199SUSE bug 1218184SUSE bug 1223008SUSE bug 1235490SUSE bug 1236208SUSE bug 1237312SUSE bug 1237913SUSE bug 1238859SUSE bug 1238982SUSE bug 1240577SUSE bug 1240610SUSE bug 1240686SUSE bug 1240814SUSE bug 1241166SUSE bug 1241278SUSE bug 1241414SUSE bug 1241544SUSE bug 1241572SUSE bug 1241592SUSE bug 1242504SUSE bug 1242515SUSE bug 1242521SUSE bug 1242556SUSE bug 1242725SUSE bug 1242907SUSE bug 1243051SUSE bug 1243060SUSE bug 1243342SUSE bug 1243467SUSE bug 1243480SUSE bug 1243506SUSE bug 1243523SUSE bug 1243538SUSE bug 1243544SUSE bug 1243551SUSE bug 1243620SUSE bug 1243698SUSE bug 1243774SUSE bug 1243823SUSE bug 1243827SUSE bug 1243832SUSE bug 1243847SUSE bug 1244100SUSE bug 1244145SUSE bug 1244172SUSE bug 1244176SUSE bug 1244229SUSE bug 1244234SUSE bug 1244241SUSE bug 1244274SUSE bug 1244275SUSE bug 1244277SUSE bug 1244309SUSE bug 1244313SUSE bug 1244337SUSE bug 1244626SUSE bug 1244725SUSE bug 1244727SUSE bug 1244729SUSE bug 1244731SUSE bug 1244732SUSE bug 1244736SUSE bug 1244737SUSE bug 1244738SUSE bug 1244739SUSE bug 1244743SUSE bug 1244746SUSE bug 1244759SUSE bug 1244789SUSE bug 1244862SUSE bug 1244906SUSE bug 1244938SUSE bug 1244995SUSE bug 1244996SUSE bug 1244999SUSE bug 1245001SUSE bug 1245003SUSE bug 1245004SUSE bug 1245025SUSE bug 1245042SUSE bug 1245046SUSE bug 1245078SUSE bug 1245081SUSE bug 1245082SUSE bug 1245083SUSE bug 1245155SUSE bug 1245183SUSE bug 1245193SUSE bug 1245210SUSE bug 1245217SUSE bug 1245225SUSE bug 1245226SUSE bug 1245228SUSE bug 1245431SUSE bug 1245455CVE-2024-26831 at SUSECVE-2024-26831 at NVDCVE-2024-56613 at SUSECVE-2024-56613 at NVDCVE-2024-56699 at SUSECVE-2024-56699 at NVDCVE-2024-57982 at SUSECVE-2024-57982 at NVDCVE-2024-58053 at SUSECVE-2024-58053 at NVDCVE-2025-21658 at SUSECVE-2025-21658 at NVDCVE-2025-21720 at SUSECVE-2025-21720 at NVDCVE-2025-21898 at SUSECVE-2025-21898 at NVDCVE-2025-21899 at SUSECVE-2025-21899 at NVDCVE-2025-21920 at SUSECVE-2025-21920 at NVDCVE-2025-21959 at SUSECVE-2025-21959 at NVDCVE-2025-22035 at SUSECVE-2025-22035 at NVDCVE-2025-22083 at SUSECVE-2025-22083 at NVDCVE-2025-22111 at SUSECVE-2025-22111 at NVDCVE-2025-22120 at SUSECVE-2025-22120 at NVDCVE-2025-37756 at SUSECVE-2025-37756 at NVDCVE-2025-37757 at SUSECVE-2025-37757 at NVDCVE-2025-37786 at SUSECVE-2025-37786 at NVDCVE-2025-37811 at SUSECVE-2025-37811 at NVDCVE-2025-37859 at SUSECVE-2025-37859 at NVDCVE-2025-37884 at SUSECVE-2025-37884 at NVDCVE-2025-37909 at SUSECVE-2025-37909 at NVDCVE-2025-37921 at SUSECVE-2025-37921 at NVDCVE-2025-37923 at SUSECVE-2025-37923 at NVDCVE-2025-37927 at SUSECVE-2025-37927 at NVDCVE-2025-37938 at SUSECVE-2025-37938 at NVDCVE-2025-37945 at SUSECVE-2025-37945 at NVDCVE-2025-37946 at SUSECVE-2025-37946 at NVDCVE-2025-37961 at SUSECVE-2025-37961 at NVDCVE-2025-37973 at SUSECVE-2025-37973 at NVDCVE-2025-37992 at SUSECVE-2025-37992 at NVDCVE-2025-37994 at SUSECVE-2025-37994 at NVDCVE-2025-37995 at SUSECVE-2025-37995 at NVDCVE-2025-37997 at SUSECVE-2025-37997 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38003 at SUSECVE-2025-38003 at NVDCVE-2025-38004 at SUSECVE-2025-38004 at NVDCVE-2025-38005 at SUSECVE-2025-38005 at NVDCVE-2025-38007 at SUSECVE-2025-38007 at NVDCVE-2025-38009 at SUSECVE-2025-38009 at NVDCVE-2025-38010 at SUSECVE-2025-38010 at NVDCVE-2025-38011 at SUSECVE-2025-38011 at NVDCVE-2025-38013 at SUSECVE-2025-38013 at NVDCVE-2025-38014 at SUSECVE-2025-38014 at NVDCVE-2025-38015 at SUSECVE-2025-38015 at NVDCVE-2025-38018 at SUSECVE-2025-38018 at NVDCVE-2025-38020 at SUSECVE-2025-38020 at NVDCVE-2025-38022 at SUSECVE-2025-38022 at NVDCVE-2025-38023 at SUSECVE-2025-38023 at NVDCVE-2025-38024 at SUSECVE-2025-38024 at NVDCVE-2025-38027 at SUSECVE-2025-38027 at NVDCVE-2025-38031 at SUSECVE-2025-38031 at NVDCVE-2025-38040 at SUSECVE-2025-38040 at NVDCVE-2025-38043 at SUSECVE-2025-38043 at NVDCVE-2025-38044 at SUSECVE-2025-38044 at NVDCVE-2025-38045 at SUSECVE-2025-38045 at NVDCVE-2025-38053 at SUSECVE-2025-38053 at NVDCVE-2025-38057 at SUSECVE-2025-38057 at NVDCVE-2025-38059 at SUSECVE-2025-38059 at NVDCVE-2025-38060 at SUSECVE-2025-38060 at NVDCVE-2025-38065 at SUSECVE-2025-38065 at NVDCVE-2025-38068 at SUSECVE-2025-38068 at NVDCVE-2025-38072 at SUSECVE-2025-38072 at NVDCVE-2025-38077 at SUSECVE-2025-38077 at NVDCVE-2025-38078 at SUSECVE-2025-38078 at NVDCVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38080 at SUSECVE-2025-38080 at NVDCVE-2025-38081 at SUSECVE-2025-38081 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).
- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).
- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).
- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).
- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).
- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).
- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).
- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).
- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).
- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).
- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).
- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).
- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).
- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).
- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).
- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).
- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).
- CVE-2025-37938: tracing: Verify event formats that have "%*p.." (bsc#1243544).
- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).
- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).
- CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698).
- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).
- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).
- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).
- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).
- CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).
The following non-security bugs were fixed:
- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).
- ACPI: battery: negate current when discharging (stable-fixes).
- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).
- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).
- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).
- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).
- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).
- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).
- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).
- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).
- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).
- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).
- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).
- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).
- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).
- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).
- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).
- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).
- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).
- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).
- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).
- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).
- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).
- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).
- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).
- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).
- Bluetooth: MGMT: Fix sparse errors (git-fixes).
- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).
- Bluetooth: Remove pending ACL connection attempts (stable-fixes).
- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).
- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).
- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).
- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).
- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).
- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).
- HID: wacom: fix kobject reference count leak (git-fixes).
- HID: wacom: fix memory leak on kobject creation failure (git-fixes).
- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).
- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).
- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).
- NFC: nci: uart: Set tty->disc_data only in success path (git-fixes).
- PCI/DPC: Log Error Source ID only when valid (git-fixes).
- PCI/DPC: Use defines with DPC reason fields (git-fixes).
- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).
- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).
- PCI: apple: Set only available ports up (git-fixes).
- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).
- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).
- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)
- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
- Revert "ALSA: usb-audio: Skip setting clock selector for single connections" (stable-fixes).
- Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)
- Revert "kABI: ipv6: save dontfrag in cork (git-fixes)."
- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).
- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).
- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).
- bnxt: properly flush XDP redirect lists (git-fixes).
- bpf: Force uprobe bpf program to always return 0 (git-fixes).
- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).
- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).
- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).
- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).
- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).
- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).
- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).
- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).
- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).
- ceph: Fix incorrect flush end position calculation (git-fixes).
- ceph: allocate sparse_ext map only for sparse reads (git-fixes).
- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).
- clocksource: Fix brown-bag boolean thinko in (git-fixes)
- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).
- devlink: fix port dump cmd type (git-fixes).
- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).
- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
- drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes).
- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).
- drm/i915: fix build error some more (git-fixes).
- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).
- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).
- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).
- fbcon: Make sure modelist not set on unregistered console (stable-fixes).
- fgraph: Still initialize idle shadow stacks when starting (git-fixes).
- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).
- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).
- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).
- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).
- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).
- hwmon: (occ) fix unaligned accesses (git-fixes).
- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).
- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).
- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).
- i2c: npcm: Add clock toggle recovery (stable-fixes).
- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).
- i2c: tiny-usb: disable zero-length read messages (git-fixes).
- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).
- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).
- ice: Fix LACP bonds without SRIOV environment (git-fixes).
- ice: create new Tx scheduler nodes for new queues only (git-fixes).
- ice: fix Tx scheduler error handling in XDP callback (git-fixes).
- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).
- ice: fix vf->num_mac count with port representors (git-fixes).
- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).
- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)
- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- kabi: restore layout of struct cgroup_subsys (bsc#1241166).
- kabi: restore layout of struct mem_control (jsc#PED-12551).
- kabi: restore layout of struct page_counter (jsc#PED-12551).
- loop: add file_start_write() and file_end_write() (git-fixes).
- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).
- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).
- mmc: Add quirk to disable DDR50 tuning (stable-fixes).
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).
- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).
- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).
- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).
- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).
- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
- net/mlx5: Fix return value when searching for existing flow group (git-fixes).
- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).
- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).
- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
- net: ice: Perform accurate aRFS flow match (git-fixes).
- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
- net: mana: Record doorbell physical address in PF mode (bsc#1244229).
- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)
- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
- net_sched: prio: fix a race in prio_tune() (git-fixes).
- net_sched: red: fix a race in __red_change() (git-fixes).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: reject invalid perturb period (git-fixes).
- net_sched: tbf: fix a race in tbf_change() (git-fixes).
- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).
- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).
- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).
- ntp: Clamp maxerror and esterror to operating range (git-fixes)
- ntp: Remove invalid cast in time offset math (git-fixes)
- ntp: Safeguard against time_constant overflow (git-fixes)
- nvme-fc: do not reference lsrsp after failure (bsc#1245193).
- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).
- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
- nvme-pci: add quirks for device 126f:1001 (git-fixes).
- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).
- nvme: fix command limits status code (git-fixes).
- nvme: fix implicit bool to flags conversion (git-fixes).
- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
- nvmet-fc: take tgtport refs for portentry (bsc#1245193).
- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).
- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).
- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).
- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
- nvmet-fcloop: prevent double port deletion (bsc#1245193).
- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).
- nvmet-fcloop: remove nport from list on last user (bsc#1245193).
- nvmet-fcloop: track ref counts for nports (bsc#1245193).
- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).
- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).
- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).
- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).
- platform/x86: dell_rbu: Fix list usage (git-fixes).
- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).
- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).
- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).
- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes).
- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).
- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).
- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)
- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).
- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).
- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).
- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).
- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).
- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).
- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).
- scsi: mpi3mr: Add level check to control event logging (git-fixes).
- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).
- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).
- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).
- scsi: st: ERASE does not change tape location (git-fixes).
- scsi: st: Restore some drive settings after reset (git-fixes).
- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).
- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).
- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).
- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).
- struct usci: hide additional member (git-fixes).
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).
- thunderbolt: Do not double dequeue a configuration request (stable-fixes).
- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).
- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).
- tracing: Add __print_dynamic_array() helper (bsc#1243544).
- tracing: Add __string_len() example (bsc#1243544).
- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).
- tracing: Fix compilation warning on arm32 (bsc#1243551).
- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).
- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).
- ucsi_debugfs_entry: hide signedness change (git-fixes).
- uprobes: Use kzalloc to allocate xol area (git-fixes).
- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).
- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).
- usb: typec: ucsi: Only enable supported notifications (git-fixes).
- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).
- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).
- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).
- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).
- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).
- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).
- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).
- vmxnet3: update MTU after device quiesce (bsc#1244626).
- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).
- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).
- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).
- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).
- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).
- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).
- wifi: ath11k: do not wait when there is no vdev started (git-fixes).
- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).
- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).
- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).
- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).
- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).
- wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes).
- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).
- wifi: ath12k: fix incorrect CE addresses (stable-fixes).
- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).
- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).
- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).
- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).
- wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).
- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).
- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).
- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).
- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).
- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).
- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).
- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
- x86/microcode/AMD: Add get_patch_level() (git-fixes).
- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).
- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).
- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).
- x86/microcode: Consolidate the loader enablement checking (git-fixes).
- x86/mm/init: Handle the special case of device private pages in
add_pages(), to not increase max_pfn and trigger dma_addressing_limited()
bounce buffers (git-fixes).
- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).
- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
- xen/x86: fix initial memory balloon target (git-fixes).
ImportantSUSE bug 1210025SUSE bug 1211226SUSE bug 1215199SUSE bug 1218184SUSE bug 1223008SUSE bug 1235490SUSE bug 1236208SUSE bug 1237312SUSE bug 1237913SUSE bug 1238859SUSE bug 1238982SUSE bug 1240577SUSE bug 1240610SUSE bug 1240686SUSE bug 1240814SUSE bug 1241166SUSE bug 1241278SUSE bug 1241414SUSE bug 1241544SUSE bug 1241572SUSE bug 1241592SUSE bug 1242504SUSE bug 1242515SUSE bug 1242521SUSE bug 1242556SUSE bug 1242725SUSE bug 1242907SUSE bug 1243051SUSE bug 1243060SUSE bug 1243342SUSE bug 1243467SUSE bug 1243480SUSE bug 1243506SUSE bug 1243523SUSE bug 1243538SUSE bug 1243544SUSE bug 1243551SUSE bug 1243620SUSE bug 1243698SUSE bug 1243774SUSE bug 1243823SUSE bug 1243827SUSE bug 1243832SUSE bug 1243847SUSE bug 1244100SUSE bug 1244145SUSE bug 1244172SUSE bug 1244176SUSE bug 1244229SUSE bug 1244234SUSE bug 1244241SUSE bug 1244274SUSE bug 1244275SUSE bug 1244277SUSE bug 1244309SUSE bug 1244313SUSE bug 1244337SUSE bug 1244626SUSE bug 1244725SUSE bug 1244727SUSE bug 1244729SUSE bug 1244731SUSE bug 1244732SUSE bug 1244736SUSE bug 1244737SUSE bug 1244738SUSE bug 1244739SUSE bug 1244743SUSE bug 1244746SUSE bug 1244759SUSE bug 1244789SUSE bug 1244862SUSE bug 1244906SUSE bug 1244938SUSE bug 1244995SUSE bug 1244996SUSE bug 1244999SUSE bug 1245001SUSE bug 1245003SUSE bug 1245004SUSE bug 1245025SUSE bug 1245042SUSE bug 1245046SUSE bug 1245078SUSE bug 1245081SUSE bug 1245082SUSE bug 1245083SUSE bug 1245155SUSE bug 1245183SUSE bug 1245193SUSE bug 1245210SUSE bug 1245217SUSE bug 1245225SUSE bug 1245226SUSE bug 1245228SUSE bug 1245431SUSE bug 1245455CVE-2024-26831 at SUSECVE-2024-26831 at NVDCVE-2024-56613 at SUSECVE-2024-56613 at NVDCVE-2024-56699 at SUSECVE-2024-56699 at NVDCVE-2024-57982 at SUSECVE-2024-57982 at NVDCVE-2024-58053 at SUSECVE-2024-58053 at NVDCVE-2025-21658 at SUSECVE-2025-21658 at NVDCVE-2025-21720 at SUSECVE-2025-21720 at NVDCVE-2025-21898 at SUSECVE-2025-21898 at NVDCVE-2025-21899 at SUSECVE-2025-21899 at NVDCVE-2025-21920 at SUSECVE-2025-21920 at NVDCVE-2025-21959 at SUSECVE-2025-21959 at NVDCVE-2025-22035 at SUSECVE-2025-22035 at NVDCVE-2025-22083 at SUSECVE-2025-22083 at NVDCVE-2025-22111 at SUSECVE-2025-22111 at NVDCVE-2025-22120 at SUSECVE-2025-22120 at NVDCVE-2025-37756 at SUSECVE-2025-37756 at NVDCVE-2025-37757 at SUSECVE-2025-37757 at NVDCVE-2025-37786 at SUSECVE-2025-37786 at NVDCVE-2025-37811 at SUSECVE-2025-37811 at NVDCVE-2025-37859 at SUSECVE-2025-37859 at NVDCVE-2025-37884 at SUSECVE-2025-37884 at NVDCVE-2025-37909 at SUSECVE-2025-37909 at NVDCVE-2025-37921 at SUSECVE-2025-37921 at NVDCVE-2025-37923 at SUSECVE-2025-37923 at NVDCVE-2025-37927 at SUSECVE-2025-37927 at NVDCVE-2025-37938 at SUSECVE-2025-37938 at NVDCVE-2025-37945 at SUSECVE-2025-37945 at NVDCVE-2025-37946 at SUSECVE-2025-37946 at NVDCVE-2025-37961 at SUSECVE-2025-37961 at NVDCVE-2025-37973 at SUSECVE-2025-37973 at NVDCVE-2025-37992 at SUSECVE-2025-37992 at NVDCVE-2025-37994 at SUSECVE-2025-37994 at NVDCVE-2025-37995 at SUSECVE-2025-37995 at NVDCVE-2025-37997 at SUSECVE-2025-37997 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38003 at SUSECVE-2025-38003 at NVDCVE-2025-38004 at SUSECVE-2025-38004 at NVDCVE-2025-38005 at SUSECVE-2025-38005 at NVDCVE-2025-38007 at SUSECVE-2025-38007 at NVDCVE-2025-38009 at SUSECVE-2025-38009 at NVDCVE-2025-38010 at SUSECVE-2025-38010 at NVDCVE-2025-38011 at SUSECVE-2025-38011 at NVDCVE-2025-38013 at SUSECVE-2025-38013 at NVDCVE-2025-38014 at SUSECVE-2025-38014 at NVDCVE-2025-38015 at SUSECVE-2025-38015 at NVDCVE-2025-38018 at SUSECVE-2025-38018 at NVDCVE-2025-38020 at SUSECVE-2025-38020 at NVDCVE-2025-38022 at SUSECVE-2025-38022 at NVDCVE-2025-38023 at SUSECVE-2025-38023 at NVDCVE-2025-38024 at SUSECVE-2025-38024 at NVDCVE-2025-38027 at SUSECVE-2025-38027 at NVDCVE-2025-38031 at SUSECVE-2025-38031 at NVDCVE-2025-38040 at SUSECVE-2025-38040 at NVDCVE-2025-38043 at SUSECVE-2025-38043 at NVDCVE-2025-38044 at SUSECVE-2025-38044 at NVDCVE-2025-38045 at SUSECVE-2025-38045 at NVDCVE-2025-38053 at SUSECVE-2025-38053 at NVDCVE-2025-38057 at SUSECVE-2025-38057 at NVDCVE-2025-38059 at SUSECVE-2025-38059 at NVDCVE-2025-38060 at SUSECVE-2025-38060 at NVDCVE-2025-38065 at SUSECVE-2025-38065 at NVDCVE-2025-38068 at SUSECVE-2025-38068 at NVDCVE-2025-38072 at SUSECVE-2025-38072 at NVDCVE-2025-38077 at SUSECVE-2025-38077 at NVDCVE-2025-38078 at SUSECVE-2025-38078 at NVDCVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38080 at SUSECVE-2025-38080 at NVDCVE-2025-38081 at SUSECVE-2025-38081 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- Initial livepatch for 10th RT kernel update.
Moderatecpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118)
- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227)
- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854)
- CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885)
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892)
- CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005)
- CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769)
- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921)
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648)
ImportantSUSE bug 1233118SUSE bug 1233227SUSE bug 1234854SUSE bug 1234885SUSE bug 1234892SUSE bug 1235005SUSE bug 1235769SUSE bug 1235921SUSE bug 1238912SUSE bug 1241579SUSE bug 1243648SUSE bug 1244337CVE-2024-50208 at SUSECVE-2024-50208 at NVDCVE-2024-50250 at SUSECVE-2024-50250 at NVDCVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118)
- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227)
- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854)
- CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885)
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892)
- CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005)
- CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769)
- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921)
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648)
ImportantSUSE bug 1233118SUSE bug 1233227SUSE bug 1234854SUSE bug 1234885SUSE bug 1234892SUSE bug 1235005SUSE bug 1235769SUSE bug 1235921SUSE bug 1238912SUSE bug 1241579SUSE bug 1243648SUSE bug 1244337CVE-2024-50208 at SUSECVE-2024-50208 at NVDCVE-2024-50250 at SUSECVE-2024-50250 at NVDCVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854)
- CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885)
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892)
- CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005)
- CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769)
- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921)
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648)
ImportantSUSE bug 1234854SUSE bug 1234885SUSE bug 1234892SUSE bug 1235005SUSE bug 1235769SUSE bug 1235921SUSE bug 1238912SUSE bug 1241579SUSE bug 1243648SUSE bug 1244337CVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
ImportantSUSE bug 1238912SUSE bug 1241579SUSE bug 1244337CVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
ImportantSUSE bug 1241579SUSE bug 1244337CVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-57882: Fixed mptcp: fix TCP options overflow. (bsc#1235916)
- CVE-2024-46818: Fixed drm/amd/display: check gpio_id before used as array index (bsc#1231204)
- CVE-2024-46815: Fixed drm/amd/display: check num_valid_sets before accessing reader_wm_sets[] (bsc#1231196)
- CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452)
- CVE-2024-50302: Fixed HID: core: zero-initialize the report buffer (bsc#1233679)
- CVE-2024-53104: Fixed media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783)
- CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails (bsc#1230998)
- CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993)
ImportantSUSE bug 1230998SUSE bug 1231196SUSE bug 1231204SUSE bug 1231993SUSE bug 1233679SUSE bug 1235452SUSE bug 1235916SUSE bug 1236783CVE-2024-45016 at SUSECVE-2024-45016 at NVDCVE-2024-46815 at SUSECVE-2024-46815 at NVDCVE-2024-46818 at SUSECVE-2024-46818 at NVDCVE-2024-47684 at SUSECVE-2024-47684 at NVDCVE-2024-50302 at SUSECVE-2024-50302 at NVDCVE-2024-53104 at SUSECVE-2024-53104 at NVDCVE-2024-56648 at SUSECVE-2024-56648 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118)
- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227)
- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854)
- CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885)
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892)
- CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005)
- CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769)
- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921)
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648)
ImportantSUSE bug 1233118SUSE bug 1233227SUSE bug 1234854SUSE bug 1234885SUSE bug 1234892SUSE bug 1235005SUSE bug 1235769SUSE bug 1235921SUSE bug 1238912SUSE bug 1241579SUSE bug 1243648SUSE bug 1244337CVE-2024-50208 at SUSECVE-2024-50208 at NVDCVE-2024-50250 at SUSECVE-2024-50250 at NVDCVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118)
- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227)
- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854)
- CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885)
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892)
- CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005)
- CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769)
- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921)
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648)
ImportantSUSE bug 1233118SUSE bug 1233227SUSE bug 1234854SUSE bug 1234885SUSE bug 1234892SUSE bug 1235005SUSE bug 1235769SUSE bug 1235921SUSE bug 1238912SUSE bug 1241579SUSE bug 1243648SUSE bug 1244337CVE-2024-50208 at SUSECVE-2024-50208 at NVDCVE-2024-50250 at SUSECVE-2024-50250 at NVDCVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854)
- CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885)
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892)
- CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005)
- CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769)
- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921)
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648)
ImportantSUSE bug 1234854SUSE bug 1234885SUSE bug 1234892SUSE bug 1235005SUSE bug 1235769SUSE bug 1235921SUSE bug 1238912SUSE bug 1241579SUSE bug 1243648SUSE bug 1244337CVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
ImportantSUSE bug 1238912SUSE bug 1241579SUSE bug 1244337CVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
ImportantSUSE bug 1241579SUSE bug 1244337CVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
ImportantSUSE bug 1241579SUSE bug 1244337CVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_10 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_10 fixes the following issues:
This is the initial livepatch for SL Micro 6.0 and 6.1 kernel update 10.
Moderatecpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)
ImportantSUSE bug 1235250SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797SUSE bug 1245804CVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)
ImportantSUSE bug 1235250SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797SUSE bug 1245804CVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2024-57882: Fixed mptcp: fix TCP options overflow. (bsc#1235916)
- CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452)
- CVE-2024-50302: Fixed HID: core: zero-initialize the report buffer (bsc#1233679)
- CVE-2024-53104: Fixed media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783)
- CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails (bsc#1230998)
- CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993)
ImportantSUSE bug 1230998SUSE bug 1231993SUSE bug 1233679SUSE bug 1235452SUSE bug 1235916SUSE bug 1236783CVE-2024-45016 at SUSECVE-2024-45016 at NVDCVE-2024-47684 at SUSECVE-2024-47684 at NVDCVE-2024-50302 at SUSECVE-2024-50302 at NVDCVE-2024-53104 at SUSECVE-2024-53104 at NVDCVE-2024-56648 at SUSECVE-2024-56648 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1244337SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)
ImportantSUSE bug 1235250SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797SUSE bug 1245804CVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)
ImportantSUSE bug 1235250SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797SUSE bug 1245804CVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)
ImportantSUSE bug 1235250SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797SUSE bug 1245804CVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1244337SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1244337SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).
- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).
- CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).
- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028).
- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).
- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).
- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).
- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).
- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).
- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).
- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).
- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).
- CVE-2024-56638: kABI fix for "netfilter: nft_inner: incorrect percpu area handling under softirq" (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).
- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113).
- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114).
- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).
- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).
- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).
- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).
- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).
- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).
- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).
- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).
- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).
- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).
- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).
- CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle (bsc#1236698).
- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).
- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).
- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).
- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).
- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).
- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).
- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).
- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).
- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).
- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).
- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).
- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
The following non-security bugs were fixed:
- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).
- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).
- ALSA: seq: Make dependency on UMP clearer (git-fixes).
- ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-fixes).
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).
- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).
- ASoC: ops: Consistently treat platform_max as control value (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).
- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- Fix memory-hotplug regression (bsc#1237504)
- Grab mm lock before grabbing pt lock (git-fixes).
- HID: Enable playstation driver independently of sony driver (git-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).
- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).
- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).
- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).
- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- Input: ads7846 - fix gpiod allocation (git-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- Input: iqs7222 - preserve system status register (git-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - rename QH controller to Legion Go S (stable-fixes).
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).
- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).
- KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes).
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes).
- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).
- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes).
- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).
- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).
- Move upstreamed ACPI patch into sorted section
- Move upstreamed PCI and initramfs patches into sorted section
- Move upstreamed nfsd and sunrpc patches into sorted section
- Move upstreamed powerpc and SCSI patches into sorted section
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- PCI/DOE: Support discovery version 2 (bsc#1237853)
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- PCI: Use downstream bridges for distributing resources (bsc#1237325).
- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).
- PCI: brcmstb: Use internal register to change link capability (git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).
- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- RDMA/efa: Reset device on probe failure (git-fixes)
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Reapply "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes).
- Revert "dm: requeue IO if mapping table not yet available" (git-fixes).
- Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (git-fixes).
- Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes).
- Revert "leds-pca955x: Remove the unused function pca95xx_num_led_regs()" (stable-fixes).
- Revert "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "wifi: ath11k: support hibernation" (bsc#1207948).
- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).
- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).
- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).
- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).
- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).
- Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094)
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- add nf_tables for iptables non-legacy network handling.
- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- bio-integrity: do not restrict the size of integrity metadata (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558).
- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).
- blk-mq: add number of queue calc helper (bsc#1236897).
- blk-mq: create correct map for fallback case (bsc#1236896).
- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).
- blk_iocost: remove some duplicate irq disable/enables (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add check of 'minors' and 'first_minor' in device_add_disk() (git-fixes).
- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).
- block: change rq_integrity_vec to respect the iterator (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- block: ensure we hold a queue reference when using queue limits (git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).
- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).
- block: retry call probe after request_module in blk_request_module (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- block: use the right type for stub rq_integrity_vec() (git-fixes).
- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).
- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).
- cifs: Remove intermediate object of failed create reparse call (git-fixes).
- cifs: commands that are retried should have replay flag set (bsc#1231432).
- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).
- cifs: helper function to check replayable error codes (bsc#1231432).
- cifs: new mount option called retrans (bsc#1231432).
- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).
- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).
- cifs: update desired access while requesting for directory lease (git-fixes).
- cifs: update the same create_guid on replay (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- config: Set gcc version (jsc#PED-12251).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).
- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).
- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (jsc#PED-12416).
- crypto: qat - Fix typo "accelaration" (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix "Full Going True" macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- doc/README.SUSE: Point to the updated version of LKMPG
- doc: update managed_irq documentation (bsc#1236897).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).
- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake "gettin" -> "getting" (git-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).
- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).
- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
- drm/i915/selftests: avoid using uninitialized context (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).
- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).
- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).
- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes).
- eth: gve: use appropriate helper to set xdp_features (git-fixes).
- exfat: convert to ctime accessor functions (git-fixes).
- exfat: do not zero the extended part (bsc#1237356).
- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).
- exfat: fix file being changed by unaligned direct write (git-fixes).
- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).
- exfat: fix zero the unwritten part for dio read (git-fixes).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- futex: Do not include process MM in futex key on no-MMU (git-fixes).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).
- gpio: pca953x: Improve interrupt support (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
- gup: make the stack expansion warning a bit more targeted (bsc#1238214).
- hfs: Sanity check the root record (git-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).
- ice: gather page_count()'s of each frag right before XDP prog call (git-fixes).
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).
- ice: put Rx buffers after being done with current frame (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).
- igc: return early when failing to read EECD register (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kabi: fix bus type (bsc#1236896).
- kabi: fix group_cpus_evenly (bsc#1236897).
- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).
- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).
- kernel-source: Also replace bin/env
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).
- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lib: stackinit: hide never-taken branch from compiler (stable-fixes).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).
- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).
- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).
- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes).
- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/raid0: do not free conf on raid0_run failure (git-fixes).
- md/raid1: do not free conf on raid0_run failure (git-fixes).
- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).
- md: Do not flush sync_work in md_write_start() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: ov08x40: Fix hblank out of range issue (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: "__ALIGN_KERNEL" redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).
- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mptcp: export local_address (git-fixes)
- mptcp: fix NL PM announced address accounting (git-fixes)
- mptcp: fix data races on local_id (git-fixes)
- mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- mptcp: pm: do not try to create sf if alloc failed (git-fixes)
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- mptcp: pm: reduce indentation blocks (git-fixes)
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- mptcp: unify pm get_local_id interfaces (git-fixes)
- mptcp: unify pm set_flags interfaces (git-fixes)
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions (git-fixes).
- nbd: do not allow reconnect after disconnect (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- net l2tp: drop flow hash on forward (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).
- net: Fix undefined behavior in netdev name allocation (bsc#1233749).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: check for altname conflicts when changing netdev's netns (bsc#1233749).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- net: do not send a MOVE event when netdev changes netns (bsc#1233749).
- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: fix removing a namespace with conflicting altnames (bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: move altnames together with the netdevice (bsc#1233749).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).
- net: remove else after return in dev_prep_valid_name() (bsc#1233749).
- net: rose: lock the socket in rose_bind() (git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).
- net: smc: fix spurious error message from __sock_release() (bsc#1237126).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).
- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).
- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563).
- padata: fix sysfs store callback check (git-fixes).
- partitions: ldm: remove the initial kernel-doc notation (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).
- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).
- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (ltc#210895 bsc#1235933 ltc#210896
bsc#1235932).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).
- powerpc: Stop using no_llseek (bsc#1239573).
- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).
- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).
- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).
- rbd: do not move requests to the running list on errors (git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205).
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).
- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).
- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices (bsc#1236752).
- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/topology: Improve topology detection (bsc#1236591).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).
- scsi: core: Clear driver private data when retrying request (git-fixes).
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- scsi: core: Handle depopulation and restoration in progress (git-fixes).
- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).
- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).
- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).
- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).
- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).
- scsi: myrb: Remove dead code (git-fixes).
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes).
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- scsi: sg: Enable runtime power management (git-fixes).
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).
- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).
- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).
- scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- selftest: hugetlb_dio: fix test naming (git-fixes).
- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).
- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).
- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb3: fix creating FIFOs when mounting with "sfu" mount option (git-fixes).
- smb3: request handle caching when caching directories (bsc#1231432).
- smb3: retrying on failed server close (bsc#1231432).
- smb: cached directories can be more than root file handle (bsc#1231432).
- smb: cilent: set reparse mount points as automounts (git-fixes).
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).
- smb: client: Fix minor whitespace errors and warnings (git-fixes).
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).
- smb: client: add support for WSL reparse points (git-fixes).
- smb: client: allow creating special files via reparse points (git-fixes).
- smb: client: allow creating symlinks via reparse points (git-fixes).
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- smb: client: do not query reparse points twice on symlinks (git-fixes).
- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).
- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).
- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).
- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).
- smb: client: fix hardlinking of reparse points (git-fixes).
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- smb: client: fix possible double free in smb2_set_ea() (git-fixes).
- smb: client: fix potential broken compound request (git-fixes).
- smb: client: fix renaming of reparse points (git-fixes).
- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).
- smb: client: handle path separator of created SMB symlinks (git-fixes).
- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).
- smb: client: ignore unhandled reparse tags (git-fixes).
- smb: client: implement ->query_reparse_point() for SMB1 (git-fixes).
- smb: client: instantiate when creating SFU files (git-fixes).
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- smb: client: introduce reparse mount option (git-fixes).
- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).
- smb: client: move most of reparse point handling code to common file (git-fixes).
- smb: client: move some params to cifs_open_info_data (bsc#1231432).
- smb: client: optimise reparse point querying (git-fixes).
- smb: client: parse owner/group when creating reparse points (git-fixes).
- smb: client: parse reparse point flag in create response (bsc#1231432).
- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).
- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).
- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).
- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).
- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- smb: client: retry compound request without reusing lease (git-fixes).
- smb: client: return reparse type in /proc/mounts (git-fixes).
- smb: client: reuse file lease key in compound operations (git-fixes).
- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).
- smb: client: set correct file type from NFS reparse points (git-fixes).
- smb: client: stop revalidating reparse points unnecessarily (git-fixes).
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes).
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- tty: xilinx_uartps: split sysrq handling (git-fixes).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).
- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).
- usbnet: ipheth: document scope of NCM implementation (stable-fixes).
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- vfio/pci: Lock external INTx masking ops (bsc#1222803).
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- virtio-mem: check if the config changed before fake offlining memory (git-fixes).
- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).
- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).
- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).
- vsock/virtio: cancel close work in the destructor (git-fixes)
- vsock: Keep the binding until socket destruction (git-fixes)
- vsock: reset socket state when de-assigning the transport (git-fixes)
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/asm: Make serialize() always_inline (git-fixes).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle "nosmt" correctly (git-fixes).
- x86/microcode: Handle "offline" CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).
- xen/swiotlb: relax alignment requirements (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- zram: fix potential UAF of zram table (git-fixes).
- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).
- zram: refuse to use zero sized block device as backing device (git-fixes).
- zram: split memory-tracking and ac-time tracking (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1207948SUSE bug 1215199SUSE bug 1215211SUSE bug 1218470SUSE bug 1219367SUSE bug 1221651SUSE bug 1222649SUSE bug 1222672SUSE bug 1222803SUSE bug 1223047SUSE bug 1224049SUSE bug 1224489SUSE bug 1224610SUSE bug 1225533SUSE bug 1225606SUSE bug 1225742SUSE bug 1225770SUSE bug 1225981SUSE bug 1226871SUSE bug 1227858SUSE bug 1227937SUSE bug 1228521SUSE bug 1228653SUSE bug 1229311SUSE bug 1229361SUSE bug 1230235SUSE bug 1230438SUSE bug 1230439SUSE bug 1230497SUSE bug 1230728SUSE bug 1230769SUSE bug 1230832SUSE bug 1231088SUSE bug 1231293SUSE bug 1231432SUSE bug 1231912SUSE bug 1231920SUSE bug 1231949SUSE bug 1232159SUSE bug 1232198SUSE bug 1232201SUSE bug 1232299SUSE bug 1232364SUSE bug 1232389SUSE bug 1232421SUSE bug 1232508SUSE bug 1232520SUSE bug 1232743SUSE bug 1232812SUSE bug 1232848SUSE bug 1232895SUSE bug 1232919SUSE bug 1233028SUSE bug 1233033SUSE bug 1233060SUSE bug 1233109SUSE bug 1233221SUSE bug 1233248SUSE bug 1233259SUSE bug 1233260SUSE bug 1233479SUSE bug 1233483SUSE bug 1233522SUSE bug 1233551SUSE bug 1233557SUSE bug 1233749SUSE bug 1234070SUSE bug 1234222SUSE bug 1234480SUSE bug 1234828SUSE bug 1234853SUSE bug 1234857SUSE bug 1234891SUSE bug 1234894SUSE bug 1234895SUSE bug 1234896SUSE bug 1234936SUSE bug 1234963SUSE bug 1235054SUSE bug 1235061SUSE bug 1235073SUSE bug 1235244SUSE bug 1235435SUSE bug 1235436SUSE bug 1235441SUSE bug 1235455SUSE bug 1235485SUSE bug 1235501SUSE bug 1235524SUSE bug 1235589SUSE bug 1235591SUSE bug 1235592SUSE bug 1235599SUSE bug 1235609SUSE bug 1235621SUSE bug 1235637SUSE bug 1235698SUSE bug 1235711SUSE bug 1235712SUSE bug 1235715SUSE bug 1235729SUSE bug 1235733SUSE bug 1235761SUSE bug 1235870SUSE bug 1235874SUSE bug 1235914SUSE bug 1235932SUSE bug 1235933SUSE bug 1235973SUSE bug 1236099SUSE bug 1236111SUSE bug 1236113SUSE bug 1236114SUSE bug 1236115SUSE bug 1236122SUSE bug 1236123SUSE bug 1236133SUSE bug 1236138SUSE bug 1236199SUSE bug 1236200SUSE bug 1236203SUSE bug 1236205SUSE bug 1236206SUSE bug 1236333SUSE bug 1236573SUSE bug 1236575SUSE bug 1236576SUSE bug 1236591SUSE bug 1236661SUSE bug 1236677SUSE bug 1236680SUSE bug 1236681SUSE bug 1236682SUSE bug 1236683SUSE bug 1236684SUSE bug 1236685SUSE bug 1236689SUSE bug 1236692SUSE bug 1236694SUSE bug 1236698SUSE bug 1236700SUSE bug 1236702SUSE bug 1236752SUSE bug 1236757SUSE bug 1236758SUSE bug 1236759SUSE bug 1236760SUSE bug 1236761SUSE bug 1236821SUSE bug 1236822SUSE bug 1236896SUSE bug 1236897SUSE bug 1236952SUSE bug 1236967SUSE bug 1236994SUSE bug 1237007SUSE bug 1237017SUSE bug 1237025SUSE bug 1237028SUSE bug 1237029SUSE bug 1237045SUSE bug 1237126SUSE bug 1237132SUSE bug 1237139SUSE bug 1237155SUSE bug 1237158SUSE bug 1237159SUSE bug 1237164SUSE bug 1237232SUSE bug 1237234SUSE bug 1237313SUSE bug 1237325SUSE bug 1237356SUSE bug 1237415SUSE bug 1237452SUSE bug 1237504SUSE bug 1237521SUSE bug 1237530SUSE bug 1237558SUSE bug 1237562SUSE bug 1237563SUSE bug 1237565SUSE bug 1237571SUSE bug 1237848SUSE bug 1237849SUSE bug 1237853SUSE bug 1237856SUSE bug 1237873SUSE bug 1237875SUSE bug 1237876SUSE bug 1237877SUSE bug 1237879SUSE bug 1237881SUSE bug 1237885SUSE bug 1237889SUSE bug 1237890SUSE bug 1237891SUSE bug 1237894SUSE bug 1237897SUSE bug 1237900SUSE bug 1237901SUSE bug 1237906SUSE bug 1237907SUSE bug 1237911SUSE bug 1237912SUSE bug 1237950SUSE bug 1238212SUSE bug 1238214SUSE bug 1238303SUSE bug 1238347SUSE bug 1238368SUSE bug 1238474SUSE bug 1238475SUSE bug 1238479SUSE bug 1238494SUSE bug 1238496SUSE bug 1238497SUSE bug 1238500SUSE bug 1238501SUSE bug 1238502SUSE bug 1238503SUSE bug 1238506SUSE bug 1238507SUSE bug 1238509SUSE bug 1238510SUSE bug 1238511SUSE bug 1238512SUSE bug 1238521SUSE bug 1238523SUSE bug 1238525SUSE bug 1238526SUSE bug 1238528SUSE bug 1238529SUSE bug 1238531SUSE bug 1238532SUSE bug 1238570SUSE bug 1238715SUSE bug 1238716SUSE bug 1238734SUSE bug 1238735SUSE bug 1238736SUSE bug 1238738SUSE bug 1238739SUSE bug 1238747SUSE bug 1238751SUSE bug 1238753SUSE bug 1238754SUSE bug 1238757SUSE bug 1238759SUSE bug 1238760SUSE bug 1238762SUSE bug 1238763SUSE bug 1238767SUSE bug 1238768SUSE bug 1238771SUSE bug 1238772SUSE bug 1238773SUSE bug 1238775SUSE bug 1238780SUSE bug 1238781SUSE bug 1238785SUSE bug 1238860SUSE bug 1238863SUSE bug 1238864SUSE bug 1238865SUSE bug 1238876SUSE bug 1238877SUSE bug 1238903SUSE bug 1238904SUSE bug 1238905SUSE bug 1238909SUSE bug 1238911SUSE bug 1238917SUSE bug 1238958SUSE bug 1238959SUSE bug 1238963SUSE bug 1238964SUSE bug 1238969SUSE bug 1238971SUSE bug 1238973SUSE bug 1238975SUSE bug 1238978SUSE bug 1238979SUSE bug 1238981SUSE bug 1238984SUSE bug 1238986SUSE bug 1238993SUSE bug 1238994SUSE bug 1238997SUSE bug 1239015SUSE bug 1239016SUSE bug 1239027SUSE bug 1239029SUSE bug 1239030SUSE bug 1239033SUSE bug 1239034SUSE bug 1239036SUSE bug 1239037SUSE bug 1239038SUSE bug 1239039SUSE bug 1239045SUSE bug 1239065SUSE bug 1239068SUSE bug 1239073SUSE bug 1239076SUSE bug 1239080SUSE bug 1239085SUSE bug 1239087SUSE bug 1239095SUSE bug 1239104SUSE bug 1239105SUSE bug 1239109SUSE bug 1239112SUSE bug 1239114SUSE bug 1239115SUSE bug 1239117SUSE bug 1239167SUSE bug 1239174SUSE bug 1239346SUSE bug 1239349SUSE bug 1239435SUSE bug 1239467SUSE bug 1239468SUSE bug 1239471SUSE bug 1239473SUSE bug 1239474SUSE bug 1239477SUSE bug 1239478SUSE bug 1239479SUSE bug 1239481SUSE bug 1239482SUSE bug 1239483SUSE bug 1239484SUSE bug 1239486SUSE bug 1239508SUSE bug 1239512SUSE bug 1239518SUSE bug 1239573SUSE bug 1239594SUSE bug 1239595SUSE bug 1239600SUSE bug 1239605SUSE bug 1239615SUSE bug 1239644SUSE bug 1239707SUSE bug 1239986SUSE bug 1239994SUSE bug 1240169SUSE bug 1240172SUSE bug 1240173SUSE bug 1240175SUSE bug 1240177SUSE bug 1240179SUSE bug 1240182SUSE bug 1240183SUSE bug 1240186SUSE bug 1240188SUSE bug 1240189SUSE bug 1240191SUSE bug 1240192SUSE bug 1240333SUSE bug 1240334CVE-2023-52831 at SUSECVE-2023-52831 at NVDCVE-2023-52924 at SUSECVE-2023-52924 at NVDCVE-2023-52925 at SUSECVE-2023-52925 at NVDCVE-2023-52926 at SUSECVE-2023-52926 at NVDCVE-2023-52927 at SUSECVE-2023-52927 at NVDCVE-2024-26634 at SUSECVE-2024-26634 at NVDCVE-2024-26708 at SUSECVE-2024-26708 at NVDCVE-2024-26810 at SUSECVE-2024-26810 at NVDCVE-2024-26873 at SUSECVE-2024-26873 at NVDCVE-2024-35826 at SUSECVE-2024-35826 at NVDCVE-2024-35910 at SUSECVE-2024-35910 at NVDCVE-2024-38606 at SUSECVE-2024-38606 at NVDCVE-2024-40980 at SUSECVE-2024-40980 at NVDCVE-2024-41005 at SUSECVE-2024-41005 at NVDCVE-2024-41055 at SUSECVE-2024-41055 at NVDCVE-2024-41077 at SUSECVE-2024-41077 at NVDCVE-2024-41149 at SUSECVE-2024-41149 at NVDCVE-2024-42307 at SUSECVE-2024-42307 at NVDCVE-2024-43820 at SUSECVE-2024-43820 at NVDCVE-2024-44974 at SUSECVE-2024-44974 at NVDCVE-2024-45009 at SUSECVE-2024-45009 at NVDCVE-2024-45010 at SUSECVE-2024-45010 at NVDCVE-2024-46736 at SUSECVE-2024-46736 at NVDCVE-2024-46782 at SUSECVE-2024-46782 at NVDCVE-2024-46796 at SUSECVE-2024-46796 at NVDCVE-2024-46858 at SUSECVE-2024-46858 at NVDCVE-2024-47408 at SUSECVE-2024-47408 at NVDCVE-2024-47701 at SUSECVE-2024-47701 at NVDCVE-2024-47794 at SUSECVE-2024-47794 at NVDCVE-2024-49571 at SUSECVE-2024-49571 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49924 at SUSECVE-2024-49924 at NVDCVE-2024-49940 at SUSECVE-2024-49940 at NVDCVE-2024-49950 at SUSECVE-2024-49950 at NVDCVE-2024-49994 at SUSECVE-2024-49994 at NVDCVE-2024-50029 at SUSECVE-2024-50029 at NVDCVE-2024-50036 at SUSECVE-2024-50036 at NVDCVE-2024-50056 at SUSECVE-2024-50056 at NVDCVE-2024-50073 at SUSECVE-2024-50073 at NVDCVE-2024-50085 at SUSECVE-2024-50085 at NVDCVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-50126 at SUSECVE-2024-50126 at NVDCVE-2024-50140 at SUSECVE-2024-50140 at NVDCVE-2024-50142 at SUSECVE-2024-50142 at NVDCVE-2024-50152 at SUSECVE-2024-50152 at NVDCVE-2024-50185 at SUSECVE-2024-50185 at NVDCVE-2024-50251 at SUSECVE-2024-50251 at NVDCVE-2024-50258 at SUSECVE-2024-50258 at NVDCVE-2024-50290 at SUSECVE-2024-50290 at NVDCVE-2024-50294 at SUSECVE-2024-50294 at NVDCVE-2024-50304 at SUSECVE-2024-50304 at NVDCVE-2024-52559 at SUSECVE-2024-52559 at NVDCVE-2024-53057 at SUSECVE-2024-53057 at NVDCVE-2024-53063 at SUSECVE-2024-53063 at NVDCVE-2024-53123 at SUSECVE-2024-53123 at NVDCVE-2024-53140 at SUSECVE-2024-53140 at NVDCVE-2024-53147 at SUSECVE-2024-53147 at NVDCVE-2024-53163 at SUSECVE-2024-53163 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53176 at SUSECVE-2024-53176 at NVDCVE-2024-53177 at SUSECVE-2024-53177 at NVDCVE-2024-53178 at SUSECVE-2024-53178 at NVDCVE-2024-53226 at SUSECVE-2024-53226 at NVDCVE-2024-53239 at SUSECVE-2024-53239 at NVDCVE-2024-53680 at SUSECVE-2024-53680 at NVDCVE-2024-54683 at SUSECVE-2024-54683 at NVDCVE-2024-56539 at SUSECVE-2024-56539 at NVDCVE-2024-56548 at SUSECVE-2024-56548 at NVDCVE-2024-56579 at SUSECVE-2024-56579 at NVDCVE-2024-56592 at SUSECVE-2024-56592 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDCVE-2024-56633 at SUSECVE-2024-56633 at NVDCVE-2024-56638 at SUSECVE-2024-56638 at NVDCVE-2024-56640 at SUSECVE-2024-56640 at NVDCVE-2024-56647 at SUSECVE-2024-56647 at NVDCVE-2024-56658 at SUSECVE-2024-56658 at NVDCVE-2024-56702 at SUSECVE-2024-56702 at NVDCVE-2024-56703 at SUSECVE-2024-56703 at NVDCVE-2024-56718 at SUSECVE-2024-56718 at NVDCVE-2024-56719 at SUSECVE-2024-56719 at NVDCVE-2024-56720 at SUSECVE-2024-56720 at NVDCVE-2024-56751 at SUSECVE-2024-56751 at NVDCVE-2024-56758 at SUSECVE-2024-56758 at NVDCVE-2024-56770 at SUSECVE-2024-56770 at NVDCVE-2024-57807 at SUSECVE-2024-57807 at NVDCVE-2024-57834 at SUSECVE-2024-57834 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDCVE-2024-57889 at SUSECVE-2024-57889 at NVDCVE-2024-57900 at SUSECVE-2024-57900 at NVDCVE-2024-57947 at SUSECVE-2024-57947 at NVDCVE-2024-57948 at SUSECVE-2024-57948 at NVDCVE-2024-57973 at SUSECVE-2024-57973 at NVDCVE-2024-57974 at SUSECVE-2024-57974 at NVDCVE-2024-57978 at SUSECVE-2024-57978 at NVDCVE-2024-57979 at SUSECVE-2024-57979 at NVDCVE-2024-57980 at SUSECVE-2024-57980 at NVDCVE-2024-57981 at SUSECVE-2024-57981 at NVDCVE-2024-57986 at SUSECVE-2024-57986 at NVDCVE-2024-57990 at SUSECVE-2024-57990 at NVDCVE-2024-57993 at SUSECVE-2024-57993 at NVDCVE-2024-57994 at SUSECVE-2024-57994 at NVDCVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-57997 at SUSECVE-2024-57997 at NVDCVE-2024-57999 at SUSECVE-2024-57999 at NVDCVE-2024-58002 at SUSECVE-2024-58002 at NVDCVE-2024-58005 at SUSECVE-2024-58005 at NVDCVE-2024-58006 at SUSECVE-2024-58006 at NVDCVE-2024-58007 at SUSECVE-2024-58007 at NVDCVE-2024-58009 at SUSECVE-2024-58009 at NVDCVE-2024-58011 at SUSECVE-2024-58011 at NVDCVE-2024-58012 at SUSECVE-2024-58012 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2024-58014 at SUSECVE-2024-58014 at NVDCVE-2024-58017 at SUSECVE-2024-58017 at NVDCVE-2024-58019 at SUSECVE-2024-58019 at NVDCVE-2024-58020 at SUSECVE-2024-58020 at NVDCVE-2024-58034 at SUSECVE-2024-58034 at NVDCVE-2024-58051 at SUSECVE-2024-58051 at NVDCVE-2024-58052 at SUSECVE-2024-58052 at NVDCVE-2024-58054 at SUSECVE-2024-58054 at NVDCVE-2024-58055 at SUSECVE-2024-58055 at NVDCVE-2024-58056 at SUSECVE-2024-58056 at NVDCVE-2024-58057 at SUSECVE-2024-58057 at NVDCVE-2024-58058 at SUSECVE-2024-58058 at NVDCVE-2024-58061 at SUSECVE-2024-58061 at NVDCVE-2024-58063 at SUSECVE-2024-58063 at NVDCVE-2024-58069 at SUSECVE-2024-58069 at NVDCVE-2024-58072 at SUSECVE-2024-58072 at NVDCVE-2024-58076 at SUSECVE-2024-58076 at NVDCVE-2024-58078 at SUSECVE-2024-58078 at NVDCVE-2024-58079 at SUSECVE-2024-58079 at NVDCVE-2024-58080 at SUSECVE-2024-58080 at NVDCVE-2024-58083 at SUSECVE-2024-58083 at NVDCVE-2024-58085 at SUSECVE-2024-58085 at NVDCVE-2024-58086 at SUSECVE-2024-58086 at NVDCVE-2025-21631 at SUSECVE-2025-21631 at NVDCVE-2025-21635 at SUSECVE-2025-21635 at NVDCVE-2025-21636 at SUSECVE-2025-21636 at NVDCVE-2025-21637 at SUSECVE-2025-21637 at NVDCVE-2025-21638 at SUSECVE-2025-21638 at NVDCVE-2025-21639 at SUSECVE-2025-21639 at NVDCVE-2025-21640 at SUSECVE-2025-21640 at NVDCVE-2025-21647 at SUSECVE-2025-21647 at NVDCVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21665 at SUSECVE-2025-21665 at NVDCVE-2025-21666 at SUSECVE-2025-21666 at NVDCVE-2025-21667 at SUSECVE-2025-21667 at NVDCVE-2025-21668 at SUSECVE-2025-21668 at NVDCVE-2025-21669 at SUSECVE-2025-21669 at NVDCVE-2025-21670 at SUSECVE-2025-21670 at NVDCVE-2025-21671 at SUSECVE-2025-21671 at NVDCVE-2025-21673 at SUSECVE-2025-21673 at NVDCVE-2025-21675 at SUSECVE-2025-21675 at NVDCVE-2025-21678 at SUSECVE-2025-21678 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDCVE-2025-21681 at SUSECVE-2025-21681 at NVDCVE-2025-21684 at SUSECVE-2025-21684 at NVDCVE-2025-21687 at SUSECVE-2025-21687 at NVDCVE-2025-21688 at SUSECVE-2025-21688 at NVDCVE-2025-21689 at SUSECVE-2025-21689 at NVDCVE-2025-21690 at SUSECVE-2025-21690 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21693 at SUSECVE-2025-21693 at NVDCVE-2025-21697 at SUSECVE-2025-21697 at NVDCVE-2025-21699 at SUSECVE-2025-21699 at NVDCVE-2025-21700 at SUSECVE-2025-21700 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21703 at SUSECVE-2025-21703 at NVDCVE-2025-21704 at SUSECVE-2025-21704 at NVDCVE-2025-21705 at SUSECVE-2025-21705 at NVDCVE-2025-21706 at SUSECVE-2025-21706 at NVDCVE-2025-21708 at SUSECVE-2025-21708 at NVDCVE-2025-21711 at SUSECVE-2025-21711 at NVDCVE-2025-21714 at SUSECVE-2025-21714 at NVDCVE-2025-21715 at SUSECVE-2025-21715 at NVDCVE-2025-21716 at SUSECVE-2025-21716 at NVDCVE-2025-21718 at SUSECVE-2025-21718 at NVDCVE-2025-21719 at SUSECVE-2025-21719 at NVDCVE-2025-21723 at SUSECVE-2025-21723 at NVDCVE-2025-21724 at SUSECVE-2025-21724 at NVDCVE-2025-21725 at SUSECVE-2025-21725 at NVDCVE-2025-21726 at SUSECVE-2025-21726 at NVDCVE-2025-21727 at SUSECVE-2025-21727 at NVDCVE-2025-21728 at SUSECVE-2025-21728 at NVDCVE-2025-21731 at SUSECVE-2025-21731 at NVDCVE-2025-21732 at SUSECVE-2025-21732 at NVDCVE-2025-21733 at SUSECVE-2025-21733 at NVDCVE-2025-21734 at SUSECVE-2025-21734 at NVDCVE-2025-21735 at SUSECVE-2025-21735 at NVDCVE-2025-21736 at SUSECVE-2025-21736 at NVDCVE-2025-21738 at SUSECVE-2025-21738 at NVDCVE-2025-21739 at SUSECVE-2025-21739 at NVDCVE-2025-21741 at SUSECVE-2025-21741 at NVDCVE-2025-21742 at SUSECVE-2025-21742 at NVDCVE-2025-21743 at SUSECVE-2025-21743 at NVDCVE-2025-21744 at SUSECVE-2025-21744 at NVDCVE-2025-21745 at SUSECVE-2025-21745 at NVDCVE-2025-21749 at SUSECVE-2025-21749 at NVDCVE-2025-21750 at SUSECVE-2025-21750 at NVDCVE-2025-21753 at SUSECVE-2025-21753 at NVDCVE-2025-21754 at SUSECVE-2025-21754 at NVDCVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-21759 at SUSECVE-2025-21759 at NVDCVE-2025-21760 at SUSECVE-2025-21760 at NVDCVE-2025-21761 at SUSECVE-2025-21761 at NVDCVE-2025-21762 at SUSECVE-2025-21762 at NVDCVE-2025-21763 at SUSECVE-2025-21763 at NVDCVE-2025-21764 at SUSECVE-2025-21764 at NVDCVE-2025-21765 at SUSECVE-2025-21765 at NVDCVE-2025-21766 at SUSECVE-2025-21766 at NVDCVE-2025-21767 at SUSECVE-2025-21767 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-21773 at SUSECVE-2025-21773 at NVDCVE-2025-21775 at SUSECVE-2025-21775 at NVDCVE-2025-21776 at SUSECVE-2025-21776 at NVDCVE-2025-21779 at SUSECVE-2025-21779 at NVDCVE-2025-21780 at SUSECVE-2025-21780 at NVDCVE-2025-21781 at SUSECVE-2025-21781 at NVDCVE-2025-21782 at SUSECVE-2025-21782 at NVDCVE-2025-21784 at SUSECVE-2025-21784 at NVDCVE-2025-21785 at SUSECVE-2025-21785 at NVDCVE-2025-21790 at SUSECVE-2025-21790 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-21793 at SUSECVE-2025-21793 at NVDCVE-2025-21794 at SUSECVE-2025-21794 at NVDCVE-2025-21795 at SUSECVE-2025-21795 at NVDCVE-2025-21796 at SUSECVE-2025-21796 at NVDCVE-2025-21799 at SUSECVE-2025-21799 at NVDCVE-2025-21802 at SUSECVE-2025-21802 at NVDCVE-2025-21804 at SUSECVE-2025-21804 at NVDCVE-2025-21810 at SUSECVE-2025-21810 at NVDCVE-2025-21815 at SUSECVE-2025-21815 at NVDCVE-2025-21819 at SUSECVE-2025-21819 at NVDCVE-2025-21820 at SUSECVE-2025-21820 at NVDCVE-2025-21821 at SUSECVE-2025-21821 at NVDCVE-2025-21823 at SUSECVE-2025-21823 at NVDCVE-2025-21825 at SUSECVE-2025-21825 at NVDCVE-2025-21828 at SUSECVE-2025-21828 at NVDCVE-2025-21829 at SUSECVE-2025-21829 at NVDCVE-2025-21830 at SUSECVE-2025-21830 at NVDCVE-2025-21831 at SUSECVE-2025-21831 at NVDCVE-2025-21832 at SUSECVE-2025-21832 at NVDCVE-2025-21835 at SUSECVE-2025-21835 at NVDCVE-2025-21838 at SUSECVE-2025-21838 at NVDCVE-2025-21844 at SUSECVE-2025-21844 at NVDCVE-2025-21846 at SUSECVE-2025-21846 at NVDCVE-2025-21847 at SUSECVE-2025-21847 at NVDCVE-2025-21848 at SUSECVE-2025-21848 at NVDCVE-2025-21850 at SUSECVE-2025-21850 at NVDCVE-2025-21855 at SUSECVE-2025-21855 at NVDCVE-2025-21856 at SUSECVE-2025-21856 at NVDCVE-2025-21857 at SUSECVE-2025-21857 at NVDCVE-2025-21858 at SUSECVE-2025-21858 at NVDCVE-2025-21859 at SUSECVE-2025-21859 at NVDCVE-2025-21861 at SUSECVE-2025-21861 at NVDCVE-2025-21862 at SUSECVE-2025-21862 at NVDCVE-2025-21864 at SUSECVE-2025-21864 at NVDCVE-2025-21865 at SUSECVE-2025-21865 at NVDCVE-2025-21866 at SUSECVE-2025-21866 at NVDCVE-2025-21869 at SUSECVE-2025-21869 at NVDCVE-2025-21870 at SUSECVE-2025-21870 at NVDCVE-2025-21871 at SUSECVE-2025-21871 at NVDCVE-2025-21876 at SUSECVE-2025-21876 at NVDCVE-2025-21877 at SUSECVE-2025-21877 at NVDCVE-2025-21878 at SUSECVE-2025-21878 at NVDCVE-2025-21883 at SUSECVE-2025-21883 at NVDCVE-2025-21885 at SUSECVE-2025-21885 at NVDCVE-2025-21886 at SUSECVE-2025-21886 at NVDCVE-2025-21888 at SUSECVE-2025-21888 at NVDCVE-2025-21890 at SUSECVE-2025-21890 at NVDCVE-2025-21891 at SUSECVE-2025-21891 at NVDCVE-2025-21892 at SUSECVE-2025-21892 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1244337SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)
ImportantSUSE bug 1235250SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797SUSE bug 1245804CVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may
- CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707).
- CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:
x86/process: Move the buffer clearing before MONITOR (bsc#1238896).
- CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216).
- CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613).
- CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061).
- CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323).
- CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837).
- CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068).
- CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479).
- CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669).
- CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792).
- CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801).
- CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750).
- CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151).
- CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440).
- CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216).
- CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202).
- CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201).
- CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735).
- CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649).
- CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660).
- CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654).
- CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671).
- CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650).
- CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682).
- CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689).
- CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695).
- CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708).
- CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677).
- CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679).
- CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768).
- CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750).
- CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752).
- CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758).
- CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970).
- CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937).
- CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006).
- CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951).
- CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098).
- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).
- CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980).
- CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044).
- CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983).
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).
- CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020).
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029).
- CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966).
- CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976).
- CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093).
- CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178).
- CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183).
- CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173).
- CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182).
- CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387).
- CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268).
- CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264).
- CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273).
- CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354).
- CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361).
- CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473).
- CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384).
- CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250).
- CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253).
- CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777).
- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
- CVE-2025-38352: posix-cpu-timers: fix race between
handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).
- CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091).
- CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023).
- CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178).
- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).
- CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031).
- CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169).
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156).
- CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097).
- CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141).
- CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145).
- CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252).
- CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253).
- CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101).
- CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098).
- CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).
- CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103).
- CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104).
- CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113).
- CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118).
- CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288).
- CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450).
- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
The following non-security bugs were fixed:
- ACPI: LPSS: Remove AudioDSP related ID (git-fixes).
- ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122).
- ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes).
- ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes).
- ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes).
- ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable-fixes).
- ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable-fixes).
- ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes).
- ALSA: hda/tegra: Add Tegra264 support (stable-fixes).
- ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes).
- ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable-fixes).
- ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes).
- ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git-fixes).
- ALSA: sb: Do not allow changing the DMA mode during operations (stable-fixes).
- ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes).
- ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes).
- ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable-fixes).
- ASoC: amd: yc: update quirk data for HP Victus (stable-fixes).
- ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes).
- ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes).
- ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes).
- ASoC: cs35l56: probe() should fail if the device ID is not recognized (git-fixes).
- ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git-fixes).
- ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes).
- ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes).
- ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git-fixes).
- Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes).
- Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes).
- Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes).
- Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes).
- Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes).
- Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes).
- Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes).
- Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes).
- Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes).
- Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git-fixes).
- Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git-fixes).
- Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes).
- Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes).
- Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes).
- Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes).
- Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes).
- Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes).
- Bluetooth: hci_sync: revert some mesh modifications (git-fixes).
- Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes).
- Documentation: ACPI: Fix parent device references (git-fixes).
- Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes).
- Fix dma_unmap_sg() nents value (git-fixes)
- HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes).
- HID: core: do not bypass hid_hw_raw_request (stable-fixes).
- HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes).
- HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes).
- HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable-fixes).
- HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable-fixes).
- IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes)
- Input: iqs7222 - explicitly define number of external channels (git-fixes).
- Input: xpad - adjust error handling for disconnect (git-fixes).
- Input: xpad - set correct controller type for Acer NGR200 (git-fixes).
- Input: xpad - support Acer NGR 200 Controller (stable-fixes).
- Logitech C-270 even more broken (stable-fixes).
- Move upstreamed SCSI and ACPI patches into sorted section
- NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes).
- NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes).
- NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git-fixes).
- NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes).
- NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git-fixes).
- NFSv4.2: another fix for listxattr (git-fixes).
- NFSv4.2: fix listxattr to return selinux security label (git-fixes).
- NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes).
- NFSv4: Always set NLINK even if the server does not support it (git-fixes).
- NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes).
- PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457).
- PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes).
- PCI: endpoint: Fix configfs group list head handling (git-fixes).
- PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes).
- PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes).
- PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes).
- PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457).
- PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes).
- PM / devfreq: Check governor before using governor->name (git-fixes).
- RDMA/core: Rate limit GID cache warning messages (git-fixes)
- RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes)
- RDMA/hns: Drop GFP_NOWARN (git-fixes)
- RDMA/hns: Fix -Wframe-larger-than issue (git-fixes)
- RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes)
- RDMA/hns: Fix accessing uninitialized resources (git-fixes)
- RDMA/hns: Fix double destruction of rsv_qp (git-fixes)
- RDMA/hns: Get message length of ack_req from FW (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- RDMA/mlx5: Fix CC counters query for MPV (git-fixes)
- RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes)
- RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes)
- RDMA/mlx5: Fix vport loopback for MPV device (git-fixes)
- RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes)
- RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes)
- RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes)
- RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes).
- Revert "ACPI: battery: negate current when discharging" (stable-fixes).
- Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338).
- Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes).
- Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git-fixes).
- Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git-fixes).
- Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes).
- SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes).
- USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes).
- USB: serial: option: add Foxconn T99W640 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable-fixes).
- [SMB3] send channel sequence number in SMB3 requests after reconnects (git-fixes).
- af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes).
- af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093).
- amd/amdkfd: fix a kfd_process ref leak (stable-fixes).
- aoe: clean device rq_list in aoedev_downdev() (git-fixes).
- apple-mfi-fastcharge: protect first device name (git-fixes).
- ata: pata_cs5536: fix build on 32-bit UML (stable-fixes).
- audit,module: restore audit logging in load failure case (git-fixes).
- bpf, sockmap: Fix sk_msg_reset_curr (git-fixes).
- bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes).
- bpf/selftests: Check errno when percpu map value size exceeds (git-fixes).
- bpf: Add a possibly-zero-sized read test (git-fixes).
- bpf: Avoid __hidden__ attribute in static object (git-fixes).
- bpf: Check percpu map value size first (git-fixes).
- bpf: Disable some `attribute ignored' warnings in GCC (git-fixes).
- bpf: Fix memory leak in bpf_core_apply (git-fixes).
- bpf: Fix potential integer overflow in resolve_btfids (git-fixes).
- bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes).
- bpf: Make the pointer returned by iter next method valid (git-fixes).
- bpf: Simplify checking size of helper accesses (git-fixes).
- bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes).
- bpf: sockmap, updating the sg structure should also update curr (git-fixes).
- bpftool: Fix missing pids during link show (git-fixes).
- bpftool: Fix undefined behavior caused by shifting into the sign bit (git-fixes).
- bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes).
- bpftool: Remove unnecessary source files from bootstrap version (git-fixes).
- bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes).
- btrfs: do not ignore inode missing when replaying log tree (git-fixes).
- btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes).
- btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes).
- btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068)
- btrfs: fix assertion when building free space tree (git-fixes).
- btrfs: fix inode lookup error handling during log replay (git-fixes).
- btrfs: fix invalid inode pointer dereferences during log replay (git-fixes).
- btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes).
- btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes).
- btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes).
- btrfs: fix ssd_spread overallocation (git-fixes).
- btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068)
- btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes).
- btrfs: rename err to ret in btrfs_rmdir() (git-fixes).
- btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes).
- btrfs: return a btrfs_inode from read_one_inode() (git-fixes).
- btrfs: tests: fix chunk map leak after failure to add it to the tree (git-fixes).
- btrfs: update superblock's device bytes_used when dropping chunk (git-fixes).
- btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes).
- btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes).
- bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes).
- bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes).
- can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes).
- can: dev: can_restart(): reverse logic to remove need for goto (stable-fixes).
- can: kvaser_pciefd: Store device channel index (git-fixes).
- can: kvaser_usb: Assign netdev.dev_port based on device channel index (git-fixes).
- can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes).
- can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes).
- can: peak_usb: fix USB FD devices potential malfunction (git-fixes).
- cdc-acm: fix race between initial clearing halt and open (git-fixes).
- cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789).
- cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166).
- cifs: reconnect helper should set reconnect for the right channel (git-fixes).
- clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes).
- clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes).
- clk: sunxi-ng: v3s: Fix de clock definition (git-fixes).
- clk: xilinx: vcu: unregister pll_post only if registered correctly (git-fixes).
- clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457).
- clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457).
- comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes).
- comedi: Fix initialization of data for instructions that write to subdevice (git-fixes).
- comedi: Fix some signed shift left operations (git-fixes).
- comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes).
- comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes).
- comedi: das16m1: Fix bit shift out of bounds (git-fixes).
- comedi: das6402: Fix bit shift out of bounds (git-fixes).
- comedi: pcl812: Fix bit shift out of bounds (git-fixes).
- compiler_types.h: Define __retain for __attribute__((__retain__)) (git-fixes).
- config: enable RBD (jsc#PED-13238)
- crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes).
- crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes).
- crypto: ccp - Fix locking on alloc failure handling (git-fixes).
- crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes).
- crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes).
- crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes).
- crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes).
- crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes).
- crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes).
- crypto: qat - fix state restore for banks with exceptions (git-fixes).
- crypto: qat - flush misc workqueue during device shutdown (git-fixes).
- crypto: qat - use unmanaged allocation for dc_data (git-fixes).
- crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes).
- dm-bufio: fix sched in atomic context (git-fixes).
- dm-flakey: error all IOs when num_features is absent (git-fixes).
- dm-flakey: make corrupting read bios work (git-fixes).
- dm-mirror: fix a tiny race condition (git-fixes).
- dm-raid: fix variable in journal device check (git-fixes).
- dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes).
- dm: do not change md if dm_table_set_restrictions() fails (git-fixes).
- dm: free table mempools if not used in __bind (git-fixes).
- dm: restrict dm device size to 2^63-512 bytes (git-fixes).
- dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes).
- dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes).
- dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes).
- dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git-fixes).
- dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes).
- dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes).
- dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes).
- dmaengine: xilinx_dma: Set dma_device directions (stable-fixes).
- drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes).
- drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git-fixes).
- drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes).
- drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes).
- drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes).
- drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes).
- drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git-fixes).
- drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes).
- drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes).
- drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes).
- drm/exynos: fimd: Guard display clock control with runtime PM calls (git-fixes).
- drm/framebuffer: Acquire internal references on GEM handles (git-fixes).
- drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes).
- drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes).
- drm/i915/gsc: mei interrupt top half should be in irq disabled context (git-fixes).
- drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes).
- drm/i915/selftests: Change mock_request() to return error pointers (git-fixes).
- drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes).
- drm/msm: Fix a fence leak in submit error path (stable-fixes).
- drm/msm: Fix another leak in the submit error path (stable-fixes).
- drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes).
- drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes).
- drm/sched: Increment job count before swapping tail spsc queue (git-fixes).
- drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes).
- drm/scheduler: signal scheduled fence when kill job (stable-fixes).
- drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes).
- drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes).
- drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes).
- exfat: fdatasync flag should be same like generic_write_sync() (git-fixes).
- fbcon: Fix outdated registered_fb reference in comment (git-fixes).
- fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes).
- firewire: ohci: correct code comments about bus_reset tasklet (git-fixes).
- fs/jfs: consolidate sanity checking in dbMount (git-fixes).
- fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes).
- gpio: mlxbf2: use platform_get_irq_optional() (git-fixes).
- gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes).
- gpio: sim: include a missing header (git-fixes).
- gpio: vf610: add locking to gpio direction functions (git-fixes).
- gpio: virtio: Fix config space reading (git-fixes).
- gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes).
- gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes).
- gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300).
- gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300).
- gpiolib: cdev: Ignore reconfiguration without direction (git-fixes).
- gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes).
- hfs: make splice write available again (git-fixes).
- hfsplus: make splice write available again (git-fixes).
- hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes).
- hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203).
- hwmon: (corsair-cpro) Validate the size of the received input buffer (git-fixes).
- hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes).
- hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes).
- hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes).
- i2c/designware: Fix an initialization issue (git-fixes).
- i2c: qup: jump out of the loop in case of timeout (git-fixes).
- i2c: stm32: fix the device used for the DMA map (git-fixes).
- i2c: tegra: Fix reset error handling with ACPI (git-fixes).
- i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes).
- i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes).
- iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git-fixes).
- iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes).
- iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable-fixes).
- iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes).
- iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes).
- iio: adc: max1363: Reorder mode_list[] entries (stable-fixes).
- iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes).
- iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes).
- iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes).
- iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes).
- iommu/amd: Set the pgsize_bitmap correctly (git-fixes).
- iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes).
- iommu/vt-d: Fix possible circular locking dependency (git-fixes).
- iommu/vt-d: Fix system hang on reboot -f (git-fixes).
- ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes).
- ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes).
- ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes).
- ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes).
- iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes).
- jfs: fix metapage reference count leak in dbAllocCtl (git-fixes).
- kABI workaround for struct drm_framebuffer changes (git-fixes).
- kABI: Fix the module::name type in audit_context (git-fixes).
- kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes).
- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).
- leds: multicolor: Fix intensity setting while SW blinking (stable-fixes).
- lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897).
- lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897).
- maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes).
- md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes).
- media: gspca: Add bounds checking to firmware parser (git-fixes).
- media: hi556: correct the test pattern configuration (git-fixes).
- media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes).
- media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes).
- media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git-fixes).
- media: usbtv: Lock resolution while streaming (git-fixes).
- media: uvcvideo: Do not mark valid metadata as invalid (git-fixes).
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git-fixes).
- media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes).
- media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes).
- media: venus: Add a check for packet size after reading from shared memory (git-fixes).
- media: venus: hfi: explicitly release IRQ during teardown (git-fixes).
- media: venus: protect against spurious interrupts during probe (git-fixes).
- media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: vivid: fix wrong pixel_array control size (git-fixes).
- memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git-fixes).
- mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes).
- misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes).
- mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes).
- mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes).
- mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes).
- mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes).
- module: Fix memory deallocation on error path in move_module() (git-fixes).
- module: Remove unnecessary +1 from last_unloaded_module::name size (git-fixes).
- module: Restore the moduleparam prefix length check (git-fixes).
- mtd: fix possible integer overflow in erase_xfer() (git-fixes).
- mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes).
- mtd: rawnand: atmel: set pmecc data setup time (git-fixes).
- mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes).
- mtd: rawnand: renesas: Add missing check after DMA map (git-fixes).
- mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes).
- mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes).
- mtd: spinand: fix memory leak of ECC engine conf (stable-fixes).
- mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes).
- mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes).
- mtk-sd: Prevent memory corruption from DMA map failure (git-fixes).
- mtk-sd: reset host->mrq on prepare_data() error (git-fixes).
- mwl8k: Add missing check after DMA map (git-fixes).
- nbd: fix uaf in nbd_genl_connect() error path (git-fixes).
- net/packet: fix a race in packet_set_ring() and packet_notifier() (git-fixes).
- net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes).
- net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git-fixes).
- net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git-fixes).
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes).
- net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes).
- net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes).
- net: mana: Add debug logs in MANA network driver (bsc#1246212).
- net: mana: Add handler for hardware servicing events (bsc#1245730).
- net: mana: Allocate MSI-X vectors dynamically (bsc#1245457).
- net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457).
- net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203).
- net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729).
- net: mana: Set tx_packets to post gso processing packet count (bsc#1245731).
- net: mana: explain irq_setup() algorithm (bsc#1245457).
- net: phy: Do not register LEDs for genphy (git-fixes).
- net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes).
- net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes).
- net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git-fixes).
- net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes).
- net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git-fixes).
- net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes).
- net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes).
- net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes).
- netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes).
- nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git-fixes).
- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes).
- nilfs2: reject invalid file types when reading inodes (git-fixes).
- nvme-pci: refresh visible attrs after being checked (git-fixes).
- nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes).
- nvme: fix endianness of command word prints in nvme_log_err_passthru() (git-fixes).
- nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes).
- nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes).
- nvmet-tcp: fix callback lock for TLS handshake (git-fixes).
- objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes).
- objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes).
- objtool: Fix _THIS_IP_ detection for cold functions (git-fixes).
- objtool: Fix error handling inconsistencies in check() (git-fixes).
- objtool: Ignore dangling jump table entries (git-fixes).
- objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes).
- objtool: Properly disable uaccess validation (git-fixes).
- objtool: Silence more KCOV warnings (git-fixes).
- objtool: Silence more KCOV warnings, part 2 (git-fixes).
- objtool: Stop UNRET validation on UD2 (git-fixes).
- pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes).
- pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes).
- perf: Fix sample vs do_exit() (bsc#1246547).
- phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git-fixes).
- pinctrl: amd: Clear GPIO debounce for suspend (git-fixes).
- pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes).
- pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes).
- pinmux: fix race causing mux_owner NULL with active mux_usecount (git-fixes).
- platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git-fixes).
- platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git-fixes).
- platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes).
- platform/mellanox: mlxreg-lc: Fix logic error in power state check (git-fixes).
- platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes).
- platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes).
- platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes).
- platform/x86: think-lmi: Create ksets consecutively (stable-fixes).
- platform/x86: think-lmi: Fix kobject cleanup (git-fixes).
- platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes).
- power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes).
- power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git-fixes).
- powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes).
- powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git-fixes).
- powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes).
- powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes).
- ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506).
- pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes).
- pwm: mediatek: Ensure to disable clocks in error path (git-fixes).
- regmap: fix potential memory leak of regmap_bus (git-fixes).
- regulator: fan53555: add enable_time support and soft-start times (stable-fixes).
- regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git-fixes).
- regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes).
- resource: fix false warning in __request_region() (git-fixes).
- restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes).
- ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes).
- rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes).
- rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes).
- rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337)
- rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes).
- rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes).
- s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870).
- s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806).
- s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646).
- s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647).
- s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598).
- s390: Add z17 elf platform (LTC#214086 bsc#1245540).
- samples: mei: Fix building on musl libc (git-fixes).
- sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338).
- sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git-fixes).
- scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes).
- scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Copyright updates for 14.4.0.10 patches (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142).
- scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: megaraid_sas: Fix invalid node index (git-fixes).
- scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git-fixes).
- scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git-fixes).
- scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599).
- selftests/bpf: Add CFLAGS per source file and runner (git-fixes).
- selftests/bpf: Add tests for iter next method returning valid pointer (git-fixes).
- selftests/bpf: Change functions definitions to support GCC (git-fixes).
- selftests/bpf: Fix a few tests for GCC related warnings (git-fixes).
- selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes).
- selftests/bpf: Fix prog numbers in test_sockmap (git-fixes).
- smb3: move server check earlier when setting channel sequence number (git-fixes).
- soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes).
- soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes).
- soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git-fixes).
- soc: qcom: QMI encoding/decoding for big endian (git-fixes).
- soc: qcom: fix endianness for QMI header (git-fixes).
- soc: qcom: pmic_glink: fix OF node leak (git-fixes).
- soundwire: amd: fix for clearing command status register (git-fixes).
- soundwire: stream: restore params when prepare ports fail (git-fixes).
- spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git-fixes).
- staging: axis-fifo: remove sysfs interface (git-fixes).
- staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git-fixes).
- staging: nvec: Fix incorrect null termination of battery manufacturer (git-fixes).
- struct cdns: move new member to the end (git-fixes).
- struct ucsi_operations: use padding for new operation (git-fixes).
- sunrpc: do not immediately retransmit on seqno miss (git-fixes).
- sunrpc: fix client side handling of tls alerts (git-fixes).
- tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes).
- thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes).
- thunderbolt: Fix copy+paste error in match_service_id() (git-fixes).
- thunderbolt: Fix wake on connect at runtime (git-fixes).
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes).
- tracing/kprobes: Fix to free objects when failed to copy a symbol (git-fixes).
- types: Complement the aligned types with signed 64-bit one (stable-fixes).
- ucount: fix atomic_long_inc_below() argument type (git-fixes).
- ucsi-glink: adapt to kABI consistency (git-fixes).
- ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes).
- ucsi_operations: add stubs for all operations (git-fixes).
- ucsi_ops: adapt update_connector to kABI consistency (git-fixes).
- usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes).
- usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes).
- usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes).
- usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes).
- usb: cdnsp: Fix issue with resuming from L1 (git-fixes).
- usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: cdnsp: do not disable slot for disabled slot (git-fixes).
- usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes).
- usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes).
- usb: dwc2: also exit clock_gating when stopping udc while suspended (stable-fixes).
- usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes).
- usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes).
- usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes).
- usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes).
- usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes).
- usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes).
- usb: hub: Do not try to recover devices lost during warm reset (git-fixes).
- usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes).
- usb: musb: fix gadget state on disconnect (git-fixes).
- usb: musb: omap2430: fix device leak at unbind (git-fixes).
- usb: net: sierra: check for no status endpoint (git-fixes).
- usb: potential integer overflow in usbg_make_tpg() (stable-fixes).
- usb: typec: Update sysfs when setting ops (git-fixes).
- usb: typec: altmodes/displayport: do not index invalid pin_assignments (git-fixes).
- usb: typec: displayport: Fix potential deadlock (git-fixes).
- usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes).
- usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable-fixes).
- usb: typec: tcpm: allow switching to mode accessory to mux properly (stable-fixes).
- usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes).
- usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git-fixes).
- usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git-fixes).
- usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes).
- usb: typec: ucsi: Delay alternate mode discovery (git-fixes).
- usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes).
- usb: typec: ucsi: Fix the partner PD revision (git-fixes).
- usb: typec: ucsi: Get PD revision for partner (git-fixes).
- usb: typec: ucsi: Set orientation as none when connector is unplugged (git-fixes).
- usb: typec: ucsi: Update power_supply on power role change (git-fixes).
- usb: typec: ucsi: add callback for connector status updates (git-fixes).
- usb: typec: ucsi: add update_connector callback (git-fixes).
- usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes).
- usb: typec: ucsi: extract code to read PD caps (git-fixes).
- usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes).
- usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes).
- usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes).
- usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes).
- usb: typec: ucsi: glink: use typec_set_orientation (git-fixes).
- usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git-fixes).
- usb: typec: ucsi: properly register partner's PD device (git-fixes).
- usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes).
- usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes).
- usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes).
- usb: typec: ucsi_glink: rework quirks implementation (git-fixes).
- usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git-fixes).
- usb: xhci: quirk for data loss in ISOC transfers (stable-fixes).
- usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes).
- virtgpu: do not reset on shutdown (git-fixes).
- vmci: Prevent the dispatching of uninitialized payloads (git-fixes).
- vt: add missing notification when switching back to text mode (stable-fixes).
- vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes).
- vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes).
- watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git-fixes).
- wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes).
- wifi: ath11k: fix source ring-buffer corruption (git-fixes).
- wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath12k: fix endianness handling while accessing wmi service bit (git-fixes).
- wifi: ath12k: fix source ring-buffer corruption (git-fixes).
- wifi: ath6kl: remove WARN on bad firmware input (stable-fixes).
- wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes).
- wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes).
- wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes).
- wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes).
- wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes).
- wifi: mac80211: Add link iteration macro for link data (stable-fixes).
- wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes).
- wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes).
- wifi: mac80211: Do not schedule stopped TXQs (git-fixes).
- wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes).
- wifi: mac80211: drop invalid source address OCB frames (stable-fixes).
- wifi: mac80211: reject TDLS operations when station is not associated (git-fixes).
- wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes).
- wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes).
- wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes).
- wifi: plfxlc: Fix error handling in usb driver probe (git-fixes).
- wifi: prevent A-MSDU attacks in mesh networks (stable-fixes).
- wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes).
- wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes).
- wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes).
- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).
- x86/mce/amd: Add default names for MCA banks and blocks (git-fixes).
- x86/mce/amd: Fix threshold limit reset (git-fixes).
- x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes).
- x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git-fixes).
- x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes).
- x86/traps: Initialize DR6 by writing its architectural reset value (git-fixes).
- x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes).
- x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345).
- xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837).
- xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes).
- xfs: remove unused event xfs_alloc_near_error (git-fixes).
- xfs: remove unused event xfs_alloc_near_nominleft (git-fixes).
- xfs: remove unused event xfs_attr_node_removename (git-fixes).
- xfs: remove unused event xfs_ioctl_clone (git-fixes).
- xfs: remove unused event xfs_pagecache_inval (git-fixes).
- xfs: remove unused event xlog_iclog_want_sync (git-fixes).
- xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes).
- xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes).
- xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes).
- xfs: remove unused xfs_attr events (git-fixes).
- xfs: remove unused xfs_reflink_compare_extents events (git-fixes).
- xfs: remove usused xfs_end_io_direct events (git-fixes).
- xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git-fixes).
- xhci: dbc: Flush queued requests before stopping dbc (git-fixes).
- xhci: dbctty: disable ECHO flag by default (git-fixes).
ImportantSUSE bug 1204142SUSE bug 1219338SUSE bug 1225707SUSE bug 1230216SUSE bug 1233300SUSE bug 1235613SUSE bug 1235837SUSE bug 1236333SUSE bug 1236897SUSE bug 1238896SUSE bug 1239061SUSE bug 1240323SUSE bug 1240885SUSE bug 1240966SUSE bug 1241166SUSE bug 1241345SUSE bug 1242086SUSE bug 1242414SUSE bug 1242837SUSE bug 1242960SUSE bug 1242965SUSE bug 1242993SUSE bug 1243068SUSE bug 1243100SUSE bug 1243479SUSE bug 1243669SUSE bug 1243806SUSE bug 1244309SUSE bug 1244337SUSE bug 1244457SUSE bug 1244735SUSE bug 1244749SUSE bug 1244750SUSE bug 1244792SUSE bug 1244801SUSE bug 1245151SUSE bug 1245201SUSE bug 1245202SUSE bug 1245216SUSE bug 1245260SUSE bug 1245431SUSE bug 1245440SUSE bug 1245457SUSE bug 1245498SUSE bug 1245499SUSE bug 1245504SUSE bug 1245506SUSE bug 1245508SUSE bug 1245510SUSE bug 1245540SUSE bug 1245598SUSE bug 1245599SUSE bug 1245646SUSE bug 1245647SUSE bug 1245649SUSE bug 1245650SUSE bug 1245654SUSE bug 1245658SUSE bug 1245660SUSE bug 1245665SUSE bug 1245666SUSE bug 1245668SUSE bug 1245669SUSE bug 1245670SUSE bug 1245671SUSE bug 1245675SUSE bug 1245676SUSE bug 1245677SUSE bug 1245679SUSE bug 1245682SUSE bug 1245683SUSE bug 1245684SUSE bug 1245688SUSE bug 1245689SUSE bug 1245690SUSE bug 1245691SUSE bug 1245695SUSE bug 1245705SUSE bug 1245708SUSE bug 1245711SUSE bug 1245713SUSE bug 1245714SUSE bug 1245719SUSE bug 1245723SUSE bug 1245729SUSE bug 1245730SUSE bug 1245731SUSE bug 1245735SUSE bug 1245737SUSE bug 1245744SUSE bug 1245745SUSE bug 1245746SUSE bug 1245747SUSE bug 1245748SUSE bug 1245749SUSE bug 1245750SUSE bug 1245751SUSE bug 1245752SUSE bug 1245757SUSE bug 1245758SUSE bug 1245765SUSE bug 1245768SUSE bug 1245769SUSE bug 1245777SUSE bug 1245781SUSE bug 1245789SUSE bug 1245937SUSE bug 1245945SUSE bug 1245951SUSE bug 1245952SUSE bug 1245954SUSE bug 1245957SUSE bug 1245966SUSE bug 1245970SUSE bug 1245976SUSE bug 1245980SUSE bug 1245983SUSE bug 1245986SUSE bug 1246000SUSE bug 1246002SUSE bug 1246006SUSE bug 1246008SUSE bug 1246020SUSE bug 1246023SUSE bug 1246029SUSE bug 1246031SUSE bug 1246037SUSE bug 1246041SUSE bug 1246042SUSE bug 1246044SUSE bug 1246045SUSE bug 1246047SUSE bug 1246049SUSE bug 1246050SUSE bug 1246055SUSE bug 1246073SUSE bug 1246093SUSE bug 1246098SUSE bug 1246109SUSE bug 1246122SUSE bug 1246125SUSE bug 1246171SUSE bug 1246173SUSE bug 1246178SUSE bug 1246182SUSE bug 1246183SUSE bug 1246186SUSE bug 1246195SUSE bug 1246203SUSE bug 1246212SUSE bug 1246220SUSE bug 1246236SUSE bug 1246240SUSE bug 1246243SUSE bug 1246246SUSE bug 1246249SUSE bug 1246250SUSE bug 1246253SUSE bug 1246258SUSE bug 1246262SUSE bug 1246264SUSE bug 1246266SUSE bug 1246268SUSE bug 1246273SUSE bug 1246283SUSE bug 1246287SUSE bug 1246292SUSE bug 1246293SUSE bug 1246295SUSE bug 1246334SUSE bug 1246337SUSE bug 1246342SUSE bug 1246349SUSE bug 1246354SUSE bug 1246358SUSE bug 1246361SUSE bug 1246364SUSE bug 1246370SUSE bug 1246375SUSE bug 1246384SUSE bug 1246386SUSE bug 1246387SUSE bug 1246438SUSE bug 1246453SUSE bug 1246473SUSE bug 1246490SUSE bug 1246506SUSE bug 1246547SUSE bug 1246777SUSE bug 1246781SUSE bug 1246870SUSE bug 1246879SUSE bug 1246911SUSE bug 1247018SUSE bug 1247023SUSE bug 1247028SUSE bug 1247031SUSE bug 1247033SUSE bug 1247035SUSE bug 1247061SUSE bug 1247089SUSE bug 1247091SUSE bug 1247097SUSE bug 1247098SUSE bug 1247101SUSE bug 1247103SUSE bug 1247104SUSE bug 1247113SUSE bug 1247118SUSE bug 1247123SUSE bug 1247125SUSE bug 1247128SUSE bug 1247132SUSE bug 1247138SUSE bug 1247141SUSE bug 1247143SUSE bug 1247145SUSE bug 1247146SUSE bug 1247147SUSE bug 1247149SUSE bug 1247150SUSE bug 1247151SUSE bug 1247153SUSE bug 1247154SUSE bug 1247156SUSE bug 1247160SUSE bug 1247164SUSE bug 1247169SUSE bug 1247170SUSE bug 1247171SUSE bug 1247172SUSE bug 1247174SUSE bug 1247176SUSE bug 1247177SUSE bug 1247178SUSE bug 1247181SUSE bug 1247209SUSE bug 1247210SUSE bug 1247227SUSE bug 1247233SUSE bug 1247236SUSE bug 1247238SUSE bug 1247241SUSE bug 1247251SUSE bug 1247252SUSE bug 1247253SUSE bug 1247255SUSE bug 1247271SUSE bug 1247273SUSE bug 1247274SUSE bug 1247276SUSE bug 1247277SUSE bug 1247278SUSE bug 1247279SUSE bug 1247284SUSE bug 1247285SUSE bug 1247288SUSE bug 1247289SUSE bug 1247293SUSE bug 1247311SUSE bug 1247314SUSE bug 1247317SUSE bug 1247347SUSE bug 1247348SUSE bug 1247349SUSE bug 1247374SUSE bug 1247437SUSE bug 1247450CVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2024-36028 at SUSECVE-2024-36028 at NVDCVE-2024-36348 at SUSECVE-2024-36348 at NVDCVE-2024-36349 at SUSECVE-2024-36349 at NVDCVE-2024-36350 at SUSECVE-2024-36350 at NVDCVE-2024-36357 at SUSECVE-2024-36357 at NVDCVE-2024-44963 at SUSECVE-2024-44963 at NVDCVE-2024-56742 at SUSECVE-2024-56742 at NVDCVE-2024-57947 at SUSECVE-2024-57947 at NVDCVE-2025-21839 at SUSECVE-2025-21839 at NVDCVE-2025-21872 at SUSECVE-2025-21872 at NVDCVE-2025-23163 at SUSECVE-2025-23163 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37856 at SUSECVE-2025-37856 at NVDCVE-2025-37864 at SUSECVE-2025-37864 at NVDCVE-2025-37885 at SUSECVE-2025-37885 at NVDCVE-2025-37920 at SUSECVE-2025-37920 at NVDCVE-2025-37984 at SUSECVE-2025-37984 at NVDCVE-2025-38034 at SUSECVE-2025-38034 at NVDCVE-2025-38035 at SUSECVE-2025-38035 at NVDCVE-2025-38051 at SUSECVE-2025-38051 at NVDCVE-2025-38052 at SUSECVE-2025-38052 at NVDCVE-2025-38058 at SUSECVE-2025-38058 at NVDCVE-2025-38061 at SUSECVE-2025-38061 at NVDCVE-2025-38062 at SUSECVE-2025-38062 at NVDCVE-2025-38063 at SUSECVE-2025-38063 at NVDCVE-2025-38064 at SUSECVE-2025-38064 at NVDCVE-2025-38074 at SUSECVE-2025-38074 at NVDCVE-2025-38084 at SUSECVE-2025-38084 at NVDCVE-2025-38085 at SUSECVE-2025-38085 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38088 at SUSECVE-2025-38088 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38090 at SUSECVE-2025-38090 at NVDCVE-2025-38094 at SUSECVE-2025-38094 at NVDCVE-2025-38095 at SUSECVE-2025-38095 at NVDCVE-2025-38097 at SUSECVE-2025-38097 at NVDCVE-2025-38098 at SUSECVE-2025-38098 at NVDCVE-2025-38099 at SUSECVE-2025-38099 at NVDCVE-2025-38100 at SUSECVE-2025-38100 at NVDCVE-2025-38102 at SUSECVE-2025-38102 at NVDCVE-2025-38105 at SUSECVE-2025-38105 at NVDCVE-2025-38107 at SUSECVE-2025-38107 at NVDCVE-2025-38108 at SUSECVE-2025-38108 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38112 at SUSECVE-2025-38112 at NVDCVE-2025-38113 at SUSECVE-2025-38113 at NVDCVE-2025-38115 at SUSECVE-2025-38115 at NVDCVE-2025-38117 at SUSECVE-2025-38117 at NVDCVE-2025-38118 at SUSECVE-2025-38118 at NVDCVE-2025-38120 at SUSECVE-2025-38120 at NVDCVE-2025-38122 at SUSECVE-2025-38122 at NVDCVE-2025-38123 at SUSECVE-2025-38123 at NVDCVE-2025-38124 at SUSECVE-2025-38124 at NVDCVE-2025-38126 at SUSECVE-2025-38126 at NVDCVE-2025-38127 at SUSECVE-2025-38127 at NVDCVE-2025-38129 at SUSECVE-2025-38129 at NVDCVE-2025-38131 at SUSECVE-2025-38131 at NVDCVE-2025-38132 at SUSECVE-2025-38132 at NVDCVE-2025-38135 at SUSECVE-2025-38135 at NVDCVE-2025-38136 at SUSECVE-2025-38136 at NVDCVE-2025-38138 at SUSECVE-2025-38138 at NVDCVE-2025-38142 at SUSECVE-2025-38142 at NVDCVE-2025-38143 at SUSECVE-2025-38143 at NVDCVE-2025-38145 at SUSECVE-2025-38145 at NVDCVE-2025-38147 at SUSECVE-2025-38147 at NVDCVE-2025-38148 at SUSECVE-2025-38148 at NVDCVE-2025-38149 at SUSECVE-2025-38149 at NVDCVE-2025-38151 at SUSECVE-2025-38151 at NVDCVE-2025-38153 at SUSECVE-2025-38153 at NVDCVE-2025-38154 at SUSECVE-2025-38154 at NVDCVE-2025-38155 at SUSECVE-2025-38155 at NVDCVE-2025-38157 at SUSECVE-2025-38157 at NVDCVE-2025-38158 at SUSECVE-2025-38158 at NVDCVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38161 at SUSECVE-2025-38161 at NVDCVE-2025-38162 at SUSECVE-2025-38162 at NVDCVE-2025-38165 at SUSECVE-2025-38165 at NVDCVE-2025-38166 at SUSECVE-2025-38166 at NVDCVE-2025-38173 at SUSECVE-2025-38173 at NVDCVE-2025-38174 at SUSECVE-2025-38174 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38180 at SUSECVE-2025-38180 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38182 at SUSECVE-2025-38182 at NVDCVE-2025-38183 at SUSECVE-2025-38183 at NVDCVE-2025-38187 at SUSECVE-2025-38187 at NVDCVE-2025-38188 at SUSECVE-2025-38188 at NVDCVE-2025-38192 at SUSECVE-2025-38192 at NVDCVE-2025-38193 at SUSECVE-2025-38193 at NVDCVE-2025-38194 at SUSECVE-2025-38194 at NVDCVE-2025-38197 at SUSECVE-2025-38197 at NVDCVE-2025-38198 at SUSECVE-2025-38198 at NVDCVE-2025-38200 at SUSECVE-2025-38200 at NVDCVE-2025-38202 at SUSECVE-2025-38202 at NVDCVE-2025-38203 at SUSECVE-2025-38203 at NVDCVE-2025-38204 at SUSECVE-2025-38204 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38210 at SUSECVE-2025-38210 at NVDCVE-2025-38211 at SUSECVE-2025-38211 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDCVE-2025-38213 at SUSECVE-2025-38213 at NVDCVE-2025-38214 at SUSECVE-2025-38214 at NVDCVE-2025-38215 at SUSECVE-2025-38215 at NVDCVE-2025-38217 at SUSECVE-2025-38217 at NVDCVE-2025-38220 at SUSECVE-2025-38220 at NVDCVE-2025-38222 at SUSECVE-2025-38222 at NVDCVE-2025-38225 at SUSECVE-2025-38225 at NVDCVE-2025-38226 at SUSECVE-2025-38226 at NVDCVE-2025-38227 at SUSECVE-2025-38227 at NVDCVE-2025-38229 at SUSECVE-2025-38229 at NVDCVE-2025-38231 at SUSECVE-2025-38231 at NVDCVE-2025-38236 at SUSECVE-2025-38236 at NVDCVE-2025-38239 at SUSECVE-2025-38239 at NVDCVE-2025-38244 at SUSECVE-2025-38244 at NVDCVE-2025-38246 at SUSECVE-2025-38246 at NVDCVE-2025-38248 at SUSECVE-2025-38248 at NVDCVE-2025-38249 at SUSECVE-2025-38249 at NVDCVE-2025-38250 at SUSECVE-2025-38250 at NVDCVE-2025-38257 at SUSECVE-2025-38257 at NVDCVE-2025-38259 at SUSECVE-2025-38259 at NVDCVE-2025-38264 at SUSECVE-2025-38264 at NVDCVE-2025-38272 at SUSECVE-2025-38272 at NVDCVE-2025-38273 at SUSECVE-2025-38273 at NVDCVE-2025-38275 at SUSECVE-2025-38275 at NVDCVE-2025-38277 at SUSECVE-2025-38277 at NVDCVE-2025-38279 at SUSECVE-2025-38279 at NVDCVE-2025-38283 at SUSECVE-2025-38283 at NVDCVE-2025-38286 at SUSECVE-2025-38286 at NVDCVE-2025-38289 at SUSECVE-2025-38289 at NVDCVE-2025-38290 at SUSECVE-2025-38290 at NVDCVE-2025-38292 at SUSECVE-2025-38292 at NVDCVE-2025-38293 at SUSECVE-2025-38293 at NVDCVE-2025-38300 at SUSECVE-2025-38300 at NVDCVE-2025-38303 at SUSECVE-2025-38303 at NVDCVE-2025-38304 at SUSECVE-2025-38304 at NVDCVE-2025-38305 at SUSECVE-2025-38305 at NVDCVE-2025-38307 at SUSECVE-2025-38307 at NVDCVE-2025-38310 at SUSECVE-2025-38310 at NVDCVE-2025-38312 at SUSECVE-2025-38312 at NVDCVE-2025-38313 at SUSECVE-2025-38313 at NVDCVE-2025-38319 at SUSECVE-2025-38319 at NVDCVE-2025-38323 at SUSECVE-2025-38323 at NVDCVE-2025-38326 at SUSECVE-2025-38326 at NVDCVE-2025-38328 at SUSECVE-2025-38328 at NVDCVE-2025-38332 at SUSECVE-2025-38332 at NVDCVE-2025-38334 at SUSECVE-2025-38334 at NVDCVE-2025-38335 at SUSECVE-2025-38335 at NVDCVE-2025-38336 at SUSECVE-2025-38336 at NVDCVE-2025-38337 at SUSECVE-2025-38337 at NVDCVE-2025-38338 at SUSECVE-2025-38338 at NVDCVE-2025-38342 at SUSECVE-2025-38342 at NVDCVE-2025-38343 at SUSECVE-2025-38343 at NVDCVE-2025-38344 at SUSECVE-2025-38344 at NVDCVE-2025-38345 at SUSECVE-2025-38345 at NVDCVE-2025-38348 at SUSECVE-2025-38348 at NVDCVE-2025-38349 at SUSECVE-2025-38349 at NVDCVE-2025-38350 at SUSECVE-2025-38350 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-38354 at SUSECVE-2025-38354 at NVDCVE-2025-38362 at SUSECVE-2025-38362 at NVDCVE-2025-38363 at SUSECVE-2025-38363 at NVDCVE-2025-38364 at SUSECVE-2025-38364 at NVDCVE-2025-38365 at SUSECVE-2025-38365 at NVDCVE-2025-38369 at SUSECVE-2025-38369 at NVDCVE-2025-38371 at SUSECVE-2025-38371 at NVDCVE-2025-38373 at SUSECVE-2025-38373 at NVDCVE-2025-38375 at SUSECVE-2025-38375 at NVDCVE-2025-38376 at SUSECVE-2025-38376 at NVDCVE-2025-38377 at SUSECVE-2025-38377 at NVDCVE-2025-38380 at SUSECVE-2025-38380 at NVDCVE-2025-38382 at SUSECVE-2025-38382 at NVDCVE-2025-38384 at SUSECVE-2025-38384 at NVDCVE-2025-38385 at SUSECVE-2025-38385 at NVDCVE-2025-38386 at SUSECVE-2025-38386 at NVDCVE-2025-38387 at SUSECVE-2025-38387 at NVDCVE-2025-38389 at SUSECVE-2025-38389 at NVDCVE-2025-38391 at SUSECVE-2025-38391 at NVDCVE-2025-38392 at SUSECVE-2025-38392 at NVDCVE-2025-38393 at SUSECVE-2025-38393 at NVDCVE-2025-38395 at SUSECVE-2025-38395 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38399 at SUSECVE-2025-38399 at NVDCVE-2025-38400 at SUSECVE-2025-38400 at NVDCVE-2025-38401 at SUSECVE-2025-38401 at NVDCVE-2025-38403 at SUSECVE-2025-38403 at NVDCVE-2025-38404 at SUSECVE-2025-38404 at NVDCVE-2025-38406 at SUSECVE-2025-38406 at NVDCVE-2025-38409 at SUSECVE-2025-38409 at NVDCVE-2025-38410 at SUSECVE-2025-38410 at NVDCVE-2025-38412 at SUSECVE-2025-38412 at NVDCVE-2025-38414 at SUSECVE-2025-38414 at NVDCVE-2025-38415 at SUSECVE-2025-38415 at NVDCVE-2025-38416 at SUSECVE-2025-38416 at NVDCVE-2025-38420 at SUSECVE-2025-38420 at NVDCVE-2025-38424 at SUSECVE-2025-38424 at NVDCVE-2025-38425 at SUSECVE-2025-38425 at NVDCVE-2025-38426 at SUSECVE-2025-38426 at NVDCVE-2025-38428 at SUSECVE-2025-38428 at NVDCVE-2025-38429 at SUSECVE-2025-38429 at NVDCVE-2025-38430 at SUSECVE-2025-38430 at NVDCVE-2025-38436 at SUSECVE-2025-38436 at NVDCVE-2025-38443 at SUSECVE-2025-38443 at NVDCVE-2025-38448 at SUSECVE-2025-38448 at NVDCVE-2025-38449 at SUSECVE-2025-38449 at NVDCVE-2025-38455 at SUSECVE-2025-38455 at NVDCVE-2025-38457 at SUSECVE-2025-38457 at NVDCVE-2025-38460 at SUSECVE-2025-38460 at NVDCVE-2025-38461 at SUSECVE-2025-38461 at NVDCVE-2025-38462 at SUSECVE-2025-38462 at NVDCVE-2025-38463 at SUSECVE-2025-38463 at NVDCVE-2025-38465 at SUSECVE-2025-38465 at NVDCVE-2025-38467 at SUSECVE-2025-38467 at NVDCVE-2025-38468 at SUSECVE-2025-38468 at NVDCVE-2025-38470 at SUSECVE-2025-38470 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38473 at SUSECVE-2025-38473 at NVDCVE-2025-38474 at SUSECVE-2025-38474 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDCVE-2025-38478 at SUSECVE-2025-38478 at NVDCVE-2025-38480 at SUSECVE-2025-38480 at NVDCVE-2025-38481 at SUSECVE-2025-38481 at NVDCVE-2025-38482 at SUSECVE-2025-38482 at NVDCVE-2025-38483 at SUSECVE-2025-38483 at NVDCVE-2025-38485 at SUSECVE-2025-38485 at NVDCVE-2025-38487 at SUSECVE-2025-38487 at NVDCVE-2025-38489 at SUSECVE-2025-38489 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDCVE-2025-38496 at SUSECVE-2025-38496 at NVDCVE-2025-38497 at SUSECVE-2025-38497 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDcpe:/o:suse:sl-micro:6.0Security update for the Linux Kernel (Important)SUSE Linux Micro 6.0
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may
- CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707).
- CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:
x86/process: Move the buffer clearing before MONITOR (bsc#1238896).
- CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216).
- CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613).
- CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061).
- CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323).
- CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837).
- CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068).
- CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479).
- CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669).
- CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792).
- CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801).
- CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750).
- CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151).
- CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440).
- CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216).
- CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202).
- CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201).
- CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735).
- CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649).
- CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660).
- CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654).
- CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671).
- CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650).
- CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682).
- CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689).
- CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695).
- CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708).
- CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677).
- CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679).
- CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768).
- CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750).
- CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752).
- CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758).
- CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970).
- CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937).
- CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006).
- CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951).
- CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098).
- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).
- CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980).
- CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044).
- CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983).
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).
- CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020).
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029).
- CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966).
- CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976).
- CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093).
- CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178).
- CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183).
- CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173).
- CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182).
- CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387).
- CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268).
- CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264).
- CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273).
- CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354).
- CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361).
- CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473).
- CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384).
- CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250).
- CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253).
- CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777).
- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
- CVE-2025-38352: posix-cpu-timers: fix race between
handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).
- CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091).
- CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023).
- CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178).
- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).
- CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031).
- CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169).
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156).
- CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097).
- CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141).
- CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145).
- CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252).
- CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253).
- CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101).
- CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098).
- CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).
- CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103).
- CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104).
- CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113).
- CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118).
- CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288).
- CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450).
- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
The following non-security bugs were fixed:
- ACPI: LPSS: Remove AudioDSP related ID (git-fixes).
- ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122).
- ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes).
- ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes).
- ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes).
- ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable-fixes).
- ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable-fixes).
- ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes).
- ALSA: hda/tegra: Add Tegra264 support (stable-fixes).
- ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes).
- ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable-fixes).
- ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes).
- ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git-fixes).
- ALSA: sb: Do not allow changing the DMA mode during operations (stable-fixes).
- ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes).
- ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes).
- ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable-fixes).
- ASoC: amd: yc: update quirk data for HP Victus (stable-fixes).
- ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes).
- ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes).
- ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes).
- ASoC: cs35l56: probe() should fail if the device ID is not recognized (git-fixes).
- ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git-fixes).
- ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes).
- ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes).
- ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git-fixes).
- Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes).
- Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes).
- Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes).
- Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes).
- Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes).
- Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes).
- Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes).
- Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes).
- Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes).
- Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git-fixes).
- Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git-fixes).
- Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes).
- Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes).
- Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes).
- Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes).
- Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes).
- Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes).
- Bluetooth: hci_sync: revert some mesh modifications (git-fixes).
- Correctly put RDMA kabi patch into patches.kabi instead of patches.suse
- Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes).
- Documentation: ACPI: Fix parent device references (git-fixes).
- Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes).
- Fix dma_unmap_sg() nents value (git-fixes)
- HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes).
- HID: core: do not bypass hid_hw_raw_request (stable-fixes).
- HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes).
- HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes).
- HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable-fixes).
- HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable-fixes).
- IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes)
- Input: iqs7222 - explicitly define number of external channels (git-fixes).
- Input: xpad - adjust error handling for disconnect (git-fixes).
- Input: xpad - set correct controller type for Acer NGR200 (git-fixes).
- Input: xpad - support Acer NGR 200 Controller (stable-fixes).
- Logitech C-270 even more broken (stable-fixes).
- Move upstreamed SCSI and ACPI patches into sorted section
- NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes).
- NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes).
- NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git-fixes).
- NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes).
- NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git-fixes).
- NFSv4.2: another fix for listxattr (git-fixes).
- NFSv4.2: fix listxattr to return selinux security label (git-fixes).
- NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes).
- NFSv4: Always set NLINK even if the server does not support it (git-fixes).
- NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes).
- PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457).
- PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes).
- PCI: endpoint: Fix configfs group list head handling (git-fixes).
- PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes).
- PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes).
- PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes).
- PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457).
- PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes).
- PM / devfreq: Check governor before using governor->name (git-fixes).
- RDMA/core: Rate limit GID cache warning messages (git-fixes)
- RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes)
- RDMA/hns: Drop GFP_NOWARN (git-fixes)
- RDMA/hns: Fix -Wframe-larger-than issue (git-fixes)
- RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes)
- RDMA/hns: Fix accessing uninitialized resources (git-fixes)
- RDMA/hns: Fix double destruction of rsv_qp (git-fixes)
- RDMA/hns: Get message length of ack_req from FW (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- RDMA/mlx5: Fix CC counters query for MPV (git-fixes)
- RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes)
- RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes)
- RDMA/mlx5: Fix vport loopback for MPV device (git-fixes)
- RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes)
- RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes)
- RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes)
- RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes).
- Revert "ACPI: battery: negate current when discharging" (stable-fixes).
- Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338).
- Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes).
- Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git-fixes).
- Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git-fixes).
- Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes).
- SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes).
- USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes).
- USB: serial: option: add Foxconn T99W640 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable-fixes).
- [SMB3] send channel sequence number in SMB3 requests after reconnects (git-fixes).
- af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes).
- af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093).
- amd/amdkfd: fix a kfd_process ref leak (stable-fixes).
- aoe: clean device rq_list in aoedev_downdev() (git-fixes).
- apple-mfi-fastcharge: protect first device name (git-fixes).
- ata: pata_cs5536: fix build on 32-bit UML (stable-fixes).
- audit,module: restore audit logging in load failure case (git-fixes).
- bpf, sockmap: Fix sk_msg_reset_curr (git-fixes).
- bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes).
- bpf/selftests: Check errno when percpu map value size exceeds (git-fixes).
- bpf: Add a possibly-zero-sized read test (git-fixes).
- bpf: Avoid __hidden__ attribute in static object (git-fixes).
- bpf: Check percpu map value size first (git-fixes).
- bpf: Disable some `attribute ignored' warnings in GCC (git-fixes).
- bpf: Fix memory leak in bpf_core_apply (git-fixes).
- bpf: Fix potential integer overflow in resolve_btfids (git-fixes).
- bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes).
- bpf: Make the pointer returned by iter next method valid (git-fixes).
- bpf: Simplify checking size of helper accesses (git-fixes).
- bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes).
- bpf: sockmap, updating the sg structure should also update curr (git-fixes).
- bpftool: Fix missing pids during link show (git-fixes).
- bpftool: Fix undefined behavior caused by shifting into the sign bit (git-fixes).
- bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes).
- bpftool: Remove unnecessary source files from bootstrap version (git-fixes).
- bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes).
- btrfs: do not ignore inode missing when replaying log tree (git-fixes).
- btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes).
- btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes).
- btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068)
- btrfs: fix assertion when building free space tree (git-fixes).
- btrfs: fix inode lookup error handling during log replay (git-fixes).
- btrfs: fix invalid inode pointer dereferences during log replay (git-fixes).
- btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes).
- btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes).
- btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes).
- btrfs: fix ssd_spread overallocation (git-fixes).
- btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068)
- btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes).
- btrfs: rename err to ret in btrfs_rmdir() (git-fixes).
- btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes).
- btrfs: return a btrfs_inode from read_one_inode() (git-fixes).
- btrfs: tests: fix chunk map leak after failure to add it to the tree (git-fixes).
- btrfs: update superblock's device bytes_used when dropping chunk (git-fixes).
- btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes).
- btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes).
- bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes).
- bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes).
- can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes).
- can: dev: can_restart(): reverse logic to remove need for goto (stable-fixes).
- can: kvaser_pciefd: Store device channel index (git-fixes).
- can: kvaser_usb: Assign netdev.dev_port based on device channel index (git-fixes).
- can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes).
- can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes).
- can: peak_usb: fix USB FD devices potential malfunction (git-fixes).
- cdc-acm: fix race between initial clearing halt and open (git-fixes).
- cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789).
- cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166).
- cifs: reconnect helper should set reconnect for the right channel (git-fixes).
- clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes).
- clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes).
- clk: sunxi-ng: v3s: Fix de clock definition (git-fixes).
- clk: xilinx: vcu: unregister pll_post only if registered correctly (git-fixes).
- clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457).
- clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457).
- comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes).
- comedi: Fix initialization of data for instructions that write to subdevice (git-fixes).
- comedi: Fix some signed shift left operations (git-fixes).
- comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes).
- comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes).
- comedi: das16m1: Fix bit shift out of bounds (git-fixes).
- comedi: das6402: Fix bit shift out of bounds (git-fixes).
- comedi: pcl812: Fix bit shift out of bounds (git-fixes).
- compiler_types.h: Define __retain for __attribute__((__retain__)) (git-fixes).
- config: enable RBD (jsc#PED-13238)
- crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes).
- crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes).
- crypto: ccp - Fix locking on alloc failure handling (git-fixes).
- crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes).
- crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes).
- crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes).
- crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes).
- crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes).
- crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes).
- crypto: qat - fix state restore for banks with exceptions (git-fixes).
- crypto: qat - flush misc workqueue during device shutdown (git-fixes).
- crypto: qat - use unmanaged allocation for dc_data (git-fixes).
- crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes).
- dm-bufio: fix sched in atomic context (git-fixes).
- dm-flakey: error all IOs when num_features is absent (git-fixes).
- dm-flakey: make corrupting read bios work (git-fixes).
- dm-mirror: fix a tiny race condition (git-fixes).
- dm-raid: fix variable in journal device check (git-fixes).
- dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes).
- dm: do not change md if dm_table_set_restrictions() fails (git-fixes).
- dm: free table mempools if not used in __bind (git-fixes).
- dm: restrict dm device size to 2^63-512 bytes (git-fixes).
- dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes).
- dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes).
- dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes).
- dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git-fixes).
- dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes).
- dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes).
- dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes).
- dmaengine: xilinx_dma: Set dma_device directions (stable-fixes).
- drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes).
- drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git-fixes).
- drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes).
- drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes).
- drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes).
- drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes).
- drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git-fixes).
- drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes).
- drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes).
- drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes).
- drm/exynos: fimd: Guard display clock control with runtime PM calls (git-fixes).
- drm/framebuffer: Acquire internal references on GEM handles (git-fixes).
- drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes).
- drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes).
- drm/i915/gsc: mei interrupt top half should be in irq disabled context (git-fixes).
- drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes).
- drm/i915/selftests: Change mock_request() to return error pointers (git-fixes).
- drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes).
- drm/msm: Fix a fence leak in submit error path (stable-fixes).
- drm/msm: Fix another leak in the submit error path (stable-fixes).
- drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes).
- drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes).
- drm/sched: Increment job count before swapping tail spsc queue (git-fixes).
- drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes).
- drm/scheduler: signal scheduled fence when kill job (stable-fixes).
- drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes).
- drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes).
- drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes).
- exfat: fdatasync flag should be same like generic_write_sync() (git-fixes).
- fbcon: Fix outdated registered_fb reference in comment (git-fixes).
- fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes).
- firewire: ohci: correct code comments about bus_reset tasklet (git-fixes).
- fs/jfs: consolidate sanity checking in dbMount (git-fixes).
- fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes).
- gpio: mlxbf2: use platform_get_irq_optional() (git-fixes).
- gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes).
- gpio: sim: include a missing header (git-fixes).
- gpio: vf610: add locking to gpio direction functions (git-fixes).
- gpio: virtio: Fix config space reading (git-fixes).
- gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes).
- gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes).
- gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300).
- gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300).
- gpiolib: cdev: Ignore reconfiguration without direction (git-fixes).
- gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes).
- hfs: make splice write available again (git-fixes).
- hfsplus: make splice write available again (git-fixes).
- hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes).
- hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203).
- hwmon: (corsair-cpro) Validate the size of the received input buffer (git-fixes).
- hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes).
- hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes).
- hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes).
- i2c/designware: Fix an initialization issue (git-fixes).
- i2c: qup: jump out of the loop in case of timeout (git-fixes).
- i2c: stm32: fix the device used for the DMA map (git-fixes).
- i2c: tegra: Fix reset error handling with ACPI (git-fixes).
- i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes).
- i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes).
- iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git-fixes).
- iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes).
- iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable-fixes).
- iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes).
- iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes).
- iio: adc: max1363: Reorder mode_list[] entries (stable-fixes).
- iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes).
- iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes).
- iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes).
- iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes).
- iommu/amd: Set the pgsize_bitmap correctly (git-fixes).
- iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes).
- iommu/vt-d: Fix possible circular locking dependency (git-fixes).
- iommu/vt-d: Fix system hang on reboot -f (git-fixes).
- ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes).
- ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes).
- ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes).
- ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes).
- iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes).
- jfs: fix metapage reference count leak in dbAllocCtl (git-fixes).
- kABI workaround for struct drm_framebuffer changes (git-fixes).
- kABI: Fix the module::name type in audit_context (git-fixes).
- kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes).
- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).
- leds: multicolor: Fix intensity setting while SW blinking (stable-fixes).
- lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897).
- lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897).
- maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes).
- md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes).
- media: gspca: Add bounds checking to firmware parser (git-fixes).
- media: hi556: correct the test pattern configuration (git-fixes).
- media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes).
- media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes).
- media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git-fixes).
- media: usbtv: Lock resolution while streaming (git-fixes).
- media: uvcvideo: Do not mark valid metadata as invalid (git-fixes).
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git-fixes).
- media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes).
- media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes).
- media: venus: Add a check for packet size after reading from shared memory (git-fixes).
- media: venus: hfi: explicitly release IRQ during teardown (git-fixes).
- media: venus: protect against spurious interrupts during probe (git-fixes).
- media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: vivid: fix wrong pixel_array control size (git-fixes).
- memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git-fixes).
- mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes).
- misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes).
- mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes).
- mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes).
- mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes).
- mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes).
- module: Fix memory deallocation on error path in move_module() (git-fixes).
- module: Remove unnecessary +1 from last_unloaded_module::name size (git-fixes).
- module: Restore the moduleparam prefix length check (git-fixes).
- mtd: fix possible integer overflow in erase_xfer() (git-fixes).
- mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes).
- mtd: rawnand: atmel: set pmecc data setup time (git-fixes).
- mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes).
- mtd: rawnand: renesas: Add missing check after DMA map (git-fixes).
- mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes).
- mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes).
- mtd: spinand: fix memory leak of ECC engine conf (stable-fixes).
- mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes).
- mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes).
- mtk-sd: Prevent memory corruption from DMA map failure (git-fixes).
- mtk-sd: reset host->mrq on prepare_data() error (git-fixes).
- mwl8k: Add missing check after DMA map (git-fixes).
- nbd: fix uaf in nbd_genl_connect() error path (git-fixes).
- net/packet: fix a race in packet_set_ring() and packet_notifier() (git-fixes).
- net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes).
- net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git-fixes).
- net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git-fixes).
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes).
- net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes).
- net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes).
- net: mana: Add debug logs in MANA network driver (bsc#1246212).
- net: mana: Add handler for hardware servicing events (bsc#1245730).
- net: mana: Allocate MSI-X vectors dynamically (bsc#1245457).
- net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457).
- net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203).
- net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729).
- net: mana: Set tx_packets to post gso processing packet count (bsc#1245731).
- net: mana: explain irq_setup() algorithm (bsc#1245457).
- net: phy: Do not register LEDs for genphy (git-fixes).
- net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes).
- net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes).
- net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git-fixes).
- net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes).
- net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git-fixes).
- net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes).
- net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes).
- net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes).
- netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes).
- nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git-fixes).
- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes).
- nilfs2: reject invalid file types when reading inodes (git-fixes).
- nvme-pci: refresh visible attrs after being checked (git-fixes).
- nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes).
- nvme: fix endianness of command word prints in nvme_log_err_passthru() (git-fixes).
- nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes).
- nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes).
- nvmet-tcp: fix callback lock for TLS handshake (git-fixes).
- objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes).
- objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes).
- objtool: Fix _THIS_IP_ detection for cold functions (git-fixes).
- objtool: Fix error handling inconsistencies in check() (git-fixes).
- objtool: Ignore dangling jump table entries (git-fixes).
- objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes).
- objtool: Properly disable uaccess validation (git-fixes).
- objtool: Silence more KCOV warnings (git-fixes).
- objtool: Silence more KCOV warnings, part 2 (git-fixes).
- objtool: Stop UNRET validation on UD2 (git-fixes).
- pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes).
- pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes).
- perf: Fix sample vs do_exit() (bsc#1246547).
- phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git-fixes).
- pinctrl: amd: Clear GPIO debounce for suspend (git-fixes).
- pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes).
- pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes).
- pinmux: fix race causing mux_owner NULL with active mux_usecount (git-fixes).
- platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git-fixes).
- platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git-fixes).
- platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes).
- platform/mellanox: mlxreg-lc: Fix logic error in power state check (git-fixes).
- platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes).
- platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes).
- platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes).
- platform/x86: think-lmi: Create ksets consecutively (stable-fixes).
- platform/x86: think-lmi: Fix kobject cleanup (git-fixes).
- platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes).
- power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes).
- power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git-fixes).
- powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes).
- powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git-fixes).
- powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes).
- powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes).
- ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506).
- pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes).
- pwm: mediatek: Ensure to disable clocks in error path (git-fixes).
- regmap: fix potential memory leak of regmap_bus (git-fixes).
- regulator: fan53555: add enable_time support and soft-start times (stable-fixes).
- regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git-fixes).
- regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes).
- resource: fix false warning in __request_region() (git-fixes).
- restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes).
- ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes).
- rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes).
- rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes).
- rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes).
- rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes).
- s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870).
- s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806).
- s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646).
- s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647).
- s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598).
- s390: Add z17 elf platform (LTC#214086 bsc#1245540).
- samples: mei: Fix building on musl libc (git-fixes).
- sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338).
- sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git-fixes).
- scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes).
- scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Copyright updates for 14.4.0.10 patches (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142).
- scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: megaraid_sas: Fix invalid node index (git-fixes).
- scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git-fixes).
- scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git-fixes).
- scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599).
- selftests/bpf: Add CFLAGS per source file and runner (git-fixes).
- selftests/bpf: Add tests for iter next method returning valid pointer (git-fixes).
- selftests/bpf: Change functions definitions to support GCC (git-fixes).
- selftests/bpf: Fix a few tests for GCC related warnings (git-fixes).
- selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes).
- selftests/bpf: Fix prog numbers in test_sockmap (git-fixes).
- smb3: move server check earlier when setting channel sequence number (git-fixes).
- soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes).
- soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes).
- soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git-fixes).
- soc: qcom: QMI encoding/decoding for big endian (git-fixes).
- soc: qcom: fix endianness for QMI header (git-fixes).
- soc: qcom: pmic_glink: fix OF node leak (git-fixes).
- soundwire: amd: fix for clearing command status register (git-fixes).
- soundwire: stream: restore params when prepare ports fail (git-fixes).
- spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git-fixes).
- staging: axis-fifo: remove sysfs interface (git-fixes).
- staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git-fixes).
- staging: nvec: Fix incorrect null termination of battery manufacturer (git-fixes).
- struct cdns: move new member to the end (git-fixes).
- struct ucsi_operations: use padding for new operation (git-fixes).
- sunrpc: do not immediately retransmit on seqno miss (git-fixes).
- sunrpc: fix client side handling of tls alerts (git-fixes).
- tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes).
- thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes).
- thunderbolt: Fix copy+paste error in match_service_id() (git-fixes).
- thunderbolt: Fix wake on connect at runtime (git-fixes).
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes).
- tracing/kprobes: Fix to free objects when failed to copy a symbol (git-fixes).
- types: Complement the aligned types with signed 64-bit one (stable-fixes).
- ucount: fix atomic_long_inc_below() argument type (git-fixes).
- ucsi-glink: adapt to kABI consistency (git-fixes).
- ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes).
- ucsi_operations: add stubs for all operations (git-fixes).
- ucsi_ops: adapt update_connector to kABI consistency (git-fixes).
- usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes).
- usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes).
- usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes).
- usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes).
- usb: cdnsp: Fix issue with resuming from L1 (git-fixes).
- usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: cdnsp: do not disable slot for disabled slot (git-fixes).
- usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes).
- usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes).
- usb: dwc2: also exit clock_gating when stopping udc while suspended (stable-fixes).
- usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes).
- usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes).
- usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes).
- usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes).
- usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes).
- usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes).
- usb: hub: Do not try to recover devices lost during warm reset (git-fixes).
- usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes).
- usb: musb: fix gadget state on disconnect (git-fixes).
- usb: musb: omap2430: fix device leak at unbind (git-fixes).
- usb: net: sierra: check for no status endpoint (git-fixes).
- usb: potential integer overflow in usbg_make_tpg() (stable-fixes).
- usb: typec: Update sysfs when setting ops (git-fixes).
- usb: typec: altmodes/displayport: do not index invalid pin_assignments (git-fixes).
- usb: typec: displayport: Fix potential deadlock (git-fixes).
- usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes).
- usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable-fixes).
- usb: typec: tcpm: allow switching to mode accessory to mux properly (stable-fixes).
- usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes).
- usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git-fixes).
- usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git-fixes).
- usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes).
- usb: typec: ucsi: Delay alternate mode discovery (git-fixes).
- usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes).
- usb: typec: ucsi: Fix the partner PD revision (git-fixes).
- usb: typec: ucsi: Get PD revision for partner (git-fixes).
- usb: typec: ucsi: Set orientation as none when connector is unplugged (git-fixes).
- usb: typec: ucsi: Update power_supply on power role change (git-fixes).
- usb: typec: ucsi: add callback for connector status updates (git-fixes).
- usb: typec: ucsi: add update_connector callback (git-fixes).
- usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes).
- usb: typec: ucsi: extract code to read PD caps (git-fixes).
- usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes).
- usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes).
- usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes).
- usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes).
- usb: typec: ucsi: glink: use typec_set_orientation (git-fixes).
- usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git-fixes).
- usb: typec: ucsi: properly register partner's PD device (git-fixes).
- usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes).
- usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes).
- usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes).
- usb: typec: ucsi_glink: rework quirks implementation (git-fixes).
- usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git-fixes).
- usb: xhci: quirk for data loss in ISOC transfers (stable-fixes).
- usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes).
- virtgpu: do not reset on shutdown (git-fixes).
- vmci: Prevent the dispatching of uninitialized payloads (git-fixes).
- vt: add missing notification when switching back to text mode (stable-fixes).
- vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes).
- vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes).
- watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git-fixes).
- wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes).
- wifi: ath11k: fix source ring-buffer corruption (git-fixes).
- wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath12k: fix endianness handling while accessing wmi service bit (git-fixes).
- wifi: ath12k: fix source ring-buffer corruption (git-fixes).
- wifi: ath6kl: remove WARN on bad firmware input (stable-fixes).
- wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes).
- wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes).
- wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes).
- wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes).
- wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes).
- wifi: mac80211: Add link iteration macro for link data (stable-fixes).
- wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes).
- wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes).
- wifi: mac80211: Do not schedule stopped TXQs (git-fixes).
- wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes).
- wifi: mac80211: drop invalid source address OCB frames (stable-fixes).
- wifi: mac80211: reject TDLS operations when station is not associated (git-fixes).
- wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes).
- wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes).
- wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes).
- wifi: plfxlc: Fix error handling in usb driver probe (git-fixes).
- wifi: prevent A-MSDU attacks in mesh networks (stable-fixes).
- wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes).
- wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes).
- wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes).
- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).
- x86/mce/amd: Add default names for MCA banks and blocks (git-fixes).
- x86/mce/amd: Fix threshold limit reset (git-fixes).
- x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes).
- x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git-fixes).
- x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes).
- x86/traps: Initialize DR6 by writing its architectural reset value (git-fixes).
- x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes).
- x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345).
- xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837).
- xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes).
- xfs: remove unused event xfs_alloc_near_error (git-fixes).
- xfs: remove unused event xfs_alloc_near_nominleft (git-fixes).
- xfs: remove unused event xfs_attr_node_removename (git-fixes).
- xfs: remove unused event xfs_ioctl_clone (git-fixes).
- xfs: remove unused event xfs_pagecache_inval (git-fixes).
- xfs: remove unused event xlog_iclog_want_sync (git-fixes).
- xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes).
- xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes).
- xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes).
- xfs: remove unused xfs_attr events (git-fixes).
- xfs: remove unused xfs_reflink_compare_extents events (git-fixes).
- xfs: remove usused xfs_end_io_direct events (git-fixes).
- xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git-fixes).
- xhci: dbc: Flush queued requests before stopping dbc (git-fixes).
- xhci: dbctty: disable ECHO flag by default (git-fixes).
ImportantSUSE bug 1204142SUSE bug 1219338SUSE bug 1225707SUSE bug 1230216SUSE bug 1233300SUSE bug 1235613SUSE bug 1235837SUSE bug 1236333SUSE bug 1236897SUSE bug 1238896SUSE bug 1239061SUSE bug 1240323SUSE bug 1240885SUSE bug 1240966SUSE bug 1241166SUSE bug 1241345SUSE bug 1242086SUSE bug 1242414SUSE bug 1242837SUSE bug 1242960SUSE bug 1242965SUSE bug 1242993SUSE bug 1243068SUSE bug 1243100SUSE bug 1243479SUSE bug 1243669SUSE bug 1243806SUSE bug 1244309SUSE bug 1244457SUSE bug 1244735SUSE bug 1244749SUSE bug 1244750SUSE bug 1244792SUSE bug 1244801SUSE bug 1245151SUSE bug 1245201SUSE bug 1245202SUSE bug 1245216SUSE bug 1245260SUSE bug 1245431SUSE bug 1245440SUSE bug 1245457SUSE bug 1245498SUSE bug 1245499SUSE bug 1245504SUSE bug 1245506SUSE bug 1245508SUSE bug 1245510SUSE bug 1245540SUSE bug 1245598SUSE bug 1245599SUSE bug 1245646SUSE bug 1245647SUSE bug 1245649SUSE bug 1245650SUSE bug 1245654SUSE bug 1245658SUSE bug 1245660SUSE bug 1245665SUSE bug 1245666SUSE bug 1245668SUSE bug 1245669SUSE bug 1245670SUSE bug 1245671SUSE bug 1245675SUSE bug 1245676SUSE bug 1245677SUSE bug 1245679SUSE bug 1245682SUSE bug 1245683SUSE bug 1245684SUSE bug 1245688SUSE bug 1245689SUSE bug 1245690SUSE bug 1245691SUSE bug 1245695SUSE bug 1245705SUSE bug 1245708SUSE bug 1245711SUSE bug 1245713SUSE bug 1245714SUSE bug 1245719SUSE bug 1245723SUSE bug 1245729SUSE bug 1245730SUSE bug 1245731SUSE bug 1245735SUSE bug 1245737SUSE bug 1245744SUSE bug 1245745SUSE bug 1245746SUSE bug 1245747SUSE bug 1245748SUSE bug 1245749SUSE bug 1245750SUSE bug 1245751SUSE bug 1245752SUSE bug 1245757SUSE bug 1245758SUSE bug 1245765SUSE bug 1245768SUSE bug 1245769SUSE bug 1245777SUSE bug 1245781SUSE bug 1245789SUSE bug 1245937SUSE bug 1245945SUSE bug 1245951SUSE bug 1245952SUSE bug 1245954SUSE bug 1245957SUSE bug 1245966SUSE bug 1245970SUSE bug 1245976SUSE bug 1245980SUSE bug 1245983SUSE bug 1245986SUSE bug 1246000SUSE bug 1246002SUSE bug 1246006SUSE bug 1246008SUSE bug 1246020SUSE bug 1246023SUSE bug 1246029SUSE bug 1246031SUSE bug 1246037SUSE bug 1246041SUSE bug 1246042SUSE bug 1246044SUSE bug 1246045SUSE bug 1246047SUSE bug 1246049SUSE bug 1246050SUSE bug 1246055SUSE bug 1246073SUSE bug 1246093SUSE bug 1246098SUSE bug 1246109SUSE bug 1246122SUSE bug 1246125SUSE bug 1246171SUSE bug 1246173SUSE bug 1246178SUSE bug 1246182SUSE bug 1246183SUSE bug 1246186SUSE bug 1246195SUSE bug 1246203SUSE bug 1246212SUSE bug 1246220SUSE bug 1246236SUSE bug 1246240SUSE bug 1246243SUSE bug 1246246SUSE bug 1246249SUSE bug 1246250SUSE bug 1246253SUSE bug 1246258SUSE bug 1246262SUSE bug 1246264SUSE bug 1246266SUSE bug 1246268SUSE bug 1246273SUSE bug 1246283SUSE bug 1246287SUSE bug 1246292SUSE bug 1246293SUSE bug 1246295SUSE bug 1246334SUSE bug 1246337SUSE bug 1246342SUSE bug 1246349SUSE bug 1246354SUSE bug 1246358SUSE bug 1246361SUSE bug 1246364SUSE bug 1246370SUSE bug 1246375SUSE bug 1246384SUSE bug 1246386SUSE bug 1246387SUSE bug 1246438SUSE bug 1246453SUSE bug 1246473SUSE bug 1246490SUSE bug 1246506SUSE bug 1246547SUSE bug 1246777SUSE bug 1246781SUSE bug 1246870SUSE bug 1246879SUSE bug 1246911SUSE bug 1247018SUSE bug 1247023SUSE bug 1247028SUSE bug 1247031SUSE bug 1247033SUSE bug 1247035SUSE bug 1247061SUSE bug 1247089SUSE bug 1247091SUSE bug 1247097SUSE bug 1247098SUSE bug 1247101SUSE bug 1247103SUSE bug 1247104SUSE bug 1247113SUSE bug 1247118SUSE bug 1247123SUSE bug 1247125SUSE bug 1247128SUSE bug 1247132SUSE bug 1247138SUSE bug 1247141SUSE bug 1247143SUSE bug 1247145SUSE bug 1247146SUSE bug 1247147SUSE bug 1247149SUSE bug 1247150SUSE bug 1247151SUSE bug 1247153SUSE bug 1247154SUSE bug 1247156SUSE bug 1247160SUSE bug 1247164SUSE bug 1247169SUSE bug 1247170SUSE bug 1247171SUSE bug 1247172SUSE bug 1247174SUSE bug 1247176SUSE bug 1247177SUSE bug 1247178SUSE bug 1247181SUSE bug 1247209SUSE bug 1247210SUSE bug 1247227SUSE bug 1247233SUSE bug 1247236SUSE bug 1247238SUSE bug 1247241SUSE bug 1247251SUSE bug 1247252SUSE bug 1247253SUSE bug 1247255SUSE bug 1247271SUSE bug 1247273SUSE bug 1247274SUSE bug 1247276SUSE bug 1247277SUSE bug 1247278SUSE bug 1247279SUSE bug 1247284SUSE bug 1247285SUSE bug 1247288SUSE bug 1247289SUSE bug 1247293SUSE bug 1247311SUSE bug 1247314SUSE bug 1247317SUSE bug 1247347SUSE bug 1247348SUSE bug 1247349SUSE bug 1247374SUSE bug 1247437SUSE bug 1247450CVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2024-36028 at SUSECVE-2024-36028 at NVDCVE-2024-36348 at SUSECVE-2024-36348 at NVDCVE-2024-36349 at SUSECVE-2024-36349 at NVDCVE-2024-36350 at SUSECVE-2024-36350 at NVDCVE-2024-36357 at SUSECVE-2024-36357 at NVDCVE-2024-44963 at SUSECVE-2024-44963 at NVDCVE-2024-56742 at SUSECVE-2024-56742 at NVDCVE-2024-57947 at SUSECVE-2024-57947 at NVDCVE-2025-21839 at SUSECVE-2025-21839 at NVDCVE-2025-21872 at SUSECVE-2025-21872 at NVDCVE-2025-23163 at SUSECVE-2025-23163 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37856 at SUSECVE-2025-37856 at NVDCVE-2025-37864 at SUSECVE-2025-37864 at NVDCVE-2025-37885 at SUSECVE-2025-37885 at NVDCVE-2025-37920 at SUSECVE-2025-37920 at NVDCVE-2025-37984 at SUSECVE-2025-37984 at NVDCVE-2025-38034 at SUSECVE-2025-38034 at NVDCVE-2025-38035 at SUSECVE-2025-38035 at NVDCVE-2025-38051 at SUSECVE-2025-38051 at NVDCVE-2025-38052 at SUSECVE-2025-38052 at NVDCVE-2025-38058 at SUSECVE-2025-38058 at NVDCVE-2025-38061 at SUSECVE-2025-38061 at NVDCVE-2025-38062 at SUSECVE-2025-38062 at NVDCVE-2025-38063 at SUSECVE-2025-38063 at NVDCVE-2025-38064 at SUSECVE-2025-38064 at NVDCVE-2025-38074 at SUSECVE-2025-38074 at NVDCVE-2025-38084 at SUSECVE-2025-38084 at NVDCVE-2025-38085 at SUSECVE-2025-38085 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38088 at SUSECVE-2025-38088 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38090 at SUSECVE-2025-38090 at NVDCVE-2025-38094 at SUSECVE-2025-38094 at NVDCVE-2025-38095 at SUSECVE-2025-38095 at NVDCVE-2025-38097 at SUSECVE-2025-38097 at NVDCVE-2025-38098 at SUSECVE-2025-38098 at NVDCVE-2025-38099 at SUSECVE-2025-38099 at NVDCVE-2025-38100 at SUSECVE-2025-38100 at NVDCVE-2025-38102 at SUSECVE-2025-38102 at NVDCVE-2025-38105 at SUSECVE-2025-38105 at NVDCVE-2025-38107 at SUSECVE-2025-38107 at NVDCVE-2025-38108 at SUSECVE-2025-38108 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38112 at SUSECVE-2025-38112 at NVDCVE-2025-38113 at SUSECVE-2025-38113 at NVDCVE-2025-38115 at SUSECVE-2025-38115 at NVDCVE-2025-38117 at SUSECVE-2025-38117 at NVDCVE-2025-38118 at SUSECVE-2025-38118 at NVDCVE-2025-38120 at SUSECVE-2025-38120 at NVDCVE-2025-38122 at SUSECVE-2025-38122 at NVDCVE-2025-38123 at SUSECVE-2025-38123 at NVDCVE-2025-38124 at SUSECVE-2025-38124 at NVDCVE-2025-38126 at SUSECVE-2025-38126 at NVDCVE-2025-38127 at SUSECVE-2025-38127 at NVDCVE-2025-38129 at SUSECVE-2025-38129 at NVDCVE-2025-38131 at SUSECVE-2025-38131 at NVDCVE-2025-38132 at SUSECVE-2025-38132 at NVDCVE-2025-38135 at SUSECVE-2025-38135 at NVDCVE-2025-38136 at SUSECVE-2025-38136 at NVDCVE-2025-38138 at SUSECVE-2025-38138 at NVDCVE-2025-38142 at SUSECVE-2025-38142 at NVDCVE-2025-38143 at SUSECVE-2025-38143 at NVDCVE-2025-38145 at SUSECVE-2025-38145 at NVDCVE-2025-38147 at SUSECVE-2025-38147 at NVDCVE-2025-38148 at SUSECVE-2025-38148 at NVDCVE-2025-38149 at SUSECVE-2025-38149 at NVDCVE-2025-38151 at SUSECVE-2025-38151 at NVDCVE-2025-38153 at SUSECVE-2025-38153 at NVDCVE-2025-38154 at SUSECVE-2025-38154 at NVDCVE-2025-38155 at SUSECVE-2025-38155 at NVDCVE-2025-38157 at SUSECVE-2025-38157 at NVDCVE-2025-38158 at SUSECVE-2025-38158 at NVDCVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38161 at SUSECVE-2025-38161 at NVDCVE-2025-38162 at SUSECVE-2025-38162 at NVDCVE-2025-38165 at SUSECVE-2025-38165 at NVDCVE-2025-38166 at SUSECVE-2025-38166 at NVDCVE-2025-38173 at SUSECVE-2025-38173 at NVDCVE-2025-38174 at SUSECVE-2025-38174 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38180 at SUSECVE-2025-38180 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38182 at SUSECVE-2025-38182 at NVDCVE-2025-38183 at SUSECVE-2025-38183 at NVDCVE-2025-38187 at SUSECVE-2025-38187 at NVDCVE-2025-38188 at SUSECVE-2025-38188 at NVDCVE-2025-38192 at SUSECVE-2025-38192 at NVDCVE-2025-38193 at SUSECVE-2025-38193 at NVDCVE-2025-38194 at SUSECVE-2025-38194 at NVDCVE-2025-38197 at SUSECVE-2025-38197 at NVDCVE-2025-38198 at SUSECVE-2025-38198 at NVDCVE-2025-38200 at SUSECVE-2025-38200 at NVDCVE-2025-38202 at SUSECVE-2025-38202 at NVDCVE-2025-38203 at SUSECVE-2025-38203 at NVDCVE-2025-38204 at SUSECVE-2025-38204 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38210 at SUSECVE-2025-38210 at NVDCVE-2025-38211 at SUSECVE-2025-38211 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDCVE-2025-38213 at SUSECVE-2025-38213 at NVDCVE-2025-38214 at SUSECVE-2025-38214 at NVDCVE-2025-38215 at SUSECVE-2025-38215 at NVDCVE-2025-38217 at SUSECVE-2025-38217 at NVDCVE-2025-38220 at SUSECVE-2025-38220 at NVDCVE-2025-38222 at SUSECVE-2025-38222 at NVDCVE-2025-38225 at SUSECVE-2025-38225 at NVDCVE-2025-38226 at SUSECVE-2025-38226 at NVDCVE-2025-38227 at SUSECVE-2025-38227 at NVDCVE-2025-38229 at SUSECVE-2025-38229 at NVDCVE-2025-38231 at SUSECVE-2025-38231 at NVDCVE-2025-38236 at SUSECVE-2025-38236 at NVDCVE-2025-38239 at SUSECVE-2025-38239 at NVDCVE-2025-38244 at SUSECVE-2025-38244 at NVDCVE-2025-38246 at SUSECVE-2025-38246 at NVDCVE-2025-38248 at SUSECVE-2025-38248 at NVDCVE-2025-38249 at SUSECVE-2025-38249 at NVDCVE-2025-38250 at SUSECVE-2025-38250 at NVDCVE-2025-38257 at SUSECVE-2025-38257 at NVDCVE-2025-38259 at SUSECVE-2025-38259 at NVDCVE-2025-38264 at SUSECVE-2025-38264 at NVDCVE-2025-38272 at SUSECVE-2025-38272 at NVDCVE-2025-38273 at SUSECVE-2025-38273 at NVDCVE-2025-38275 at SUSECVE-2025-38275 at NVDCVE-2025-38277 at SUSECVE-2025-38277 at NVDCVE-2025-38279 at SUSECVE-2025-38279 at NVDCVE-2025-38283 at SUSECVE-2025-38283 at NVDCVE-2025-38286 at SUSECVE-2025-38286 at NVDCVE-2025-38289 at SUSECVE-2025-38289 at NVDCVE-2025-38290 at SUSECVE-2025-38290 at NVDCVE-2025-38292 at SUSECVE-2025-38292 at NVDCVE-2025-38293 at SUSECVE-2025-38293 at NVDCVE-2025-38300 at SUSECVE-2025-38300 at NVDCVE-2025-38303 at SUSECVE-2025-38303 at NVDCVE-2025-38304 at SUSECVE-2025-38304 at NVDCVE-2025-38305 at SUSECVE-2025-38305 at NVDCVE-2025-38307 at SUSECVE-2025-38307 at NVDCVE-2025-38310 at SUSECVE-2025-38310 at NVDCVE-2025-38312 at SUSECVE-2025-38312 at NVDCVE-2025-38313 at SUSECVE-2025-38313 at NVDCVE-2025-38319 at SUSECVE-2025-38319 at NVDCVE-2025-38323 at SUSECVE-2025-38323 at NVDCVE-2025-38326 at SUSECVE-2025-38326 at NVDCVE-2025-38328 at SUSECVE-2025-38328 at NVDCVE-2025-38332 at SUSECVE-2025-38332 at NVDCVE-2025-38334 at SUSECVE-2025-38334 at NVDCVE-2025-38335 at SUSECVE-2025-38335 at NVDCVE-2025-38336 at SUSECVE-2025-38336 at NVDCVE-2025-38337 at SUSECVE-2025-38337 at NVDCVE-2025-38338 at SUSECVE-2025-38338 at NVDCVE-2025-38342 at SUSECVE-2025-38342 at NVDCVE-2025-38343 at SUSECVE-2025-38343 at NVDCVE-2025-38344 at SUSECVE-2025-38344 at NVDCVE-2025-38345 at SUSECVE-2025-38345 at NVDCVE-2025-38348 at SUSECVE-2025-38348 at NVDCVE-2025-38349 at SUSECVE-2025-38349 at NVDCVE-2025-38350 at SUSECVE-2025-38350 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-38354 at SUSECVE-2025-38354 at NVDCVE-2025-38362 at SUSECVE-2025-38362 at NVDCVE-2025-38363 at SUSECVE-2025-38363 at NVDCVE-2025-38364 at SUSECVE-2025-38364 at NVDCVE-2025-38365 at SUSECVE-2025-38365 at NVDCVE-2025-38369 at SUSECVE-2025-38369 at NVDCVE-2025-38371 at SUSECVE-2025-38371 at NVDCVE-2025-38373 at SUSECVE-2025-38373 at NVDCVE-2025-38375 at SUSECVE-2025-38375 at NVDCVE-2025-38376 at SUSECVE-2025-38376 at NVDCVE-2025-38377 at SUSECVE-2025-38377 at NVDCVE-2025-38380 at SUSECVE-2025-38380 at NVDCVE-2025-38382 at SUSECVE-2025-38382 at NVDCVE-2025-38384 at SUSECVE-2025-38384 at NVDCVE-2025-38385 at SUSECVE-2025-38385 at NVDCVE-2025-38386 at SUSECVE-2025-38386 at NVDCVE-2025-38387 at SUSECVE-2025-38387 at NVDCVE-2025-38389 at SUSECVE-2025-38389 at NVDCVE-2025-38391 at SUSECVE-2025-38391 at NVDCVE-2025-38392 at SUSECVE-2025-38392 at NVDCVE-2025-38393 at SUSECVE-2025-38393 at NVDCVE-2025-38395 at SUSECVE-2025-38395 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38399 at SUSECVE-2025-38399 at NVDCVE-2025-38400 at SUSECVE-2025-38400 at NVDCVE-2025-38401 at SUSECVE-2025-38401 at NVDCVE-2025-38403 at SUSECVE-2025-38403 at NVDCVE-2025-38404 at SUSECVE-2025-38404 at NVDCVE-2025-38406 at SUSECVE-2025-38406 at NVDCVE-2025-38409 at SUSECVE-2025-38409 at NVDCVE-2025-38410 at SUSECVE-2025-38410 at NVDCVE-2025-38412 at SUSECVE-2025-38412 at NVDCVE-2025-38414 at SUSECVE-2025-38414 at NVDCVE-2025-38415 at SUSECVE-2025-38415 at NVDCVE-2025-38416 at SUSECVE-2025-38416 at NVDCVE-2025-38420 at SUSECVE-2025-38420 at NVDCVE-2025-38424 at SUSECVE-2025-38424 at NVDCVE-2025-38425 at SUSECVE-2025-38425 at NVDCVE-2025-38426 at SUSECVE-2025-38426 at NVDCVE-2025-38428 at SUSECVE-2025-38428 at NVDCVE-2025-38429 at SUSECVE-2025-38429 at NVDCVE-2025-38430 at SUSECVE-2025-38430 at NVDCVE-2025-38436 at SUSECVE-2025-38436 at NVDCVE-2025-38443 at SUSECVE-2025-38443 at NVDCVE-2025-38448 at SUSECVE-2025-38448 at NVDCVE-2025-38449 at SUSECVE-2025-38449 at NVDCVE-2025-38455 at SUSECVE-2025-38455 at NVDCVE-2025-38457 at SUSECVE-2025-38457 at NVDCVE-2025-38460 at SUSECVE-2025-38460 at NVDCVE-2025-38461 at SUSECVE-2025-38461 at NVDCVE-2025-38462 at SUSECVE-2025-38462 at NVDCVE-2025-38463 at SUSECVE-2025-38463 at NVDCVE-2025-38465 at SUSECVE-2025-38465 at NVDCVE-2025-38467 at SUSECVE-2025-38467 at NVDCVE-2025-38468 at SUSECVE-2025-38468 at NVDCVE-2025-38470 at SUSECVE-2025-38470 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38473 at SUSECVE-2025-38473 at NVDCVE-2025-38474 at SUSECVE-2025-38474 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDCVE-2025-38478 at SUSECVE-2025-38478 at NVDCVE-2025-38480 at SUSECVE-2025-38480 at NVDCVE-2025-38481 at SUSECVE-2025-38481 at NVDCVE-2025-38482 at SUSECVE-2025-38482 at NVDCVE-2025-38483 at SUSECVE-2025-38483 at NVDCVE-2025-38485 at SUSECVE-2025-38485 at NVDCVE-2025-38487 at SUSECVE-2025-38487 at NVDCVE-2025-38489 at SUSECVE-2025-38489 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDCVE-2025-38496 at SUSECVE-2025-38496 at NVDCVE-2025-38497 at SUSECVE-2025-38497 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 (Moderate)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_11 fixes the following issues:
This is the initial livepatch for the Update 11 of the RT Kernel for SL Micro 6.0 and 6.1.
Moderatecpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_3 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_3 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.0
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1244337SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.0Security update for python-requests (Moderate)SUSE Linux Micro 6.1
This update for python-requests fixes the following issues:
- Add patch to inject the default CA bundles if they are not specified.
(bsc#1226321, bsc#1231500)
- Remove Requires on python-py.
- update to 2.32.3:
* Fixed bug breaking the ability to specify custom SSLContexts
in sub-classes of HTTPAdapter.
* Fixed issue where Requests started failing to run on Python
versions compiled without the `ssl` module.
* To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0,
we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing
custom HTTPAdapters will need to migrate their code to use this new API. get_connection is
* Fixed an issue where setting verify=False on the first request from a Session
will cause subsequent requests to the same origin to also ignore cert verification,
* verify=True now reuses a global SSLContext which should improve request time
* Requests now supports optional use of character detection (chardet or charset_normalizer)
when repackaged or vendored. This enables pip and other projects to minimize their
ModerateSUSE bug 1226321SUSE bug 1231500cpe:/o:suse:sl-micro:6.1Security update for avahi (Moderate)SUSE Linux Micro 6.1
This update for avahi fixes the following issues:
- CVE-2024-52616: Fixed predictable transaction IDs for Wide-Area DNS (bsc#1233420)
- Drop rcFOO symlinks (jsc#PED-266).
ModerateSUSE bug 1233420CVE-2024-52616 at SUSECVE-2024-52616 at NVDcpe:/o:suse:sl-micro:6.1Security update for freetype2 (Important)SUSE Linux Micro 6.1
This update for freetype2 fixes the following issues:
Update to 2.13.2:
* Some fields in the `FT_Outline` structure have been changed
from signed to unsigned type, which better reflects the actual
usage. It is also an additional means to protect against
malformed input.
* Rare double-free crashes in the cache subsystem have been fixed.
* Excessive stack allocation in the autohinter has been fixed.
* The B/W rasterizer has received a major upkeep that results in
large performance improvements. The rendering speed has
increased and even doubled for very complex glyphs.
Importantcpe:/o:suse:sl-micro:6.1Security update for expat (Important)SUSE Linux Micro 6.1
This update for expat fixes the following issues:
Version update to 2.7.1:
Bug fixes:
#980 #989 Restore event pointer behavior from Expat 2.6.4
(that the fix to CVE-2024-8176 changed in 2.7.0);
affected API functions are:
- XML_GetCurrentByteCount
- XML_GetCurrentByteIndex
- XML_GetCurrentColumnNumber
- XML_GetCurrentLineNumber
- XML_GetInputContext
Other changes:
#976 #977 Autotools: Integrate files "fuzz/xml_lpm_fuzzer.{cpp,proto}"
with Automake that were missing from 2.7.0 release tarballs
#983 #984 Fix printf format specifiers for 32bit Emscripten
#992 docs: Promote OpenSSF Best Practices self-certification
#978 tests/benchmark: Resolve mistaken double close
#986 Address compiler warnings
#990 #993 Version info bumped from 11:1:10 (libexpat*.so.1.10.1)
to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/
for what these numbers do
Infrastructure:
#982 CI: Start running Perl XML::Parser integration tests
#987 CI: Enforce Clang Static Analyzer clean code
#991 CI: Re-enable warning clang-analyzer-valist.Uninitialized
for clang-tidy
#981 CI: Cover compilation with musl
#983 #984 CI: Cover compilation with 32bit Emscripten
#976 #977 CI: Protect against fuzzer files missing from future
release archives
version update to 2.7.0 (CVE-2024-8176 [bsc#1239618]):
* Security fixes:
#893 #973 CVE-2024-8176 -- Fix crash from chaining a large number
of entities caused by stack overflow by resolving use of
recursion, for all three uses of entities:
- general entities in character data ("<e>&g1;</e>")
- general entities in attribute values ("<e k1='&g1;'/>")
- parameter entities ("%p1;")
Known impact is (reliable and easy) denial of service:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C
(Base Score: 7.5, Temporal Score: 7.2)
Please note that a layer of compression around XML can
significantly reduce the minimum attack payload size.
* Other changes:
#935 #937 Autotools: Make generated CMake files look for
libexpat.@SO_MAJOR@.dylib on macOS
#925 Autotools: Sync CMake templates with CMake 3.29
#945 #962 #966 CMake: Drop support for CMake <3.13
#942 CMake: Small fuzzing related improvements
#921 docs: Add missing documentation of error code
XML_ERROR_NOT_STARTED that was introduced with 2.6.4
#941 docs: Document need for C++11 compiler for use from C++
#959 tests/benchmark: Fix a (harmless) TOCTTOU
#944 Windows: Fix installer target location of file xmlwf.xml
for CMake
#953 Windows: Address warning -Wunknown-warning-option
about -Wno-pedantic-ms-format from LLVM MinGW
#971 Address Cppcheck warnings
#969 #970 Mass-migrate links from http:// to https://
#947 #958 ..
#974 #975 Document changes since the previous release
#974 #975 Version info bumped from 11:0:10 (libexpat*.so.1.10.0)
to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/
for what these numbers do
- no source changes, just adding jira reference: jsc#SLE-21253
Version update to 2.6.4
* Security fixes: [bsc#1232601][bsc#1232579]
#915 CVE-2024-50602 -- Fix crash within function XML_ResumeParser
from a NULL pointer dereference by disallowing function
XML_StopParser to (stop or) suspend an unstarted parser.
A new error code XML_ERROR_NOT_STARTED was introduced to
properly communicate this situation. // CWE-476 CWE-754
* Other changes:
#903 CMake: Add alias target "expat::expat"
#905 docs: Document use via CMake >=3.18 with FetchContent
and SOURCE_SUBDIR and its consequences
#902 tests: Reduce use of global parser instance
#904 tests: Resolve duplicate handler
#317 #918 tests: Improve tests on doctype closing (ex CVE-2019-15903)
#914 Fix signedness of format strings
#919 #920 Version info bumped from 10:3:9 (libexpat*.so.1.9.3)
to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/
for what these numbers do
Update to 2.6.3:
* Security fixes:
- CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with
len < 0 without noticing and then calling XML_GetBuffer
will have XML_ParseBuffer fail to recognize the problem
and XML_GetBuffer corrupt memory.
With the fix, XML_ParseBuffer now complains with error
XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse
has been doing since Expat 2.2.1, and now documented.
Impact is denial of service to potentially artitrary code
execution.
- CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an
integer overflow for nDefaultAtts on 32-bit platforms
(where UINT_MAX equals SIZE_MAX).
Impact is denial of service to potentially artitrary code
execution.
- CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can
have an integer overflow for m_groupSize on 32-bit
platforms (where UINT_MAX equals SIZE_MAX).
Impact is denial of service to potentially artitrary code
execution.
Update to 2.6.2:
* CVE-2024-28757 -- Prevent billion laughs attacks with isolated
use of external parsers (bsc#1221289)
* Reject direct parameter entity recursion and avoid the related
undefined behavior
Update to 2.6.1:
* Expose billion laughs API with XML_DTD defined and XML_GE
undefined, regression from 2.6.0
* Make tests independent of CPU speed, and thus more robust
Update to 2.6.0:
* Security fixes:
- CVE-2023-52425 (bsc#1219559)
-- Fix quadratic runtime issues with big tokens
that can cause denial of service, in partial where
dealing with compressed XML input. Applications
that parsed a document in one go -- a single call to
functions XML_Parse or XML_ParseBuffer -- were not affected.
The smaller the chunks/buffers you use for parsing
previously, the bigger the problem prior to the fix.
Backporters should be careful to no omit parts of
pull request #789 and to include earlier pull request #771,
in order to not break the fix.
- CVE-2023-52426 (bsc#1219561)
-- Fix billion laughs attacks for users
compiling *without* XML_DTD defined (which is not common).
Users with XML_DTD defined have been protected since
Expat >=2.4.0 (and that was CVE-2013-0340 back then).
* Bug fixes:
- Fix parse-size-dependent "invalid token" error for
external entities that start with a byte order mark
- Fix NULL pointer dereference in setContext via
XML_ExternalEntityParserCreate for compilation with
XML_DTD undefined
- Protect against closing entities out of order
* Other changes:
- Improve support for arc4random/arc4random_buf
- Improve buffer growth in XML_GetBuffer and XML_Parse
- xmlwf: Support --help and --version
- xmlwf: Support custom buffer size for XML_GetBuffer and read
- xmlwf: Improve language and URL clickability in help output
- examples: Add new example "element_declarations.c"
- Be stricter about macro XML_CONTEXT_BYTES at build time
- Make inclusion to expat_config.h consistent
- Autotools: configure.ac: Support --disable-maintainer-mode
- Autotools: Sync CMake templates with CMake 3.26
- Autotools: Make installation of shipped man page doc/xmlwf.1
independent of docbook2man availability
- Autotools|CMake: Add missing -DXML_STATIC to pkg-config file
section "Cflags.private" in order to fix compilation
against static libexpat using pkg-config on Windows
- Autotools|CMake: Require a C99 compiler
(a de-facto requirement already since Expat 2.2.2 of 2017)
- Autotools|CMake: Fix PACKAGE_BUGREPORT variable
- Autotools|CMake: Make test suite require a C++11 compiler
- CMake: Require CMake >=3.5.0
- CMake: Lowercase off_t and size_t to help a bug in Meson
- CMake: Sort xmlwf sources alphabetically
- CMake|Windows: Fix generation of DLL file version info
- CMake: Build tests/benchmark/benchmark.c as well for
a build with -DEXPAT_BUILD_TESTS=ON
- docs: Document the importance of isFinal + adjust tests
accordingly
- docs: Improve use of "NULL" and "null"
- docs: Be specific about version of XML (XML 1.0r4)
and version of C (C99); (XML 1.0r5 will need a sponsor.)
- docs: reference.html: Promote function XML_ParseBuffer more
- docs: reference.html: Add HTML anchors to XML_* macros
- docs: reference.html: Upgrade to OK.css 1.2.0
- docs: Fix typos
- docs|CI: Use HTTPS URLs instead of HTTP at various places
- Address compiler warnings
- Address clang-tidy warnings
- Version info bumped from 9:10:8 (libexpat*.so.1.8.10)
to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/
for what these numbers do
ImportantSUSE bug 1219559SUSE bug 1219561SUSE bug 1221289SUSE bug 1229930SUSE bug 1229931SUSE bug 1229932SUSE bug 1232579SUSE bug 1232601SUSE bug 1239618CVE-2013-0340 at SUSECVE-2013-0340 at NVDCVE-2019-15903 at SUSECVE-2019-15903 at NVDCVE-2023-52425 at SUSECVE-2023-52425 at NVDCVE-2023-52426 at SUSECVE-2023-52426 at NVDCVE-2024-28757 at SUSECVE-2024-28757 at NVDCVE-2024-45490 at SUSECVE-2024-45490 at NVDCVE-2024-45491 at SUSECVE-2024-45491 at NVDCVE-2024-45492 at SUSECVE-2024-45492 at NVDCVE-2024-50602 at SUSECVE-2024-50602 at NVDCVE-2024-8176 at SUSECVE-2024-8176 at NVDcpe:/o:suse:sl-micro:6.1Security update for wget (Moderate)SUSE Linux Micro 6.1
This update for wget fixes the following issues:
- CVE-2024-10524: Drop support for shorthand URLs (bsc#1233773).
ModerateSUSE bug 1233773CVE-2024-10524 at SUSECVE-2024-10524 at NVDcpe:/o:suse:sl-micro:6.1Security update for elemental-operator (Important)SUSE Linux Micro 6.1
This update for elemental-operator fixes the following issues:
- Updated to v1.7.2:
* Updated header year
* CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238700)
* CVE-2025-22869: golang.org/x/crypto/ssh: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239335)
* Label Templates: add IP addresses to the Network variables (#885, #894)
* Fixed generation of already present resources (#892, #893)
ImportantSUSE bug 1238700SUSE bug 1239335CVE-2025-22869 at SUSECVE-2025-22869 at NVDCVE-2025-22870 at SUSECVE-2025-22870 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-h11, python-httpcore (Critical)SUSE Linux Micro 6.1
This update for python-h11, python-httpcore fixes the following issues:
python-h11:
- Update 0.16.0:
* CVE-2025-43859: Fixed accepting of malformed Chunked-Encoding bodies (bsc#1241872)
- 0.15.0:
* Reject Content-Lengths >= 1 zettabyte (1 billion terabytes) early,
without attempting to parse the integer (#181)
python-httpcore:
- CVE-2025-43859: Fixed accepting of malformed Chunked-Encoding bodies (bsc#1241872)
CriticalSUSE bug 1241872CVE-2025-43859 at SUSECVE-2025-43859 at NVDcpe:/o:suse:sl-micro:6.1Security update for runc (Moderate)SUSE Linux Micro 6.1
This update for runc fixes the following issues:
Update to runc v1.2.6. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.2.6>.
Update to runc v1.2.0~rc3. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.2.0-rc.3>.
- CVE-2024-45310: Fixed that runc can be tricked into creating empty files/directories on host (bsc#1230092)
ModerateSUSE bug 1214960SUSE bug 1230092CVE-2024-45310 at SUSECVE-2024-45310 at NVDcpe:/o:suse:sl-micro:6.1Security update for s390-tools (Moderate)SUSE Linux Micro 6.1
This update for s390-tools fixes the following issues:
* Revendored vendor.tar.zst (CVE-2025-3416: Fixed use-after-free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242622)
* Added the new IBM z17 (9175) processor type
The package is built with the new 4096bit RSA secure boot signing key.
ModerateSUSE bug 1242622CVE-2025-3416 at SUSECVE-2025-3416 at NVDcpe:/o:suse:sl-micro:6.1Security update for docker (Important)SUSE Linux Micro 6.1
This update for docker fixes the following issues:
Update to docker-buildx v0.22.0:
- CVE-2025-0495: buildx: credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration (bsc#1239765).
- CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (bsc#1239185).
- CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239322).
Bug fixes:
- Fix unconditional container-selinux pull (bsc#1237367).
ImportantSUSE bug 1237367SUSE bug 1239185SUSE bug 1239322SUSE bug 1239765CVE-2025-0495 at SUSECVE-2025-0495 at NVDCVE-2025-22868 at SUSECVE-2025-22868 at NVDCVE-2025-22869 at SUSECVE-2025-22869 at NVDcpe:/o:suse:sl-micro:6.1Security update for glibc (Critical)SUSE Linux Micro 6.1
This update for glibc fixes the following issues:
- CVE-2025-4802: elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static (bsc#1243317)
- pthreads NPTL: lost wakeup fix 2 (bsc#1234128, BZ #25847)
- Mark functions in libc_nonshared.a as hidden (bsc#1239883)
- Linux: Switch back to assembly syscall wrapper for prctl (bsc#1234665, BZ #29770)
CriticalSUSE bug 1234128SUSE bug 1234665SUSE bug 1239883SUSE bug 1243317CVE-2025-4802 at SUSECVE-2025-4802 at NVDcpe:/o:suse:sl-micro:6.1Security update for unbound (Moderate)SUSE Linux Micro 6.1
This update for unbound fixes the following issues:
Update to 1.22.0:
- CVE-2024-8508: Fixed unbounded name compression that could have led to a denial of service (bsc#1231284).
ModerateSUSE bug 1231284CVE-2024-8508 at SUSECVE-2024-8508 at NVDcpe:/o:suse:sl-micro:6.1Recommended update for git (Moderate)SUSE Linux Micro 6.1
This update for git fixes the following issues:
- CVE-2024-50349: passwords for trusted sites could be sent to untrusted
sites (bsc#1235600)
- CVE-2024-52006: Carriage Returns via the credential protocol to credential
helpers (bsc#1235601)
ModerateSUSE bug 1235600SUSE bug 1235601CVE-2024-50349 at SUSECVE-2024-50349 at NVDCVE-2024-52006 at SUSECVE-2024-52006 at NVDcpe:/o:suse:sl-micro:6.1Security update for skopeo (Important)SUSE Linux Micro 6.1
This update for skopeo fixes the following issues:
- CVE-2024-6104: url might write sensitive information to log file (bsc#1227056).
- CVE-2023-45288: close connections when receiving too many headers (bsc#1236483).
- CVE-2025-27144: Go JOSE's Parsing Vulnerable to Denial of Service (bsc#1237613).
ImportantSUSE bug 1227056SUSE bug 1236483SUSE bug 1237613CVE-2023-45288 at SUSECVE-2023-45288 at NVDCVE-2024-6104 at SUSECVE-2024-6104 at NVDCVE-2025-27144 at SUSECVE-2025-27144 at NVDcpe:/o:suse:sl-micro:6.1Security update for libxml2 (Moderate)SUSE Linux Micro 6.1
This update for libxml2 fixes the following issues:
- CVE-2025-32414: Fixed out-of-bounds read when parsing text via the Python API (bsc#1241551).
- CVE-2025-32415: Fixed heap-based buffer under-read via crafted XML documents (bsc#1241453).
ModerateSUSE bug 1241453SUSE bug 1241551CVE-2025-32414 at SUSECVE-2025-32414 at NVDCVE-2025-32415 at SUSECVE-2025-32415 at NVDcpe:/o:suse:sl-micro:6.1Security update for python311 (Important)SUSE Linux Micro 6.1
This update for python311 fixes the following issues:
- CVE-2025-4516: Fixed blocking DecodeError handling
vulnerability, which could lead to DoS. (bsc#1243273)
Update to 3.11.12:
- gh-105704: When using urllib.parse.urlsplit() and
urllib.parse.urlparse() host parsing would not reject domain
names containing square brackets ([ and ]). Square brackets
are only valid for IPv6 and IPvFuture hosts according to RFC
3986 Section 3.2.2 (bsc#1236705, CVE-2025-0938,
gh#python/cpython#105704).
- gh-121284: Fix bug in the folding of rfc2047 encoded-words
when flattening an email message using a modern email
policy. Previously when an encoded-word was too long for
a line, it would be decoded, split across lines, and
re-encoded. But commas and other special characters in the
original text could be left unencoded and unquoted. This
could theoretically be used to spoof header lines using a
carefully constructed encoded-word if the resulting rendered
email was transmitted or re-parsed.
- gh-80222: Fix bug in the folding of quoted strings
when flattening an email message using a modern email
policy. Previously when a quoted string was folded so that
it spanned more than one line, the surrounding quotes and
internal escapes would be omitted. This could theoretically
be used to spoof header lines using a carefully constructed
quoted string if the resulting rendered email was transmitted
or re-parsed.
- gh-119511: Fix a potential denial of service in the imaplib
module. When connecting to a malicious server, it could
cause an arbitrary amount of memory to be allocated. On many
systems this is harmless as unused virtual memory is only
a mapping, but if this hit a virtual address size limit
it could lead to a MemoryError or other process crash. On
unusual systems or builds where all allocated memory is
touched and backed by actual ram or storage it could’ve
consumed resources doing so until similarly crashing.
- gh-127257: In ssl, system call failures that OpenSSL reports
using ERR_LIB_SYS are now raised as OSError.
- gh-121277: Writers of CPython’s documentation can now use
next as the version for the versionchanged, versionadded,
deprecated directives.
- gh-106883: Disable GC during the _PyThread_CurrentFrames()
and _PyThread_CurrentExceptions() calls to avoid the
interpreter to deadlock.
- CVE-2025-0938: disallow square brackets ([ and ]) in domain names for parsed
URLs (bsc#1236705, gh#python/cpython#105704)
Update to 3.11.11:
- Tools/Demos
- gh-123418: Update GitHub CI workflows to use OpenSSL 3.0.15
and multissltests to use 3.0.15, 3.1.7, and 3.2.3.
- Security
- gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to
consistently use the mapped IPv4 address value for deciding
properties. Properties which have their behavior fixed are
is_multicast, is_reserved, is_link_local, is_global, and
is_unspecified.
- Library
- gh-124651: Properly quote template strings in venv
activation scripts (bsc#1232241, CVE-2024-9287).
- Remove -IVendor/ from python-config bsc#1231795
- CVE-2024-9287: Properly quote path names provided when creating a
virtual environment (bsc#1232241,
- Drop .pyc files from docdir for reproducible builds (bsc#1230906).
Update to 3.11.10:
- Security
- gh-121957: Fixed missing audit events around interactive
use of Python, now also properly firing for ``python -i``,
as well as for ``python -m asyncio``. The event in question
is ``cpython.run_stdin``.
- gh-122133: Authenticate the socket connection for the
``socket.socketpair()`` fallback on platforms where
``AF_UNIX`` is not available like Windows. Patch by
Gregory P. Smith <greg@krypto.org> and Seth Larson
<seth@python.org>. Reported by Ellie <el@horse64.org>
- gh-121285: Remove backtracking from tarfile header parsing
for ``hdrcharset``, PAX, and GNU sparse headers
(bsc#1230227, CVE-2024-6232).
- gh-118486: :func:`os.mkdir` on Windows now accepts
*mode* of ``0o700`` to restrict the new directory to
the current user. This fixes CVE-2024-4030 affecting
:func:`tempfile.mkdtemp` in scenarios where the base
temporary directory is more permissive than the default.
- Library
- gh-123270: Applied a more surgical fix for malformed
payloads in :class:`zipfile.Path` causing infinite loops
(gh-122905) without breaking contents using legitimate
characters (bsc#1229704, CVE-2024-8088).
- gh-123067: Fix quadratic complexity in parsing ``"``-quoted
cookie values with backslashes by :mod:`http.cookies`
(bsc#1229596, CVE-2024-7592).
- gh-122905: :class:`zipfile.Path` objects now sanitize names
from the zipfile.
- gh-121650: :mod:`email` headers with embedded newlines are
now quoted on output. The :mod:`~email.generator` will now
refuse to serialize (write) headers that are unsafely folded
or delimited; see :attr:`~email.policy.Policy.verify_generated_headers`.
(Contributed by Bas Bloemsaat and Petr Viktorin in
:gh:`121650`; CVE-2024-6923, bsc#1228780).
- gh-119506: Fix :meth:`!io.TextIOWrapper.write` method
breaks internal buffer when the method is called again
during flushing internal buffer.
- gh-118643: Fix an AttributeError in the :mod:`email` module
when re-fold a long address list. Also fix more cases of
incorrect encoding of the address separator in the address
list.
- gh-113171: Fixed various false positives and false
negatives in * :attr:`ipaddress.IPv4Address.is_private`
(see these docs for details) *
:attr:`ipaddress.IPv4Address.is_global` *
:attr:`ipaddress.IPv6Address.is_private` *
:attr:`ipaddress.IPv6Address.is_global` Also in the
corresponding :class:`ipaddress.IPv4Network` and
:class:`ipaddress.IPv6Network` attributes.
Fixes bsc#1226448 (CVE-2024-4032).
- gh-102988: :func:`email.utils.getaddresses` and
:func:`email.utils.parseaddr` now return ``('', '')``
2-tuples in more situations where invalid email addresses
are encountered instead of potentially inaccurate
values. Add optional *strict* parameter to these two
functions: use ``strict=False`` to get the old behavior,
accept malformed inputs. ``getattr(email.utils,
'supports_strict_parsing', False)`` can be use to check if
the *strict* paramater is available. Patch by Thomas Dwyer
and Victor Stinner to improve the CVE-2023-27043 fix
(bsc#1210638).
- gh-67693: Fix :func:`urllib.parse.urlunparse` and
:func:`urllib.parse.urlunsplit` for URIs with path starting
with multiple slashes and no authority. Based on patch by
Ashwin Ramaswami.
- Core and Builtins
- gh-112275: A deadlock involving ``pystate.c``'s
``HEAD_LOCK`` in ``posixmodule.c`` at fork is now
fixed. Patch by ChuBoning based on previous Python 3.12 fix
by Victor Stinner.
- gh-109120: Added handle of incorrect star expressions, e.g
``f(3, *)``. Patch by Grigoryev Semyon
- CVE-2024-8088: Prevent malformed payload to cause infinite loops in
zipfile.Path (bsc#1229704)
- Make pip and modern tools install directly in /usr/local when used by
the user. (bsc#1225660)
- CVE-2024-4032: Fix rearranging definition of private v global IP
addresses. (bsc#1226448)
Update to 3.11.9:
* Security
- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
(CVE-2023-52425, bsc#1219559) by adding five new methods:
xml.etree.ElementTree.XMLParser.flush()
xml.etree.ElementTree.XMLPullParser.flush()
xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
xml.sax.expatreader.ExpatParser.flush()
- gh-115399: Update bundled libexpat to 2.6.0
- gh-115243: Fix possible crashes in collections.deque.index()
when the deque is concurrently modified.
- gh-114572: ssl.SSLContext.cert_store_stats() and
ssl.SSLContext.get_ca_certs() now correctly lock access to the
certificate store, when the ssl.SSLContext is shared across
multiple threads (bsc#1226447, CVE-2024-0397).
* Core and Builtins
- gh-116296: Fix possible refleak in object.__reduce__() internal
error handling.
- gh-116034: Fix location of the error on a failed assertion.
- gh-115823: Properly calculate error ranges in the parser when
raising SyntaxError exceptions caused by invalid byte sequences.
Patch by Pablo Galindo
- gh-112087: For an empty reverse iterator for list will be
reduced to reversed(). Patch by Donghee Na.
- gh-115011: Setters for members with an unsigned integer type now
support the same range of valid values for objects that has a
__index__() method as for int.
- gh-96497: Fix incorrect resolution of mangled class variables
used in assignment expressions in comprehensions.
* Library
- gh-117310: Fixed an unlikely early & extra Py_DECREF triggered
crash in ssl when creating a new _ssl._SSLContext if CPython was
built implausibly such that the default cipher list is empty or
the SSL library it was linked against reports a failure from its
C SSL_CTX_set_cipher_list() API.
- gh-117178: Fix regression in lazy loading of self-referential
modules, introduced in gh-114781.
- gh-117084: Fix zipfile extraction for directory entries with the
name containing backslashes on Windows.
- gh-117110: Fix a bug that prevents subclasses of typing.Any to
be instantiated with arguments. Patch by Chris Fu.
- gh-90872: On Windows, subprocess.Popen.wait() no longer calls
WaitForSingleObject() with a negative timeout: pass 0 ms if the
timeout is negative. Patch by Victor Stinner.
- gh-116957: configparser: Don’t leave ConfigParser values in an
invalid state (stored as a list instead of a str) after an
earlier read raised DuplicateSectionError or
DuplicateOptionError.
- gh-90095: Ignore empty lines and comments in .pdbrc
- gh-116764: Restore support of None and other false values in
urllib.parse functions parse_qs() and parse_qsl(). Also, they
now raise a TypeError for non-zero integers and non-empty
sequences.
- gh-116811: In PathFinder.invalidate_caches, delegate to
MetadataPathFinder.invalidate_caches.
- gh-116600: Fix repr() for global Flag members.
- gh-116484: Change automatically generated tkinter.Checkbutton
widget names to avoid collisions with automatically generated
tkinter.ttk.Checkbutton widget names within the same parent
widget.
- gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on
opening named pipe.
- gh-116143: Fix a race in pydoc _start_server, eliminating a
window in which _start_server can return a thread that is
“serving” but without a docserver set.
- gh-116325: typing: raise SyntaxError instead of AttributeError
on forward references as empty strings.
- gh-90535: Fix support of interval values > 1 in
logging.TimedRotatingFileHandler for when='MIDNIGHT' and
when='Wx'.
- gh-115978: Disable preadv(), readv(), pwritev(), and writev() on
WASI.
- Under wasmtime for WASI 0.2, these functions don’t pass
test_posix
(https://github.com/bytecodealliance/wasmtime/issues/7830).
- gh-88352: Fix the computation of the next rollover time in the
logging.TimedRotatingFileHandler handler. computeRollover() now
always returns a timestamp larger than the specified time and
works correctly during the DST change. doRollover() no longer
overwrite the already rolled over file, saving from data loss
when run at midnight or during repeated time at the DST change.
- gh-87115: Set __main__.__spec__ to None when running a script
with pdb
- gh-76511: Fix UnicodeEncodeError in email.Message.as_string()
that results when a message that claims to be in the ascii
character set actually has non-ascii characters. Non-ascii
characters are now replaced with the U+FFFD replacement
character, like in the replace error handler.
- gh-75988: Fixed unittest.mock.create_autospec() to pass the call
through to the wrapped object to return the real result.
- gh-115881: Fix issue where ast.parse() would incorrectly flag
conditional context managers (such as with (x() if y else z()):
...) as invalid syntax if feature_version=(3, 8) was passed.
This reverts changes to the grammar made as part of gh-94949.
- gh-115886: Fix silent truncation of the name with an embedded
null character in multiprocessing.shared_memory.SharedMemory.
- gh-115809: Improve algorithm for computing which rolled-over log
files to delete in logging.TimedRotatingFileHandler. It is now
reliable for handlers without namer and with arbitrary
deterministic namer that leaves the datetime part in the file
name unmodified.
- gh-74668: urllib.parse functions parse_qs() and parse_qsl() now
support bytes arguments containing raw and percent-encoded
non-ASCII data.
- gh-67044: csv.writer() now always quotes or escapes '\r' and
'\n', regardless of lineterminator value.
- gh-115712: csv.writer() now quotes empty fields if delimiter is
a space and skipinitialspace is true and raises exception if
quoting is not possible.
- gh-115618: Fix improper decreasing the reference count for None
argument in property methods getter(), setter() and deleter().
- gh-115570: A DeprecationWarning is no longer omitted on access
to the __doc__ attributes of the deprecated typing.io and
typing.re pseudo-modules.
- gh-112006: Fix inspect.unwrap() for types with the __wrapper__
data descriptor.
- gh-101293: Support callables with the __call__() method and
types with __new__() and __init__() methods set to class
methods, static methods, bound methods, partial functions, and
other types of methods and descriptors in
inspect.Signature.from_callable().
- gh-115392: Fix a bug in doctest where incorrect line numbers
would be reported for decorated functions.
- gh-114563: Fix several format() bugs when using the C
implementation of Decimal: * memory leak in some rare cases when
using the z format option (coerce negative 0) * incorrect output
when applying the z format option to type F (fixed-point with
capital NAN / INF) * incorrect output when applying the # format
option (alternate form)
- gh-115197: urllib.request no longer resolves the hostname before
checking it against the system’s proxy bypass list on macOS and
Windows.
- gh-115198: Fix support of Docutils >= 0.19 in distutils.
- gh-115165: Most exceptions are now ignored when attempting to
set the __orig_class__ attribute on objects returned when
calling typing generic aliases (including generic aliases
created using typing.Annotated). Previously only AttributeError
was ignored. Patch by Dave Shawley.
- gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.
- gh-115059: io.BufferedRandom.read1() now flushes the underlying
write buffer.
- gh-79382: Trailing ** no longer allows to match files and
non-existing paths in recursive glob().
- gh-114763: Protect modules loaded with importlib.util.LazyLoader
from race conditions when multiple threads try to access
attributes before the loading is complete.
- gh-97959: Fix rendering class methods, bound methods, method and
function aliases in pydoc. Class methods no longer have “method
of builtins.type instance” note. Corresponding notes are now
added for class and unbound methods. Method and function aliases
now have references to the module or the class where the origin
was defined if it differs from the current. Bound methods are
now listed in the static methods section. Methods of builtin
classes are now supported as well as methods of Python classes.
- gh-112281: Allow creating union of types for typing.Annotated
with unhashable metadata.
- gh-111775: Fix importlib.resources.simple.ResourceHandle.open()
for text mode, added missed stream argument.
- gh-90095: Make .pdbrc and -c work with any valid pdb commands.
- gh-107155: Fix incorrect output of help(x) where x is a lambda
function, which has an __annotations__ dictionary attribute with
a "return" key.
- gh-105866: Fixed _get_slots bug which caused error when defining
dataclasses with slots and a weakref_slot.
- gh-60346: Fix ArgumentParser inconsistent with parse_known_args.
- gh-100985: Update HTTPSConnection to consistently wrap IPv6
Addresses when using a proxy.
- gh-100884: email: fix misfolding of comma in address-lists
over multiple lines in combination with unicode encoding
(bsc#1238450 CVE-2025-1795)
- gh-95782: Fix io.BufferedReader.tell(),
io.BufferedReader.seek(), _pyio.BufferedReader.tell(),
io.BufferedRandom.tell(), io.BufferedRandom.seek() and
_pyio.BufferedRandom.tell() being able to return negative
offsets.
- gh-96310: Fix a traceback in argparse when all options in a
mutually exclusive group are suppressed.
- gh-93205: Fixed a bug in
logging.handlers.TimedRotatingFileHandler where multiple
rotating handler instances pointing to files with the same name
but different extensions would conflict and not delete the
correct files.
- bpo-44865: Add missing call to localization function in
argparse.
- bpo-43952: Fix multiprocessing.connection.Listener.accept() to
accept empty bytes as authkey. Not accepting empty bytes as key
causes it to hang indefinitely.
- bpo-42125: linecache: get module name from __spec__ if
available. This allows getting source code for the __main__
module when a custom loader is used.
- gh-66543: Make mimetypes.guess_type() properly parsing of URLs
with only a host name, URLs containing fragment or query, and
filenames with only a UNC sharepoint on Windows. Based on patch
by Dong-hee Na.
- bpo-33775: Add ‘default’ and ‘version’ help text for
localization in argparse.
* Documentation
- gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML
vulnerabilities”.
- gh-115233: Fix an example for LoggerAdapter in the Logging
Cookbook.
* IDLE
- gh-88516: On macOS show a proxy icon in the title bar of editor
windows to match platform behaviour.
* Tools/Demos
- gh-113516: Don’t set LDSHARED when building for WASI.
* C API
- gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows
64-bit platforms.
- Add reference to CVE-2024-0450 (bsc#1221854) to changelog.
ImportantSUSE bug 1210638SUSE bug 1219559SUSE bug 1219666SUSE bug 1221854SUSE bug 1225660SUSE bug 1226447SUSE bug 1226448SUSE bug 1227378SUSE bug 1227999SUSE bug 1228165SUSE bug 1228780SUSE bug 1229596SUSE bug 1229704SUSE bug 1230227SUSE bug 1230906SUSE bug 1231795SUSE bug 1232241SUSE bug 1236705SUSE bug 1238450SUSE bug 1239210SUSE bug 1241067SUSE bug 1243273CVE-2022-25236 at SUSECVE-2022-25236 at NVDCVE-2023-27043 at SUSECVE-2023-27043 at NVDCVE-2023-52425 at SUSECVE-2023-52425 at NVDCVE-2023-6597 at SUSECVE-2023-6597 at NVDCVE-2024-0397 at SUSECVE-2024-0397 at NVDCVE-2024-0450 at SUSECVE-2024-0450 at NVDCVE-2024-4030 at SUSECVE-2024-4030 at NVDCVE-2024-4032 at SUSECVE-2024-4032 at NVDCVE-2024-6232 at SUSECVE-2024-6232 at NVDCVE-2024-6923 at SUSECVE-2024-6923 at NVDCVE-2024-7592 at SUSECVE-2024-7592 at NVDCVE-2024-8088 at SUSECVE-2024-8088 at NVDCVE-2024-9287 at SUSECVE-2024-9287 at NVDCVE-2025-0938 at SUSECVE-2025-0938 at NVDCVE-2025-1795 at SUSECVE-2025-1795 at NVDCVE-2025-4516 at SUSECVE-2025-4516 at NVDcpe:/o:suse:sl-micro:6.1Security update for elemental-toolkit (Important)SUSE Linux Micro 6.1
This update for elemental-toolkit fixes the following issues:
- Updated to v2.2.3:
* Adapted .golangci.yml format to a new version
* Simplified podman calls in CI steup
* Switched GHA runners to Ubuntu 24.04
* Updated year in headers
* Vendored go.mod libraries
* CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238700)
* CVE-2025-22869: golang.org/x/crypto/ssh: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239335)
ImportantSUSE bug 1238700SUSE bug 1239335CVE-2025-22869 at SUSECVE-2025-22869 at NVDCVE-2025-22870 at SUSECVE-2025-22870 at NVDcpe:/o:suse:sl-micro:6.1Security update for docker (Moderate)SUSE Linux Micro 6.1
This update for docker fixes the following issues:
Always clear SUSEConnect suse_* secrets when starting containers regardless
of whether the daemon was built with SUSEConnect support. Not doing this
causes containers from SUSEConnect-enabled daemons to fail to start when
running with SUSEConnect-disabled (i.e. upstream) daemons.
ModerateSUSE bug 1244035CVE-2025-22868 at SUSECVE-2025-22868 at NVDCVE-2025-22869 at SUSECVE-2025-22869 at NVDcpe:/o:suse:sl-micro:6.1Security update for less (Important)SUSE Linux Micro 6.1
This update for less fixes the following issues:
- Updated to version 668
* Fixed crash when using --header on command line
* Fixed possible crash when scrolling left/right or toggling -S
* Fixed bug when using #stop in a lesskey file
* Fixed bug when using --shift or --match-shift on command line with a parameter starting with '.'
* Fixed bug in R command when file size changes
* Fixed bug using --header when file does not fill screen
* Fixed ^X bug when output is not a terminal
* Fixed bug where ^Z is not handled immediately
* Fixed bug where first byte from a LESSOPEN filter is deleted if it is greater than 0x7F
* Fixed uninitialized variable in edit_ifile
* Fixed incorrect handling of UTF-8 chars in prompts
- Change preprocessor dependencies from Requires to Recommends. It's disabled by
default and they are not necessary for less.
- Updated to version 661:
* fixed crash - buffer overflow by one in fexpand
* fixed free(): double free detected in tcache 2
* fixed segmentation fault on line-num-width & -N
- Updated to version 656:
* Add ^O^N, ^O^P, ^O^L and ^O^O commands and mouse clicks (with --mouse) to find and open OSC8 hyperlinks (github #251).
* Add --match-shift option.
* Add --lesskey-content option (github #447).
* Add LESSKEY_CONTENT environment variable (github #447).
* Add --no-search-header-lines and --no-search-header-columns options (github #397).
* Add ctrl-L search modifier (github #367).
* A ctrl-P at the start of a shell command suppresses the "done" message (github #462).
* Add attribute characters ('*', '~', '_', '&') to --color parameter (github #471).
* Allow expansion of environment variables in lesskey files.
* Add LESSSECURE_ALLOW environment variable (github #449).
* Add LESS_UNSUPPORT environment variable.
* Add line number parameter to --header option (github #436).
* Mouse right-click jumps to position marked by left-click (github #390).
* Ensure that the target line is not obscured by a header line set by --header (github #444).
* Change default character set to "utf-8", except remains "dos" on MS-DOS.
* Add message when search with ^W wraps (github #459).
* UCRT builds on Windows 10 and later now support Unicode file names (github #438).
* Improve behavior of interrupt while reading non-terminated pipe (github #414).
* Improve parsing of -j, -x and -# options (github #393).
* Support files larger than 4GB on Windows (github #417).
* Support entry of Unicode chars larger than U+FFFF on Windows (github #391).
* Improve colors of bold, underline and standout text on Windows.
* Allow --rscroll to accept non-ASCII characters (github #483).
* Allow the parameter to certain options to be terminated with a space (--color, --quotes, --rscroll, --search-options and --intr) (github #495).
* Fix bug where # substitution failed after viewing help (github #420).
* Fix crash if files are deleted while less is viewing them (github #404).
* Workaround unreliable ReadConsoleInputW behavior on Windows with non-ASCII input.
* Fix -J display when searching for non-ASCII characters (github #422).
* Don't filter header lines via the & command (github #423).
* Fix bug when horizontally shifting long lines (github #425).
* Add -x and -D options to lesstest, to make it easier to diagnose a failed lesstest run.
* Fix bug searching long lines with --incsearch and -S (github #428).
* Fix bug that made ESC-} fail if top line on screen was empty (github #429).
* Fix bug with --mouse on Windows when used with pipes (github #440).
* Fix bug in --+OPTION command line syntax.
* Fix display bug when using -w with an empty line with a CR/LF line ending (github #474).
* When substituting '#' or '%' with a filename, quote the filename if it contains a space (github #480).
* Fix wrong sleep time when system has usleep but not nanosleep (github #489).
* Fix bug when file name contains a newline (CVE-2024-32487, bsc#1222849).
* Fix bug when file name contains nonprintable characters (github #503).
* Fix DJGPP build (github #497).
* Update Unicode tables.
- add zstd support to lessopen
- Updated to 643:
* Fixed problem when a program piping into less reads from the tty,
like sudo asking for password (github #368).
* Fixed search modifier ^E after ^W.
* Fixed bug using negated (^N) search (github #374).
* Fixed bug setting colors with -D on Windows build (github #386).
* Fixed reading special chars like PageDown on Windows (github #378).
* Fixed mouse wheel scrolling on Windows (github #379).
* Fixed erroneous EOF when terminal window size changes (github #372).
* Fixed compile error with some definitions of ECHONL (github #395).
* Fixed crash on Windows when writing logfile (github #405).
* Fixed regression in exit code when stdin is /dev/null and
output is a file (github #373).
* Add lesstest test suite to production release (github #344).
* Change lesstest output to conform with
automake Simple Test Format (github #399).
ImportantSUSE bug 1047218SUSE bug 1222849SUSE bug 915387CVE-2024-32487 at SUSECVE-2024-32487 at NVDcpe:/o:suse:sl-micro:6.1Security update for sqlite3 (Moderate)SUSE Linux Micro 6.1
This update for sqlite3 fixes the following issues:
- Update to release 3.49.1:
* Improve portability of makefiles and configure scripts.
* CVE-2025-29087: Fixed Integer Overflow in SQLite concat
Function (bsc#1241020)
* CVE-2025-29088: Fixed integer overflow through the
SQLITE_DBCONFIG_LOOKASIDE component (bsc#1241078)
- Update to release 3.49.0:
* Enhancements to the query planner:
- Improve the query-time index optimization so that it works on
WITHOUT ROWID tables.
- Better query plans for large star-query joins. This fixes
three different performance regressions that were reported
on the SQLite Forum.
- When two or more queries have the same estimated cost, use
the one with the fewer bytes per row.
* Enhance the iif() SQL function so that it can accept any number
of arguments greater than or equal to two.
* Enhance the session extension so that it works on databases
that make use of generated columns.
* Omit the SQLITE_USE_STDIO_FOR_CONSOLE compile-time option which
was not implemented correctly and never worked right. In its place
add the SQLITE_USE_W32_FOR_CONSOLE_IO compile-time option. This
option applies to command-line tools like the CLI only, not to the
SQLite core. It causes Win32 APIs to be used for console I/O
instead of stdio. This option affects Windows builds only.
* Three new options to sqlite3_db_config(). All default "on".
SQLITE_DBCONFIG_ENABLE_ATTACH_CREATE
SQLITE_DBCONFIG_ENABLE_ATTACH_WRITE
SQLITE_DBCONFIG_ENABLE_COMMENTS
- Re-enable SONAME which got disabled by default in 3.48.0.
- Update to release 3.48.0:
* Improved EXPLAIN QUERY PLAN output for covering indexes.
* Allow a two-argument version of the iif() SQL function.
* Also allow if() as an alternative spelling for iif().
* Add the ".dbtotxt" command to the CLI.
* Add the SQLITE_IOCAP_SUBPAGE_READ property to the
xDeviceCharacteristics method of the sqlite3_io_methods object.
* Add the SQLITE_PREPARE_DONT_LOG option to sqlite3_prepare_v3()
that prevents warning messages being sent to the error log if
the SQL is ill-formed. This allows sqlite3_prepare_v3() to be
used to do test compiles of SQL to check for validity without
polluting the error log with false messages.
* Increase the minimum allowed value of SQLITE_LIMIT_LENGTH from
1 to 30.
* Added the SQLITE_FCNTL_NULL_IO file control.
* Extend the FTS5 auxiliary API xInstToken() to work with prefix
queries via the insttoken configuration option and the
fts5_insttoken() SQL function.
* Increase the maximum number of arguments to an SQL function
from 127 to 1000.
- Update to release 3.47.2:
* Fix a problem in text-to-floating-point conversion that affects
text values where the first 16 significant digits are
'1844674407370955'. This issue was introduced in 3.47.0 and
only arises on x64 and i386 hardware.
* Other minor bug fixes.
- Enable the session extension, because NodeJS 22 needs it.
- Update to release 3.47.1:
* Fix the makefiles so that they once again honored DESTDIR for
the "install" target.
* Add the SQLITE_IOCAP_SUBPAGE_READ capability to the VFS, to
work around issues on some non-standard VFSes caused by making
SQLITE_DIRECT_OVERFLOW_READ the default in version 3.45.0.
* Fix incorrect answers to certain obscure IN queries caused by
new query optimizations added in the 3.47.0 release.
* Other minor bug fixes.
- Update to release 3.47.0:
* Allow arbitrary expressions in the second argument to the RAISE
function.
* If the RHS of the ->> operator is negative, then access array
elements counting from the right.
* Fix a problem with rolling back hot journal files in the
seldom-used unix-dotfile VFS.
* FTS5 tables can now be dropped even if they use a non-standard
tokenizer that has not been registered.
* Fix the group_concat() aggregate function so that it returns an
empty string, not a NULL, if it receives a single input value
which is an empty string.
* Enhance the generate_series() table-valued function so that it
is able to recognize and use constraints on its output value.
Preupdate hooks now recognize when a column added by ALTER
TABLE ADD COLUMN has a non-null default value.
* Improved reuse of subqueries associated with the IN operator,
especially when the IN operator has been duplicated due to
predicate push-down.
* Use a Bloom filter on subqueries on the right-hand side of the
IN operator, in cases where that seems likely to improve
performance.
* Ensure that queries like "SELECT func(a) FROM tab GROUP BY 1"
only invoke the func() function once per row.
* No attempt is made to create automatic indexes on a column
that is known to be non-selective because of its use in other
indexes that have been analyzed.
* Adjustments to the query planner so that it produces better
plans for star queries with a large number of dimension
tables.
* Add the "order-by-subquery" optimization, that seeks to
disable sort operations in outer queries if the desired order
is obtained naturally due to ORDER BY clauses in subqueries.
* The "indexed-subtype-expr" optimization strives to use
expressions that are part of an index rather than recomputing
the expression based on table values, as long as the query
planner can prove that the subtype of the expression will
never be used.
* Miscellaneous coding tweaks for faster runtimes.
* Add the experimental sqlite3_rsync program.
* Add extension functions median(), percentile(),
percentile_cont(), and percentile_disc() to the CLI.
* Add the .www dot-command to the CLI.
* The sqlite3_analyzer utility now provides a break-out of
statistics for WITHOUT ROWID tables.
* The sqldiff utility avoids creating an empty database if its
second argument does not exist.
* Enhance the sqlite_dbpage table-valued function such that
INSERT can be used to increase or decrease the size of the
database file.
* SQLite no longer makes any use of the "long double" data type,
as hardware support for long double is becoming less common
and long double creates challenges for some compiler tool
chains. Instead, SQLite uses Dekker's algorithm when extended
precision is needed.
* The TCL Interface for SQLite supports TCL9. Everything
probably still works for TCL 8.5 and later, though this is not
guaranteed. Users are encouraged to upgrade to TCL9.
* Fix a corruption-causing bug in the JavaScript "opfs" VFS.
Correct "mode=ro" handling for the "opfs" VFS. Work around a
couple of browser-specific OPFS quirks.
* Add the fts5_tokenizer_v2 API and the locale=1 option, for
creating custom locale-aware tokenizers and fts5 tables that
may take advantage of them.
* Add the contentless_unindexed=1 option, for creating
contentless fts5 tables that store the values of any UNINDEXED
columns persistently in the database.
* Allow an FTS5 table to be dropped even if it uses a custom
tokenizer whose implementation is not available.
- Update to release 3.46.1:
* Improved robustness while parsing the tokenize= arguments in
FTS5.
* Enhancements to covering index prediction in the query planner.
* Do not let the number of terms on a VALUES clause be limited by
SQLITE_LIMIT_COMPOUND_SELECT, even if the VALUES clause
contains elements that appear to be variables due to
double-quoted string literals.
* Fix the window function version of group_concat() so that it
returns an empty string if it has one or more empty string
inputs.
* In FTS5 secure-delete mode, fix false-positive integrity-check
reports about corrupt indexes.
* Syntax errors in ALTER TABLE should always return SQLITE_ERROR.
In some cases, they were formerly returning SQLITE_INTERNAL.
* Other minor fixes.
- Update to release 3.46.0:
* Enhance PRAGMA optimize in multiple ways.
* Enhancements to the date and time functions.
* Add support for underscore ("_") characters between digits in
numeric literals.
* Add the json_pretty() SQL function.
* Query planner improvements.
* Allocate additional memory from the heap for the SQL parser
stack if that stack overflows, rather than reporting a "parser
stack overflow" error.
* Allow ASCII control characters within JSON5 string literals.
* Fix the -> and ->> JSON operators so that when the right-hand
side operand is a string that looks like an integer it is still
treated as a string, because that is what PostgreSQL does.
- Update to release 3.45.3:
* Fix a long-standing bug (going back to version 3.24.0) that
might (rarely) cause the "old.*" values of an UPDATE trigger
to be incorrect if that trigger fires in response to an UPSERT.
* Reduce the scope of the NOT NULL strength reduction
optimization that was added as item 8e in version 3.35.0. The
optimization was being attempted in some contexts where it did
not work, resulting in incorrect query results.
- Add SQLITE_STRICT_SUBTYPE=1 as recommended by upstream.
- Update to release 3.45.2:
* Added the SQLITE_RESULT_SUBTYPE property for application-
defined SQL functions.
* Enhancements to the JSON SQL functions
* Add the FTS5 tokendata option to the FTS5 virtual table.
* The SQLITE_DIRECT_OVERFLOW_READ optimization is now enabled by
default.
* Query planner improvements
* Increase the default value for SQLITE_MAX_PAGE_COUNT from
1073741824 to 4294967294.
* Enhancements to the CLI
* Restore the JSON BLOB input bug, and promise to support the
anomaly in subsequent releases, for backward compatibility.
* Fix the PRAGMA integrity_check command so that it works on
read-only databases that contain FTS3 and FTS5 tables.
* Fix issues associated with processing corrupt JSONB inputs.
* Fix a long-standing bug in which a read of a few bytes past the
end of a memory-mapped segment might occur when accessing a
craftily corrupted database using memory-mapped database.
* Fix a long-standing bug in which a NULL pointer dereference
might occur in the bytecode engine due to incorrect bytecode
being generated for a class of SQL statements that are
deliberately designed to stress the query planner but which
are otherwise pointless.
* Fix an error in UPSERT, introduced in version 3.35.0.
* Reduce the scope of the NOT NULL strength reduction
optimization that was added in version 3.35.0.
ModerateSUSE bug 1241020SUSE bug 1241078CVE-2025-29087 at SUSECVE-2025-29087 at NVDCVE-2025-29088 at SUSECVE-2025-29088 at NVDcpe:/o:suse:sl-micro:6.1Security update for augeas (Moderate)SUSE Linux Micro 6.1
This update for augeas fixes the following issues:
- CVE-2025-2588: Fixed NULL pointer dereference when calling re_case_expand in function fa_expand_nocase (bsc#1239909)
ModerateSUSE bug 1239909CVE-2025-2588 at SUSECVE-2025-2588 at NVDcpe:/o:suse:sl-micro:6.1Security update for systemd (Moderate)SUSE Linux Micro 6.1
This update for systemd fixes the following issues:
- coredump: use %d in kernel core pattern (CVE-2025-4598)
- Revert "macro: terminate the temporary VA_ARGS_FOREACH() array with a sentinel" (SUSE specific)
- umount: do not move busy network mounts (bsc#1236177)
- man/pstore.conf: pstore.conf template is not always installed in /etc
- man: coredump.conf template is not always installed in /etc (bsc#1237496)
- Don't write messages sent from users with UID falling into the container UID
range to the system journal. Daemons in the container don't talk to the
outside journald as they talk to the inner one directly, which does its
journal splitting based on shifted uids. (bsc#1242938)
- This re-adds back the support for the persistent net name rules as well as
their generator since predictable naming scheme is still disabled by default
on Micro (via the `net.ifnames=0` boot option). (bsc#1241190)
ModerateSUSE bug 1236177SUSE bug 1237496SUSE bug 1241190SUSE bug 1242938CVE-2025-4598 at SUSECVE-2025-4598 at NVDcpe:/o:suse:sl-micro:6.1Security update for openssl-3 (Moderate)SUSE Linux Micro 6.1
This update for openssl-3 fixes the following issues:
- CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 (bsc#1240366)
ModerateSUSE bug 1240366CVE-2025-27587 at SUSECVE-2025-27587 at NVDcpe:/o:suse:sl-micro:6.1Security update for libxml2 (Important)SUSE Linux Micro 6.1
This update for libxml2 fixes the following issues:
- CVE-2024-40896: Fixed XXE vulnerability (bsc#1234812)
ImportantSUSE bug 1234812CVE-2024-40896 at SUSECVE-2024-40896 at NVDcpe:/o:suse:sl-micro:6.1Security update for ucode-intel (Moderate)SUSE Linux Micro 6.1
This update for ucode-intel fixes the following issues:
Intel CPU Microcode was updated to the 20250512 release (bsc#1243123):
- Security updates for INTEL-SA-01153
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01153.html
- CVE-2024-28956: Exposure of Sensitive Information in Shared
Microarchitectural Structures during Transient Execution for some
Intel Processors may allow an authenticated user to potentially
enable information disclosure via local access.
- Security updates for INTEL-SA-01244
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01244.html
- CVE-2025-20103: Insufficient resource pool in the core management
mechanism for some Intel Processors may allow an authenticated user
to potentially enable denial of service via local access.
- CVE-2025-20054: Uncaught exception in the core management
mechanism for some Intel Processors may allow an authenticated user
to potentially enable denial of service via local access.
- Security updates for INTEL-SA-01247
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html
- CVE-2024-43420: Exposure of sensitive information caused by
shared microarchitectural predictor state that influences transient
execution for some Intel Atom processors may allow an authenticated
user to potentially enable information disclosure via local access.
- CVE-2025-20623: Exposure of sensitive information caused by
shared microarchitectural predictor state that influences transient
execution for some Intel Core processors (10th Generation) may allow
an authenticated user to potentially enable information disclosure
via local access.
- CVE-2024-45332: Exposure of sensitive information caused by shared
microarchitectural predictor state that influences transient execution
in the indirect branch predictors for some Intel Processors may allow
an authenticated user to potentially enable information disclosure
via local access.
- Security updates for INTEL-SA-01322
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01322.html
- CVE-2025-24495: Incorrect initialization of resource in the branch
prediction unit for some Intel Core Ultra Processors may allow an
authenticated user to potentially enable information disclosure via
local access.
- CVE-2025-20012: Incorrect behavior order for some Intel Core Ultra
Processors may allow an unauthenticated user to potentially enable
information disclosure via physical access.
- Update for functional issues. Refer to Intel Core Ultra 200 V Series
Processor (Series2) https://cdrdv2.intel.com/v1/dl/getContent/834774
for details.
- Update for functional issues. Refer to Intel Core Ultra 200 V Series
Processor https://cdrdv2.intel.com/v1/dl/getContent/827538 for details.
- Update for functional issues. Refer to Intel Core Ultra Processor
https://cdrdv2.intel.com/v1/dl/getContent/792254 for details.
- Update for functional issues. Refer to 14th/13th
Generation Intel Core Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/740518 for details.
- Update for functional issues. Refer to 12th Generation Intel Core
Processor Family https://cdrdv2.intel.com/v1/dl/getContent/682436
for details.
- Update for functional issues. Refer to 11th Gen Intel Core Processor
Specification Update https://cdrdv2.intel.com/v1/dl/getContent/631123
for details.
- Update for functional issues. Refer to 10th Gen
Intel Core Processor Families Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/341079 for details.
- Update for functional issues. Refer to 10th Gen
Intel Core Processor Families Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/615213 for details.
- Update for functional issues. Refer to 8th and 9th
Generation Intel Core Processor Family Spec Update
https://cdrdv2.intel.com/v1/dl/getContent/337346 for details.
- Update for functional issues. Refer to 6th Gen
Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/835486 for details.
- Update for functional issues. Refer to 5th Gen Intel Xeon Processor
Scalable Family https://cdrdv2.intel.com/v1/dl/getContent/793902
for details.
- Update for functional issues. Refer to 4th Gen
Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/772415 for details.
- Update for functional issues. Refer to 3rd Generation
Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/634897 for details.
- Update for functional issues. Refer to 3rd Generation
Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/637780 for details.
- Update for functional issues. Refer to 2nd Generation
Intel Xeon Processor Scalable Family Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/338848 for details.
- Update for functional issues. Refer to Intel
Xeon 6700-Series Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/820922 for details.
- Update for functional issues. Refer to Intel Xeon E-2300 Processor
Specification Update https://cdrdv2.intel.com/v1/dl/getContent/709192
for details.
- Update for functional issues. Refer to Intel Xeon D-2700 Processor
Specification Update https://cdrdv2.intel.com/v1/dl/getContent/714071
for details.
- Update for functional issues. Refer to Intel Processors and Intel
Core i3 N-Series https://cdrdv2.intel.com/v1/dl/getContent/764616
for details.
- Update for functional issues. Refer to Intel Pentium
Silver and Intel Celeron Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/336562 for details.
### New Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ARL-U | A1 | 06-b5-00/80 | | 0000000a | Core Ultra Processor (Series2)
| ARL-S/HX (8P) | B0 | 06-c6-02/82 | | 00000118 | Core Ultra Processor (Series2)
| ARL-H | A1 | 06-c5-02/82 | | 00000118 | Core Ultra Processor (Series2)
| GNR-AP/SP | B0 | 06-ad-01/95 | | 010003a2 | Xeon Scalable Gen6
| GNR-AP/SP | H0 | 06-ad-01/20 | | 0a0000d1 | Xeon Scalable Gen6
| LNL | B0 | 06-bd-01/80 | | 0000011f | Core Ultra 200 V Series Processor
### Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ADL | C0 | 06-97-02/07 | 00000038 | 0000003a | Core Gen12
| ADL | H0 | 06-97-05/07 | 00000038 | 0000003a | Core Gen12
| ADL | L0 | 06-9a-03/80 | 00000436 | 00000437 | Core Gen12
| ADL | R0 | 06-9a-04/80 | 00000436 | 00000437 | Core Gen12
| ADL-N | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300,
N50/N97/N100/N200,
Atom x7211E/x7213E/x7425E
| AML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile
| AZB | A0/R0 | 06-9a-04/40 | 00000009 | 0000000a | Intel(R) Atom(R) C1100
| CFL-H | R0 | 06-9e-0d/22 | 00000102 | 00000104 | Core Gen9 Mobile
| CLX-SP | B1 | 06-55-07/bf | 05003707 | 05003901 | Xeon Scalable Gen2
| CML-H | R1 | 06-a5-02/20 | 000000fc | 00000100 | Core Gen10 Mobile
| CML-S102 | Q0 | 06-a5-05/22 | 000000fc | 00000100 | Core Gen10
| CML-S62 | G1 | 06-a5-03/22 | 000000fc | 00000100 | Core Gen10
| CML-U42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile
| CML-U62 V1 | A0 | 06-a6-00/80 | 000000fe | 00000102 | Core Gen10 Mobile
| CML-U62 V2 | K1 | 06-a6-01/80 | 000000fc | 00000100 | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile
| CPX-SP | A1 | 06-55-0b/bf | 07002904 | 07002b01 | Xeon Scalable Gen3
| EMR-SP | A1 | 06-cf-02/87 | 21000291 | 210002a9 | Xeon Scalable Gen5
| GLK-R | R0 | 06-7a-08/01 | 00000024 | 00000026 | Pentium J5040/N5030,
Celeron J4125/J4025/N4020/N4120
| ICL-D | B0 | 06-6c-01/10 | 010002c0 | 010002d0 | Xeon D-17xx, D-27xx
| ICL-U/Y | D1 | 06-7e-05/80 | 000000c6 | 000000ca | Core Gen10 Mobile
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003f5 | 0d000404 | Xeon Scalable Gen3
| MTL | C0 | 06-aa-04/e6 | 00000020 | 00000024 | Core Ultra Processor
| RKL-S | B0 | 06-a7-01/02 | 00000063 | 00000064 | Core Gen11
| RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012c | 0000012f | Core Gen13/Gen14
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004124 | 00004128 | Core Gen13
| RPL-HX/S | C0 | 06-bf-02/07 | 00000038 | 0000003a | Core Gen13/Gen14
| RPL-S | H0 | 06-bf-05/07 | 00000038 | 0000003a | Core Gen13/Gen14
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004124 | 00004128 | Core Gen13
| SPR-HBM | Bx | 06-8f-08/10 | 2c0003e0 | 2c0003f7 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4
| SRF-SP | C0 | 06-af-03/01 | 03000330 | 03000341 | Xeon 6700-Series Processors with E-Cores
| TGL | B0/B1 | 06-8c-01/80 | 000000b8 | 000000bc | Core Gen11 Mobile
| TGL-H | R0 | 06-8d-01/c2 | 00000052 | 00000056 | Core Gen11 Mobile
| TGL-R | C0 | 06-8c-02/c2 | 00000038 | 0000003c | Core Gen11 Mobile
| TWL | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300,
N50/N97/N100/N200,
Atom x7211E/x7213E/x7425E
| WHL-U | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen8 Mobile
ModerateSUSE bug 1243123CVE-2024-28956 at SUSECVE-2024-28956 at NVDCVE-2024-43420 at SUSECVE-2024-43420 at NVDCVE-2024-45332 at SUSECVE-2024-45332 at NVDCVE-2025-20012 at SUSECVE-2025-20012 at NVDCVE-2025-20054 at SUSECVE-2025-20054 at NVDCVE-2025-20103 at SUSECVE-2025-20103 at NVDCVE-2025-20623 at SUSECVE-2025-20623 at NVDCVE-2025-24495 at SUSECVE-2025-24495 at NVDcpe:/o:suse:sl-micro:6.1Security update for rsync (Critical)SUSE Linux Micro 6.1
This update for rsync fixes the following issues:
- Bump protocol version to 32 - make it easier to show server is patched.
- Fix FLAG_GOT_DIR_FLIST collission with FLAG_HLINKED
- Security update,CVE-2024-12747, bsc#1235475 race condition in handling symbolic links
- Security update, fix multiple vulnerabilities:
* CVE-2024-12084, bsc#1234100 - Heap Buffer Overflow in Checksum Parsing
* CVE-2024-12085, bsc#1234101 - Info Leak via uninitialized Stack contents defeats ASLR
* CVE-2024-12086, bsc#1234102 - Server leaks arbitrary client files
* CVE-2024-12087, bsc#1234103 - Server can make client write files outside of destination directory using symbolic links
* CVE-2024-12088, bsc#1234104 - --safe-links Bypass
CriticalSUSE bug 1234100SUSE bug 1234101SUSE bug 1234102SUSE bug 1234103SUSE bug 1234104SUSE bug 1235475CVE-2024-12084 at SUSECVE-2024-12084 at NVDCVE-2024-12085 at SUSECVE-2024-12085 at NVDCVE-2024-12086 at SUSECVE-2024-12086 at NVDCVE-2024-12087 at SUSECVE-2024-12087 at NVDCVE-2024-12088 at SUSECVE-2024-12088 at NVDCVE-2024-12747 at SUSECVE-2024-12747 at NVDcpe:/o:suse:sl-micro:6.1Security update for libblockdev (Moderate)SUSE Linux Micro 6.1
This update for libblockdev fixes the following issues:
- CVE-2025-6019: Suppress privilege escalation during xfs fs resize ( (bsc#1243226)
ModerateSUSE bug 1243226CVE-2025-6019 at SUSECVE-2025-6019 at NVDcpe:/o:suse:sl-micro:6.1Security update for pam (Important)SUSE Linux Micro 6.1
This update for pam fixes the following issues:
- CVE-2025-6020: pam_namespace: convert functions that may operate on a user-controlled path
to operate on file descriptors instead of absolute path. And keep the
bind-mount protection from protect_mount() as a defense in depthmeasure.
(bsc#1244509)
ImportantSUSE bug 1244509CVE-2025-6020 at SUSECVE-2025-6020 at NVDcpe:/o:suse:sl-micro:6.1Security update for iputils (Moderate)SUSE Linux Micro 6.1
This update for iputils fixes the following issues:
- CVE-2025-48964: Fixed integer overflow in ping statistics via zero timestamp (bsc#1243772)
- Fix ping on s390x printing invalid ttl (bsc#1243284)
- CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior (bsc#1242300)
ModerateSUSE bug 1242300SUSE bug 1243284SUSE bug 1243772CVE-2025-47268 at SUSECVE-2025-47268 at NVDCVE-2025-48964 at SUSECVE-2025-48964 at NVDcpe:/o:suse:sl-micro:6.1Security update for gpg2 (Moderate)SUSE Linux Micro 6.1
This update for gpg2 fixes the following issues:
- CVE-2025-30258: Fixed a verification DoS due to a malicious subkey in the keyring. (bsc#1239119)
ModerateSUSE bug 1239119CVE-2025-30258 at SUSECVE-2025-30258 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-tornado6 (Important)SUSE Linux Micro 6.1
This update for python-tornado6 fixes the following issues:
- CVE-2024-52804: Fixed excessive CPU consumption by the algorithm
used for parsing HTTP cookies (bsc#1233668)
- CVE-2025-47287: Fixed denial-of-service via generation of an extremely
high volume of logs due to multipart/form-data parser (bsc#1243268)
ImportantSUSE bug 1233668SUSE bug 1243268CVE-2024-52804 at SUSECVE-2024-52804 at NVDCVE-2025-47287 at SUSECVE-2025-47287 at NVDcpe:/o:suse:sl-micro:6.1Security update for libsoup (Important)SUSE Linux Micro 6.1
This update for libsoup fixes the following issues:
- CVE-2025-2784: Fixed Heap buffer over-read in `skip_insignificant_space`
when sniffing content (bsc#1240750)
- CVE-2025-32050:Fixed Integer overflow in append_param_quoted (bsc#1240752)
- CVE-2025-32051:Fixed Segmentation fault when parsing malformed data URI (bsc#1240754)
- CVE-2025-32052:Fixed Heap buffer overflow in sniff_unknown() (bsc#1240756)
- CVE-2025-32053:Fixed Heap buffer overflows in sniff_feed_or_html() and
skip_insignificant_space() (bsc#1240757)
- CVE-2025-32913:Fixed NULL pointer dereference in
soup_message_headers_get_content_disposition (bsc#1241162)
- CVE-2025-32914:Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164)
- CVE-2025-32912:Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214)
- CVE-2025-32907:Fixed excessive memory consumption in server when client requests
a large amount of overlapping ranges in a single HTTP request (bsc#1241222)
- CVE-2025-32908:Fixed HTTP request leading to server crash due to HTTP/2 server not fully
validating the values of pseudo-headers (bsc#1241223)
- CVE-2025-32909:Fixed NULL pointer dereference in the sniff_mp4 function in
soup-content-sniffer.c (bsc#1241226)
- CVE-2025-32911:Fixed Double free on soup_message_headers_get_content_disposition()
via "params" (bsc#1241238)
- CVE-2025-32910:Fixed null pointer deference on client when server omits the 'realm'
parameter in an Unauthorized response with Digest authentication (bsc#1241252)
- CVE-2025-32906:Fixed Out of bounds reads in soup_headers_parse_request() (bsc#1241263)
- CVE-2025-46420:Fixed Memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686)
- CVE-2025-46421:Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688)
ImportantSUSE bug 1240750SUSE bug 1240752SUSE bug 1240754SUSE bug 1240756SUSE bug 1240757SUSE bug 1241162SUSE bug 1241164SUSE bug 1241214SUSE bug 1241222SUSE bug 1241223SUSE bug 1241226SUSE bug 1241238SUSE bug 1241252SUSE bug 1241263SUSE bug 1241686SUSE bug 1241688CVE-2025-2784 at SUSECVE-2025-2784 at NVDCVE-2025-32050 at SUSECVE-2025-32050 at NVDCVE-2025-32051 at SUSECVE-2025-32051 at NVDCVE-2025-32052 at SUSECVE-2025-32052 at NVDCVE-2025-32053 at SUSECVE-2025-32053 at NVDCVE-2025-32906 at SUSECVE-2025-32906 at NVDCVE-2025-32907 at SUSECVE-2025-32907 at NVDCVE-2025-32908 at SUSECVE-2025-32908 at NVDCVE-2025-32909 at SUSECVE-2025-32909 at NVDCVE-2025-32910 at SUSECVE-2025-32910 at NVDCVE-2025-32911 at SUSECVE-2025-32911 at NVDCVE-2025-32912 at SUSECVE-2025-32912 at NVDCVE-2025-32913 at SUSECVE-2025-32913 at NVDCVE-2025-32914 at SUSECVE-2025-32914 at NVDCVE-2025-46420 at SUSECVE-2025-46420 at NVDCVE-2025-46421 at SUSECVE-2025-46421 at NVDcpe:/o:suse:sl-micro:6.1Security update for open-vm-tools (Moderate)SUSE Linux Micro 6.1
This update for open-vm-tools fixes the following issues:
- Updated to 12.5.2:
* CVE-2025-22247: Fixed Insecure file handling (bsc#1243106)
ModerateSUSE bug 1237147SUSE bug 1241938SUSE bug 1243106CVE-2025-22247 at SUSECVE-2025-22247 at NVDcpe:/o:suse:sl-micro:6.1Security update for helm (Moderate)SUSE Linux Micro 6.1
This update for helm fixes the following issues:
Update to version 3.18.3:
* build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
6838ebc (dependabot[bot])
* fix: user username password for login 5b9e2f6 (Terry Howe)
* Update pkg/registry/transport.go 2782412 (Terry Howe)
* Update pkg/registry/transport.go e66cf6a (Terry Howe)
* fix: add debug logging to oci transport 191f05c (Terry Howe)
Update to version 3.18.2:
* fix: legacy docker support broken for login 04cad46 (Terry
Howe)
* Handle an empty registry config file. bc9f8a2 (Matt Farina)
Update to version 3.18.1:
* Notes:
- This release fixes regressions around template generation and
OCI registry interaction in 3.18.0
- There are at least 2 known regressions unaddressed in this
release. They are being worked on.
- Empty registry configuration files. When the file exists
but it is empty.
- Login to Docker Hub on some domains fails.
* Changelog
- fix(client): skipnode utilization for PreCopy
- fix(client): layers now returns manifest - remove duplicate
from descriptors
- fix(client): return nil on non-allowed media types
- Prevent fetching newReference again as we have in calling
method
- Prevent failure when resolving version tags in oras memory
store
- Update pkg/plugin/plugin.go
- Update pkg/plugin/plugin.go
- Wait for Helm v4 before raising when platformCommand and
Command are set
- Fix 3.18.0 regression: registry login with scheme
- Revert "fix (helm) : toToml` renders int as float [ backport
to v3 ]"
Update to version 3.18.0 (bsc#1241802, CVE-2025-22872):
* Notable Changes
- Add support for JSON Schema 2020
- Enabled cpu and memory profiling
- Add hook annotation to output hook logs to client on error
* Changelog
- build(deps): bump the k8s-io group with 7 updates
- fix: govulncheck workflow
- bump version to v3.18.0
- fix:add proxy support when mTLS configured
- docs: Note about http fallback for OCI registries
- Bump net package to avoid CVE on dev-v3
- Bump toml
- backport #30677to dev3
- build(deps): bump github.com/rubenv/sql-migrate from 1.7.2 to
1.8.0
- Add install test for TakeOwnership flag
- Fix --take-ownership
- build(deps): bump github.com/rubenv/sql-migrate from 1.7.1 to
1.7.2
- build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0
- build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0
- Testing text bump
- Permit more Go version and not only 1.23.8
- Bumps github.com/distribution/distribution/v3 from 3.0.0-rc.3
to 3.0.0
- Report as debug log, the time spent waiting for resources
- build(deps): bump github.com/containerd/containerd from
1.7.26 to 1.7.27
- Update pkg/registry/fallback.go
- automatic fallback to http
- chore(oci): upgrade to ORAS v2
- Updating to 0.37.0 for x/net
- build(deps): bump the k8s-io group with 7 updates
- build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0
- build(deps): bump github.com/opencontainers/image-spec
- build(deps): bump github.com/containerd/containerd from
1.7.25 to 1.7.26
- build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0
- Fix cherry-pick helm.sh/helm/v4 -> helm.sh/helm/v3
- Add HookOutputFunc and generic yaml unmarshaller
- clarify fix error message
- remove comments about previous functionality
- add short circuit return
- Add hook annotations to output pod logs to client on success
and fail
- chore: use []error instead of []string
- Update cmd/helm/profiling.go
- chore: update profiling doc in CONTRIBUTING.md
- Prefer environment variables to CLI flags
- Fix linter warning
- Move pprof paths to HELM_PPROF env variable
- Additional review fixes from PR
- feat: Add flags to enable CPU and memory profiling
- build(deps): bump github.com/distribution/distribution/v3
- build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1
- Moving to SetOut and SetErr for Cobra
- build(deps): bump the k8s-io group with 7 updates
- build(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0
- build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0
- build(deps): bump golang.org/x/text from 0.21.0 to 0.22.0
- build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
- build(deps): bump github.com/cyphar/filepath-securejoin
- build(deps): bump github.com/evanphx/json-patch
- build(deps): bump the k8s-io group with 7 updates
- fix: check group for resource info match
- Bump github.com/cyphar/filepath-securejoin from 0.3.6 to
0.4.0
- add test for nullifying nested global value
- Ensuring the file paths are clean prior to passing to
securejoin
- Bump github.com/containerd/containerd from 1.7.24 to 1.7.25
- Bump golang.org/x/crypto from 0.31.0 to 0.32.0
- Bump golang.org/x/term from 0.27.0 to 0.28.0
- bump version to v3.17.0
- Bump github.com/moby/term from 0.5.0 to 0.5.2
- Add test case for removing an entire object
- Tests for bugfix: Override subcharts with null values #12879
- feat: Added multi-platform plugin hook support to v3
- This commit fixes the issue where the yaml.Unmarshaller
converts all int values into float64, this passes in option
to decoder, which enables conversion of int into .
- merge null child chart objects
Update to version 3.17.3:
Helm v3.17.3 is a security (patch) release. Users are strongly
recommended to update to this release.
* Changelog
- Unarchiving fix e4da497 (Matt Farina)
ModerateSUSE bug 1241802CVE-2025-22872 at SUSECVE-2025-22872 at NVDcpe:/o:suse:sl-micro:6.1Security update for gpg2 (Moderate)SUSE Linux Micro 6.1
This update for gpg2 fixes the following issues:
* Fixed regressions for the recent malicious subkey DoS fix for CVE-2025-30258 (bsc#1239119).
ModerateSUSE bug 1236931SUSE bug 1239119CVE-2025-30258 at SUSECVE-2025-30258 at NVDcpe:/o:suse:sl-micro:6.1Security update for containerd (Moderate)SUSE Linux Micro 6.1
This update for containerd fixes the following issues:
- Updated to version 1.7.27:
* CVE-2024-40635: Fixed integer overflow in User ID handling (bsc#1239749)
ModerateSUSE bug 1239749CVE-2024-40635 at SUSECVE-2024-40635 at NVDcpe:/o:suse:sl-micro:6.1Recommended update for gpg2 (Moderate)SUSE Linux Micro 6.1
This update for gpg2 fixes the following issues:
This reverts the CVE-2025-30258 fix, as it changed behaviour when using expired keys.
ModerateSUSE bug 1236931SUSE bug 1239119CVE-2025-30258 at SUSECVE-2025-30258 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-setuptools (Important)SUSE Linux Micro 6.1
This update for python-setuptools fixes the following issues:
- CVE-2025-47273: Fixed path traversal vulnerability in `PackageIndex` (bsc#1243313)
ImportantSUSE bug 1243313CVE-2025-47273 at SUSECVE-2025-47273 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-cryptography (Moderate)SUSE Linux Micro 6.1
This update for python-cryptography fixes the following issues:
- CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch
in rust-openssl crate (bsc#1242631)
ModerateSUSE bug 1242631CVE-2025-3416 at SUSECVE-2025-3416 at NVDcpe:/o:suse:sl-micro:6.1Security update for stalld (Moderate)SUSE Linux Micro 6.1
This update for stalld fixes the following issues:
Update to 1.19.8.
Check https://gitlab.com/rt-linux-tools/stalld/-/releases
for the full list of changes.
Changes since 1.19.6:
* Address CVE-2024-54159, which is a DoS issue with the way
throttlectl.sh uses temp files (bsc#1230327)
* Fix a compilation issue with a prototype mis-match in
stalld.h and utils.c for cleanup_regex()
* Workaround missing sched_getattr() export from glibc
* Fix a problem with parsing /sys/kernel/debug/sched/debug on
aarch64
- Place the original scheduling values in a root-owned directory in
/run/stalld, not into the public /tmp directory (bsc#1230327).
ModerateSUSE bug 1230327CVE-2024-54159 at SUSECVE-2024-54159 at NVDcpe:/o:suse:sl-micro:6.1Security update for glib2 (Moderate)SUSE Linux Micro 6.1
This update for glib2 fixes the following issues:
Security issues:
- CVE-2025-4373: Fixed handling gssize parameters (bsc#1242844).
- CVE-2025-3360: Fixed integer overflow and buffer underread
when parsing a very long and invalid ISO 8601 timestamp with
g_date_time_new_from_iso8601 (bsc#1240897)
Non security issues:
- Trigger glib2-tools postun trigger exit normally if
glib2-compile-schemas can't be run. Fixes error when uninstalling if
libgio is uninstalled first (bsc#1231463).
ModerateSUSE bug 1231463SUSE bug 1240897SUSE bug 1242844CVE-2025-3360 at SUSECVE-2025-3360 at NVDCVE-2025-4373 at SUSECVE-2025-4373 at NVDcpe:/o:suse:sl-micro:6.1Security update for gpg2 (Moderate)SUSE Linux Micro 6.1
This update for gpg2 fixes the following issues:
- CVE-2025-30258: Fix a verification DoS due to a malicious subkey in the keyring: [bsc#1239119, bsc#1236931]]
* gpg: Fix regression for the recent malicious subkey DoS fix.
* gpg: Fix another regression due to the T7547 fix.
* gpg: Allow the use of an ADSK subkey as ADSK subkey.
- Don't install expired sks certificate [bsc#1243069]
ModerateSUSE bug 1236931SUSE bug 1239119SUSE bug 1243069CVE-2025-30258 at SUSECVE-2025-30258 at NVDcpe:/o:suse:sl-micro:6.1Security update for afterburn (Moderate)SUSE Linux Micro 6.1
This update for afterburn fixes the following issues:
- Update to version 5.8.2:
* cargo: Afterburn release 5.8.2
* docs/release-notes: update for release 5.8.2
* cargo: update dependencies
* packit: add initial support
- Update to version 5.7.0:
* build(deps): bump crossbeam-channel from 0.5.13 to 0.5.15
* build(deps): bump tokio from 1.40.0 to 1.44.2
* CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and
Cipher::fetch in rust-openssl crate (bsc#1242665)
* build(deps): bump zbus from 4.4.0 to 5.5.0
* mod.rs: Fix clippy lint errors
* release-notes.md: add release notes for rust version update
* Cargo.toml: bump MSRV to 1.84.1
* build(deps): bump mockito from 1.6.1 to 1.7.0
* build(deps): bump serde_json from 1.0.139 to 1.0.140
* build(deps): bump tempfile from 3.17.1 to 3.19.1
* build(deps): bump clap from 4.5.31 to 4.5.35
* build(deps): bump reqwest from 0.12.12 to 0.12.15
* Update release notes.
* proxmoxve: Add more context to log messages.
* proxmoxve: Remove unneeded fields
* proxmoxve: Add tests for static network configuration from cloud-init.
* proxmoxve: Add support for static network configuration from cloud-init.
* build(deps): bump mailparse from 0.15.0 to 0.16.1
* build(deps): bump ring from 0.17.8 to 0.17.13
* build(deps): bump anyhow from 1.0.95 to 1.0.96
* release notes: add notes for tempfile bump from 3.16.0 to 3.17.1
* build(deps): bump serde from 1.0.217 to 1.0.218
* build(deps): bump openssl from 0.10.70 to 0.10.71
* build(deps): bump tempfile from 3.16.0 to 3.17.1
* build(deps): bump serde_json from 1.0.138 to 1.0.139
* build(deps): bump clap from 4.5.27 to 4.5.31
* add makefile targets for fmt,lint and test
* providers/openstack: ignore ec2 metadata if not present
* build(deps): bump ipnetwork from 0.20.0 to 0.21.1
* build(deps): bump reqwest from 0.12.7 to 0.12.12
* docs: add changelog entry
* proxmox: use noop provider if no configdrive
* add noop provider
* release-notes: remove "upcoming"
- Update to version 5.7.0:
* cargo: Afterburn release 5.7.0
* docs/release-notes: update for release 5.7.0
* cargo: update dependencies
* dhcp: replace dbus_proxy with proxy, and zbus traits
* build(deps): bump zbus from 3.15.2 to 4.4.0
* build(deps): bump tempfile from 3.10.1 to 3.12.0
* build(deps): bump serde from 1.0.205 to 1.0.210
* build(deps): bump serde_json from 1.0.121 to 1.0.127
* build(deps): bump reqwest from 0.12.5 to 0.12.7
* build(deps): bump uzers from 0.12.0 to 0.12.1
* build(deps): bump clap from 4.5.13 to 4.5.16
* build(deps): bump serde from 1.0.203 to 1.0.205
* build(deps): bump serde_json from 1.0.119 to 1.0.121
* build(deps): bump mockito from 1.4.0 to 1.5.0
* build(deps): bump openssh-keys from 0.6.3 to 0.6.4
* build(deps): bump clap from 4.5.8 to 4.5.13
* build(deps): bump openssl from 0.10.64 to 0.10.66
* providers/hetzner: private ipv4 addresses in attributes
* openstack: Document the two platforms
* build(deps): bump zerovec-derive from 0.10.2 to 0.10.3
* build(deps): bump zerovec from 0.10.2 to 0.10.4
* build(deps): bump nix from 0.27.1 to 0.29.0
* microsoft/azure: allow empty certificate chain in PKCS12 file
* proxmoxve: implement proxmoxve provider
* providers/hetzner: fix duplicate attribute prefix
* build(deps): bump pnet_base from 0.34.0 to 0.35.0
* cargo: Afterburn release 5.6.0
* docs/release-notes: update for release 5.6.0
* cargo: update dependencies
* build(deps): bump libflate from 1.4.0 to 2.1.0
* build(deps): bump base64 from 0.21.7 to 0.22.1
* build(deps): bump uzers from 0.11.3 to 0.12.0
* build(deps): bump pnet_datalink from 0.34.0 to 0.35.0
* build(deps): bump nix from 0.28.0 to 0.29.0
* lint: silence deadcode warnings
* lint: address latest lint's from msrv update
* workflows/rust: directly update toolchain to 1.75.0
* cargo: update msrv to 1.75
* build(deps): bump reqwest from 0.12.2 to 0.12.4
* build(deps): bump serde from 1.0.197 to 1.0.200
* build(deps): bump anyhow from 1.0.81 to 1.0.82
* build(deps): bump mailparse from 0.14.1 to 0.15.0
* build(deps): bump serde_json from 1.0.115 to 1.0.116
* providers: Add "akamai" provider
* build(deps): bump h2 from 0.3.24 to 0.3.26
* build(deps): bump anyhow from 1.0.79 to 1.0.81
* build(deps): bump serde_json from 1.0.113 to 1.0.115
* build(deps): bump reqwest from 0.11.24 to 0.12.2
* build(deps): bump serde_yaml from 0.9.32 to 0.9.34+deprecated
* build(deps): bump mio from 0.8.10 to 0.8.11
* build(deps): bump mailparse from 0.14.0 to 0.14.1
* build(deps): bump openssl from 0.10.62 to 0.10.64
* build(deps): bump nix from 0.27.1 to 0.28.0
* build(deps): bump mockito from 1.2.0 to 1.4.0
* build(deps): bump tempfile from 3.9.0 to 3.10.1
* build(deps): bump serde_yaml from 0.9.31 to 0.9.32
* build(deps): bump serde from 1.0.195 to 1.0.197
* build(deps): bump h2 from 0.3.23 to 0.3.24
* build(deps): bump slog-term from 2.9.0 to 2.9.1
* build(deps): bump serde_yaml from 0.9.30 to 0.9.31
* build(deps): bump serde_json from 1.0.111 to 1.0.113
* build(deps): bump clap from 4.4.16 to 4.4.18
* build(deps): bump reqwest from 0.11.23 to 0.11.24
* cargo: Afterburn release 5.5.1
* docs/release-notes: update for release 5.5.1
* cargo: update dependencies
* build(deps): bump anyhow from 1.0.75 to 1.0.78
* build(deps): bump serde_yaml from 0.9.27 to 0.9.29
* build(deps): bump reqwest from 0.11.22 to 0.11.23
* build(deps): bump serde_json from 1.0.108 to 1.0.109
* build(deps): bump openssl from 0.10.60 to 0.10.62
* build(deps): bump tempfile from 3.8.1 to 3.9.0
* build(deps): bump clap from 4.4.10 to 4.4.12
* build(deps): bump unsafe-libyaml from 0.2.9 to 0.2.10
* providers/vmware: add missing public functions for non-amd64
* build(deps): bump clap from 4.4.8 to 4.4.10
* cargo: Afterburn release 5.5.0
* build(deps): bump openssl from 0.10.59 to 0.10.60
* docs/release-notes: update for release 5.5.0
* cargo: update dependencies
* ci: cancel previous build on PR update
* build(deps): allow building with libsystemd 0.7.0
* providers/vmware: Process guestinfo.metadata netplan configuration
* kubevirt: Run afterburn-hostname service
* build(deps): bump reqwest from 0.11.20 to 0.11.22
* build(deps): bump tempfile from 3.8.0 to 3.8.1
* build(deps): bump clap from 4.4.6 to 4.4.7
* build(deps): bump serde_json from 1.0.107 to 1.0.108
* build(deps): bump serde_yaml from 0.9.25 to 0.9.27
* build(deps): bump rustix from 0.37.19 to 0.37.25
* build(deps): bump clap from 4.4.2 to 4.4.6
* build(deps): bump serde_json from 1.0.105 to 1.0.107
* build(deps): bump mockito from 1.1.0 to 1.2.0
* providers: add support for scaleway
* Move away from deprecated `users` to `uzers`
* providers/hetzner: add support for Hetzner Cloud
* build(deps): bump clap from 4.4.1 to 4.4.2
* cargo: update MSRV to 1.71
* build(deps): bump clap from 4.3.19 to 4.4.1
* chore: Get rid of Clippy warnings
* cargo: specify required features for nix dependency
* build(deps): bump nix from 0.26.2 to 0.27.1
* build(deps): bump slog-async from 2.7.0 to 2.8.0
* build(deps): bump openssl from 0.10.56 to 0.10.57
* build(deps): bump reqwest from 0.11.18 to 0.11.20
* build(deps): bump serde from 1.0.185 to 1.0.188
* build(deps): bump tempfile from 3.7.1 to 3.8.0
* build(deps): bump serde from 1.0.183 to 1.0.185
* build(deps): bump anyhow from 1.0.72 to 1.0.75
* build(deps): bump serde_json from 1.0.104 to 1.0.105
* build(deps): bump openssl from 0.10.55 to 0.10.56
* build(deps): bump tempfile from 3.7.0 to 3.7.1
* build(deps): bump serde from 1.0.180 to 1.0.183
* build(deps): bump serde from 1.0.179 to 1.0.180
* build(deps): bump serde_json from 1.0.103 to 1.0.104
* build(deps): bump serde from 1.0.175 to 1.0.179
* build(deps): bump pnet_datalink from 0.33.0 to 0.34.0
* build(deps): bump serde from 1.0.171 to 1.0.175
* build(deps): bump clap from 4.3.14 to 4.3.19
* build(deps): bump pnet_base from 0.33.0 to 0.34.0
* build(deps): bump serde_yaml from 0.9.23 to 0.9.25
* build(deps): bump tempfile from 3.6.0 to 3.7.0
* build(deps): bump clap from 4.3.11 to 4.3.14
* build(deps): bump serde_yaml from 0.9.22 to 0.9.23
* build(deps): bump anyhow from 1.0.71 to 1.0.72
* build(deps): bump serde_json from 1.0.100 to 1.0.103
* build(deps): bump clap from 4.3.10 to 4.3.11
* build(deps): bump serde_json from 1.0.99 to 1.0.100
* build(deps): bump openssh-keys from 0.6.1 to 0.6.2
* build(deps): bump zbus from 3.13.1 to 3.14.1
* build(deps): bump clap from 4.3.8 to 4.3.10
* build(deps): bump serde from 1.0.164 to 1.0.165
* build(deps): bump serde_json from 1.0.96 to 1.0.99
* build(deps): bump clap from 4.3.3 to 4.3.8
* build(deps): bump serde_yaml from 0.9.21 to 0.9.22
* build(deps): bump openssl from 0.10.54 to 0.10.55
* build(deps): bump mockito from 1.0.2 to 1.1.0
* openstack: Add attribute OPENSTACK_INSTANCE_UUID
* build(deps): bump serde from 1.0.163 to 1.0.164
* build(deps): bump clap from 4.3.2 to 4.3.3
* build(deps): bump tempfile from 3.5.0 to 3.6.0
* cargo: Afterburn release 5.4.3
* docs/release-notes: update for release 5.4.3
* cargo: update dependencies
* cargo: allow openssl 0.10.46
* build(deps): bump openssl from 0.10.52 to 0.10.54
* build(deps): bump openssh-keys from 0.6.0 to 0.6.1
* build(deps): bump vmw_backdoor from 0.2.3 to 0.2.4
* ci: strip debug symbols
* build-sys: Use new tier = 2 for cargo-vendor-filterer
* build(deps): bump reqwest from 0.11.17 to 0.11.18
* cargo: Afterburn release 5.4.2
* docs/release-notes: update for release
* docs/release-notes: note Azure SSH regression fix with new openssl
* cargo: fix minimum version of openssl crate
* build(deps): bump serde from 1.0.162 to 1.0.163
* build(deps): bump zbus from 3.12.0 to 3.13.1
* build(deps): bump serde from 1.0.160 to 1.0.162
* build(deps): bump anyhow from 1.0.70 to 1.0.71
* build(deps): bump openssl from 0.10.51 to 0.10.52
* build(deps): bump reqwest from 0.11.16 to 0.11.17
* build(deps): bump openssl from 0.10.50 to 0.10.51
* build(deps): bump enumflags2 from 0.7.5 to 0.7.7
* build(deps): bump openssl from 0.10.48 to 0.10.50
* build(deps): bump zbus from 3.11.1 to 3.12.0
* build(deps): bump serde_json from 1.0.95 to 1.0.96
* build(deps): bump h2 from 0.3.15 to 0.3.17
* build(deps): bump openssl from 0.10.47 to 0.10.48
* microsoft/crypto/mod: replace deprecated function `parse` with `parse2`
* build(deps): bump serde from 1.0.159 to 1.0.160
* build(deps): bump serde_yaml from 0.9.19 to 0.9.21
* build(deps): bump tempfile from 3.4.0 to 3.5.0
* build(deps): bump serde from 1.0.158 to 1.0.159
* build(deps): bump mockito from 1.0.1 to 1.0.2
* Update mockito to 1.0.1
* build(deps): bump reqwest from 0.11.15 to 0.11.16
* build(deps): bump serde_json from 1.0.94 to 1.0.95
* cli: switch to clap derive
* cli: add descriptive value names for option arguments in --help
* build(deps): bump zbus from 3.11.0 to 3.11.1
* build(deps): bump openssl from 0.10.45 to 0.10.47
* build(deps): bump reqwest from 0.11.14 to 0.11.15
* build(deps): bump serde from 1.0.155 to 1.0.158
* build(deps): bump anyhow from 1.0.69 to 1.0.70
* cli: have clap require exactly one of --cmdline/--provider
* providers/*: move endpoint mocking into retry::Client
* retry/client: move URL parsing into helper function
* providers/microsoft: import crate::retry
* providers/microsoft: use stored client for all fetches
* providers/packet: use stored client for boot checkin
* build(deps): bump zbus from 3.10.0 to 3.11.0
* build(deps): bump serde from 1.0.152 to 1.0.155
* docs: Use upstream theme & update to 0.4.1
* build(deps): bump serde_json from 1.0.93 to 1.0.94
* build(deps): bump serde_yaml from 0.9.17 to 0.9.19
* build(deps): bump mockito from 0.32.3 to 0.32.4
* build(deps): bump tempfile from 3.3.0 to 3.4.0
* initrd: remember to write trailing newline to network kargs file
* util: drop obsolete "OEM" terminology
* Update to clap 4
* build(deps): bump mockito from 0.31.1 to 0.32.3
* workflows: update clippy to 1.67
* Fix clippy lints
* Inline variables into format strings
* build(deps): bump zbus from 3.9.0 to 3.10.0
* build(deps): bump serde_json from 1.0.92 to 1.0.93
ModerateSUSE bug 1242665CVE-2025-3416 at SUSECVE-2025-3416 at NVDcpe:/o:suse:sl-micro:6.1Security update for cloud-regionsrv-client, python-toml (Moderate)SUSE Linux Micro 6.1
This update for cloud-regionsrv-client, python-toml contains the following fixes:
cloud-regionsrv-client:
- Update to 10.3.11 (bsc#1234050)
+ Send registration code for the extensions, not only base product
- Update to 10.3.9: (bsc#1234050)
+ Send registration code for the extensions, not only base product
- Update to 10.3.8: (bsc#1233333)
+ Fix the package requirements for cloud-regionsrv-client
+ Follow changes to suseconnect error reporting from stdout to stderr
- Update to 10.3.7: (bsc#1232770)
+ Fix the product triplet for LTSS, it is always SLES-LTSS, not
$BASEPRODUCT-LTSS
- Update to 10.3.6: (jsc#PCT-471, bsc#1230615)
+ Fix sudo setup
~ permissions cloudguestregistryauth
~ directory ownership /etc/sudoers.d
+ spec file
~ Remove traces of registry related entries on SLE 12
+ Forward port
~ fix for sles12 disable registry
~ fix for sles12 no trans_update
+ Deregister non free extensions at registercloudguest --clean
+ Fix registry cleanup at registercloudguest --clean, don't remove files
+ Prevent duplicate search entries in registry setup
- Update EC2 plugin to 1.0.5
+ Switch to using the region endpoint from IMDS to determine the region
instead of deriving the data from the availability zone
- Update to 10.3.5:
+ Update spec file to build in all code streams and have proper dependencies.
- Update to 10.3.4:
+ Modify the message when network access over a specific IP version does
not work. This is an informational message and should not look like
an error
+ Inform the user that LTSS registration takes a little longer
+ fix for sles12 no transactional update:
+ SLE 12 family has no products with transactional-update we do not
need to look for this condition
- From 10.3.3: (bsc#1229472)
+ Handle changes in process structure to properly identify the running
zypper parent process and only check for 1 PID
- From 10.3.2:
+ Remove rgnsrv-clnt-fix-docker-setup patch included upstream
- From 10.3.1: (jsc#PCT-400)
+ Add support for LTSS registration
+ Add fix for sles12 disable registry issue:
~ No container support in SLE 12
- Add fix for docker setup: (bsc#1229137)
+ The entry for the update infrastructure registry mirror was written
incorrectly causing docker daemon startup to fail.
- Update to version 10.3.0: (bsc#1227308, bsc#1222985)
+ Add support for sidecar registry
Podman and rootless Docker support to set up the necessary
configuration for the container engines to run as defined
+ Add running command as root through sudoers file
python-toml:
- Includes python311-toml as dependency for cloud-regionsrv-client
ModerateSUSE bug 1222985SUSE bug 1227308SUSE bug 1229137SUSE bug 1229472SUSE bug 1230615SUSE bug 1232770SUSE bug 1233333SUSE bug 1234050cpe:/o:suse:sl-micro:6.1Recommended update for pam_pkcs11 (Important)SUSE Linux Micro 6.1
This update for pam_pkcs11 fixes the following issues:
- Removes pam_env from auth stack for security reason [bsc#1243226]
ImportantSUSE bug 1243226CVE-2025-6018 at SUSECVE-2025-6018 at NVDcpe:/o:suse:sl-micro:6.1Security update for sudo (Important)SUSE Linux Micro 6.1
This update for sudo fixes the following issues:
- CVE-2025-32462: Fix a possible local privilege escalation via the --host option (bsc#1245274)
- CVE-2025-32463: Fix a possible local privilege Escalation via chroot option (bsc#1245275)
ImportantSUSE bug 1245274SUSE bug 1245275CVE-2025-32462 at SUSECVE-2025-32462 at NVDCVE-2025-32463 at SUSECVE-2025-32463 at NVDcpe:/o:suse:sl-micro:6.1Security update for salt (Critical)SUSE Linux Micro 6.1
This update for salt fixes the following issues:
- Security issues fixed:
- CVE-2024-38822: Fixed Minion token validation (bsc#1244561)
- CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport (bsc#1244564)
- CVE-2024-38824: Fixed directory traversal vulnerability in recv_file method (bsc#1244565)
- CVE-2024-38825: Fixed salt.auth.pki module authentication issue (bsc#1244566)
- CVE-2025-22240: Fixed arbitrary directory creation or file deletion with GitFS (bsc#1244567)
- CVE-2025-22236: Fixed Minion event bus authorization bypass (bsc#1244568)
- CVE-2025-22241: Fixed the use of un-validated input in the VirtKey class (bsc#1244570)
- CVE-2025-22237: Fixed exploitation of the 'on demand' pillar functionality (bsc#1244571)
- CVE-2025-22238: Fixed the master's default cache vulnerability to a directory traversal attack (bsc#1244572)
- CVE-2025-22239: Fixed the arbitrary event injection on the Salt Master (bsc#1244574)
- CVE-2025-22242: Fixed a Denial of Service vulnerability through file read operation (bsc#1244575)
- CVE-2025-47287: Fixed a Denial of Service vulnerability in Tornado logging behavior (bsc#1243268)
- Other bugs fixed:
- Added subsystem filter to udev.exportdb (bsc#1236621)
- Fixed Ubuntu 24.04 edge-case test failures
- Fixed refresh of osrelease and related grains on Python 3.10+
- Fixed issue requiring proper Python flavor for dependencies
CriticalSUSE bug 1236621SUSE bug 1243268SUSE bug 1244561SUSE bug 1244564SUSE bug 1244565SUSE bug 1244566SUSE bug 1244567SUSE bug 1244568SUSE bug 1244570SUSE bug 1244571SUSE bug 1244572SUSE bug 1244574SUSE bug 1244575CVE-2024-38822 at SUSECVE-2024-38822 at NVDCVE-2024-38823 at SUSECVE-2024-38823 at NVDCVE-2024-38824 at SUSECVE-2024-38824 at NVDCVE-2024-38825 at SUSECVE-2024-38825 at NVDCVE-2025-22236 at SUSECVE-2025-22236 at NVDCVE-2025-22237 at SUSECVE-2025-22237 at NVDCVE-2025-22238 at SUSECVE-2025-22238 at NVDCVE-2025-22239 at SUSECVE-2025-22239 at NVDCVE-2025-22240 at SUSECVE-2025-22240 at NVDCVE-2025-22241 at SUSECVE-2025-22241 at NVDCVE-2025-22242 at SUSECVE-2025-22242 at NVDCVE-2025-47287 at SUSECVE-2025-47287 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-requests (Important)SUSE Linux Micro 6.1
This update for python-requests fixes the following issues:
- Avoid problems with certificate caching in sslcontext.
(bsc#1246104, gh#psf/requests#6767)
Update to 2.32.4:
* CVE-2024-47081 Fixed an issue where a maliciously crafted URL
and trusted environment will retrieve credentials for the wrong
hostname/machine from a netrc file (gh#psf/requests#6965, bsc#1244039)
* Numerous documentation improvements
* Added support for pypy 3.11 for Linux and macOS.
* Dropped support for pypy 3.9 following its end of support.
ImportantSUSE bug 1244039SUSE bug 1246104CVE-2024-47081 at SUSECVE-2024-47081 at NVDcpe:/o:suse:sl-micro:6.1Security update for perl (Important)SUSE Linux Micro 6.1
This update for perl fixes the following issues:
- CVE-2024-56406: Fixed heap buffer overflow when transliterating
non-ASCII bytes (bsc#1241083)
- CVE-2025-40909: Fixed a working directory race condition causing
file operations to target unintended paths (bsc#1244079)
ImportantSUSE bug 1241083SUSE bug 1244079CVE-2024-56406 at SUSECVE-2024-56406 at NVDCVE-2025-40909 at SUSECVE-2025-40909 at NVDcpe:/o:suse:sl-micro:6.1Security update for pam-config (Important)SUSE Linux Micro 6.1
This update for pam-config fixes the following issues:
- CVE-2025-6018: Stop adding pam_env in AUTH stack, and be sure to put
this module at the really end of the SESSION stack. (bsc#1243226)
ImportantSUSE bug 1243226CVE-2025-6018 at SUSECVE-2025-6018 at NVDcpe:/o:suse:sl-micro:6.1Security update for docker (Moderate)SUSE Linux Micro 6.1
This update for docker fixes the following issues:
- Update to Go 1.24 for builds, to match upstream.
- Update to Docker 28.3.2-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2832>
- Update to Docker 28.3.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2831>
- Update to Docker 28.3.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2830>
bsc#1246556
- Update to docker-buildx v0.25.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.25.0>
- CVE-2025-22872: golang.org/x/net/html: Fixed incorrectly interpreted tags
causing content to be placed wrong scope during DOM construction (bsc#1241830)
- Do not try to inject SUSEConnect secrets when in Rootless Docker mode, as
Docker does not have permission to access the host zypper credentials in this
mode (and unprivileged users cannot disable the feature using
/etc/docker/suse-secrets-enable.) bsc#1240150
- Always clear SUSEConnect suse_* secrets when starting containers regardless
of whether the daemon was built with SUSEConnect support. Not doing this
causes containers from SUSEConnect-enabled daemons to fail to start when
running with SUSEConnect-disabled (i.e. upstream) daemons.
This was a long-standing issue with our secrets support but until recently
this would've required migrating from SLE packages to openSUSE packages
(which wasn't supported). However, as SLE Micro 6.x and SLES 16 will move
away from in-built SUSEConnect support, this is now a practical issue users
will run into. bsc#1244035
ModerateSUSE bug 1240150SUSE bug 1241830SUSE bug 1242114SUSE bug 1243833SUSE bug 1244035SUSE bug 1246556CVE-2025-22872 at SUSECVE-2025-22872 at NVDcpe:/o:suse:sl-micro:6.1Security update for libgcrypt (Moderate)SUSE Linux Micro 6.1
This update for libgcrypt fixes the following issues:
- CVE-2024-2236: Fixed timing based side-channel in RSA implementation (bsc#1221107)
ModerateSUSE bug 1221107CVE-2024-2236 at SUSECVE-2024-2236 at NVDcpe:/o:suse:sl-micro:6.1Security update for python311 (Important)SUSE Linux Micro 6.1
This update for python311 fixes the following issues:
- CVE-2025-6069: Avoid worst case quadratic complexity when processing
certain crafted malformed inputs with HTMLParser (bsc#1244705).
Update to 3.11.13:
- Security
- gh-135034: Fixes multiple issues that allowed tarfile
extraction filters (filter="data" and filter="tar")
to be bypassed using crafted symlinks and hard links.
Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138
(bsc#1244059), CVE-2025-4330 (bsc#1244060), and
CVE-2025-4517 (bsc#1244032). Also addresses CVE-2025-4435
(gh#135034, bsc#1244061).
- gh-133767: Fix use-after-free in the “unicode-escape”
decoder with a non-“strict” error handler (CVE-2025-4516,
bsc#1243273).
- gh-128840: Short-circuit the processing of long IPv6
addresses early in ipaddress to prevent excessive memory
consumption and a minor denial-of-service.
- Library
- gh-128840: Fix parsing long IPv6 addresses with embedded
IPv4 address.
- gh-134062: ipaddress: fix collisions in __hash__() for
IPv4Network and IPv6Network objects.
- gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output
according to RFC 3596, ?2.5. Patch by B?n?dikt Tran.
- bpo-43633: Improve the textual representation of
IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2)
in ipaddress. Patch by Oleksandr Pavliuk.
ImportantSUSE bug 1243155SUSE bug 1243273SUSE bug 1244032SUSE bug 1244056SUSE bug 1244059SUSE bug 1244060SUSE bug 1244061SUSE bug 1244705CVE-2024-12718 at SUSECVE-2024-12718 at NVDCVE-2025-4138 at SUSECVE-2025-4138 at NVDCVE-2025-4330 at SUSECVE-2025-4330 at NVDCVE-2025-4435 at SUSECVE-2025-4435 at NVDCVE-2025-4516 at SUSECVE-2025-4516 at NVDCVE-2025-4517 at SUSECVE-2025-4517 at NVDCVE-2025-6069 at SUSECVE-2025-6069 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-firmware (Important)SUSE Linux Micro 6.1
This update for kernel-firmware fixes the following issues:
- Update to version 20241128 (git commit ea71da6f0690):
* i915: Update Xe2LPD DMC to v2.24
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops
* iwlwifi: add Bz-gf FW for core89-91 release
* amdgpu: update smu 13.0.10 firmware
* amdgpu: update sdma 6.0.3 firmware
* amdgpu: update psp 13.0.10 firmware
* amdgpu: update gc 11.0.3 firmware
* amdgpu: add smu 13.0.14 firmware
* amdgpu: add sdma 4.4.5 firmware
* amdgpu: add psp 13.0.14 firmware
* amdgpu: add gc 9.4.4 firmware
* amdgpu: update vcn 3.1.2 firmware
* amdgpu: update psp 13.0.5 firmware
* amdgpu: update psp 13.0.8 firmware
* amdgpu: update vega20 firmware
* amdgpu: update vega12 firmware
* amdgpu: update psp 14.0.4 firmware
* amdgpu: update gc 11.5.2 firmware
* amdgpu: update vega10 firmware
* amdgpu: update vcn 4.0.0 firmware
* amdgpu: update smu 13.0.0 firmware
* amdgpu: update psp 13.0.0 firmware
* amdgpu: update gc 11.0.0 firmware
* amdgpu: update beige goby firmware
* amdgpu: update vangogh firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update navy flounder firmware
* amdgpu: update psp 13.0.11 firmware
* amdgpu: update gc 11.0.4 firmware
* amdgpu: update vcn 4.0.2 firmware
* amdgpu: update psp 13.0.4 firmware
* amdgpu: update gc 11.0.1 firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update vpe 6.1.1 firmware
* amdgpu: update vcn 4.0.6 firmware
* amdgpu: update psp 14.0.1 firmware
* amdgpu: update gc 11.5.1 firmware
* amdgpu: update vcn 4.0.5 firmware
* amdgpu: update psp 14.0.0 firmware
* amdgpu: update gc 11.5.0 firmware
* amdgpu: update navi14 firmware
* amdgpu: update arcturus firmware
* amdgpu: update renoir firmware
* amdgpu: update navi12 firmware
* amdgpu: update sdma 4.4.2 firmware
* amdgpu: update psp 13.0.6 firmware
* amdgpu: update gc 9.4.3 firmware
* amdgpu: update vcn 4.0.4 firmware
* amdgpu: update psp 13.0.7 firmware
* amdgpu: update gc 11.0.2 firmware
* amdgpu: update navi10 firmware
* amdgpu: update aldebaran firmware
- Update aliases from 6.13-rc1
- Update to version 20241125 (git commit 508d770ee6f3):
* ice: update ice DDP wireless_edge package to 1.3.20.0
* ice: update ice DDP comms package to 1.3.52.0
* ice: update ice DDP package to ice-1.3.41.0
* amdgpu: update DMCUB to v9.0.10.0 for DCN314
* amdgpu: update DMCUB to v9.0.10.0 for DCN351
- Update to version 20241121 (git commit 48bb90cceb88):
* linux-firmware: Update AMD cpu microcode
* xe: Update GUC to v70.36.0 for BMG, LNL
* i915: Update GUC to v70.36.0 for ADL-P, DG1, DG2, MTL, TGL
- Update to version 20241119 (git commit 60cdfe1831e8):
* iwlwifi: add Bz-gf FW for core91-69 release
- Update aliases from 6.12
- Update to version 20241113 (git commit 1727aceef4d2):
* qcom: venus-5.4: add venus firmware file for qcs615
* qcom: update venus firmware file for SC7280
* QCA: Add 22 bluetooth firmware nvm files for QCA2066
- Update to version 20241112 (git commit c57a0a42468b):
* mediatek MT7922: update bluetooth firmware to 20241106163512
* mediatek MT7921: update bluetooth firmware to 20241106151414
* linux-firmware: update firmware for MT7922 WiFi device
* linux-firmware: update firmware for MT7921 WiFi device
* qcom: Add QDU100 firmware image files.
* qcom: Update aic100 firmware files
* dedup-firmware.sh: fix infinite loop for --verbose
* rtl_bt: Update RTL8852BT/RTL8852BE-VT BT USB FW to 0x04D7_63F7
* cnm: update chips&media wave521c firmware.
* mediatek MT7920: update bluetooth firmware to 20241104091246
* linux-firmware: update firmware for MT7920 WiFi device
* copy-firmware.sh: Run check_whence.py only if in a git repo
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops
* amdgpu: update DMCUB to v9.0.10.0 for DCN351
* rtw89: 8852a: update fw to v0.13.36.2
* rtw88: Add firmware v52.14.0 for RTL8812AU
* i915: Update Xe2LPD DMC to v2.23
* linux-firmware: update firmware for mediatek bluetooth chip (MT7925)
* linux-firmware: update firmware for MT7925 WiFi device
* WHENCE: Add sof-tolg for mt8195
* linux-firmware: Update firmware file for Intel BlazarI core
* qcom: Add link for QCS6490 GPU firmware
* qcom: update gpu firmwares for qcs615 chipset
* cirrus: cs35l56: Update firmware for Cirrus Amps for some HP laptops
* mediatek: Add sof-tolg for mt8195
- Update to version 20241029 (git commit 048795eef350):
* ath11k: move WCN6750 firmware to the device-specific subdir
* xe: Update LNL GSC to v104.0.0.1263
* i915: Update MTL/ARL GSC to v102.1.15.1926
- Update to version 20241028 (git commit 987607d681cb):
* amdgpu: DMCUB updates for various AMDGPU ASICs
* i915: Add Xe3LPD DMC
* cnm: update chips&media wave521c firmware.
* linux-firmware: Add firmware for Cirrus CS35L41
* linux-firmware: Update firmware file for Intel BlazarU core
* Makefile: error out of 'install' if COPYOPTS is set
- Update to version 20241018 (git commit 2f0464118f40):
* check_whence.py: skip some validation if git ls-files fails
* qcom: Add Audio firmware for X1E80100 CRD/QCPs
* amdgpu: DMCUB updates forvarious AMDGPU ASICs
* brcm: replace NVRAM for Jetson TX1
* rtlwifi: Update firmware for RTL8192FU to v7.3
* make: separate installation and de-duplication targets
* check_whence.py: check the permissions
* Remove execute bit from firmware files
* configure: remove unused file
* rtl_nic: add firmware rtl8125d-1
- Update to version 20241014 (git commit 99f9c7ed1f4a):
* iwlwifi: add gl/Bz FW for core91-69 release
* iwlwifi: update ty/So/Ma firmwares for core91-69 release
* iwlwifi: update cc/Qu/QuZ firmwares for core91-69 release
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for a Lenovo Laptop
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for some ASUS laptops
* cirrus: cs35l56: Add firmware for Cirrus Amps for some HP laptops
* linux-firmware: update firmware for en8811h 2.5G ethernet phy
* QCA: Add Bluetooth firmwares for WCN785x with UART transport
- Update to version 20241011 (git commit 808cba847c70):
* mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher
* ath12k: WCN7850 hw2.0: update board-2.bin (bsc#1230596)
* ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1
* ath12k: QCN9274 hw2.0: add board-2.bin
* copy-firmware.sh: rename variables in symlink hanlding
* copy-firmware.sh: remove no longer reachable test -L
* copy-firmware.sh: remove no longer reachable test -f
* copy-firmware.sh: call ./check_whence.py before parsing the file
* copy-firmware.sh: warn if the destination folder is not empty
* copy-firmware.sh: add err() helper
* copy-firmware.sh: fix indentation
* copy-firmware.sh: reset and consistently handle destdir
* Revert "copy-firmware: Support additional compressor options"
* copy-firmware.sh: flesh out and fix dedup-firmware.sh
* Style update yaml files
* editorconfig: add initial config file
* check_whence.py: annotate replacement strings as raw
* check_whence.py: LC_ALL=C sort -u the filelist
* check_whence.py: ban link-to-a-link
* check_whence.py: use consistent naming
* Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin
* tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31
- Drop obsoleted --ignore-duplicates option to copy-firmware.sh
- Drop the ath12k workaround again
- Update to version 20241010 (git commit d4e688aa74a0):
* rtlwifi: Add firmware v39.0 for RTL8192DU
* Revert "ath12k: WCN7850 hw2.0: update board-2.bin"
(replaced with a newer firmware in this package instead)
- update aliases
- Update to version 20241004 (git commit bbb77872a8a7):
* amdgpu: DMCUB DCN35 update
* brcm: Add BCM4354 NVRAM for Jetson TX1
* brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram
- Update to version 20241001 (git commit 51e5af813eaf):
* linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920)
* linux-firmware: add firmware for MT7920
* amdgpu: update raven firmware
* amdgpu: update SMU 13.0.10 firmware
* amdgpu: update PSP 13.0.10 firmware
* amdgpu: update GC 11.0.3 firmware
* amdgpu: update VCN 3.1.2 firmware
* amdgpu: update PSP 13.0.5 firmware
* amdgpu: update PSP 13.0.8 firmware
* amdgpu: update vega12 firmware
* amdgpu: update PSP 14.0.4 firmware
* amdgpu: update GC 11.5.2 firmware
* amdgpu: update vega10 firmware
* amdgpu: update VCN 4.0.0 firmware
* amdgpu: update PSP 13.0.0 firmware
* amdgpu: update GC 11.0.0 firmware
* amdgpu: update picasso firmware
* amdgpu: update beige goby firmware
* amdgpu: update vangogh firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update navy flounder firmware
* amdgpu: update green sardine firmware
* amdgpu: update VCN 4.0.2 firmware
* amdgpu: update PSP 13.0.4 firmware
* amdgpu: update GC 11.0.1 firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update VCN 4.0.6 firmware
* amdgpu: update PSP 14.0.1 firmware
* amdgpu: update GC 11.5.1 firmware
* amdgpu: update VCN 4.0.5 firmware
* amdgpu: update PSP 14.0.0 firmware
* amdgpu: update GC 11.5.0 firmware
* amdgpu: update navi14 firmware
* amdgpu: update renoir firmware
* amdgpu: update navi12 firmware
* amdgpu: update SMU 13.0.6 firmware
* amdgpu: update SDMA 4.4.2 firmware
* amdgpu: update PSP 13.0.6 firmware
* amdgpu: update GC 9.4.3 firmware
* amdgpu: update yellow carp firmware
* amdgpu: update VCN 4.0.4 firmware
* amdgpu: update PSP 13.0.7 firmware
* amdgpu: update GC 11.0.2 firmware
* amdgpu: update navi10 firmware
* amdgpu: update aldebaran firmware
* qcom: update gpu firmwares for qcm6490 chipset
* mt76: mt7996: add firmware files for mt7992 chipset
* mt76: mt7996: add firmware files for mt7996 chipset variants
* qcom: add gpu firmwares for sa8775p chipset
* rtw89: 8922a: add fw format-2 v0.35.42.1
- Pick up the fixed ath12k firmware from
https://git.codelinaro.org/clo/ath-firmware/ath12k-firmware
(bsc#1230596)
- Update aliases from 6.11.x and 6.12-rc1
- Update to version 20240913 (git commit bcbdd1670bc3):
* amdgpu: update DMCUB to v0.0.233.0 DCN351
* copy-firmware: Handle links to uncompressed files
* WHENCE: Fix battmgr.jsn entry type
- Temporary revert for ath12k firmware (bsc#1230596)
- Update to version 20240912 (git commit 47c72fee8fe3):
* amdgpu: Add VPE 6.1.3 microcode
* amdgpu: add SDMA 6.1.2 microcode
* amdgpu: Add support for PSP 14.0.4
* amdgpu: add GC 11.5.2 microcode
* qcom: qcm6490: add ADSP and CDSP firmware
* linux-firmware: Update firmware file for Intel Bluetooth Magnetor core
* linux-firmware: Update firmware file for Intel BlazarU core
* linux-firmware: Update firmware file for Intel Bluetooth Solar core
- Update to version 20240911 (git commit 59def907425d):
* rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 (bsc#1229272)
- Update to version 20240910 (git commit 2a7b69a3fa30):
* realtek: rt1320: Add patch firmware of MCU
* i915: Update MTL DMC v2.23
* cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops
- Update to version 20240903 (git commit 96af55bd3d0b):
* amdgpu: Revert sienna cichlid dmcub firmware update (bsc#1230007)
* iwlwifi: add Bz FW for core89-58 release
* rtl_nic: add firmware rtl8126a-3
* linux-firmware: update firmware for MT7921 WiFi device
* linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
- Update to version 20240830 (git commit d6c600d46981):
* amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351
* qcom: vpu: restore compatibility with kernels before 6.6
- Update to version 20240826 (git commit bec4fd18cc57):
(including ath11k f/w updates for bsc#1234027)
* amdgpu: DMCUB updates forvarious AMDGPU ASICs
* rtw89: 8922a: add fw format-1 v0.35.41.0
* linux-firmware: update firmware for MT7925 WiFi device
* linux-firmware: update firmware for mediatek bluetooth chip (MT7925)
* rtl_bt: Add firmware and config files for RTL8922A
* rtl_bt: Add firmware file for the the RTL8723CS Bluetooth part
* rtl_bt: de-dupe identical config.bin files
* rename rtl8723bs_config-OBDA8723.bin -> rtl_bt/rtl8723bs_config.bin
* linux-firmware: Update AMD SEV firmware
* linux-firmware: update firmware for MT7996
* Revert "i915: Update MTL DMC v2.22"
* ath12k: WCN7850 hw2.0: update board-2.bin
* ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.41
* ath11k: WCN6855 hw2.0: update board-2.bin
* ath11k: QCA2066 hw2.1: add to WLAN.HSP.1.1-03926.13-QCAHSPSWPL_V2_SILICONZ_CE-2.52297.3
* ath11k: QCA2066 hw2.1: add board-2.bin
* ath11k: IPQ5018 hw1.0: update to WLAN.HK.2.6.0.1-01291-QCAHKSWPL_SILICONZ-1
* qcom: vpu: add video firmware for sa8775p
* amdgpu: DMCUB updates for various AMDGPU ASICs
- Update to version 20240809 (git commit 36db650dae03):
* qcom: update path for video firmware for vpu-1/2/3.0
* QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00642
* rtw89: 8852c: add fw format-1 v0.27.97.0
* rtw89: 8852bt: add firmware 0.29.91.0
* amdgpu: Update ISP FW for isp v4.1.1
* mediatek: Update mt8195 SOF firmware
* amdgpu: DMCUB updates for DCN314
* xe: First GuC release v70.29.2 for BMG
* xe: Add GuC v70.29.2 for LNL
* i915: Add GuC v70.29.2 for ADL-P, DG1, DG2, MTL, and TGL
* i915: Update MTL DMC v2.22
* i915: update MTL GSC to v102.0.10.1878
* xe: Add BMG HuC 8.2.10
* xe: Add GSC 104.0.0.1161 for LNL
* xe: Add LNL HuC 9.4.13
* i915: update DG2 HuC to v7.10.16
* amdgpu: Update ISP FW for isp v4.1.1
* QCA: Update Bluetooth QCA2066 firmware to 2.1.0-00641
ImportantSUSE bug 1219458SUSE bug 1229069SUSE bug 1229272SUSE bug 1230007SUSE bug 1230596SUSE bug 1234027CVE-2023-31315 at SUSECVE-2023-31315 at NVDcpe:/o:suse:sl-micro:6.1Security update for xz (Important)SUSE Linux Micro 6.1
This update for xz fixes the following issues:
- CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset (bsc#1240414)
ImportantSUSE bug 1240414CVE-2025-31115 at SUSECVE-2025-31115 at NVDcpe:/o:suse:sl-micro:6.1Security update for jq (Important)SUSE Linux Micro 6.1
This update for jq fixes the following issues:
- CVE-2025-48060: Fixed stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) (bsc#1244116)
- CVE-2024-23337: Fixed signed integer overflow in jv.c:jvp_array_write (bsc#1243450)
- CVE-2024-53427: Fixed stack-buffer-overflow in the decNumberCopy function in decNumber.c (bsc#1238078)
ImportantSUSE bug 1238078SUSE bug 1243450SUSE bug 1244116CVE-2024-23337 at SUSECVE-2024-23337 at NVDCVE-2024-53427 at SUSECVE-2024-53427 at NVDCVE-2025-48060 at SUSECVE-2025-48060 at NVDcpe:/o:suse:sl-micro:6.1Security update for openssh (Important)SUSE Linux Micro 6.1
This update for openssh fixes the following issues:
Security issues fixed:
- CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (bsc#1237040)
- CVE-2025-26466: Fixed a DoS attack against OpenSSH's client and server (bsc#1237041)
Other issues fixed:
- Fix ssh client segfault with GSSAPIKeyExchange=yes in ssh_kex2
due to gssapi proposal not being correctly initialized
(bsc#1236826).
- Add a patch to fix a regression introduced in 9.6 that makes X11
forwarding very slow. (bsc#1229449)
- Fixed RFC4256 implementation so that keyboard-interactive authentication method can send
instructions and sshd shows them to users even before a prompt
is requested. This fixes MFA push notifications (bsc#1229010).
- Fix a dbus connection leaked in the logind patch that was
missing a sd_bus_unref call
- Add a patch that fixes a small memory leak when parsing the
subsystem configuration option:
- Remove empty line at the end of sshd-sle.pamd (bsc#1227456)
ImportantSUSE bug 1227456SUSE bug 1229010SUSE bug 1229072SUSE bug 1229449SUSE bug 1236826SUSE bug 1237040SUSE bug 1237041CVE-2025-26465 at SUSECVE-2025-26465 at NVDCVE-2025-26466 at SUSECVE-2025-26466 at NVDcpe:/o:suse:sl-micro:6.1Security update for helm (Important)SUSE Linux Micro 6.1
This update for helm fixes the following issues:
Update to version 3.18.4 (bsc#1246152, CVE-2025-53547):
* Disabling linter due to unknown issue f20a4ad (Matt Farina)
* build(deps): bump the k8s-io group with 7 updates 563b094
(dependabot[bot])
* Updating link handling 00de613 (Matt Farina)
ImportantSUSE bug 1246152CVE-2025-53547 at SUSECVE-2025-53547 at NVDcpe:/o:suse:sl-micro:6.1Security update for libssh (Important)SUSE Linux Micro 6.1
This update for libssh fixes the following issues:
- CVE-2025-5372: ssh_kdf() returns a success code on certain failures (bsc#1245314)
- CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend (bsc#1245317)
- CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions (bsc#1245309)
- CVE-2025-4878: Use of uninitialized variable in privatekey_from_file() (bsc#1245310)
- CVE-2025-5318: Likely read beyond bounds in sftp server handle management (bsc#1245311)
- CVE-2025-5351: Double free in functions exporting keys (bsc#1245312)
ImportantSUSE bug 1245309SUSE bug 1245310SUSE bug 1245311SUSE bug 1245312SUSE bug 1245314SUSE bug 1245317CVE-2025-4877 at SUSECVE-2025-4877 at NVDCVE-2025-4878 at SUSECVE-2025-4878 at NVDCVE-2025-5318 at SUSECVE-2025-5318 at NVDCVE-2025-5351 at SUSECVE-2025-5351 at NVDCVE-2025-5372 at SUSECVE-2025-5372 at NVDCVE-2025-5987 at SUSECVE-2025-5987 at NVDcpe:/o:suse:sl-micro:6.1Security update for libarchive (Moderate)SUSE Linux Micro 6.1
This update for libarchive fixes the following issues:
- CVE-2025-5918: reading past EOF may be triggered for piped file streams (bsc#1244279)
- CVE-2025-5917: off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336)
- CVE-2025-5916: integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)
- CVE-2025-5915: heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273)
- CVE-2025-5914: double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)
ModerateSUSE bug 1244270SUSE bug 1244272SUSE bug 1244273SUSE bug 1244279SUSE bug 1244336CVE-2025-5914 at SUSECVE-2025-5914 at NVDCVE-2025-5915 at SUSECVE-2025-5915 at NVDCVE-2025-5916 at SUSECVE-2025-5916 at NVDCVE-2025-5917 at SUSECVE-2025-5917 at NVDCVE-2025-5918 at SUSECVE-2025-5918 at NVDcpe:/o:suse:sl-micro:6.1Security update for openssl-3 (Moderate)SUSE Linux Micro 6.1
This update for openssl-3 fixes the following issues:
- CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262)
ModerateSUSE bug 1220262CVE-2023-50782 at SUSECVE-2023-50782 at NVDcpe:/o:suse:sl-micro:6.1Security update for systemd (Moderate)SUSE Linux Micro 6.1
This update for systemd fixes the following issues:
- Remove the script used to help migrating the language and locale settings
located in /etc/sysconfig/language on old systems to the systemd default
locations (bsc#1247074)
The script was introduced more than 7 years ago and all systems running TW
should have been migrated since then. Moreover the installer supports the
systemd default locations since approximately SLE15.
- triggers.systemd: skip update of hwdb, journal-catalog if executed during an
offline update.
- logs-show: get timestamp and boot ID only when necessary (bsc#1242827)
- sd-journal: drop to use Hashmap to manage journal files per boot ID
- tree-wide: set SD_JOURNAL_ASSUME_IMMUTABLE where appropriate
- sd-journal: introduce SD_JOURNAL_ASSUME_IMMUTABLE flag
- sd-journal: make journal_file_read_tail_timestamp() notify to the caller that some new journal entries added
- sd-journal: cache last entry offset and journal file state
- sd-journal: fix typo in function name
- coredump: use %d in kernel core pattern (bsc#1243935 CVE-2025-4598)
ModerateSUSE bug 1242827SUSE bug 1243935SUSE bug 1247074CVE-2025-4598 at SUSECVE-2025-4598 at NVDcpe:/o:suse:sl-micro:6.1Security update for libsoup (Important)SUSE Linux Micro 6.1
This update for libsoup fixes the following issues:
- CVE-2025-4945: Fixed Integer Overflow in Cookie Expiration Date Handling (bsc#1243314)
- CVE-2025-4948: Fixed Integer Underflow in soup_multipart_new_from_message()
Leading to Denial of Service (bsc#1243332)
- CVE-2025-4476: Fixed null pointer dereference leading to denial of service (bsc#1243422)
- CVE-2025-4969: Fixed off-by-one out-of-bounds read leading to infoleak (bsc#1243423)
ImportantSUSE bug 1243314SUSE bug 1243332SUSE bug 1243422SUSE bug 1243423SUSE bug 528882SUSE bug 553466CVE-2025-4476 at SUSECVE-2025-4476 at NVDCVE-2025-4945 at SUSECVE-2025-4945 at NVDCVE-2025-4948 at SUSECVE-2025-4948 at NVDCVE-2025-4969 at SUSECVE-2025-4969 at NVDcpe:/o:suse:sl-micro:6.1Security update for pam_pkcs11 (Critical)SUSE Linux Micro 6.1
This update for pam_pkcs11 fixes the following issues:
- CVE-2025-24531: Fixed regression in version 0.6.12 returning PAM_IGNORE in many situations with possible authentication bypass (bsc#1236314).
CriticalSUSE bug 1236314CVE-2025-24531 at SUSECVE-2025-24531 at NVDcpe:/o:suse:sl-micro:6.1Security update for expat (Moderate)SUSE Linux Micro 6.1
This update for expat fixes the following issues:
-CVE-2024-50602: Fixed DoS via XML_ResumeParser (bsc#1232579).
ModerateSUSE bug 1232579CVE-2024-50602 at SUSECVE-2024-50602 at NVDcpe:/o:suse:sl-micro:6.1Security update for libxml2 (Important)SUSE Linux Micro 6.1
This update for libxml2 fixes the following issues:
- CVE-2025-6021: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 [bsc#1244580]
- CVE-2025-6170: stack buffer overflow may lead to a crash [bsc#1244700]
- CVE-2025-7425: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr [bsc#1246296]
- CVE-2025-49794: heap use after free (UAF) can lead to Denial of service (DoS) [bsc#1244554]
- CVE-2025-49795: null pointer dereference may lead to Denial of service (DoS) [bsc#1244555]
- CVE-2025-49796: type confusion may lead to Denial of service (DoS) [bsc#1244557]
ImportantSUSE bug 1244554SUSE bug 1244555SUSE bug 1244557SUSE bug 1244580SUSE bug 1244700SUSE bug 1246296CVE-2025-49794 at SUSECVE-2025-49794 at NVDCVE-2025-49795 at SUSECVE-2025-49795 at NVDCVE-2025-49796 at SUSECVE-2025-49796 at NVDCVE-2025-6021 at SUSECVE-2025-6021 at NVDCVE-2025-6170 at SUSECVE-2025-6170 at NVDCVE-2025-7425 at SUSECVE-2025-7425 at NVDcpe:/o:suse:sl-micro:6.1Security update for coreutils (Moderate)SUSE Linux Micro 6.1
This update for coreutils fixes the following issues:
- CVE-2025-5278: Sort with key character offsets of SIZE_MAX, could induce a read of 1 byte before an allocated heap buffer (bsc#1243767).
ModerateSUSE bug 1243767CVE-2025-5278 at SUSECVE-2025-5278 at NVDcpe:/o:suse:sl-micro:6.1Security update for libxslt (Important)SUSE Linux Micro 6.1
This update for libxslt fixes the following issues:
- CVE-2025-7424: Type confusion in xmlNode.psvi between stylesheet and source nodes [bsc#1246360]
ImportantSUSE bug 1246360CVE-2025-7424 at SUSECVE-2025-7424 at NVDcpe:/o:suse:sl-micro:6.1Security update for polkit (Important)SUSE Linux Micro 6.1
This update for polkit fixes the following issues:
- CVE-2025-7519: Fixed that a XML policy file with a large number of nested elements may lead to out-of-bounds write (bsc#1246472).
ImportantSUSE bug 1246472CVE-2025-7519 at SUSECVE-2025-7519 at NVDcpe:/o:suse:sl-micro:6.1Security update for Mesa (Moderate)SUSE Linux Micro 6.1
This update for Mesa fixes the following issues:
- CVE-2023-45913: NULL pointer dereference via dri2GetGlxDrawableFromXDrawableId() (bsc#1222040).
- CVE-2023-45919: Buffer over-read in glXQueryServerString() (bsc#1222041).
- CVE-2023-45922: Segmentation violation in __glXGetDrawableAttribute() (bsc#1222042).
ModerateSUSE bug 1222040SUSE bug 1222041SUSE bug 1222042CVE-2023-45913 at SUSECVE-2023-45913 at NVDCVE-2023-45919 at SUSECVE-2023-45919 at NVDCVE-2023-45922 at SUSECVE-2023-45922 at NVDcpe:/o:suse:sl-micro:6.1Security update for jbigkit (Moderate)SUSE Linux Micro 6.1
This update for jbigkit fixes the following issues:
- CVE-2022-1210: Malicious file leads to a denial of service in TIFF File Handler (bsc#1198146).
ModerateSUSE bug 1198146CVE-2022-1210 at SUSECVE-2022-1210 at NVDcpe:/o:suse:sl-micro:6.1Security update for gnutls (Important)SUSE Linux Micro 6.1
This update for gnutls fixes the following issues:
- CVE-2025-32988: Fixed double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName (bsc#1246232).
- CVE-2025-32989: Fixed heap buffer overread when handling the CT SCT extension during X.509 certificate parsing (bsc#1246233).
- CVE-2025-32990: Fixed 1-byte heap buffer overflow when parsing templates with certtool (bsc#1246267).
- CVE-2025-6395: Fixed NULL pointer dereference when 2nd Client Hello omits PSK (bsc#1246299).
ImportantSUSE bug 1246232SUSE bug 1246233SUSE bug 1246267SUSE bug 1246299CVE-2025-32988 at SUSECVE-2025-32988 at NVDCVE-2025-32989 at SUSECVE-2025-32989 at NVDCVE-2025-32990 at SUSECVE-2025-32990 at NVDCVE-2025-6395 at SUSECVE-2025-6395 at NVDcpe:/o:suse:sl-micro:6.1Security update for glib2 (Important)SUSE Linux Micro 6.1
This update for glib2 fixes the following issues:
- CVE-2025-6052: Fix overflow check when expanding a GString (bsc#1244596).
ImportantSUSE bug 1244596CVE-2025-6052 at SUSECVE-2025-6052 at NVDcpe:/o:suse:sl-micro:6.1Security update for opensc (Moderate)SUSE Linux Micro 6.1
This update for opensc fixes the following issues:
- CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386).
- CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key (bsc#1230364).
- CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init (bsc#1230076).
- CVE-2024-45619: Incorrect handling length of buffers or files in libopensc (bsc#1230075).
- CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init (bsc#1230074).
- CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc (bsc#1230073).
- CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc (bsc#1230072).
- CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init (bsc#1230071).
ModerateSUSE bug 1219386SUSE bug 1230071SUSE bug 1230072SUSE bug 1230073SUSE bug 1230074SUSE bug 1230075SUSE bug 1230076SUSE bug 1230364CVE-2023-5992 at SUSECVE-2023-5992 at NVDCVE-2024-45615 at SUSECVE-2024-45615 at NVDCVE-2024-45616 at SUSECVE-2024-45616 at NVDCVE-2024-45617 at SUSECVE-2024-45617 at NVDCVE-2024-45618 at SUSECVE-2024-45618 at NVDCVE-2024-45619 at SUSECVE-2024-45619 at NVDCVE-2024-45620 at SUSECVE-2024-45620 at NVDCVE-2024-8443 at SUSECVE-2024-8443 at NVDcpe:/o:suse:sl-micro:6.1Security update for dpkg (Moderate)SUSE Linux Micro 6.1
This update for dpkg fixes the following issues:
- CVE-2025-6297: Fixed cleanup for control member with restricted directories (bsc#1245573).
ModerateSUSE bug 1245573CVE-2025-6297 at SUSECVE-2025-6297 at NVDcpe:/o:suse:sl-micro:6.1Security update for protobuf (Important)SUSE Linux Micro 6.1
This update for protobuf fixes the following issues:
- CVE-2024-2410: Use after free when parsing JSON from a stream (bsc#1223947).
- CVE-2024-7254: StackOverflow vulnerability in Protocol Buffers (bsc#1230778).
- CVE-2025-4565: Parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups or messages can lead to crash due to RecursionError (bsc#1244663).
ImportantSUSE bug 1223947SUSE bug 1230778SUSE bug 1244663CVE-2024-2410 at SUSECVE-2024-2410 at NVDCVE-2024-7254 at SUSECVE-2024-7254 at NVDCVE-2025-4565 at SUSECVE-2025-4565 at NVDcpe:/o:suse:sl-micro:6.1Security update for sqlite3 (Important)SUSE Linux Micro 6.1
This update for sqlite3 fixes the following issues:
- CVE-2025-6965: Fixed integer truncation (bsc#1246597).
ImportantSUSE bug 1246597CVE-2025-6965 at SUSECVE-2025-6965 at NVDcpe:/o:suse:sl-micro:6.1Security update for curl (Important)SUSE Linux Micro 6.1
This update for curl fixes the following issues:
- CVE-2025-5399: libcurl can possibly get trapped in an endless busy-loop when processing specially crafted packets (bsc#1243933).
- CVE-2025-5025: No QUIC certificate pinning with wolfSSL (bsc#1243706).
- CVE-2025-4947: QUIC certificate check skip with wolfSSL (bsc#1243397).
Other bugfixes:
- Fix the --ftp-pasv option in curl v8.14.1 (bsc#1246197).
ImportantSUSE bug 1243397SUSE bug 1243706SUSE bug 1243933SUSE bug 1246197CVE-2025-4947 at SUSECVE-2025-4947 at NVDCVE-2025-5025 at SUSECVE-2025-5025 at NVDCVE-2025-5399 at SUSECVE-2025-5399 at NVDcpe:/o:suse:sl-micro:6.1Security update for ucode-intel (Important)SUSE Linux Micro 6.1
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)
- CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access
- CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
- CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- Update for functional issues.
- Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5
| GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6
| GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6
| ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3
| LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor
| MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13
| SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores
New Disclosures Updated in Prior Releases:
All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.
ImportantSUSE bug 1248438CVE-2025-20053 at SUSECVE-2025-20053 at NVDCVE-2025-20109 at SUSECVE-2025-20109 at NVDCVE-2025-22839 at SUSECVE-2025-22839 at NVDCVE-2025-22840 at SUSECVE-2025-22840 at NVDCVE-2025-22889 at SUSECVE-2025-22889 at NVDCVE-2025-26403 at SUSECVE-2025-26403 at NVDCVE-2025-32086 at SUSECVE-2025-32086 at NVDcpe:/o:suse:sl-micro:6.1Security update for docker (Moderate)SUSE Linux Micro 6.1
This update for docker fixes the following issues:
Update to docker-buildx v0.28.0.
See upstream changelog: <https://github.com/docker/buildx/releases/tag/v0.28.0>
Update to Docker 28.4.0-ce.
See upstream changelog: <https://docs.docker.com/engine/release-notes/28/#2840>
- Update warnings and errors related to "docker buildx ..." so that they
reference our openSUSE docker-buildx packages.
- Enable building docker-buildx for SLE15 systems with SUSEConnect secret
injection enabled.jsc#PED-12534jsc#PED-8905 bsc#1247594
As docker-buildx does not support our SUSEConnect secret injection (and some
users depend "docker build" working transparently), patch the docker CLI so
that "docker build" will no longer automatically call "docker buildx build",
effectively making DOCKER_BUILDKIT=0 the default configuration. Users can
manually use "docker buildx ..." commands or set DOCKER_BUILDKIT=1 in order
to opt-in to using docker-buildx.
Users can silence the "docker build" warning by setting DOCKER_BUILDKIT=0
explicitly.
In order to inject SCC credentials with docker-buildx, users should use
RUN --mount=type=secret,id=SCCcredentials zypper -n ...
in their Dockerfiles, and
docker buildx build --secret id=SCCcredentials,src=/etc/zypp/credentials.d/SCCcredentials,type=file .
when doing their builds.
Update to Docker 28.3.3-ce. See upstream changelog online at <https://docs.docker.com/engine/release-notes/28/#2833>
Security issue fixed:
- CVE-2025-54388: firewalld reload can make published container ports accessible from remote hosts (bsc#1247367)
Update to docker-buildx v0.26.1. Upstream changelog: <https://github.com/docker/buildx/releases/tag/v0.26.1>
Update to docker-buildx v0.26.0. Upstream changelog: <https://github.com/docker/buildx/releases/tag/v0.26.0>
ModerateSUSE bug 1247367SUSE bug 1247594CVE-2025-54388 at SUSECVE-2025-54388 at NVDcpe:/o:suse:sl-micro:6.1Security update for ucode-intel (Important)SUSE Linux Micro 6.1
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20250211 release (bsc#1237096)
- Security updates for INTEL-SA-01166
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01166.html
* CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware
Logic for some Intel Processors may allow privileged user to
potentially enable denial of service via local access.
- Security updates for INTEL-SA-01213
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01213.html
* CVE-2024-36293: A potential security vulnerability in some Intel
Software Guard Extensions (Intel SGX) Platforms may allow denial
of service. Intel is releasing microcode updates to mitigate this
potential vulnerability.
- Security updates for INTEL-SA-01139
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html
* not clear which CVEs are fixed here, and which are in UEFI BIOS updates.
- Security updates for INTEL-SA-01228
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01228.html
* CVE-2024-39355: A potential security vulnerability in some
13th and 14th Generation Intel Core Processors may allow denial
of service. Intel is releasing microcode and UEFI reference code
updates to mitigate this potential vulnerability.
- Security updates for INTEL-SA-01194
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01194.html
* CVE-2024-37020: A potential security vulnerability in the Intel
Data Streaming Accelerator (Intel DSA) for some Intel Xeon Processors
may allow denial of service. Intel is releasing software updates to
mitigate this potential vulnerability.
- Update for functional issues.
Refer to Intel Core Ultra Processor https://cdrdv2.intel.com/v1/dl/getContent/792254 for details.
- Refer to 13th/14th Generation Intel Core Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/740518 for details.
- Refer to 12th Generation Intel Core Processor Family
https://cdrdv2.intel.com/v1/dl/getContent/682436 for details.
- Refer to 11th Gen Intel Core Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/631123 for details.
- Refer to 8th and 9th Generation Intel Core Processor Family Spec
Update https://cdrdv2.intel.com/v1/dl/getContent/337346 for details.
- Refer to 5th Gen Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/793902 for details.
- Refer to 4th Gen Intel Xeon Scalable Processors Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/772415 for details.
- Refer to 3rd Generation Intel Xeon Processor Scalable Family
Specification Update https://cdrdv2.intel.com/v1/dl/getContent/637780
for details.
- Refer to Intel Xeon D-2700 Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/714071 for details.
- Refer to Intel Xeon E-2300 Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/709192 for details.
- Refer to Intel Xeon 6700-Series Processor Specification Update
https://cdrdv2.intel.com/v1/dl/getContent/820922 for details.
- Refer to Intel Processors and Intel Core i3 N-Series
https://cdrdv2.intel.com/v1/dl/getContent/764616 for details
### New Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| SRF-SP | C0 | 06-af-03/01 | | 03000330 | Xeon 6700-Series Processors
### Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ADL | C0 | 06-97-02/07 | 00000037 | 00000038 | Core Gen12
| ADL | H0 | 06-97-05/07 | 00000037 | 00000038 | Core Gen12
| ADL | L0 | 06-9a-03/80 | 00000435 | 00000436 | Core Gen12
| ADL | R0 | 06-9a-04/80 | 00000435 | 00000436 | Core Gen12
| ADL-N | N0 | 06-be-00/19 | 0000001a | 0000001c | Core i3-N305/N300, N50/N97/N100/N200,
Atom x7211E/x7213E/x7425E
| AZB | A0/R0 | 06-9a-04/40 | 00000007 | 00000009 | Intel(R) Atom(R) C1100
| CFL-H | R0 | 06-9e-0d/22 | 00000100 | 00000102 | Core Gen9 Mobile
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000f8 | 000000fa | Core Gen8 Desktop, Mobile,
Xeon E
| EMR-SP | A0 | 06-cf-01/87 | 21000283 | 21000291 | Xeon Scalable Gen5
| EMR-SP | A1 | 06-cf-02/87 | 21000283 | 21000291 | Xeon Scalable Gen5
| ICL-D | B0 | 06-6c-01/10 | 010002b0 | 010002c0 | Xeon D-17xx, D-27xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003e7 | 0d0003f5 | Xeon Scalable Gen3
| RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012b | 0000012c | Core Gen13/Gen14
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004123 | 00004124 | Core Gen13
| RPL-HX/S | C0 | 06-bf-02/07 | 00000037 | 00000038 | Core Gen13/Gen14
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004123 | 00004124 | Core Gen13
| RPL-S | H0 | 06-bf-05/07 | 00000037 | 00000038 | Core Gen13/Gen14
| RKL-S | B0 | 06-a7-01/02 | 00000062 | 00000063 | Core Gen11
| SPR-HBM | Bx | 06-8f-08/10 | 2c000390 | 2c0003e0 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4
| TWL | N0 | 06-be-00/19 | 0000001a | 0000001c | Core i3-N305/N300, N50/N97/N100/N200,
Atom x7211E/x7213E/x7425E
### New Disclosures Updated in Prior Releases
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CFL-H/S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9
- Intel CPU Microcode was updated to the 20241112 release (bsc#1233313)
- CVE-2024-21853: Faulty finite state machines (FSMs) in the hardware
logic in some 4th and 5th Generation Intel Xeon Processors may allow
an authorized user to potentially enable denial of service via local
access. Security updates for
[INTEL-SA-01101](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01101.html)
- CVE-2024-23918: Improper conditions check in some Intel
Xeon processor memory controller configurations when using
Intel SGX may allow a privileged user to potentially enable
escalation of privilege via local access. Security updates for
[INTEL-SA-01079](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01079.html)
- CVE-2024-21820: Incorrect default permissions in some Intel
Xeon processor memory controller configurations when using
Intel SGX may allow a privileged user to potentially enable
escalation of privilege via local access. Security updates for
[INTEL-SA-01079](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01079.html)
- CVE-2024-24968: Improper finite state machines (FSMs)
in hardware logic in some Intel Processors may allow
an privileged user to potentially enable a denial of
service via local access. Updated security updates for
[INTEL-SA-01097](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html)
- CVE-2024-23984: Observable discrepancy in RAPL interface for some
Intel Processors may allow a privileged user to potentially enable
information disclosure via local access Updated security updates for
[INTEL-SA-01103](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html)
- Update for functional issues.
- Refer to [Intel Core Ultra Processor](https://cdrdv2.intel.com/v1/dl/getContent/792254) for details.
- Refer to [14th/13th Generation Intel Core Processor Specification
Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details.
- Refer to [12th Generation Intel Core Processor
Family](https://cdrdv2.intel.com/v1/dl/getContent/682436) for details.
- Refer to [5th Gen Intel Xeon Scalable Processors Specification
Update](https://cdrdv2.intel.com/v1/dl/getContent/793902) for details.
- Refer to [4th Gen Intel Xeon Scalable Processors Specification
Update](https://cdrdv2.intel.com/v1/dl/getContent/772415) for details.
- Refer to [3rd Generation Intel Xeon Processor Scalable Family
Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)
for details.
- Refer to [Intel Xeon D-2700 Processor Specification
Update](https://cdrdv2.intel.com/v1/dl/getContent/714071) for details.
- Refer to [Intel Xeon D-1700 and D-1800 Processor Family Specification
Update](https://cdrdv2.intel.com/v1/dl/getContent/714069) for details
New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ADL | C0 | 06-97-02/07 | 00000036 | 00000037 | Core Gen12
| ADL | H0 | 06-97-05/07 | 00000036 | 00000037 | Core Gen12
| ADL | L0 | 06-9a-03/80 | 00000434 | 00000435 | Core Gen12
| ADL | R0 | 06-9a-04/80 | 00000434 | 00000435 | Core Gen12
| EMR-SP | A0 | 06-cf-01/87 | 21000230 | 21000283 | Xeon Scalable Gen5
| EMR-SP | A1 | 06-cf-02/87 | 21000230 | 21000283 | Xeon Scalable Gen5
| MTL | C0 | 06-aa-04/e6 | 0000001f | 00000020 | Core™ Ultra Processor
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004122 | 00004123 | Core Gen13
| RPL-HX/S | C0 | 06-bf-02/07 | 00000036 | 00000037 | Core Gen13/Gen14
| RPL-S | H0 | 06-bf-05/07 | 00000036 | 00000037 | Core Gen13/Gen14
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004122 | 00004123 | Core Gen13
| SPR-SP | E3 | 06-8f-06/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4
New Disclosures Updated in Prior Releases:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ICL-D | B0 | 06-6c-01/10 | 010002b0 | N/A | Xeon D-17xx/D-18xx,
D-27xx/D-28xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003e7 | N/A | Xeon Scalable Gen3
- Intel CPU Microcode was updated to the 20241029 release
Update for functional issues. Refer to [14th/13th
Generation Intel Core Processor Specification
Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details.
Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| RPL-E/HX/S | B0 | 06-b7-01/32 | 00000129 | 0000012b | Core Gen13/Gen14
ImportantSUSE bug 1233313SUSE bug 1237096CVE-2024-21820 at SUSECVE-2024-21820 at NVDCVE-2024-21853 at SUSECVE-2024-21853 at NVDCVE-2024-23918 at SUSECVE-2024-23918 at NVDCVE-2024-23984 at SUSECVE-2024-23984 at NVDCVE-2024-24968 at SUSECVE-2024-24968 at NVDCVE-2024-31068 at SUSECVE-2024-31068 at NVDCVE-2024-36293 at SUSECVE-2024-36293 at NVDCVE-2024-37020 at SUSECVE-2024-37020 at NVDCVE-2024-39355 at SUSECVE-2024-39355 at NVDcpe:/o:suse:sl-micro:6.1Security update for google-osconfig-agent (Moderate)SUSE Linux Micro 6.1
This update for google-osconfig-agent fixes the following issues:
Update to version 20250416.02 (bsc#1244304, bsc#1244503)
* defaultSleeper: tolerate 10% difference to reduce test flakiness (#810)
* Add output of some packagemanagers to the testdata (#808)
From version 20250416.01:
* Refactor OS Info package (#809)
From version 20250416.00:
* Report RPM inventory as YUM instead of empty SoftwarePackage
when neither Zypper nor YUM are installed. (#805)
From version 20250414.00:
* Update hash computation algorithm (#799)
Update to version 20250320.00:
* Bump github.com/envoyproxy/protoc-gen-validate from 1.1.0 to 1.2.1 (#797)
* Bump go.opentelemetry.io/otel/sdk/metric from 1.32.0 to 1.35.0 (#793)
* Bump cel.dev/expr from 0.18.0 to 0.22.0 (#792)
* Bump github.com/golang/glog from 1.2.3 to 1.2.4 in the go_modules group (#785)
* Bump cloud.google.com/go/logging from 1.12.0 to 1.13.0 (#774)
* Add tests for retryutil package. (#795)
* Update OWNERS (#794)
* Use separate counters for pre- and post-patch reboots. (#788)
* Update owners (#789)
* Fix the vet errors for contants in logging (#786)
* change available package check (#783)
* Fix Inventory reporting e2e tests. (#782)
* fix e2e tests (#781)
- Add -buildmode=pie to go build command line (bsc#1239948)
ModerateSUSE bug 1212418SUSE bug 1212759SUSE bug 1239948SUSE bug 1244304SUSE bug 1244503CVE-2024-45339 at SUSECVE-2024-45339 at NVDcpe:/o:suse:sl-micro:6.1Security update for python311 (Important)SUSE Linux Micro 6.1
This update for python311 fixes the following issues:
- CVE-2025-8194: Fixed tar archives with negative offsets leading to infinite loop and deadlock (bsc#1247249)
ImportantSUSE bug 1247249CVE-2025-8194 at SUSECVE-2025-8194 at NVDcpe:/o:suse:sl-micro:6.1Security update for gdk-pixbuf (Important)SUSE Linux Micro 6.1
This update for gdk-pixbuf fixes the following issues:
- CVE-2025-6199: Fixed uninitialized memory leading to arbitrary memory leak (bsc#1245227)
- CVE-2025-7345: Fixed heap buffer overflow within the gdk_pixbuf__jpeg_image_load_increment function (bsc#1246114)
ImportantSUSE bug 1245227SUSE bug 1246114CVE-2025-6199 at SUSECVE-2025-6199 at NVDCVE-2025-7345 at SUSECVE-2025-7345 at NVDcpe:/o:suse:sl-micro:6.1Security update for net-tools (Moderate)SUSE Linux Micro 6.1
This update for net-tools fixes the following issues:
- Fixed stack buffer overflow in parse_hex, proc_gen_fmt, ax25 and netrom (bsc#1248687)
- CVE-2025-46836: Fixed stack buffer overflow caused by the absence of bound checks (bsc#1243581)
ModerateSUSE bug 1243581SUSE bug 1246608SUSE bug 1248410SUSE bug 1248687SUSE bug 142461SUSE bug 430864SUSE bug 544339CVE-2025-46836 at SUSECVE-2025-46836 at NVDcpe:/o:suse:sl-micro:6.1Security update for pam (Moderate)SUSE Linux Micro 6.1
This update for pam fixes the following issues:
- CVE-2024-10041: Fixed hashed password leak (bsc#1232234)
ModerateSUSE bug 1232234CVE-2024-10041 at SUSECVE-2024-10041 at NVDcpe:/o:suse:sl-micro:6.1Security update for sevctl (Moderate)SUSE Linux Micro 6.1
This update for sevctl fixes the following issues:
- CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch (bsc#1242618)
- CVE-2024-12224: idna: Fixed Punycode improper validation (bsc#1243860)
ModerateSUSE bug 1242618SUSE bug 1243860CVE-2024-12224 at SUSECVE-2024-12224 at NVDCVE-2025-3416 at SUSECVE-2025-3416 at NVDcpe:/o:suse:sl-micro:6.1Security update for haproxy (Moderate)SUSE Linux Micro 6.1
This update for haproxy fixes the following issues:
Update to version 2.8.11+git0.01c1056a4:
* VUL-0: CVE-2024-53008: haproxy: HTTP/3 request smuggling via malformed HTTP headers forwarded to a HTTP/1.1 non-compliant back-end server (bsc#1233973)
* BUG/MINOR: cfgparse-listen: fix option httpslog override warning message
* BUG/MEDIUM: promex: Wait to have the request before sending the response
* BUG/MEDIUM: cache/stats: Wait to have the request before sending the response
* BUG/MEDIUM: queue: implement a flag to check for the dequeuing
* BUG/MINOR: clock: validate that now_offset still applies to the current date
* BUG/MINOR: clock: make time jump corrections a bit more accurate
* BUG/MINOR: polling: fix time reporting when using busy polling
* BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state
* BUG/MEDIUM: pattern: prevent UAF on reused pattern expr
* BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg()
* BUG/MEDIUM: clock: detect and cover jumps during execution
* REGTESTS: fix random failures with wrong_ip_port_logging.vtc under load
* DOC: configuration: place the HAPROXY_HTTP_LOG_FMT example on the correct line
* BUG/MINOR: pattern: do not leave a leading comma on "set" error messages
* BUG/MINOR: pattern: pat_ref_set: return 0 if err was found
* BUG/MINOR: pattern: pat_ref_set: fix UAF reported by coverity
* BUG/MINOR: stconn: Request to send something to be woken up when the pipe is full
* BUG/MEDIUM: mux-pt/mux-h1: Release the pipe on connection error on sending path
* BUG/MEDIUM: clock: also update the date offset on time jumps
* DOC: config: correct the table for option tcplog
* BUG/MINOR: h3: properly reject too long header responses
* BUG/MINOR: proto_uxst: delete fd from fdtab if listen() fails
* BUG/MINOR: mux-quic: do not send too big MAX_STREAMS ID
* REGTESTS: mcli: test the pipelined commands on master CLI
* BUG/MEDIUM: mworker/cli: fix pipelined modes on master CLI
* MINOR: channel: implement ci_insert() function
* BUG/MINOR: proto_tcp: keep error msg if listen() fails
* BUG/MINOR: proto_tcp: delete fd from fdtab if listen() fails
* BUG/MINOR: quic/trace: make quic_conn_enc_level_init() emit NEW not CLOSE
* BUG/MINOR: trace/quic: make "qconn" selectable as a lockon criterion
* BUG/MINOR: trace: automatically start in waiting mode with "start <evt>"
* BUG/MEDIUM: trace: fix null deref in lockon mechanism since TRACE_ENABLED()
* BUG/MINOR: trace/quic: permit to lock on frontend/connect/session etc
* BUG/MINOR: trace/quic: enable conn/session pointer recovery from quic_conn
* BUG/MINOR: fcgi-app: handle a possible strdup() failure
* BUG/MEDIUM: mux-h2: Propagate term flags to SE on error in h2s_wake_one_stream
* BUG/MEDIUM: h2: Only report early HTX EOM for tunneled streams
* BUG/MEDIUM: http-ana: Report error on write error waiting for the response
* BUG/MEDIUM: quic: prevent conn freeze on 0RTT undeciphered content
* BUG/MEDIUM: stconn: Report error on SC on send if a previous SE error was set
* BUG/MEDIUM: mux-h1: Properly handle empty message when an error is triggered
* BUG/MEDIUM: cli: Always release back endpoint between two commands on the mcli
* BUG/MEDIUM: stream: Prevent mux upgrades if client connection is no longer ready
* BUG/MEDIUM: init: fix fd_hard_limit default in compute_ideal_maxconn
* MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD (take #2)
* BUG/MEDIUM: queue: deal with a rare TOCTOU in assign_server_and_queue()
* MINOR: queue: add a function to check for TOCTOU after queueing
* BUG/MEDIUM: jwt: Clear SSL error queue on error when checking the signature
* BUG/MINOR: quic: Lack of precision when computing K (cubic only cc)
* BUG/MINOR: cli: Atomically inc the global request counter between CLI commands
* BUG/MINOR: server: Don't warn fallback IP is used during init-addr resolution
* BUG/MINOR: stick-table: fix crash for src_inc_gpc() without stkcounter
* DOC: config: improve the http-keep-alive section
* DOC: configuration: issuers-chain-path not compatible with OCSP
* BUG/MEDIUM: ssl_sock: fix deadlock in ssl_sock_load_ocsp() on error path
* BUG/MEDIUM: debug/cli: fix "show threads" crashing with low thread counts
* BUG/MINOR: session: Eval L4/L5 rules defined in the default section
* BUG/MEDIUM: bwlim: Be sure to never set the analyze expiration date in past
* BUG/MEDIUM: spoe: Be sure to create a SPOE applet if none on the current thread
* BUG/MEDIUM: h1: Reject empty Transfer-encoding header
* BUG/MINOR: h1: Reject empty coding name as last transfer-encoding value
* BUG/MINOR: h1: Fail to parse empty transfer coding names
* BUG/MINOR: jwt: fix variable initialisation
* DOC: configuration: update maxconn description
* BUG/MINOR: jwt: don't try to load files with HMAC algorithm
* MEDIUM: ssl: initialize the SSL stack explicitely
* DOC: configuration: more details about the master-worker mode
* BUG/MEDIUM: quic: fix possible exit from qc_check_dcid() without unlocking
* BUG/MINOR: quic: fix race-condition on trace for CID retrieval
* BUG/MINOR: quic: fix race condition in qc_check_dcid()
* BUG/MEDIUM: quic: fix race-condition in quic_get_cid_tid()
* BUG/MEDIUM: h3: ensure the ":scheme" pseudo header is totally valid
* BUG/MEDIUM: h3: ensure the ":method" pseudo header is totally valid
* MINOR: activity: make the memory profiling hash size configurable at build time
* BUG/MINOR: hlua: report proper context upon error in hlua_cli_io_handler_fct()
* BUG/MINOR: quic: fix BUG_ON() on Tx pkt alloc failure
* BUG/MINOR: mux-quic: fix crash on qcs SD alloc failure
* BUG/MINOR: h3: fix crash on STOP_SENDING receive after GOAWAY emission
* DOC: api/event_hdl: small updates, fix an example and add some precisions
* SCRIPTS: git-show-backports: do not truncate git-show output
* DOC: configuration: fix alphabetical order of bind options
* DOC: management: rename show stats domain cli "dns" to "resolvers"
* DOC/MINOR: management: add missed -dR and -dv options
* BUG/MINOR: proxy: fix header_unique_id leak on deinit()
* BUG/MINOR: proxy: fix source interface and usesrc leaks on deinit()
* BUG/MINOR: proxy: fix dyncookie_key leak on deinit()
* BUG/MINOR: proxy: fix check_{command,path} leak on deinit()
* BUG/MINOR: proxy: fix log_tag leak on deinit()
* BUG/MINOR: proxy: fix server_id_hdr_name leak on deinit()
* BUG/MINOR: quic: fix computed length of emitted STREAM frames
* [RELEASE] Released version 2.8.10
* BUG/MEDIUM: quic: don't blindly rely on unaligned accesses
* BUG/MAJOR: connection: fix server used_conns with H2 + reuse safe
* BUG/MEDIUM: http_ana: ignore NTLM for reuse aggressive/always and no H1
* BUG/MAJOR: server: do not delete srv referenced by session
* MINOR: session: rename private conns elements
* BUG/MEDIUM: quic: fix connection freeze on post handshake
* BUG/MEDIUM: server: fix dynamic servers initial settings
* BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
* CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume()
* BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path
* BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
* BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
* BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
* CLEANUP: hlua: use hlua_pusherror() where relevant
* BUG/MINOR: quic: prevent crash on qc_kill_conn()
* BUG/MINOR: hlua: use CertCache.set() from various hlua contexts
* BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
* BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
* BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
* BUG/MINOR: activity: fix Delta_calls and Delta_bytes count
* BUG/MINOR: ssl/ocsp: init callback func ptr as NULL
* CLEANUP: ssl/ocsp: readable ifdef in ssl_sock_load_ocsp
* BUILD: fd: errno is also needed without poll()
* CI: scripts: fix build of vtest regarding option -C
* REGTESTS: acl_cli_spaces: avoid a warning caused by undefined logs
* DOC: config: fix incorrect section reference about custom log format
* DOC: quic: specify that connection migration is not supported
* BUG/MINOR: server: Don't reset resolver options on a new default-server line
* BUG/MINOR: http-htx: Support default path during scheme based normalization
* BUG/MINOR: quic: adjust restriction for stateless reset emission
* MEDIUM: config: prevent communication with privileged ports
* BUILD: quic: fix unused variable warning when threads are disabled
* BUG/MEDIUM: mux-quic: Create sedesc in same time of the QUIC stream
* BUG/MEDIUM: quic_tls: prevent LibreSSL < 4.0 from negotiating CHACHA20_POLY1305
* BUG/MAJOR: quic: Crash with TLS_AES_128_CCM_SHA256 (libressl only)
* BUG/MINOR: connection: parse PROXY TLV for LOCAL mode
* DOC: configuration: update the crt-list documentation
* CLEANUP: ssl/cli: remove unused code in dump_crtlist_conf
* BUG/MINOR: stats: Don't state the 303 redirect response is chunked
* BUG/MINOR: htpp-ana/stats: Specify that HTX redirect messages have a C-L header
* BUG/MEDIUM: fd: prevent memory waste in fdtab array
* BUILD: stick-tables: better mark the stktable_data as 32-bit aligned
* BUG/MEDIUM: h1: Reject CONNECT request if the target has a scheme
* BUG/MINOR: h1: Check authority for non-CONNECT methods only if a scheme is found
* BUG/MEDIUM: stick-tables: properly mark stktable_data as packed
* BUG/MEDIUM: htx: mark htx_sl as packed since it may be realigned
* BUG/MINOR: qpack: fix error code reported on QPACK decoding failure
* BUG/MINOR: mux-quic: fix error code on shutdown for non HTTP/3
* BUG/MINOR: log: smp_rgs array issues with inherited global log directives
* BUG/MINOR: log: keep the ref in dup_logger()
* MINOR: log: add dup_logsrv() helper function
* DOC: lua: fix filters.txt file location
* BUG/MINOR: haproxy: only tid 0 must not sleep if got signal
* BUILD: clock: improve check for pthread_getcpuclockid()
* BUG/MINOR: mworker: reintroduce way to disable seamless reload with -x /dev/null
* BUG/MINOR: h1: fix detection of upper bytes in the URI
* BUG/MINOR: backend: use cum_sess counters instead of cum_conn
* BUG/MINOR: fd: my_closefrom() on Linux could skip contiguous series of sockets
* BUG/MINOR: sock: handle a weird condition with connect()
* BUG/MINOR: stconn: Fix sc_mux_strm() return value
* BUG/MEDIUM: cache: Vary not working properly on anything other than accept-encoding
* BUG/MINOR: server: fix slowstart behavior
* BUG/MEDIUM: peers: Fix exit condition when max-updates-at-once is reached
* BUG/MEDIUM: spoe: Always retry when an applet fails to send a frame
* BUG/MEDIUM: applet: Fix applet API to put input data in a buffer
* BUG/MEDIUM: evports: do not clear returned events list on signal
* BUG/MEDIUM: stconn: Don't forward channel data if input data must be filtered
* BUG/MEDIUM: grpc: Fix several unaligned 32/64 bits accesses
* MINOR: net_helper: Add support for floats/doubles.
* CI: revert kernel addr randomization introduced in 3a0fc864
* BUG/MEDIUM: peers/trace: fix crash when listing event types
* BUG/MINOR: debug: make sure DEBUG_STRICT=0 does work as documented
* BUG/MINOR: http-ana: Fix TX_L7_RETRY and TX_D_L7_RETRY values
* BUG/MEDIUM: http-ana: Deliver 502 on keep-alive for fressh server connection
* CLEANUP: log: lf_text_len() returns a pointer not an integer
* BUG/MINOR: log: invalid snprintf() usage in sess_build_logline()
* BUG/MINOR: tools/log: invalid encode_{chunk,string} usage
* BUG/MINOR: log: fix lf_text_len() truncate inconsistency
* BUG/MINOR: listener: always assign distinct IDs to shards
* BUG/MINOR: cli: Report an error to user if command or payload is too big
* [RELEASE] Released version 2.8.9
* BUILD: proxy: Replace free_logformat_list() to manually release log-format
* [RELEASE] Released version 2.8.8
* BUG/MINOR: proxy: fix logformat expression leak in use_backend rules
* BUG/MINOR: backend: properly handle redispatch 0
* BUG/MINOR: server: ignore 'enabled' for dynamic servers
* BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n
* MINOR: cli: Remove useless loop on commands to find unescaped semi-colon
* MINOR: server: allow cookie for dynamic servers
* BUG/MINOR: server: fix persistence cookie for dynamic servers
* BUG/MINOR: ssl: Detect more 'ocsp-update' incompatibilities
* BUG/MINOR: ssl: Wrong ocsp-update "incompatibility" error message
* BUG/MINOR: server: 'source' interface ignored from 'default-server' directive
* OPTIM: http_ext: avoid useless copy in http_7239_extract_{ipv4,ipv6}
* BUG/MEDIUM: mux-fcgi: Properly handle EOM flag on end-of-trailers HTX block
* BUG/MINOR: mux-quic: close all QCS before freeing QCC tasklet
* BUG/MEDIUM: ssl: Fix crash in ocsp-update log function
* BUG/MINOR: session: ensure conn owner is set after insert into session
* BUG/MEDIUM: spoe: Return an invalid frame on recv if size is too small
* CI: temporarily adjust kernel entropy to work with ASAN/clang
* BUG/MINOR: spoe: Be sure to be able to quickly close IDLE applets on soft-stop
* BUG/MEDIUM: spoe: Don't rely on stream's expiration to detect processing timeout
* BUG/MINOR: listener: Don't schedule frontend without task in listener_release()
* BUG/MINOR: listener: Wake proxy's mngmt task up if necessary on session release
* BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread (2nd try)
* MINOR: hlua: use accessors for stream hlua ctx
* DEBUG: lua: precisely identify if stream is stuck inside lua or not
* BUG/MINOR: hlua: fix missing lock in hlua_filter_delete()
* BUG/MINOR: hlua: missing lock in hlua_filter_new()
* BUG/MINOR: hlua: segfault when loading the same filter from different contexts
* BUG/MINOR: ssl: fix possible ctx memory leak in sample_conv_aes_gcm()
* DOC: configuration: clarify ciphersuites usage (V2)
* BUILD: solaris: fix compilation errors
* BUG/MINOR: cfgparse: report proper location for log-format-sd errors
* BUG/MINOR: ssl/cli: typo in new ssl crl-file CLI description
* CI: skip scheduled builds on forks
* BUG/MINOR: sink: fix a race condition in the TCP log forwarding code
* BUG/MINOR: hlua: don't call ha_alert() in hlua_event_subscribe()
* BUG/MAJOR: hlua: improper lock usage with hlua_ctx_resume()
* BUG/MEDIUM: hlua: improper lock usage with SET_SAFE_LJMP()
* BUG/MINOR: hlua: improper lock usage in hlua_filter_new()
* BUG/MINOR: hlua: improper lock usage in hlua_filter_callback()
* BUG/MINOR: hlua: fix possible crash in hlua_filter_new() under load
* BUG/MINOR: hlua: don't use lua_tostring() from unprotected contexts
* BUG/MINOR: hlua: fix unsafe lua_tostring() usage with empty stack
* BUG/MINOR: tools: seed the statistical PRNG slightly better
* MINOR: hlua: Be able to disable logging from lua
* BUG/MINOR: hlua: Fix log level to the right value when set via TXN:set_loglevel
* BUG/MINOR: config/quic: Alert about PROXY protocol use on a QUIC listener
* DOC: configuration: clarify ciphersuites usage
* LICENSE: http_ext: fix GPL license version
* LICENSE: event_hdl: fix GPL license version
* BUG/MINOR: ssl/cli: duplicate cleaning code in cli_parse_del_crtlist
* BUG/MINOR: ist: only store NUL byte on succeeded alloc
* BUG/MINOR: quic: fix output of show quic
* BUG/MAJOR: server: fix stream crash due to deleted server
* BUG/MINOR: stats: drop srv refcount on early release
* BUG/MINOR: ist: allocate nul byte on istdup
* MINOR: quic: warn on bind on multiple addresses if no IP_PKTINFO support
* DOC: quic: fix recommandation for bind on multiple address
* BUG/MEDIUM: quic: fix transient send error with listener socket
* BUG/MEDIUM: hlua: Don't loop if a lua socket does not consume received data
* BUG/MEDIUM: hlua: Be able to garbage collect uninitialized lua sockets
* BUG/MEDIUM: applet: Immediately free appctx on early error
* DOC: quic: Missing tuning setting in "Global parameters"
* BUG/MINOR: qpack: reject invalid dynamic table capacity
* BUG/MINOR: qpack: reject invalid increment count decoding
* BUG/MINOR: quic: reject HANDSHAKE_DONE as server
* BUG/MINOR: quic: reject unknown frame type
* BUG/MAJOR: promex: fix crash on deleted server
* MINOR: connection: add sample fetches to report per-connection glitches
* MINOR: mux-h2: implement MUX_CTL_GET_GLITCHES
* MINOR: connection: add a new mux_ctl to report number of connection glitches
* MEDIUM: mux-h2: allow to set the glitches threshold to kill a connection
* MINOR: mux-h2: always use h2c_report_glitch()
* MINOR: mux-h2: count late reduction of INITIAL_WINDOW_SIZE as a glitch
* MINOR: mux-h2: count excess of CONTINUATION frames as a glitch
* BUG/MINOR: mux-h2: count rejected DATA frames against the connection's flow control
* MINOR: mux-h2: add a counter of "glitches" on a connection
* [RELEASE] Released version 2.8.7
* BUG/MAJOR: ssl/ocsp: crash with ocsp when old process exit or using ocsp CLI
* [RELEASE] Released version 2.8.6
* DEV: makefile: fix POSIX compatibility for "range" target
* DEV: makefile: add a new "range" target to iteratively build all commits
* CI: Update to actions/cache@v4
* DOC: internal: update missing data types in peers-v2.0.txt
* DOC: install: recommend pcre2
* DOC: httpclient: add dedicated httpclient section
* DOC: configuration: clarify http-request wait-for-body
* BUILD: address a few remaining calloc(size, n) cases
* BUG/MINOR: ext-check: cannot use without preserve-env
* MINOR: ext-check: add an option to preserve environment variables
* BUG/MINOR: diag: run the final diags before quitting when using -c
* BUG/MINOR: diag: always show the version before dumping a diag warning
* MINOR: errors: ha_alert() and ha_warning() uses warn_exec_path()
* MINOR: quic: Add a counter for reordered packets
* MINOR: quic: Dynamic packet reordering threshold
* MINOR: quic: Update K CUBIC calculation (RFC 9438)
* BUG/MEDIUM: quic: Wrong K CUBIC calculation.
* MINOR: quic: Stop using 1024th of a second.
* BUG/MINOR: quic: fix possible integer wrap around in cubic window calculation
* CLEANUP: quic: Code clarifications for QUIC CUBIC (RFC 9438)
* BUG/MINOR: quic: Wrong ack ranges handling when reaching the limit.
* BUG/MEDIUM: quic: fix crash on invalid qc_stream_buf_free() BUG_ON
* BUG/MEDIUM: qpack: allow 6xx..9xx status codes
* BUG/MEDIUM: h3: do not crash on invalid response status code
* MINOR: h3: add traces for stream sending function
* BUG/MEDIUM: quic: remove unsent data from qc_stream_desc buf
* MINOR: quic: extract qc_stream_buf free in a dedicated function
* MINOR: quic: Stop hardcoding a scale shifting value (CUBIC_BETA_SCALE_FACTOR_SHIFT)
* CLEANUP: quic: Remove unused CUBIC_BETA_SCALE_FACTOR_SHIFT macro.
* BUG/MEDIUM: mux-quic: report early error on stream
* BUG/MINOR: h3: fix checking on NULL Tx buffer
* BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing
* REGTESTS: ssl: Add OCSP related tests
* REGTESTS: ssl: Fix empty line in cli command input
* BUG/MINOR: ssl: Reenable ocsp auto-update after an "add ssl crt-list"
* BUG/MINOR: ssl: Destroy ckch instances before the store during deinit
* BUG/MEDIUM: ocsp: Separate refcount per instance and per store
* MINOR: ssl: Use OCSP_CERTID instead of ckch_store in ckch_store_build_certid
* BUG/MINOR: ssl: Clear the ckch instance when deleting a crt-list line
* BUG/MINOR: ssl: Duplicate ocsp update mode when dup'ing ckch
* BUG/MINOR: ssl: Fix error message after ssl_sock_load_ocsp call
* BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions
* BUG/MEDIUM: h1: always reject the NUL character in header values
* BUG/MINOR: h1-htx: properly initialize the err_pos field
* BUG/MEDIUM: h1: Don't support LF only to mark the end of a chunk size
* BUG/MINOR: h1: Don't support LF only at the end of chunks
* BUG/MEDIUM: stconn: Don't check pending shutdown to wake an applet up
* BUG/MEDIUM: stconn: Allow expiration update when READ/WRITE event is pending
* BUG/MEDIUM: pool: fix rare risk of deadlock in pool_flush()
* BUG/MINOR: jwt: fix jwt_verify crash on 32-bit archs
* BUG/MEDIUM: cli: fix once for all the problem of missing trailing LFs
* BUG/MINOR: vars/cli: fix missing LF after "get var" output
* BUG/MEDIUM: cli: some err/warn msg dumps add LR into CSV output on stat's CLI
* REGTESTS: add a test to ensure map-ordering is preserved
* MINOR: mux-h2/traces: add a missing trace on connection WU with negative inc
* BUG/MEDIUM: mux-h2: refine connection vs stream error on headers
* MINOR: mux-h2/traces: clarify the "rejected H2 request" event
* MINOR: mux-h2/traces: explicitly show the error/refused stream states
* MINOR: mux-h2/traces: also suggest invalid header upon parsing error
* MINOR: debug: make BUG_ON() catch build errors even without DEBUG_STRICT
* MINOR: debug: make ABORT_NOW() store the caller's line number when using abort
* MINOR: debug: make sure calls to ha_crash_now() are never merged
* MINOR: compiler: add a new DO_NOT_FOLD() macro to prevent code folding
* BUG/MEDIUM: quic: keylog callback not called (USE_OPENSSL_COMPAT)
* BUG/MINOR: mux-h2: also count streams for refused ones
* BUG/MINOR: mux-quic: do not prevent non-STREAM sending on flow control
* DOC: configuration: corrected description of keyword tune.ssl.ocsp-update.mindelay
* MINOR: mux-h2: support limiting the total number of H2 streams per connection
* BUG/MEDIUM: spoe: Never create new spoe applet if there is no server up
* BUG/MEDIUM: stconn: Forward shutdown on write timeout only if it is forwardable
* BUG/MEDIUM: h3: fix incorrect snd_buf return value
* CLEANUP: quic: Remaining useless code into server part
* BUG/MINOR: h3: close connection on sending alloc errors
* BUG/MINOR: h3: properly handle alloc failure on finalize
* BUG/MINOR: h3: close connection on header list too big
* MINOR: h3: check connection error during sending
* BUG/MINOR: quic: Missing call to TLS message callbacks
* BUG/MINOR: quic: Wrong keylog callback setting.
* BUG/MINOR: mux-quic: always report error to SC on RESET_STREAM emission
* BUG/MEDIUM: stats: unhandled switching rules with TCP frontend
* MINOR: stats: store the parent proxy in stats ctx (http)
* DOC: config: Update documentation about local haproxy response
* BUG/MINOR: resolvers: default resolvers fails when network not configured
* BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
* BUG/MEDIUM: quic: QUIC CID removed from tree without locking
* BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
* BUG/MINOR: mworker/cli: fix set severity-output support
* DOC: configuration: typo req.ssl_hello_type
* [RELEASE] Released version 2.8.5
* BUG/MEDIUM: proxy: always initialize the default settings after init
* BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
* BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
* MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
* BUG/MINOR: ssl: Double free of OCSP Certificate ID
* BUG/MINOR: quic: Packet number spaces too lately initialized
* BUG/MINOR: quic: Missing QUIC connection path member initialization
* BUG/MINOR: quic: Possible leak of TX packets under heavy load
* BUG/MEDIUM: quic: Possible crash during retransmissions and heavy load
* BUG/MINOR: cache: Remove incomplete entries from the cache when stream is closed
* BUG/MEDIUM: peers: fix partial message decoding
* DOC: Clarify the differences between field() and word()
* BUG/MINOR: sample: Make the `word` converter compatible with `-m found`
* REGTESTS: sample: Test the behavior of consecutive delimiters for the field converter
* DOC: config: fix monitor-fail typo
* DOC: config: add matrix entry for "max-session-srv-conns"
* DOC: config: specify supported sections for "max-session-srv-conns"
* BUG/MINOR: cfgparse-listen: fix warning being reported as an alert
* BUG/MINOR: config: Stopped parsing upon unmatched environment variables
* BUG/MINOR: quic_tp: fix preferred_address decoding
* DOC: config: fix missing characters in set-spoe-group action
* BUG/MINOR: h3: always reject PUSH_PROMISE
* BUG/MINOR: h3: fix TRAILERS encoding
* BUG/MEDIUM: master/cli: Properly pin the master CLI on thread 1 / group 1
* BUG/MINOR: compression: possible NULL dereferences in comp_prepare_compress_request()
* BUG/MINOR: quic: fix CONNECTION_CLOSE_APP encoding
* DOC: lua: fix Proxy.get_mode() output
* DOC: lua: add sticktable class reference from Proxy.stktable
* REGTESTS: connection: disable http_reuse_be_transparent.vtc if !TPROXY
* DOC: config: fix timeout check inheritance restrictions
* DOC: 51d: updated 51Degrees repo URL for v3.2.10
* BUG/MINOR: server: do not leak default-server in defaults sections
* BUG/MINOR: quic: Possible RX packet memory leak under heavy load
* BUG/MEDIUM: quic: Possible crash for connections to be killed
* BUG/MINOR: sock: mark abns sockets as non-suspendable and always unbind them
* BUG/MINOR: startup: set GTUNE_SOCKET_TRANSFER correctly
* REGTESTS: http: add a test to validate chunked responses delivery
* BUG/MINOR: proxy/stktable: missing frees on proxy cleanup
* MINOR: stktable: add stktable_deinit function
* BUG/MINOR: stream/cli: report correct stream age in "show sess"
* BUG/MEDIUM: mux-fcgi: fail earlier on malloc in takeover()
* BUG/MEDIUM: mux-h1: fail earlier on malloc in takeover()
* BUG/MEDIUM: mux-h2: fail earlier on malloc in takeover()
* BUG/MAJOR: quic: complete thread migration before tcp-rules
* [RELEASE] Released version 2.8.4
* BUG/MINOR: stconn: Report read activity on non-indep streams for partial sends
* BUG/MINOR: stconn/applet: Report send activity only if there was output data
* BUG/MINOR: stconn: Use HTX-aware channel's functions to get info on buffer
* BUG/MINOR: stconn: Fix streamer detection for HTX streams
* MINOR: channel: Add functions to get info on buffers and deal with HTX streams
* MINOR: htx: Use a macro for overhead induced by HTX
* BUG/MEDIUM: stconn: Update fsb date on partial sends
* BUG/MEDIUM: stream: Don't call mux .ctl() callback if not implemented
* BUG/MEDIUM: mworker: set the master variable earlier
* BUG/MEDIUM: applet: Report a send activity everytime data were sent
* BUG/MEDIUM: stconn: Report a send activity everytime data were sent
* REGTESTS: http: Improve script testing abortonclose option
* BUG/MEDIUM: stream: Properly handle abortonclose when set on backend only
* MEDIUM: mux-h1: Handle MUX_SUBS_RECV flag in h1_ctl() and susbscribe for reads
* MINOR: connection: Add a CTL flag to notify mux it should wait for reads again
* BUG/MINOR: stconn: Handle abortonclose if backend connection was already set up
* BUG/MEDIUM: connection: report connection errors even when no mux is installed
* DOC: quic: Wrong syntax for "quic-cc-algo" keyword.
* BUG/MINOR: sink: don't learn srv port from srv addr
* BUG/MEDIUM: applet: Remove appctx from buffer wait list on release
* DOC: config: use the word 'backend' instead of 'proxy' in 'track' description
* BUG/MINOR: quic: fix retry token check inconsistency
* DOC: management: -q is quiet all the time
* BUG/MEDIUM: stconn: Don't update stream expiration date if already expired
* BUG/MEDIUM: quic: Avoid some crashes upon TX packet allocation failures
* BUG/MEDIUM: quic: Possible crashes when sending too short Initial packets
* BUG/MEDIUM: quic: Avoid trying to send ACK frames from an empty ack ranges tree
* BUG/MINOR: quic: idle timer task requeued in the past
* BUG/MEDIUM: pool: fix releasable pool calculation when overloaded
* BUG/MEDIUM: freq-ctr: Don't report overshoot for long inactivity period
* BUG/MINOR: mux-h1: Properly handle http-request and http-keep-alive timeouts
* BUG/MINOR: stick-table/cli: Check for invalid ipv4 key
* BUG/MEDIUM: quic: fix sslconns on quic_conn alloc failure
* BUG/MEDIUM: quic: fix actconn on quic_conn alloc failure
* CLEANUP: htx: Properly indent htx_reserve_max_data() function
* BUG/MINOR: stconn: Sanitize report for read activity
* BUG/MEDIUM: Don't apply a max value on room_needed in sc_need_room()
* BUG/MEDIUM: stconn: Don't report rcv/snd expiration date if SC cannot epxire
* BUG/MEDIUM: pattern: don't trim pools under lock in pat_ref_purge_range()
* BUG/MINOR: cfgparse/stktable: fix error message on stktable_init() failure
* BUG/MINOR: stktable: missing free in parse_stick_table()
* BUG/MINOR: tcpcheck: Report hexstring instead of binary one on check failure
* BUG/MEDIUM: ssl: segfault when cipher is NULL
* BUG/MINOR: mux-quic: fix early close if unset client timeout
* BUG/MINOR: ssl: suboptimal certificate selection with TLSv1.3 and dual ECDSA/RSA
* MEDIUM: quic: count quic_conn for global sslconns
* MEDIUM: quic: count quic_conn instance for maxconn
* MINOR: frontend: implement a dedicated actconn increment function
* BUG/MINOR: ssl: use a thread-safe sslconns increment
* BUG/MINOR: quic: do not consider idle timeout on CLOSING state
* BUG/MEDIUM: server: "proto" not working for dynamic servers
* MINOR: connection: add conn_pr_mode_to_proto_mode() helper func
* DEBUG: mux-h2/flags: fix list of h2c flags used by the flags decoder
* MINOR: lua: Add flags to configure logging behaviour
* BUG/MINOR: ssl: load correctly @system-ca when ca-base is define
* DOC: internal: filters: fix reference to entities.pdf
* BUG/MINOR: mux-h2: update tracked counters with req cnt/req err
* BUG/MINOR: mux-h2: commit the current stream ID even on reject
* BUG/MEDIUM: peers: Fix synchro for huge number of tables
* BUG/MEDIUM: peers: Be sure to always refresh recconnect timer in sync task
* BUG/MINOR: trace: fix trace parser error reporting
* BUG/MINOR: mux-h2: fix http-request and http-keep-alive timeouts again
* BUG/MEDIUM: mux-h2: Don't report an error on shutr if a shutw is pending
* BUG/MINOR: mux-h2: make up other blocked streams upon removal from list
* BUG/MINOR: mux-h1: Send a 400-bad-request on shutdown before the first request
* BUG/MEDIUM: quic-conn: free unsent frames on retransmit to prevent crash
* BUG/MINOR: mux-quic: fix free on qcs-new fail alloc
* BUG/MINOR: h3: strengthen host/authority header parsing
* BUG/MINOR: mux-quic: support initial 0 max-stream-data
* BUG/MEDIUM: mux-quic: fix RESET_STREAM on send-only stream
* BUG/MINOR: quic: reject packet with no frame
* BUG/MINOR: quic: Avoid crashing with unsupported cryptographic algos
* BUG/MEDIUM: stconn: Fix comparison sign in sc_need_room()
* BUG/MINOR: hq-interop: simplify parser requirement
* BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is also set
* BUG/MINOR: mux-h1: Ignore C-L when sending H1 messages if T-E is also set
* BUG/MINOR: mux-h1: Handle read0 in rcv_pipe() only when data receipt was tried
* BUG/MEDIUM: hlua: Initialize appctx used by a lua socket on connect only
* MINOR: hlua: Test the hlua struct first when the lua socket is connecting
* MINOR: hlua: Save the lua socket's server in its context
* MINOR: hlua: Save the lua socket's timeout in its context
* MINOR: hlua: Don't preform operations on a not connected socket
* MINOR: hlua: Set context's appctx when the lua socket is created
* BUG/MEDIUM: http-ana: Try to handle response before handling server abort
* BUG/MEDIUM: quic_conn: let the scheduler kill the task when needed
* BUG/MEDIUM: actions: always apply a longest match on prefix lookup
* BUG/MINOR: mux-quic: remove full demux flag on ncbuf release
* BUG/MEDIUM: server/cli: don't delete a dynamic server that has streams
* MINOR: pattern: fix pat_{parse,match}_ip() function comments
* BUG/MINOR: server: add missing free for server->rdr_pfx
* BUG/MAJOR: mux-h2: Report a protocol error for any DATA frame before headers
* BUG/MINOR: freq_ctr: fix possible negative rate with the scaled API
* BUG/MEDIUM: master/cli: Pin the master CLI on the first thread of the group 1
* BUG/MINOR: promex: fix backend_agg_check_status
* BUG/MEDIUM: mux-fcgi: Don't swap trash and dbuf when handling STDERR records
* BUG/MINOR: hlua/init: coroutine may not resume itself
* BUG/MEDIUM: hlua: don't pass stale nargs argument to lua_resume()
* CI: musl: drop shopt in workflow invocation
* CI: musl: highlight section if there are coredumps
* Revert "BUG/MEDIUM: quic: missing check of dcid for init pkt including a token"
* BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread
* MINOR: hlua: add hlua_stream_ctx_prepare helper function
* BUILD: quic: fix build on centos 8 and USE_QUIC_OPENSSL_COMPAT
* BUG/MINOR: quic: ssl_quic_initial_ctx() uses error count not error code
* BUG/MINOR: quic: allow-0rtt warning must only be emitted with quic bind
* BUILD: Makefile: add USE_QUIC_OPENSSL_COMPAT to make help
* MINOR: quic+openssl_compat: Emit an alert for "allow-0rtt" option
* MINOR: quic+openssl_compat: Do not start without "limited-quic"
* MINOR: quic: Warning for OpenSSL wrapper QUIC bindings without "limited-quic"
* BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels
* DOC: quic: Add "limited-quic" new tuning setting
* MINOR: quic: Add "limited-quic" new tuning setting
* MINOR: quic: SSL context initialization with QUIC OpenSSL wrapper.
* MINOR: quic: Add a quic_openssl_compat struct to quic_conn struct
* MINOR: quic: Call the keylog callback for QUIC openssl wrapper from SSL_CTX_keylog()
* MINOR: quic: Initialize TLS contexts for QUIC openssl wrapper
* MINOR: quic: Export some KDF functions (QUIC-TLS)
* MINOR: quic: Add a compilation option for the QUIC OpenSSL wrapper
* MINOR: quic: Do not enable 0RTT with SSL_set_quic_early_data_enabled()
* MINOR: quic: Set the QUIC connection as extra data before calling SSL_set_quic_method()
* MINOR: quic: Do not enable O-RTT with USE_QUIC_OPENSSL_COMPAT
* MINOR: quic: Include QUIC opensssl wrapper header from TLS stacks compatibility header
* MINOR: quic: QUIC openssl wrapper implementation
* BUG/MINOR: quic: Wrong cluster secret initialization
* BUG/MINOR: quic: Leak of frames to send.
* BUILD: bug: make BUG_ON() void to avoid a rare warning
ModerateSUSE bug 1233973CVE-2024-53008 at SUSECVE-2024-53008 at NVDcpe:/o:suse:sl-micro:6.1Security update for gstreamer-plugins-base (Moderate)SUSE Linux Micro 6.1
This update for gstreamer-plugins-base fixes the following issues:
- CVE-2025-47806: Fixed stack buffer overflow in SubRip subtitle parser (bsc#1244407).
- CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser (bsc#1244403).
- CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser (bsc#1244404).
ModerateSUSE bug 1244403SUSE bug 1244404SUSE bug 1244407CVE-2025-47806 at SUSECVE-2025-47806 at NVDCVE-2025-47807 at SUSECVE-2025-47807 at NVDCVE-2025-47808 at SUSECVE-2025-47808 at NVDcpe:/o:suse:sl-micro:6.1Security update for aide (Moderate)SUSE Linux Micro 6.1
This update for aide fixes the following issues:
- CVE-2025-54389: Fixed improper output neutralization (bsc#1247884)
- CVE-2025-54409: Fixed null pointer dereference after reading incorrectly
encoded xattr attributes from database (bsc#1247885)
ModerateSUSE bug 1247884SUSE bug 1247885CVE-2025-54389 at SUSECVE-2025-54389 at NVDCVE-2025-54409 at SUSECVE-2025-54409 at NVDcpe:/o:suse:sl-micro:6.1Security update for cloud-init (Important)SUSE Linux Micro 6.1
This update for cloud-init fixes the following issues:
Update to version 25.1.3 (bsc#1245401,bsc#1245403):
+ docs: provide example3 for PAM and ssh_pwauth behavior (#27)
+ fix: Make hotplug socket writable only by root (#25) (CVE-2024-11584)
+ fix: Don't attempt to identify non-x86 OpenStack instances (LP: #2069607)
(CVE-2024-6174)
From 25.1.2:
+ fix: ensure MAAS datasource retries on failure (#6167)
Update to version 25.1.1 (bsc#1239715,jsc#PED-8680,bsc#1228414):
+ Drop hidesensitivedata in 16 & greater
+ test: pytestify cc_chef tests, add migration test
+ chef: migrate files in old config directories for backups and cache
+ fix: correct the path for Chef's backups (#5994)
+ fix(Azure): don't reraise FileNotFoundError during ephemeral setup (#6113)
+ fix(azure): handle unexpected exceptions during obtain_lease() (#6092)
[Ksenija Stanojevic]
+ Allow to set mac_address for VLAN subinterface (#6081)
[jumpojoy] (GH: 5364)
+ fix: Remove erroneous EC2 reference from 503 warning (#6077)
+ fix: NM reload and bring up individual network conns (#6073) [Ani Sinha]
+ fix: stop warning on dual-stack request failure (#6044)
+ fix: install_method: pip cannot find ansible-pull command path (#6021)
[Hasan Aliyev] (GH: 5720)
+ fix: Fix DataSourceAliYun exception_cb signature (#6068) (GH: 6066)
+ fix: Update OauthUrlHelper to use readurl exception_cb signature
(GH: 6065)
+ test: add OauthUrlHelper tests
+ test: Remove CiTestCase from test_url_helper.py
+ test: pytestify test_url_helper.py
+ fix: track more removed modules (#6043)
From 25.1:
+ ci: fix post-merge packaging CI (#6038)
+ feat(azure): Fix imds-based ssh_pwauth (#6002) [Ksenija Stanojevic]
+ ci: check for sorted patches (#6036)
+ feat: aliyun datasource support crawl metadata at once (#5942)
[jinkangkang]
+ docs: document /usr merge breaking change (#6032)
+ test: Add integration test for /var mounts (#6033)
+ test: Ensure pre-24.2 custom modules work (#6034)
+ doc: Update references to older keys (#6022) [Pedro Ribeiro]
+ fix: untyped-defs in tests/unittests/{config, net, sources} (#6023)
[Romain]
+ fix: don't reference PR in post-merged CI (#6019)
+ chore: explicitly skip broken ansible integration tests (#5996) [a-dubs]
+ tests(oracle): fix test_install_missing_deps apt race condition (#5996)
[a-dubs]
+ test(oracle): fix test_ubuntu_drivers_installed (#5996) [a-dubs]
+ test(oracle): fix test_frequency_override integration test (#5996)
[a-dubs]
+ chore: add type hint to IntegrationCloud's cloud_instance field (#5996)
[a-dubs]
+ test(oracle): fix modules/test_lxd.py::test_storage_lvm on noble (#5996)
[a-dubs]
+ commit 9e591fff266be9d4c83f74ec02a717b74993304d [a-dubs]
+ net/sysconfig: do not remove all existing settings of
/etc/sysconfig/network (#5991) [Ani Sinha] (GH: 5990)
+ fix: remove wrong return when checking if network necessary (#6013)
+ fix: typing for rsyslog, ubuntu_pro, power_state_change (#5985)
[MostafaTarek124eru]
+ fix: Retry on OpenStack HTTP status codes (#5943) [weiyang] (GH: 5687)
+ fix: Ensure fqdn is treated as string in get_hostname_fqdn (#5993)
[MKhatibzadeh] (GH: 5989)
+ feat(vmware): Convert imc network config to v2 (#5937) [PengpengSun]
+ ci: add upstream post-merge test
+ ci: check if upstream commit causes ubuntu patch conflicts
+ ci: organize cla tests together
+ test: eliminate obsolete cases, add non-error case
+ chore: remove redundant manual schema validation
+ doc: clarify subiquity docs
+ chore: cleanup `len' usage (#5956) [Shreenidhi Shedi]
+ Fix: GCE _get_data crashes if DHCP lease fails (#5998) [Bryan Fraschetti]
+ Fixes GH-5997
+ fix: correct the path for Chef's cache (#5994)
[MostafaTarek124eru] (GH: 5090)
+ fix: Run ansible with run_user instead of root for distro install_method
(#5986) [Amirhossein Shaerpour] (GH: 4092)
+ fix: retry AWS hotplug for async IMDS (#5995) (GH: 5373)
+ feat(integration_tests): add optional INSTANCE_TYPE setting (#5988)
[Alec Warren]
+ feat(integration-tests): set boto3 and botocore to INFO to prevent
log spamming [a-dubs]
+ ci: add 'tox -e integration-tests-fast' command [a-dubs]
+ chore: Add feature flag for manual network waiting (#5977)
+ Release 24.4.1
+ fix: Use /usr/lib/ rather than /lib in packaging code (#5970)
+ Use log_with_downgradable_level for user password warnings (#5927)
[Ani Sinha]
+ doc: change to hyphenated keys (#5909) (GH: 5555)
+ fix: Wait for udev on openstack (#5947) [Robert Schweikert] (GH: 4125)
+ test: disambiguate resource cleanup from test failure (#5926)
+ fix: use program name of netcat as installed by upstream, "nc" (#5933)
(#5933) [Andreas K. H?ttel]
+ ci: bump canonical/setup-lxd to version v0.1.2 (#5948)
+ feat(cc_chef): Allow change of Chef configuration file (#5925)
[Sean Smith]
+ docs: fix typo in generated file in LXD tutorial (#5941) [Pavel Shpak]
+ feat: Identify Samsung Cloud Platform as OpenStack (#5924) [us0310306]
+ fix: don't deadlock when starting network service with systemctl (#5935)
+ feat: Custom keys for apt archives (#5828) [Bryan Fraschetti] (GH: 5473)
+ test: improve test initialization error path (#5920)
+ chore: improve logging when lxd detection fails (#5919)
+ fix: Add "manual" to allowed subnet types (#5875)
[Math Marchand] (GH: 5769)
+ fix: remove bad ssh_svcname setting for Gentoo/OpenRC (#5918)
[Andreas K. H?ttel]
+ feat(gentoo): Add compatibility for Gentoo with systemd (#5918)
[Andreas K. H?ttel]
+ fix(ovf): no warning should be log when rpctool found no value (#5915)
[PengpengSun] (GH: 5914)
+ Move DS VMware to be in front of DS OVF (#5912) [PengpengSun] (GH: 4030)
+ ci: Add proper 'Breaks: ' to integration testing simple deb (#5923)
+ chore: Add akhuettel to CLA signers file (#5917) [Andreas K. H?ttel]
+ chore: eliminate calls at import time (#5889) (GH: 5344)
+ test: Add pyserial to test-requirements.txt (#5907)
+ test: Allow unknown size in growpart test (#5876)
+ doc: Update tutorials [Sally]
+ fix: bump azure key size to 3072 (#5841)
24.4.1:
+ fix: Ensure _should_wait_via_user_data() handles all user data types (#5976)
+ fix: Don't log error in wait_for_url (#5972)
+ feat(url_helper): Retry on 503 error (#5938)
+ fix: Don't break modules that use get_meta_doc() (#5953)
+ refactor: Pass deprecation log args as tuple (#5953)
+ fix: uninstall custom signal handlers before shutdown (#5913)
24.4:
+ test: Ensure unit ordering in ftp tests includes downstream units (#5892)
+ test: re-decrement expected webhook events (#5894)
+ test: allow relative path in apt-get test (#5891)
+ Fix metric setting of nmconnection for rhel (#5878) [Amy Chen]
+ chore: remove unused code(#5887)
+ feat(ephemeral): replace old has_url_connectivity() with new
_check_connectivity_to_imds() [a-dubs]
+ feat(oracle): add true single stack ipv6 support [a-dubs]
+ feat(ephemeral): refactor ephemeralIP and add ipv6 connectivity check
[a-dubs]
+ test: Decrement expected webhook events (#5888)
+ chore: remove `--docs` option from `cloud-init schema` (#5857) (GH: 5756)
+ test: pytestify "tests/unittests/config/test_cc_timezone.py" (#5885)
[Mahesh Ghumare]
+ ci: bump integration tests to use plucky
+ test: add grub_dpkg to inactive modules
+ test: move default behavior tests into their own module
+ test(apt): add plucky version for hello pkg (#5883)
+ Docs: improved mermaid diagram for better visibility. Add "MaheshG11"
as contributor (#5874) [Mahesh Ghumare] (GH: 5837)
+ fix(ntp): Fix RockyLinux OS support (#5864) [Sid Shukla]
+ chore(jsonschema): migrate from deprecated Validator.iter_errors (#5856)
+ chore: remove deprecation warning getting jsonschema's version (#5856)
+ chore: use filter arg for tar.extractall (#5856)
+ chore: remove __init__ from pytest test class (#5856)
+ chore: do not test element's truth value directly (#5856)
+ chore: migrate from deprecated datetime.datetime.utcfromtimestamp (#5856)
+ chore: migrate from deprecated datetime.datetime.utcnow() (#5856)
+ chore: set recursive=False for ensure_dir if parent path is "/" (#5816)
[sxt1001]
+ ci: fix broken daily dependencies (#5867)
+ ci: fix packaging tests (#5865)
+ feat(vultr): add override for network interface detection (#5847)
[Andrew Davis]
+ feat(networkd): Support RequiredForOnline option (#5852) [Dan McGregor]
+ Prevent NM from handling DNS when network interfaces have DNS config
(#5846) [Ani Sinha]
+ fix(smartos): Add `addrconf` IPv6 support (#5831)
[blackhelicoptersdotnet]
+ freebsd: adjust to match the new pyyaml package name (#5844)
[Gon?ri Le Bouder]
+ fix: disable grub-dpkg by default (#5840)
+ fix(openbsd): Enable sysv init scripts in OpenBSD build script (#5790)
[Hyacinthe Cartiaux] (LP: 4036, #1992853)
+ test: Fix duplicate judgment conditions in password generation (#5835)
[sxt1001]
+ chore: don't render non-templated unit files (#5830)
+ chore: simplify and standardize cloud-final.service (#5830)
+ chore: simplify Conflicts=shutdown.target (#5830)
+ chore: remove redundant Before=NetworkManager.service (#5830)
+ chore: remove unnecessary systemd settings (#5830)
+ chore: eliminate redundant ordering dependencies (#5819)
+ fix: fix ordering cycle for distros with default deps (#5819) (GH: 5755)
+ test: unbreak pytest-xdist (#5829)
+ feat: Conditionally remove networkd online dependency on Ubuntu (#5772)
+ feat: Ensure random passwords contain multiple character types (#5815)
[sxt1001] (GH: 5814)
+ docs: split example page into example library (#5645) [Sally]
+ doc: clarify workarounds required for single process changes (#5817)
+ chore: add 3.13 to PR CI runs, 3.14 to scheduled (#5825)
+ fix: Render v2 bridges correctly on network-manager with set-name
(#5740) (GH: 5717)
+ test: add no_thinpool unit test (#5802)
+ chore: split lxd init config into separate function (#5802)
+ test: pytestify test_cc_lxd.py (#5802)
+ fix: Correctly handle missing thinpool in cc_lxd (#5802)
+ fix: Render bridges correctly for v2 on sysconfig with set-name (#5674)
(GH: 5574)
+ tests(minimal): rsyslog not in minimal images expect warning (#5811)
+ tests(lxd): avoid failure on multiple calls to --show-log (#5811)
+ chore: update netplan import semantics and related tests (#5805)
(GH: 5804)
+ lint: fix untyped-defs on /tests/unittest/cmd (#5800) [iru]
+ test: actually use devel release and verify_clean_boot enhancements
(#5801)
+ feat(locale): locales install on minimal images when cfg requests (#5799)
+ feat(byobu): support byobu install on minimal images when cfg requests
(#5799)
+ chore: Use devel release and no sbuild in integration CI (#5798)
+ test: Update integration tests from netplan backport (#5796)
+ test: add get_syslog_or_console for minimal images without syslog (#5793)
+ chore: Remove resize_root_tmp from cloud.cfg.tmpl (#5795) (GH: 5786)
+ docs: Fix field name from `contents` to `content` (#5787) [Igor Akkerman]
+ chore: bump pycloudlib to required version (#5792)
+ fix: avoid deprecation logs for calling cli stages (#5770) (GH: 5726)
+ tests: bump pycloudlib deps to include gce bug fix for id str (#5783)
+ fix(test): convert use p.gce.instance.id instead of instance_id (#5783)
+ fix(network-manager): bond properties and network schema (#5768)
[Denis Kadyshev]
+ Fix metric setting for ifcfg network connections for rhel (#5777)
[Ani Sinha] (GH: 5776)
+ fix(akamai): handle non-string user data in base64 decoding (#5751)
[Jesse Alter]
+ fix(ci): do not auto stale issues (#5775)
+ Make pytest more verbose for easier debugging (#5778) [Ani Sinha]
+ ci: fix tox.ini pytest cmd to use cloudinit dir for coverage reporting
(#5774) [Alec Warren]
+ tests: add OS_IMAGE_TYPE setting to allow for minimal tests (#5682)
+ test(hotplug): Simplify test_multi_nic_hotplug (#5763)
+ test(hotplug): increase nc timeout (#5763)
+ test: pytestify test_main.py (#5758)
+ test(ec2-dual-stack): fix int-test (#5762)
+ test: make verify_clean_boot really respect return code (#5761)
+ test: bump timeout in test_order (#5759)
+ docs: Properly document the cc_ubuntu_autoinstall module (#5757)
+ docs: fix WSL tutorial (#5752) (GH: 5746)
+ test: make verify_clean_boot respect return code by environment (#5754)
+ feat(integration_test): add CLOUD_INIT_PKG setting (#5739)
+ fix(ci): fix packaging check merge operation (#5750)
+ doc: do not document user.meta-data key (#5745)
+ test: avoid undocumented lxd key (#5748)
+ test: Refactor test_cc_set_hostname.py and test_cc_ntp.py (#5727)
+ chore: update docs URLs to cloud-init.io (#5741)
+ test: fix timer logging change expected logs (#5734)
+ fix: type annotations for several modules (#5733)
+ chore: add timer to io and string manipulation code
+ feat: add log package and performance module
+ remove newline injected for cloud-init status --wait (#5700)
[Andrew Nelson] (GH: 5863)
+ test: webhook require_deprecation msg on 24.3 (#5731)
+ test: fix test_nocloud message typo introduced by 313390f8 (#5731)
+ test: Fix test_log_message_on_missing_version_file (#5730)
+ tests: assert info level warnings instead of require_deprecation
+ tests: fix test to ignore_warnings not require Used fallback ds
+ chore: clean up pytest warnings (#5721)
+ tests(pro): bump pycloudlib add noble release to pro tests (#5719)
+ fix(hotplugd.socket): remove basic.target as dependency (#5722)
(LP: #2081124)
+ ci: fix integration test positional argument (#5718)
+ Create datasource for CloudCIX (#1351) [BrianKelleher]
+ ci: colorize output (#5716)
+ fix(schema): Allow for locale: false in schema add tests (#5647)
+ ci: fix packaging patch check (#5713)
+ chore: clean up old pickle workaround (#5714)
+ fix: force sftp cleanup when done with instance (#5698)
+ test(hotplug): reenable vpc test in focal (#5492)
+ chore: fix typing of userdata_raw (#5710)
+ fix(NetworkManager): Fix network activator (#5620)
+ fix: lxd do not check for thinpool kernel module (#5709)
+ docs: fix typo in docstring (#5708)
+ Scaleway: Force on-link: true for static networks (#5654)
[Louis Bouchard] (LP: 5523, #2073869)
+ fix: Invalid "seedfrom" in NoCloud system configuration (#5701)
+ tests: pytestify test_nocloud.py (#5701)
+ test: make verify_clean_boot respect return code by series (#5695)
+ fix: use cross-distro netcat name (#5696)
+ ci: fix labeler (#5697)
+ chore(actions): add packaging label for any branches modifying debian/*
+ (#5693)
+ test: add verify_clean_boot() calls alongside verify_clean_log() (#5671)
+ test: add deprecation support to verify_clean_boot (#5671)
+ doc: remove misleading warning (#5681)
+ chore: Prefer other methods over $INSTANCE_ID (#5661)
+ ci: fix packaging test when no patches (#5680)
+ chore: fix tip-ruff and update to latest version (#5676)
+ chore: make ansible test serial (#5677)
+ feat(ec2): Bump url_max_timeout to 240s from 120s. (#5565)
[Robert Nickel]
+ chore: fix typo in requirements.txt (#5637)
+ feat: make pyserial an optional dependency (#5637)
+ chore: bump ci dependency versions (#5660)
+ chore: drop broken optimization (#5666)
24.3.1:
+ test: add test coverage for iproute2 commands (#5651)
+ fix(netops): fix ip addr flush command (#5651) (GH: 5648)
24.3:
+ docs: Clarify v2 set-name behavior (#5639)
+ fix: properly handle blank lines in fstab (#5643)
+ fix: cc_user_groups incorrectly assumes "useradd" never locks password
field (#5355) [dermotbradley]
+ tests: assert cloud-init user-data cert is the only root cert (#5641)
+ feat: add automation for ubuntu/* branches asserting quilt patches apply
(#5622)
+ fix(sources/wsl): no error with empty .cloud-init dir (SC-1862) (#5633)
+ feat(azure): add PPS support for azure-proxy-agent (#5601)
[Ksenija Stanojevic]
+ fix(tests): use instance.clean/restart instead of clean --reboot (#5636)
+ test: fix cmd/test_schema int test (#5629)
+ test: fix test_honor_cloud_dir int test (#5627)
+ docs: alphabetize dsname lookup table. update comment to create the csv
(#5624)
+ docs: new datasources should update reference/ds_dsname_map (#5624)
+ test: fix ca_certs int test (#5626)
+ chore: update schema docs to use RST bold for config key names (#5562)
+ fix(doc): italics around deprecation prefix, description bolds key names
(#5562)
+ feat(doc): add env vars to debug config module doc builds (#5562)
+ fix(doc): doc of nested objects under JSON schema items.oneOf (#5562)
+ fix(doc): object type check if patternProperties or properties (#5562)
+ doc(schema): schema descriptions should end with trailing stop (#5562)
+ fix(wsl): Properly assemble multipart data (#5538) [Carlos Nihelton]
+ feat: collect-logs improvements (#5619)
+ tests: fix test_ca_certs.py for gcp (#5621)
+ fix(nm): Ensure bond property name formatting matches schema definition
(#5383) [Curt Moore]
+ Update behavior of base bond interface with NetworkManager (#5385)
[Curt Moore]
+ ci: Drop Python 3.6 and 3.7 (#5607)
+ chore(black): Bump version (#5607)
+ chore(mypy): Fix failures on newer versions of mypy (#5607)
+ chore(tox.ini): Simplify configuration, fix minor bugs (#5607)
+ chore(mypy): Lint log module (#5607)
+ fix(systemd): Correct location of installed drop-in files(#5615)
[Noah Meyerhans]
+ fix(btrfs): Version parsing (#5618)
+ docs: Remove unnecessary section, add feature flag page (#5617)
+ docs: Drop Python 3.6 and 3.7 support (#5617)
+ chore: explain other use of oauth (#5616)
+ chore(actions): add doc label for any doc related subdir file matches
(#5602)
+ doc: Add misc links, improve wording (#5595)
+ doc(boot): Make first boot a dedicated page (#5595)
+ doc: Describe all stages in a single process (#5595)
+ chore: Deprecate old commands in help output (#5595)
+ chore: add comment explaining the NetworkManager may-fail setting
(#5598) [Ani Sinha]
+ Revert "fix(vmware): Set IPv6 to dhcp when there is no IPv6 addr
(#5471)" (#5596) [PengpengSun]
+ fix: read_optional_seed to set network-config when present (#5593)
+ feat(snap): avoid refresh on package_upgrade: true and refresh.hold
(#5426)
+ fix: Fix tests which have outdated strings (#5585)
+ fix: Fix ftp failures (#5585)
+ doc: improve integration testing configuration instructions (#5556)
[Alec Warren]
+ azure: check azure-proxy-agent status (#5138) [Ksenija Stanojevic]
+ refactor: refactor and fix mypy in DataSourceIBMCloud.py (#5509)
[Alec Warren]
+ fix: Update default LXD meta-data with user meta-data (#5584)
+ chore: Fix log message in url_helper.py (#5583)
+ fix: nocloud no fail when network-config absent (#5580)
+ feat: Single process optimization (#5489)
+ chore: Add helper, refactor utilities into separate module (#5573)
+ refactor: update handle function of cc_mounts (#5498)
+ fix: Integration tests (#5576)
+ fix(NoCloudNet): Add network-config support (#5566)
+ feat: Eliminate redundant configuration reads (#5536)
+ fix(actions): correct typo in cloudinit/config/schemas/ match (#5570)
+ fix: add host template for AOSC (#5557) [Yuanhang Sun]
+ chore(debian): Remove vestigial postinst and preinst code (#5569)
+ fix(actions): doc labeler needs all clause instead of default any (#5568)
+ docs: Overhaul user data formats documentation (#5551)
+ chore: Deprecate ENI as an input configuration format (#5561)
+ doc: improve drop-in custom modules (#5548)
+ doc(NoCloud): Categorize the different configuration types (#5521)
+ doc(autoinstall): Remove incorrect statements, be more direct (#5545)
+ chore: remove unneeded doc-lint tox env config (#5547)
+ fix(doc-spelling): config spelling_word_list_filename (#5547)
+ doc(modules): add section to wrap modules' doc (#5550)
+ doc: Update docs on boothooks (#5546)
+ fix: doc auto label to consider schema json changes as doc PRs (#5543)
+ feat(schema): add chef_license schema enum (#5543)
+ doc: add diagram with boot stages (#5539)
+ docs: improve qemu command line (#5540) [Christian Ehrhardt]
+ fix: auto label doc PRs (#5542)
+ fix(wsl): Put back the "path" argument to wsl_path in ds-identify
+ (#5537) [Carlos Nihelton]
+ test: fix test_kernel_command_line_match (#5529)
+ test: fix no ds cache tests (#5529)
+ fix(azurelinux): Change default usr_lib_exec path (#5526) [Minghe Ren]
+ feat: Support URI sources in `write_files` module (#5505)
[Lucas Ritzdorf]
+ add openeuler to distros in cc_spacewalk.py (#5530) [sxt1001]
+ feat(wsl): Special handling Landscape client config tags (#5460)
[Carlos Nihelton]
+ chore: Deprecate partially supported system config (#5515)
+ chore: Improve detection logging for user clarity (#5515)
+ fix(ds-identify): Detect nocloud when seedfrom url exists (#5515)
+ refactor: logs.py add typing and small misc refactors (#5414)
+ refactor: logs.py pathlib changes (#5414)
+ refactor: replace verbosity with log levels in logs.py (#5414)
+ feat: Add trace-level logger (#5414)
+ chore(formatting): fix squashed commit test formatting (#5524)
+ fix: Clean cache if no datasource fallback (#5499)
+ Support setting mirrorlist in yum repository config (#5522) [Ani Sinha]
+ doc(OFV): Document how to configure cloud-init (#5519)
+ fix: Update DNS behavior for NetworkManager interfaces (#5496)
[Curt Moore]
+ Fix configuration of DNS servers via OpenStack (#5384) [Curt Moore]
+ test: Unconditionally skip test_multi_nic_hotplug_vpc (#5503)
+ tests: revert expectation of exit 2 from cloud-init init --local (#5504)
+ fix(test): Fix ip printer for non-lxd (#5488)
+ feat(systemd): convert warning level message to deprecation (#5209)
+ test: allow verify_clean_boot to ignore all or specific tracebacks
(#5209)
+ test: Don't fail tests which call cloud-init as a command (#5209)
+ feat(systemd): Warn user of unexpected run mode (#5209)
+ fix: add schema rules for 'baseurl' and 'metalink' in yum repo config
(#5501) [Ani Sinha]
+ Set MTU for bond parent interface (#5495) [Curt Moore]
+ refactor: util.mounts to handle errors (#5490)
+ refactor: util.get_proc_env to work with strs (#5490)
+ typing: fix check_untyped_defs in cloudinit.util (#5490)
+ test: Add missing assert to test_status.py (#5494)
+ test: Ensure mkcert executable in ftp tests (#5493)
+ test: pytestify and cleanup test_cc_mounts.py (#5459)
+ fix(vmware): Set IPv6 to dhcp when there is no IPv6 addr (#5471)
[PengpengSun]
+ fix(openbsd): fix mtu on newline in hostname files (#5412) [Tobias Urdin]
+ feat(aosc): Add 'AOSC OS' support (#5310) [Yuanhang Sun]
24.2:
+ test: Fix no default user in test_status.py (#5478)
+ fix: correct deprecated_version=22.2 for users.sudo
+ test: Add jsonschema guard in test_cc_ubuntu_pro.py (#5479)
+ fix(test): Fix pycloudlib types in integration tests (#5350)
+ fix(test): Fix ip printing for non-lxd instances (#5350)
+ chore(mypy): Drop unused missing import exclusions (#5350)
+ type: Add stub types for network v1/v2 config (#5350)
+ chore: Auto-format network jsonschema in ci (#5350)
+ fix(tox): Update tox.ini (#5350)
+ chore(typing): Remove type ignores and casts (#5350)
+ refactor(typing): Remove unused code paths (#5350)
+ fix(typing): Add / update type annotations (#5350)
+ fix(typing): Remove type annotation for unused variable (#5350)
+ fix(typing): Remove invalid type annotations (#5350)
+ ci(mypy): Set default follow_imports value (#5350)
+ test: Update integration tests to pass on focal (#5476)
+ tests: update ubuntu_pro test to account for info-level deprecations
(#5475)
+ tests: update nocloud deprecation test for boundary version (#5474)
+ fix(rh_subscription): add string type to org (#5453)
+ tests: integration tests aware of features.DEPRECATION_INFO_BOUNDARY
+ tests: update keyserver PPA key fur curtin-dev (#5472)
+ test: Fix deprecation test failures (#5466)
+ chore: fix schema.py formatting (#5465)
+ fix: dont double-log deprecated INFOs (#5465)
+ fix(test): Mock version boundary (#5464)
+ fix(schema): Don't report changed keys as deprecated (#5464)
+ test: fix unit test openstack vlan mac_address (#5367)
+ fix: Ensure properties for bonded interfaces are properly translated
(#5367) [Curt Moore]
+ fix(schema): permit deprecated hyphenated keys under users key (#5456)
+ fix: Do not add the vlan_mac_address field into the VLAN object (#5365)
[Curt Moore]
+ doc(refactor): Convert module docs to new system (#5427) [Sally]
+ test: Add unit tests for features.DEPRECATION_INFO_BOUNDARY (#5411)
+ feat: Add deprecation boundary support to schema validator (#5411)
+ feat: Add deprecation boundary to logger (#5411)
+ fix: Gracefully handle missing files (#5397) [Curt Moore]
+ test(openstack): Test bond mac address (#5369)
+ fix(openstack): Fix bond mac_address (#5369) [Curt Moore]
+ test: Add ds-identify integration test coverage (#5394)
+ chore(cmdline): Update comments (#5458)
+ fix: Add get_connection_with_tls_context() for requests 2.32.2+ (#5435)
[eaglegai]
+ fix(net): klibc ipconfig PROTO compatibility (#5437)
[Alexsander de Souza] (LP: #2065787)
+ Support metalink in yum repository config (#5444) [Ani Sinha]
+ tests: hard-code curtin-dev ppa instead of canonical-kernel-team (#5450)
+ ci: PR update checklist GH- anchors to align w/ later template (#5449)
+ test: update validate error message in test_networking (#5436)
+ ci: Add PR checklist (#5446)
+ chore: fix W0105 in t/u/s/h/test_netlink.py (#5409)
+ chore(pyproject.toml): migrate to booleans (#5409)
+ typing: add check_untyped_defs (#5409)
+ fix(openstack): Append interface / scope_id for IPv6 link-local metadata
address (#5419) [Christian Rohmann]
+ test: Update validation error in test_cli.py test (#5430)
+ test: Update schema validation error in integration test (#5429)
+ test: bump pycloudlib to get azure oracular images (#5428)
+ fix(azure): fix discrepancy for monotonic() vs time() (#5420)
[Chris Patterson]
+ fix(pytest): Fix broken pytest gdb flag (#5415)
+ fix: Use monotonic time (#5423)
+ docs: Remove mention of resolv.conf (#5424)
+ perf(netplan): Improve network v1 -> network v2 performance (#5391)
+ perf(set_passwords): Run module in Network stage (#5395)
+ fix(test): Remove temporary directory side effect (#5416)
+ Improve schema validator warning messages (#5404) [Ani Sinha]
+ feat(sysconfig): Add DNS from interface config to resolv.conf (#5401)
[Ani Sinha]
+ typing: add no_implicit_optional lint (#5408)
+ doc: update examples to reflect alternative ways to provide `sudo`
option (#5418) [Ani Sinha]
+ fix(jsonschema): Add missing sudo definition (#5418)
+ chore(doc): migrate cc modules i through r to templates (#5313)
+ chore(doc): migrate grub_dpkg to tmpl add changed/deprecation (#5313)
+ chore(json): migrate cc_apt_configure and json schema indents (#5313)
+ chore(doc): migrate ca_certs/chef to template, flatten schema (#5313)
+ chore(doc): migrate cc_byobu to templates (#5313)
+ chore(doc): migrate cc_bootcmd to templates (#5313)
+ fix(apt): Enable calling apt update multiple times (#5230)
+ chore(VMware): Modify section of instance-id in the customization config
(#5356) [PengpengSun]
+ fix(treewide): Remove dead code (#5332) [Shreenidhi Shedi]
+ doc: network-config v2 ethernets are of type object (#5381) [Malte Poll]
+ Release 24.1.7 (#5375)
+ fix(azure): url_helper: specify User-Agent when using headers_cb with
readurl() (#5298) [Ksenija Stanojevic]
+ fix: Stop attempting to resize ZFS in cc_growpart on Linux (#5370)
+ doc: update docs adding YAML 1.1 spec and jinja template references
+ fix(final_message): do not warn on datasourcenone when single ds
+ fix(growpart): correct growpart log message to include value of mode
+ feat(hotplug): disable hotplugd.socket (#5058)
+ feat(hotlug): trigger hotplug after cloud-init.service (#5058)
+ test: add function to push and enable systemd units (#5058)
+ test(util): fix wait_until_cloud_init exit code 2 (#5058)
+ test(hotplug): fix race getting ipv6 (#5271)
+ docs: Adjust CSS to increase font weight across the docs (#5363) [Sally]
+ fix(ec2): Correctly identify netplan renderer (#5361)
+ tests: fix expect logging from growpart on devent with partition (#5360)
+ test: Add v2 test coverage to test_net.py (#5247)
+ refactor: Simplify collect_logs() in logs.py (#5268)
+ fix: Ensure no subp from logs.py import (#5268)
+ tests: fix integration tests for ubuntu pro 32.3 release (#5351)
+ tests: add oracular's hello package for pkg upgrade test (#5354)
+ growpart: Fix behaviour for ZFS datasets (#5169) [Mina Galić]
+ device_part_info: do not recurse if we did not match anything (#5169)
[Mina Galić]
+ feat(alpine): add support for Busybox adduser/addgroup (#5176)
[dermotbradley]
+ ci: Move lint tip and py3-dev jobs to daily (#5347)
+ fix(netplan): treat netplan warnings on stderr as debug for cloud-init
(#5348)
+ feat(disk_setup): Add support for nvme devices (#5263)
+ fix(log): Do not warn when doing requested operation (#5263)
+ Support sudoers in the "/usr/usr merge" location (#5161)
[Robert Schweikert]
+ doc(nocloud): Document network-config file (#5204)
+ fix(netplan): Fix predictable interface rename issue (#5339)
+ cleanup: Don't execute code on import (#5295)
+ fix(net): Make duplicate route add succeed. (#5343)
+ fix(freebsd): correct configuration of IPv6 routes (#5291) [Th?o Bertin]
+ fix(azure): disable use-dns for secondary nics (#5314)
+ chore: fix lint failure (#5320)
+ Update pylint version to support python 3.12 (#5338) [Ani Sinha]
+ fix(tests): use regex to avoid focal whitespace in jinja debug test
(#5335)
+ chore: Add docstrings and types to Version class (#5262)
+ ci(mypy): add type-jinja2 stubs (#5337)
+ tests(alpine): github trust lxc mounted source dir cloud-init-ro (#5329)
+ test: Add oracular release to integration tests (#5328)
+ Release 24.1.6 (#5326)
+ test: Fix failing test_ec2.py test (#5324)
+ fix: Check renderer for netplan-specific code (#5321)
+ docs: Removal of top-level --file breaking change (#5308)
+ fix: typo correction of delaycompress (#5317)
+ docs: Renderers/Activators have downstream overrides (#5322)
+ fix(ec2): Ensure metadata exists before configuring PBR (#5287)
+ fix(lxd): Properly handle unicode from LXD socket (#5309)
+ docs: Prefer "artifact" over "artefact" (#5311) [Arthur Le Maitre]
+ chore(doc): migrate cc_byobu to templates
+ chore(doc): migrate cc_bootcmd to templates
+ chore(doc): migrate apt_pipelining and apk_configure to templates
+ tests: in_place mount module-docs into lxd vm/container
+ feat(docs): generate rtd module schema from rtd/module-docs
+ feat: Set RH ssh key permissions when no 'ssh_keys' group (#5296)
[Ani Sinha]
+ test: Avoid circular import in Azure tests (#5280)
+ test: Fix test_failing_userdata_modules_exit_codes (#5279)
+ chore: Remove CPY check from ruff (#5281)
+ chore: Clean up docstrings
+ chore(ruff): Bump to version 0.4.3
+ feat(systemd): Improve AlmaLinux OS and CloudLinux OS support (#5265)
[Elkhan Mammadli]
+ feat(ca_certs): Add AlmaLinux OS and CloudLinux OS support (#5264)
[Elkhan Mammadli]
+ docs: cc_apt_pipelining docstring typo fix (#5273) [Alex Ratner]
+ feat(azure): add request identifier to IMDS requests (#5218)
[Ksenija Stanojevic]
+ test: Fix TestFTP integration test (#5237) [d1r3ct0r]
+ feat(ifconfig): prepare for CIDR output (#5272) [Mina Galić]
+ fix: stop manually dropping dhcp6 key in integration test (#5267)
[Alec Warren]
+ test: Remove some CiTestCase tests (#5256)
+ fix: Warn when signal is handled (#5186)
+ fix(snapd): ubuntu do not snap refresh when snap absent (LP: #2064300)
+ feat(landscape-client): handle already registered client (#4784)
[Fabian Lichtenegger-Lukas]
+ doc: Show how to debug external services blocking cloud-init (#5255)
+ fix(pdb): Enable running cloud-init under pdb (#5217)
+ chore: Update systemd description (#5250)
+ fix(time): Harden cloud-init to system clock changes
+ fix: Update analyze timestamp uptime
+ fix(schema): no network validation on netplan systems without API
+ fix(mount): Don't run cloud-init.service if cloud-init disabled (#5226)
+ fix(ntp): Fix AlmaLinux OS and CloudLinux OS support (#5235)
[Elkhan Mammadli]
+ tests: force version of cloud-init from PPA regardless of version (#5251)
+ ci: Print isort diff (#5242)
+ test: Fix integration test dependencies (#5248)
+ fix(ec2): Fix broken uuid match with other-endianness (#5236)
+ fix(schema): allow networkv2 schema without top-level key (#5239)
[Cat Red]
+ fix(cmd): Do not hardcode reboot command (#5208)
+ test: Run Alpine tests without network (#5220)
+ docs: Add base config reference from explanation (#5241)
+ docs: Remove preview from WSL tutorial (#5225)
+ chore: Remove broken maas code (#5219)
+ feat(WSL): Add support for Ubuntu Pro configs (#5116) [Ash]
+ chore: sync ChangeLog and version.py from 24.1.x (#5228)
+ bug(package_update): avoid snap refresh in images without snap command
(LP: #2064132)
+ ci: Skip package build on tox runs (#5210)
+ chore: Fix test skip message
+ test(ec2): adopt pycloudlib public ip creation while launching instances
+ test(ec2): add ipv6 testing for multi-nic instances
+ test(ec2): adopt pycloudlib enable_ipv6 while launching instances
+ feat: tool to print diff between netplan and networkv2 schema (#5200)
[Cat Red]
+ test: mock internet access in test_upgrade (#5212)
+ ci: Add timezone for alpine unit tests (#5216)
+ fix: Ensure dump timestamps parsed as UTC (#5214)
+ docs: Add WSL tutorial (#5206)
+ feature(schema): add networkv2 schema (#4892) [Cat Red]
+ Add alpine unittests to ci (#5121)
+ test: Fix invalid openstack datasource name (#4905)
+ test: Fix MAAS test and mark xfail (#4905)
+ chore(ds-identify): Update shellcheck ignores (#4905)
+ fix(ds-identify): Prevent various false positives and false negatives
(#4905)
+ Use grep for faster parsing of cloud config in ds-identify (#4905)
[Scott Moser] (LP: #2030729)
+ tests: validate netplan API YAML instead of strict content (#5195)
+ chore(templates): update ubuntu universe wording (#5199)
+ Deprecate the users ssh-authorized-keys property (#5162)
[Anders Bj?rklund]
+ doc(nocloud): Describe ftp and ftp over tls implementation (#5193)
+ feat(net): provide network config to netplan.State for render (#4981)
+ docs: Add breaking datasource identification changes (#5171)
+ fix(openbsd): Update build-on-openbsd python dependencies (#5172)
[Hyacinthe Cartiaux]
+ fix: Add subnet ipv4/ipv6 to network schema (#5191)
+ docs: Add deprecated system_info to schema (#5168)
+ docs: Add DataSourceNone documentation (#5165)
+ test: Skip test if console log is None (#5188)
+ fix(dhcp): Enable interactively running cloud-init init --local (#5166)
+ test: Update message for netplan apply dbus issue
+ test: install software-properties-common if absent during PPA setup
+ test: bump pycloudlib to use latest version
+ test: Update version of hello package installed on noble
+ test: universally ignore netplan apply dbus issue (#5178)
+ chore: Remove obsolete nose workaround
+ feat: Add support for FTP and FTP over TLS (#4834)
+ feat(opennebula): Add support for posix shell
+ test: Make analyze tests not depend on GNU date
+ test: Eliminate bash dependency from subp tests
+ docs: Add breaking changes section to reference docs (#5147) [Cat Red]
+ util: add log_level kwarg for logexc() (#5125) [Chris Patterson]
+ refactor: Make device info part of distro definition (#5067)
+ refactor: Distro-specific growpart code (#5067)
+ test(ec2): fix mocking with responses==0.9.0 (focal) (#5163)
+ chore(safeyaml): Remove unicode helper for Python2 (#5142)
+ Revert "test: fix upgrade dhcp6 on ec2 (#5131)" (#5148)
+ refactor(net): Reuse netops code
+ refactor(iproute2): Make expressions multi-line for legibility
+ feat(freebsd): support freebsd find part by gptid and ufsid (#5122)
[jinkangkang]
+ feat: Determining route metric based on NIC name (#5070) [qidong.ld]
+ test: Enable profiling in integration tests (#5130)
+ dhcp: support configuring static routes for dhclient's unknown-121
option (#5146) [Chris Patterson]
+ feat(azure): parse ProvisionGuestProxyAgent as bool (#5126)
[Ksenija Stanojevic]
+ fix(url_helper): fix TCP connection leak on readurl() retries (#5144)
[Chris Patterson]
+ test: pytest-ify t/u/sources/test_ec2.py
+ Revert "ec2: Do not enable dhcp6 on EC2 (#5104)" (#5145) [Major Hayden]
+ fix: Logging sensitive data
+ test: Mock ds-identify systemd path (#5119)
+ fix(dhcpcd): Make lease parsing more robust (#5129)
+ test: fix upgrade dhcp6 on ec2 (#5131)
+ net/dhcp: raise InvalidDHCPLeaseFileError on error parsing dhcpcd lease
(#5128) [Chris Patterson]
+ fix: Fix runtime file locations for cloud-init (#4820)
+ ci: fix linkcheck.yml invalid yaml (#5123)
+ net/dhcp: bump dhcpcd timeout to 300s (#5127) [Chris Patterson]
+ ec2: Do not enable dhcp6 on EC2 (#5104) [Major Hayden]
+ fix: Fall back to cached local ds if no valid ds found (#4997)
[PengpengSun]
+ ci: Make linkcheck a scheduled job (#5118)
+ net: Warn when interface rename fails
+ ephemeral(dhcpcd): Set dhcpcd interface down
+ Release 24.1.3
+ chore: Handle all level 1 TiCS security violations (#5103)
+ fix: Always use single datasource if specified (#5098)
+ fix(tests): Leaked mocks (#5097)
+ fix(rhel)!: Fix network boot order in upstream cloud-init
+ fix(rhel): Fix network ordering in sysconfig
+ feat: Use NetworkManager renderer by default in RHEL family
+ fix: Allow caret at the end of apt package (#5099)
+ test: Add missing mocks to prevent bleed through (#5082)
[Robert Schweikert]
+ fix: Ensure network config in DataSourceOracle can be unpickled (#5073)
+ docs: set the home directory using homedir, not home (#5101)
[Olivier Gayot] (LP: #2047796)
+ fix(cacerts): Correct configuration customizations for Photon (#5077)
[Christopher McCann]
+ fix(test): Mock systemd fs path for non-systemd distros
+ fix(tests): Leaked subp.which mock
+ fix(networkd): add GatewayOnLink flag when necessary (#4996) [王煎饼]
+ Release 24.1.2
+ test: fix `disable_sysfs_net` mock (#5065)
+ refactor: don't import subp function directly (#5065)
+ test: Remove side effects from tests (#5074)
+ refactor: Import log module rather than functions (#5074)
+ fix: Fix breaking changes in package install (#5069)
+ fix: Undeprecate 'network' in schema route definition (#5072)
+ refactor(ec2): simplify convert_ec2_metadata_network_config
+ fix(ec2): fix ipv6 policy routing
+ fix: document and add 'accept-ra' to network schema (#5060)
+ bug(maas): register the correct DatasourceMAASLocal in init-local
(#5068) (LP: #2057763)
+ ds-identify: Improve ds-identify testing flexibility (#5047)
+ fix(ansible): Add verify_commit and inventory to ansible.pull schema
(#5032) [Fionn Fitzmaurice]
+ doc: Explain breaking change in status code (#5049)
+ gpg: Handle temp directory containing files (#5063)
+ distro(freebsd): add_user: respect homedir (#5061) [Mina Galić]
+ doc: Install required dependencies (#5054)
+ networkd: Always respect accept-ra if set (#4928) [Phil Sphicas]
+ chore: ignore all cloud-init_*.tar.gz in .gitignore (#5059)
+ test: Don't assume ordering of ThreadPoolExecutor submissions (#5052)
+ feat: Add new distro 'azurelinux' for Microsoft Azure Linux. (#4931)
[Dan Streetman]
+ fix(gpg): Make gpg resilient to host configuration changes (#5026)
+ Sync 24.1.1 changelog and version
+ DS VMware: Fix ipv6 addr converter from netinfo to netifaces (#5029)
[PengpengSun]
+ packages/debian: remove dependency on isc-dhcp-client (#5041)
[Chris Patterson]
+ test: Allow fake_filesystem to work with TemporaryDirectory (#5035)
+ tests: Don't wait for GCE instance teardown (#5037)
+ fix: Include DataSourceCloudStack attribute in unpickle test (#5039)
+ bug(vmware): initialize new DataSourceVMware attributes at unpickle
(#5021) (LP: #2056439)
+ fix(apt): Don't warn on apt 822 source format (#5028)
+ fix(atomic_helper.py): ensure presence of parent directories (#4938)
[Shreenidhi Shedi]
+ fix: Add "broadcast" to network v1 schema (#5034) (LP: #2056460)
+ pro: honor but warn on custom ubuntu_advantage in /etc/cloud/cloud.cfg
(#5030)
+ net/dhcp: handle timeouts for dhcpcd (#5022) [Chris Patterson]
+ fix: Make wait_for_url respect explicit arguments
+ test: Fix scaleway retry assumptions
+ fix: Make DataSourceOracle more resilient to early network issues
(#5025) (LP: #2056194)
+ chore(cmd-modules): fix exit code when --mode init (#5017)
+ feat: pylint: enable W0201 - attribute-defined-outside-init
+ refactor: Ensure no attributes defined outside __init__
+ chore: disable attribute-defined-outside-init check in tests
+ refactor: Use _unpickle rather than hasattr() in sources
+ chore: remove unused vendordata "_pure" variables
+ chore(cmd-modules): deprecate --mode init (#5005)
+ tests: drop CiTestCase and convert to pytest
+ bug(tests): mock reads of host's /sys/class/net via get_sys_class_path
+ fix: log correct disabled path in ds-identify (#5016)
+ tests: ec2 dont spend > 1 second retrying 19 times when 3 times will do
+ tests: openstack mock expected ipv6 IMDS
+ bug(wait_for_url): when exceptions occur url is unset, use url_exc
(LP: #2055077)
+ feat(run-container): Run from arbitrary commitish (#5015)
+ tests: Fix wsl test (#5008)
+ feat(ds-identify): Don't run unnecessary systemd-detect-virt (#4633)
+ chore(ephemeral): add debug log when bringing up ephemeral network
(#5010) [Alec Warren]
+ release: sync changelog and version (#5011)
+ Cleanup test_net.py (#4840)
+ refactor: remove dependency on netifaces (#4634) [Cat Red]
+ feat: make lxc binary configurable (#5000)
+ docs: update 404 page for new doc site and bug link
+ test(aws): local network connectivity on multi-nics (#4982)
+ test: Make integration test output more useful (#4984)
From 24.1.7
+ fix(ec2): Correctly identify netplan renderer (#5361)
From 24.1.6
+ fix(ec2): Ensure metadata exists before configuring PBR (#5287)
+ fix: Check renderer for netplan-specific code (#5321)
+ test: Fix failing test_ec2.py test (#5324)
From 24.1.5
+ fix(package_update): avoid snap refresh in images without snap command
(LP: #2064132)
From 24.1.4
+ fix(dhcpcd): Make lease parsing more robust (#5129)
+ net/dhcp: raise InvalidDHCPLeaseFileError on error parsing dhcpcd lease
+ (#5128) [Chris Patterson]
+ fix: Fix runtime file locations for cloud-init (#4820)
+ net/dhcp: bump dhcpcd timeout to 300s (#5127) [Chris Patterson]
+ net: Warn when interface rename fails
+ ephemeral(dhcpcd): Set dhcpcd interface down
+ test: Remove side effects from tests (#5074)
+ refactor: Import log module rather than functions (#5074)
From 24.1.3
+ fix: Always use single datasource if specified (#5098)
+ fix: Allow caret at the end of apt package (#5099)
From 24.1.2
+ test: Don't assume ordering of ThreadPoolExecutor submissions (#5052)
+ refactor(ec2): simplify convert_ec2_metadata_network_config
+ tests: drop CiTestCase and convert to pytest
+ bug(tests): mock reads of host's /sys/class/net via get_sys_class_path
+ fix: Fix breaking changes in package install (#5069)
+ fix: Undeprecate 'network' in schema route definition (#5072)
+ fix(ec2): fix ipv6 policy routing
+ fix: document and add 'accept-ra' to network schema (#5060)
+ bug(maas): register the correct DatasourceMAASLocal in init-local
(#5068) (LP: #2057763)
From 24.1.1
+ fix: Include DataSourceCloudStack attribute in unpickle test (#5039)
+ bug(vmware): initialize new DataSourceVMware attributes at unpickle (#5021)
+ fix(apt): Don't warn on apt 822 source format (#5028)
+ fix: Add "broadcast" to network v1 schema (#5034)
+ pro: honor but warn on custom ubuntu_advantage in /etc/cloud/cloud.cfg
(#5030)
+ net/dhcp: handle timeouts for dhcpcd (#5022)
+ fix: Make wait_for_url respect explicit arguments
+ bug(wait_for_url): when exceptions occur url is unset, use url_exc
+ test: Fix scaleway retry assumptions
+ fix: Make DataSourceOracle more resilient to early network issues (#5025)
+ tests: Fix wsl test (#5008)
From 24.1
+ fix: Don't warn on vendor directory (#4986)
+ apt: kill spawned keyboxd after gpg cmd interaction
+ tests: upgrade tests should only validate current boot log
+ net/dhcp: fix maybe_perform_dhcp_discovery check for interface=None
[Chris Patterson]
+ doc(network-v2): fix section nesting levels
+ fix(tests): don't check for clean log on minimal image (#4965) [Cat Red]
+ fix(cc_resize): Don't warn if zpool command not found (#4969)
(LP: #2055219)
+ feat(subp): Make invalid command warning more user-friendly (#4972)
+ docs: Remove statement about device path matching (#4966)
+ test: Fix xfail to check the dhcp client name (#4971)
+ tests: avoid console prompts when removing gpg on Noble
+ test: fix test_get_status_systemd_failure
+ fix: Remove hardcoded /var/lib/cloud hotplug path (#4940)
+ refactor: Refactor status.py (#4864)
+ test: Use correct lxd network-config keys (#4950)
+ test: limit temp dhcp6 changes to < NOBLE (#4942)
+ test: allow downgrades when install debs (#4941)
+ tests: on noble, expect default /etc/apt/sources.list
+ tests: lxd_vm early boot status test ordered After=systemd-remount-fs
(#4936)
+ tests: pro integration tests supply ubuntu_advantage until pro v32
(#4935)
+ feat(hotplug): add cmd to enable hotplug (#4821)
+ test: fix test_combined_cloud_config_json (#4925)
+ test: xfail udhcpc on azure (#4924)
+ feat: Implement the WSL datasource (#4786) [Carlos Nihelton]
+ refactor(openrc): Improve the OpenRC files (#4916) [dermotbradley]
+ tests: use apt install instead of dpkg -i to install pkg deps
+ tests: inactive module rename ubuntu_advantage to ubuntu_pro
+ test: fix tmpdir in test_cc_apk_configure (#4914)
+ test: fix jsonschema version checking in pro test (#4915)
+ feat(dhcp): Make dhcpcd the default dhcp client (#4912)
+ feat(Alpine) cc_growpart.py: fix handling of /dev/mapper devices (#4876)
[dermotbradley]
+ test: Retry longer in test_status.py integration test (#4910)
+ test: fix kernel override test (#4913)
+ chore: Rename sysvinit/gentoo directory to sysvinit/openrc (#4906)
[dermotbradley]
+ doc: update ubuntu_advantage references to pro
+ chore: rename cc_ubuntu_advantage to cc_ubuntu_pro (SC-1555)
+ feat(ubuntu pro): deprecate ubuntu_pro key in favor of ubuntu_advantage
+ feat(schema): support ubuntu_pro key and deprecate ubuntu_advantage
+ test: fix verify_clean_log (#4903)
+ test: limit test_no_hotplug_triggered_by_docker to stable releases
+ tests: generalize warning Open vSwitch warning from netplan apply (#4894)
+ fix(hotplug): remove literal quotes in args
+ feat(apt): skip known /etc/apt/sources.list content
+ feat(apt): use APT deb822 source format by default
+ test(ubuntu-pro): change livepatch to esm-infra
+ doc(ec2): fix metadata urls (#4880)
+ fix: unpin jsonschema and update tests (#4882)
+ distro: add eject FreeBSD code path (#4838) [Mina Galić]
+ feat(ec2): add hotplug as a default network update event (#4799)
+ feat(ec2): support instances with repeated device-number (#4799)
+ feat(cc_install_hotplug): trigger hook on known ec2 drivers (#4799)
+ feat(ec2): support multi NIC/IP setups (#4799)
+ feat(hotplug): hook-hotplug is now POSIX shell add OpenRC init script
[dermotbradley]
+ test: harden test_dhcp.py::test_noble_and_newer_force_client
+ test: fix test_combined_cloud_config_json (#4868)
+ feat(apport): Disable hook when disabled (#4874)
+ chore: Add pyright ignore comments (#4874)
+ bug(apport): Fix invalid typing (#4874)
+ refactor: Move general apport hook to main branch (#4874)
+ feat(bootspeed)!: cloud-config.service drop After=snapd.seeded
+ chore: update CI package build to oldest supported Ubuntu release focal
(#4871)
+ test: fix test_cli.test_valid_userdata
+ feat: handle error when log file is empty (#4859) [Hasan]
+ test: fix test_ec2_ipv6
+ fix: Address TIOBE abstract interpretation issues (#4866)
+ feat(dhcp): Make udhcpc use same client id (#4830)
+ feat(dhcp): Support InfiniBand with dhcpcd (#4830)
+ feat(azure): Add ProvisionGuestProxyAgent OVF setting (#4860)
[Ksenija Stanojevic]
+ test: Bring back dhcp6 integration test changes (#4855)
+ tests: add status --wait blocking test from early boot
+ tests: fix retry decorator to return the func value
+ docs: add create_hostname_file to all hostname user-data examples
(#4727) [Cat Red]
+ fix: Fix typos (#4850) [Viktor Sz?pe]
+ feat(dhcpcd): Read dhcp option 245 for azure wireserver (#4835)
+ tests(dhcp): Add udhcpc client to test matrix (#4839)
+ fix: Add types to network v1 schema (#4841)
+ docs(vmware): fixed indentation on example userdata yaml (#4854)
[Alec Warren]
+ tests: Remove invalid keyword from method call
+ fix: Handle systemctl when dbus not ready (#4842) (LP: #2046483)
+ fix(schema cli): avoid netplan validation on net-config version 1
+ tests: reduce expected reports due to dropped rightscale module
+ tests(net-config): add awareness of netplan on stable Ubuntu
[Gilbert Gilb's]
+ feat: fall back to cdrom_id eject if eject is not available (#4769)
[Cat Red]
+ fix(packages/bddeb): restrict debhelper-compat to 12 in focal (#4831)
+ tests: Add kernel commandline test (#4833)
+ fix: Ensure NetworkManager renderer works without gateway (#4829)
+ test: Correct log parsing in schema test (#4832)
+ refactor: Remove cc_rightscale_userdata (#4813)
+ refactor: Replace load_file with load_binary_file to simplify typing
(#4823)
+ refactor: Add load_text_file function to simplify typing (#4823)
+ refactor: Change variable name for consistent typing (#4823)
+ feat(dhcp): Add support for dhcpcd (#4746)
+ refactor: Remove unused networking code (#4810)
+ test: Add more DNS net tests
+ BREAKING CHANGE: Stop adding network v2 DNS to global DNS
+ doc: update DataSource.default_update_events doc (#4815)
+ chore: do not modify instance attribute (#4815)
+ test: fix mocking leaks (#4815)
+ Revert "ci: Pin pytest<8.0.0. (#4816)" (#4815)
+ test: Update tests for passlib (#4818)
+ fix(net-schema): no warn when skipping schema check on non-netplan
+ feat(SUSE): reboot marker file is written as /run/reboot-needed (#4788)
[Robert Schweikert]
+ test: Cleanup unwanted logger setup calls (#4817)
+ refactor(cloudinit.util): Modernize error handling, add better warnings
(#4812)
+ ci: Pin pytest<8.0.0. (#4816)
+ fix(tests): fixing KeyError on integrations tests (#4811) [Cat Red]
+ tests: integration for network schema on netplan systems (#4767)
+ feat(schema): use netplan API to validate network-config (#4767)
+ chore: define CLOUDINIT_NETPLAN_FILE static var (#4767)
+ fix: cli schema config-file option report network-config type (#4767)
+ refactor(azure): replace BrokenAzureDataSource with reportable errors
(#4807) [Chris Patterson]
+ Fix Alpine and Mariner /etc/hosts templates (#4780) [dermotbradley]
+ tests: revert #4792 as noble images no longer return 2 (#4809) [Cat Red]
+ tests: use client fixture instead of class_client in cleantest (#4806)
+ tests: enable ds-idenitfy xfail test LXD-kvm-not-MAAS-1 (#4808)
+ fix(tests): failing integration tests due to missing ua token (#4802)
[Cat Red]
+ Revert "Use grep for faster parsing of cloud config in ds-identify
(#4327)"
+ tests: Demonstrate ds-identify yaml parsing broken
+ tests: add exit 2 on noble from cloud-init status (#4792)
+ fix: linkcheck for ci to ignore scaleway anchor URL (#4793)
+ feat: Update cacerts to support VMware Photon (#4763)
[Christopher McCann]
+ fix: netplan rendering integrations tests (#4795) [Cat Red]
+ azure: remove cloud-init.log reporting via KVP (#4715) [Chris Patterson]
+ feat(Alpine): Modify ds-identify for Alpine support and add OpenRC
init.d script (#4785) [dermotbradley]
+ doc: Add DatasourceScaleway documentation (#4773) [Louis Bouchard]
+ fix: packaged logrotate file lacks suffix on ubuntu (#4790)
+ feat(logrotate): config flexibility more backups (#4790)
+ fix(clean): stop warning when running clean command (#4761) [d1r3ct0r]
+ feat: network schema v1 strict on nic name length 15 (#4774)
+ logrotate config (#4721) [Fabian Lichtenegger-Lukas]
+ test: Enable coverage in integration tests (#4682)
+ test: Move unit test helpers to global test helpers (#4682)
+ test: Remove snapshot option from install_new_cloud_init (#4682)
+ docs: fix cloud-init single param docs (#4682)
+ Alpine: fix location of dhclient leases file (#4782) [dermotbradley]
+ test(jsonschema): Pin jsonschema version (#4781)
+ refactor(IscDhclient): discover DHCP leases at distro-provided location
(#4683) [Phsm Qwerty]
+ feat: datasource check for WSL (#4730) [Carlos Nihelton]
+ test: Update hostname integration tests (#4744)
+ test: Add mantic and noble releases to integration tests (#4744)
+ refactor: Ensure internal DNS state same for v1 and v2 (#4756)
+ feat: Add v2 route mtu rendering to NetworkManager (#4748)
+ tests: stable ubuntu releases will not exit 2 on warnings (#4757)
+ doc(ds-identify): Describe ds-identify irrespective of distro (#4742)
+ fix: relax NetworkManager renderer rules (#4745)
+ fix: fix growpart race (#4618)
+ feat: apply global DNS to interfaces in network-manager (#4723)
[Florian Apolloner]
+ feat(apt): remove /etc/apt/sources.list when deb22 preferred (#4740)
+ chore: refactor schema data as enums and namedtuples (#4585)
+ feat(schema): improve CLI message on unprocessed data files (#4585)
+ fix(config): relocate /run to /var/run on BSD (canonical#4677)
[Mina Galić]
+ fix(ds-identify): relocate /run on *BSD (#4677) [Mina Galić]
+ fix(sysvinit): make code a bit more consistent (#4677) [Mina Galić]
+ doc: Document how cloud-init is, not how it was (#4737)
+ tests: add expected exit 2 on noble from cloud-init status (#4738)
+ test(linkcheck): ignore github md and rst link headers (#4734)
+ test: Update webhook test due to removed cc_migrator module (#4726)
+ fix(ds-identify): Return code 2 is a valid result, use cached value
+ fix(cloudstack): Use parsed lease file for virtual router in cloudstack
+ fix(dhcp): Guard against FileNotFoundError and NameError exceptions
+ fix(apt_configure): disable sources.list if rendering deb822 (#4699)
(LP: #2045086)
+ docs: Add link to contributing to docs (#4725) [Cat Red]
+ chore: remove commented code (#4722)
+ chore: Add log message when create_hostname_file key is false (#4724)
[Cat Red]
+ fix: Correct v2 NetworkManager route rendering (#4637)
+ azure/imds: log http failures as warnings instead of info (#4714)
[Chris Patterson]
+ fix(setup): Relocate libexec on OpenBSD (#4708) [Mina Galić]
+ feat(jinja): better jinja feedback and error catching (#4629)
[Alec Warren]
+ test: Fix silent swallowing of unexpected subp error (#4702)
+ fix: Move cloud-final.service after time-sync.target (#4610)
[Dave Jones] (LP: #1951639)
+ feat(log): Make logger name more useful for __init__.py
+ chore: Remove cc_migrator module (#4690)
+ fix(tests): make cmd/devel/tests work on non-GNU [Mina Galić]
+ chore: Remove cmdline from spelling list (#4670)
+ doc: Document boot status meaning (#4670)
+ doc: Set expectations for new datasources (#4670)
+ ci: Show linkcheck broken links in job output (#4670)
+ dmi: Add support for OpenBSD (#4654) [Mina Galić]
+ ds-identify: fake dmidecode support on OpenBSD (#4654) [Mina Galić]
+ ds-identify: add OpenBSD support in uname (#4654) [Mina Galić]
+ refactor: Ensure '_cfg' in Init class is dict (#4674)
+ refactor: Make event scope required in stages.py (#4674)
+ refactor: Remove unused argument (#4674)
+ chore: Move from lintian to a sphinx spelling plugin (#3639)
+ fix(doc): Fix spelling errors found by sphinxcontrib-spelling (#3639)
+ ci: Add Python 3.13 (#4567)
+ Add AlexSv04047 to CLA signers file (#4671) [AlexSv04047]
+ fix(openbsd): services & build tool (#4660) [CodeBleu]
+ tests/unittests: add a new unit test for network manager net activator
(#4672) [Ani Sinha]
+ Implement DataSourceCloudStack.get_hostname() (#4433) [Phsm Qwerty]
+ net/nm: check for presence of ifcfg files when nm connection files
are absent (#4645) [Ani Sinha]
+ doc: Overhaul debugging documentation (#4578)
+ doc: Move dangerous commands to dev docs (#4578)
+ doc: Relocate file location docs (#4578)
+ doc: Remove the debugging page (#4578)
+ fix(util): Fix boottime to work on OpenBSD (#4667) [Mina Galić]
+ net: allow dhcp6 configuration from generate_fallback_configuration()
[Ani Sinha]
+ net/network_manager: do not set "may-fail" to False for both ipv4 and
ipv6 dhcp [Ani Sinha]
+ feat(subp): Measure subprocess command time (#4606)
+ fix(python3.13): Fix import error for passlib on Python 3.13 (#4669)
+ style(brpm/bddeb): add black and ruff for packages build scripts (#4666)
+ copr: remove TODO.rst from spec file
+ fix(packages/brpm): correct syntax error and typo
+ style(ruff): fix tip target
+ config: Module documentation updates (#4599)
+ refactor(subp): Remove redundant parameter 'env' (#4555)
+ refactor(subp): Remove unused parameter 'target' (#4555)
+ refactor: Remove 'target' boilerplate from cc_apt_configure (#4555)
+ refactor(subp): Re-add return type to subp() (#4555)
+ refactor(subp): Add type information to args (#4555)
+ refactor(subp): Use subprocess.DEVNULL (#4555)
+ refactor(subp): Remove parameter 'combine_capture' (#4555)
+ refactor(subp): Remove unused parameter 'status_cb' (#4555)
+ fix(cli): fix parsing of argparse subcommands (#4559)
[Calvin Mwadime] (LP: #2040325)
+ chore!: drop support for dsa ssh hostkeys in docs and schema (#4456)
+ chore!: do not generate ssh dsa host keys (#4456) [shixuantong]
From 23.4.4
+ fix(nocloud): smbios datasource definition
+ tests: Check that smbios seed works
+ fix(source): fix argument boundaries when parsing cmdline (#4825)
From 23.4.3
+ fix: Handle systemctl when dbus not ready (#4842)
(LP: #2046483)
From 23.4.2
+ fix: Handle invalid user configuration gracefully (#4797)
(LP: #2051147)
From 23.4.1
+ fix: Handle systemctl commands when dbus not ready (#4681)
From 23.4
+ tests: datasourcenone use client.restart to block until done (#4635)
+ tests: increase number of retries across reboot to 90 (#4651)
+ fix: Add schema for merge types (#4648)
+ feat: Allow aliyun ds to fetch data in init-local (#4590) [qidong.ld]
+ azure: report failure to eject as error instead of debug (#4643)
[Chris Patterson]
+ bug(schema): write network-config if instance dir present (#4635)
+ test: fix schema fuzzing test (#4639)
+ Update build-on-openbsd dependencies (#4644) [CodeBleu]
+ fix(test): Fix expected log for ipv6-only ephemeral network (#4641)
+ refactor: Remove metaclass from network_state.py (#4638)
+ schema: non-root fallback to default paths on perm errors (# 4631)
+ fix: Don't loosen the permissions of the log file (#4628)
+ Revert "logging: keep current file mode of log file if its stricter
than the new mode (#4250)"
+ ephemeral: Handle link up failure for both ipv4 and ipv6 (#4547)
+ fix(main): Don't call logging too early (#4595)
+ fix: Remove Ubuntu-specific kernel naming convention assertion (#4617)
+ fix(log): Do not implement handleError with a self parameter (#4617)
+ fix(log): Don't try to reuse stderr logger (#4617)
+ feat: Standardize logging output to stderr (#4617)
+ chore: Sever unmaintained TODO.rst (#4625)
+ test: Skip failing tests
+ distros: Add suse
+ test: Add default hello package version (#4614)
+ fix(net): Improve DHCPv4 SUSE code, add test
+ net: Fix DHCPv4 not enabled on SUSE in some cases [bin456789]
+ fix(schema): Warn if missing dependency (#4616)
+ fix(cli): main source cloud_config for schema validation (#4562)
+ feat(schema): annotation path for invalid top-level keys (#4562)
+ feat(schema): top-level additionalProperties: false (#4562)
+ test: ensure top-level properties tests will pass (#4562)
+ fix(schema): Add missing schema definitions (#4562)
+ test: Fix snap tests (#4562)
+ azure: Check for stale pps data from IMDS (#4596) [Ksenija Stanojevic]
+ test: Undo dhcp6 integration test changes (#4612)
+ azure: update diagnostic from warning level to debug [Chris Patterson]
+ azure/imds: remove limit for connection errors if route present (#4604)
+ [Chris Patterson]
+ [enhancement]: Add shellcheck to CI (#4488) [Aviral Singh]
+ chore: add conventional commits template (#4593)
+ Revert "net: allow dhcp6 configuration from
generate_fallback_configuration()" (#4607)
+ azure: workaround to disable reporting IMDS failures on Azure Stack
[Chris Patterson]
+ cc_apt_pipelining: Update docs, deprecate options (#4571)
+ test: add gh workflows on push to main, update status badges (#4597)
+ util: Remove function abs_join() (#4587)
+ url_helper: Remove unused function retry_on_url_exc() (#4587)
+ cc_resizefs: Add bcachefs resize support (#4594)
+ integration_tests: Support non-Ubuntu distros (#4586)
+ fix(cmdline): fix cmdline parsing with MAC containing cc:
+ azure/errors: include http code in reason for IMDS failure
[Chris Patterson]
+ tests: cloud-init schema --system does not return exit code 2
+ github: allow pull request to specify desired rebase and merge
+ tests: fix integration test expectations of exit 2 on schema warning
+ tests: fix schema test expected cli output Valid schema <type>
+ fix(schema cli): check raw userdata when processed cloud-config empty
+ azure: report failure to host if ephemeral DHCP secondary NIC (#4558)
[Chris Patterson]
+ man: Document cloud-init error codes (#4500)
+ Add support for cloud-init "degraded" state (#4500)
+ status.json: Don't override detail key with error condition (#4500)
+ status: Remove duplicated data (#4500)
+ refactor: Rename exported_errors in status.json (#4500)
+ test: Remove stale status.json value (#4500)
+ tools/render-template: Make yaml loading opt-in, fix setup.py (#4564)
+ Add summit digest/trip report to docs (#4561) [Sally]
+ doc: Fix incorrect statement about `cloud-init analyze`
+ azure/imds: ensure new errors are logged immediately when retrying
(#4468) [Chris Patterson]
+ Clarify boothook docs (#4543)
+ boothook: allow stdout/stderr to emit to cloud-init-output.log
+ summit-notes: add 2023 notes for reference in mailinglist/discourse
+ fix: added mock to stop leaking journalctl that slows down unit test
(#4556) [Alec Warren]
+ tests: maas test for DataSourceMAASLocal get_data
+ maas tests: avoid using CiTest case and prefer pytest.tmpdir fixture
+ MAAS: Add datasource to init-local timeframe
+ Ensure all tests passed and/or are skipped
+ Support QEMU in integration tests
+ fix(read-dependencies): handle version specifiers containing [~!]
+ test: unpin pytest
+ schema: network-config optional network key. route uses oneOf (#4482)
+ schema: add cloud_init_deepest_matches for best error message (#4482)
+ network: warn invalid cfg add /run/cloud-init/network-config (#4482)
+ schema: add network-config support to schema subcommand (#4482)
+ Update version number and merge ChangeLog from 23.3.3 into main (#4553)
+ azure: check for primary interface when performing DHCP (#4465)
[Chris Patterson]
+ Fix hypothesis failure
+ subp: add a log when skipping a file for execution for lack of exe
permission (#4506) [Ani Sinha]
+ azure/imds: refactor max_connection_errors definition (#4467)
[Chris Patterson]
+ chore: fix PR template rendering (#4526)
+ fix(cc_apt_configure): avoid unneeded call to apt-install (#4519)
+ comment difference between sysconfig and NetworkManager renderer (#4517)
[Ani Sinha]
+ Set Debian's default locale to be c.UTF-8 (#4503) (LP: #2038945)
+ Convert test_debian.py to pytest (#4503)
+ doc: fix cloudstack link
+ doc: fix development/contributing.html references
+ doc: hide duplicated links
+ Revert "ds-identify/CloudStack: $DS_MAYBE if vm running on vmware/xen
(#4281)" (#4511) (LP: #2039453)
+ Fix the missing mcopy argument [Vladimir Pouzanov]
+ tests: Add logging fix (#4499)
+ Update upgrade test to account for dhcp6
+ Remove logging of PPID path (#4502)
+ Make Python 3.12 CI test non-experimental (#4498)
+ ds-identify: exit 2 on disabled state from marker or cmdline (#4399)
+ cloud-init-generator: Various performance optimizations (#4399)
+ systemd: Standardize cloud-init systemd enablement (#4399)
+ benchmark: benchmark cloud-init-generator independent of ds-identify
(#4399)
+ tests/integration_tests: add cloud-init disablement coverage (#4399)
+ doc: Describe disabling cloud-init using an environment variable (#4399)
+ fix: cloud-init status --wait broken with KERNEL_CMDLINE (#4399)
+ azure/imds: retry on 429 errors for reprovisiondata (#4470)
[Chris Patterson]
+ cmd: Don't write json status files for non-boot stages (#4478)
+ ds-identify: Allow disable service and override environment (#4485)
[Mina Galić]
+ Update DataSourceNWCS.py (#4496) [shell-skrimp]
+ Add r00ta to CLA signers file
+ Fix override of systemd_locale_conf in rhel [Jacopo Rota]
+ ci(linkcheck): minor fixes (#4495)
+ integration test fix for deb822 URI format (#4492)
+ test: use a mantic-compatible tz in t/i/m/test_combined.py (#4494)
+ ua: shift CLI command from ua to pro for all interactions
+ pro: avoid double-dash when enabling inviddual services on CLI
+ net: allow dhcp6 configuration from generate_fallback_configuration()
(#4474) [Ani Sinha]
+ tests: apt re.search to match alternative ordering of installed pkgs
+ apt: doc apt_pkg performance improvement over subp apt-config dump
+ Tidy up contributing docs (#4469) [Sally]
+ [enhancement]: Automatically linkcheck in CI (#4479) [Aviral Singh]
+ Revert allowing pro service warnings (#4483)
+ Export warning logs to status.json (#4455)
+ Fix regression in package installation (#4466)
+ schema: cloud-init schema in early boot or in dev environ (#4448)
+ schema: annotation of nested dicts lists in schema marks (#4448)
+ feat(apport): collect ubuntu-pro logs if ubuntu-advantage.log present
(#4443)
+ apt_configure: add deb822 support for default sources file (#4437)
+ net: remove the word "on instance boot" from cloud-init generated config
(#4457) [Ani Sinha]
+ style: Make cloudinit.log functions use snake case (#4449)
+ Don't recommend using cloud-init as a library (#4459)
+ vmware: Fall back to vmtoolsd if vmware-rpctool errs (#4444)
[Andrew Kutz]
+ azure: add option to enable/disable secondary ip config (#4432)
+ [Ksenija Stanojevic]
+ Allow installing snaps via package_update_upgrade_install module (#4202)
+ docs: Add cloud-init overview/introduction (#4440) [Sally]
+ apt: install software-properties-common when absent but needed (#4441)
+ sources/Azure: Ignore system volume information folder while scanning
for files in the ntfs resource disk (#4446) [Anh Vo]
+ refactor: Remove unnecessary __main__.py file
+ style: Drop vi format comments
+ cloudinit.log: Use more appropriate exception (#4435)
+ cloudinit.log: Don't configure NullHandler (#4435)
+ commit 6bbbfbbb030831c72b5aa2bba9cb8492f19d56f4
+ cloudinit.log: Remove unnecessary module function and variables (#4435)
+ cloudinit.log: Remove unused getLogger wrapper (#4435)
+ cloudinit.log: Standardize use of cloudinit's logging module (#4435)
+ Remove unnecessary logging wrapper in Cloud class (#4435)
+ integration test: allow pro service warnings (#4447)
+ integration tests: fix mount indentation (#4445)
+ sources/Azure: fix for conflicting reports to platform (#4434)
[Chris Patterson]
+ docs: link the cloud-config validation service (#4442)
+ Fix pip-managed ansible on pip < 23.0.1 (#4403)
+ Install gnupg if gpg not found (#4431)
+ Add "phsm" as contributor (#4429) [Phsm Qwerty]
+ cc_ubuntu_advantage: do not rely on uaclient.messages module (#4397)
[Grant Orndorff]
+ tools/ds-identify: match Azure datasource's ds_detect() behavior (#4430)
[Chris Patterson]
+ Refactor test_apt_source_v1.py to use pytest (#4427)
+ sources: do not override datasource detection if None is in list (#4426)
[Chris Patterson]
+ feat: check for create_hostname_file key before writing /etc/hostname
(SC-1588) (#4330) [Cat Red]
+ Pytestify apt config test modules (#4424)
+ upstream gentoo patch (#4422)
+ Work around no instance ip (#4419)
+ Fix typing issues in subp module (#4401)
+ net: fix ipv6_dhcpv6_stateful/stateless/slaac configuration for rhel
(#4395) [Ani Sinha]
+ Release 23.3.1
+ apt: kill dirmngr/gpg-agent without gpgconf dependency (LP: #2034273)
+ integration tests: fix mount indentation (#4405)
+ Use grep for faster parsing of cloud config in ds-identify (#4327)
[Scott Moser] (LP: #2030729)
+ doc: fix instructions on how to disable cloud-init from kernel command
line (#4406) [Ani Sinha]
+ doc/vmware: Update contents relevant to disable_vmware_customization
[PengpengSun]
+ Bring back flake8 for python 3.6 (#4394)
+ integration tests: Fix cgroup parsing (#4402)
+ summary: Update template parameter descriptions in docs [MJ Moshiri]
+ Log PPID for better debugging (#4398)
+ integration tests: don't clean when KEEP_* flags true (#4400)
+ clean: add a new option to clean generated config files [Ani Sinha]
+ pep-594: drop deprecated pipes module import
From 23.3.3
+ Fix pip-managed ansible on pip < 23.0.1 (#4403)
From 23.3.2
+ Revert "ds-identify/CloudStack: $DS_MAYBE if vm running on vmware/xen"
(#4281) (#4511) (LP: #2039453)
From 23.3.1
+ apt: kill dirmngr/gpg-agent without gpgconf dependency (LP: #2034273)
+ integration tests: Fix cgroup parsing (#4402)
- Add cloud-init-direxist.patch (bsc#1236720)
+ Make sure the directory exists, if not create it, before writing in that
location.
ImportantSUSE bug 1035106SUSE bug 1047363SUSE bug 1116767SUSE bug 1121878SUSE bug 1170154SUSE bug 1174443SUSE bug 1174444SUSE bug 1181283SUSE bug 1186004SUSE bug 1192343SUSE bug 1210277SUSE bug 1214169SUSE bug 1228414SUSE bug 1233649SUSE bug 1236720SUSE bug 1237764SUSE bug 1239715SUSE bug 1245401SUSE bug 1245403SUSE bug 918952SUSE bug 919305SUSE bug 998103CVE-2023-1786 at SUSECVE-2023-1786 at NVDCVE-2024-11584 at SUSECVE-2024-11584 at NVDCVE-2024-6174 at SUSECVE-2024-6174 at NVDcpe:/o:suse:sl-micro:6.1Security update for glib2 (Important)SUSE Linux Micro 6.1
This update for glib2 fixes the following issues:
- CVE-2024-52533: Fixed a single byte buffer overflow in set_connect_msg() (bsc#1233282)
ImportantSUSE bug 1233282CVE-2024-52533 at SUSECVE-2024-52533 at NVDcpe:/o:suse:sl-micro:6.1Security update for curl (Important)SUSE Linux Micro 6.1
This update for curl fixes the following issues:
- tool_operate: fix return code when --retry is used but not
triggered [bsc#1249367]
- Security fixes:
* CVE-2025-9086: Fixed Out of bounds read for cookie path (bsc#1249191)
* CVE-2025-10148: Fixed predictable WebSocket mask (bsc#1249348)
ImportantSUSE bug 1249191SUSE bug 1249348SUSE bug 1249367CVE-2025-10148 at SUSECVE-2025-10148 at NVDCVE-2025-9086 at SUSECVE-2025-9086 at NVDcpe:/o:suse:sl-micro:6.1Security update for udisks2 (Important)SUSE Linux Micro 6.1
This update for udisks2 fixes the following issues:
- CVE-2025-8067: Fixed missing bounds check that could lead to out-of-bounds
read in udisks daemon (bsc#1248502)
ImportantSUSE bug 1248502CVE-2025-8067 at SUSECVE-2025-8067 at NVDcpe:/o:suse:sl-micro:6.1Security update for pam_u2f (Important)SUSE Linux Micro 6.1
This update for pam_u2f fixes the following issues:
- CVE-2025-23013: Fixed problematic PAM_IGNORE return values in `pam_sm_authenticate()`(bsc#1233517).
ImportantSUSE bug 1233517CVE-2025-23013 at SUSECVE-2025-23013 at NVDcpe:/o:suse:sl-micro:6.1Security update for podman (Important)SUSE Linux Micro 6.1
This update for podman fixes the following issues:
- CVE-2025-6032: Fixed machine init command failing to verify TLS
certificate (bsc#1245320)
- Fix conditional Requires (remove deprecated sle_version macro)
- Update to version 5.4.2:
* Add release notes for v5.4.2
* Fix a potential deadlock during `podman cp`
* Improve the file format documentation of podman-import.
* Revert "podman-import only supports gz and tar"
* Bump buildah to v1.39.4
* libpod: do not cover idmapped mountpoint
* test: Fix runc error message
* oci: report empty exec path as ENOENT
* test: adapt tests new crun error messages
* test: remove duplicate test
* cirrus: test only on f41/rawhide
* CI: use z1d instance for windows machine testing
* New images 2025-03-24
* test/e2e: use go net.Dial() ov nc
* test: use ncat over nc
* New images 2025-03-12
* RPM: Add riscv64 to ExclusiveArch-es
* Fix HealthCheck log destination, count, and size defaults
* Win installer test: hardcode latest GH release ID
* Packit: Fix action script for fetching upstream commit
* Bump to v5.4.2-dev
* Bump to v5.4.1
* update gvproxy version to 0.8.4
* Update Buildah to v1.39.2
* Update release notes for v5.4.1
* Fix reporting summed image size for compat endpoint
* podman-import only supports gz and tar
* quadlet kube: correctly mark unit as failed
* pkg/domain/infra/abi/play.go: fix two nilness issues
* kube play: don't print start errors twice
* libpod: race in WaitForConditionWithInterval()
* libpod: race in WaitForExit() with autoremove
* Don't try to resolve host path if copying to container from stdin.
* Use svg for pkginstaller banner
* Create quota before _data dir for volumes
* Packit: clarify secondary status in CI
* Packit/RPM: Display upstream commit SHA in all rpm builds
* podman run: fix --pids-limit -1 wrt runc
* vendor: update github.com/go-jose/go-jose/v3 to v3.0.4
* chore(deps): update module github.com/go-jose/go-jose/v4 to v4.0.5 [security]
* wire up --retry-delay for artifact pull
* Revert "silence false positve from golangci-lint"
* update golangci-lint to v1.64.4
* update golangci-lint to v1.64.2
* silence false positve from golangci-lint
* cmd/podman: refactor Context handling
* fix new usetesting lint issue
* Packit/Copr: Fix `podman version` in rpm
* Remove persist directory when cleaning up Conmon files
* Bump to v5.4.1-dev
* Bump to v5.4.0
* Update release notes for v5.4.0 final
* In SQLite state, use defaults for empty-string checks
* Bump FreeBSD version to 13.4
* docs: add v5.4 to API reference
* Update rpm/podman.spec
* RPM: set buildOrigin in LDFLAG
* RPM: cleanup macro defs
* Makefile: escape BUILD_ORIGIN properly
* rootless: fix hang on s390x
* Set Cirrus DEST_BRANCH appropriately to fix CI
* Bump to v5.4.0-dev
* Bump to v5.4.0-rc3
* Update release notes for v5.4.0-rc3
* Add BuildOrigin field to podman info
* artifact: only allow single manifest
* test/e2e: improve write/removeConf()
* Add --noheading to artifact ls
* Add --no-trunc to artifact ls
* Add type and annotations to artifact add
* pkg/api: honor cdi devices from the hostconfig
* util: replace Walk with WalkDir
* fix(pkg/rootless): avoid memleak during init() contructor.
* Add `machine init --playbook`
* RPM: include empty check to silence rpmlint
* RPM: adjust qemu dependencies
* Force use of iptables on Windows WSL
* rpm: add attr as dependency for podman-tests
* update gvproxy version
* [v5.4] Bump Buildah to v1.39.0
* podman exec: correctly support detaching
* libpod: remove unused ExecStartAndAttach()
* [v5.4] Bump c/storage to v1.57.1, c/image v5.34.0, c/common v0.62.0
* Move detection of libkrun and intel
* Prevent two podman machines running on darwin
* Remove unnecessary error handling
* Remove usused Kind() function
* Bump to v5.4.0-dev
* Bump to v5.4.0-rc2
* Update release notes for v5.4.0-rc2
* Safer use of `filepath.EvalSymlinks()` on Windows
* error with libkrun on intel-based machines
* chore(deps): update dependency pytest to v8.3.4
* test/buildah-bud: skip two new problematic tests on remote
* Fix podman-restart.service when there are no containers
* Avoid upgrading from v5.3.1 on Windows
* Clean up after unexpectedly terminated build
* system-tests: switch ls with getfattr for selinux tests
* vendor latest c/{buildah,common,image,storage}
* Makefile: Add validatepr description for 'make help' output
* docs: Enhance podman build --secret documentation and add examples
* docs: mount.md - idmapped mounts only work for root user
* Define, and use, PodmanExitCleanlyWithOptions
* Eliminate PodmanSystemdScope
* Fix image ID query
* Revert "Use the config digest to compare images loaded/pulled using different methods"
* Update c/image after https://github.com/containers/image/pull/2613
* Update expected errors when pulling encrypted images
* Eliminate PodmanExtraFiles
* Introduce PodmanTestIntegration.PodmanWithOptions
* Restructure use of options
* Inline PodmanBase into callers
* Pass all of PodmanExecOptions to various [mM]akeOptions functions
* Turn PodmanAsUserBase into PodmanExecBaseWithOptions
* Avoid indirect links through quadlet(5)
* do not set the CreateCommand for API users
* Add podman manifest rm --ignore
* Bump to v5.4.0-dev
* Bump to v5.4.0-rc1
* fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.8.2
* podman artifact
* vendor latest c/{common,image,storage}
* fix(deps): update module github.com/rootless-containers/rootlesskit/v2 to v2.3.2
* cirrus: bump macos machine test timeout
* pkg/machine/e2e: improve podman.exe match
* pkg/machine/e2e: improve "list machine from all providers"
* Remove JSON tag from UseImageHosts in ContainerConfig
* Set network ID if available during container inspect
* Stop creating a patch for v5.3.1 upgrades on windows
* compose docs: fix typo
* Document kube-play CDI support
* docs: Add quadlet debug method systemd-analyze
* Replace instances of PodmanExitCleanly in play_kube_test.go
* docs: add 'initialized' state to status filters
* fix(deps): update module google.golang.org/protobuf to v1.36.3
* Switch all calls of assert.Nil to assert.NoError
* Add --no-hostname option
* Fix unescaping octal escape sequence in values of Quadlet unit files
* Remove `.exe` suffix if any
* Add kube play support for CDI resource allocation
* add support to `;` for comments in unit files as per systemd documentation
* Use PodmanExitCleanly in attach_test.go
* Introduce PodmanTestIntegration.PodmanExitCleanly
* chore(deps): update dependency setuptools to ~=75.8.0
* Add newer c/i to support artifacts
* fix(deps): update module golang.org/x/tools to v0.29.0
* fix(deps): update module golang.org/x/net to v0.34.0
* specgenutil: Fix parsing of mount option ptmxmode
* namespaces: allow configuring keep-id userns size
* Update description for completion
* Quadlet - make sure the /etc/containers/systemd/users is traversed in rootless
* Document .build for Image .container option
* fix(deps): update module github.com/vbauerster/mpb/v8 to v8.9.1
* New VM Images
* update golangci/golangci-lint to v1.63.4
* fix(deps): update module google.golang.org/protobuf to v1.36.2
* chore(deps): update dependency setuptools to ~=75.7.0
* Fixing ~/.ssh/identity handling
* vendor latest c/common from main
* fix(deps): update module github.com/shirou/gopsutil/v4 to v4.24.12
* fix(deps): update module github.com/opencontainers/runc to v1.2.4
* specgen: fix comment
* Add hint to restart Podman machine to really accept new certificates
* fix(deps): update module github.com/onsi/gomega to v1.36.2
* fix(deps): update module github.com/moby/term to v0.5.2
* Pass container hostname to netavark
* Fix slirp4netns typo in podman-network.1.md
* Add support to ShmSize in Pods with Quadlet
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.22.1
* chore(deps): update module golang.org/x/crypto to v0.31.0 [security]
* fix(deps): update module golang.org/x/net to v0.33.0 [security]
* Kube volumes can not container _
* fix(deps): update module github.com/docker/docker to v27.4.1+incompatible
* test/system: fix "podman play --build private registry" error
* test/system: CopyDirectory() do not chown files
* test/system: remove system dial-stdio test
* shell completion: respect CONTAINERS_REGISTRIES_CONF
* fix(deps): update module github.com/cpuguy83/go-md2man/v2 to v2.0.6
* When generating host volumes for k8s, force to lowercase
* test: enable newly added test
* vfkit: Use 0.6.0 binary
* gvproxy: Use 0.8.1 binary
* systemd: simplify parser and fix infinite loop
* Revert "win-installer test: revert to v5.3.0"
* Avoid rebooting twice when installing WSL
* Avoid rebooting on Windows when upgrading and WSL isn't installed
* Add win installer patch
* Bump WiX toolset version to 5.0.2
* test/e2e: SkipOnOSVersion() add reason field
* test/e2e: remove outdated SkipOnOSVersion() calls
* Update VM images
* fix(deps): update module golang.org/x/crypto to v0.31.0 [security]
* fix(deps): update module github.com/crc-org/crc/v2 to v2.45.0
* fix(deps): update module github.com/opencontainers/runc to v1.2.3
* quadlet: fix inter-dependency of containers in `Network=`
* Add man pages to Mac installer
* fix(deps): update module github.com/onsi/gomega to v1.36.1
* fix(deps): update module github.com/docker/docker to v27.4.0+incompatible
* Fix device limitations in podman-remote update on remote systems
* Use latest version of VS BuildTools
* bin/docker: fix broken escaping and variable substitution
* manifest annotate: connect IndexAnnotations
* Fix panic in `manifest annotate --index`
* fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.5
* fix(deps): update module golang.org/x/net to v0.32.0
* fix(deps): update module golang.org/x/tools to v0.28.0
* fix(deps): update module golang.org/x/crypto to v0.30.0
* fix(deps): update module golang.org/x/sys to v0.28.0
* Fix overwriting of LinuxResources structure in the database
* api: replace inspectID with name
* fix(deps): update github.com/opencontainers/runtime-tools digest to f7e3563
* Replace ExclusiveArch with ifarch
* fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.8.1
* Improve platform specific URL handling in `podman compose` for machines
* Fix `podman info` with multiple imagestores
* Switch to fixed common
* refact: use uptime.minutes instead of uptime.seconds
* fix(deps): update module github.com/shirou/gopsutil/v4 to v4.24.11
* fix(deps): update golang.org/x/exp digest to 2d47ceb
* fix(deps): update github.com/godbus/dbus/v5 digest to c266b19
* Cover Unix socket in inpect test on Windows platform
* Add a test for forcing compression and v2s2 format
* fix(deps): update module github.com/crc-org/vfkit to v0.6.0
* Package podman-machine on supported architectures only.
* Fixes missing binary in systemd.
* stats: ignore errors from containers without cgroups
* api: Error checking before NULL dereference
* [skip-ci] Packit/copr: switch to fedora-all
* make remotesystem: fail early if serial tests fail
* spec: clamp rlimits without CAP_SYS_RESOURCE
* Clarify the reason for skip_if_remote
* Sanity-check that the test is really using partial pulls
* Fix apparent typos in zstd:chunked tests
* Fix compilation issues in QEMU machine files (Windows platform)
* Mount volumes before copying into a container
* Revert "libpod: remove shutdown.Unregister()"
* docs: improve documentation for internal networks
* docs: document bridge mode option
* [skip-ci] Packit: remove epel and re-enable c9s
* chore(deps): update dependency golangci/golangci-lint to v1.62.2
* vendor: update containers/common
* OWNERS: remove edsantiago
* fix(deps): update module github.com/onsi/gomega to v1.36.0
* fix(deps): update github.com/containers/common digest to ceceb40
* refact: EventerType and improve consistency
* Add --hosts-file flag to container and pod commands
* Add nohosts option to /build and /libpod/build
* fix(deps): update module github.com/stretchr/testify to v1.10.0
* Quadlet - Use = sign when setting the pull arg for build
* win-installer test: revert to v5.3.0
* fix(deps): update module github.com/crc-org/crc/v2 to v2.44.0
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.22.0
* chore(deps): update dependency setuptools to ~=75.6.0
* Update windows installer tests
* Windows: don't install WSL/HyperV on update
* Switch to non-installing WSL by default
* fix(deps): update github.com/containers/buildah digest to 52437ef
* Configure HealthCheck with `podman update`
* CI: --image-volume test: robustify
* docs: add 5.3 as Reference version
* Bump CI VMs
* libpod: pass down NoPivotRoot to Buildah
* vendor: bump containers/buildah
* fix(deps): update module github.com/opencontainers/runc to v1.2.2
* Overlay mounts supersede image volumes & volumes-from
* libpod: addHosts() prevent nil deref
* only read ssh_config for non machine connections
* ssh_config: allow IdentityFile file with tilde
* ssh_config: do not overwrite values from config file
* connection: ignore errors when parsing ssh_config
* Bump bundled krunkit to 0.1.4
* fix(deps): update module google.golang.org/protobuf to v1.35.2
* add support for driver-specific options during container creation
* doc: fix words repetitions
* Update release notes on main for v5.3.0
* chore(deps): update dependency setuptools to ~=75.5.0
* CI: system tests: parallelize 010
* fix podman machine init --ignition-path
* vendor: update containers/common
* spec: clamp rlimits in a userns
* Add subpath support to volumes in `--mount` option
* refactor: simplify LinuxNS type definition and String method
* test/e2e: remove FIPS test
* vendor containers projects to tagged versions
* fix(deps): update module github.com/moby/sys/capability to v0.4.0
* chore(deps): update dependency setuptools to ~=75.4.0
* system tests: safer install_kube_template()
* Buildah treadmill tweaks
* update golangci-lint to v1.62.0
* fix(deps): update module golang.org/x/net to v0.31.0
* fix(deps): update module golang.org/x/tools to v0.27.0
* Revert "Reapply "CI: test nftables driver on fedora""
* Yet another bump, f41 with fixed kernel
* test: add zstd:chunked system tests
* pkg/machine/e2e: remove dead code
* fix(deps): update module golang.org/x/crypto to v0.29.0
* kube SIGINT system test: fix race in timeout handling
* New `system connection add` tests
* Update codespell to v2.3.0
* Avoid printing PR text to stdout in system test
* Exclude symlink from pre-commit end-of-file-fixer
* api: Add error check
* [CI:ALL] Bump main to v5.4.0-dev
* test/buildah-bud: build new inet helper
* test/system: add regression test for TZDIR local issue
* vendor latest c/{buildah,common,image,storage}
* Reapply "CI: test nftables driver on fedora"
* Revert "cirrus: test only on f40/rawhide"
* test f41 VMs
* AdditionalSupport for SubPath volume mounts
* wsl-e2e: Add a test to ensure port 2222 is free with usermode networking
* winmake.ps1: Fix the syntax of the function call Win-SSHProxy
* volume ls: fix race that caused it to fail
* gvproxy: Disable port-forwarding on WSL
* build: update gvisor-tap-vsock to 0.8.0
* podman: update roadmap
* Log network creation and removal events in Podman
* libpod: journald do not lock thread
* Add key to control if a container can get started by its pod
* Honor users requests in quadlet files
* CI: systests: workaround for parallel podman-stop flake
* Fix inconsistent line ending in win-installer project
* fix(deps): update module github.com/opencontainers/runc to v1.2.1
* Quadlet - support image file based mount in container file
* API: container logs flush status code
* rework event code to improve API errors
* events: remove memory eventer
* libpod: log file use Wait() over event API
* Makefile: vendor target should always remove toolchain
* cirrus: check consitent vendoring in test/tools
* test/tools/go.mod: remove toolchain
* fix(deps): update module github.com/shirou/gopsutil/v4 to v4.24.10
* fix(deps): update module github.com/onsi/gomega to v1.35.1
* doc: explain --interactive in more detail
* fix(deps): update golang.org/x/exp digest to f66d83c
* fix(deps): update github.com/opencontainers/runtime-tools digest to 6c9570a
* fix(deps): update github.com/linuxkit/virtsock digest to cb6a20c
* add default polling interval to Container.Wait
* Instrument cleanup tracer to log weird volume removal flake
* make podman-clean-transient.service work as user
* Add default remote socket path if empty
* Use current user if no user specified
* Add support for ssh_config for connection
* libpod: use pasta Setup() over Setup2()
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.21.0
* fix(deps): update module github.com/onsi/gomega to v1.35.0
* logformatter: add cleanup tracer log link
* docs: fix broken example
* docs: add missing swagger links for the stable branches
* readthedocs: build extra formats
* pkg/machine/e2e: remove debug
* fix(docs): Integrate pasta in rootless tutorial
* chore(deps): update dependency setuptools to ~=75.3.0
* libpod: report cgroups deleted during Stat() call
* chore: fix some function names in comment
* CI: parallelize 450-interactive system tests
* CI: parallelize 520-checkpoint tests
* CI: make 070-build.bats use safe image names
* test/system: add podman network reload test to distro gating
* System tests: clean up unit file leaks
* healthcheck: do not leak service on failed stop
* healthcheck: do not leak statup service
* fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.8.0
* Add Startup HealthCheck configuration to the podman inspect
* buildah version display: use progress()
* new showrun() for displaying and running shell commands
* Buildah treadmill: redo the .cirrus.yml tweaks
* Buildah treadmill: more allow-empty options
* Buildah treadmill: improve test-failure instructions
* Buildah treadmill: improve wording in test-fail instructions
* doc: Remove whitespace before comma
* fix(deps): update module github.com/checkpoint-restore/checkpointctl to v1.3.0
* ps: fix display of exposed ports
* ps: do not loop over port protocol
* readme: Add reference to pasta in the readme
* test/system: Fix spurious "duplicate tests" failures in pasta tests
* Improve "podman load - from URL"
* Try to repair c/storage after removing an additional image store
* Use the config digest to compare images loaded/pulled using different methods
* Simplify the additional store test
* Fix the store choice in "podman pull image with additional store"
* Bump to v5.3.0-dev
* Bump to v5.3.0-rc1
* Set quota on volume root directory, not _data
* fix(deps): update module github.com/opencontainers/runc to v1.2.0
* test: set soft ulimit
* Vagrantfile: Delete
* Enable pod restore with crun
* vendor: update c/{buildah,common,image,storage}
* Fix 330-corrupt-images.bats in composefs test runs
* quadlet: add default network dependencies to all units
* quadlet: ensure user units wait for the network
* add new podman-user-wait-network-online.service
* contrib/systemd: switch user symlink for file symlinks
* Makefile: remove some duplication from install.systemd
* contrib/systemd: move podman-auto-update units
* quadlet: do not reject RemapUsers=keep-id as root
* test/e2e: test quadlet with and without --user
* CI: e2e: fix checkpoint flake
* APIv2 test fix: image history
* pasta udp tests: new bytecheck helper
* Document packaging process
* [skip-ci] RPM: remove dup Provides
* Update dependency setuptools to ~=75.2.0
* System tests: safer pause-image creation
* Update module github.com/opencontainers/selinux to v1.11.1
* Added escaping to invoked powershell command for hyperv stubber.
* use slices.Clone instead of assignment
* libpod API: only return exit code without conditions
* Housekeeping: remove duplicates from success_task
* Thorough overhaul of CONTRIBUTING doc.
* api: Replace close function in condition body
* test/e2e: fix default signal exit code test
* Test new VM build
* CI: fix changing-rootFsSize flake
* scp: add option types
* Unlock mutex before returning from function
* Note in the README that we are moving to timed releases
* cirrus: let tar extract figure out the compression
* Make error messages more descriptive
* Mention containers.conf settings for podman machine commands
* [skip-ci] Packit: re-enable CentOS Stream 10/Fedora ELN teasks"
* cmd: use logrus to print error
* podman: do not set rlimits to the default value
* spec: always specify default rlimits
* vendor: update containers/common
* Note in the README that we are moving to timed releases
* Revert "CI: test nftables driver on fedora"
* cirrus: use zstd over bzip2 for repo archive
* cirrus: use shared repo_prep/repo_artifacts scripts
* cirrus: speed up postbuild
* cirrus: change alt arch task to only compile binaries
* cirrus: run make with parallel jobs where useful
* Makefile: allow man-page-check to be run in parallel
* cirrus: use fastvm for builds
* test/e2e: skip some Containerized checkpoint tests
* test: update timezone checks
* cirrus: update CI images
* test/e2e: try debug potential pasta issue
* CI: quadlet system tests: use airgapped testimage
* Allow removing implicit quadlet systemd dependencies
* fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.4
* libpod API: make wait endpoint better against rm races
* podman-remote run: improve how we get the exit code
* [skip-ci] Packit: constrain koji and bodhi jobs to fedora package to avoid dupes
* 055-rm test: clean up a test, and document
* CI: remove skips for libkrun
* Bump bundled krunkit to 0.1.3
* fix(deps): update module google.golang.org/protobuf to v1.35.0
* fix(deps): update module golang.org/x/net to v0.30.0
* server: fix url parsing in info
* fix(deps): update module golang.org/x/tools to v0.26.0
* Makefile: fix ginkgo FOCUS option
* fix(deps): update module golang.org/x/crypto to v0.28.0
* podman-systemd.unit.5: adjust example options
* docs: prefer --network to --net
* fix(deps): update module golang.org/x/term to v0.25.0
* fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.24
* fix(deps): update module golang.org/x/sys to v0.26.0
* OWNERS file audit and update
* Exposed ports are only included when not --net=host
* libpod: hasCurrentUserMapped checks for gid too
* [CI:DOCS] Document TESTFLAGS in test README file
* Validate the bind-propagation option to `--mount`
* Fix typo in secret inspect examples
* Mention `no_hosts` and `base_hosts_file` configs in CLI option docs
* Fixes for vendoring Buildah
* vendor: update buildah to latest
* Makefile - silence skipped tests when focusing on a file
* vendor: update to latest c/common
* Quadlet - prefer "param val" over "param=val" to allow env expansion
* System tests: sdnotify: wait for socket file creation
* Switch to moby/sys/capability
* platformInspectContainerHostConfig: rm dead code
* CI: require and test CI_DESIRED_NETWORK on RHEL
* Add ExposedPorts to Inspect's ContainerConfig
* fix(deps): update golang.org/x/exp digest to 701f63a
* quadlet: allow variables in PublishPort
* fix(deps): update module github.com/shirou/gopsutil/v4 to v4.24.9
* fix(deps): update github.com/godbus/dbus/v5 digest to a817f3c
* Document that zstd:chunked is downgraded to zstd when encrypting
* fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.3
* chore(deps): update dependency ubuntu to v24
* rpm: do not load iptables modules on f41+
* adding docs for network-cmd-path
* Include exposed ports in inspect output when net=host
* feat(libpod): support kube play tar content-type (#24015)
* podman mount: some better error wrapping
* podman mount: ignore ErrLayerUnknown
* Quadlet - make sure the order of the UnitsDir is deterministic
* packit: disable Centos Stream/fedora ELN teasks
* libpod: remove shutdown.Unregister()
* libpod: rework shutdown handler flow
* libpod: ensure we are not killed during netns creation
* Update module github.com/moby/sys/capability to v0.3.0
* Update documentation of `--no-hosts`, `--hostname`, and `--name` CLI options
* Update documentation of `--add-host` CLI option
* System tests: set a default XDG_RUNTIME_DIR
* Modify machine "Remove machine" test
* CORS system test: clean up
* Add --health-max-log-count, --health-max-log-size, --health-log-destination flags
* troubleshooting: adjust home path in tip 44
* test/system: For pasta port forwarding tests don't bind socat server
* Update connection on removal
* Simplify `RemoveConnections`
* Move `DefaultMachineName` to `pkg/machine/define`
* vendor: update containers/image
* vendor: update containers/storage
* CI: skip the flaking quadlet test
* CI: make systemd tests parallel-safe (*)
* CI: run and collect cleanup tracer logs
* add epbf program to trace podman cleanup errors
* CI: parallelize logs test as much as possible
* CI: format test: use local registry if available
* CI: make 700-play parallel-safe
* docs: Fix missing negation
* bin/docker support warning message suppression from user config dir
* Update module github.com/docker/docker to v27.3.1+incompatible
* Quadlet - add full support for Symlinks
* libpod: setupNetNS() correctly mount netns
* vendor latest c/common
* docs: remove usage of deprecated `--storage`
* Update module github.com/docker/docker to v27.3.0+incompatible
* CI: Quadlet rootfs test: use container image as rootfs
* CI: system test registry: use --net=host
* CI: rm system test: bump grace period
* CI: system tests: minor documentation on parallel
* fix typo in error message Fixes: containers/podman#24001
* CI: system tests: always create pause image
* CI: quadlet system test: be more forgiving
* vendor latest c/common
* CI: make 200-pod parallel-safe
* allow exposed sctp ports
* test/e2e: add netns leak check
* test/system: netns leak check for rootless as well
* test/system: Improve TODO comments on IPv6 pasta custom DNS forward test
* test/system: Clarify "Local forwarder" pasta tests
* test/system: Simplify testing for nameserver connectivity
* test/system: Consolidate "External resolver" pasta tests
* test/system: Move test for default forwarder into its own case
* CI: make 090-events parallel-safe
* Misc minor test fixes
* Add network namespace leak check
* Add workaround for buildah parallel bug
* registry: lock start attempts
* Update system test template and README
* bats log: differentiate parallel tests from sequential
* ci: bump system tests to fastvm
* clean_setup: create pause image
* CI: make 012-manifest parallel-safe
* podman-manifest-remove: update docs and help output
* test/system: remove wait workaround
* wait: fix handling of multiple conditions with exited
* Match output of Compat Top API to Docker
* system test parallelization: enable two-pass approach
* New VMs: test crun 1.17
* libpod: hides env secrets from container inspect
* CI: e2e: workaround for events out-of-sequence flake
* update golangci-lint to 1.61.0
* libpod: convert owner IDs only with :idmap
* Podman CLI --add-host with multiple host for a single IP
* Quadlet - Split getUnitDirs to small functions
* fix(deps): update module github.com/cpuguy83/go-md2man/v2 to v2.0.5
* chore(deps): update dependency setuptools to ~=75.1.0
* Fxi typo in cache-ttl.md
* Get WSL disk as an OCI artifact
* CI: make 260-sdnotify parallel-safe
* quadlet: do not log ENOENT errors
* pkg/specgen: allow pasta when running inside userns
* troubleshooting: add tip about the user containers
* chore(deps): update dependency setuptools to v75
* Convert windows paths in volume arg of the build command
* Improve error when starting multiple machines
* fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.2
* Minor typo noticed when reading podman man page
* Remove `RemoveFilesAndConnections`
* Add `GetAllMachinesAndRootfulness`
* rewrite typo osascript
* typo
* fix(deps): update module github.com/docker/docker to v27.2.1+incompatible
* Add radio buttons to select WSL or Hyper-V in windows setup.exe
* [skip-ci] Packit: split out ELN jobs and reuse fedora downstream targets
* [skip-ci] Packit: Enable sidetags for bodhi updates
* vendor: update c/common
* CI: make 710-kube parallel-safe
* CI: mark 320-system-df *NOT* parallel safe
* Add kube play support for image volume source
* refactor: add sshClient function
* fix(deps): update module golang.org/x/tools to v0.25.0
* CI: make 505-pasta parallel safe
* CI: make 020-tag parallel-safe
* CI: make 410-selinux parallel-safe
* Bump VMs. ShellCheck is now built-in
* troubleshooting: add tip about auto, keep-id, nomap
* libpod: make use of new pasta option from c/common
* vendor latest c/common
* podman images: sort repository with tags
* Remove containers/common/pkg/config from pkg/util
* fix(deps): update module golang.org/x/net to v0.29.0
* fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.23
* fix(deps): update module golang.org/x/crypto to v0.27.0
* Fix CI
* Detect and fix typos using codespell
* Fix typo: replace buildin with built-in
* Add codespell config, pre-commit definition, and move options from Makefile
* prune: support clearing build cache using CleanCacheMount
* test/e2e: fix network prune flake
* Add support for Job to kube generate & play
* Add podman-rootless.7 man page
* Add DNS, DNSOption and DNSSearch to quadlet pod
* podman.1.md: improve policy.json section
* e2e: flake fix: SIGPIPE in hook test
* libpod: fix rootless cgroup path with --cgroup-parent
* vendor: update c/storage
* CI: make 055-rm parallel-safe
* CI: make 130-kill parallel-safe
* CI: make 125-import parallel-safe
* CI: make 110-history parallel-safe
* CI: system tests: parallelize low-hanging fruit
* Add disclaimer to `podman machine info` manpage.
* man pages: refactor two more options
* update github.com/opencontainers/runc to v1.2.0-rc.3
* update go.etcd.io/bbolt to v1.3.11
* update github.com/onsi/{ginkgo,gomega}
* Update module github.com/shirou/gopsutil to v4
* packit: update fedora and epel targets
* bump go to 1.22
* cirrus: test only on f40/rawhide
* cirrus: remove CI_DESIRED_NETWORK reference
* cirrus: prebuild use f40 for extra tests
* chore(deps): update dependency setuptools to ~=74.1.0
* libpod: fix HostConfig.Devices output from 'podman inspect' on FreeBSD
* fix(deps): update golang.org/x/exp digest to 9b4947d
* Implement publishing API UNIX socket on Windows platforms
* Vendor c/common:8483ef6022b4
* quadlet: support container network reusing
* docs: update read the docs changes
* CI: parallel-safe network system test
* Quadlet - Support multiple image tags in .build files
* fix(deps): update module github.com/vbauerster/mpb/v8 to v8.8.3
* cirrus: remove _bail_if_test_can_be_skipped
* cirrus: move renovate check into validate
* cirrus: remove 3rd party connectivity check
* cirrus: remove cross jobs for aarch64 and x86_64
* cirrus: do not upload alt arch cross artifacts
* cirrus: remove ginkgo-e2e.json artifact
* cirrus: fix default timeouts
* github: remove fcos-podman-next-build-prepush
* Clarify podman machine volume mounting behavior under WSL
* machine: Add -all-providers flag to machine list
* Create a podman-troubleshooting man page
* chore(deps): update dependency setuptools to v74
* fix(deps): update module github.com/docker/docker to v27.2.0+incompatible
* Fix an improperly ignored error in SQLite
* CI: flake workaround: ignore socat waitpid warnings
* fix(deps): update module github.com/rootless-containers/rootlesskit/v2 to v2.3.1
* Stop skipping machine volume test on Hyper-V
* cleanup: add new --stopped-only option
* fix races in the HTTP attach API
* cirrus: skip windows/macos machine task on RHEL branches
* Update module github.com/containers/gvisor-tap-vsock to v0.7.5
* run: fix detach passthrough and --rmi
* podman run: ignore image rm error
* Add support for AddHost in quadlet .pod and .container
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.60.3
* update github.com/vishvananda/netlink to v1.3.0
* build: Update gvisor-tap-vsock to 0.7.5
* Quote systemd DefaultEnvironment Proxy values, as documented in systemd.conf man page:
* fix typo in podman-network-create.1.md
* Use HTTP path prefix of TCP connections to match Docker context behavior
* Makefile: remotesystem: use real podman server, no --url
* Update module github.com/openshift/imagebuilder to v1.2.15
* CI: parallel-safe userns test
* Update module github.com/onsi/ginkgo/v2 to v2.20.1
* Add support for IP in quadlet .pod files
* Specify format to use for referencing fixed bugs.
* CI: parallel-safe run system test
* Revert "test/e2e: work around for pasta issue"
* CI: On vX.Y-rhel branches, ensure that some downstream Jira issue is linked
* quadlet: support user mapping in pod unit
* Update Release Process
* Test new VM build
* command is not optional to podman exec
* CI: parallel-safe namespaces system test
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.60.2
* quadlet: add key CgroupsMode
* Fix `podman stop` and `podman run --rmi`
* quadlet: set infra name to %s-infra
* chore(deps): update dependency setuptools to v73
* [skip-ci] Packit: update targets for propose-downstream
* Do not segfault on hard stop
* Fix description of :Z to talk about pods
* CI: disable ginkgo flake retries
* vendor: update go-criu to latest
* golangci-lint: make darwin linting happy
* golangci-lint: make windows linting happy
* test/e2e: remove kernel version check
* golangci-lint: remove most skip dirs
* set !remote build tags where needed
* update golangci-lint to 1.60.1
* test/e2e: rm systemd start test
* fix(deps): update module github.com/vbauerster/mpb/v8 to v8.8.1
* podman wait: allow waiting for removal of containers
* libpod: remove UpdateContainerStatus()
* podman mount: fix storage/libpod ctr race
* CI: quadlet tests: make parallel-safe
* CI: system tests: make random_free_port() parallel-safe
* remove trailing comma in example
* CI: format test: make parallel-safe
* Fix podman-docker.sh under -eu shells (fixes #23628)
* docs: update podman-wait man page
* libpod: remove duplicated HasVolume() check
* podman volume rm --force: fix ABBA deadlock
* test/system: fix network cleanup restart test
* libpod: do not stop pod on init ctr exit
* libpod: simplify WaitForExit()
* CI: remove build-time quay check
* Fix known_hosts file clogging and remote host id
* Update docker.io/library/golang Docker tag to v1.23
* Update dependency setuptools to ~=72.2.0
* Update module github.com/docker/docker to v27.1.2+incompatible
* healthcheck system check: reduce raciness
* CI: healthcheck system test: make parallel-safe
* Validate renovate config in every PR
* pkg/machine: Read stderr from ssh-keygen correctly
* Fix renovate config syntax error
* CI: 080-pause.bats: make parallel-safe
* CI: 050-stop.bats: make parallel-safe
* Additional potential race condition on os.Readdir
* pkg/bindings/containers: handle ignore for stop
* remote: fix invalid --cidfile + --ignore
* Update/simplify renovate config header comment
* Migrate renovate config to latest schema
* Fix race condition when listing /dev
* docs/podman-systemd: Try to clarify `Exec=` more
* libpod: reset state error on init
* test/system: pasta_test_do add explicit port check
* test/e2e: work around new push warning
* vendor: update c/common to latest
* stopIfOnlyInfraRemains: log all errors
* libpod: do not save expected stop errors in ctr state
* libpod: fix broken saveContainerError()
* Quadlet: fix filters failure when the search paths are symlinks
* readme: replace GPG with PGP
* Drop APIv2 CNI configuration
* De-duplicate docker-py testing
* chore(podmansnoop): explain why crun comm is 3
* libpod: cleanupNetwork() return error
* fix(deps): update module golang.org/x/sys to v0.24.0
* Reduce python APIv2 test net dependency
* Fix not testing registry.conf updates
* test/e2e: improve command timeout handling
* Update module github.com/onsi/ginkgo/v2 to v2.20.0
* Update module github.com/moby/sys/user to v0.3.0
* Add passwd validate and generate steps
* podman container cleanup: ignore common errors
* Quadlet - Allow the user to override the default service name
* CI: e2e: serialize root containerPort tests
* Should not force conversion of manifest type to DockerV2ListMediaType
* fix(deps): update module golang.org/x/tools to v0.24.0
* fix(deps): update github.com/containers/common digest to 05b2e1f
* CI: mount system test: parallelize
* Update module golang.org/x/net to v0.28.0
* Ignore ERROR_SHARING_VIOLATION error on windows
* CI: manifest system tests: make parallel-safe
* Create volume path before state initialization
* vendor: update c/storage
* CI: fix broken libkrun test
* test/e2e: work around for pasta issue
* test/e2e: fix missing exit code checks
* Test new CI images
* Remove another race condition when mounting containers or images
* fix(deps): update github.com/containers/common digest to c0cc6b7
* Change Windows installer MajorUpgrade Schedule
* Ignore missing containers when calling GetExternalContainerLists
* Remove runc edit to lock to specific version
* fix(deps): update module golang.org/x/sys to v0.23.0
* CI: podman-machine: do not use cache registry
* CI: completion system test: use safename
* Temporarly disable failing Windows Installer CI test
* libpod: fix volume copyup with idmap
* libpod: avoid hang on errors
* Temp. disable PM basic Volume ops test
* Add libkrun Mac task
* Never skip checkout step in release workflow
* System tests: leak_test: readable output
* fix(deps): update github.com/docker/go-plugins-helpers digest to 45e2431
* vendor: bump c/common
* Version: bump to v5.3.0-dev
* libpod: inhibit SIGTERM during cleanup()
* Tweak versions in register_images.go
* fix network cleanup flake in play kube
* WIP: Fixes for vendoring Buildah
* Add --compat-volumes option to build and farm build
* Bump to Buildah v1.37.0
* Quadlet test - Split between success, warning and error cases
* libpod: bind ports before network setup
* Disable compose-warning-logs if PODMAN_COMPOSE_WARNING_LOGS=false
* Use new syntax for selinux options in quadlet
* fix(deps): update module github.com/onsi/gomega to v1.34.1
* CI: kube test: fix broken external-storage test
* Update dependency setuptools to v72
* Convert additional build context paths on Windows
* pkg/api: do not leak config pointers into specgen
* Quadlet - Allow the user to set the service name for .pod files
* Quadlet tests - allow overriding the expected service name
* fix(deps): update module github.com/moby/sys/user to v0.2.0
* fix(deps): update module github.com/vbauerster/mpb/v8 to v8.7.5
* CI: enable root user namespaces
* libpod: force rootfs for OCI path with idmap
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.19.1
* Add test steps for automount with multi images
* CI: cp tests: use safename
* [skip-ci] RPM: podman-iptables.conf only on Fedora
* CI: 700-play: fix a leaked non-safename
* test: check that kube generate/play restores the userns
* test: disable artifacts cache with composefs
* test: fix podman pull tests
* vendor: bump c/storage
* Update module github.com/cyphar/filepath-securejoin to v0.3.1
* Add /run/containers/systemd, ${XDG_RUNTIME_DIR}/containers/systemd quadlet dirs
* build: Update gvisor-tap-vsock to 0.7.4
* test/system: fix borken pasta interface name checks
* test/system: fix bridge host.containers.internal test
* api: honor the userns for the infra container
* play: handle 'private' as 'auto'
* kube: record infra user namespace
* infra: user ns annotation higher precedence
* specgenutil: record the pod userns in the annotations
* kube: invert branches
* CI: system log test: use safe names
* Update encryption tests to avoid a warning if zstd:chunked is the default
* Fix "podman pull and decrypt"/"from local registry"
* Use unique image names for the encrypted test images
* CI: system tests: instrument to allow failure analysis
* Fix outdated comment for the build step win-gvproxy
* Add utility to convert VMFile to URL for UNIX sockets
* Run codespell on source
* fix(deps): update module github.com/docker/docker to v27.1.0+incompatible
* chore(deps): update dependency setuptools to ~=71.1.0
* logformatter: tweaks to pass html tidy
* More information for podman --remote build and running out of space.
* Fix windows installer deleting machine provider config file
* Use uploaded .zip for Windows action
* pr-should-include-tests: no more CI:DOCS override
- Depend on runc unconditionally, not only on SLE 15 (bsc#1239088)
ImportantSUSE bug 1239088SUSE bug 1242132SUSE bug 1245320CVE-2025-6032 at SUSECVE-2025-6032 at NVDcpe:/o:suse:sl-micro:6.1Security update for bluez (Moderate)SUSE Linux Micro 6.1
This update for bluez fixes the following issues:
- CVE-2023-45866: Fixed unauthorized HID device connections allowing
keystroke injection and arbitrary commands execution (bsc#1217877)
ModerateSUSE bug 1217877CVE-2023-45866 at SUSECVE-2023-45866 at NVDcpe:/o:suse:sl-micro:6.1Security update for git (Critical)SUSE Linux Micro 6.1
This update for git fixes the following issues:
Update to 2.51.0:
- CVE-2025-27613: arbitrary writable file creation and truncation in Gitk (bsc#1245938)
- CVE-2025-27614: arbitrary script execution via repo clonation in gitk (bsc#1245939)
- CVE-2025-46835: untrusted repository cloning can lead to arbitrary writable file creation in Git GUI (bsc#1245942)
- CVE-2025-48384: script may be unintentionally executed after checkout due to CRLF transforming (bsc#1245943)
- CVE-2025-48385: arbitrary code execution due to protocol injection via fetching advertised bundle (bsc#1245946)
- CVE-2025-48386: buffer overflow in static buffer 'target' in wincred credential helper (bsc#1245947)
CriticalSUSE bug 1245938SUSE bug 1245939SUSE bug 1245942SUSE bug 1245943SUSE bug 1245946SUSE bug 1245947CVE-2025-27613 at SUSECVE-2025-27613 at NVDCVE-2025-27614 at SUSECVE-2025-27614 at NVDCVE-2025-46835 at SUSECVE-2025-46835 at NVDCVE-2025-48384 at SUSECVE-2025-48384 at NVDCVE-2025-48385 at SUSECVE-2025-48385 at NVDCVE-2025-48386 at SUSECVE-2025-48386 at NVDcpe:/o:suse:sl-micro:6.1Security update for vim (Moderate)SUSE Linux Micro 6.1
This update for vim fixes the following issues:
- CVE-2025-53906: malicious zip archive may cause a path traversal (bsc#1246602)
- CVE-2025-53905: malicious tar archive may cause a path traversal (bsc#1246604)
- CVE-2025-55157: use-after-free in internal tuple reference management (bsc#1247938)
- CVE-2025-55158: double-free in internal typed value (typval_T) management (bsc#1247939)
ModerateSUSE bug 1246602SUSE bug 1246604SUSE bug 1247938SUSE bug 1247939CVE-2025-53905 at SUSECVE-2025-53905 at NVDCVE-2025-53906 at SUSECVE-2025-53906 at NVDCVE-2025-55157 at SUSECVE-2025-55157 at NVDCVE-2025-55158 at SUSECVE-2025-55158 at NVDcpe:/o:suse:sl-micro:6.1Security update for pam (Moderate)SUSE Linux Micro 6.1
This update for pam fixes the following issues:
- CVE-2024-10963: Fixed improper hostname interpretation inpam_access that could lead to access control bypass (bsc#1233078)
ModerateSUSE bug 1233078CVE-2024-10963 at SUSECVE-2024-10963 at NVDcpe:/o:suse:sl-micro:6.1Security update for rust-keylime (Moderate)SUSE Linux Micro 6.1
This update for rust-keylime fixes the following issues:
- CVE-2025-55159: slab: incorrect bounds check in get_disjoint_mut function can lead to undefined behavior or potential crash due to out-of-bounds access (bsc#1248006)
- CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242623)
- CVE-2024-58266: shlex: certain bytes allowed to appear unquoted and unescaped in command arguments (bsc#1247193)
- CVE-2024-43806: rustix: rustix::fs::Dir iterator with the linux_raw backend can cause memory explosion (bsc#1229952)
- CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded (bsc#1243861)
- RUSTSEC-2024-0006: Multiple issues involving quote API (bsc#1230029)
ModerateSUSE bug 1229952SUSE bug 1230029SUSE bug 1242623SUSE bug 1243861SUSE bug 1247193SUSE bug 1248006CVE-2024-12224 at SUSECVE-2024-12224 at NVDCVE-2024-43806 at SUSECVE-2024-43806 at NVDCVE-2024-58266 at SUSECVE-2024-58266 at NVDCVE-2025-3416 at SUSECVE-2025-3416 at NVDCVE-2025-55159 at SUSECVE-2025-55159 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-urllib3 (Moderate)SUSE Linux Micro 6.1
This update for python-urllib3 fixes the following issues:
- CVE-2025-50181: Pool managers now properly control redirects when retries is passed (bsc#1244925)
ModerateSUSE bug 1244925CVE-2025-50181 at SUSECVE-2025-50181 at NVDcpe:/o:suse:sl-micro:6.1Security update for chrony (Moderate)SUSE Linux Micro 6.1
This update for chrony fixes the following issues:
- Update to version 4.8:
* Add maxunreach option to limit selection of unreachable sources
* Add -u option to chronyc to drop root privileges (default
chronyc user is set by configure script)
* Fix refclock extpps option to work on Linux >= 6.15
* Validate refclock samples for reachability updates
- Fix racy socket creation which allows privilege escalation to root (bsc#1246544)
- Update to version 4.7:
* Add opencommands directive to select remote monitoring
commands
* Add interval option to driftfile directive
* Add waitsynced and waitunsynced options to local directive
* Add sanity checks for integer values in configuration
* Add support for systemd Type=notify service
* Add RTC refclock driver
* Allow PHC refclock to be specified with network interface name
* Don’t require multiple refclock samples per poll to simplify
filter configuration
* Keep refclock reachable when dropping samples with large delay
* Improve quantile-based filtering to adapt faster to larger
delay
* Improve logging of selection failures
* Detect clock interference from other processes
* Try to reopen message log (-l option) on cyclelogs command
* Fix sourcedir reloading to not multiply sources
* Fix tracking offset after failed clock step
* Drop support for NTS with Nettle < 3.6 and GnuTLS < 3.6.14
* Drop support for building without POSIX threads
- Update to version 4.6.1:
* Add ntsaeads directive to enable only selected AEAD algorithms
for NTS.
* Negotiate use of compliant NTS keys with AES-128-GCM-SIV AEAD
algorithm.
* Switch to compliant NTS keys if first response from server is
NTS NAK.
- Drop rcFOO symlinks for CODE16 (PED-266).
- Update to version 4.6:
* Add activate option to local directive to set activation threshold
* Add ipv4 and ipv6 options to server/pool/peer directive
* Add kod option to ratelimit directive for server KoD RATE support
* Add leapseclist directive to read NIST/IERS leap-seconds.list file
* Add ptpdomain directive to set PTP domain for NTP over PTP
* Allow disabling pidfile
* Improve copy server option to accept unsynchronised status instantly
* Log one selection failure on start
* Add offset command to modify source offset correction
* Add timestamp sources to ntpdata report
* Fix crash on sources reload during initstepslew or RTC initialisation
* Fix source refreshment to not repeat failed name resolving attempts
ModerateSUSE bug 1246544cpe:/o:suse:sl-micro:6.1Security update for open-vm-tools (Important)SUSE Linux Micro 6.1
This update for open-vm-tools fixes the following issues:
Update to open-vm-tools 13.0.5 based on build 24915695. (bsc#1250692):
Please refer to the Release Notes at:
https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/ReleaseNotes.md.
The granular changes that have gone into the open-vm-tools 13.0.5 release
are in the ChangeLog at:
https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/open-vm-tools/ChangeLog.
There are no new features in the open-vm-tools 13.0.5 release. This is
primarily a maintenance release that addresses a security issue.
This release resolves and includes the patch for CVE-2025-41244. For more
information on this vulnerability and its impact on Broadcom products,
see VMSA-2025-0015.
A minor enhancement has been made for Guest OS Customization. The
DeployPkg plugin has been updated to use "systemctl reboot", if available.
For a more complete list of issues addressed in this release, see the
What's New and Resolved Issues section of the Release Notes.
ImportantSUSE bug 1250373SUSE bug 1250692CVE-2025-41244 at SUSECVE-2025-41244 at NVDcpe:/o:suse:sl-micro:6.1Security update for grub2 (Important)SUSE Linux Micro 6.1
This update for grub2 fixes the following issues:
- Fix error: /boot/grub2/x86_64-efi/bli.mod not found (bsc#1231591)
- Fix OOM error in loading loopback file (bsc#1230840) (bsc#1249140)
- Update the patch to fix "SRK not matched" errors when unsealing
the key (bsc#1232411) (bsc#1247242)
Security fixes for 2024:
- Bump upstream SBAT generation to 5
- CVE-2024-45774: Fixed heap overflows in JPEG parser (bsc#1233609)
- CVE-2024-45775: Fixed missing NULL check in extcmd parser (bsc#1233610)
- CVE-2024-45776: Fixed overflow in .MO file (gettext) handling (bsc#1233612)
- CVE-2024-45777: Fixed integer overflow in gettext (bsc#1233613)
- CVE-2024-45778: Fixed bfs filesystem not fuzzing stable (bsc#1233606)
- CVE-2024-45779: Fixed bfs heap overflow (bsc#1233608)
- CVE-2024-45780: Fixed overflow in tar/cpio (bsc#1233614)
- CVE-2024-45781: Fixed ufs strcpy overflow(bsc#1233617)
- CVE-2024-45782: Fixed hfs strcpy overflow (bsc#1233615)
- CVE-2024-45783: Fixed hfsplus refcount overflow (bsc#1233616)
- CVE-2024-49504: Fixed bypassing TPM-bound disk encryption on SL(E)M
encrypted Images (bsc#1229163) (bsc#1229164)
- CVE-2024-56737: Fixed heap-based buffer overflow in fs/hfs.c via
crafted sblock data in an HFS filesystem (bsc#1234958)
- CVE-2024-56738: Fixed side-channel attack due to not constant-time
algorithm in grub_crypto_memcmp (bsc#1234959)
- CVE-2025-0622: Fixed command/gpg use-after-free due to hooks not being
removed on module unload (bsc#1236317)
- CVE-2025-0624: Fixed net Out-of-bounds write in grub_net_search_config_file() (bsc#1236316)
- CVE-2025-0677: Fixed UFS integer overflow may lead to heap based
out-of-bounds write when handling symlinks (bsc#1237002)
- CVE-2025-0678: Fixed squash4 Integer overflow may lead to heap based
out-of-bounds write when reading data (bsc#1237006)
- CVE-2025-0684: Fixed reiserfs Integer overflow when handling symlinks
may lead to heap based out-of-bounds write when reading data (bsc#1237008)
- CVE-2025-0685: Fixed jfs Integer overflow when handling symlinks may
lead to heap based out-of-bounds write when reading data (bsc#1237009)
- CVE-2025-0686: Fixed romfs Integer overflow when handling symlinks
may lead to heap based out-of-bounds write when reading data (bsc#1237010)
- CVE-2025-0689: Fixed udf heap based buffer overflow in
grub_udf_read_block() may lead to arbitrary code execution (bsc#1237011)
- CVE-2025-0690: Fixed "read" integer overflow may lead to out-of-bounds write (bsc#1237012)
- CVE-2025-1118: Fixed commands/dump The dump command is not in lockdown when secure boot is enabled (bsc#1237013)
- CVE-2025-1125: Fixed fs/hfs interger overflow may lead to heap based out-of-bounds write (bsc#1237014)
- CVE-2025-4382: Fixed TPM auto-decryption data exposure (bsc#1242971)
- Restrict CLI access if the encrypted root device is automatically unlocked by
the TPM. LUKS password authentication is required for access to be granted
ImportantSUSE bug 1229163SUSE bug 1229164SUSE bug 1230840SUSE bug 1231591SUSE bug 1232411SUSE bug 1233606SUSE bug 1233608SUSE bug 1233609SUSE bug 1233610SUSE bug 1233612SUSE bug 1233613SUSE bug 1233614SUSE bug 1233615SUSE bug 1233616SUSE bug 1233617SUSE bug 1234958SUSE bug 1234959SUSE bug 1236316SUSE bug 1236317SUSE bug 1237002SUSE bug 1237006SUSE bug 1237008SUSE bug 1237009SUSE bug 1237010SUSE bug 1237011SUSE bug 1237012SUSE bug 1237013SUSE bug 1237014SUSE bug 1242971SUSE bug 1247242SUSE bug 1249140CVE-2024-45774 at SUSECVE-2024-45774 at NVDCVE-2024-45775 at SUSECVE-2024-45775 at NVDCVE-2024-45776 at SUSECVE-2024-45776 at NVDCVE-2024-45777 at SUSECVE-2024-45777 at NVDCVE-2024-45778 at SUSECVE-2024-45778 at NVDCVE-2024-45779 at SUSECVE-2024-45779 at NVDCVE-2024-45780 at SUSECVE-2024-45780 at NVDCVE-2024-45781 at SUSECVE-2024-45781 at NVDCVE-2024-45782 at SUSECVE-2024-45782 at NVDCVE-2024-45783 at SUSECVE-2024-45783 at NVDCVE-2024-49504 at SUSECVE-2024-49504 at NVDCVE-2024-56737 at SUSECVE-2024-56737 at NVDCVE-2024-56738 at SUSECVE-2024-56738 at NVDCVE-2025-0622 at SUSECVE-2025-0622 at NVDCVE-2025-0624 at SUSECVE-2025-0624 at NVDCVE-2025-0677 at SUSECVE-2025-0677 at NVDCVE-2025-0678 at SUSECVE-2025-0678 at NVDCVE-2025-0684 at SUSECVE-2025-0684 at NVDCVE-2025-0685 at SUSECVE-2025-0685 at NVDCVE-2025-0686 at SUSECVE-2025-0686 at NVDCVE-2025-0689 at SUSECVE-2025-0689 at NVDCVE-2025-0690 at SUSECVE-2025-0690 at NVDCVE-2025-1118 at SUSECVE-2025-1118 at NVDCVE-2025-1125 at SUSECVE-2025-1125 at NVDCVE-2025-4382 at SUSECVE-2025-4382 at NVDcpe:/o:suse:sl-micro:6.1Security update for libssh (Moderate)SUSE Linux Micro 6.1
This update for libssh fixes the following issues:
- CVE-2025-8114: Fixed NULL pointer dereference when calculating the session ID
during the key exchange (KEX) process (bsc#1246974)
- CVE-2025-8277: Fixed Memory Exhaustion via Repeated Key Exchange (bsc#1249375)
ModerateSUSE bug 1246974SUSE bug 1249375CVE-2025-8114 at SUSECVE-2025-8114 at NVDCVE-2025-8277 at SUSECVE-2025-8277 at NVDcpe:/o:suse:sl-micro:6.1Security update for openssl-3 (Moderate)SUSE Linux Micro 6.1
This update for openssl-3 fixes the following issues:
- CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation(bsc#1236136).
ModerateSUSE bug 1236136CVE-2024-13176 at SUSECVE-2024-13176 at NVDcpe:/o:suse:sl-micro:6.1Security update for expat (Important)SUSE Linux Micro 6.1
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations
by submitting crafted XML input (bsc#1249584).
ImportantSUSE bug 1249584CVE-2025-59375 at SUSECVE-2025-59375 at NVDcpe:/o:suse:sl-micro:6.1Security update for openssl-3 (Important)SUSE Linux Micro 6.1
This update for openssl-3 fixes the following issues:
Security issues:
- CVE-2025-9230: Fix out-of-bounds read & write in RFC 3211 KEK unwrap (bsc#1250232)
- Disable LTO for userspace livepatching [jsc#PED-13245]
ImportantSUSE bug 1250232CVE-2025-9230 at SUSECVE-2025-9230 at NVDcpe:/o:suse:sl-micro:6.1Security update for openssl-3-livepatches (Moderate)SUSE Linux Micro 6.1
This update for openssl-3-livepatches fixes the following issues:
- Add livepatch for CVE-2025-9230 (bsc#1250410).
ModerateSUSE bug 1250410CVE-2025-9230 at SUSECVE-2025-9230 at NVDcpe:/o:suse:sl-micro:6.1Security update for libxslt (Moderate)SUSE Linux Micro 6.1
This update for libxslt fixes the following issues:
- CVE-2025-11731: Fixed type confusion in exsltFuncResultCompfunction leading to denial of service (bsc#1251979)
- CVE-2025-10911: Fixed use-after-free with key data stored cross-RVT (bsc#1250553)
ModerateSUSE bug 1250553SUSE bug 1251979CVE-2025-10911 at SUSECVE-2025-10911 at NVDCVE-2025-11731 at SUSECVE-2025-11731 at NVDcpe:/o:suse:sl-micro:6.1Security update for podman (Important)SUSE Linux Micro 6.1
This update for podman fixes the following issues:
- CVE-2025-9566: Fixed kube play command overwriting host files (bsc#1249154)
ImportantSUSE bug 1249154CVE-2025-9566 at SUSECVE-2025-9566 at NVDcpe:/o:suse:sl-micro:6.1Security update for glibc (Moderate)SUSE Linux Micro 6.1
This update for glibc fixes the following issues:
- CVE-2025-0395: Fixed buffer overflow in the assert() function (bsc#1236282).
ModerateSUSE bug 1236282CVE-2025-0395 at SUSECVE-2025-0395 at NVDcpe:/o:suse:sl-micro:6.1Security update for haproxy (Moderate)SUSE Linux Micro 6.1
This update for haproxy fixes the following issues:
- CVE-2025-11230: Fixed mjson JSON decoder excessive resource consumption (bsc#1250983)
ModerateSUSE bug 1250983CVE-2025-11230 at SUSECVE-2025-11230 at NVDcpe:/o:suse:sl-micro:6.1Recommended update for afterburn (Moderate)SUSE Linux Micro 6.1
This update for afterburn fixes the following issues:
- Update to version 5.9.0.git21.a73f509:
* docs/release-notes: update for release 5.10.0
* cargo: update dependencies
* microsoft/azure: Add XML attribute alias for serde-xml-rs Fedora compat
* docs/release-notes: Add entry for Azure SharedConfig XML parsing fix
* microsoft/azure: Fix SharedConfig parsing of XML attributes
* microsoft/azure: Mock goalstate.SharedConfig output in tests
* providers/azure: switch SSH key retrieval from certs endpoint to IMDS
as azure stopped providing keys in the old one (bsc#1250471)
* build(deps): bump the build group with 8 updates
* build(deps): bump slab from 0.4.10 to 0.4.11
* build(deps): bump actions/checkout from 4 to 5
* upcloud: implement UpCloud provider
* build(deps): bump the build group with 4 updates
* Sync repo templates ⚙
- Update to version 5.9.0:
* cargo: Afterburn release 5.9.0
* docs/release-notes: update for release 5.9.0
* cargo: update dependencies
* Add TMT test structure and basic smoke test
* build(deps): bump openssl from 0.10.72 to 0.10.73
* build(deps): bump reqwest from 0.12.15 to 0.12.18
* docs/release-notes: Update changelog entry
* dracut: Return 255 in module-setup
* oraclecloud: add release note and move base URL to constant
* oraclecloud: implement oraclecloud provider
* build(deps): bump nix from 0.29.0 to 0.30.1
* build(deps): bump zbus from 5.7.0 to 5.7.1
* build(deps): bump serde-xml-rs from 0.6.0 to 0.8.1
* build(deps): bump ipnetwork from 0.20.0 to 0.21.1
* build(deps): bump clap from 4.5.38 to 4.5.39
ModerateSUSE bug 1250471CVE-2025-5791 at SUSECVE-2025-5791 at NVDcpe:/o:suse:sl-micro:6.1Security update for colord (Moderate)SUSE Linux Micro 6.1
This update for colord fixes the following issues:
- CVE-2021-42523: Fixed information disclosure in cd-device-db.c
and cd-profile-db.c (bsc#1250750).
ModerateSUSE bug 1250750CVE-2021-42523 at SUSECVE-2021-42523 at NVDcpe:/o:suse:sl-micro:6.1Security update for libsoup (Important)SUSE Linux Micro 6.1
This update for libsoup fixes the following issues:
- CVE-2025-11021: Ignore invalid date when processing cookies to prevent out-of-bounds read (bsc#1250562).
ImportantSUSE bug 1250562CVE-2025-11021 at SUSECVE-2025-11021 at NVDcpe:/o:suse:sl-micro:6.1Security update for pcp (Moderate)SUSE Linux Micro 6.1
This update for pcp fixes the following issues:
- CVE-2024-45769: Fixed `pmcd` heap corruption through metric pmstore operations (bsc#1230551).
- CVE-2024-45770: Fixed `pmpost` symlink attack allowing escalating `pcp` to `root` user (bsc#1230552).
ModerateSUSE bug 1217783SUSE bug 1217826SUSE bug 1222121SUSE bug 1230551SUSE bug 1230552CVE-2023-6917 at SUSECVE-2023-6917 at NVDCVE-2024-3019 at SUSECVE-2024-3019 at NVDCVE-2024-45769 at SUSECVE-2024-45769 at NVDCVE-2024-45770 at SUSECVE-2024-45770 at NVDcpe:/o:suse:sl-micro:6.1Security update for tiff (Important)SUSE Linux Micro 6.1
This update for tiff fixes the following issues:
- Update to 4.7.1:
Security:
* CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow() when processing malformed TIFF files (bsc#1247106)
* CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c (bsc#1247108)
* CVE-2024-13978: libtiff: Fixed LibTIFF Null Pointer Dereference (bsc#1247581)
* CVE-2025-8534: Fixed null pointer dereference in function PS_Lvl2page (bsc#1247582)
* CVE-2025-8961: Fixed segmentation fault via main function of tiffcrop utility (bsc#1248117)
* CVE-2025-9165: libtiff: Fixed local execution manipulation leading to memory leak (bsc#1248330)
* CVE-2025-9900: libtiff: Fixed Write-What-Where via TIFFReadRGBAImageOriented (bsc#1250413)
Software configuration changes:
* Define HAVE_JPEGTURBO_DUAL_MODE_8_12 and LERC_STATIC in tif_config.h.
* CMake: define WORDS_BIGENDIAN via tif_config.h
* doc/CMakeLists.txt: remove useless cmake_minimum_required()
* CMake: fix build with LLVM/Clang 17 (fixes issue #651)
* CMake: set CMP0074 new policy
* Set LINKER_LANGUAGE for C targets with C deps
* Export tiffxx cmake target (fixes issue #674)
* autogen.sh: Enable verbose wget.
* configure.ac: Syntax updates for Autoconf 2.71
* autogen.sh: Re-implement based on autoreconf. Failure to update
config.guess/config.sub does not return error (fixes issue #672)
* CMake: fix CMake 4.0 warning when minimum required version is < 3.10.
* CMake: Add build option tiff-static (fixes issue #709)
Library changes:
* Add TIFFOpenOptionsSetWarnAboutUnknownTags() for explicit control
about emitting warnings for unknown tags. No longer emit warnings
about unknown tags by default
* tif_predict.c: speed-up decompression in some cases.
Bug fixes:
* tif_fax3: For fax group 3 data if no EOL is detected, reading is
retried without synchronisation for EOLs. (fixes issue #54)
* Updating TIFFMergeFieldInfo() with read_count=write_count=0 for
FIELD_IGNORE. Updating TIFFMergeFieldInfo() with read_count=write_count=0 for
FIELD_IGNORE. Improving handling when field_name = NULL. (fixes issue #532)
* tiff.h: add COMPRESSION_JXL_DNG_1_7=52546 as used for JPEGXL compression in
the DNG 1.7 specification
* TIFFWriteDirectorySec: Increment string length for ASCII tags for codec tags
defined with FIELD_xxx bits, as it is done for FIELD_CUSTOM tags. (fixes issue #648)
* Do not error out on a tag whose tag count value is zero, just issue a warning.
Fix parsing a private tag 0x80a6 (fixes issue #647)
* TIFFDefaultTransferFunction(): give up beyond td_bitspersample = 24
* tif_getimage.c: Remove unnecessary calls to TIFFRGBAImageOK() (fixes issue #175)
* Fix writing a Predictor=3 file with non-native endianness
* _TIFFVSetField(): fix potential use of unallocated memory (out-of-bounds
* read / nullptr dereference) in case of out-of-memory situation when dealing with
custom tags (fixes issue #663)
* tif_fax3.c: Error out for CCITT fax encoding if SamplesPerPixel is not equal 1 and
PlanarConfiguration = Contiguous (fixes issue #26)
* tif_fax3.c: error out after a number of times end-of-line or unexpected bad code
words have been reached. (fixes issue #670)
* Fix memory leak in TIFFSetupStrips() (fixes issue #665)
* tif_zip.c: Provide zlib allocation functions. Otherwise for zlib built with
-DZ_SOLO inflating will fail.
* Fix memory leak in _TIFFSetDefaultCompressionState. (fixes issue #676)
* tif_predict.c: Don’t overwrite input buffer of TIFFWriteScanline() if "prediction"
is enabled. Use extra working buffer in PredictorEncodeRow(). (fixes issue #5)
* tif_getimage.c: update some integer overflow checks (fixes issue #79)
* TIFFReadRGBAImage(): several fixes to avoid buffer overflows.
* Correct passing arguments to TIFFCvtIEEEFloatToNative() and TIFFCvtIEEEDoubleToNative()
if HAVE_IEEEFP is not defined. (fixes issue #699)
* LZWDecode(): avoid nullptr dereference when trying to read again after EOI marker
has been found with remaining output bytes (fixes issue #698)
* TIFFSetSubDirectory(): check _TIFFCheckDirNumberAndOffset() return.
* TIFFUnlinkDirectory() and TIFFWriteDirectorySec(): clear tif_rawcp when clearing
tif_rawdata (fixes issue #711)
* JPEGEncodeRaw(): error out if a previous scanline failed to be written, to avoid
out-of-bounds access (fixes issue #714)
* tif_jpeg: Fix bug in JPEGDecodeRaw() if JPEG_LIB_MK1_OR_12BIT is defined for 8/12bit
dual mode, introduced in libjpeg-turbo 2.2, which was actually released as 3.0.
Fixes issue #717
* add assert for TIFFReadCustomDirectory infoarray check.
* ppm2tiff: Fix bug in pack_words trailing bytes, where last two bytes of each line
were written wrongly. (fixes issue #467)
* fax2ps: fix regression of commit 28c38d648b64a66c3218778c4745225fe3e3a06d where
TIFFTAG_FAXFILLFUNC is being used rather than an output buffer (fixes issue #649)
* tiff2pdf: Check TIFFTAG_TILELENGTH and TIFFTAGTILEWIDTH (fixes issue #650)
* tiff2pdf: check h_samp and v_samp for range 1 to 4 to avoid division by zero.
Fixes issue #654
* tiff2pdf: avoid null pointer dereference. (fixes issue #741)
* Improve non-secure integer overflow check (comparison of division result with
multiplicant) at compiler optimisation in tiffcp, rgb2ycbcr and tiff2rgba.
Fixes issue #546
* tiff2rgba: fix some "a partial expression can generate an overflow before it is
assigned to a broader type" warnings. (fixes issue #682)
* tiffdither/tiffmedian: Don't skip the first line of the input image. (fixes issue #703)
* tiffdither: avoid out-of-bounds read identified in issue #733
* tiffmedian: error out if TIFFReadScanline() fails (fixes issue #707)
* tiffmedian: close input file. (fixes issue #735)
* thumbail: avoid potential out of bounds access (fixes issue #715)
* tiffcrop: close open TIFF files and release allocated buffers before exiting in case
of error to avoid memory leaks. (fixes issue #716)
* tiffcrop: fix double-free and memory leak exposed by issue #721
* tiffcrop: avoid buffer overflow. (fixes issue #740)
* tiffcrop: avoid nullptr dereference. (fixes issue #734)
* tiffdump: Fix coverity scan issue CID 1373365: Passing tainted expression *datamem
to PrintData, which uses it as a divisor or modulus.
* tiff2ps: check return of TIFFGetFiled() for TIFFTAG_STRIPBYTECOUNTS and
TIFFTAG_TILEBYTECOUNTS to avoid NULL pointer dereference. (fixes issue #718)
* tiffcmp: fix memory leak when second file cannot be opened. (fixes issue #718 and issue #729)
* tiffcp: fix setting compression level for lossless codecs. (fixes issue #730)
* raw2tiff: close input file before exit (fixes issue #742)
Tools changes:
* tiffinfo: add a -W switch to warn about unknown tags.
* tiffdither: process all pages in input TIFF file.
Documentation:
* TIFFRGBAImage.rst note added for incorrect saving of images with TIFF orientation
from 5 (LeftTop) to 8 (LeftBottom) in the raster.
* TIFFRGBAImage.rst note added about un-associated alpha handling (fixes issue #67)
* Update "Defining New TIFF Tags" description. (fixes issue #642)
* Fix return type of TIFFReadEncodedTile()
* Update the documentation to reflect deprecated typedefs.
* TIFFWriteDirectory.rst: Clarify TIFFSetWriteOffset() only sets offset for image
data and not for IFD data.
* Update documentation on re-entrancy and thread safety.
* Remove dead links to no more existing Awaresystems web-site.
* Updating BigTIFF specification and some miscelaneous editions.
* Replace some last links and remove last todos.
* Added hints for correct allocation of TIFFYCbCrtoRGB structure and its
associated buffers. (fixes issue #681)
* Added chapter to "Using the TIFF Library" with links to handling multi-page TIFF
and custom directories. (fixes issue #43)
* update TIFFOpen.rst with the return values of mapproc and unmapproc. (fixes issue #12)
- Fix TIFFMergeFieldInfo() read_count=write_count=0 (bsc#1243503)
- Add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to fix FTBFS with cmake4
- Add %check section
- Remove Group: declarations, no longer used
- Use python3-Sphinx instead of %{primary_python}-Sphinx
based on recommendation from python maintainers.
* Fixes build issue of man flavor on 15.6
- Update test/test_directory.c not to fail on big-endian machines (bsc#1236834).
- Fix versioning of tiff-docs under Recommends
- Update to 4.7.0:
* This version restores in the default build the availability of
the tools that had been dropped in v4.6.0
* Software configuration changes:
+ autoconf build: configure.ac: avoid -Werror passed to CFLAGS to interfere with feature detection
+ autoconf build: fix error when running make clean (fixes issue #630)
+ autoconf build: back off the minimum required automake version to 1.11
+ autoconf.ac: fix detection of windows.h for mingw (fixes issue #605)
+ libtiff-4.pc: Fix Requires.private missing Lerc. It provides a .pc file
starting from version 4 (in autoconf builds, we assume that liblerc is at least version 4)
+ CMake: Fix TIFF_INCLUDE_DIRS
+ CMake: MinGW compilers don't need a .def file for shared library
+ CMake: move libdeflate and Lerc to Requires.private
+ CMake: enable resource compilation on all Windows.
* Library changes:
+ Add TIFFOpenOptionsSetMaxCumulatedMemAlloc(). This function complements
TIFFOpenOptionsSetMaxSingleMemAlloc() to define the maximum cumulated memory
allocations in byte, for a given TIFF handle, that libtiff internal memory
allocation functions are allowed.
+ TIFFWriteDirectory(): Avoid overwriting following data if an IFD is enlarged.
+ TIFFXYZToRGB: avoid integer overflow (fixes issue #644)
+ uv_decode() and uv_encode(): avoid potential out-of-bounds array index (fixes issue #645)
+ Fix cases where tif_curdir is set incorrectly. Fix cases where the current directory number (tif_curdir)
is set inconsistently or incorrectly, depending on the previous history.
+ TIFFRead[Scanline/EncodedStrip/EncodeTile]: 0-initialize output buffer if setupdecode fails ;
most codecs: zero-initialize (not-yet-written parts of) output buffer if failure (fixes issue #375)
+ OJPEG: reset subsampling_convert_state=0 in OJPEGPreDecode (fixes issue #183)
+ ThunderRLE: fix failure when decoding last run. Bug seen with GhostPDL
+ LERC codec: deal with issues with multi-band PlanarConfig=Contig and NaN values
+ tif_fax3.c: error out after a number of times end-of-file has been reached (fixes issue #583)
+ LZW: avoid warning about misaligned address with UBSAN (fixes issue #616)
+ CVE-2023-52356: Fixed segment fault in TIFFReadRGBATileExt() leading to denial of service (bsc#1219213)
+ tif_dirread.c: only issue TIFFGetFileSize() for large enough RAM requests
+ Avoid FPEs (division by zero) in tif_getimage.c.
+ Avoiding FPE (division by zero) for TIFFhowmany_32() and TIFFhowmany_64() macros by checking for
denominator not zero before macros are executed. (fixes issue #628)
+ Add non-zero check before division in TIFFComputeStrip()
+ Fix wrong return of TIFFIsBigTIFF() in case byte-swapping is active
+ Setting the TIFFFieldInfo field set_field_type should consider field_writecount not field_readcount
+ Avoid memory leaks when using TIFFCreateDirectory() by releasing the allocated memory in the tif-structure.
+ For non-terminated ASCII arrays, the buffer is first enlarged before a NULL is set at the end to
avoid deleting the last character. (fixes issue #579)
+ CVE-2024-7006: Fixed NULL pointer dereference in tif_dirinfo.c (bsc#1228924)
+ Prevent some out-of-memory attacks (fixes issue #614)
+ Ensure absolute seeking is forced independent of TIFFReadDirectory success. (fixes issue #618)
+ tif_dirinfo.c: re-enable TIFFTAG_EP_CFAREPEATPATTERNDIM and TIFFTAG_EP_CFAPATTERN tags (fixes issue #608)
+ Fix warnings with GCC 14
+ tif_dir.c: Log source file, line number, and input tif for directory count error (fixes issue #627)
+ Last usage of get_field_type of TIFFField structure at TIFFWriteDirectorySec() changed to using set_field_type.
+ tif_jpeg.c/tif_ojpeg.c: remove likely ifdef tricks related to old compilers or unusual setups
+ Remove _TIFFUInt64ToFloat() and _TIFFUInt64ToDouble()
+ Remove support for _MSC_VER < 1500.
+ Use #ifdef _WIN32 to test for Windows, and tiffio.h: remove definition of __WIN32__
* Documentation:
+ Amend manpages for changes in current directory index behaviour
+ Note on using TIFFFlush() before TIFFClose() to check that the data has been successfully written to the file. (fixes issue #506)
+ Update TIFF documentation about TIFFOpenOptions.rst and TIFFOpenOptionsSetMaxSingleMemAlloc() usage and some other small fixes
* Re-added tools:
+ fax2ps
+ fax2tiff
+ pal2rgb
+ ppm2tiff
+ raw2tiff
+ rgb2ycbcr (not installed)
+ thumbnail (not installed)
+ tiff2bw
+ tiff2rgba
+ tiffcmp
+ tiffcrop
+ tiffdither
+ tiffgt
+ tiffmedian
+ tiff2ps
+ tiff2pdf
* New/improved functionality:
+ tiff2rgba: Add background gradient option for alpha compositing
+ tiffcp: -i flag restored
* Bug fixes for tools:
+ tiffcrop: address Coverity scan issues 1605444, 1605445, and 16054
+ tiffcrop: Apply "Fix heap-buffer-overflow in function extractImageSection"
+ tiffcrop: fix buffer overflows, use after free (fixes issue #542, issue #550, issue #552)
+ tiff2pdf: address Coverity scan issues
+ tiff2pdf: fix inconsistent PLANARCONFIG value for the input and output TIFF
+ tiff2pdf: fix issue with JPEG restart-interval marker when converting from JPEG-compressed files (fixes issue #539)
+ tiff2pdf: red and blue were being swapped for RGBA decoding (fixes issue #253)
+ tiff2pdf: fixes issue #596
+ thumbnail: address Coverity scan issues
+ tiffcp: Add check for limitMalloc return to fix Coverity 1603334
+ tiffcp: preserve TIFFTAG_REFERENCEBLACKWHITE when doing YCbCr JPEG -> YCbCr JPEG
+ tiffcp: replace PHOTOMETRIC_YCBCR with PHOTOMETRIC_RGB when outputing to compression != JPEG (refs issue #571)
+ tiffcp: do not copy tags YCBCRCOEFFICIENTS, YCBCRSUBSAMPLING, YCBCRPOSITIONING, REFERENCEBLACKWHITE. Only set YCBCRSUBSAMPLING when generating YCbCr JPEG
+ tiffcp: Check also codec of input image, not only from output image (fixes issue #606)
+ Add some basic sanity checks for tiffcp and tiffcrop RGB->YCbCr JPEG conversions.
+ fax2ps and fax2tiff: memory leak fixes (fixes issue #476)
+ tiffmedian: memory leak fixes (fixes issue #599)
+ fax2tiff: fix EOFB interpretation (fixes issue #191)
+ fax2tiff: fix issue with unreasonable width input (fixes issue #249)
+ tiffcp and tiffcrop: fixes issue #228
+ tiff2rgba: fixes issue #469
+ tiffdither: fixes issue #473
+ tiffdump: fix wrong printf formatter in error message (Coverity 1472932)
+ tiffset: avoid false positive Coverity Scan warning on 64-bit builds (Coverity 1518997)
+ tifcp/tiffset: use correct format specifiers
* Changes to contributed and unsupported tools
+ contrib/addtiffo: validate return of TIFFWriteEncodedXXXX() calls (Coverity 1024680)
- Tools are not built for now due to test failure: `FAIL: tiffcp-32bpp-None-jpeg.sh`
ImportantSUSE bug 1219213SUSE bug 1228924SUSE bug 1236834SUSE bug 1243503SUSE bug 1247106SUSE bug 1247108SUSE bug 1247581SUSE bug 1247582SUSE bug 1248117SUSE bug 1248330SUSE bug 1250413CVE-2023-52356 at SUSECVE-2023-52356 at NVDCVE-2024-13978 at SUSECVE-2024-13978 at NVDCVE-2024-7006 at SUSECVE-2024-7006 at NVDCVE-2025-8176 at SUSECVE-2025-8176 at NVDCVE-2025-8177 at SUSECVE-2025-8177 at NVDCVE-2025-8534 at SUSECVE-2025-8534 at NVDCVE-2025-8961 at SUSECVE-2025-8961 at NVDCVE-2025-9165 at SUSECVE-2025-9165 at NVDCVE-2025-9900 at SUSECVE-2025-9900 at NVDcpe:/o:suse:sl-micro:6.1Security update for runc (Important)SUSE Linux Micro 6.1
This update for runc fixes the following issues:
- Update to runc v1.3.3. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.3>. bsc#1252232
* CVE-2025-31133
* CVE-2025-52565
* CVE-2025-52881
- Update to runc v1.3.2. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.2> bsc#1252110
- Includes an important fix for the CPUSet translation for cgroupv2.
ImportantSUSE bug 1252110SUSE bug 1252232CVE-2025-31133 at SUSECVE-2025-31133 at NVDCVE-2025-52565 at SUSECVE-2025-52565 at NVDCVE-2025-52881 at SUSECVE-2025-52881 at NVDcpe:/o:suse:sl-micro:6.1Security update for powerpc-utils (Moderate)SUSE Linux Micro 6.1
This update for powerpc-utils fixes the following issues:
- Start SMT service after networking (bsc#1249152 ltc#214730)
- Fix inconsistent Core Online/Offline States Observed in lscpu and
ppc64_cpu --info Command Outputs During DLPAR Operation (bsc#1246126 ltc#214064)
- Fix HNV installation network conflicts across all distributions (jsc#PED-3946)
- Fix negative values of idle PURR (bsc#1238322 ltc#210808)
ModerateSUSE bug 1200731SUSE bug 1238322SUSE bug 1246126SUSE bug 1249152SUSE bug 430790SUSE bug 866675SUSE bug 869852SUSE bug 883174SUSE bug 886123SUSE bug 887275SUSE bug 933651CVE-2014-4040 at SUSECVE-2014-4040 at NVDcpe:/o:suse:sl-micro:6.1Security update for containerd (Important)SUSE Linux Micro 6.1
This update for containerd fixes the following issues:
- CVE-2024-25621: Fixed overly broad default permission vulnerability (bsc#1253126).
- CVE-2025-64329: Fixed goroutine leaks can lead to memory exhaustion on the host (bsc#1253132).
ImportantSUSE bug 1253126SUSE bug 1253132CVE-2024-25621 at SUSECVE-2024-25621 at NVDCVE-2025-64329 at SUSECVE-2025-64329 at NVDcpe:/o:suse:sl-micro:6.1Security update for grub2 (Moderate)SUSE Linux Micro 6.1
This update for grub2 fixes the following issues:
- CVE-2025-54770: Missing unregister call for net_set_vlan command may lead to use-after-free (bsc#1252930)
- CVE-2025-54771: grub_file_close() does not properly controls the fs refcount (bsc#1252931)
- CVE-2025-61661: Out-of-bounds write in grub_usb_get_string() function (bsc#1252932)
- CVE-2025-61662: Missing unregister call for gettext command may lead to use-after-free (bsc#1252933)
- CVE-2025-61663: Missing unregister call for normal commands may lead to use-after-free (bsc#1252934)
- CVE-2025-61664: Missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935)
ModerateSUSE bug 1252930SUSE bug 1252931SUSE bug 1252932SUSE bug 1252933SUSE bug 1252934SUSE bug 1252935CVE-2025-54770 at SUSECVE-2025-54770 at NVDCVE-2025-54771 at SUSECVE-2025-54771 at NVDCVE-2025-61661 at SUSECVE-2025-61661 at NVDCVE-2025-61662 at SUSECVE-2025-61662 at NVDCVE-2025-61663 at SUSECVE-2025-61663 at NVDCVE-2025-61664 at SUSECVE-2025-61664 at NVDcpe:/o:suse:sl-micro:6.1Security update for glib2 (Moderate)SUSE Linux Micro 6.1
This update for glib2 fixes the following issues:
- CVE-2025-7039: Fixed Buffer Under-read in gfileutils.c (bsc#1249055)
ModerateSUSE bug 1249055CVE-2025-7039 at SUSECVE-2025-7039 at NVDcpe:/o:suse:sl-micro:6.1Security update for unbound (Important)SUSE Linux Micro 6.1
This update for unbound fixes the following issues:
- CVE-2025-11411: Fixed promiscuous records leading to domain hijacking (bsc#1252525)
ImportantSUSE bug 1252525CVE-2025-11411 at SUSECVE-2025-11411 at NVDcpe:/o:suse:sl-micro:6.1Security update for sssd (Important)SUSE Linux Micro 6.1
This update for sssd fixes the following issues:
- CVE-2025-11561: Fixed default Kerberos configuration allowing
privilege escalation on AD-joined Linux systems (bsc#1251827)
Other fixes:
- Install file in krb5.conf.d to include sssd krb5 config snippets
(bsc#1244325)
ImportantSUSE bug 1244325SUSE bug 1251827CVE-2025-11561 at SUSECVE-2025-11561 at NVDcpe:/o:suse:sl-micro:6.1Security update for curl (Moderate)SUSE Linux Micro 6.1
This update for curl fixes the following issues:
- CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes (bsc#1253757).
ModerateSUSE bug 1253757CVE-2025-11563 at SUSECVE-2025-11563 at NVDcpe:/o:suse:sl-micro:6.1Security update for python311 (Moderate)SUSE Linux Micro 6.1
This update for python311 fixes the following issues:
Update to 3.11.14:
- CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory (EOCD) is not checked by the 'zipfile'
module (bsc#1251305).
- CVE-2025-6075: Fixed the value passed to os.path.expandvars() is user-controlled a performance degradation
is possible when expanding environment variables (bsc#1252974).
ModerateSUSE bug 1251305SUSE bug 1252974CVE-2025-6075 at SUSECVE-2025-6075 at NVDCVE-2025-8291 at SUSECVE-2025-8291 at NVDcpe:/o:suse:sl-micro:6.1Security update for salt (Important)SUSE Linux Micro 6.1
This update for salt fixes the following issues:
salt:
- Security issues fixed:
- CVE-2025-62349: Added minimum_auth_version to enforce security (bsc#1254257)
- CVE-2025-62348: Fixed Junos module yaml loader (bsc#1254256)
- Backport security fixes for vendored tornado
* BDSA-2024-3438
* BDSA-2024-3439
* BDSA-2024-9026
- Other changes and bugs fixed:
- Added `minion_legacy_req_warnings` option to avoid noisy warnings
- Fixed TLS and x509 modules for OSes with older cryptography module
- Fixed Salt for Python > 3.11 (bsc#1252285) (bsc#1252244)
* Use external tornado on Python > 3.11
* Make tls and x509 to use python-cryptography
* Remove usage of spwd
- Fixed payload signature verification on Tumbleweed (bsc#1251776)
- Fixed broken symlink on migration to Leap 16.0 (bsc#1250755)
- Fixed known_hosts error on gitfs (bsc#1250520) (bsc#1227207)
- Fixed functional.states.test_user for SLES 16 and Micro systems
- Fixed the tests failing on AlmaLinux 10 and other clones
- Improved SL Micro 6.2 detection with grains
- Require Python dependencies only for used Python version
- Reverted requirement of M2Crypto >= 0.44.0 for SUSE Family distros
- Set python-CherryPy as required for python-salt-testsuite
ImportantSUSE bug 1227207SUSE bug 1250520SUSE bug 1250755SUSE bug 1251776SUSE bug 1252244SUSE bug 1252285CVE-2025-62348 at SUSECVE-2025-62348 at NVDCVE-2025-62349 at SUSECVE-2025-62349 at NVDcpe:/o:suse:sl-micro:6.1Security update for gnutls (Moderate)SUSE Linux Micro 6.1
This update for gnutls fixes the following issues:
- CVE-2025-9820: Fixed buffer overflow in gnutls_pkcs11_token_init (bsc#1254132).
ModerateSUSE bug 1254132CVE-2025-9820 at SUSECVE-2025-9820 at NVDcpe:/o:suse:sl-micro:6.1Security update for helm (Moderate)SUSE Linux Micro 6.1
This update for helm fixes the following issues:
Update to version 3.19.1 (bsc#1251649, CVE-2025-58190, bsc#1251442, CVE-2025-47911):
* chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29
* jsonschema: warn and ignore unresolved URN $ref to match v3.18.4
* Avoid "panic: interface conversion: interface {} is nil"
* Fix `helm pull` untar dir check with repo urls
* chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10
* Add timeout flag to repo add and update flags
* chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.43.0
Update to version 3.19.0:
* fix: use username and password if provided
* chore(deps): bump the k8s-io group with 7 updates
* chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1
* chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1
* chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0
* fix(helm-lint): Add TLSClientConfig
* fix(helm-lint): Add HTTP/HTTPS URL support for json schema references
* chore(deps): bump the k8s-io group with 7 updates
* fix: go mod tidy for v3
* chore(deps): bump golang.org/x/crypto from 0.40.0 to 0.41.0
* chore(deps): bump golang.org/x/term from 0.33.0 to 0.34.0
* fix Chart.yaml handling
* Handle messy index files
* chore(deps): bump github.com/containerd/containerd from 1.7.27 to 1.7.28
* json schema fix
* fix: k8s version parsing to match original
* chore(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0
* Do not explicitly set SNI in HTTPGetter
* chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7
* chore(deps): bump the k8s-io group with 7 updates
* chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0
* chore(deps): bump golang.org/x/term from 0.32.0 to 0.33.0
* chore(deps): bump golang.org/x/text from 0.26.0 to 0.27.0
* Disabling linter due to unknown issue
* Updating link handling
* Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1
* build(deps): bump the k8s-io group with 7 updates
* build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0
* fix: user username password for login
* Update pkg/registry/transport.go
* Update pkg/registry/transport.go
* fix: add debug logging to oci transport
* build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
* build(deps): bump golang.org/x/text from 0.25.0 to 0.26.0
* fix: legacy docker support broken for login
* fix: plugin installer test with no Internet
* Handle an empty registry config file.
* Prevent fetching newReference again as we have in calling method
* Prevent failure when resolving version tags in oras memory store
* fix(client): skipnode utilization for PreCopy
* test: Skip instead of returning early. looks more intentional
* test: tests repo stripping functionality
* test: include tests for Login based on different protocol prefixes
* fix(client): layers now returns manifest - remove duplicate from descriptors
* fix(client): return nil on non-allowed media types
* Fix 3.18.0 regression: registry login with scheme
* Update pkg/plugin/plugin.go
* Update pkg/plugin/plugin.go
* Wait for Helm v4 before raising when platformCommand and Command are set
* Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]"
* build(deps): bump the k8s-io group with 7 updates
* chore: update generalization warning message
* build(deps): bump oras.land/oras-go/v2 from 2.5.0 to 2.6.0
* build(deps): bump the k8s-io group with 7 updates
* build(deps): bump golang.org/x/crypto from 0.37.0 to 0.38.0
* fix: move warning to top of block
* fix: govulncheck workflow
* fix: replace fmt warning with slog
* fix: add warning when ignore repo flag
* bump version to v3.18.0
* backport #30673 to dev-v3
* feat: add httproute from gateway-api to create chart template
Update to version 3.18.6:
* fix(helm-lint): Add TLSClientConfig
* fix(helm-lint): Add HTTP/HTTPS URL support for json schema
references
Update to version 3.18.5:
* fix Chart.yaml handling 7799b48 (Matt Farina)
* Handle messy index files dd8502f (Matt Farina)
* json schema fix cb8595b (Robert Sirchia)
Fix shell completion dependencies
* Add BuildRequires to prevent inclusion of folders owned by shells.
* Add Requires because installing completions without appropriate
shell is questionable.
- Fix zsh completion location
ModerateSUSE bug 1251442SUSE bug 1251649CVE-2025-47911 at SUSECVE-2025-47911 at NVDCVE-2025-58190 at SUSECVE-2025-58190 at NVDcpe:/o:suse:sl-micro:6.1Security update for libpng16 (Important)SUSE Linux Micro 6.1
This update for libpng16 fixes the following issues:
- CVE-2025-66293: Fixed out-of-bounds read in png_image_read_composite (bsc#1254480).
- CVE-2025-64505: Fixed heap buffer over-read in `png_do_quantize` via malformed palette index (bsc#1254157).
- CVE-2025-64506: Fixed heap buffer over-read in `png_write_image_8bit` with 8-bit input and `convert_to_8bit` enabled (bsc#1254158).
- CVE-2025-64720: Fixed buffer overflow in `png_image_read_composite` via incorrect palette premultiplication (bsc#1254159).
- CVE-2025-65018: Fixed heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` (bsc#1254160).
ImportantSUSE bug 1254157SUSE bug 1254158SUSE bug 1254159SUSE bug 1254160SUSE bug 1254480CVE-2025-64505 at SUSECVE-2025-64505 at NVDCVE-2025-64506 at SUSECVE-2025-64506 at NVDCVE-2025-64720 at SUSECVE-2025-64720 at NVDCVE-2025-65018 at SUSECVE-2025-65018 at NVDCVE-2025-66293 at SUSECVE-2025-66293 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-tornado6 (Important)SUSE Linux Micro 6.1
This update for python-tornado6 fixes the following issues:
- CVE-2025-67724: unescaped `reason` argument used in HTTP headers and in HTML default error pages can be used by
attackers to launch header injection or XSS attacks (bsc#1254903).
- CVE-2025-67725: quadratic complexity of string concatenation operations used by the `HTTPHeaders.add` method can lead
to DoS when processing a maliciously crafted HTTP request (bsc#1254905).
- CVE-2025-67726: quadratic complexity algorithm used in the `_parseparam` function of `httputil.py` can lead to DoS
when processing maliciously crafted parameters in a `Content-Disposition` header (bsc#1254904).
ImportantSUSE bug 1254903SUSE bug 1254904SUSE bug 1254905CVE-2025-67724 at SUSECVE-2025-67724 at NVDCVE-2025-67725 at SUSECVE-2025-67725 at NVDCVE-2025-67726 at SUSECVE-2025-67726 at NVDcpe:/o:suse:sl-micro:6.1Security update for qemu (Important)SUSE Linux Micro 6.1
This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2025-12464: stack-based buffer overflow in the e1000 network device operations can be exploited by a malicious
guest user to crash the QEMU process on the host (bsc#1253002).
- CVE-2025-11234: use-after-free in WebSocket handshake operations can be exploited by a malicious client with network
access to the VNC WebSocket port to cause a denial-of-service (bsc#1250984).
Other updates and bugfixes:
- [openSUSE][RPM]: really fix *-virtio-gpu-pci dependency on ARM (bsc#1254286).
- block/curl: fix curl internal handles handling (bsc#1252768).
ImportantSUSE bug 1250984SUSE bug 1252768SUSE bug 1253002SUSE bug 1254286CVE-2025-11234 at SUSECVE-2025-11234 at NVDCVE-2025-12464 at SUSECVE-2025-12464 at NVDcpe:/o:suse:sl-micro:6.1Security update for dpdk (Moderate)SUSE Linux Micro 6.1
This update for dpdk fixes the following issues:
Update to version 22.11.10.
Security issues fixed:
- CVE-2025-23259: issue in the Poll Mode Driver (PMD) allows an attacker on a VM in the system to leak information and
cause a denial of service on the network interface (bsc#1254161).
Other updates and bugfixes:
- Fix SUSE provided DPDK modules tainting the kernel as unsupported (bsc#1214724).
Upstream release notes:
- Version 22.11.9
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id24
- Version 22.11.8
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id21
- Version 22.11.7
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id18
- Version 22.11.6
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id15
- Version 22.11.5
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id12
- Version 22.11.4
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id8
- Version 22.11.3
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id4
- Version 22.11.2
https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id2
ModerateSUSE bug 1214724SUSE bug 1234718SUSE bug 1254161CVE-2024-11614 at SUSECVE-2024-11614 at NVDCVE-2025-23259 at SUSECVE-2025-23259 at NVDcpe:/o:suse:sl-micro:6.1Security update for capstone (Moderate)SUSE Linux Micro 6.1
This update for capstone fixes the following issues:
- CVE-2025-67873: missing bounds check on user-provided skipdata callback can lead to a heap buffer overflow (bsc#1255309).
- CVE-2025-68114: unchecked `vsnprintf` return value can lead to a stack buffer overflow (bsc#1255310).
ModerateSUSE bug 1255309SUSE bug 1255310CVE-2025-67873 at SUSECVE-2025-67873 at NVDCVE-2025-68114 at SUSECVE-2025-68114 at NVDcpe:/o:suse:sl-micro:6.1Recommended update for shim (Important)SUSE Linux Micro 6.1
This update for shim fixes the following issues:
This update for shim fixes the following issues:
shim is updated to version 16.1:
- shim_start_image(): fix guid/handle pairing when uninstalling protocols
- Fix uncompressed ipv6 netboot
- fix test segfaults caused by uninitialized memory
- SbatLevel_Variable.txt: minor typo fix.
- Realloc() needs to allocate one more byte for sprintf()
- IPv6: Add more check to avoid multiple double colon and illegal char
- Loader proto v2
- loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages
- Generate Authenticode for the entire PE file
- README: mention new loader protocol and interaction with UKIs
- shim: change automatically enable MOK_POLICY_REQUIRE_NX
- Save var info
- add SbatLevel entry 2025051000 for PSA-2025-00012-1
- Coverity fixes 20250804
- fix http boot
- Fix double free and leak in the loader protocol
shim is updated to version 16.0:
- Validate that a supplied vendor cert is not in PEM format
- sbat: Add grub.peimage,2 to latest (CVE-2024-2312)
- sbat: Also bump latest for grub,4 (and to todays date)
- undo change that limits certificate files to a single file
- shim: don't set second_stage to the empty string
- Fix SBAT.md for today's consensus about numbers
- Update Code of Conduct contact address
- make-certs: Handle missing OpenSSL installation
- Update MokVars.txt
- export DEFINES for sub makefile
- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition
- Null-terminate 'arguments' in fallback
- Fix "Verifiying" typo in error message
- Update Fedora CI targets
- Force gcc to produce DWARF4 so that gdb can use it
- Minor housekeeping 2024121700
- Discard load-options that start with WINDOWS
- Fix the issue that the gBS->LoadImage pointer was empty.
- shim: Allow data after the end of device path node in load options
- Handle network file not found like disks
- Update gnu-efi submodule for EFI_HTTP_ERROR
- Increase EFI file alignment
- avoid EFIv2 runtime services on Apple x86 machines
- Improve shortcut performance when comparing two boolean expressions
- Provide better error message when MokManager is not found
- tpm: Boot with a warning if the event log is full
- MokManager: remove redundant logical constraints
- Test import_mok_state() when MokListRT would be bigger than available size
- test-mok-mirror: minor bug fix
- Fix file system browser hang when enrolling MOK from disk
- Ignore a minor clang-tidy nit
- Allow fallback to default loader when encountering errors on network boot
- test.mk: don't use a temporary random.bin
- pe: Enhance debug report for update_mem_attrs
- Multiple certificate handling improvements
- Generate SbatLevel Metadata from SbatLevel_Variable.txt
- Apply EKU check with compile option
- Add configuration option to boot an alternative 2nd stage
- Loader protocol (with Device Path resolution support)
- netboot cleanup for additional files
- Document how revocations can be delivered
- post-process-pe: add tests to validate NX compliance
- regression: CopyMem() in ad8692e copies out of bounds
- Save the debug and error logs in mok-variables
- Add features for the Host Security ID program
- Mirror some more efi variables to mok-variables
- This adds DXE Services measurements to HSI and uses them for NX
- Add shim's current NX_COMPAT status to HSIStatus
- README.tpm: reflect that vendor_db is in fact logged as "vendor_db"
- Reject HTTP message with duplicate Content-Length header fields
- Disable log saving
- fallback: don't add new boot order entries backwards
- README.tpm: Update MokList entry to MokListRT
- SBAT Level update for February 2025 GRUB CVEs
ImportantSUSE bug 1205588SUSE bug 1247432SUSE bug 1254336SUSE bug 1254679CVE-2024-2312 at SUSECVE-2024-2312 at NVDcpe:/o:suse:sl-micro:6.1Security update for libmicrohttpd (Important)SUSE Linux Micro 6.1
This update for libmicrohttpd fixes the following issues:
- CVE-2025-59777: Fixed NULL pointer dereference (bsc#1253177).
- CVE-2025-62689: Fixed heap-based buffer overflow(bsc#1253178).
ImportantSUSE bug 1253177SUSE bug 1253178CVE-2025-59777 at SUSECVE-2025-59777 at NVDCVE-2025-62689 at SUSECVE-2025-62689 at NVDcpe:/o:suse:sl-micro:6.1Security update for rsync (Moderate)SUSE Linux Micro 6.1
This update for rsync fixes the following issues:
- CVE-2025-10158: Fixed out of bounds array access via negative index (bsc#1254441)
ModerateSUSE bug 1254441CVE-2025-10158 at SUSECVE-2025-10158 at NVDcpe:/o:suse:sl-micro:6.1Security update for openvswitch (Important)SUSE Linux Micro 6.1
This update for openvswitch fixes the following issues:
Update OpenvSwitch to v3.1.7 and OVN to v23.03.3:
Security issues fixed:
- CVE-2023-3966: ovs: invalid memory access and potential denial of service via specially crafted Geneve packets
(bsc#1219465).
- CVE-2023-5366: ovs: OpenFlow rules may be bypassed via specially crafted ICMPv6 Neighbor Advertisement packets sent
between virtual machines t(bsc#1216002).
- CVE-2024-2182: ovn: denial of service via injection of specially crafted BFD packets from inside unprivileged
workloads (bsc#1255435).
- CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet (bsc#1236353).
Other updates and bugfixes:
- OpenvSwitch upstream bugfix updates:
* https://www.openvswitch.org/releases/NEWS-3.1.7.txt
* v3.1.7
- Bug fixes
- OVS validated with DPDK 22.11.7.
* v3.1.6
- Bug fixes
- OVS validated with DPDK 22.11.6.
* v3.1.5
- Bug fixes
- OVS validated with DPDK 22.11.5.
* v3.1.4
- Bug fixes
- OVS validated with DPDK 22.11.4.
- OVN upstream bugfix updates:
* https://github.com/ovn-org/ovn/blob/branch-23.03/NEWS
* v23.03.3
- Bug fixes
- Add "garp-max-timeout-sec" config option to vswitchd external-ids to cap the time between when ovn-controller
sends gARP packets.
* v23.03.1
- Bug fixes
- CT entries are not flushed by default anymore whenever a load balancer backend is removed. A new, per-LB, option
'ct_flush' can be used to restore the previous behavior. Disabled by default.
- Always allow IPv6 Router Discovery, Neighbor Discovery, and Multicast Listener Discovery protocols, regardless of
ACLs defined.
- Send ICMP Fragmentation Needed packets back to offending ports when communicating with multichassis ports using
frames that don't fit through a tunnel. This is done only for logical switches that are attached to a physical
network via a localnet port, in which case multichassis ports may have an effective MTU different from regular
ports and hence may need this mechanism to maintain connectivity with other peers in the network.
- ECMP routes use L4_SYM dp-hash by default if the datapath supports it. Existing sessions might get re-hashed to a
different ECMP path when OVN detects the algorithm support in the datapath during an upgrade or restart of
ovn-controller.
ImportantSUSE bug 1216002SUSE bug 1219465SUSE bug 1236353SUSE bug 1255435CVE-2023-3966 at SUSECVE-2023-3966 at NVDCVE-2023-5366 at SUSECVE-2023-5366 at NVDCVE-2024-2182 at SUSECVE-2024-2182 at NVDCVE-2025-0650 at SUSECVE-2025-0650 at NVDcpe:/o:suse:sl-micro:6.1Security update for curl (Moderate)SUSE Linux Micro 6.1
This update for curl fixes the following issues:
- CVE-2025-14524: bearer token leak on cross-protocol redirect (bsc#1255731).
- CVE-2025-14819: libssh global knownhost override (bsc#1255732).
- CVE-2025-15079: libssh key passphrase bypass without agent set (bsc#1255733).
- CVE-2025-15224: OpenSSL partial chain store policy bypass (bsc#1255734).
ModerateSUSE bug 1255731SUSE bug 1255732SUSE bug 1255733SUSE bug 1255734CVE-2025-14524 at SUSECVE-2025-14524 at NVDCVE-2025-14819 at SUSECVE-2025-14819 at NVDCVE-2025-15079 at SUSECVE-2025-15079 at NVDCVE-2025-15224 at SUSECVE-2025-15224 at NVDcpe:/o:suse:sl-micro:6.1Security update for docker (Critical)SUSE Linux Micro 6.1
This update for docker fixes the following issues:
- This update includes fixes for:
* CVE-2024-41110: Fixed Authz zero length regression (bsc#1228324)
* CVE-2023-47108: Fixed otelgrpc: DoS vulnerability in otelgrpc
(uncontrolled resource consumption) due to unbound cardinality
(bsc#1217070 bsc#1229806)
* CVE-2023-45142: Fixed otelhttp,otelhttptrace,otelrestful: DoS
vulnerability (bsc#1228553 bsc#1229806)
- Update to Docker 27.5.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/27/#2741> bsc#1237335
- Update to docker-buildx 0.20.1. See upstream changelog online at
<https://github.com/docker/buildx/releases/tag/v0.20.1>
- Update to Docker 27.4.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/27/#2741>
- Update to docker-buildx 0.19.3. See upstream changelog online at
<https://github.com/docker/buildx/releases/tag/v0.19.3>
- Update to Docker 27.4.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/27/#274>
<https://github.com/docker/buildx/releases/tag/v0.19.2>.
Some notable changelogs from the last update:
* <https://github.com/docker/buildx/releases/tag/v0.19.0>
* <https://github.com/docker/buildx/releases/tag/v0.18.0>
- Update to Go 1.22.
- Add a new toggle file /etc/docker/suse-secrets-enable which allows users to
disable the SUSEConnect integration with Docker (which creates special mounts
in /run/secrets to allow container-suseconnect to authenticate containers
with registries on registered hosts). bsc#1231348 bsc#1232999
In order to disable these mounts, just do
echo 0 > /etc/docker/suse-secrets-enable
and restart Docker. In order to re-enable them, just do
echo 1 > /etc/docker/suse-secrets-enable
and restart Docker. Docker will output information on startup to tell you
whether the SUSE secrets feature is enabled or not.
- Disable docker-buildx builds for SLES. It turns out that build containers
with docker-buildx don't currently get the SUSE secrets mounts applied,
meaning that container-suseconnect doesn't work when building images.
bsc#1233819
- Remove DOCKER_NETWORK_OPTS from docker.service. This was removed from
sysconfig a long time ago, and apparently this causes issues with systemd in
some cases.
- Update to docker-buildx v0.17.1 to match standalone docker-buildx package we
are replacing. See upstream changelog online at
<https://github.com/docker/buildx/releases/tag/v0.17.1>
- Mark docker-buildx as required since classic "docker build" has been
deprecated since Docker 23.0. bsc#1230331
- Import docker-buildx v0.16.2 as a subpackage. Previously this was a separate
package, but with docker-stable it will be necessary to maintain the packages
together and it makes more sense to have them live in the same OBS package.
bsc#1230333
- Update to Docker 26.1.5-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/26.1/#2615>
bsc#1230294
CriticalSUSE bug 1217070SUSE bug 1223409SUSE bug 1228324SUSE bug 1228553SUSE bug 1229806SUSE bug 1230294SUSE bug 1230331SUSE bug 1230333SUSE bug 1231348SUSE bug 1232999SUSE bug 1233819SUSE bug 1234089SUSE bug 1237335CVE-2023-45142 at SUSECVE-2023-45142 at NVDCVE-2023-47108 at SUSECVE-2023-47108 at NVDCVE-2024-29018 at SUSECVE-2024-29018 at NVDCVE-2024-41110 at SUSECVE-2024-41110 at NVDcpe:/o:suse:sl-micro:6.1Security update for libpcap (Moderate)SUSE Linux Micro 6.1
This update for libpcap fixes the following issues:
- CVE-2025-11961: missing validation of provided MAC-48 address string in `pcap_ether_aton()` can lead to out-of-bounds
read and write (bsc#1255765).
- CVE-2024-8006: missing return value check in `pcap_findalldevs_ex()` can lead to NULL pointer dereference
(bsc#1230034).
- CVE-2023-7256: unclear value returned by `sock_initaddress()` can lead to a double-free (bsc#1230020).
ModerateSUSE bug 1230020SUSE bug 1230034SUSE bug 1255765CVE-2023-7256 at SUSECVE-2023-7256 at NVDCVE-2024-8006 at SUSECVE-2024-8006 at NVDCVE-2025-11961 at SUSECVE-2025-11961 at NVDcpe:/o:suse:sl-micro:6.1Security update for libtasn1 (Moderate)SUSE Linux Micro 6.1
This update for libtasn1 fixes the following issues:
- CVE-2025-13151: lack of validation of input data size leads to stack-based buffer overflow in
`asn1_expend_octet_string` (bsc#1256341).
ModerateSUSE bug 1256341CVE-2025-13151 at SUSECVE-2025-13151 at NVDcpe:/o:suse:sl-micro:6.1Security update for libsodium (Moderate)SUSE Linux Micro 6.1
This update for libsodium fixes the following issues:
- CVE-2025-15444: missing checks when validating elliptic curve points allows for cryptographic bypass (bsc#1256070).
ModerateSUSE bug 1256070CVE-2025-15444 at SUSECVE-2025-15444 at NVDcpe:/o:suse:sl-micro:6.1Security update for gpg2 (Important)SUSE Linux Micro 6.1
This update for gpg2 fixes the following issues:
- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).
Other security fixes:
- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).
- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).
- agent: Fix a memory leak (bsc#1256243).
- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).
ImportantSUSE bug 1255715SUSE bug 1256243SUSE bug 1256244SUSE bug 1256246SUSE bug 1256390CVE-2025-68973 at SUSECVE-2025-68973 at NVDcpe:/o:suse:sl-micro:6.1Security update for elemental-toolkit, elemental-operator (Important)SUSE Linux Micro 6.1
This update for elemental-toolkit, elemental-operator fixes the following issues:
elemental-operator:
- Update to v1.7.4:
* Bump github.com/rancher-sandbox/go-tpm and its dependencies
This bump includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* Install yip config files in before-install step
* Revert "Do not delete ManagedOSVersions by default"
* Set default channel variable names consistent with OS version
* Do not delete ManagedOSVersions by default
* Include -channel suffix to channel names
* OS channel: enable baremetal channel by default
elemental-toolkit:
- Update to v2.2.7:
* Bump toolkit build to go 1.24
* Bump golang.org/x/crypto library
This bumg includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* bsc#1253581 (CVE-2025-47913)
* bsc#1253901 (CVE-2025-58181)
* bsc#1254079 (CVE-2025-47914)
- Update to v2.2.5:
* Permissive mode for green selinux
* Adapt code and unit tests
* Minor change to lookup devices using blkid
ImportantSUSE bug 1241826SUSE bug 1241857SUSE bug 1251511SUSE bug 1251679SUSE bug 1253581SUSE bug 1253901SUSE bug 1254079CVE-2025-22872 at SUSECVE-2025-22872 at NVDCVE-2025-47911 at SUSECVE-2025-47911 at NVDCVE-2025-47913 at SUSECVE-2025-47913 at NVDCVE-2025-47914 at SUSECVE-2025-47914 at NVDCVE-2025-58181 at SUSECVE-2025-58181 at NVDCVE-2025-58190 at SUSECVE-2025-58190 at NVDcpe:/o:suse:sl-micro:6.1Security update for curl (Important)SUSE Linux Micro 6.1
This update for curl fixes the following issues:
- CVE-2025-14017: Fixed broken TLS options for threaded LDAPS (bsc#1256105).
ImportantSUSE bug 1256105CVE-2025-14017 at SUSECVE-2025-14017 at NVDcpe:/o:suse:sl-micro:6.1Security update for net-snmp (Important)SUSE Linux Micro 6.1
This update for net-snmp fixes the following issues:
- CVE-2025-68615: Fixed snmptrapd buffer overflow (bsc#1255491).
ImportantSUSE bug 1255491CVE-2025-68615 at SUSECVE-2025-68615 at NVDcpe:/o:suse:sl-micro:6.1Security update for libsoup (Important)SUSE Linux Micro 6.1
This update for libsoup fixes the following issues:
- CVE-2025-14523: flaw in HTTP header handling can lead to host header parsing discrepancy between servers and proxies
and allow for request smuggling, cache poisoning and bypass of access controls (bsc#1254876).
- CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion can lead to undefined
behavior or crash (bsc#1252555).
- CVE-2026-0716: Fixed out-of-bounds read for websocket (bsc#1256418).
- CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399).
ImportantSUSE bug 1252555SUSE bug 1254876SUSE bug 1256399SUSE bug 1256418CVE-2025-12105 at SUSECVE-2025-12105 at NVDCVE-2025-14523 at SUSECVE-2025-14523 at NVDCVE-2026-0716 at SUSECVE-2026-0716 at NVDCVE-2026-0719 at SUSECVE-2026-0719 at NVDcpe:/o:suse:sl-micro:6.1Security update for abseil-cpp (Moderate)SUSE Linux Micro 6.1
This update for abseil-cpp fixes the following issues:
Update to version 20230802.3:
- CVE-2025-0838: Fixed potential integer overflow in hash container create/resize (#1813) (bsc#1237543).
ModerateSUSE bug 1237543CVE-2025-0838 at SUSECVE-2025-0838 at NVDcpe:/o:suse:sl-micro:6.1Security update for util-linux (Moderate)SUSE Linux Micro 6.1
This update for util-linux fixes the following issues:
- CVE-2025-14104: Fixed heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666).
- lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682).
ModerateSUSE bug 1254666CVE-2025-14104 at SUSECVE-2025-14104 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-urllib3 (Moderate)SUSE Linux Micro 6.1
This update for python-urllib3 fixes the following issues:
- CVE-2026-21441: Fixed excessive resource consumption during decompression of data in HTTP redirect responses (bsc#1256331).
ModerateSUSE bug 1256331CVE-2026-21441 at SUSECVE-2026-21441 at NVDcpe:/o:suse:sl-micro:6.1Security update for libxml2 (Moderate)SUSE Linux Micro 6.1
This update for libxml2 fixes the following issues:
- CVE-2026-0989: Fixed call stack exhaustion leading to application crash
due to RelaxNG parser not limiting the recursion depth when
resolving `<include>` directives (bsc#1256805).
ModerateSUSE bug 1256805CVE-2026-0989 at SUSECVE-2026-0989 at NVDcpe:/o:suse:sl-micro:6.1Security update for python311 (Moderate)SUSE Linux Micro 6.1
This update for python311 fixes the following issues:
- CVE-2025-12084: prevent quadratic behavior in node ID cache clearing (bsc#1254997).
- CVE-2025-13836: prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length (bsc#1254400).
- CVE-2025-13837: protect against OOM when loading malicious content (bsc#1254401).
ModerateSUSE bug 1254400SUSE bug 1254401SUSE bug 1254997CVE-2025-12084 at SUSECVE-2025-12084 at NVDCVE-2025-13836 at SUSECVE-2025-13836 at NVDCVE-2025-13837 at SUSECVE-2025-13837 at NVDcpe:/o:suse:sl-micro:6.1Security update for openssl-3 (Moderate)SUSE Linux Micro 6.1
This update for openssl-3 fixes the following issues:
- CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256830).
- CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834).
- CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835).
- CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836).
- CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837).
- CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838).
- CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839).
- CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840).
ModerateSUSE bug 1256830SUSE bug 1256834SUSE bug 1256835SUSE bug 1256836SUSE bug 1256837SUSE bug 1256838SUSE bug 1256839SUSE bug 1256840CVE-2025-15467 at SUSECVE-2025-15467 at NVDCVE-2025-68160 at SUSECVE-2025-68160 at NVDCVE-2025-69418 at SUSECVE-2025-69418 at NVDCVE-2025-69419 at SUSECVE-2025-69419 at NVDCVE-2025-69420 at SUSECVE-2025-69420 at NVDCVE-2025-69421 at SUSECVE-2025-69421 at NVDCVE-2026-22795 at SUSECVE-2026-22795 at NVDCVE-2026-22796 at SUSECVE-2026-22796 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-firmware (Important)SUSE Linux Micro 6.1
This update for kernel-firmware fixes the following issues:
- Update AMD ucode to 20251203 (bsc#1256483)
ImportantSUSE bug 1256483SUSE bug 619225cpe:/o:suse:sl-micro:6.1Security update for avahi (Moderate)SUSE Linux Micro 6.1
This update for avahi fixes the following issues:
- CVE-2024-52615: Fixed possible DNS response injection via the use of fixed source ports for wide-area DNS queries (bsc#1233421).
ModerateSUSE bug 1233421CVE-2024-52615 at SUSECVE-2024-52615 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-pyasn1 (Important)SUSE Linux Micro 6.1
This update for python-pyasn1 fixes the following issues:
- CVE-2026-23490: Fixed malformed RELATIVE-OID with excessive continuation octets leading to Denial of Service (bsc#1256902).
ImportantSUSE bug 1256902CVE-2026-23490 at SUSECVE-2026-23490 at NVDcpe:/o:suse:sl-micro:6.1Security update for google-guest-agent (Moderate)SUSE Linux Micro 6.1
This update for google-guest-agent fixes the following issues:
- CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers (bsc#1236533).
ModerateSUSE bug 1236533CVE-2023-45288 at SUSECVE-2023-45288 at NVDcpe:/o:suse:sl-micro:6.1Security update for google-osconfig-agent (Moderate)SUSE Linux Micro 6.1
This update for google-osconfig-agent fixes the following issues:
- CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers (bsc#1236533).
ModerateSUSE bug 1236533CVE-2023-45288 at SUSECVE-2023-45288 at NVDcpe:/o:suse:sl-micro:6.1Security update for protobuf (Moderate)SUSE Linux Micro 6.1
This update for protobuf fixes the following issues:
- CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python json_format.ParseDict (bsc#1257173).
ModerateSUSE bug 1257173CVE-2026-0994 at SUSECVE-2026-0994 at NVDcpe:/o:suse:sl-micro:6.1Security update for libsodium (Moderate)SUSE Linux Micro 6.1
This update for libsodium fixes the following issues:
- CVE-2025-15444: Fixed cryptographic bypass via improper elliptic curve point validation (bsc#1256070).
- CVE-2025-69277: Fixed incorrect validation of elliptic curve points in crypto_core_ed25519_is_valid_point function (bsc#1255764).
ModerateSUSE bug 1255764SUSE bug 1256070CVE-2025-15444 at SUSECVE-2025-15444 at NVDCVE-2025-69277 at SUSECVE-2025-69277 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-urllib3 (Moderate)SUSE Linux Micro 6.1
This update for python-urllib3 fixes the following issues:
- CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API (bsc#1254867).
- CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain (bsc#1254866).
ModerateSUSE bug 1254866SUSE bug 1254867CVE-2025-66418 at SUSECVE-2025-66418 at NVDCVE-2025-66471 at SUSECVE-2025-66471 at NVDcpe:/o:suse:sl-micro:6.1Security update for glib2 (Important)SUSE Linux Micro 6.1
This update for glib2 fixes the following issues:
- CVE-2025-13601: Fixed integer overflow in in g_escape_uri_string() (bsc#1254297).
- CVE-2025-14087: Fixed buffer underflow in GVariant parser leads to heap corruption (bsc#1254662).
- CVE-2025-14512: Fixed integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow (bsc#1254878).
- CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354).
- CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355).
- CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353).
- CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049).
ImportantSUSE bug 1254297SUSE bug 1254662SUSE bug 1254878SUSE bug 1257049SUSE bug 1257353SUSE bug 1257354SUSE bug 1257355CVE-2025-13601 at SUSECVE-2025-13601 at NVDCVE-2025-14087 at SUSECVE-2025-14087 at NVDCVE-2025-14512 at SUSECVE-2025-14512 at NVDCVE-2026-0988 at SUSECVE-2026-0988 at NVDCVE-2026-1484 at SUSECVE-2026-1484 at NVDCVE-2026-1485 at SUSECVE-2026-1485 at NVDCVE-2026-1489 at SUSECVE-2026-1489 at NVDcpe:/o:suse:sl-micro:6.1Security update for gpg2 (Important)SUSE Linux Micro 6.1
This update for gpg2 fixes the following issues:
- CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys (bsc#1257396).
- gpg.fail/filename: GnuPG Accepts Path Separators and Path Traversals in Literal Data "Filename" Field (bsc#1256389).
ImportantSUSE bug 1256389SUSE bug 1257396CVE-2026-24882 at SUSECVE-2026-24882 at NVDcpe:/o:suse:sl-micro:6.1Security update for cockpit-podman (Important)SUSE Linux Micro 6.1
This update for cockpit-podman fixes the following issues:
- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global
prototypes (bsc#1257324).
ImportantSUSE bug 1257324CVE-2025-13465 at SUSECVE-2025-13465 at NVDcpe:/o:suse:sl-micro:6.1Security update for expat (Important)SUSE Linux Micro 6.1
This update for expat fixes the following issues:
- CVE-2026-24515: failure to copy the encoding handler data passed to XML_SetUnknownEncodingHandler may cause a NULL
dereference (bsc#1257144).
- CVE-2026-25210: lack of buffer size check can lead to an integer overflow (bsc#1257496).
ImportantSUSE bug 1257144SUSE bug 1257496CVE-2026-24515 at SUSECVE-2026-24515 at NVDCVE-2026-25210 at SUSECVE-2026-25210 at NVDcpe:/o:suse:sl-micro:6.1Security update for libpng16 (Important)SUSE Linux Micro 6.1
This update for libpng16 fixes the following issues:
- CVE-2026-25646: Fixed a heap buffer overflow vulnerability in png_set_dither/png_set_quantize (bsc#1258020).
- CVE-2025-28162: memory leaks when running `pngimage` (bsc#1257364).
- CVE-2025-28164: memory leaks when running `pngimage` (bsc#1257365).
- CVE-2026-22695: Fixed heap buffer over-read in png_image_finish_read (bsc#1256525).
- CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in png_image_write_* (bsc#1256526).
ImportantSUSE bug 1256525SUSE bug 1256526SUSE bug 1257364SUSE bug 1257365SUSE bug 1258020CVE-2025-28162 at SUSECVE-2025-28162 at NVDCVE-2025-28164 at SUSECVE-2025-28164 at NVDCVE-2026-22695 at SUSECVE-2026-22695 at NVDCVE-2026-22801 at SUSECVE-2026-22801 at NVDCVE-2026-25646 at SUSECVE-2026-25646 at NVDcpe:/o:suse:sl-micro:6.1Security update for libssh (Moderate)SUSE Linux Micro 6.1
This update for libssh fixes the following issues:
- CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal (bsc#1258049).
- CVE-2026-0965: possible denial of service when parsing unexpected configuration files (bsc#1258045).
- CVE-2026-0966: buffer underflow in ssh_get_hexa() on invalid input (bsc#1258054).
- CVE-2026-0967: specially crafted patterns could cause denial of service (bsc#1258081).
- CVE-2026-0968: malformed SFTP message can lead to out of bound read (bsc#1258080).
ModerateSUSE bug 1258045SUSE bug 1258049SUSE bug 1258054SUSE bug 1258080SUSE bug 1258081CVE-2026-0964 at SUSECVE-2026-0964 at NVDCVE-2026-0965 at SUSECVE-2026-0965 at NVDCVE-2026-0966 at SUSECVE-2026-0966 at NVDCVE-2026-0967 at SUSECVE-2026-0967 at NVDCVE-2026-0968 at SUSECVE-2026-0968 at NVDcpe:/o:suse:sl-micro:6.1Security update for glibc (Important)SUSE Linux Micro 6.1
This update for glibc fixes the following issues:
- CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766).
- CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822).
- CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005).
- CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965).
ImportantSUSE bug 1246965SUSE bug 1256766SUSE bug 1256822SUSE bug 1257005CVE-2025-15281 at SUSECVE-2025-15281 at NVDCVE-2025-8058 at SUSECVE-2025-8058 at NVDCVE-2026-0861 at SUSECVE-2026-0861 at NVDCVE-2026-0915 at SUSECVE-2026-0915 at NVDcpe:/o:suse:sl-micro:6.1Security update for rust-keylime (Important)SUSE Linux Micro 6.1
This update for rust-keylime fixes the following issues:
Update to version 0.2.8+116.
Security issues fixed:
- CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion
(bsc#1257908).
Other updates and bugfixes:
- Update vendored crates `time` to version 0.3.47.
- Update to version 0.2.8+116:
* build(deps): bump bytes from 1.7.2 to 1.11.1
* api: Modify /version endpoint output in version 2.5
* Add API v2.5 with backward-compatible /v2.5/quotes/integrity
* tests: add unit test for resolve_agent_id (#1182)
* (pull-model): enable retry logic for registration
* rpm: Update specfiles to apply on master
* workflows: Add test to detect unused crates
* lib: Drop unused crates
* push-model: Drop unused crates
* keylime-agent: Drop unused crates
* build(deps): bump uuid from 1.18.1 to 1.19.0
* Update reqwest-retry to 0.8, retry-policies to 0.5
* rpm: Fix cargo_build macro usage on CentOS Stream
* fix(push-model): resolve hash_ek uuid to actual EK hash
* build(deps): bump thiserror from 2.0.16 to 2.0.17
* workflows: Separate upstream test suite from e2e coverage
* Send UEFI measured boot logs as raw bytes (#1173)
* auth: Add unit tests for SecretToken implementation
* packit: Enable push-attestation tests
* resilient_client: Prevent authentication token leakage in logs
- Use tmpfiles.d for /var directories (PED-14736)
- Update to version 0.2.8+96:
* build(deps): bump wiremock from 0.6.4 to 0.6.5
* build(deps): bump actions/checkout from 5 to 6
* build(deps): bump chrono from 0.4.41 to 0.4.42
* packit: Get coverage from Fedora 43 runs
* Fix issues pointed out by clippy
* Replace mutex unwraps with proper error handling in TPM library
* Remove unused session request methods from StructureFiller
* Fix config panic on missing ek_handle in push model agent
* build(deps): bump tempfile from 3.21.0 to 3.23.0
* build(deps): bump actions/upload-artifact from 4 to 6 (#1163)
* Fix clippy warnings project-wide
* Add KEYLIME_DIR support for verifier TLS certificates in push model agent
* Thread privileged resources and use MeasurementList for IMA reading
* Add privileged resource initialization and privilege dropping to push model agent
* Fix privilege dropping order in run_as()
* add documentation on FQDN hostnames
* Remove confusing logs for push mode agent
* Set correct default Verifier port (8891->8881) (#1159)
* Add verifier_url to reference configuration file (#1158)
* Add TLS support for Registrar communication (#1139)
* Fix agent handling of 403 registration responses (#1154)
* Add minor README.md rephrasing (#1151)
* build(deps): bump actions/checkout from 5 to 6 (#1153)
* ci: update spec files for packit COPR build
* docs: improve challenge encoding and async TPM documentation
* refactor: improve middleware and error handling
* feat: add authentication client with middleware integration
* docker: Include keylime_push_model_agent binary
* Include attestation_interval configuration (#1146)
* Persist payload keys to avoid attestation failure on restart
* crypto: Implement the load or generate pattern for keys
* Use simple algorithm specifiers in certification_keys object (#1140)
* tests: Enable more tests in CI
* Fix RSA2048 algorithm reporting in keylime agent
* Remove disabled_signing_algorithms configuration
* rpm: Fix metadata patches to apply to current code
* workflows/rpm.yml: Use more strict patching
* build(deps): bump uuid from 1.17.0 to 1.18.1
* Fix ECC algorithm selection and reporting for keylime agent
* Improve logging consistency and coherency
* Implement minimal RFC compliance for Location header and URI parsing (#1125)
* Use separate keys for payload mechanism and mTLS
* docker: update rust to 1.81 for distroless Dockerfile
* Ensure UEFI log capabilities are set to false
* build(deps): bump http from 1.1.0 to 1.3.1
* build(deps): bump log from 0.4.27 to 0.4.28
* build(deps): bump cfg-if from 1.0.1 to 1.0.3
* build(deps): bump actix-rt from 2.10.0 to 2.11.0
* build(deps): bump async-trait from 0.1.88 to 0.1.89
* build(deps): bump trybuild from 1.0.105 to 1.0.110
* Accept evidence handling structures null entries
* workflows: Add test to check if RPM patches still apply
* CI: Enable test add-agent-with-malformed-ek-cert
* config: Fix singleton tests
* FSM: Remove needless lifetime annotations (#1105)
* rpm: Do not remove wiremock which is now available in Fedora
* Use latest Fedora httpdate version (1.0.3)
* Enhance coverage with parse_retry_after test
* Fix issues reported by CI regarding unwrap() calls
* Reuse max retries indicated to the ResilientClient
* Include limit of retries to 5 for Retry-After
* Add policy to handle Retry-After response headers
* build(deps): bump wiremock from 0.6.3 to 0.6.4
* build(deps): bump serde_json from 1.0.140 to 1.0.143
* build(deps): bump pest_derive from 2.8.0 to 2.8.1
* build(deps): bump syn from 2.0.90 to 2.0.106
* build(deps): bump tempfile from 3.20.0 to 3.21.0
* build(deps): bump thiserror from 2.0.12 to 2.0.16
* rpm: Fix patches to apply to current master code
* build(deps): bump anyhow from 1.0.98 to 1.0.99
* state_machine: Automatically clean config override during tests
* config: Implement singleton and factory pattern
* testing: Support overriding configuration during tests
* feat: implement standalone challenge-response authentication module
* structures: rename session structs for clarity and fix typos
* tpm: refactor certify_credential_with_iak() into a more generic function
* Add Push Model Agent Mermaid FSM chart (#1095)
* Add state to avoid exiting on wrong attestation (#1093)
* Add 6 alphanumeric lowercase X-Request-ID header
* Enhance Evidence Handling response parsing
* build(deps): bump quote from 1.0.35 to 1.0.40
* build(deps): bump libc from 0.2.172 to 0.2.175
* build(deps): bump glob from 0.3.2 to 0.3.3
* build(deps): bump actix-web from 4.10.2 to 4.11.0
ImportantSUSE bug 1257908CVE-2026-25727 at SUSECVE-2026-25727 at NVDcpe:/o:suse:sl-micro:6.1Security update for cups (Important)SUSE Linux Micro 6.1
This update for cups fixes the following issues:
Update to version 2.4.16.
Security issues fixed:
- CVE-2025-58436: single client sending slow messages to cupsd can delay the application and make it unusable for other
clients (bsc#1244057).
- CVE-2025-58060: authentication bypass with AuthType negotiate (bsc#1249049).
- CVE-2025-58364: unsafe deserialization and validation of printer attributes can lead to null dereference
(bsc#1249128).
- CVE-2025-61915: local denial-of-service via cupsd.conf update and related issues (bsc#1253783).
Other updates and bugfixes:
- Version upgrade to 2.4.16:
* 'cupsUTF8ToCharset' didn't validate 2-byte UTF-8 sequences,
potentially reading past the end of the source string
(Issue #1438)
* The web interface did not support domain usernames fully
(Issue #1441)
* Fixed an infinite loop issue in the GTK+ print dialog
(Issue #1439 bsc#1254353)
* Fixed stopping scheduler on unknown directive in
configuration (Issue #1443)
- Version upgrade to 2.4.15:
* Fixed potential crash in 'cups-driverd' when there are
duplicate PPDs (Issue #1355)
* Fixed error recovery when scanning for PPDs
in 'cups-driverd' (Issue #1416)
- Fix packages for Immutable Mode - cups (jsc#PED-14775,jsc#PED-14688)
- Version upgrade to 2.4.14.
- Version upgrade to 2.4.13:
* Added 'print-as-raster' printer and job attributes
for forcing rasterization (Issue #1282)
* Updated documentation (Issue #1086)
* Updated IPP backend to try a sanitized user name if the
printer/server does not like the value (Issue #1145)
* Updated the scheduler to send the "printer-added"
or "printer-modified" events whenever an IPP Everywhere PPD
is installed (Issue #1244)
* Updated the scheduler to send the "printer-modified" event
whenever the system default printer is changed (Issue #1246)
* Fixed a memory leak in 'httpClose' (Issue #1223)
* Fixed missing commas in 'ippCreateRequestedArray'
(Issue #1234)
* Fixed subscription issues in the scheduler and D-Bus notifier
(Issue #1235)
* Fixed media-default reporting for custom sizes (Issue #1238)
* Fixed support for IPP/PPD options with periods or underscores
(Issue #1249)
* Fixed parsing of real numbers in PPD compiler source files
(Issue #1263)
* Fixed scheduler freezing with zombie clients (Issue #1264)
* Fixed support for the server name in the ErrorLog filename
(Issue #1277)
* Fixed job cleanup after daemon restart (Issue #1315)
* Fixed handling of buggy DYMO USB printer serial numbers
(Issue #1338)
* Fixed unreachable block in IPP backend (Issue #1351)
* Fixed memory leak in _cupsConvertOptions (Issue #1354)
- Version upgrade to 2.4.12:
* GnuTLS follows system crypto policies now (Issue #1105)
* Added `NoSystem` SSLOptions value (Issue #1130)
* Now we raise alert for certificate issues (Issue #1194)
* Added Kyocera USB quirk (Issue #1198)
* The scheduler now logs a job's debugging history
if the backend fails (Issue #1205)
* Fixed a potential timing issue with `cupsEnumDests`
(Issue #1084)
* Fixed a potential "lost PPD" condition in the scheduler
(Issue #1109)
* Fixed a compressed file error handling bug (Issue #1070)
* Fixed a bug in the make-and-model whitespace trimming
code (Issue #1096)
* Fixed a removal of IPP Everywhere permanent queue
if installation failed (Issue #1102)
* Fixed `ServerToken None` in scheduler (Issue #1111)
* Fixed invalid IPP keyword values created from PPD
option names (Issue #1118)
* Fixed handling of "media" and "PageSize" in the same
print request (Issue #1125)
* Fixed client raster printing from macOS (Issue #1143)
* Fixed the default User-Agent string.
* Fixed a recursion issue in `ippReadIO`.
* Fixed handling incorrect radix in `scan_ps()` (Issue #1188)
* Fixed validation of dateTime values with time zones
more than UTC+11 (Issue #1201)
* Fixed attributes returned by the Create-Xxx-Subscriptions
requests (Issue #1204)
* Fixed `ippDateToTime` when using a non GMT/UTC timezone
(Issue #1208)
* Fixed `job-completed` event notifications for jobs that are
cancelled before started (Issue #1209)
* Fixed DNS-SD discovery with `ippfind` (Issue #1211)
ImportantSUSE bug 1244057SUSE bug 1249049SUSE bug 1249128SUSE bug 1253783SUSE bug 1254353CVE-2025-58060 at SUSECVE-2025-58060 at NVDCVE-2025-58364 at SUSECVE-2025-58364 at NVDCVE-2025-58436 at SUSECVE-2025-58436 at NVDCVE-2025-61915 at SUSECVE-2025-61915 at NVDcpe:/o:suse:sl-micro:6.1Security update for libsoup (Important)SUSE Linux Micro 6.1
This update for libsoup fixes the following issues:
- CVE-2025-32049: denial of service attack to websocket server (bsc#1240751).
- CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398).
- CVE-2026-1536: HTTP header injection or response splitting via CRLF injection in the Content-Disposition header
(bsc#1257440).
- CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects
(bsc#1257441).
- CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request
smuggling and potential DoS (bsc#1257597).
- CVE-2026-1761: incorrect length calculation when parsing of multipart HTTP responses can lead to a stack-based buffer
overflow (bsc#1257598).
- CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources (bsc#1258120).
- CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information
disclosure to remote attackers (bsc#1258170).
- CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).
ImportantSUSE bug 1240751SUSE bug 1257398SUSE bug 1257440SUSE bug 1257441SUSE bug 1257597SUSE bug 1257598SUSE bug 1258120SUSE bug 1258170SUSE bug 1258508CVE-2025-32049 at SUSECVE-2025-32049 at NVDCVE-2026-1467 at SUSECVE-2026-1467 at NVDCVE-2026-1536 at SUSECVE-2026-1536 at NVDCVE-2026-1539 at SUSECVE-2026-1539 at NVDCVE-2026-1760 at SUSECVE-2026-1760 at NVDCVE-2026-1761 at SUSECVE-2026-1761 at NVDCVE-2026-2369 at SUSECVE-2026-2369 at NVDCVE-2026-2443 at SUSECVE-2026-2443 at NVDCVE-2026-2708 at SUSECVE-2026-2708 at NVDcpe:/o:suse:sl-micro:6.1Security update for cockpit-machines (Important)SUSE Linux Micro 6.1
This update for cockpit-machines fixes the following issues:
- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global
prototypes (bsc#1257325).
ImportantSUSE bug 1257325CVE-2025-13465 at SUSECVE-2025-13465 at NVDcpe:/o:suse:sl-micro:6.1Security update for docker (Moderate)SUSE Linux Micro 6.1
This update for docker fixes the following issues:
- CVE-2025-58181: an invalid number of mechanisms may cause unbounded memory consumption (bcs#1253904).
ModerateSUSE bug 1253904CVE-2025-58181 at SUSECVE-2025-58181 at NVDcpe:/o:suse:sl-micro:6.1Security update for ca-certificates-mozilla (Moderate)SUSE Linux Micro 6.1
This update for ca-certificates-mozilla fixes the following issues:
- Updated to 2.84 state of Mozilla SSL root CAs (bsc#1258002)
- Removed:
- Baltimore CyberTrust Root
- CommScope Public Trust ECC Root-01
- CommScope Public Trust ECC Root-02
- CommScope Public Trust RSA Root-01
- CommScope Public Trust RSA Root-02
- DigiNotar Root CA
- Added:
- e-Szigno TLS Root CA 2023
- OISTE Client Root ECC G1
- OISTE Client Root RSA G1
- OISTE Server Root ECC G1
- OISTE Server Root RSA G1
- SwissSign RSA SMIME Root CA 2022 - 1
- SwissSign RSA TLS Root CA 2022 - 1
- TrustAsia SMIME ECC Root CA
- TrustAsia SMIME RSA Root CA
- TrustAsia TLS ECC Root CA
- TrustAsia TLS RSA Root CA
ModerateSUSE bug 1258002cpe:/o:suse:sl-micro:6.1Security update for cockpit (Important)SUSE Linux Micro 6.1
This update for cockpit fixes the following issues:
- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global
prototypes (bsc#1257324).
ImportantSUSE bug 1257324CVE-2025-13465 at SUSECVE-2025-13465 at NVDcpe:/o:suse:sl-micro:6.1Recommended update for open-vm-tools (Moderate)SUSE Linux Micro 6.1
This update for open-vm-tools fixes the following issues:
- update to 13.0.10 based on build 25056151 (boo#1257357):
* There are no new features in the open-vm-tools 13.0.10 release.
* This is primarily a maintenance release that addresses a fix.
* A minor enhancement has been made for Guest OS Customization.
* The DeployPkg plugin has been updated to handle a new cloud-init error code that
signals a recoverable error and allow cloud-init to finish running.
ModerateSUSE bug 1250692SUSE bug 1257357CVE-2025-41244 at SUSECVE-2025-41244 at NVDcpe:/o:suse:sl-micro:6.1Security update for gnutls (Moderate)SUSE Linux Micro 6.1
This update for gnutls fixes the following issues:
- CVE-2025-14831: Fixed DoS via excessive resource consumption during certificate verification. (bsc#1257960)
- Add the functionality to allow to specify the hash algorithm for the PSK. This fixes a bug in the current implementation where the binder is always calculated with SHA256. (bsc#1258083, jsc#PED-15752, jsc#PED-15753)
ModerateSUSE bug 1257960SUSE bug 1258083CVE-2025-14831 at SUSECVE-2025-14831 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-cryptography (Moderate)SUSE Linux Micro 6.1
This update for python-cryptography fixes the following issues:
- CVE-2026-26007: missing validation can lead to security issues for signature verification (ECDSA) and shared key
negotiation (ECDH) (bsc#1258074).
ModerateSUSE bug 1258074CVE-2026-26007 at SUSECVE-2026-26007 at NVDcpe:/o:suse:sl-micro:6.1Security update for docker-compose (Important)SUSE Linux Micro 6.1
This update for docker-compose fixes the following issues:
- CVE-2025-47914: non validated message size can cause a panic due to an out of bounds read (bsc#1254041).
- CVE-2025-47913: client process termination when receiving an unexpected message type in response to a key listing or
signing request (bsc#1253584).
- CVE-2025-62725: OCI compose artifacts can be used to escape the cache directory and overwrite arbitrary files
(bsc#1252752).
ImportantSUSE bug 1252752SUSE bug 1253584SUSE bug 1254041CVE-2025-47913 at SUSECVE-2025-47913 at NVDCVE-2025-47914 at SUSECVE-2025-47914 at NVDCVE-2025-62725 at SUSECVE-2025-62725 at NVDcpe:/o:suse:sl-micro:6.1Security update for libxslt, libxml2 (Moderate)SUSE Linux Micro 6.1
This update for libxslt, libxml2 fixes the following issues:
libxml2:
- CVE-2026-0990: call stack overflow leading to application crash
due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811)
- CVE-2026-0992: excessive resource consumption when processing XML
catalogs due to exponential behavior when handling `<nextCatalog>` elements (bsc#1256808, bsc#1256809, bsc#1256812)
- CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850)
- CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257593, bsc#1257594, bsc#1257595)
- CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553)
- CVE-2026-0989: call stack exhaustion leading to application crash
due to RelaxNG parser not limiting the recursion depth when
resolving `<include>` directives (bsc#1256804, bsc#1256805, bsc#1256810)
libxslt:
- CVE-2025-10911 will be fixed on libxml2 side instead [bsc#1250553]
ModerateSUSE bug 1247850SUSE bug 1247858SUSE bug 1250553SUSE bug 1256804SUSE bug 1256805SUSE bug 1256807SUSE bug 1256808SUSE bug 1256809SUSE bug 1256810SUSE bug 1256811SUSE bug 1256812SUSE bug 1257593SUSE bug 1257594SUSE bug 1257595CVE-2025-10911 at SUSECVE-2025-10911 at NVDCVE-2025-8732 at SUSECVE-2025-8732 at NVDCVE-2026-0989 at SUSECVE-2026-0989 at NVDCVE-2026-0990 at SUSECVE-2026-0990 at NVDCVE-2026-0992 at SUSECVE-2026-0992 at NVDCVE-2026-1757 at SUSECVE-2026-1757 at NVDcpe:/o:suse:sl-micro:6.1Security update for ucode-intel (Important)SUSE Linux Micro 6.1
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20260210 release (bsc#1258046):
- CVE-2024-24853: Updated fix for incorrect behavior order in transition
between executive monitor and SMI transfer monitor (STM) in some Intel(R)
Processor may allow a privileged user to potentially enable escalation
of privilege via local access (bsc#1229129).
- CVE-2025-31648: Improper handling of values in the
microcode flow for some Intel Processor Family may allow
an escalation of privilege (bsc#1258046).
ImportantSUSE bug 1229129SUSE bug 1258046CVE-2024-24853 at SUSECVE-2024-24853 at NVDCVE-2025-31648 at SUSECVE-2025-31648 at NVDcpe:/o:suse:sl-micro:6.1Security update for zlib (Moderate)SUSE Linux Micro 6.1
This update for zlib fixes the following issues:
- CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392)
- CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378)
ModerateSUSE bug 1216378SUSE bug 1258392CVE-2023-45853 at SUSECVE-2023-45853 at NVDCVE-2026-27171 at SUSECVE-2026-27171 at NVDcpe:/o:suse:sl-micro:6.1Security update for python311 (Important)SUSE Linux Micro 6.1
This update for python311 fixes the following issues:
- CVE-2025-11468: preserving parens when folding comments in email headers. (bsc#1257029)
- CVE-2026-0672: rejects control characters in http cookies. (bsc#1257031)
- CVE-2026-0865: rejecting control characters in wsgiref.headers.Headers, which could be abused for injecting false HTTP headers. (bsc#1257042)
- CVE-2025-15366: basically the same as the previous patch for IMAP protocol. (bsc#1257044)
- CVE-2025-15282: basically the same as the previous patch for urllib library. (bsc#1257046)
- CVE-2025-15367: basically the same as the previous patch for poplib library. (bsc#1257041)
- CVE-2025-12781: fix decoding with non-standard Base64 alphabet (bsc#1257108)
ImportantSUSE bug 1257029SUSE bug 1257031SUSE bug 1257041SUSE bug 1257042SUSE bug 1257044SUSE bug 1257046SUSE bug 1257108CVE-2025-11468 at SUSECVE-2025-11468 at NVDCVE-2025-12781 at SUSECVE-2025-12781 at NVDCVE-2025-15282 at SUSECVE-2025-15282 at NVDCVE-2025-15366 at SUSECVE-2025-15366 at NVDCVE-2025-15367 at SUSECVE-2025-15367 at NVDCVE-2026-0672 at SUSECVE-2026-0672 at NVDCVE-2026-0865 at SUSECVE-2026-0865 at NVDcpe:/o:suse:sl-micro:6.1Security update for util-linux (Moderate)SUSE Linux Micro 6.1
This update for util-linux fixes the following issue:
- CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859).
ModerateSUSE bug 1258859CVE-2026-3184 at SUSECVE-2026-3184 at NVDcpe:/o:suse:sl-micro:6.1Security update for virtiofsd (Important)SUSE Linux Micro 6.1
This update for virtiofsd fixes the following issue:
- CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion
(bsc#1257912).
ImportantSUSE bug 1257912CVE-2026-25727 at SUSECVE-2026-25727 at NVDcpe:/o:suse:sl-micro:6.1Security update for openssh (Moderate)SUSE Linux Micro 6.1
This update for openssh fixes the following issues:
- CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198).
- CVE-2025-61985: code execution via '\0' character in ssh: // URI when a ProxyCommand is used (bsc#1251199).
ModerateSUSE bug 1251198SUSE bug 1251199SUSE bug 1258166CVE-2025-61984 at SUSECVE-2025-61984 at NVDCVE-2025-61985 at SUSECVE-2025-61985 at NVDcpe:/o:suse:sl-micro:6.1Security update for qemu (Moderate)SUSE Linux Micro 6.1
This update for qemu fixes the following issues:
- CVE-2025-14876: Fixed unbounded allocation in virtio-crypto. (bsc#1255400)
- CVE-2026-0665: Fixed PIRQ bounds check in xen_physdev_map_pirq. (bsc#1256484)
ModerateSUSE bug 1255400SUSE bug 1256484CVE-2025-14876 at SUSECVE-2025-14876 at NVDCVE-2026-0665 at SUSECVE-2026-0665 at NVDcpe:/o:suse:sl-micro:6.1Security update for curl (Moderate)SUSE Linux Micro 6.1
This update for curl fixes the following issues:
Update to 8.12.1:
* Bugfixes:
- asyn-thread: fix build with 'CURL_DISABLE_SOCKETPAIR'
- asyn-thread: fix HTTPS RR crash
- asyn-thread: fix the returned bitmask from Curl_resolver_getsock
- asyn-thread: survive a c-ares channel set to NULL
- cmake: always reference OpenSSL and ZLIB via imported targets
- cmake: respect 'GNUTLS_CFLAGS' when detected via 'pkg-config'
- cmake: respect 'GNUTLS_LIBRARY_DIRS' in 'libcurl.pc' and 'curl-config'
- content_encoding: #error on too old zlib
- imap: TLS upgrade fix
- ldap: drop support for legacy Novell LDAP SDK
- libssh2: comparison is always true because rc <= -1
- libssh2: raise lowest supported version to 1.2.8
- libssh: drop support for libssh older than 0.9.0
- openssl-quic: ignore ciphers for h3
- pop3: TLS upgrade fix
- runtests: fix the disabling of the memory tracking
- runtests: quote commands to support paths with spaces
- scache: add magic checks
- smb: silence '-Warray-bounds' with gcc 13+
- smtp: TLS upgrade fix
- tool_cfgable: sort struct fields by size, use bitfields for booleans
- tool_getparam: add "TLS required" flag for each such option
- vtls: fix multissl-init
- wakeup_write: make sure the eventfd write sends eight bytes
Update to 8.12.0:
* Security fixes:
- [bsc#1234068, CVE-2024-11053] curl could leak the password used
for the first host to the followed-to host under certain circumstances.
- [bsc#1232528, CVE-2024-9681] HSTS subdomain overwrites parent cache entry
- [bsc#1236589, CVE-2025-0665] eventfd double close
* Changes:
- curl: add byte range support to --variable reading from file
- curl: make --etag-save acknowledge --create-dirs
- getinfo: fix CURLINFO_QUEUE_TIME_T and add 'time_queue' var
- getinfo: provide info which auth was used for HTTP and proxy
- hyper: drop support
- openssl: add support to use keys and certificates from PKCS#11 provider
- QUIC: 0RTT for gnutls via CURLSSLOPT_EARLYDATA
- vtls: feature ssls-export for SSL session im-/export
* Bugfixes:
- altsvc: avoid integer overflow in expire calculation
- asyn-ares: acknowledge CURLOPT_DNS_SERVERS set to NULL
- asyn-ares: fix memory leak
- asyn-ares: initial HTTPS resolve support
- asyn-thread: use c-ares to resolve HTTPS RR
- async-thread: avoid closing eventfd twice
- cd2nroff: do not insist on quoted <> within backticks
- cd2nroff: support "none" as a TLS backend
- conncache: count shutdowns against host and max limits
- content_encoding: drop support for zlib before 1.2.0.4
- content_encoding: namespace GZIP flag constants
- content_encoding: put the decomp buffers into the writer structs
- content_encoding: support use of custom libzstd memory functions
- cookie: cap expire times to 400 days
- cookie: parse only the exact expire date
- curl: return error if etag options are used with multiple URLs
- curl_multi_fdset: include the shutdown connections in the set
- curl_sha512_256: rename symbols to the curl namespace
- curl_url_set.md: adjust the added-in to 7.62.0
- doh: send HTTPS RR requests for all HTTP(S) transfers
- easy: allow connect-only handle reuse with easy_perform
- easy: make curl_easy_perform() return error if connection still there
- easy_lock: use Sleep(1) for thread yield on old Windows
- ECH: update APIs to those agreed with OpenSSL maintainers
- GnuTLS: fix 'time_appconnect' for early data
- HTTP/2: strip TE request header
- http2: fix data_pending check
- http2: fix value stored to 'result' is never read
- http: ignore invalid Retry-After times
- http_aws_sigv4: Fix invalid compare function handling zero-length pairs
- https-connect: start next immediately on failure
- lib: redirect handling by protocol handler
- multi: fix curl_multi_waitfds reporting of fd_count
- netrc: 'default' with no credentials is not a match
- netrc: fix password-only entries
- netrc: restore _netrc fallback logic
- ngtcp2: fix memory leak on connect failure
- openssl: define `HAVE_KEYLOG_CALLBACK` before use
- openssl: fix ECH logic
- osslq: use SSL_poll to determine writeability of QUIC streams
- sectransp: free certificate on error
- select: avoid a NULL deref in cwfds_add_sock
- src: omit hugehelp and ca-embed from libcurltool
- ssl session cache: change cache dimensions
- system.h: add 64-bit curl_off_t definitions for NonStop
- telnet: handle single-byte input option
- TLS: check connection for SSL use, not handler
- tool_formparse.c: make curlx_uztoso a static in here
- tool_formparse: accept digits in --form type= strings
- tool_getparam: ECH param parsing refix
- tool_getparam: fail --hostpubsha256 if libssh2 is not used
- tool_getparam: fix "Ignored Return Value"
- tool_getparam: fix memory leak on error in parse_ech
- tool_getparam: fix the ECH parser
- tool_operate: make --etag-compare always accept a non-existing file
- transfer: fix CURLOPT_CURLU override logic
- urlapi: fix redirect to a new fragment or query (only)
- vquic: make vquic_send_packets not return without setting psent
- vtls: fix default SSL backend as a fallback
- vtls: only remember the expiry timestamp in session cache
- websocket: fix message send corruption
- x509asn1: add parse recursion limit
Update to 8.11.1:
* Security fixes:
- netrc and redirect credential leak [bsc#1234068, CVE-2024-11053]
* Bugfixes:
- build: fix ECH to always enable HTTPS RR
- cookie: treat cookie name case sensitively
- curl-rustls.m4: keep existing 'CPPFLAGS'/'LDFLAGS' when detected
- curl: use realtime in trace timestamps
- digest: produce a shorter cnonce in Digest headers
- docs: document default 'User-Agent'
- docs: suggest --ssl-reqd instead of --ftp-ssl
- duphandle: also init netrc
- hostip: don't use the resolver for FQDN localhost
- http_negotiate: allow for a one byte larger channel binding buffer
- krb5: fix socket/sockindex confusion, MSVC compiler warnings
- libssh: use libssh sftp_aio to upload file
- libssh: when using IPv6 numerical address, add brackets
- mime: fix reader stall on small read lengths
- mk-ca-bundle: remove CKA_NSS_SERVER_DISTRUST_AFTER conditions
- mprintf: fix the integer overflow checks
- multi: fix callback for 'CURLMOPT_TIMERFUNCTION' not being called again when...
- netrc: address several netrc parser flaws
- netrc: support large file, longer lines, longer tokens
- nghttp2: use custom memory functions
- OpenSSL: improvde error message on expired certificate
- openssl: remove three "Useless Assignments"
- openssl: stop using SSL_CTX_ function prefix for our functions
- pytest: add test for use of CURLMOPT_MAX_HOST_CONNECTIONS
- rtsp: check EOS in the RTSP receive and return an error code
- schannel: remove TLS 1.3 ciphersuite-list support
- setopt: fix CURLOPT_HTTP_CONTENT_DECODING
- setopt: fix missing options for builds without HTTP & MQTT
- socket: handle binding to "host!<ip>"
- socketpair: fix enabling 'USE_EVENTFD'
- strtok: use namespaced 'strtok_r' macro instead of redefining it
Update to 8.11.0:
* Security fixes: [bsc#1232528, CVE-2024-9681]
- curl: HSTS subdomain overwrites parent cache entry
* Changes:
- curl: --create-dirs works for --dump-header as well
- gtls: Add P12 format support
- ipfs: add options to disable
- TLS: TLSv1.3 earlydata support for curl
- WebSockets: make support official (non-experimental)
* Bugfixes:
- build: clarify CA embed is for curl tool, mark default, improve summary
- build: show if CA bundle to embed was found
- build: tidy up and improve versioned-symbols options
- cmake/FindNGTCP2: use library path as hint for finding crypto module
- cmake: disable default OpenSSL if BearSSL, GnuTLS or Rustls is enabled
- cmake: rename LDAP dependency config variables to match Find modules
- cmake: replace 'check_include_file_concat()' for LDAP and GSS detection
- cmake: use OpenSSL for LDAP detection only if available
- curl: add build options for safe/no CA bundle search (Windows)
- curl: detect ECH support dynamically, not at build time
- curl_addrinfo: support operating systems with only getaddrinfo(3)
- ftp: fix 0-length last write on upload from stdin
- gnutls: use session cache for QUIC
- hsts: improve subdomain handling
- hsts: support "implied LWS" properly around max-age
- http2: auto reset stream on server eos
- json.md: cli-option '--json' is an alias of '--data-binary'
- lib: move curl_path.[ch] into vssh/
- lib: remove function pointer typecasts for hmac/sha256/md5
- libssh.c: handle EGAINS during proto-connect correctly
- libssh2: use the filename buffer when getting the homedir
- multi.c: warn/assert on stall only without timer
- negotiate: conditional check around GSS & SSL specific code
- netrc: cache the netrc file in memory
- ngtcp2: do not loop on recv
- ngtcp2: set max window size to 10x of initial (128KB)
- openssl quic: populate x509 store before handshake
- openssl: extend the OpenSSL error messages
- openssl: improve retries on shutdown
- quic: use send/recvmmsg when available
- schannel: fix TLS cert verification by IP SAN
- schannel: ignore error on recv beyond close notify
- select: use poll() if existing, avoid poll() with no sockets
- sendf: add condition to max-filesize check
- server/mqttd: fix two memory leaks
- setopt: return error for bad input to CURLOPT_RTSP_REQUEST
- setopt_cptr: make overflow check only done when needed
- tls: avoid abusing CURLE_SSL_ENGINE_INITFAILED
- tool: support --show-headers AND --remote-header-name
- tool_operate: make --skip-existing work for --parallel
- url: connection reuse on h3 connections
- url: use same credentials on redirect
- urlapi: normalize the IPv6 address
- version: say quictls in MSH3 builds
- vquic: fix compiler warning with gcc + MUSL
- vquic: recv_mmsg, use fewer, but larger buffers
- vtls: convert Curl_pin_peer_pubkey to use dynbuf
- vtls: convert pubkey_pem_to_der to use dynbuf
Update to 8.10.1:
* Bugfixes:
- autotools: fix `--with-ca-embed` build rule
- cmake: ensure `CURL_USE_OPENSSL`/`USE_OPENSSL_QUIC` are set in sync
- cmake: fix MSH3 to appear on the feature list
- connect: store connection info when really done
- FTP: partly revert eeb7c1280742f5c8fa48a4340fc1e1a1a2c7075a
- http2: when uploading data from stdin, fix eos forwarding
- http: make max-filesize check not count ignored bodies
- lib: fix AF_INET6 use outside of USE_IPV6
- multi: check that the multi handle is valid in curl_multi_assign
- QUIC: on connect, keep on trying on draining server
- request: correctly reset the eos_sent flag
- setopt: remove superfluous use of ternary expressions
- singleuse: drop `Curl_memrchr()` for no-HTTP builds
- tool_cb_wrt: use "curl_response" if no file name in URL
- transfer: fix sendrecv() without interim poll
- vtls: fix `Curl_ssl_conn_config_match` doc param
Update to version 8.10.0:
* Security fixes:
- [bsc#1230093, CVE-2024-8096] curl: OCSP stapling bypass with GnuTLS
* Changes:
- curl: make --rate accept "number of units"
- curl: make --show-headers the same as --include
- curl: support --dump-header % to direct to stderr
- curl: support embedding a CA bundle and --dump-ca-embed
- curl: support repeated use of the verbose option; -vv etc
- curl: use libuv for parallel transfers with --test-event
- vtls: stop offering alpn http/1.1 for http2-prior-knowledge
* Bugfixes:
- curl: allow 500MB data URL encode strings
- curl: warn on unsupported SSL options
- Curl_rand_bytes to control env override
- curl_sha512_256: fix symbol collisions with nettle library
- dist: fix reproducible build from release tarball
- http2: fix GOAWAY message sent to server
- http2: improve rate limiting of downloads
- INSTALL.md: MultiSSL and QUIC are mutually exclusive
- lib: add eos flag to send methods
- lib: make SSPI global symbols use Curl_ prefix
- lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name
- lib: remove the final strncpy() calls
- lib: remove use of RANDOM_FILE
- Makefile.mk: fixup enabling libidn2
- max-filesize.md: mention zero disables the limit
- mime: avoid inifite loop in client reader
- ngtcp2: use NGHTTP3 prefix instead of NGTCP2 for errors in h3 callbacks
- openssl quic: fix memory leak
- openssl: certinfo errors now fail correctly
- openssl: fix the data race when sharing an SSL session between threads
- openssl: improve shutdown handling
- POP3: fix multi-line responses
- pop3: use the protocol handler ->write_resp
- progress: ratelimit/progress tweaks
- rand: only provide weak random when needed
- sectransp: fix setting tls version
- setopt: make CURLOPT_TFTP_BLKSIZE accept bad values
- sha256: fix symbol collision between nettle (GnuTLS) and OpenSSL
- sigpipe: init the struct so that first apply ignores
- smb: convert superflous assign into assert
- smtp: add tracing feature
- spnego_gssapi: implement TLS channel bindings for openssl
- src: delete `curlx_m*printf()` aliases
- ssh: deduplicate SSH backend includes (and fix libssh cmake unity build)
- tool_operhlp: fix "potentially uninitialized local variable 'pc' used"
- tool_paramhlp: bump maximum post data size in memory to 16GB
- transfer: skip EOS read when download done
- url: fix connection reuse for HTTP/2 upgrades
- urlapi: verify URL *decoded* hostname when set
- urldata: introduce `data->mid`, a unique identifier inside a multi
- vtls: add SSLSUPP_CIPHER_LIST
- vtls: fix static function name collisions between TLS backends
- vtls: init ssl peer only once
- websocket: introduce blocking sends
- ws: flags to opcodes should ignore CURLWS_CONT flag
- x509asn1: raise size limit for x509 certification information
ModerateSUSE bug 1230093SUSE bug 1232528SUSE bug 1234068SUSE bug 1236589CVE-2024-11053 at SUSECVE-2024-11053 at NVDCVE-2024-8096 at SUSECVE-2024-8096 at NVDCVE-2024-9681 at SUSECVE-2024-9681 at NVDCVE-2025-0665 at SUSECVE-2025-0665 at NVDcpe:/o:suse:sl-micro:6.1Security update for curl (Important)SUSE Linux Micro 6.1
This update for curl fixes the following issues:
- CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362).
- CVE-2026-3783: token leak with redirect and netrc (bsc#1259363).
- CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364).
- CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365).
ImportantSUSE bug 1259362SUSE bug 1259363SUSE bug 1259364SUSE bug 1259365CVE-2026-1965 at SUSECVE-2026-1965 at NVDCVE-2026-3783 at SUSECVE-2026-3783 at NVDCVE-2026-3784 at SUSECVE-2026-3784 at NVDCVE-2026-3805 at SUSECVE-2026-3805 at NVDcpe:/o:suse:sl-micro:6.1Security update for freetype2 (Moderate)SUSE Linux Micro 6.1
This update for freetype2 fixes the following issue:
Update to freetype2 2.14.2:
- CVE-2026-23865: Integer overflow in the tt_var_load_item_variation_store function (bsc#1259118).
Changelog:
* Several changes related to LCD filtering are implemented to
achieve better performance and encourage sound practices.
* Instead of blanket LCD filtering over the entire bitmap, it
is now applied only to non-zero spans using direct rendering.
This speeds up the ClearType-like rendering by more than 40%
at sizes above 32 ppem.
* Setting the filter weights with FT_Face_Properties is no
longer supported. The default and light filters are optimized
to work with any face.
* The legacy libXft LCD filter algorithm is no longer provided.
* A bunch of potential security problems have been found
(bsc#1259118, CVE-2026-23865). All users should update.
* The italic angle in `PS_FontInfo` is now stored as a fixed-point
value in degrees for all Type 1 fonts and their derivatives,
consistent with CFF fonts and common practices. The broken
underline position and thickness values are fixed for CFF fonts.
* The `x` field in the `FT_Span` structure is now unsigned.
* Demo program `ftgrid` got an option `-m` to select a start
character to display.
* Similarly, demo program `ftmulti` got an option `-m` to select a
text string for rendering.
* Option `-d` in the demo program `ttdebug` is now called `-a`,
expecting a comma-separated list of axis values. The user
interface is also slightly improved.
* The `ftinspect` demo program can now be compiled with Qt6, too.
* The auto-hinter got new abilities. It can now better separate
diacritic glyphs from base glyphs at small sizes by
artificially moving diacritics up (or down) if necessary
* Tilde accent glyphs get vertically stretched at small sizes so
that they don't degenerate to horizontal lines.
* Diacritics directly attached to a base glyph (like the ogonek in
character 'ę') no longer distort the shape of the base glyph
* The TrueType instruction interpreter was optimized to
produce a 15% gain in the glyph loading speed.
* Handling of Variation Fonts is now considerably faster
* TrueType and CFF glyph loading speed has been improved by 5-10%
on modern 64-bit platforms as a result of better handling of
fixed-point multiplication.
* The BDF driver now loads fonts 75% faster.
ModerateSUSE bug 1252148SUSE bug 1259118CVE-2026-23865 at SUSECVE-2026-23865 at NVDcpe:/o:suse:sl-micro:6.1Security update for vim (Moderate)SUSE Linux Micro 6.1
This update for vim fixes the following issues:
Update Vim to version 9.2.0110:
- CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip (bsc#1246602).
- CVE-2026-26269: Netbeans specialKeys stack buffer overflow (bsc#1258229).
- CVE-2026-28417: crafted URL parsed by netrw plugin can lead to execute arbitrary shell commands (bsc#1259051).
ModerateSUSE bug 1246602SUSE bug 1258229SUSE bug 1259051CVE-2025-53906 at SUSECVE-2025-53906 at NVDCVE-2026-26269 at SUSECVE-2026-26269 at NVDCVE-2026-28417 at SUSECVE-2026-28417 at NVDcpe:/o:suse:sl-micro:6.1Security update for libsoup (Moderate)SUSE Linux Micro 6.1
This update for libsoup fixes the following issue:
- CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418).
ModerateSUSE bug 1256418CVE-2026-0716 at SUSECVE-2026-0716 at NVDcpe:/o:suse:sl-micro:6.1Security update for dpkg (Moderate)SUSE Linux Micro 6.1
This update for dpkg fixes the following issue:
- CVE-2026-2219: dpkg-deb: malformed .deb archives can cause a denial of service (bsc#1259385).
ModerateSUSE bug 1259385CVE-2026-2219 at SUSECVE-2026-2219 at NVDcpe:/o:suse:sl-micro:6.1Security update for libssh (Moderate)SUSE Linux Micro 6.1
This update for libssh fixes the following issue:
- CVE-2026-3731: Denial of Service via out-of-bounds read in SFTP extension name handler (bsc#1259377).
ModerateSUSE bug 1259377CVE-2026-3731 at SUSECVE-2026-3731 at NVDcpe:/o:suse:sl-micro:6.1Security update for python311 (Important)SUSE Linux Micro 6.1
This update for python311 fixes the following issues:
Updated to Python 3.11.15:
- CVE-2025-6075: quadratic complexity in os.path.expandvars() (bsc#1252974).
- CVE-2025-11468: header injection with carefully crafted inputs (bsc#1257029).
- CVE-2025-12084: quadratic complexity in xml.minidom node ID cache clearing (bsc#1254997).
- CVE-2025-13836: potential memory denial of service in the http.client module (bsc#1254400).
- CVE-2025-13837: potential memory denial of service in the plistlib module (bsc#1254401).
- CVE-2025-15282: control characters in URL media types data (bsc#1257046).
- CVE-2026-0672: control characters in http.cookies.Morsel fields and values (bsc#1257031).
- CVE-2026-0865: C0 control characters within wsgiref.headers.Headers fields, values, and parameters (bsc#1257042).
ImportantSUSE bug 1252974SUSE bug 1254400SUSE bug 1254401SUSE bug 1254997SUSE bug 1257029SUSE bug 1257031SUSE bug 1257042SUSE bug 1257046CVE-2025-11468 at SUSECVE-2025-11468 at NVDCVE-2025-12084 at SUSECVE-2025-12084 at NVDCVE-2025-13836 at SUSECVE-2025-13836 at NVDCVE-2025-13837 at SUSECVE-2025-13837 at NVDCVE-2025-15282 at SUSECVE-2025-15282 at NVDCVE-2025-6075 at SUSECVE-2025-6075 at NVDCVE-2026-0672 at SUSECVE-2026-0672 at NVDCVE-2026-0865 at SUSECVE-2026-0865 at NVDcpe:/o:suse:sl-micro:6.1Security update for ovmf (Moderate)SUSE Linux Micro 6.1
This update for ovmf fixes the following issue:
- CVE-2025-59438: mbedtls: padding oracle attack possible through timing of cipher error reporting (bsc#1252441).
ModerateSUSE bug 1252441CVE-2025-59438 at SUSECVE-2025-59438 at NVDcpe:/o:suse:sl-micro:6.1Security update for sqlite3 (Moderate)SUSE Linux Micro 6.1
This update for sqlite3 fixes the following issues:
Update to sqlite3 3.51.3:
- CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670).
- CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619).
Changelog:
Update to version 3.51.3:
* Fix the WAL-reset database corruption bug:
https://sqlite.org/wal.html#walresetbug
* Other minor bug fixes.
Update to version 3.51.2:
* Fix an obscure deadlock in the new broken-posix-lock detection
logic.
* Fix multiple problems in the EXISTS-to-JOIN optimization.
Update to version 3.51.1:
* Fix incorrect results from nested EXISTS queries caused by the
optimization in item 6b in the 3.51.0 release.
* Fix a latent bug in fts5vocab virtual table, exposed by new
optimizations in the 3.51.0 release
Update to version 3.51.0:
* New macros in sqlite3.h:
- SQLITE_SCM_BRANCH -> the name of the branch from which the
source code is taken.
- SQLITE_SCM_TAGS -> space-separated list of tags on the source
code check-in.
- SQLITE_SCM_DATETIME -> ISO-8601 date and time of the source
* Two new JSON functions, jsonb_each() and jsonb_tree() work the
same as the existing json_each() and json_tree() functions
except that they return JSONB for the "value" column when the
"type" is 'array' or 'object'.
* The carray and percentile extensions are now built into the
amalgamation, though they are disabled by default and must be
activated at compile-time using the -DSQLITE_ENABLE_CARRAY
and/or -DSQLITE_ENABLE_PERCENTILE options, respectively.
* Enhancements to TCL Interface:
- Add the -asdict flag to the eval command to have it set the
row data as a dict instead of an array.
- User-defined functions may now break to return an SQL NULL.
* CLI enhancements:
- Increase the precision of ".timer" to microseconds.
- Enhance the "box" and "column" formatting modes to deal with
double-wide characters.
- The ".imposter" command provides read-only imposter tables
that work with VACUUM and do not require the --unsafe-testing
option.
- Add the --ifexists option to the CLI command-line option and
to the .open command.
- Limit columns widths set by the ".width" command to 30,000 or
less, as there is not good reason to have wider columns, but
supporting wider columns provides opportunity to malefactors.
* Performance enhancements:
- Use fewer CPU cycles to commit a read transaction.
- Early detection of joins that return no rows due to one or
more of the tables containing no rows.
- Avoid evaluation of scalar subqueries if the result of the
subquery does not change the result of the overall expression.
- Faster window function queries when using
"BETWEEN :x FOLLOWING AND :y FOLLOWING" with a large :y.
* Add the PRAGMA wal_checkpoint=NOOP; command and the
SQLITE_CHECKPOINT_NOOP argument for sqlite3_wal_checkpoint_v2().
* Add the sqlite3_set_errmsg() API for use by extensions.
* Add the sqlite3_db_status64() API, which works just like the
existing sqlite3_db_status() API except that it returns 64-bit
results.
* Add the SQLITE_DBSTATUS_TEMPBUF_SPILL option to the
sqlite3_db_status() and sqlite3_db_status64() interfaces.
* In the session extension add the sqlite3changeset_apply_v3()
interface.
* For the built-in printf() and the format() SQL function, omit
the leading '-' from negative floating point numbers if the '+'
flag is omitted and the "#" flag is present and all displayed
digits are '0'. Use '%#f' or similar to avoid outputs like
'-0.00' and instead show just '0.00'.
* Improved error messages generated by FTS5.
* Enforce STRICT typing on computed columns.
* Improved support for VxWorks
* JavaScript/WASM now supports 64-bit WASM. The canonical builds
continue to be 32-bit but creating one's own 64-bit build is
now as simple as running "make".
ModerateSUSE bug 1254670SUSE bug 1259619CVE-2025-70873 at SUSECVE-2025-70873 at NVDCVE-2025-7709 at SUSECVE-2025-7709 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-tornado6 (Important)SUSE Linux Micro 6.1
This update for python-tornado6 fixes the following issues:
- CVE-2026-31958: parsing large multipart bodies with many parts can cause a denial of service (bsc#1259553).
- incomplete validation of cookie attributes allows for injection of user-controlled values in other cookie attributes
(bsc#1259630).
ImportantSUSE bug 1259553SUSE bug 1259630CVE-2026-31958 at SUSECVE-2026-31958 at NVDcpe:/o:suse:sl-micro:6.1Security update for salt (Important)SUSE Linux Micro 6.1
This update for salt fixes the following issues:
- Security issues fixed:
* CVE-2025-67724: missing validation of supplied reason phrase (bsc#1254903)
* CVE-2025-67725: fix DoS via malicious HTTP request (bsc#1254905)
* CVE-2025-67726: fix HTTP header parameter parsing algorithm (bsc#1254904)
- Fixed KeyError in postgres module with PostgreSQL 17 (bsc#1254325)
- Use internal deb classes instead of external aptsource lib
- Improved performance of wheel key.finger call (bsc#1240532)
- Improved performance of utils.find_json function (bsc#1246130)
- Extend warn_until period to 2027
ImportantSUSE bug 1240532SUSE bug 1246130SUSE bug 1254325SUSE bug 1254903SUSE bug 1254904SUSE bug 1254905CVE-2025-13836 at SUSECVE-2025-13836 at NVDCVE-2025-67724 at SUSECVE-2025-67724 at NVDCVE-2025-67725 at SUSECVE-2025-67725 at NVDCVE-2025-67726 at SUSECVE-2025-67726 at NVDcpe:/o:suse:sl-micro:6.1Security update for systemd (Important)SUSE Linux Micro 6.1
This update for systemd fixes the following issues:
- CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method (bsc#1259650).
- CVE-2026-29111: local unprivileged user can trigger an assert in systemd (bsc#1259418).
- udev: check for invalid chars in various fields received from the kernel (bsc#1259697).
Changelog:
- a943e3ce2f machined: reject invalid class types when registering machines
- 71593f77db udev: fix review mixup
- 73a89810b4 udev-builtin-net-id: print cescaped bad attributes
- 0f360bfdc0 udev-builtin-net_id: do not assume the current interface name is ethX
- 40905232e2 udev: ensure tag parsing stays within bounds
- 7bce9026e3 udev: ensure there is space for trailing NUL before calling sprintf
- d018ac1ea3 udev: check for invalid chars in various fields received from the kernel
- aef6e11921 core/cgroup: avoid one unnecessary strjoina()
- cc7426f38a sd-json: fix off-by-one issue when updating parent for array elements
- 26a748f727 core: validate input cgroup path more prudently
- 99d8308fde core/dbus-manager: propagate meaningful dbus errors from EnqueueMarkedJobs
ImportantSUSE bug 1259418SUSE bug 1259650SUSE bug 1259697CVE-2026-29111 at SUSECVE-2026-29111 at NVDCVE-2026-4105 at SUSECVE-2026-4105 at NVDcpe:/o:suse:sl-micro:6.1Security update for libsoup (Important)SUSE Linux Micro 6.1
This update for libsoup fixes the following issues:
- CVE-2024-52530: strictly don't allow NUL bytes in headers (bsc#1233285 glgo#GNOME/libsoup#377).
- CVE-2024-52532: websocket: Process the frame as soon as we read data (bsc#1233287 glgo#GNOME/libsoup#391).
- CVE-2024-52531: be more robust against invalid input when parsing params (bsc#1233292 glgo#GNOME/libsoup!407).
ImportantSUSE bug 1233285SUSE bug 1233287SUSE bug 1233292CVE-2024-52530 at SUSECVE-2024-52530 at NVDCVE-2024-52531 at SUSECVE-2024-52531 at NVDCVE-2024-52532 at SUSECVE-2024-52532 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-pyasn1 (Important)SUSE Linux Micro 6.1
This update for python-pyasn1 fixes the following issue:
- CVE-2026-30922: Denial of Service via Unbounded Recursion (bsc#1259803).
ImportantSUSE bug 1259803CVE-2026-30922 at SUSECVE-2026-30922 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-PyJWT (Important)SUSE Linux Micro 6.1
This update for python-PyJWT fixes the following issues:
Update to PyJWT 2.12.1:
- CVE-2024-53861: prevent partial matching of the Issuer field (bsc#1234038).
- CVE-2026-32597: validate the crit Header Parameter defined in RFC 7515 (bsc#1259616).
Changelog:
Update to 2.12.1:
- Add missing typing_extensions dependency for Python < 3.11 in
#1150
Update to 2.12.0:
- Annotate PyJWKSet.keys for pyright by @tamird in #1134
- Close HTTPError response to prevent ResourceWarning on
Python 3.14 by @veeceey in #1133
- Do not keep algorithms dict in PyJWK instances by @akx in
#1143
- Use PyJWK algorithm when encoding without explicit
algorithm in #1148
- Docs: Add PyJWKClient API reference and document the
two-tier caching system (JWK Set cache and signing key LRU
cache).
Update to 2.11.0:
- Enforce ECDSA curve validation per RFC 7518 Section 3.4.
- Fix build system warnings by @kurtmckee in #1105
- Validate key against allowed types for Algorithm family in
#964
- Add iterator for JWKSet in #1041
- Validate iss claim is a string during encoding and decoding
by @pachewise in #1040
- Improve typing/logic for options in decode, decode_complete
by @pachewise in #1045
- Declare float supported type for lifespan and timeout by
@nikitagashkov in #1068
- Fix SyntaxWarnings/DeprecationWarnings caused by invalid
escape sequences by @kurtmckee in #1103
- Development: Build a shared wheel once to speed up test
suite setup times by @kurtmckee in #1114
- Development: Test type annotations across all supported
Python versions, increase the strictness of the type
checking, and remove the mypy pre-commit hook by @kurtmckee
in #1112
- Support Python 3.14, and test against PyPy 3.10 and 3.11 by
@kurtmckee in #1104
- Development: Migrate to build to test package building in
CI by @kurtmckee in #1108
- Development: Improve coverage config and eliminate unused
test suite code by @kurtmckee in #1115
- Docs: Standardize CHANGELOG links to PRs by @kurtmckee in
#1110
- Docs: Fix Read the Docs builds by @kurtmckee in #1111
- Docs: Add example of using leeway with nbf by @djw8605 in
#1034
- Docs: Refactored docs with autodoc; added PyJWS and
jwt.algorithms docs by @pachewise in #1045
- Docs: Documentation improvements for "sub" and "jti" claims
by @cleder in #1088
- Development: Add pyupgrade as a pre-commit hook by
@kurtmckee in #1109
- Add minimum key length validation for HMAC and RSA keys
(CWE-326). Warns by default via InsecureKeyLengthWarning
when keys are below minimum recommended lengths per RFC
7518 Section 3.2 (HMAC) and NIST SP 800-131A (RSA). Pass
enforce_minimum_key_length=True in options to PyJWT or
PyJWS to raise InvalidKeyError instead.
- Refactor PyJWT to own an internal PyJWS instance instead of
calling global api_jws functions.
Update to 2.10.0:
* chore: use sequence for typing rather than list
* Add support for Python 3.13
* [pre-commit.ci] pre-commit autoupdate
* Add an RTD config file to resolve RTD build failures
* docs: Update iat exception docs
* Remove algorithm requirement for JWT API
* Create SECURITY.md
* docs fix: decode_complete scope and algorithms
* fix doctest for docs/usage.rst
* fix test_utils.py not to xfail
* Correct jwt.decode audience param doc expression
* Add PS256 encoding and decoding usage
* Add API docs for PyJWK
* Refactor project configuration files from setup.cfg to pyproject.toml PEP-518
* Add JWK support to JWT encode
* Update pre-commit hooks to lint pyproject.toml
* Add EdDSA algorithm encoding/decoding usage
* Ruff linter and formatter changes
* Validate sub and jti claims for the token
* Add ES256 usage
* Encode EC keys with a fixed bit length
* Drop support for Python 3.8
* Prepare 2.10.0 release
* Bump codecov/codecov-action from 4 to 5
ImportantSUSE bug 1234038SUSE bug 1259616CVE-2024-53861 at SUSECVE-2024-53861 at NVDCVE-2026-32597 at SUSECVE-2026-32597 at NVDcpe:/o:suse:sl-micro:6.1Security update for nghttp2 (Important)SUSE Linux Micro 6.1
This update for nghttp2 fixes the following issue:
- CVE-2026-27135: assertion failure due to missing state validation can lead to DoS (bsc#1259845).
ImportantSUSE bug 1259845CVE-2026-27135 at SUSECVE-2026-27135 at NVDcpe:/o:suse:sl-micro:6.1Security update for python311 (Important)SUSE Linux Micro 6.1
This update for python311 fixes the following issues:
- CVE-2026-1299: header injection when an email is serialized due to improper newline quoting (bsc#1257181).
- CVE-2026-2297: validation bypass via incorrectly handled hook in FileLoader (bsc#1259240).
ImportantSUSE bug 1257181SUSE bug 1259240CVE-2026-1299 at SUSECVE-2026-1299 at NVDCVE-2026-2297 at SUSECVE-2026-2297 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-pyOpenSSL (Important)SUSE Linux Micro 6.1
This update for python-pyOpenSSL fixes the following issues:
- CVE-2026-27448: unhandled exception can result in connection not being cancelled (bsc#1259804).
- CVE-2026-27459: large cookie value can lead to a buffer overflow (bsc#1259808).
ImportantSUSE bug 1259804SUSE bug 1259808CVE-2026-27448 at SUSECVE-2026-27448 at NVDCVE-2026-27459 at SUSECVE-2026-27459 at NVDcpe:/o:suse:sl-micro:6.1Security update for tar (Important)SUSE Linux Micro 6.1
This update for tar fixes the following issue:
- CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399).
ImportantSUSE bug 1246399CVE-2025-45582 at SUSECVE-2025-45582 at NVDcpe:/o:suse:sl-micro:6.1Security update for gstreamer (Important)SUSE Linux Micro 6.1
This update for gstreamer fixes the following issues:
- CVE-2024-47606: avoid integer overflow when allocating sysmem (bsc#1234449).
ImportantSUSE bug 1234449CVE-2024-47606 at SUSECVE-2024-47606 at NVDcpe:/o:suse:sl-micro:6.1Security update for expat (Important)SUSE Linux Micro 6.1
This update for expat fixes the following issues:
- CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity
declaration value (bsc#1259726).
- CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711).
- CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729).
ImportantSUSE bug 1259711SUSE bug 1259726SUSE bug 1259729CVE-2026-32776 at SUSECVE-2026-32776 at NVDCVE-2026-32777 at SUSECVE-2026-32777 at NVDCVE-2026-32778 at SUSECVE-2026-32778 at NVDcpe:/o:suse:sl-micro:6.1Security update for polkit (Moderate)SUSE Linux Micro 6.1
This update for polkit fixes the following issue:
- CVE-2026-4897: Fixed possible OOM condition via specially crafted input to `polkit-agent-helper-1` (bsc#1260859).
ModerateSUSE bug 1260859CVE-2026-4897 at SUSECVE-2026-4897 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-requests (Moderate)SUSE Linux Micro 6.1
This update for python-requests fixes the following issue:
- CVE-2026-25645: `extract_zipped_paths()` uses predictable filenames when extracting files from zip archives and reuses
target files that already exist without validation (bsc#1260589).
ModerateSUSE bug 1260589CVE-2026-25645 at SUSECVE-2026-25645 at NVDcpe:/o:suse:sl-micro:6.1Security update for libtpms (Moderate)SUSE Linux Micro 6.1
This update for libtpms fixes the following issues:
- CVE-2025-49133: out-of-bounds (OOB) access due to HMAC signing issue leads to abort and vTPM DoS (bsc#1244528).
ModerateSUSE bug 1244528CVE-2025-49133 at SUSECVE-2025-49133 at NVDcpe:/o:suse:sl-micro:6.1Security update for openssl-3 (Important)SUSE Linux Micro 6.1
This update for openssl-3 fixes the following issues:
- CVE-2026-28387: Potential use-after-free in DANE client code (bsc#1260441).
- CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL (bsc#1260442).
- CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo (bsc#1260443).
- CVE-2026-31789: Heap buffer overflow in hexadecimal conversion (bsc#1260444).
- CVE-2026-31790: Incorrect failure handling in RSA KEM RSASVE encapsulation (bsc#1260445).
ImportantSUSE bug 1260441SUSE bug 1260442SUSE bug 1260443SUSE bug 1260444SUSE bug 1260445CVE-2026-28387 at SUSECVE-2026-28387 at NVDCVE-2026-28388 at SUSECVE-2026-28388 at NVDCVE-2026-28389 at SUSECVE-2026-28389 at NVDCVE-2026-31789 at SUSECVE-2026-31789 at NVDCVE-2026-31790 at SUSECVE-2026-31790 at NVDcpe:/o:suse:sl-micro:6.1Security update for glibc (Important)SUSE Linux Micro 6.1
This update for glibc fixes the following issues:
- CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response (bsc#1260078).
- CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions (bsc#1260082).
ImportantSUSE bug 1260078SUSE bug 1260082CVE-2026-4437 at SUSECVE-2026-4437 at NVDCVE-2026-4438 at SUSECVE-2026-4438 at NVDcpe:/o:suse:sl-micro:6.1Security update for libpng16 (Important)SUSE Linux Micro 6.1
This update for libpng16 fixes the following issues:
- CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code
execution (bsc#1260754).
- CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and
crashes (bsc#1260755).
ImportantSUSE bug 1260754SUSE bug 1260755CVE-2026-33416 at SUSECVE-2026-33416 at NVDCVE-2026-33636 at SUSECVE-2026-33636 at NVDcpe:/o:suse:sl-micro:6.1Security update for gstreamer-plugins-base (Important)SUSE Linux Micro 6.1
This update for gstreamer-plugins-base fixes the following issues:
- CVE-2024-47538: Fixed a stack-buffer overflow in vorbis_handle_identification_packet (bsc#1234415).
- CVE-2024-47835: Fixed NULL-pointer dereference in LRC subtitle parser (bsc#1234450).
- CVE-2024-47600: Fixed Out-of-bounds read in gst-discoverer-1.0 commandline tool (bsc#1234453).
- CVE-2024-47615: Fixed Out-of-bounds write in Ogg demuxer (bsc#1234456).
- CVE-2024-47541: Fixed out-of-bounds write in SSA subtitle parser (bsc#1234459).
- CVE-2024-47542: Fixed ID3v2 parser out-of-bounds read and NULL-pointer dereference (bsc#1234460).
- CVE-2024-47607: Fixed Stack buffer-overflow in Opus decoder (bsc#1234455).
ImportantSUSE bug 1234415SUSE bug 1234450SUSE bug 1234453SUSE bug 1234455SUSE bug 1234456SUSE bug 1234459SUSE bug 1234460CVE-2024-47538 at SUSECVE-2024-47538 at NVDCVE-2024-47541 at SUSECVE-2024-47541 at NVDCVE-2024-47542 at SUSECVE-2024-47542 at NVDCVE-2024-47600 at SUSECVE-2024-47600 at NVDCVE-2024-47607 at SUSECVE-2024-47607 at NVDCVE-2024-47615 at SUSECVE-2024-47615 at NVDCVE-2024-47835 at SUSECVE-2024-47835 at NVDcpe:/o:suse:sl-micro:6.1Security update for libarchive (Important)SUSE Linux Micro 6.1
This update for libarchive fixes the following issues:
- CVE-2025-1632: Fixed null pointer dereference in bsdunzip.c (bsc#1237606)
- CVE-2025-25724: Fixed Buffer Overflow vulnerability in libarchive (bsc#1238610)
- CVE-2024-48958: Fixed out-of-bounds access in execute_filter_delta (bsc#1231624)
- CVE-2024-20697: Fixed Out of bounds Remote Code Execution Vulnerability (also attributed CVE-2024-26256) (CVE-2024-26256, bsc#1225972)
- CVE-2024-48957: Fixed out-of-bounds access in execute_filter_audio (bsc#1231544)
- CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971)
ImportantSUSE bug 1225971SUSE bug 1225972SUSE bug 1231544SUSE bug 1231624SUSE bug 1237606SUSE bug 1238610CVE-2024-20696 at SUSECVE-2024-20696 at NVDCVE-2024-20697 at SUSECVE-2024-20697 at NVDCVE-2024-26256 at SUSECVE-2024-26256 at NVDCVE-2024-48957 at SUSECVE-2024-48957 at NVDCVE-2024-48958 at SUSECVE-2024-48958 at NVDCVE-2025-1632 at SUSECVE-2025-1632 at NVDCVE-2025-25724 at SUSECVE-2025-25724 at NVDcpe:/o:suse:sl-micro:6.1Security update for python-Jinja2 (Important)SUSE Linux Micro 6.1
This update for python-Jinja2 fixes the following issues:
- CVE-2025-27516: Fixed Jinja sandbox breakout through attr filter selecting format method (bsc#1238879)
- CVE-2024-56201: Fixed sandbox breakout through malicious content and filename of a template (bsc#1234808)
- CVE-2024-56326: Fixed sandbox breakout through indirect reference to format method (bsc#1234809)
ImportantSUSE bug 1234808SUSE bug 1234809SUSE bug 1238879CVE-2024-56201 at SUSECVE-2024-56201 at NVDCVE-2024-56326 at SUSECVE-2024-56326 at NVDCVE-2025-27516 at SUSECVE-2025-27516 at NVDcpe:/o:suse:sl-micro:6.1Security update for libtasn1 (Important)SUSE Linux Micro 6.1
This update for libtasn1 fixes the following issues:
- CVE-2024-12133: Fixed potential DoS in handling of numerous SEQUENCE OF or SET OF elements (bsc#1236878)
ImportantSUSE bug 1236878CVE-2024-12133 at SUSECVE-2024-12133 at NVDcpe:/o:suse:sl-micro:6.1Security update for libxml2 (Important)SUSE Linux Micro 6.1
This update for libxml2 fixes the following issues:
- CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c [bsc#1237363]
- CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c [bsc#1237370]
- CVE-2025-27113: Fixed NULL Pointer Dereference in libxml2 xmlPatMatch [bsc#1237418]
ImportantSUSE bug 1237363SUSE bug 1237370SUSE bug 1237418CVE-2024-56171 at SUSECVE-2024-56171 at NVDCVE-2025-24928 at SUSECVE-2025-24928 at NVDCVE-2025-27113 at SUSECVE-2025-27113 at NVDcpe:/o:suse:sl-micro:6.1Security update for orc (Important)SUSE Linux Micro 6.1
This update for orc fixes the following issues:
- CVE-2024-40897: Fixed stack-based buffer overflow inside the orc compiler when formatting error messages for certain input files (bsc#1228184).
ImportantSUSE bug 1228184CVE-2024-40897 at SUSECVE-2024-40897 at NVDcpe:/o:suse:sl-micro:6.1Security update for helm (Important)SUSE Linux Micro 6.1
This update for helm fixes the following issues:
- Update to version 3.17.2 (bsc#1238688, CVE-2025-22870):
* Updating to 0.37.0 for x/net
* build(deps): bump the k8s-io group with 7 updates
- Update to version 3.17.1:
* merge null child chart objects
* build(deps): bump the k8s-io group with 7 updates
* fix: check group for resource info match
- Update to 3.17.0 (bsc#1235318, CVE-2024-45338):
Full changelog:
https://github.com/helm/helm/releases/tag/v3.17.0
* Notable Changes
- Allow pulling and installation by OCI digest
- Annotations and dependencies are now in chart metadata output
- New --take-ownership flag for install and upgrade commands
- SDK: Authorizer and registry authorizer are now configurable
- Removed the Kubernetes configuration file permissions check
- Added username/password to helm push and dependency
build/update subcommands
- Added toYamlPretty template function
- Update to version 3.16.4 (bsc#1234482, CVE-2024-45337):
* Bump golang.org/x/crypto from 0.30.0 to 0.31.0
* Bump the k8s-io group with 7 updates
ImportantSUSE bug 1219969SUSE bug 1220207SUSE bug 1234482SUSE bug 1235318SUSE bug 1238688CVE-2024-25620 at SUSECVE-2024-25620 at NVDCVE-2024-26147 at SUSECVE-2024-26147 at NVDCVE-2024-45337 at SUSECVE-2024-45337 at NVDCVE-2024-45338 at SUSECVE-2024-45338 at NVDCVE-2025-22870 at SUSECVE-2025-22870 at NVDcpe:/o:suse:sl-micro:6.1Security update for podman (Important)SUSE Linux Micro 6.1
This update for podman fixes the following issues:
- CVE-2023-45288: Fixed closing connection when receiving too many headers (bsc#1236507).
- CVE-2024-11218: Fixed container breakout by using --jobs=2 and a race condition when building a malicious Containerfile (bsc#1236270).
- CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239330).
- CVE-2025-27144: Fixed Go JOSE's Parsing Vulnerable to Denial of Service (bsc#1237641).
- CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction (bsc#1231208).
- CVE-2024-3727: Fixed digest type (bsc#1224112).
- CVE-2024-1753: Fixed full container escape at build time (bsc#1221677).
Other fixes:
- Updated to version 5.2.5:
* RPM: remove dup Provides
* Packit: constrain koji and bodhi jobs to fedora package to avoid dupes
* Validate the bind-propagation option to `--mount`
* Updated Buildah to v1.37.4
* vendor: updated c/common to v0.60.4
* pkg/specgen: allow pasta when running inside userns
* libpod: convert owner IDs only with :idmap
* allow exposed sctp ports
* libpod: setupNetNS() correctly mount netns
* vendor: updated c/common to v0.60.3
* [skip-ci] Packit: split out ELN jobs and reuse fedora downstream targets
* [skip-ci] Packit: Enable sidetags for bodhi updates
* Updated gvisor-tap-vsock to 0.7.5
* CI: podman-machine: do not use cache registry
* [CI:DOCS] Add v5.2.2 lib updates to RELEASE_NOTES.md
* Update RELEASE_NOTES for v5.2.2
* [v5.2] Bump Buildah to v1.37.2, c/common v0.60.2, c/image v5.32.2
* [v5.2] golangci-lint: make darwin linting happy
* [v5.2] golangci-lint: make windows linting happy
* [v5.2] test/e2e: remove kernel version check
* [v5.2] golangci-lint: remove most skip dirs
* [v5.2] set !remote build tags where needed
* [v5.2] update golangci-lint to 1.60.1
* Packit: update targets for propose-downstream
* Create volume path before state initialization
* Update Cirrus DEST_BRANCH
* Bump to v5.2.2-dev
* Bump to v5.2.1
* Update release notes for v5.2.1
* [v5.2] Add zstd:chunked test fix
* [v5.2] Bump Buildah to v1.37.1, c/common v0.60.1, c/image v5.32.1
* libpod: reset state error on init
* libpod: do not save expected stop errors in ctr state
* libpod: fix broken saveContainerError()
* Bump to v5.2.1-dev
* Bump to v5.2.0
* Never skip checkout step in release workflow
* Bump to v5.2.0-dev
* Bump to v5.2.0-rc3
* Update release notes for v5.2.0-rc3
* Tweak versions in register_images.go
* fix network cleanup flake in play kube
* WIP: Fixes for vendoring Buildah
* Add --compat-volumes option to build and farm build
* Bump Buildah, c/storage, c/image, c/common
* libpod: bind ports before network setup
* pkg/api: do not leak config pointers into specgen
* build: Update gvisor-tap-vsock to 0.7.4
* test/system: fix borken pasta interface name checks
* test/system: fix bridge host.containers.internal test
* CI: system tests: instrument to allow failure analysis
* Use uploaded .zip for Windows action
* RPM: podman-iptables.conf only on Fedora
* Bump to v5.2.0-dev
* Bump to v5.2.0-rc2
* Update release notes for v5.2.0-rc2
* test/e2e: fix ncat tests
* libpod: add hidden env to set sqlite timeout
* Add support for StopSignal in quadlet .container files
* podman pod stats: fix race when ctr process exits
* Update module github.com/vbauerster/mpb/v8 to v8.7.4
* libpod: correctly capture healthcheck output
* Bump bundled krunkit to 0.1.2
* podman stats: fix race when ctr process exists
* nc -p considered harmful
* podman pod stats: fix pod rm race
* podman ps: fix racy pod name query
* system connection remove: use Args function to validate
* pkg/machine/compression: skip decompress bar for empty file
* nc -p considered harmful
* podman system df: fix fix ErrNoSuchCtr/Volume race
* podman auto-update: fix ErrNoSuchCtr race
* Fix name for builder in farm connection
* 700-play.bats: use unique pod/container/image/volume names
* safename: consistent within same test, and, dashes
* 700-kube.bats: refactor $PODMAN_TMPDIR/test.yaml
* 700-play.bats: eliminate $testYaml
* 700-play.bats: refactor clumsy yamlfile creation
* 700-play.bats: move _write_test_yaml up near top
* chore(deps): update dependency setuptools to v71
* Expand drop-in search paths * top-level (pod.d) * truncated (unit-.container.d)
* Remove references and checks for --gpus
* Do not crash on invalid filters
* fix(deps): update module github.com/rootless-containers/rootlesskit/v2 to v2.2.0
* Bump to v5.2.0-dev
* Bump to v5.2.0-rc1
* Keep the volume-driver flag deprecated
* Vendor in latest containers(common, storage,image, buildah)
* System tests: safe container/image/volume/etc names
* Implement disable default mounts via command line
* test: drop unmount for overlay
* test: gracefully terminate server
* libpod: shutdown Stop waits for handlers completion
* libpod: cleanup store at shutdown
* Add NetworkAlias= support to quadlet
* cmd: call shutdown handler stop function
* fix race conditions in start/attach logic
* swagger: exlude new docker network types
* vendor: bump c/storage
* update to docker 27
* contrib: use a distinct --pull-option= for each flag
* Update warning message when using external compose provider
* Update module github.com/cyphar/filepath-securejoin to v0.3.0
* Ignore result of EvalSymlinks on ENOENT
* test/upgrade: fix tests when netavark uses nftables
* test/system: fix network reload test with nftables
* test/e2e: rework some --expose tests
* test: remove publish tests from e2e
* CI: test nftables driver on fedora
* CI: use local registry, part 3 of 3: for developers
* CI: use local registry, part 2 of 3: fix tests
* CI: use local registry, part 1 of 3: setup
* CI: test composefs on rawhide
* chore(deps): update module google.golang.org/grpc to v1.64.1 [security]
* chore(deps): update dependency setuptools to ~=70.3.0
* Improve container filenname ambiguity.
* containers/attach: Note bug around goroutine leak
* Drop minikube CI test
* add libkrun test docs
* fix(deps): update module tags.cncf.io/container-device-interface to v0.8.0
* cirrus: check for header files in source code check
* pkg/machine/e2e: run debug command only for macos
* create runtime's worker queue before queuing any job
* test/system: fix pasta host.containers.internal test
* Visual Studio BuildTools as a MinGW alternative
* SetupRootless(): only reexec when needed
* pkg/rootless: simplify reexec for container code
* cirrus: add missing test/tools to danger files
* fix(deps): update module golang.org/x/tools to v0.23.0
* Windows Installer: switch to wix5
* fix(deps): update module golang.org/x/net to v0.27.0
* pkg/machine/e2e: print tests timings at the end
* pkg/machine/e2e: run debug commands after init
* pkg/machine/e2e: improve timeout handling
* libpod: first delete container then cidfile
* fix(deps): update module golang.org/x/term to v0.22.0
* System test fixes
* cirrus.yml: automatic skips based on source
* fix(deps): update module github.com/containers/ocicrypt to v1.2.0
* podman events: fix error race
* chore(deps): update dependency setuptools to ~=70.2.0
* fix(deps): update module github.com/gorilla/schema to v1.4.1 [security]
* Update CI VM images
* pkg/machine/e2e: fix broken cleanup
* pkg/machine/e2e: use tmp file for connections
* test/system: fix podman --image-volume to allow tmpfs storage
* CI: mount tmpfs for container storage
* docs: --network remove missing leading sentence
* specgen: parse devices even with privileged set
* vendor: update c/storage
* Remove the unused machine volume-driver
* feat(quadlet): log option handling
* Error when machine memory exceeds system memory
* machine: Always use --log-file with gvproxy
* CI: Build-Each-Commit test: run only on PRs
* Small fixes for testing libkrun
* Podman machine resets all providers
* Clearly indicate names w/ URLencoded duplicates
* [skip-ci] Packit: split rhel and centos-stream jobs
* apple virtiofs: fix racy mount setup
* cirrus: fix broken macos artifacts URL
* libpod/container_top_linux.c: fix missing header
* refactor(build): improve err when file specified by -f does not exist
* Minor: Remove unhelpful comment
* Update module github.com/openshift/imagebuilder to v1.2.11
* Minor: Rename the OSX Cross task
* [skip-ci] Remove conditionals from changelog
* podman top: join the container userns
* Run linting in parallel with building
* Fix missing Makefile target dependency
* build API: accept platform comma separated
* [skip-ci] RPM: create podman-machine subpackage
* ExitWithError() - more upgrades from Exit()
* test/e2e: remove podman system service tests
* cirrus: reduce int tests timeout
* cirrus: remove redundant skip logic
* pkg/machine/apple: machine stop timeout
* CI: logformatter: link to correct PR base
* Update module github.com/crc-org/crc/v2 to v2.38.0
* ExitWithError(): continued
* test/system: Add test steps for journald log check in quadlet
* restore: fix missing network setup
* podman run use pod userns even with --pod-id-file
* macos-installer: bundle krunkit
* remote API: fix pod top error reporting
* libpod API: return proper error status code for pod start
* fix #22233
* added check for `registry.IsRemote()`. and correct error message.
* fix #20686
* pkg/machine/e2e: Remove unnecessary copy of machine image.
* libpod: intermediate mount if UID not mapped into the userns
* libpod: avoid chowning the rundir to root in the userns
* libpod: do not chmod bind mounts
* libpod: unlock the thread if possible
* CI Cleanup: Remove cgroups v1 support
* ExitWithError() - more upgrades from Exit()
* remote: fix incorrect CONTAINER_CONNECTION parsing
* container: pass KillSignal and StopTimeout to the systemd scope
* libpod: fix comment
* e2e: test container restore in pod by name
* docs: Adds all PushImage supported paramters to openapi docs.
* systests: kube: bump up a timeout
* cirrus.yml: add CI:ALL mode to force all tests
* cirrus.yml: implement skips based on source changes
* CI VMs: bump
* restore: fix container restore into pod
* sqlite_state: Fix RewriteVolumeConfig
* chore(deps): update dependency setuptools to ~=70.1.0
* Quadlet - use specifier for unescaped values for templated container name
* cirrus: check for system test leaks in nightly
* test/system: check for leaks in teardown suite
* test/system: speed up basic_{setup,teardown}()
* test/system: fix up many tests that do not cleanup
* test/system: fix podman --authfile=nonexistent-path
* Update module github.com/containernetworking/plugins to v1.5.1
* Update module github.com/checkpoint-restore/checkpointctl to v1.2.1
* Update module github.com/spf13/cobra to v1.8.1
* Update module github.com/gorilla/schema to v1.4.0
* pkg/machine/wsl: force terminate wsl instance
* pkg/machine/wsl: wrap command errors
* [CI:DOCS] Quadlet - add note about relative path resolution
* CI: do not install python packages at runtime
* Release workflow: Include candidate descriptor
* Minor: Fix indentation in GHA release workflow
* GHA: Send release notification mail
* GHA: Validate release version number
* Remove references to --pull=true and --pull=false
* ExitWithError, continued
* podman: add new hidden flag --pull-option
* [CI:DOCS] Fix typos in podman-build
* infra: mark storageSet when imagestore is changed
* [CI:DOCS] Add jnovy as reviewer and approver
* fix(deps): update module google.golang.org/protobuf to v1.34.2
* refactor(machine,wsl): improve operations of Windows API
* --squash --layers=false should be allowed
* fix(deps): update module github.com/checkpoint-restore/checkpointctl to v1.2.0
* update golangci-lint to v1.59.1
* Rename master to main in CONTRIBUTING.md
* podman 5, pasta and inter-container networking
* libpod: do not resuse networking on start
* machine/linux: Switch to virtiofs by default
* machine/linux: Support virtiofs mounts (retain 9p default)
* machine/linux: Use memory-backend-memfd by default
* ExitWithError() - continued
* Enable libkrun provider to open a debug console
* Add new targets on Windows makefile (winmake.ps1)
* fix(deps): update module github.com/docker/docker to v26.1.4+incompatible
* fix(deps): update module github.com/crc-org/crc/v2 to v2.37.1
* fix(deps): update module golang.org/x/tools to v0.22.0
* fix(deps): update module golang.org/x/net to v0.26.0
* libpod: fix 'podman kube generate' on FreeBSD
* fix(deps): update module golang.org/x/sys to v0.21.0
* libpod: do not leak systemd hc startup unit timer
* vendor latest c/common
* pkg/rootless: set _CONTAINERS_USERNS_CONFIGURED correctly
* run bats -T, to profile timing hogs
* test/system: speed up podman ps --external
* test/system: speed up podman network connect/disconnect
* test/system: speed up podman network reload
* test/system: speed up quadlet - pod simple
* test/system: speed up podman parallel build should not race
* test/system: speed up podman cp dir from host to container
* test/system: speed up podman build - workdir, cmd, env, label
* test/system: speed up podman --log-level recognizes log levels
* test/system: remove obsolete debug in net connect/disconnect test
* test/system: speed up quadlet - basic
* test/system: speed up user namespace preserved root ownership
* System tests: add `podman system check` tests
* Add `podman system check` for checking storage consistency
* fix(deps): update module github.com/crc-org/crc/v2 to v2.37.0
* fix(libpod): add newline character to the end of container's hostname file
* fix(deps): update module github.com/openshift/imagebuilder to v1.2.10
* fix(deps): update github.com/containers/image/v5 digest to aa93504
* Fix 5.1 release note re: runlabel
* test/e2e: use local skopeo not image
* fix(deps): update golang.org/x/exp digest to fd00a4e
* [CI:DOCS] Add contrib/podmanimage/stable path back in repo
* chore(deps): update dependency requests to ~=2.32.3
* fix(deps): update github.com/containers/image/v5 digest to 2343e81
* libpod: do not move podman with --cgroups=disabled
* Update release notes on Main to v5.1.0
* test: look at the file base name
* tests: simplify expected output
* Sigh, new VMs again
* Fail earlier when no containers exist in stats
* Add Hyper-V option in windows installer
* libpod: cleanup default cache on system reset
* vendor: update c/image
* test/system: speed up kube generate tmpfs on /tmp
* test/system: speed up podman kube play tests
* test/system: speed up podman shell completion test
* test/system: simplify test signal handling in containers
* test/system: speed up podman container rm ...
* test/system: speed up podman ps - basic tests
* test/system: speed up read-only from containers.conf
* test/system: speed up podman logs - multi ...
* test/system: speed up podman run --name
* Debian: switch to crun
* test/system: speed up podman generate systemd - envar
* test/system: speed up podman-kube@.service template
* test/system: speed up kube play healthcheck initialDelaySeconds
* test/system: speed up exit-code propagation test
* test/system: speed up "podman run --timeout"
* test/system: fix slow kube play --wait with siginterrupt
* undo auto-formatting
* test/system: speed up podman events tests
* Quadlet: Add support for .build files
* test/system: speed up "podman auto-update using systemd"
* test/system: remove podman wait test
* tests: disable tests affected by a race condition
* update golangci-lint to v1.59.0
* kubernetes_support.md: Mark volumeMounts.subPath as supported
* working name of pod on start and stop
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.19.0
* Bump Buildah to v1.36.0
* fix(deps): update module github.com/burntsushi/toml to v1.4.0
* fix typo in Tutorials.rst
* Mac PM test: Require pre-installed rosetta
* test/e2e: fix new error message
* Add configuration for podmansh
* Update containers/common to latest main
* Only stop chowning volumes once they're not empty
* podman: fix --sdnotify=healthy with --rm
* libpod: wait another interval for healthcheck
* quadlet: Add a network requirement on .image units
* test, pasta: Ignore deprecated addresses in tests
* [CI:DOCS] performance: update network docs
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.18.0
* CI: disable minikube task
* [CI:DOCS] Fix windows action trigger
* chore(deps): update dependency setuptools to v70
* Check AppleHypervisor before accessing it
* fix(deps): update module github.com/containernetworking/plugins to v1.5.0
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.58.2
* add podman-clean-transient.service service to rootless
* [CI:DOCS] Update podman network docs
* fix incorrect host.containers.internal entry for rootless bridge mode
* vendor latest c/common main
* Add Rosetta support for Apple Silicon mac
* bump main to 5.2.0-dev
* Use a defined constant instead of a hard-coded magic value
* cirrus: use faster VM's for integration tests
* fix(deps): update github.com/containers/gvisor-tap-vsock digest to 01a1a0c
* [CI:DOCS] Fix Mac pkg link
* test: remove test_podman* scripts
* test/system: fix documentation
* Return StatusNotFound when multiple volumes matching occurs
* container_api: do not wait for healtchecks if stopped
* libpod: wait for healthy on main thread
* `podman events`: check for an error after we finish reading events
* remote API: restore v4 payload in container inspect
* Fix updating connection when SSH port conflict happens
* rootless: fix reexec to use /proc/self/exe
* ExitWithError() - enforce required exit status & stderr
* ExitWithError() - a few that I missed
* [skip-ci] Packit: use only one value for `packages` key for `trigger: commit` copr builds
* Revert "Temporarily disable rootless debian e2e testing"
* CI tests: enforce TMPDIR on tmpfs
* use new CI images with tmpfs /tmp
* run e2e test on tmpfs
* Update module github.com/crc-org/crc/v2 to v2.36.0
* [CI:DOCS] Use checkout@v4 in GH Actions
* ExitWithError() - rmi_test
* ExitWithError() - more r files
* ExitWithError() - s files
* ExitWithError() - more run_xxx tests
* Fix podman-remote support for `podman farm build`
* [CI:DOCS] Trigger windows installer action properly
* Revert "container stop: kill conmon"
* Ensure that containers do not get stuck in stopping
* [CI:DOCS] Improvements to make validatepr
* ExitWithError() - rest of the p files
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.58.1
* Graceful shutdown during podman kube down
* Remove duplicate call
* test/system: fix broken "podman volume globs" test
* Quadlet/Container: Add GroupAdd option
* Don't panic if a runtime was configured without paths
* update c/{buildah,common,image,storage} to latest main
* update golangci-lint to 1.58
* machine: Add LibKrun provider detection
* ExitWithError() - continue tightening
* fix(deps): update module google.golang.org/protobuf to v1.34.1
* test: improve test for powercap presence
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.3
* fix(deps): update module go.etcd.io/bbolt to v1.3.10
* fix(deps): update module golang.org/x/tools to v0.21.0
* [skip-ci] RPM: `bats` required only on Fedora
* fix(deps): update module golang.org/x/exp to v0.0.0-20240506185415-9bf2ced13842
* gpdate and remove parameter settings in `.golangci.yml`
* ExitWithError() - play_kube_test.go
* Temporarily disable rootless debian e2e testing
* fix(deps): update module golang.org/x/crypto to v0.23.0
* CI Docs: Clarify passthrough_envars() comments
* Skip machine tests if they don't need to be run
* Update CI VMs to F40, F39, D13
* ExitWithError() - v files
* Update module golang.org/x/term to v0.20.0
* machine: Add provider detection API
* util: specify a not empty pause dir for root too
* Add missing option 'healthy' to output of `podman run --help`
* [CI:DOCS] Add info on the quay.io images to the README.md
* Add a random suffix to healthcheck unit names
* test/e2e: remove toolbox image
* Also substitute $HOME in runlabel with user's homedir
* Update module github.com/cyphar/filepath-securejoin to v0.2.5
* Change tmpDir for macOS
* ExitWithError() - pod_xxx tests
* ExitWithError() -- run_test.go
* Update module golang.org/x/exp to v0.0.0-20240416160154-fe59bbe5cc7f
* Update module github.com/shirou/gopsutil/v3 to v3.24.4
* Update module github.com/docker/docker to v26.1.1+incompatible
* GHA: Attempt fix exceeded a secondary rate limit
* vendor ginkgo 2.17.2 into test/tools
* Fix machine volumes with long path and paths with dashes
* Update module google.golang.org/protobuf to v1.34.0
* Update module github.com/crc-org/crc/v2 to v2.35.0
* Update module github.com/onsi/gomega to v1.33.1
* test/e2e: podman unshare image mount fix tmpdir leak
* test/e2e: do not leak /tmp/private_file
* test/e2e: "persistentVolumeClaim with source" do not leak file
* e2e tests: use /var/tmp, not $TMPDIR, as workdirs
* Update dependency pytest to v8.1.2
* Remove unncessary lines at the end of specfile summary
* Clean machine pull cache
* Add krun support to podman machine
* Use custom image for make validatepr
* test/e2e: force systemd cgroup manager
* e2e and bindings tests: fix $PATH setup
* Makefile: remove useless HACK variable in e2e test
* test/e2e: fix volumes and suid/dev/exec options
* test/e2e: volumes and suid/dev/exec options works remote
* test/e2e: fix limits test
* Update module github.com/rootless-containers/rootlesskit/v2 to v2.1.0
* Correct option name `ip` -> `ip6`
* Add the ability to automount images as volumes via play
* Add support for image volume subpaths
* Bump Buildah to latest main
* Update Makefile to Go 1.22 for in-container
* ExitWithError() - yet more low-hanging fruit
* ExitWithError() - more low-hanging fruit
* ExitWithError() - low-hanging fruit
* chore: fix function names in comment
* Remove redundant Prerequisite before build section
* Remove PKG_CONFIG_PATH
* Add installation instructions for openSUSE
* Replace golang.org/x/exp/slices with slices from std
* Update to go 1.21
* fix(deps): update module github.com/docker/docker to v26.1.0+incompatible
* [CI:DOCS] Fix artifact action
* [skip-ci] Packit/rpm: remove el8 jobs and spec conditionals
* e2e tests: stop littering
* [CI:DOCS] format podman-pull example as code
* [CI:DOCS] Build & upload release artifacts with GitHub Actions
* libpod: getHealthCheckLog() remove unessesary check
* add containers.conf healthcheck_events support
* vendor latest c/common
* libpod: make healthcheck events more efficient
* libpod: wrap store setup error message
* [skip-ci] Packit: enable CentOS 10 Stream build jobs
* pkg/systemd: use fileutils.(Le|E)xists
* pkg/bindings: use fileutils.(Le|E)xists
* pkg/util: use fileutils.(Le|E)xists
* pkg/trust: use fileutils.(Le|E)xists
* pkg/specgen: use fileutils.(Le|E)xists
* pkg/rootless: use fileutils.(Le|E)xists
* pkg/machine: use fileutils.(Le|E)xists
* pkg/domain: use fileutils.(Le|E)xists
* pkg/api: use fileutils.(Le|E)xists
* libpod: use fileutils.(Le|E)xists
* cmd: use fileutils.(Le|E)xists
* vendor: update containers/{buildah,common,image,storage}
* fix(deps): update module github.com/docker/docker to v26.0.2+incompatible [security]
* fix podman-pod-restart.1.md typo
* [skip-ci] Packit: switch to EPEL instead of centos-stream+epel-next
* fix(deps): update module github.com/onsi/gomega to v1.33.0
* Add more annnotation information to podman kupe play man page
* test/compose: remove compose v1 code
* CI: remove compose v1 tests
* fix: close resource file
* [CI:DOCS] Fix windows installer action
* fix(deps): update module tags.cncf.io/container-device-interface to v0.7.2
* add `list` as an alias to list networks
* Add support for updating restart policy
* Add Compat API for Update
* Make `podman update` changes persistent
* Emergency fix (well, skip) for failing bud tests
* fix swagger doc for manifest create
* [CI:DOCS] options/network: fix markdown lists
* Makefile: do not hardcode `GOOS` in `podman-remote-static` target
* chore(deps): update module golang.org/x/crypto to v0.17.0 [security]
* chore(deps): update dependency setuptools to ~=69.5.0
* Fix some comments
* swagger fix infinitive recursion on some types
* install swagger from source
* Revert "Swap out javascript engine"
* podman exec CID without command should exit 125
* (minor) prefetch systemd image before use
* Update go-swagger version
* Swap out javascript engine
* fix(deps): update module github.com/docker/docker to v26.0.1+incompatible
* Add os, arch, and ismanifest to libpod image list
* [CI:DOCS]Initial PR validation
* fix(deps): update github.com/containers/gvisor-tap-vsock digest to d744d71
* vendor ginkgo 2.17.1 into test/tools
* fix "concurrent map writes" in network ls compat endpoint
* chore(deps): update dependency pytest to v8
* e2e: redefine ExitWithError() to require exit code
* docs: fix missleading run/create --expose description
* podman ps: show exposed ports under PORTS as well
* rootless: drop function ReadMappingsProc
* fix(deps): update module github.com/vbauerster/mpb/v8 to v8.7.3
* New CI VMs, to give us pasta 2024-04-05
* Add big warning to GHA workflow
* GHA: Fix intermittent workflow error
* fix(deps): update module golang.org/x/tools to v0.20.0
* e2e tests: remove requirement for fuse-overlayfs
* docs: update Quadlet volume Options desc
* fix(deps): update module golang.org/x/sync to v0.7.0
* Fix relabeling failures with Z/z volumes on Mac
* fix(deps): update module golang.org/x/net to v0.24.0
* Makefile: fix annoying errors in docs generation
* chore: fix function names in comment
* Bump tags.cncf.io/container-device-interface to v0.7.1
* fix(deps): update module golang.org/x/crypto to v0.22.0
* Detect unhandled reboots and require user intervention
* podman --runroot: remove 50 char length restriction
* update github.com/rootless-containers/rootlesskit to v2
* Update module github.com/gorilla/schema to v1.3.0
* Update dependency requests-mock to ~=1.12.1
* Update module github.com/crc-org/crc/v2 to v2.34.1
* rm --force work for more than one arg
* [CI:DOCS] Update kube docs
* fix(deps): update module github.com/shirou/gopsutil/v3 to v3.24.3
* [CI:DOCS] Add GitHub action to update version on Podman.io
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.57.2
* Windows: clean up temporary perl install
* pkg/util: FindDeviceNodes() ignore ENOENT errors
* [CI:DOCS] build deps: make-validate needs docs
* test/system: add rootless-netns test for setup errors
* vendor latest c/common main
* container: do not chown to dest target with U
* [CI:DOCS] golangci-lint: update deprecated flags
* systests: conditionalize slirp4netns tests
* CI: systests: instrument flaky tests
* s3fs docs
* test: do not skip tests under rootless
* Add note about host networking to Kube PublishPort option
* Inject additional build tags from the environment
* libpod: use original IDs if idmap is provided
* Switch back to checking out the same branch the action script runs in
* docs/podman-login: Give an example of writing the persistent path
* CI: Bump VMs to 2024-03-28
* [skip-ci] Update dawidd6/action-send-mail action to v3.12.0
* fix(deps): update module github.com/openshift/imagebuilder to v1.2.7
* Fix reference to deprecated types.Info
* Use logformatter for podman_machine_windows_task
* applehv: Print vfkit logs in --log-level debug
* [CI:DOCS]Add Mario to reviewers list
* [CI:DOCS] Document CI-maintenance job addition
* Add golang 1.21 update warning
* Add rootless network command to `podman info`
* libpod: don't warn about cgroupsv1 on FreeBSD
* hyperv: error if not admin
* Properly parse stderr when updating container status
* [skip-ci] Packit: specify fedora-latest in propose-downstream
* Use built-in ssh impl for all non-pty operations
* Add support for annotations
* hyperv: fix machine rm -r
* [skip-ci] Packit: Enable CentOS Stream 10 update job
* 5.0 release note fix typo in cgroupv1 env var
* fix remote build isolation on client side
* chore: remove repetitive words
* Dont save remote context in temp file but stream and extract
* fix remote build isolation when server runs as root
* util: use private propagation with bind
* util: add some tests for ProcessOptions
* util: refactor ProcessOptions into an internal function
* util: rename files to snake case
* Add LoongArch support for libpod
* fix(deps): update github.com/containers/common digest to bc5f97c
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.57.1
* fix(deps): update module github.com/docker/docker to v25.0.5+incompatible [security]
* fix(deps): update module github.com/onsi/gomega to v1.32.0
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.57.0
* Update module github.com/cpuguy83/go-md2man/v2 to v2.0.4
* Fix type-o
* Use correct extension in suite
* minikube: instrument tests, to allow debugging failures
* libpod: restart always reconfigure the netns
* use new c/common pasta2 setup logic to fix dns
* utils: drop conversion float->string->float
* utils: do not generate duplicate range
* logformatter: handle Windows logs
* utils: add test for the new function
* utils: move rootless code to a new function
* xref-helpmsgs-manpages: cross-check Commands.rst
* test/system: Add support for multipath routes in pasta networking tests
* [skip-ci] rpm: use macro supported vendoring
* Adjust to the standard location of gvforwarder used in new images
* Makefile: add target `podman-remote-static`
* Switch to 5.x WSL machine os stream using new automation
* Cleanup build scratch dir if remote end disconnects while passing the context
* bump main to 5.1.0-dev
* Use faster gzip for compression for 3x speedup for sending large contexts to remote
* pkg/machine: make checkExclusiveActiveVM race free
* pkg/machine/wsl: remove unused CheckExclusiveActiveVM()
* pkg/machine: CheckExclusiveActiveVM should also check for starting
* pkg/machine: refresh config after we hold lock
* Update dependency setuptools to ~=69.2.0
* [skip-ci] rpm: update containers-common dep on f40+
* fix invalid HTTP header values when hijacking a connection
* Add doc to build podman on windows without MSYS
* Removing CRI-O related annotations
* fix(deps): update module github.com/containers/ocicrypt to v1.1.10
* Pass the restart policy to the individual containers
* kube play: always pull when both imagePullPolicy and tag are missing
ImportantSUSE bug 1221677SUSE bug 1224112SUSE bug 1231208SUSE bug 1236270SUSE bug 1236507SUSE bug 1237641SUSE bug 1239330CVE-2023-45288 at SUSECVE-2023-45288 at NVDCVE-2024-11218 at SUSECVE-2024-11218 at NVDCVE-2024-1753 at SUSECVE-2024-1753 at NVDCVE-2024-3727 at SUSECVE-2024-3727 at NVDCVE-2024-9407 at SUSECVE-2024-9407 at NVDCVE-2025-22869 at SUSECVE-2025-22869 at NVDCVE-2025-27144 at SUSECVE-2025-27144 at NVDcpe:/o:suse:sl-micro:6.1Security update for libxslt (Important)SUSE Linux Micro 6.1
This update for libxslt fixes the following issues:
* CVE-2025-24855: Fix use-after-free of XPath context node (bsc#1239625)
* CVE-2024-55549: Fix UAF related to excluded namespaces (bsc#1239637)
* CVE-2023-40403: Make generate-id() deterministic (bsc#1238591)
ImportantSUSE bug 1238591SUSE bug 1239625SUSE bug 1239637CVE-2023-40403 at SUSECVE-2023-40403 at NVDCVE-2024-55549 at SUSECVE-2024-55549 at NVDCVE-2025-24855 at SUSECVE-2025-24855 at NVDcpe:/o:suse:sl-micro:6.1Security update for gnutls (Moderate)SUSE Linux Micro 6.1
This update for gnutls fixes the following issues:
- CVE-2024-12243: Fixed inefficient DER Decoding in libtasn1 which could lead to remote DoS (bsc#1236974).
ModerateSUSE bug 1236974CVE-2024-12243 at SUSECVE-2024-12243 at NVDcpe:/o:suse:sl-micro:6.1Security update for libX11 (Moderate)SUSE Linux Micro 6.1
This update for libX11 fixes the following issues:
- CVE-2025-26597: Fixed Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
ModerateSUSE bug 1237431CVE-2025-26597 at SUSECVE-2025-26597 at NVDcpe:/o:suse:sl-micro:6.1Security update for krb5 (Moderate)SUSE Linux Micro 6.1
This update for krb5 fixes the following issues:
- CVE-2025-24528: Prevent overflow when calculating ulog block size.
An authenticated attacker can cause kadmind to write beyond the end
of the mapped region for the iprop log file, likely causing a process
crash; ((bsc#1236619).
ModerateSUSE bug 1236619CVE-2025-24528 at SUSECVE-2025-24528 at NVDcpe:/o:suse:sl-micro:6.1Security update for util-linux (Important)SUSE Linux Micro 6.1
This update for util-linux fixes the following issues:
- Updated to version 2.40.4:
* agetty: Prevent cursor escape (bsc#1194818)
* chcpu(8): Document CPU deconfiguring behavior
* fdisk: SGI fixes
* hardlink: fix memory corruption
* hardlink.1 directory|file is mandatory
* lib/env: fix env_list_setenv() for strings without '='
* libblkid:
(exfat) validate fields used by prober
(gpt) use blkid_probe_verify_csum() for partition array
checksum
add FSLASTBLOCK for swaparea
bitlocker fix version on big-endian systems
* libfdisk: make sure libblkid uses the same sector size
* libmount:
extract common error handling function
propagate first error of multiple filesystem types
* logger: correctly format tv_usec
* lscpu: Skip aarch64 decode path for rest of the architectures
(bsc#1229476)
* lsns: ignore ESRCH errors reported when accessing files under
/proc
* mkswap: set selinux label also when creating file
* more: make sure we have data on stderr
* nsenter: support empty environ
* umount, losetup: Document loop destroy behavior
(bsc#1159034).
* uuidd: fix /var/lib/libuuid mode uuidd-tmpfiles.conf
fix /var/lib/libuuid mode uuidd-tmpfiles.conf
- Refresh util-linux.keyring. Key validity was extended.
- Update to version 2.40.2:
* cfdisk: fix possible integer overflow
* libmount: improving robustness in reading kernel messages,
add pidfs to pseudo fs list
* lscpu: New Arm Cortex part numbers
fix hang of lscpu -e (bsc#1225598)
* lsfd: Refactor the pidfd logic, support pidfs
* mkswap.8.adoc: update note regarding swapfile creation
* setpgid: make -f work
- Enable kernel mountfd API, as it should be already stable
(PED-9752).
- Move autoreconf back to %build.
- Add devel dependencies.
- Remove util-linux-rpmlintrc. It is no more needed with multibuild.
- uncomment "autoreconf --install" to use the new version of automake
- disable libmagic in more(1) for binary detection (bsc#1225197)
- add support for pidfs in kernel 6.9 (bsc#1224285)
- Update to version 2.40.1:
* more: clean processes not cleaned up after failed SSH session
using up 100% CPU (bsc#1220117)
* CVE-2024-28085: Fixed improper neutralization of escape sequences in wall (bsc#1221831)
* chcpu: document limitations of -g (bsc#1218609)
* lscpu: even more Arm part numbers (bsc#1223605)
ImportantSUSE bug 1159034SUSE bug 1194818SUSE bug 1218609SUSE bug 1220117SUSE bug 1221831SUSE bug 1223605SUSE bug 1224285SUSE bug 1225197SUSE bug 1225598SUSE bug 1229476CVE-2024-28085 at SUSECVE-2024-28085 at NVDcpe:/o:suse:sl-micro:6.1Security update for ca-certificates-mozilla (Moderate)SUSE Linux Micro 6.1
This update for ca-certificates-mozilla fixes the following issues:
Update to 2.74 state of Mozilla SSL root CAs:
Removed:
* SwissSign Silver CA - G2
Added:
* D-TRUST BR Root CA 2 2023
* D-TRUST EV Root CA 2 2023
Updated to 2.72 state of Mozilla SSL root CAs (bsc#1234798):
Removed:
* SecureSign RootCA11
* Security Communication RootCA3
Added:
* TWCA CYBER Root CA
* TWCA Global Root CA G2
* SecureSign Root CA12
* SecureSign Root CA14
* SecureSign Root CA15
ModerateSUSE bug 1010996SUSE bug 1199079SUSE bug 1229003SUSE bug 1234798SUSE bug 1240009SUSE bug 1240343SUSE bug 441356cpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52778: mptcp: deal with large GSO size (bsc#1224948).
- CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823).
- CVE-2024-26596: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events (bsc#1220355).
- CVE-2024-26741: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished() (bsc#1222587).
- CVE-2024-26782: mptcp: fix double-free on socket dismantle (bsc#1222590).
- CVE-2024-26953: net: esp: fix bad handling of pages from page_pool (bsc#1223656).
- CVE-2024-27017: netfilter: nft_set_pipapo: walk over current view on netlink dump (bsc#1223733).
- CVE-2024-35888: erspan: make sure erspan_base_hdr is present in skb->head (bsc#1224518).
- CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).
- CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797).
- CVE-2024-36883: net: fix out-of-bounds access in ops_init (bsc#1225725).
- CVE-2024-36886: tipc: fix UAF in error path (bsc#1225730).
- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).
- CVE-2024-36927: ipv4: Fix uninit-value access in __ip_make_skb() (bsc#1225813).
- CVE-2024-36954: tipc: fix a possible memleak in tipc_buf_append (bsc#1225764).
- CVE-2024-36968: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() (bsc#1226130).
- CVE-2024-38589: netrom: fix possible dead-lock in nr_rt_ioctl() (bsc#1226748).
- CVE-2024-40914: mm/huge_memory: do not unpoison huge_zero_folio (bsc#1227842).
- CVE-2024-41023: sched/deadline: Fix task_struct reference leak (bsc#1228430).
- CVE-2024-41031: mm/filemap: skip to create PMD-sized page cache if needed (bsc#1228454).
- CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620).
- CVE-2024-42102: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (bsc#1233132).
- CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179).
- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
- CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456).
- CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550).
- CVE-2024-46680: Bluetooth: btnxpuart: Fix random crash seen while removing driver (bsc#1230557).
- CVE-2024-46681: pktgen: use cpus_read_lock() in pg_net_init() (bsc#1230558).
- CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
- CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801).
- CVE-2024-46765: ice: protect XDP configuration with a mutex (bsc#1230807).
- CVE-2024-46766: ice: move netif_queue_set_napi to rtnl-protected sections (bsc#1230762).
- CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
- CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774).
- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191).
- CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197).
- CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115).
- CVE-2024-46831: net: microchip: vcap: Fix use-after-free error in kunit test (bsc#1231117).
- CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096).
- CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105).
- CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094).
- CVE-2024-46843: scsi: ufs: core: Remove SCSI host only if added (bsc#1231100).
- CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
- CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085).
- CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087).
- CVE-2024-46870: drm/amd/display: Disable DMCUB timeout for DCN35 (bsc#1231435).
- CVE-2024-47658: crypto: stm32/cryp - call finalize with bh disabled (bsc#1231436).
- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).
- CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442).
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode() and iput() (bsc#1231930).
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987).
- CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998).
- CVE-2024-47687: vdpa/mlx5: Fix invalid mr resource destroy (bsc#1232003).
- CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857).
- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).
- CVE-2024-47703: bpf, lsm: add check for BPF LSM return value (bsc#1231946).
- CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944).
- CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872).
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942).
- CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935).
- CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049).
- CVE-2024-47727: x86/tdx: Fix "in-kernel MMIO" check (bsc#1232116).
- CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075).
- CVE-2024-47731: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing (bsc#1232117).
- CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124).
- CVE-2024-47741: btrfs: fix race setting file private on concurrent lseek using same fd (bsc#1231869).
- CVE-2024-47745: mm: call the security_mmap_file() LSM hook in remap_file_pages() (bsc#1232135).
- CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145).
- CVE-2024-47752: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning (bsc#1232130).
- CVE-2024-47753: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning (bsc#1231868).
- CVE-2024-47754: media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning (bsc#1232131).
- CVE-2024-49852: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (bsc#1232819).
- CVE-2024-49864: rxrpc: Fix a race between socket set up and I/O thread creation (bsc#1232256).
- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232262).
- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).
- CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201).
- CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200).
- CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199).
- CVE-2024-49888: bpf: Fix a sdiv overflow issue (bsc#1232208).
- CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217).
- CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220).
- CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354).
- CVE-2024-49895: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (bsc#1232352).
- CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221).
- CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355).
- CVE-2024-49898: drm/amd/display: Check null-initialized variables (bsc#1232222).
- CVE-2024-49899: drm/amd/display: Initialize denominators' default to 1 (bsc#1232358).
- CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305).
- CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332).
- CVE-2024-49907: drm/amd/display: Check null pointers before using dc->clk_mgr (bsc#1232334).
- CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337).
- CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366).
- CVE-2024-49912: drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' (bsc#1232367).
- CVE-2024-49913: drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (bsc#1232307).
- CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369).
- CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965).
- CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967).
- CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968).
- CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313).
- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).
- CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374).
- CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368).
- CVE-2024-49934: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (bsc#1232387).
- CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424).
- CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166).
- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).
- CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164).
- CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160).
- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-49953: net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (bsc#1232156).
- CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155).
- CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151).
- CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149).
- CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395).
- CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140).
- CVE-2024-49968: ext4: filesystems without casefold feature cannot be mounted with siphash (bsc#1232264).
- CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519).
- CVE-2024-49972: drm/amd/display: Deallocate DML memory if allocation fails (bsc#1232315).
- CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105).
- CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383).
- CVE-2024-49983: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free (bsc#1232096).
- CVE-2024-49986: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors (bsc#1232093).
- CVE-2024-49987: bpftool: Fix undefined behavior in qsort(NULL, 0, ...) (bsc#1232258).
- CVE-2024-49989: drm/amd/display: fix double free issue during amdgpu module unload (bsc#1232483).
- CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282).
- CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316).
- CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).
- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
- CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085).
- CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084).
- CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083).
- CVE-2024-50003: drm/amd/display: Fix system hang while resume with TBT monitor (bsc#1232385).
- CVE-2024-50004: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 (bsc#1232396).
- CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442).
- CVE-2024-50009: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value (bsc#1232318).
- CVE-2024-50012: cpufreq: Avoid a bad reference count on CPU node (bsc#1232386).
- CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446).
- CVE-2024-50015: ext4: dax: fix overflowing extents beyond inode size when partially writing (bsc#1232079).
- CVE-2024-50020: ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() (bsc#1231989).
- CVE-2024-50021: ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() (bsc#1231957).
- CVE-2024-50022: device-dax: correct pgoff align in dax_set_mapping() (bsc#1231956).
- CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954).
- CVE-2024-50027: thermal: core: Free tzp copy along with the thermal zone (bsc#1231951).
- CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950).
- CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914).
- CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392).
- CVE-2024-50040: igb: Do not bring the device up after non-fatal error (bsc#1231908).
- CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907).
- CVE-2024-50042: ice: Fix increasing MSI-X on VF (bsc#1231906).
- CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903).
- CVE-2024-50046: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902).
- CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418).
- CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345).
- CVE-2024-50060: io_uring: check if we need to reschedule during overflow flush (bsc#1232417).
- CVE-2024-50063: bpf: Prevent tail call between progs attached to different hooks (bsc#1232435).
- CVE-2024-50064: zram: free secondary algorithms names (bsc#1231901).
- CVE-2024-50080: ublk: do not allow user copy for unprivileged device (bsc#1232502).
- CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501).
- CVE-2024-50082: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (bsc#1232500).
- CVE-2024-50084: net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() (bsc#1232494).
- CVE-2024-50087: btrfs: fix uninitialized pointer free on read_alloc_one_name() error (bsc#1232499).
- CVE-2024-50088: btrfs: fix uninitialized pointer free in add_inode_ref() (bsc#1232498).
- CVE-2024-50098: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down (bsc#1232881).
- CVE-2024-50110: xfrm: fix one more kernel-infoleak in algo dumping (bsc#1232885).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232926).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).
- CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905).
- CVE-2024-50130: netfilter: bpf: must hold reference on net namespace (bsc#1232894).
- CVE-2024-50138: bpf: Use raw_spinlock_t in ringbuf (bsc#1232935).
- CVE-2024-50139: KVM: arm64: Fix shift-out-of-bounds bug (bsc#1233062).
- CVE-2024-50145: octeon_ep: add SKB allocation failures handling in __octep_oq_process_rx() (bsc#1233044).
- CVE-2024-50153: scsi: target: core: Fix null-ptr-deref in target_alloc_device() (bsc#1233061).
- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).
- CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050).
- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).
- CVE-2024-50169: vsock: Update rx_bytes on read_skb() (bsc#1233320).
- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).
- CVE-2024-50177: drm/amd/display: fix a UBSAN warning in DML2.1 (bsc#1233115).
- CVE-2024-50182: secretmem: disable memfd_secret() if arch cannot set direct map (bsc#1233129).
- CVE-2024-50184: virtio_pmem: Check device status before requesting flush (bsc#1233135).
- CVE-2024-50186: net: explicitly clear the sk pointer, when pf->create fails (bsc#1233110).
- CVE-2024-50192: irqchip/gic-v4: Do not allow a VMOVP on a dying VPE (bsc#1233106).
- CVE-2024-50225: btrfs: fix error propagation of split bios (bsc#1233193).
- CVE-2024-50228: mm: shmem: fix data-race in shmem_getattr() (bsc#1233204).
- CVE-2024-50230: nilfs2: fix kernel bug due to missing clearing of checked flag (bsc#1233206).
- CVE-2024-50245: fs/ntfs3: Fix possible deadlock in mi_read (bsc#1233203).
- CVE-2024-50246: fs/ntfs3: Add rough attr alloc_size check (bsc#1233207).
- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233226).
- CVE-2024-50252: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address (bsc#1233201).
- CVE-2024-50257: netfilter: Fix use-after-free in get_info() (bsc#1233244).
- CVE-2024-50261: macsec: Fix use-after-free while sending the offloading packet (bsc#1233253).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50271: signal: restore the override_rlimit logic (bsc#1233460).
- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).
- CVE-2024-50274: idpf: avoid vport access in idpf_get_link_ksettings (bsc#1233463).
- CVE-2024-50275: arm64/sve: Discard stale CPU state when handling SVE traps (bsc#1233464).
- CVE-2024-50276: net: vertexcom: mse102x: Fix possible double free of TX skb (bsc#1233465).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).
- CVE-2024-50295: net: arc: fix the device for dma_map_single/dma_unmap_single (bsc#1233484).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-50298: net: enetc: allocate vf_state during PF probes (bsc#1233487).
- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233540).
- CVE-2024-53043: mctp i2c: handle NULL header address (bsc#1233523).
- CVE-2024-53048: ice: fix crash on probe for DPLL enabled E810 LOM (bsc#1233721).
- CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547).
- CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550).
- CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568).
- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).
- CVE-2024-53079: mm/thp: fix deferred split unqueue naming and locking (bsc#1233570).
- CVE-2024-53082: virtio_net: Add hash_key_length check (bsc#1233573).
- CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642).
- CVE-2024-53110: vp_vdpa: fix id_table array not null terminated error (bsc#1234085).
- CVE-2024-53121: net/mlx5: fs, lock FTE when checking if active (bsc#1234078).
- CVE-2024-53138: net/mlx5e: kTLS, Fix incorrect page refcounting (bsc#1234223).
The following non-security bugs were fixed:
- 9p: explicitly deny setlease attempts (git-fixes).
- ACPI: CPPC: Add support for setting EPP register in FFH (stable-fixes).
- ACPI: CPPC: Fix _CPC register setting issue (git-fixes).
- ACPI: CPPC: Make rmw_lock a raw_spin_lock (git-fixes).
- ACPI: EC: Do not release locks during operation region accesses (stable-fixes).
- ACPI: PAD: fix crash in exit_round_robin() (stable-fixes).
- ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes).
- ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git-fixes).
- ACPI: battery: Fix possible crash when unregistering a battery hook (git-fixes).
- ACPI: battery: Simplify battery hook locking (stable-fixes).
- ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue (stable-fixes).
- ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable-fixes).
- ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes).
- ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes).
- ACPICA: iasl: handle empty connection_node (stable-fixes).
- ALSA/hda: intel-sdw-acpi: cleanup sdw_intel_scan_controller (stable-fixes).
- ALSA/hda: intel-sdw-acpi: fetch fwnode once in sdw_intel_scan_controller() (stable-fixes).
- ALSA/hda: intel-sdw-acpi: simplify sdw-master-count property read (stable-fixes).
- ALSA: 6fire: Release resources at card release (git-fixes).
- ALSA: Reorganize kerneldoc parameter names (stable-fixes).
- ALSA: ac97: bus: Fix the mistake in the comment (git-fixes).
- ALSA: asihpi: Fix potential OOB array access (stable-fixes).
- ALSA: caiaq: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ALSA: core: add isascii() check to card ID generator (stable-fixes).
- ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes).
- ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() (git-fixes).
- ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable-fixes).
- ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes).
- ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes).
- ALSA: hda/conexant: fix Z60MR100 startup pop issue (stable-fixes).
- ALSA: hda/conexant: fix some typos (stable-fixes).
- ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes).
- ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (bsc#1219803).
- ALSA: hda/realtek - Fixed Clevo platform headset Mic issue (stable-fixes).
- ALSA: hda/realtek - update set GPIO3 to default for Thinkpad with ALC1318 (git-fixes).
- ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 (stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 (stable-fixes).
- ALSA: hda/realtek: Add support for Samsung Galaxy Book3 360 (NP730QFG) (stable-fixes).
- ALSA: hda/realtek: Apply quirk for Medion E15433 (bsc#1233298).
- ALSA: hda/realtek: Enable mic on Vaio VJFH52 (stable-fixes).
- ALSA: hda/realtek: Enable mute and micmute LED on HP ProBook 430 G8 (stable-fixes).
- ALSA: hda/realtek: Enable speaker pins for Medion E15443 platform (bsc#1233298).
- ALSA: hda/realtek: Fix Internal Speaker and Mic boost of Infinix Y4 Max (bsc#1233298).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 (stable-fixes).
- ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes).
- ALSA: hda/realtek: Limit internal Mic boost on Dell platform (stable-fixes).
- ALSA: hda/realtek: Refactor and simplify Samsung Galaxy Book init (stable-fixes).
- ALSA: hda/realtek: Set PCBeep to default value for ALC274 (stable-fixes).
- ALSA: hda/realtek: Update ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Update ALC256 depop procedure (git-fixes).
- ALSA: hda/realtek: Update default depop procedure (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LED for HP mt645 G8 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 (stable-fixes).
- ALSA: hda/realtek: tas2781: Fix ROG ALLY X audio (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo Y990 Laptop (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects (stable-fixes).
- ALSA: hda/tas2781: select CRC32 instead of CRC32_SARWATE (git-fixes).
- ALSA: hda: Poll jack events for LS7A HD-Audio (stable-fixes).
- ALSA: hda: Show the codec quirk info at probing (stable-fixes).
- ALSA: hda: Sound support for HP Spectre x360 16 inch model 2024 (stable-fixes).
- ALSA: hda: tas2781: Fix missing setup at runtime PM (bsc#1230132).
- ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes).
- ALSA: ice1712: Remove redundant code in stac9460_dac_vol_put (stable-fixes).
- ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes).
- ALSA: line6: update contact information (stable-fixes).
- ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes).
- ALSA: pcm: Add sanity NULL check for the default mmap fault handler (stable-fixes).
- ALSA: silence integer wrapping warning (stable-fixes).
- ALSA: ump: Fix evaluation of MIDI 1.0 FB info (git-fixes).
- ALSA: us122l: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ALSA: usb-audio: Add Pioneer DJ/AlphaTheta DJM-A9 Mixer (stable-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes).
- ALSA: usb-audio: Add input value sanity checks for standard types (stable-fixes).
- ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes).
- ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes).
- ALSA: usb-audio: Add quirk for HP 320 FHD Webcam (bsc#1232768).
- ALSA: usb-audio: Add quirks for Dell WD19 dock (stable-fixes).
- ALSA: usb-audio: Define macros for quirk table entries (stable-fixes).
- ALSA: usb-audio: Fix Yamaha P-125 Quirk Entry (stable-fixes).
- ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (stable-fixes).
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (git-fixes).
- ALSA: usb-audio: Make mic volume workarounds globally applicable (stable-fixes).
- ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes).
- ALSA: usb-audio: Use snprintf instead of sprintf in build_mixer_unit_ctl (stable-fixes).
- ALSA: usb-audio: add mixer mapping for Corsair HS80 (stable-fixes).
- ALSA: usx2y: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ASoC: Intel: avs: da7219: Remove suspend_pre() and resume_post() (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated codec (stable-fixes).
- ASoC: Intel: sst: Fix used of uninitialized ctx to log an error (git-fixes).
- ASoC: Intel: sst: Support LPE0F28 ACPI HID (stable-fixes).
- ASoC: SOF: Add i2s bt dai configuration support for AMD platforms (bsc#1233305).
- ASoC: SOF: Add support for configuring PDM interface from topology (bsc#1233305).
- ASoC: SOF: Deprecate invalid enums in IPC3 (bsc#1233305).
- ASoC: SOF: IPC4: get pipeline priority from topology (bsc#1233305).
- ASoC: SOF: IPC4: synchronize fw_config_params with fw definitions (bsc#1233305).
- ASoC: SOF: Refactor sof_i2s_tokens reading to update acpbt dai (bsc#1233305).
- ASoC: SOF: Rename amd_bt sof_dai_type (bsc#1233305).
- ASoC: SOF: Wire up buffer flags (bsc#1233305).
- ASoC: SOF: add alignment for topology header file struct definition (bsc#1233305).
- ASoC: SOF: align topology header file with sof topology header (bsc#1233305).
- ASoC: SOF: ipc3-topology: Convert the topology pin index to ALH dai index (git-fixes).
- ASoC: SOF: ipc3-topology: fix resource leaks in sof_ipc3_widget_setup_comp_dai() (git-fixes).
- ASoC: SOF: ipc4-control: Add support for ALSA enum control (bsc#1233305).
- ASoC: SOF: ipc4-control: Add support for ALSA switch control (bsc#1233305).
- ASoC: SOF: ipc4-mtrace: move debug slot related definitions to header.h (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add deep buffer size to debug prints (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add definition for generic switch/enum control (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add module ID print during module set up (bsc#1233305).
- ASoC: SOF: ipc4-topology: Helper to find an swidget by module/instance id (bsc#1233305).
- ASoC: SOF: ipc4-topology: Only handle dai_config with HW_PARAMS for ChainDMA (bsc#1233305).
- ASoC: SOF: ipc4-topology: change chain_dma handling in dai_config (bsc#1233305).
- ASoC: SOF: ipc4-topology: export sof_ipc4_copier_is_single_format (bsc#1233305).
- ASoC: SOF: ipc4-topology: set config_length based on device_count (bsc#1233305).
- ASoC: SOF: ipc4: Add data struct for module notification message from firmware (bsc#1233305).
- ASoC: SOF: ipc4: Add new message type: SOF_IPC4_GLB_LOAD_LIBRARY_PREPARE (bsc#1233305).
- ASoC: SOF: sof-client-probes-ipc4: Set param_size extension bits (git-fixes).
- ASoC: SOF: topology: Parse DAI type token for dspless mode (bsc#1233305).
- ASoC: SOF: topology: dynamically allocate and store DAI widget->private (bsc#1233305).
- ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA (stable-fixes).
- ASoC: amd: yc: Add quirk for HP Dragonfly pro one (stable-fixes).
- ASoC: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry (git-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA (stable-fixes).
- ASoC: amd: yc: Support dmic on another model of Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022 (stable-fixes).
- ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is uninitialized (git-fixes).
- ASoC: audio-graph-card2: Purge absent supplies for device tree nodes (stable-fixes).
- ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() (git-fixes).
- ASoC: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes).
- ASoC: codecs: rt5640: Always disable IRQs from rt5640_cancel_work() (stable-fixes).
- ASoC: codecs: wsa883x: Handle reading version failure (stable-fixes).
- ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() (git-fixes).
- ASoC: dapm: fix bounds checker error in dapm_widget_list_create (git-fixes).
- ASoC: fsl_micfil: Add sample rate constraint (stable-fixes).
- ASoC: fsl_micfil: fix regmap_write_bits usage (git-fixes).
- ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit (stable-fixes).
- ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git-fixes).
- ASoC: max98388: Fix missing increment of variable slot_found (git-fixes).
- ASoC: mediatek: mt8188-mt6359: Remove hardcoded dmic codec (git-fixes).
- ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string (stable-fixes).
- ASoC: rt722-sdca: Remove logically deadcode in rt722-sdca.c (git-fixes).
- ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue (stable-fixes).
- ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove (git-fixes).
- ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() (stable-fixes).
- ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() (stable-fixes).
- ASoC: tas2781: Add new driver version for tas2563 & tas2781 qfn chip (stable-fixes).
- ASoC: tas2781: Use of_property_read_reg() (stable-fixes).
- Bluetooth: Call iso_exit() on module unload (git-fixes).
- Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (git-fixes).
- Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git-fixes).
- Bluetooth: Remove debugfs directory on module init failure (git-fixes).
- Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes).
- Bluetooth: btintel: Direct exception event to bluetooth stack (git-fixes).
- Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test (bsc#1230557)
- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 (stable-fixes).
- Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git-fixes).
- Bluetooth: fix use-after-free in device_for_each_child() (git-fixes).
- Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (git-fixes).
- Bluetooth: hci_core: Fix calling mgmt_device_connected (git-fixes).
- Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes).
- Documentation: kgdb: Correct parameter error (git-fixes).
- HID: Ignore battery for all ELAN I2C-HID devices (stable-fixes).
- HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes).
- HID: core: zero-initialize the report buffer (git-fixes).
- HID: i2c-hid: Remove I2C_HID_QUIRK_SET_PWR_WAKEUP_DEV quirk (stable-fixes).
- HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard (stable-fixes).
- HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad (stable-fixes).
- HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad (stable-fixes).
- HID: multitouch: Add support for B2402FVA track point (stable-fixes).
- HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable-fixes).
- HID: multitouch: Add support for lenovo Y9000P Touchpad (stable-fixes).
- HID: plantronics: Workaround for an unexcepted opposite volume key (stable-fixes).
- HID: wacom: Interpret tilt data from Intuos Pro BT as signed values (git-fixes).
- HID: wacom: fix when get product name maybe null pointer (git-fixes).
- Input: adp5589-keys - fix NULL pointer dereference (git-fixes).
- Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes).
- Input: edt-ft5x06 - fix regmap leak when probe fails (git-fixes).
- Input: hideep - add missing dependency on REGMAP_I2C (git-fixes).
- Input: hycon-hy46xx - add missing dependency on REGMAP_I2C (git-fixes).
- Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line (stable-fixes).
- Input: xpad - add GameSir T4 Kaleid Controller support (git-fixes).
- Input: xpad - add GameSir VID for Xbox One controllers (git-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2C Wireless Controller (git-fixes).
- Input: xpad - add support for MSI Claw A1M (git-fixes).
- Input: xpad - add support for Machenike G5 Pro Controller (git-fixes).
- Input: xpad - fix support for some third-party controllers (git-fixes).
- Input: xpad - sort xpad_device by vendor and product ID (git-fixes).
- Input: xpad - spelling fixes for "Xbox" (git-fixes).
- KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git-fixes).
- KVM: PPC: Book3S HV: Avoid returning to nested hypervisor on pending doorbells (bsc#1215199).
- KVM: PPC: Book3S HV: Stop using vc->dpdes for nested KVM guests (bsc#1215199).
- KVM: PPC: Book3S HV: remove unused varible (bsc#1194869).
- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (bsc#1232207).
- KVM: SEV-ES: Prevent MSR access post VMSA encryption (bsc#1232207).
- KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes).
- KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock (git-fixes).
- KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is disabled (git-fixes).
- KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid (git-fixes).
- KVM: Write the per-page "segment" when clearing (part of) a guest page (git-fixes).
- KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232626).
- KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231276).
- KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232623).
- KVM: x86/mmu: Skip emulation on page fault iff 1+ SPs were unprotected (git-fixes).
- KVM: x86/mmu: Trigger unprotect logic only on write-protection page faults (git-fixes).
- KVM: x86: Dedup fastpath MSR post-handling logic (git-fixes).
- KVM: x86: Enforce x2APIC's must-be-zero reserved ICR bits (git-fixes).
- KVM: x86: Exit to userspace if fastpath triggers one on instruction skip (git-fixes).
- KVM: x86: Move x2APIC ICR helper above kvm_apic_write_nodecode() (git-fixes).
- KVM: x86: Re-enter guest if WRMSR(X2APIC_ICR) fastpath is successful (git-fixes).
- KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).
- NFS: Avoid unnecessary rescanning of the per-server delegation list (git-fixes).
- NFS: remove revoked delegation from server's delegation list (git-fixes).
- NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes).
- NFSD: Mark filecache "down" if init fails (git-fixes).
- NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016).
- NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes).
- PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes).
- PCI: Add T_PVPERL macro (git-fixes).
- PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes).
- PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019).
- PCI: Fix reset_method_store() memory leak (git-fixes).
- PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes).
- PCI: endpoint: Clear secondary (not primary) EPC in pci_epc_remove_epf() (git-fixes).
- PCI: j721e: Deassert PERST# after a delay of PCIE_T_PVPERL_MS milliseconds (git-fixes).
- PCI: keystone: Add link up check to ks_pcie_other_map_bus() (git-fixes).
- PCI: keystone: Set mode as Root Complex for "ti,keystone-pcie" compatible (git-fixes).
- PCI: rockchip-ep: Fix address translation unit programming (git-fixes).
- RAS/AMD/ATL: Add amd_atl pr_fmt() prefix (jsc#PED-10559).
- RAS/AMD/ATL: Expand helpers for adding and removing base and hole (jsc#PED-10559).
- RAS/AMD/ATL: Implement DF 4.5 NP2 denormalization (jsc#PED-10559).
- RAS/AMD/ATL: Read DRAM hole base early (jsc#PED-10559).
- RAS/AMD/ATL: Validate address map when information is gathered (jsc#PED-10559).
- RDMA/bnxt_re: Add a check for memory allocation (git-fixes)
- RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop (git-fixes)
- RDMA/bnxt_re: Change the sequence of updating the CQ toggle value (git-fixes)
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (git-fixes)
- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes)
- RDMA/bnxt_re: Fix a possible memory leak (git-fixes)
- RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes)
- RDMA/bnxt_re: Fix incorrect dereference of srq in async event (git-fixes)
- RDMA/bnxt_re: Fix out of bound check (git-fixes)
- RDMA/bnxt_re: Fix the GID table length (git-fixes)
- RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes)
- RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes)
- RDMA/bnxt_re: Return more meaningful error (git-fixes)
- RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes)
- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)
- RDMA/cxgb4: Dump vendor specific QP details (git-fixes)
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes)
- RDMA/hns: Add mutex_destroy() (git-fixes)
- RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes)
- RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (git-fixes)
- RDMA/hns: Fix an AEQE overflow error caused by untimely update of eq_db_ci (git-fixes)
- RDMA/hns: Fix cpu stuck caused by printings during reset (git-fixes)
- RDMA/hns: Fix different dgids mapping to the same dip_idx (git-fixes)
- RDMA/hns: Fix flush cqe error when racing with destroy qp (git-fixes)
- RDMA/hns: Fix out-of-order issue of requester when setting FENCE (git-fixes)
- RDMA/hns: Use dev_* printings in hem code instead of ibdev_* (git-fixes)
- RDMA/hns: Use macro instead of magic number (git-fixes)
- RDMA/irdma: Fix misspelling of "accept*" (git-fixes)
- RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes)
- RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes).
- RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes).
- RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (git-fixes)
- RDMA/mlx5: Move events notifier registration to be after device registration (git-fixes)
- RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git-fixes)
- RDMA/mlx5: Use sq timestamp as QP timestamp when RoCE is disabled (git-fixes).
- RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git-fixes)
- RDMA/rxe: Fix the qp flush warnings in req (git-fixes)
- RDMA/rxe: Set queue pair cur_qp_state when being queried (git-fixes)
- RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES (git-fixes)
- RDMA/srpt: Make slab cache names unique (git-fixes)
- SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes).
- SUNRPC: Fixup gss_status tracepoint error output (git-fixes).
- SUNRPC: Remove BUG_ON call sites (git-fixes).
- SUNRPC: clnt.c: Remove misleading comment (git-fixes).
- USB: appledisplay: close race between probe and completion handler (git-fixes).
- USB: chaoskey: Fix possible deadlock chaoskey_list_lock (git-fixes).
- USB: chaoskey: fail open after removal (git-fixes).
- USB: gadget: dummy-hcd: Fix "task hung" problem (git-fixes).
- USB: misc: cypress_cy7c63: check for short transfer (git-fixes).
- USB: misc: yurex: fix race between read and write (git-fixes).
- USB: serial: ftdi_sio: Fix atomicity violation in get_serial_info() (git-fixes).
- USB: serial: io_edgeport: fix use after free in debug printk (git-fixes).
- USB: serial: option: add Fibocom FG132 0x0112 composition (stable-fixes).
- USB: serial: option: add Quectel RG650V (stable-fixes).
- USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes).
- USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes).
- USB: serial: qcserial: add support for Sierra Wireless EM86xx (stable-fixes).
- Use pahole -j1 option for reproducible builds (bsc#1230414 bsc#1229450).
- accel/qaic: Fix the for loop used to walk SG table (git-fixes).
- accel: Use XArray instead of IDR for minors (jsc#PED-11580).
- acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block() (git-fixes).
- ad7780: fix division by zero in ad7780_write_raw() (git-fixes).
- aes-gcm-p10: Use the correct bit to test for P10 (bsc#1232704).
- amd-pstate: Set min_perf to nominal_perf for active mode performance gov (git-fixes).
- apparmor: fix 'Do simple duplicate message elimination' (git-fixes).
- apparmor: test: Fix memory leak for aa_unpack_strdup() (git-fixes).
- apparmor: use kvfree_sensitive to free data->data (git-fixes).
- arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 (git-fixes)
- arm64: cputype: Add Neoverse-N3 definitions (git-fixes)
- arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Fix SD regulator startup delay (git-fixes)
- arm64: dts: freescale: imx8mp-verdin: Fix SD regulator startup delay (git-fixes)
- arm64: dts: imx8-ss-vpu: Fix imx8qm VPU IRQs (git-fixes)
- arm64: dts: imx8qxp: Add VPU subsystem file (git-fixes)
- arm64: dts: imx93: add nvmem property for eqos (git-fixes)
- arm64: dts: imx93: add nvmem property for fec1 (git-fixes)
- arm64: dts: imx93: add ocotp node (git-fixes)
- arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus (git-fixes)
- arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes (git-fixes)
- arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes)
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes)
- arm64: dts: rockchip: Fix bluetooth properties on rk3566 box demo (git-fixes)
- arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes (git-fixes)
- arm64: dts: rockchip: Fix rt5651 compatible value on (git-fixes)
- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 (git-fixes)
- arm64: dts: rockchip: Fix wakeup prop names on PineNote BT node (git-fixes)
- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma (git-fixes)
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes)
- arm64: dts: rockchip: Remove undocumented supports-emmc property (git-fixes)
- arm64: dts: rockchip: fix i2c2 pinctrl-names property on (git-fixes)
- arm64: dts: rockchip: remove num-slots property from (git-fixes)
- arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone (git-fixes)
- arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a (git-fixes).
- arm64: errata: Expand speculative SSBS workaround once more (git-fixes)
- arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes)
- arm64: fix .data.rel.ro size assertion when CONFIG_LTO_CLANG (git-fixes)
- arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS (git-fixes).
- arm64: probes: Fix simulate_ldr*_literal() (git-fixes)
- arm64: probes: Fix uprobes for big-endian kernels (git-fixes)
- arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes)
- arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint (git-fixes)
- arm64: smccc: replace custom COUNT_ARGS() & CONCATENATE() (git-fixes)
- arm64: tegra: Move AGX Orin nodes to correct location (git-fixes)
- arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (git-fixes)
- ata: libata: Set DID_TIME_OUT for commands that actually timed out (git-fixes).
- ata: libata: avoid superfluous disk spin down + spin up during hibernation (git-fixes).
- audit: do not WARN_ON_ONCE(!current->mm) in audit_exe_compare() (git-fixes).
- audit: do not take task_lock() in audit_exe_compare() code path (git-fixes).
- block: print symbolic error name instead of error code (bsc#1231872).
- block: sed-opal: add ioctl IOC_OPAL_SET_SID_PW (bsc#1229677).
- bnxt_en: Cap the size of HWRM_PORT_PHY_QCFG forwarded response (git-fixes).
- bnxt_en: Fix error recovery for 5760X (P7) chips (git-fixes).
- bnxt_en: Fix the PCI-AER routines (git-fixes).
- bnxt_en: Restore PTP tx_avail count in case of skb_pad() error (git-fixes).
- bnxt_en: refactor reset close code (git-fixes).
- bpf, arm64: Fix address emission with tag-based KASAN enabled (git-fixes)
- bpf, arm64: Remove garbage frame for struct_ops trampoline (git-fixes)
- bpf, lsm: Add disabled BPF LSM hook list (git-fixes).
- bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes).
- bpf, sockmap: SK_DROP on attempted redirects of unsupported af_vsock (git-fixes).
- bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes).
- bpf, vsock: Drop static vsock_bpf_prot initialization (git-fixes).
- bpf, x64: Remove tail call detection (git-fixes).
- bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes).
- bpf: Fail verification for sign-extension of packet data/data_end/data_meta (git-fixes).
- bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes).
- bpf: Fix error message on kfunc arg type mismatch (git-fixes).
- bpf: Fix helper writes to read-only maps (git-fixes).
- bpf: Fix tailcall cases in test_bpf (git-fixes).
- bpf: Fix truncation bug in coerce_reg_to_size_sx() (git-fixes).
- bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes).
- bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git-fixes).
- bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes).
- bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes).
- btf, scripts: rust: drop is_rust_module.sh (bsc#1230414 bsc#1229450).
- btrfs: merge btrfs_orig_bbio_end_io() into btrfs_bio_end_io() (bsc#1233193)
- btrfs: send: fix invalid clone operation for file that got its size decreased (git-fixes).
- can: c_can: c_can_handle_bus_err(): update statistics if skb allocation fails (git-fixes).
- can: c_can: fix {rx,tx}_errors statistics (git-fixes).
- can: dev: can_set_termination(): allow sleeping GPIOs (git-fixes).
- can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: hi311x: hi3110_can_ist(): fix potential use-after-free (git-fixes).
- can: hi311x: hi3110_can_ist(): fix {rx,tx}_errors statistics (git-fixes).
- can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: j1939: j1939_session_new(): fix skb reference counting (git-fixes).
- can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation (git-fixes).
- can: mcp251xfd: mcp251xfd_get_tef_len(): work around erratum DS80000789E 6 (git-fixes).
- can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes (git-fixes).
- can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode (stable-fixes).
- can: sja1000: sja1000_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (git-fixes).
- can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (git-fixes).
- ceph: fix cap ref leak via netfs init_request (bsc#1231384).
- cgroup/bpf: only cgroup v2 can be attached by bpf programs (bsc#1234108).
- clk: bcm: bcm53573: fix OF node leak in init (stable-fixes).
- clk: clk-apple-nco: Add NULL check in applnco_probe (git-fixes).
- clk: clk-axi-clkgen: make sure to enable the AXI bus clock (git-fixes).
- clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (stable-fixes).
- clk: imx: clk-scu: fix clk enable state save and restore (git-fixes).
- clk: imx: fracn-gppll: correct PLL initialization flow (git-fixes).
- clk: imx: fracn-gppll: fix pll power up (git-fixes).
- clk: imx: lpcg-scu: SW workaround for errata (e10858) (git-fixes).
- clk: qcom: clk-alpha-pll: drop lucid-evo pll enabled warning (git-fixes).
- clk: qcom: clk-alpha-pll: fix lucid 5lpe pll enabled check (git-fixes).
- clk: qcom: gcc-qcs404: fix initial rate of GPLL3 (git-fixes).
- clk: renesas: rzg2l: Fix FOUTPOSTDIV clk (git-fixes).
- clk: sunxi-ng: d1: Fix PLL_AUDIO0 preset (git-fixes).
- comedi: Flush partial mappings in error case (git-fixes).
- comedi: ni_routing: tools: Check when the file could not be opened (stable-fixes).
- config s390x: build ultravisor userspace access into the kernel (bsc#1232090)
- config.sh: Remove Arm build project, we do not build armv7 configs
- config: Disable LAM on x86 (bsc#1217845)
- cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw() (git-fixes).
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_cost() (git-fixes).
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_power() (git-fixes).
- cpufreq: loongson2: Unregister platform_driver on failure (git-fixes).
- cpufreq: mediatek-hw: Fix wrong return value in mtk_cpufreq_get_cpu_power() (git-fixes).
- crypto: aes-gcm-p10 - Use the correct bit to test for P10 (bsc#1232704).
- crypto: api - Fix liveliness check in crypto_alg_tested (stable-fixes).
- crypto: bcm - add error check in the ahash_hmac_init function (git-fixes).
- crypto: caam - Fix the pointer passed to caam_qi_shutdown() (git-fixes).
- crypto: caam - add error check to caam_rsa_set_priv_key_form (git-fixes).
- crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() (git-fixes).
- crypto: cavium - Fix the if condition to exit loop after timeout (git-fixes).
- crypto: hisilicon/qm - flush all work before driver removed (bsc#1232075)
- crypto: inside-secure - Fix the return value of safexcel_xcbcmac_cra_init() (git-fixes).
- crypto: octeontx - Fix authenc setkey (stable-fixes).
- crypto: octeontx* - Select CRYPTO_AUTHENC (git-fixes).
- crypto: octeontx2 - Fix authenc setkey (stable-fixes).
- crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (git-fixes).
- crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMD and re-enable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched implementation (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Register modules as SIMD (bsc#1230501 ltc#208632).
- crypto: qat - remove check after debugfs_create_dir() (git-fixes).
- crypto: qat - remove faulty arbiter config reset (git-fixes).
- crypto: qat/qat_4xxx - fix off by one in uof_get_name() (git-fixes).
- crypto: x86/aegis128 - access 32-bit arguments as 32-bit (git-fixes).
- cxgb4: Properly lock TX queue for the selftest (git-fixes).
- cxgb4: add forgotten u64 ivlan cast before shift (git-fixes).
- cxgb4: unnecessary check for 0 in the free_sge_txq_uld() function (git-fixes).
- cxl: downgrade a warning message to debug level in cxl_probe_component_regs() (bsc#1229165).
- dcache: keep dentry_hashtable or d_hash_shift even when not used (git-fixes).
- debugfs: fix automount d_fsdata usage (git-fixes).
- devlink: Fix command annotation documentation (git-fixes).
- dma-fence: Fix reference leak on fence merge failure path (git-fixes).
- dma-fence: Use kernel's sort for merging fences (git-fixes).
- dmaengine: sh: rz-dmac: handle configs where one address is zero (git-fixes).
- dmaengine: ti: k3-udma: Set EOP for all TRs in cyclic BCDMA transfer (git-fixes).
- doc: rcu: update printed dynticks counter bits (git-fixes).
- driver core: bus: Fix double free in driver API bus_register() (stable-fixes).
- driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes).
- drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend() (git-fixes).
- drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes).
- drm/amd/display: Add HDMI DSC native YCbCr422 support (stable-fixes).
- drm/amd/display: Add disable timeout option (bsc#1231435)
- drm/amd/display: Adjust VSDB parser for replay feature (stable-fixes).
- drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944)
- drm/amd/display: Check null pointer before dereferencing se (stable-fixes).
- drm/amd/display: Clean up dsc blocks in accelerated mode (stable-fixes).
- drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (stable-fixes).
- drm/amd/display: Fix brightness level not retained over reboot (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp (git-fixes).
- drm/amd/display: Remove a redundant check in authenticated_dp (stable-fixes).
- drm/amd/display: Revert "Check HDCP returned status" (stable-fixes).
- drm/amd/display: Round calculated vtotal (stable-fixes).
- drm/amd/display: Skip to enable dsc if it has been off (stable-fixes).
- drm/amd/display: Validate backlight caps are sane (stable-fixes).
- drm/amd/pm: Vangogh: Fix kernel memory out of bounds write (git-fixes).
- drm/amd: Add some missing straps from NBIO 7.11.0 (git-fixes).
- drm/amd: Fix initialization mistake for NBIO 7.7.0 (stable-fixes).
- drm/amd: Guard against bad data for ATIF ACPI method (git-fixes).
- drm/amdgpu/swsmu: Only force workload setup on init (git-fixes).
- drm/amdgpu/vcn: enable AV1 on both instances (stable-fixes).
- drm/amdgpu: Adjust debugfs eviction and IB access permissions (stable-fixes).
- drm/amdgpu: Adjust debugfs register access permissions (stable-fixes).
- drm/amdgpu: Fix DPX valid mode check on GC 9.4.3 (git-fixes).
- drm/amdgpu: Fix JPEG v4.0.3 register write (git-fixes).
- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (stable-fixes).
- drm/amdgpu: fix check in gmc_v9_0_get_vm_pte() (git-fixes).
- drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (git-fixes).
- drm/amdkfd: Accounting pdd vram_usage for svm (stable-fixes).
- drm/amdkfd: Fix wrong usage of INIT_WORK() (git-fixes).
- drm/bridge: anx7625: Drop EDID cache on bridge power off (git-fixes).
- drm/bridge: it6505: Drop EDID cache on bridge power off (git-fixes).
- drm/bridge: tc358767: Fix link properties discovery (git-fixes).
- drm/bridge: tc358768: Fix DSI command tx (git-fixes).
- drm/etnaviv: Request pages from DMA32 zone on addressing_limited (git-fixes).
- drm/etnaviv: hold GPU lock across perfmon sampling (git-fixes).
- drm/i915/gem: fix bitwise and logical AND mixup (git-fixes).
- drm/i915/hdcp: fix connector refcounting (git-fixes).
- drm/imx/dcss: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/mediatek: Fix child node refcount handling in early exit (git-fixes).
- drm/mediatek: Fix get efuse issue for MT8188 DPTX (git-fixes).
- drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused (git-fixes).
- drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/msm/dpu: cast crtc_clk calculation to u64 in _dpu_core_perf_calc_clk() (git-fixes).
- drm/msm/dpu: check for overflow in _dpu_crtc_setup_lm_bounds() (git-fixes).
- drm/msm/dpu: do not always program merge_3d block (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on MSM8998 (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on SDM845 (git-fixes).
- drm/msm/dpu: make sure phys resources are properly initialized (git-fixes).
- drm/msm/dpu: move CRTC resource assignment to dpu_encoder_virt_atomic_check (git-fixes).
- drm/msm/dpu: on SDM845 move DSPP_3 to LM_5 block (git-fixes).
- drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes).
- drm/msm/dsi: improve/fix dsc pclk calculation (git-fixes).
- drm/msm/gpu: Check the status of registration to PM QoS (git-fixes).
- drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes).
- drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes).
- drm/msm: Fix some typos in comment (git-fixes).
- drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() (git-fixes).
- drm/omap: Fix locking in omap_gem_new_dmabuf() (git-fixes).
- drm/omap: Fix possible NULL dereference (git-fixes).
- drm/panfrost: Add missing OPP table refcnt decremental (git-fixes).
- drm/panfrost: Remove unused id_mask from struct panfrost_model (git-fixes).
- drm/radeon: Fix encoder->possible_clones (git-fixes).
- drm/rockchip: vop: Fix a dereferenced before check warning (git-fixes).
- drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes).
- drm/sched: Always wake up correct scheduler in drm_sched_entity_push_job (git-fixes).
- drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes).
- drm/sti: avoid potential dereference of error pointers (git-fixes).
- drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check (git-fixes).
- drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check (git-fixes).
- drm/v3d: Address race-condition in MMU flush (git-fixes).
- drm/v3d: Enable Performance Counters before clearing them (git-fixes).
- drm/v3d: Stop the active perfmon before being destroyed (git-fixes).
- drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA (stable-fixes).
- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_atomic_flush (git-fixes).
- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_lut_load (git-fixes).
- drm/vc4: Stop the active perfmon before being destroyed (git-fixes).
- drm/vc4: hdmi: Avoid hang with debug registers when suspended (git-fixes).
- drm/vc4: hvs: Correct logic on stopping an HVS channel (git-fixes).
- drm/vc4: hvs: Do not write gamma luts on 2711 (git-fixes).
- drm/vc4: hvs: Fix dlist debug not resetting the next entry pointer (git-fixes).
- drm/vc4: hvs: Remove incorrect limit from hvs_dlist debugfs function (git-fixes).
- drm/vkms: Drop unnecessary call to drm_crtc_cleanup() (git-fixes).
- drm/vmwgfx: Handle surface check failure correctly (git-fixes).
- drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS (stable-fixes).
- drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes).
- drm: Expand max DRM device number to full MINORBITS (jsc#PED-11580).
- drm: Use XArray instead of IDR for minors (jsc#PED-11580).
- drm: use ATOMIC64_INIT() for atomic64_t (git-fixes).
- drm: xlnx: zynqmp_dpsub: fix hotplug detection (git-fixes).
- drm: zynqmp_kms: Unplug DRM device before removal (git-fixes).
- e1000e: Fix S0ix residency on corporate systems (git-fixes).
- e1000e: Remove Meteor Lake SMBUS workarounds (git-fixes).
- e1000e: change I219 (19) devices to ADP (git-fixes).
- e1000e: fix force smbus during suspend flow (git-fixes).
- e1000e: move force SMBUS near the end of enable_ulp function (git-fixes).
- efi/libstub: Free correct pointer on failure (git-fixes).
- efi/libstub: fix efi_parse_options() ignoring the default command line (git-fixes).
- efi/libstub: zboot.lds: Discard .discard sections (stable-fixes).
- efi/memattr: Ignore table if the size is clearly bogus (bsc#1231465).
- efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes).
- eth: bnxt: fix counting packets discarded due to OOM and netpoll (git-fixes).
- ext4: do not track ranges in fast_commit if inode has inlined data (bsc#1231635).
- ext4: fix fast commit inode enqueueing during a full journal commit (bsc#1231636).
- ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible() (bsc#1231637).
- ext4: fix possible tid_t sequence overflows (bsc#1231634).
- ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201)
- ext4: fix unttached inode after power cut with orphan file feature enabled (bsc#1234009).
- ext4: mark fc as ineligible using an handle in ext4_xattr_set() (bsc#1231640).
- ext4: use handle to mark fc as ineligible in __track_dentry_update() (bsc#1231639).
- f2fs: get out of a repeat loop when getting a locked data page (bsc#1234011).
- fat: fix uninitialized variable (git-fixes).
- fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (stable-fixes).
- fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() (git-fixes).
- fbdev: sisfb: Fix strbuf array overflow (stable-fixes).
- fgraph: Change the name of cpuhp state to "fgraph:online" (git-fixes).
- fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes).
- fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git-fixes).
- filemap: remove use of wait bookmarks (bsc#1224088).
- firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (git-fixes).
- firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() (git-fixes).
- firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (git-fixes).
- firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() (git-fixes).
- firmware: google: Unregister driver_info on failure (git-fixes).
- firmware_loader: Fix possible resource leak in fw_log_firmware_info() (git-fixes).
- fs/9p: drop inodes immediately on non-.L too (git-fixes).
- fs/9p: fix the cache always being enabled on files with qid flags (git-fixes).
- fs/ntfs3: Add more attributes checks in mi_enum_attr() (bsc#1233207)
- fs/ntfs3: Fixed overflow check in mi_enum_attr() (bsc#1233207)
- fs/ntfs3: Sequential field availability check in mi_enum_attr() (bsc#1233207)
- fs: Fix uninitialized value issue in from_kuid and from_kgid (git-fixes).
- genirq/msi: Fix off-by-one error in msi_domain_alloc() (git-fixes).
- goldfish: Fix unused const variable 'goldfish_pipe_acpi_match' (git-fixes).
- gpio: aspeed: Add the flush write to ensure the write complete (git-fixes).
- gpio: aspeed: Use devm_clk api to manage clock source (git-fixes).
- gpio: davinci: fix lazy disable (git-fixes).
- gpio: exar: set value when external pull-up or pull-down is present (git-fixes).
- gpio: zevio: Add missed label initialisation (git-fixes).
- gve: Fix XDP TX completion handling when counters overflow (git-fixes).
- gve: Fix an edge case for TSO skb validity check (git-fixes).
- gve: ignore nonrelevant GSO type bits when processing TSO headers (git-fixes).
- hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes).
- hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes).
- hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (git-fixes).
- hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (adt7470) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (max16065) Fix alarm attributes (git-fixes).
- hwmon: (max16065) Remove use of i2c_match_id() (stable-fixes).
- hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (nct6775) add G15CF to ASUS WMI monitoring list (stable-fixes).
- hwmon: (nct6775-core) Fix overflows seen when writing limit attributes (git-fixes).
- hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (tps23861) Fix reporting of negative temperatures (git-fixes).
- hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die Temperature (git-fixes).
- i2c: core: Setup i2c_adapter runtime-pm before calling device_add() (git-fixes).
- i2c: core: fix lockdep warning for sparsely nested adapter chain (git-fixes).
- i2c: cpm: Remove linux,i2c-index conversion from be32 (git-fixes).
- i2c: designware: do not hold SCL low when I2C_DYNAMIC_TAR_UPDATE is not set (git-fixes).
- i2c: exynos5: Calculate t_scl_l, t_scl_h according to i2c spec (git-fixes).
- i2c: i801: Add lis3lv02d for Dell Precision 3540 (git-fixes).
- i2c: i801: Add lis3lv02d for Dell XPS 15 7590 (git-fixes).
- i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes).
- i2c: i801: add helper i801_restore_regs (git-fixes).
- i2c: ismt: kill transaction in hardware on timeout (git-fixes).
- i2c: ocores: Move system PM hooks to the NOIRQ phase (git-fixes).
- i2c: ocores: Remove #ifdef guards for PM related functions (git-fixes).
- i2c: omap: switch to NOIRQ_SYSTEM_SLEEP_PM_OPS() and RUNTIME_PM_OPS() (git-fixes).
- i2c: omap: wakeup the controller during suspend() callback (git-fixes).
- i2c: rcar: properly format a debug output (git-fixes).
- i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes).
- i2c: stm32f7: perform most of irq job in threaded handler (git-fixes).
- i2c: synquacer: Deal with optional PCLK correctly (git-fixes).
- i2c: synquacer: Remove a clk reference from struct synquacer_i2c (stable-fixes).
- i2c: xiic: Try re-initialization on bus busy timeout (git-fixes).
- i2c: xiic: improve error message when transfer fails to start (stable-fixes).
- i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() (git-fixes).
- i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (stable-fixes).
- i3c: master: svc: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- i40e: Fix XDP program unloading while removing the driver (git-fixes).
- i40e: Report MFS in decimal base instead of hex (git-fixes).
- i40e: fix race condition by adding filter's intermediate sync state (git-fixes).
- iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (git-fixes).
- iavf: Fix TC config comparison with existing adapter TC config (git-fixes).
- ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes).
- ice: Fix checking for unsupported keys on non-tunnel device (git-fixes).
- ice: Fix lldp packets dropping after changing the number of channels (git-fixes).
- ice: Fix netif_is_ice() in Safe Mode (git-fixes).
- ice: Fix package download algorithm (git-fixes).
- ice: Fix recipe read procedure (git-fixes).
- ice: Fix reset handler (git-fixes).
- ice: Flush FDB entries before reset (git-fixes).
- ice: Interpret .set_channels() input differently (git-fixes).
- ice: Rebuild TC queues on VSI queue reconfiguration (git-fixes).
- ice: Reject pin requests with unsupported flags (git-fixes).
- ice: add flag to distinguish reset from .ndo_bpf in XDP rings config (git-fixes).
- ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (git-fixes).
- ice: avoid IRQ collision to fix init failure on ACPI S3 resume (git-fixes).
- ice: clear port vlan config during reset (git-fixes).
- ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins (git-fixes).
- ice: do not bring the VSI up, if it was down before the XDP setup (git-fixes).
- ice: do not busy wait for Rx queue disable in ice_qp_dis() (git-fixes).
- ice: fix 200G PHY types to link speed mapping (git-fixes).
- ice: fix 200G link speed message log (git-fixes).
- ice: fix ICE_LAST_OFFSET formula (git-fixes).
- ice: fix VLAN replay after reset (git-fixes).
- ice: fix VSI lists confusion when adding VLANs (git-fixes).
- ice: fix accounting for filters shared by multiple VSIs (git-fixes).
- ice: fix accounting if a VLAN already exists (git-fixes).
- ice: fix iteration of TLVs in Preserved Fields Area (git-fixes).
- ice: fix page reuse when PAGE_SIZE is over 8k (git-fixes).
- ice: fix reads from NVM Shadow RAM on E830 and E825-C devices (git-fixes).
- ice: fix truesize operations for PAGE_SIZE >= 8192 (git-fixes).
- ice: implement AQ download pkg retry (git-fixes).
- ice: map XDP queues to vectors in ice_vsi_map_rings_to_vectors() (git-fixes).
- ice: remove af_xdp_zc_qps bitmap (git-fixes).
- ice: replace synchronize_rcu with synchronize_net (git-fixes).
- ice: respect netif readiness in AF_XDP ZC related ndo's (git-fixes).
- ice: set correct dst VSI in only LAN filters (git-fixes).
- ice: tc: allow zero flags in parsing tc flower (git-fixes).
- ice: tc: check src_vsi in case of traffic from VF (git-fixes).
- ice: use proper macro for testing bit (git-fixes).
- idpf: Interpret .set_channels() input differently (git-fixes).
- idpf: avoid bloating &idpf_q_vector with big %NR_CPUS (git-fixes).
- idpf: do not enable NAPI and interrupts prior to allocating Rx buffers (git-fixes).
- idpf: do not skip over ethtool tcp-data-split setting (git-fixes).
- idpf: fix UAFs when destroying the queues (git-fixes).
- idpf: fix memleak in vport interrupt configuration (git-fixes).
- idpf: fix memory leaks and crashes while performing a soft reset (git-fixes).
- ieee802154: Fix build error (git-fixes).
- igb: Always call igb_xdp_ring_update_tail() under Tx lock (git-fixes).
- igb: Disable threaded IRQ for igb_msix_other (git-fixes).
- igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes).
- igc: Fix double reset adapter triggered from a single taprio cmd (git-fixes).
- igc: Fix packet still tx after gate close by reducing i226 MAC retry buffer (git-fixes).
- igc: Fix qbv tx latency by setting gtxoffset (git-fixes).
- igc: Fix qbv_config_change_errors logics (git-fixes).
- igc: Fix reset adapter logics when tx mode change (git-fixes).
- igc: Unlock on error in igc_io_resume() (git-fixes).
- iio: Fix fwnode_handle in __fwnode_iio_channel_get_by_name() (git-fixes).
- iio: accel: bma400: Fix uninitialized variable field_value in tap event handling (git-fixes).
- iio: accel: kx022a: Fix raw read format (git-fixes).
- iio: accel: kx022a: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (git-fixes).
- iio: adc: ad7606: Fix typo in the driver name (git-fixes).
- iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer (git-fixes).
- iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ti-lmp92064: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git-fixes).
- iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig (git-fixes).
- iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig (git-fixes).
- iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() (git-fixes).
- iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() (git-fixes).
- iio: gts: Fix uninitialized symbol 'ret' (git-fixes).
- iio: gts: fix infinite loop for gain_to_scaletables() (git-fixes).
- iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes).
- iio: light: al3010: Fix an error handling path in al3010_probe() (git-fixes).
- iio: light: opt3001: add missing full-scale range value (git-fixes).
- iio: light: veml6030: fix ALS sensor resolution (git-fixes).
- iio: light: veml6030: fix IIO device retrieval from embedded device (git-fixes).
- iio: light: veml6030: fix microlux value calculation (git-fixes).
- iio: magnetometer: ak8975: Convert enum->pointer for data in the match tables (stable-fixes).
- iio: magnetometer: ak8975: Fix 'Unexpected device' error (git-fixes).
- iio: magnetometer: ak8975: drop incorrect AK09116 compatible (git-fixes).
- iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- ima: fix buffer overrun in ima_eventdigest_init_common (git-fixes).
- initramfs: avoid filename buffer overrun (bsc#1232436).
- intel_idle: add Granite Rapids Xeon support (bsc#1231630).
- intel_idle: fix ACPI _CST matching for newer Xeon platforms (bsc#1231630).
- io_uring/eventfd: move to more idiomatic RCU free usage (git-fixes).
- io_uring/io-wq: do not allow pinning outside of cpuset (git-fixes).
- io_uring/io-wq: inherit cpuset of cgroup in io worker (git-fixes).
- io_uring/net: harden multishot termination case for recv (git-fixes).
- io_uring/rw: fix cflags posting for single issue multishot read (git-fixes).
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (git-fixes).
- io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN (git-fixes).
- io_uring/sqpoll: close race on waiting for sqring entries (git-fixes).
- io_uring/sqpoll: do not allow pinning outside of cpuset (git-fixes).
- io_uring/sqpoll: do not put cpumask on stack (git-fixes).
- io_uring/sqpoll: retain test for whether the CPU is valid (git-fixes).
- io_uring: check for presence of task_work rather than TIF_NOTIFY_SIGNAL (git-fixes).
- iommu/amd: Allocate the page table root using GFP_KERNEL (git-fixes).
- iommu/amd: Do not set the D bit on AMD v2 table entries (git-fixes).
- iommu/amd: Fix typo of , instead of ; (git-fixes).
- iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes).
- iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices (git-fixes).
- iommufd: Check the domain owner of the parent before creating a nesting domain (git-fixes).
- iommufd: Protect against overflow of ALIGN() during iova allocation (git-fixes).
- irqchip/gic-v3-its: Avoid explicit cpumask allocation on stack (git-fixes).
- jbd2: Move j_transaction_overhead_buffers into a hole (bsc#1234042).
- jbd2: avoid infinite transaction commit loop (bsc#1234039).
- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (bsc#1234043).
- jbd2: avoid mount failed when commit block is partial submitted (bsc#1234040).
- jbd2: correct the printing of write_flags in jbd2_write_superblock() (bsc#1234045).
- jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit (bsc#1231638).
- jbd2: fix kernel-doc for j_transaction_overhead_buffers (bsc#1234042).
- jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev (bsc#1234044).
- jbd2: fix soft lockup in journal_finish_inode_data_buffers() (bsc#1234046).
- jbd2: make jbd2_journal_get_max_txn_bufs() internal (bsc#1234041).
- jbd2: precompute number of transaction descriptor blocks (bsc#1234042).
- jfs: Fix sanity check in dbMount (git-fixes).
- jfs: Fix uaf in dbFreeBits (git-fixes).
- jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes).
- jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes).
- jfs: check if leafidx greater than num leaves per dmap tree (git-fixes).
- jump_label: Fix static_key_slow_dec() yet again (git-fixes).
- kABI fix of VM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).
- kABI workaround for ASoC SOF (bsc#1233305).
- kABI: Restore exported __arm_smccc_sve_check (git-fixes)
- kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes).
- kABI: bpf: struct bpf_insn_acces_aux kABI workaround (git-fixes).
- kabi, mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes kabi).
- kasan: Fix Software Tag-Based KASAN with GCC (git-fixes).
- kasan: move checks to do_strncpy_from_user (git-fixes).
- kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450).
- kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450).
- kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450).
- kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450).
- kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450).
- kconfig: qconf: fix buffer overflow in debug links (git-fixes).
- kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644).
- kexec_file: fix elfcorehdr digest exclusion when CONFIG_CRASH_HOTPLUG=y (git-fixes).
- keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry (git-fixes).
- keys: Fix overwrite of key expiration on instantiation (git-fixes).
- kthread: unpark only parked kthread (git-fixes).
- leds: lp55xx: Remove redundant test for invalid channel number (git-fixes).
- lib/xarray: introduce a new helper xas_get_order (bsc#1231617).
- lib: string_helpers: silence snprintf() output truncation warning (git-fixes).
- mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING (git-fixes).
- macsec: do not increment counters for an unrelated SA (git-fixes).
- mailbox: arm_mhuv2: clean up loop in get_irq_chan_comb() (git-fixes).
- maple_tree: correct tree corruption on spanning store (git-fixes).
- maple_tree: fix alloc node fail issue (git-fixes).
- maple_tree: refine mas_store_root() on storing NULL (git-fixes).
- media: adv7604: prevent underflow condition when reporting colorspace (git-fixes).
- media: amphion: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: amphion: Set video drvdata before register video device (git-fixes).
- media: ar0521: do not overflow when checking PLL values (git-fixes).
- media: atomisp: Add check for rgby_data memory allocation failure (git-fixes).
- media: bttv: use audio defaults for winfast2000 (git-fixes).
- media: core: v4l2-ioctl: check if ioctl is known to avoid NULL name (git-fixes).
- media: cx24116: prevent overflows on SNR calculus (git-fixes).
- media: dvb_frontend: do not play tricks with underflow values (git-fixes).
- media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set (stable-fixes).
- media: dvbdev: prevent the risk of out of memory access (git-fixes).
- media: gspca: ov534-ov772x: Fix off-by-one error in set_frame_rate() (git-fixes).
- media: i2c: dw9768: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: i2c: imx335: Enable regulator supplies (stable-fixes).
- media: i2c: tc358743: Fix crash in the probe error path when using polling (git-fixes).
- media: imx-jpeg: Ensure power suppliers be suspended before detach them (git-fixes).
- media: imx-jpeg: Set video drvdata before register video device (git-fixes).
- media: imx335: Fix reset-gpio handling (git-fixes).
- media: mantis: remove orphan mantis_core.h (git-fixes).
- media: mtk-jpeg: Fix null-ptr-deref during unload module (git-fixes).
- media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning (git-fixes).
- media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() (git-fixes).
- media: platform: exynos4-is: Fix an OF node reference leak in fimc_md_is_isp_available (git-fixes).
- media: pulse8-cec: fix data timestamp at pulse8_setup() (git-fixes).
- media: s5p-jpeg: prevent buffer overflows (git-fixes).
- media: stb0899_algo: initialize cfr before using it (git-fixes).
- media: ts2020: fix null-ptr-deref in ts2020_probe() (git-fixes).
- media: uvcvideo: Require entities to have a non-zero unique ID (git-fixes).
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (git-fixes).
- media: uvcvideo: Stop stream during unregister (git-fixes).
- media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() (git-fixes).
- media: v4l2-tpg: prevent the risk of a division by zero (git-fixes).
- media: vb2: Fix comment (git-fixes).
- media: venus: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes).
- media: videobuf2: fix typo: vb2_dbuf -> vb2_qbuf (git-fixes).
- media: wl128x: Fix atomicity violation in fmc_send_cmd() (git-fixes).
- mei: use kvmalloc for read buffer (git-fixes).
- mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- mfd: rt5033: Fix missing regmap_del_irq_chip() (git-fixes).
- mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to fix race (git-fixes).
- minmax: avoid overly complex min()/max() macro arguments in xen (git-fixes).
- minmax: scsi: fix mis-use of 'clamp()' in sr.c (git-fixes).
- misc: apds990x: Fix missing pm_runtime_disable() (git-fixes).
- mlx5: avoid truncating error message (git-fixes).
- mlx5: stop warning for 64KB pages (git-fixes).
- mlxbf_gige: disable RX filters until RX path initialized (git-fixes).
- mm/filemap: optimize filemap folio adding (bsc#1231617).
- mm/filemap: return early if failed to allocate memory for split (bsc#1231617).
- mm/hugetlb: fix nodes huge page allocation when there are surplus pages (bsc#1234012).
- mm: avoid unsafe VMA hook invocation when error arises on mmap hook (git-fixes).
- mm: khugepaged: fix the arguments order in khugepaged_collapse_file trace point (git-fixes).
- mm: mmap: no need to call khugepaged_enter_vma() for stack (jsc#PED-10978).
- mm: move dummy_vm_ops out of a header (git-fixes prerequisity).
- mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes).
- mm: refactor map_deny_write_exec() (git-fixes).
- mm: resolve faulty mmap_region() error path behaviour (git-fixes).
- mm: unconditionally close VMAs on error (git-fixes).
- mmc: core: Further prevent card detect during shutdown (git-fixes).
- mmc: mmc_spi: drop buggy snprintf() (git-fixes).
- mmc: sunxi-mmc: Fix A100 compatible description (git-fixes).
- modpost: fix acpi MODULE_DEVICE_TABLE built with mismatched endianness (git-fixes).
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (git-fixes).
- modpost: remove incorrect code in do_eisa_entry() (git-fixes).
- module: abort module loading when sysfs setup suffer errors (git-fixes).
- mtd: rawnand: atmel: Fix possible memory leak (git-fixes).
- mtd: spi-nor: core: replace dummy buswidth from addr to data (git-fixes).
- nbd: fix race between timeout and normal completion (bsc#1230918).
- net/mlx5: Add missing masks and QoS bit masks for scheduling elements (git-fixes).
- net/mlx5: Added cond_resched() to crdump collection (git-fixes).
- net/mlx5: Check capability for fw_reset (git-fixes).
- net/mlx5: Check for invalid vector index on EQ creation (git-fixes).
- net/mlx5: Explicitly set scheduling element and TSAR type (git-fixes).
- net/mlx5: Fix command bitmask initialization (git-fixes).
- net/mlx5: Fix error handling in irq_pool_request_irq (git-fixes).
- net/mlx5: Lag, do bond only if slaves agree on roce state (git-fixes).
- net/mlx5: Lag, do not use the hardcoded value of the first port (git-fixes).
- net/mlx5: Stop waiting for PCI if pci channel is offline (git-fixes).
- net/mlx5: Unregister notifier on eswitch init failure (git-fixes).
- net/mlx5: Update the list of the PCI supported devices (git-fixes).
- net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (git-fixes).
- net/mlx5e: Add missing link mode to ptys2ext_ethtool_map (git-fixes).
- net/mlx5e: Add missing link modes to ptys2ethtool_map (git-fixes).
- net/mlx5e: Add mqprio_rl cleanup and free in mlx5e_priv_cleanup() (git-fixes).
- net/mlx5e: Correctly report errors for ethtool rx flows (git-fixes).
- net/mlx5e: Do not call cleanup on profile rollback failure (git-fixes).
- net/mlx5e: Fix IPsec tunnel mode offload feature check (git-fixes).
- net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes).
- net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets (git-fixes).
- net/mlx5e: Require mlx5 tc classifier action support for IPsec prio capability (git-fixes).
- net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (git-fixes).
- net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891).
- net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289).
- net: mdio-ipq4019: add missing error check (git-fixes).
- net: phy: Remove LED entry from LEDs list on unregister (git-fixes).
- net: phy: bcm84881: Fix some error handling paths (git-fixes).
- net: phy: dp83822: Fix reset pin definitions (git-fixes).
- net: phy: dp83869: fix memory corruption when enabling fiber (git-fixes).
- net: phy: ti: add PHY_RST_AFTER_CLK_EN flag (git-fixes).
- net: qede: sanitize 'rc' in qede_add_tc_flower_fltr() (git-fixes).
- net: qede: use return from qede_parse_actions() (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flow_spec (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flower (git-fixes).
- net: relax socket state check at accept time (git-fixes).
- net: stmmac: dwmac-tegra: Fix link bring-up sequence (git-fixes)
- net: sysfs: Fix /sys/class/net/<iface> path for statistics (git-fixes).
- net: test for not too small csum_start in virtio_net_hdr_to_skb() (git-fixes).
- net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (git-fixes).
- net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device (git-fixes).
- net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration (git-fixes).
- net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition (stable-fixes).
- net: usb: usbnet: fix name regression (get-fixes).
- net: usb: usbnet: fix race in probe failure (git-fixes).
- net: wwan: fix global oob in wwan_rtnl_policy (git-fixes).
- net: wwan: t7xx: Fix off-by-one error in t7xx_dpmaif_rx_buf_alloc() (git-fixes).
- net: xfrm: preserve kabi for xfrm_state (bsc#1233754).
- netdevsim: copy addresses for both in and out paths (git-fixes).
- netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes).
- netfilter: nf_tables: missing iterator type in lookup walk (git-fixes).
- nfs: Fix KMSAN warning in decode_getfattr_attrs() (git-fixes).
- nfs: avoid i_lock contention in nfs_clear_invalid_mapping (git-fixes).
- nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes).
- nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes).
- nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net (git-fixes).
- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes).
- nfsd: fix refcount leak when file is unhashed after being found (git-fixes).
- nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes).
- nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git-fixes).
- nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234121).
- nfsd: return -EINVAL when namelen is 0 (git-fixes).
- nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git-fixes).
- nilfs2: fix potential deadlock with newly created symlinks (git-fixes).
- nouveau/dmem: Fix privileged error in copy engine channel (git-fixes).
- nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git-fixes).
- nouveau/dp: handle retries for AUX CH transfers with GSP (git-fixes).
- nouveau/gsp: Avoid addressing beyond end of rpc->entries (stable-fixes).
- nouveau: fw: sync dma after setup is called (git-fixes).
- nouveau: handle EBUSY and EAGAIN for GSP aux errors (git-fixes).
- ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes).
- ntfs3: Add bounds checking to mi_enum_attr() (bsc#1233207)
- nvme-fabrics: fix kernel crash while shutting down controller (git-fixes).
- nvme-loop: flush off pending I/O while shutting down loop controller (git-fixes).
- nvme-multipath: suppress partition scan until the disk is ready (bsc#1228244).
- nvme-pci: fix freeing of the HMB descriptor table (git-fixes).
- nvme-pci: fix race condition between reset and nvme_dev_disable() (git-fixes).
- nvme-pci: qdepth 1 quirk (git-fixes).
- nvme-pci: reverse request order in nvme_queue_rqs (git-fixes).
- nvme-pci: set doorbell config before unquiescing (git-fixes).
- nvme/host: Fix RCU list traversal to use SRCU primitive (git-fixes).
- nvme: disable CC.CRIME (NVME_CC_CRIME) (jsc#PED-9901).
- nvme: null terminate nvme_tls_attrs (git-fixes).
- nvme: re-fix error-handling for io_uring nvme-passthrough (git-fixes).
- nvme: tcp: avoid race between queue_lock lock and destroy (git-fixes).
- nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes).
- ocfs2: fix UBSAN warning in ocfs2_verify_volume() (git-fixes).
- ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes).
- ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes).
- ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes).
- ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (git-fixes).
- ocfs2: uncache inode which has failed entering the group (git-fixes).
- of: Add cleanup.h based auto release via __free(device_node) markings (bsc#1232386)
- parport: Proper fix for array out-of-bounds access (git-fixes).
- phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check (git-fixes).
- phy: qcom: qmp-combo: move driver data initialisation earlier (git-fixes).
- phy: qcom: qmp-usb: fix NULL-deref on runtime suspend (git-fixes).
- phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes).
- phy: ti: phy-j721e-wiz: fix usxgmii configuration (git-fixes).
- pinctrl: apple: check devm_kasprintf() returned value (git-fixes).
- pinctrl: k210: Undef K210_PC_DEFAULT (git-fixes).
- pinctrl: ocelot: fix system hang on level based interrupts (stable-fixes).
- pinctrl: qcom: spmi: fix debugfs drive strength (git-fixes).
- pinctrl: zynqmp: drop excess struct member description (git-fixes).
- platform/chrome: cros_ec_typec: fix missing fwnode reference decrement (git-fixes).
- platform/x86/amd/pmc: Detect when STB is not available (git-fixes).
- platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (git-fixes).
- platform/x86: dell-sysman: add support for alienware products (stable-fixes).
- platform/x86: dell-wmi: Ignore suspend notifications (stable-fixes).
- platform/x86: lenovo-ymc: Ignore the 0x0 state (stable-fixes).
- platform/x86: panasonic-laptop: Return errno correctly in show callback (git-fixes).
- platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes).
- posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone (bsc#1234098).
- power: reset: brcmstb: Do not go into infinite loop if reset fails (stable-fixes).
- power: supply: bq27xxx: Fix registers of bq27426 (git-fixes).
- power: supply: core: Remove might_sleep() from power_supply_put() (git-fixes).
- power: supply: rt9471: Fix wrong WDT function regfield declaration (git-fixes).
- power: supply: rt9471: Use IC status regfield to report real charger status (git-fixes).
- powercap: intel_rapl: Fix off by one in get_rpi() (git-fixes).
- powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869).
- powerpc/64s: Fix unnecessary copy to 0 when kernel is booted at address 0 (bsc#1215199).
- powerpc/atomic: Use YZ constraints for DS-form instructions (bsc#1194869).
- powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869).
- powerpc/boot: Only free if realloc() succeeds (bsc#1194869).
- powerpc/code-patching: Add generic memory patching (bsc#1194869).
- powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869).
- powerpc/crypto: do not build aes-gcm-p10 by default (bsc#1230501 ltc#208632).
- powerpc/crypto: fix missing skcipher dependency for aes-gcm-p10 (bsc#1230501 ltc#208632).
- powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() (bsc#1215199).
- powerpc/fadump: Refactor and prepare fadump_cma_init for late init (bsc#1215199).
- powerpc/kexec: Fix return of uninitialized variable (bsc#1194869).
- powerpc/mm/fault: Fix kfence page fault reporting (bsc#1194869).
- powerpc/mm: Fix boot crash with FLATMEM (bsc#1194869).
- powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL (bsc#1194869).
- powerpc/powernv: Free name on error in opal_event_init() (bsc#1194869).
- powerpc/pseries: Fix KVM guest detection for disabling hardlockup detector (bsc#1194869).
- powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore (bsc#1194869).
- powerpc/pseries: Use correct data types from pseries_hp_errorlog struct (bsc#1215199).
- powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869).
- powerpc/vdso: Inconditionally use CFUNC macro (bsc#1215199).
- powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869).
- powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729).
- printk: Add notation to console_srcu locking (bsc#1232183).
- pwm: imx-tpm: Use correct MODULO value for EPWM mode (git-fixes).
- qed: avoid truncating work queue length (git-fixes).
- rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631).
- rcu: Fix buffer overflow in print_cpu_stall_info() (bsc#1226623).
- regmap: detach regmap from dev on regmap_exit (git-fixes).
- regmap: irq: Set lockdep class for hierarchical IRQ domains (git-fixes).
- rpm/check-for-config-changes: add HAVE_RUST and RUSTC_SUPPORTS_ to IGNORED_CONFIGS_RE They depend on SHADOW_CALL_STACK.
- rpm/release-projects: Add SLFO projects (bsc#1231293).
- rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644)
- rpmsg: glink: Handle rejected intent request better (git-fixes).
- rtc: ab-eoz9: do not fail temperature reads on undervoltage notification (git-fixes).
- rtc: abx80x: Fix WDT bit position of the status register (git-fixes).
- rtc: bbnsm: add remove hook (git-fixes).
- rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (git-fixes).
- rtc: rzn1: fix BCD to rtc_time conversion errors (git-fixes).
- rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- runtime constants: add default dummy infrastructure (git-fixes).
- runtime constants: add x86 architecture support (git-fixes).
- s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747).
- s390/pci: Handle PCI error codes other than 0x3a (git-fixes bsc#1232629).
- s390/sclp: Deactivate sclp after all its users (git-fixes bsc#1232628).
- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232627).
- scsi: NCR5380: Check for phase match during PDMA fixup (git-fixes).
- scsi: NCR5380: Initialize buffer for MSG IN and STATUS transfers (git-fixes).
- scsi: Remove scsi device no_start_on_resume flag (git-fixes).
- scsi: aacraid: Rearrange order of struct aac_srb_unit (git-fixes).
- scsi: cdrom: kABI: fix cdrom_dev_ops change (git-fixes).
- scsi: core: Disable CDL by default (git-fixes).
- scsi: core: Fix handling of SCMD_FAIL_IF_RECOVERING (git-fixes).
- scsi: core: Fix the return value of scsi_logical_block_count() (git-fixes).
- scsi: core: Handle devices which return an unusually large VPD page count (git-fixes).
- scsi: core: alua: I/O errors for ALUA state transitions (git-fixes).
- scsi: fnic: Move flush_work initialization out of if block (bsc#1230055).
- scsi: hisi_sas: Handle the NCQ error returned by D2H frame (git-fixes).
- scsi: hpsa: Fix allocation size for Scsi_Host private data (git-fixes).
- scsi: kABI: restore no_start_on_resume to scsi_device (git-fixes).
- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (git-fixes).
- scsi: libsas: Fix the failure of adding phy with zero-address to port (git-fixes).
- scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757).
- scsi: lpfc: Add cleanup of nvmels_wq after HBA reset (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Call lpfc_sli4_queue_unset() in restart and rmmod paths (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check SLI_ACTIVE flag in FDMI cmpl before submitting follow up FDMI (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check devloss callbk done flag for potential stale NDLP ptrs (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Copyright updates for 14.4.0.6 patches (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757).
- scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757).
- scsi: lpfc: Modify CGN warning signal calculation based on EDC response (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Prevent NDLP reference count underflow in dev_loss_tmo callback (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Remove trailing space after \n newline (bsc#1232757).
- scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (bsc#1232757 bsc#1228119).
- scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757).
- scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757).
- scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757).
- scsi: lpfc: Update lpfc version to 14.4.0.6 (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Update lpfc_els_flush_cmd() to check for SLI_ACTIVE before BSG flag (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757).
- scsi: mac_scsi: Disallow bus errors during PDMA send (git-fixes).
- scsi: mac_scsi: Refactor polling loop (git-fixes).
- scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages (git-fixes).
- scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: mpi3mr: Avoid memcpy field-spanning write WARNING (git-fixes).
- scsi: mpi3mr: Avoid possible run-time warning with long manufacturer strings (git-fixes).
- scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes).
- scsi: mpi3mr: Validate SAS port assignments (git-fixes).
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: pm8001: Do not overwrite PCI queue mapping (git-fixes).
- scsi: pm80xx: Set phy->enable_completion only when we wait for it (git-fixes).
- scsi: qedf: Set qed_slowpath_params to zero before use (git-fixes).
- scsi: scsi_transport_fc: Allow setting rport state to current state (git-fixes).
- scsi: sd: Ignore command SYNCHRONIZE CACHE error if format in progress (git-fixes).
- scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer (git-fixes).
- scsi: smartpqi: correct stream detection (git-fixes).
- scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly (git-fixes).
- scsi: spi: Fix sshdr use (git-fixes).
- scsi: sr: Fix unintentional arithmetic wraparound (git-fixes).
- scsi: wd33c93: Do not use stale scsi_pointer value (git-fixes).
- security/keys: fix slab-out-of-bounds in key_task_permission (git-fixes).
- selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes).
- selftests/bpf: Add a test case to write strtol result into .rodata (git-fixes).
- selftests/bpf: Add test for sign extension in coerce_subreg_to_size_sx() (git-fixes).
- selftests/bpf: Add test for truncation after sign extension in coerce_reg_to_size_sx() (git-fixes).
- selftests/bpf: Add tests for ldsx of pkt data/data_end/data_meta accesses (git-fixes).
- selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes).
- selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes).
- selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git-fixes).
- serial: 8250: omap: Move pm_runtime_get_sync (git-fixes).
- serial: imx: Update mctrl old_status on RTSD interrupt (git-fixes).
- serial: protect uart_port_dtr_rts() in uart_shutdown() too (stable-fixes).
- signal: Replace BUG_ON()s (bsc#1234093).
- soc: fsl: rcpm: fix missing of_node_put() in copy_ippdexpcr1_setting() (git-fixes).
- soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (git-fixes).
- soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- soundwire: intel_bus_common: enable interrupts before exiting reset (stable-fixes).
- spi: Fix acpi deferred irq probe (git-fixes).
- spi: atmel-quadspi: Fix register name in verbose logging function (git-fixes).
- spi: atmel-quadspi: Fix wrong register value written to MR (git-fixes).
- spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes).
- spi: mtk-snfi: fix kerneldoc for mtk_snand_is_page_ops() (git-fixes).
- spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes).
- spi: spi-fsl-dspi: Fix crash when not using GPIO chip select (git-fixes).
- spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- spi: tegra210-quad: Avoid shift-out-of-bounds (git-fixes).
- splice: always fsnotify_access(in), fsnotify_modify(out) on success (git-fixes).
- splice: fsnotify_access(fd)/fsnotify_modify(fd) in vmsplice (git-fixes).
- splice: fsnotify_access(in), fsnotify_modify(out) on success in tee (git-fixes).
- srcu: Fix callbacks acceleration mishandling (git-fixes).
- staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() (git-fixes).
- sumversion: Fix a memory leak in get_src_version() (git-fixes).
- supported.conf: mark nhpoly1305 module as supported (bsc#1231035)
- supported.conf: mark ultravisor userspace access as supported (bsc#1232090)
- task_work: add kerneldoc annotation for 'data' argument (git-fixes).
- tcp: Fix refcnt handling in __inet_hash_connect() (git-fixes).
- thermal: core: Initialize thermal zones before registering them (git-fixes).
- thermal: int3400: Fix reading of current_uuid for active policy (git-fixes).
- thermal: intel: int340x: processor: Fix warning during module unload (git-fixes).
- thunderbolt: Honor TMU requirements in the domain when setting TMU mode (stable-fixes).
- thunderbolt: Improve DisplayPort tunnel setup process to be more robust (stable-fixes).
- tools/lib/thermal: Fix sampling handler context ptr (git-fixes).
- tools/power turbostat: Fix trailing '\n' parsing (git-fixes).
- tools/power turbostat: Increase the limit for fd opened (bsc#1233119).
- tools: hv: rm .*.cmd when make clean (git-fixes).
- tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 git-fixes).
- tpm: fix signed/unsigned bug when checking event logs (git-fixes).
- tracing/hwlat: Fix a race during cpuhp processing (git-fixes).
- tracing/osnoise: Fix build when timerlat is not enabled (git-fixes).
- tracing/osnoise: Skip running osnoise if all instances are off (git-fixes).
- tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (git-fixes).
- tracing/osnoise: Use a cpumask to know what threads are kthreads (git-fixes).
- tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread() (git-fixes).
- tracing/timerlat: Add user-space interface (git-fixes).
- tracing/timerlat: Drop interface_lock in stop_kthread() (git-fixes).
- tracing/timerlat: Fix a race during cpuhp processing (git-fixes).
- tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline (git-fixes).
- tracing/timerlat: Move hrtimer_init to timerlat_fd open() (git-fixes).
- tracing/timerlat: Only clear timer if a kthread exists (git-fixes).
- tracing: Consider the NULL character when validating the event length (git-fixes).
- tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler (git-fixes).
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (stable-fixes).
- u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one file (git-fixes).
- ubifs: Fix adding orphan entry twice for the same inode (git-fixes).
- ubifs: Fix unattached xattr inode if powercut happens after deleting (git-fixes).
- ubifs: add check for crypto_shash_tfm_digest (git-fixes).
- ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes).
- ucounts: fix counter leak in inc_rlimit_get_ucounts() (bsc#1233460).
- unicode: Do not special case ignorable code points (stable-fixes).
- unicode: Fix utf8_load() error path (git-fixes).
- uprobe: avoid out-of-bounds memory access of fetching args (git-fixes).
- uprobes: encapsulate preparation of uprobe args buffer (git-fixes).
- uprobes: introduce the global struct vm_special_mapping xol_mapping (bsc#1231114).
- uprobes: turn xol_area->pages into xol_area->page (bsc#1231114).
- usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes).
- usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes).
- usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG (git-fixes).
- usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes).
- usb: dwc3: gadget: Add missing check for single port RAM in TxFIFO resizing logic (git-fixes).
- usb: dwc3: gadget: Fix checking for number of TRBs left (git-fixes).
- usb: dwc3: gadget: Fix looping of queued SG entries (git-fixes).
- usb: ehci-spear: fix call balance of sehci clk handling routines (git-fixes).
- usb: gadget: core: force synchronous registration (git-fixes).
- usb: gadget: dummy_hcd: Set transfer interval to 1 microframe (stable-fixes).
- usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler (stable-fixes).
- usb: gadget: dummy_hcd: execute hrtimer callback in softirq context (git-fixes).
- usb: gadget: f_uac2: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: gadget: f_uac2: fix non-newline-terminated function name (stable-fixes).
- usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store (git-fixes).
- usb: musb: Fix hardware lockup on first Rx endpoint request (git-fixes).
- usb: musb: sunxi: Fix accessing an released usb phy (git-fixes).
- usb: phy: Fix API devm_usb_put_phy() can not release the phy (git-fixes).
- usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes).
- usb: typec: altmode should keep reference to parent (git-fixes).
- usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() (git-fixes).
- usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() (git-fixes).
- usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() (git-fixes).
- usb: xhci: Fix TD invalidation under pending Set TR Dequeue (git-fixes).
- usb: xhci: Fix problem with xhci resume from suspend (stable-fixes).
- usb: xhci: fix loss of data on Cadence xHC (git-fixes).
- usb: yurex: make waiting on yurex_write interruptible (git-fixes).
- usbip: tools: Fix detach_port() invalid port error path (git-fixes).
- usbnet: fix cyclical race on disconnect with work queue (git-fixes).
- vdpa: Fix an error handling path in eni_vdpa_probe() (git-fixes).
- vdpa_sim_blk: Fix the potential leak of mgmt_dev (git-fixes).
- vdpa_sim_blk: allocate the buffer zeroed (git-fixes).
- vduse: avoid using __GFP_NOFAIL (git-fixes).
- vfs: dcache: move hashlen_hash() from callers into d_hash() (git-fixes).
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes).
- vhost_vdpa: assign irq bypass producer token correctly (git-fixes).
- virtio_console: fix misc probe bugs (git-fixes).
- vmalloc: modify the alloc_vmap_area() error message for better diagnostics (jsc#PED-10978).
- vmxnet3: Add XDP support (bsc#1226498).
- vmxnet3: Fix missing reserved tailroom (bsc#1226498).
- vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame (bsc#1226498).
- vmxnet3: add command to allow disabling of offloads (bsc#1226498).
- vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498).
- vmxnet3: prepare for version 9 changes (bsc#1226498).
- vmxnet3: update to version 9 (bsc#1226498).
- vsock: Update msg_count on read_skb() (git-fixes).
- vt: prevent kernel-infoleak in con_font_get() (git-fixes).
- watchdog: apple: Actually flush writes after requesting watchdog restart (git-fixes).
- watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (git-fixes).
- watchdog: rti: of: honor timeout-sec property (git-fixes).
- wifi: ath10k: Fix memory leak in management tx (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss1 (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss2 (git-fixes).
- wifi: ath11k: Fix CE offset address calculation for WCN6750 in SSR (git-fixes).
- wifi: ath11k: Fix invalid ring usage in full monitor mode (git-fixes).
- wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes).
- wifi: ath12k: Skip Rx TID cleanup for self peer (git-fixes).
- wifi: ath12k: fix array out-of-bound access in SoC stats (stable-fixes).
- wifi: ath12k: fix crash when unbinding (git-fixes).
- wifi: ath12k: fix warning when unbinding (git-fixes).
- wifi: ath12k: remove msdu_end structure for WCN7850 (git-fixes).
- wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (git-fixes).
- wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable-fixes).
- wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes).
- wifi: brcm80211: BRCM_TRACING should depend on TRACING (git-fixes).
- wifi: brcmfmac: release 'root' node in all execution paths (git-fixes).
- wifi: cfg80211: Set correct chandef when starting CAC (stable-fixes).
- wifi: cfg80211: clear wdev->cqm_config pointer on free (git-fixes).
- wifi: cw1200: Fix potential NULL dereference (git-fixes).
- wifi: iwlegacy: Clear stale interrupts before resuming device (stable-fixes).
- wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd() (git-fixes).
- wifi: iwlwifi: allow only CN mcc from WRDD (stable-fixes).
- wifi: iwlwifi: config: label 'gl' devices as discrete (git-fixes).
- wifi: iwlwifi: mvm: Fix a race in scan abort flow (stable-fixes).
- wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (git-fixes).
- wifi: iwlwifi: mvm: avoid NULL pointer dereference (stable-fixes).
- wifi: iwlwifi: mvm: do not add default link in fw restart flow (git-fixes).
- wifi: iwlwifi: mvm: do not leak a link on AP removal (git-fixes).
- wifi: iwlwifi: mvm: drop wrong STA selection in TX (stable-fixes).
- wifi: iwlwifi: mvm: use correct key iteration (stable-fixes).
- wifi: iwlwifi: remove AX101, AX201 and AX203 support from LNL (stable-fixes).
- wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (git-fixes).
- wifi: mac80211: fix RCU list iterations (stable-fixes).
- wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys (git-fixes).
- wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation (stable-fixes).
- wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable (stable-fixes).
- wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (git-fixes).
- wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- wifi: rtw88: 8821cu: Remove VID/PID 0bda:c82c (stable-fixes).
- wifi: rtw88: Fix USB/SDIO devices not transmitting beacons (git-fixes).
- wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes).
- wifi: rtw89: avoid reading out of bounds when loading TX power FW elements (stable-fixes).
- wifi: rtw89: avoid to add interface to list twice when SER (stable-fixes).
- wifi: rtw89: correct base HT rate mask for firmware (stable-fixes).
- wifi: wfx: Fix error handling in wfx_core_init() (git-fixes).
- x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1233443).
- x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load (git-fixes).
- x86/Documentation: Indent 'note::' directive for protocol version number note (git-fixes).
- x86/PCI: Check pcie_find_root_port() return for NULL (git-fixes).
- x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h (git-fixes).
- x86/apic: Always explicitly disarm TSC-deadline timer (git-fixes).
- x86/apic: Make x2apic_disable() work correctly (git-fixes).
- x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes).
- x86/bugs: Skip RSB fill at VMEXIT (git-fixes).
- x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes).
- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes).
- x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes).
- x86/entry: Remove unwanted instrumentation in common_interrupt() (git-fixes).
- x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes).
- x86/microcode/intel: Remove unnecessary cache writeback and invalidation (git-fixes).
- x86/mm: Use IPIs to synchronize LAM enablement (git-fixes).
- x86/resctrl: Annotate get_mem_config() functions as __init (git-fixes).
- x86/resctrl: Avoid overflow in MB settings in bw_validate() (git-fixes).
- x86/resctrl: Remove hard-coded memory bandwidth limit (git-fixes).
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes).
- x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments() (git-fixes).
- x86/tdx: Dynamically disable SEPT violations from causing #VEs (git-fixes).
- x86/tdx: Enable CPU topology enumeration (git-fixes).
- x86/tdx: Introduce wrappers to read and write TD metadata (git-fixes).
- x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() (git-fixes).
- x86/traps: move kmsan check after instrumentation_begin (git-fixes).
- x86: Increase brk randomness entropy for 64-bit systems (git-fixes).
- x86: do the user address masking outside the user access area (git-fixes).
- x86: fix off-by-one in access_ok() (git-fixes).
- x86: fix user address masking non-canonical speculation issue (git-fixes).
- x86: make the masked_user_access_begin() macro use its argument only once (git-fixes).
- x86: support user address masking instead of non-speculative conditional (git-fixes).
- xfrm: Export symbol xfrm_dev_state_delete (bsc#1233754).
- xfrm: Fix unregister netdevice hang on hardware offload (bsc#1233754).
- xfs: check opcode and iovec count match in xlog_recover_attri_commit_pass2 (git-fixes).
- xfs: check shortform attr entry flags specifically (git-fixes).
- xfs: convert delayed extents to unwritten when zeroing post eof blocks (git-fixes).
- xfs: fix finding a last resort AG in xfs_filestream_pick_ag (git-fixes).
- xfs: fix freeing speculative preallocations for preallocated files (git-fixes).
- xfs: make sure sb_fdblocks is non-negative (git-fixes).
- xfs: make the seq argument to xfs_bmapi_convert_delalloc() optional (git-fixes).
- xfs: make xfs_bmapi_convert_delalloc() to allocate the target offset (git-fixes).
- xfs: remove a racy if_bytes check in xfs_reflink_end_cow_extent (git-fixes).
- xfs: validate recovered name buffers when recovering xattr items (git-fixes).
- xhci: Add a quirk for writing ERST in high-low order (git-fixes).
- xhci: Fix Link TRB DMA in command ring stopped completion event (git-fixes).
- xhci: Fix incorrect stream context type macro (git-fixes).
- xhci: Mitigate failed set dequeue pointer commands (git-fixes).
- xhci: Use pm_runtime_get to prevent RPM on unsupported systems (git-fixes).
- xhci: tegra: fix checked USB2 port number (git-fixes).
- zonefs: Improve error handling (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1082555SUSE bug 1194869SUSE bug 1215199SUSE bug 1217845SUSE bug 1218562SUSE bug 1218644SUSE bug 1219596SUSE bug 1219803SUSE bug 1220355SUSE bug 1220382SUSE bug 1221309SUSE bug 1222423SUSE bug 1222587SUSE bug 1222590SUSE bug 1223112SUSE bug 1223384SUSE bug 1223656SUSE bug 1223700SUSE bug 1223733SUSE bug 1223824SUSE bug 1223848SUSE bug 1224088SUSE bug 1224429SUSE bug 1224518SUSE bug 1224548SUSE bug 1224574SUSE bug 1224948SUSE bug 1225611SUSE bug 1225713SUSE bug 1225725SUSE bug 1225730SUSE bug 1225742SUSE bug 1225764SUSE bug 1225768SUSE bug 1225813SUSE bug 1225903SUSE bug 1226003SUSE bug 1226130SUSE bug 1226498SUSE bug 1226623SUSE bug 1226631SUSE bug 1226748SUSE bug 1226797SUSE bug 1226848SUSE bug 1226872SUSE bug 1227726SUSE bug 1227842SUSE bug 1228119SUSE bug 1228244SUSE bug 1228269SUSE bug 1228410SUSE bug 1228430SUSE bug 1228454SUSE bug 1228537SUSE bug 1228620SUSE bug 1228743SUSE bug 1228747SUSE bug 1228850SUSE bug 1228857SUSE bug 1229019SUSE bug 1229165SUSE bug 1229429SUSE bug 1229450SUSE bug 1229585SUSE bug 1229677SUSE bug 1229769SUSE bug 1229808SUSE bug 1229891SUSE bug 1230055SUSE bug 1230132SUSE bug 1230179SUSE bug 1230220SUSE bug 1230231SUSE bug 1230289SUSE bug 1230295SUSE bug 1230339SUSE bug 1230341SUSE bug 1230375SUSE bug 1230414SUSE bug 1230429SUSE bug 1230456SUSE bug 1230501SUSE bug 1230527SUSE bug 1230550SUSE bug 1230557SUSE bug 1230558SUSE bug 1230600SUSE bug 1230620SUSE bug 1230710SUSE bug 1230733SUSE bug 1230762SUSE bug 1230763SUSE bug 1230773SUSE bug 1230774SUSE bug 1230801SUSE bug 1230807SUSE bug 1230817SUSE bug 1230827SUSE bug 1230831SUSE bug 1230914SUSE bug 1230918SUSE bug 1230971SUSE bug 1231016SUSE bug 1231035SUSE bug 1231072SUSE bug 1231073SUSE bug 1231075SUSE bug 1231076SUSE bug 1231081SUSE bug 1231082SUSE bug 1231083SUSE bug 1231084SUSE bug 1231085SUSE bug 1231087SUSE bug 1231089SUSE bug 1231092SUSE bug 1231093SUSE bug 1231094SUSE bug 1231096SUSE bug 1231098SUSE bug 1231100SUSE bug 1231101SUSE bug 1231102SUSE bug 1231105SUSE bug 1231108SUSE bug 1231111SUSE bug 1231114SUSE bug 1231115SUSE bug 1231116SUSE bug 1231117SUSE bug 1231131SUSE bug 1231132SUSE bug 1231135SUSE bug 1231136SUSE bug 1231138SUSE bug 1231148SUSE bug 1231169SUSE bug 1231170SUSE bug 1231171SUSE bug 1231178SUSE bug 1231179SUSE bug 1231182SUSE bug 1231183SUSE bug 1231187SUSE bug 1231191SUSE bug 1231193SUSE bug 1231195SUSE bug 1231197SUSE bug 1231200SUSE bug 1231202SUSE bug 1231203SUSE bug 1231276SUSE bug 1231293SUSE bug 1231384SUSE bug 1231434SUSE bug 1231435SUSE bug 1231436SUSE bug 1231439SUSE bug 1231440SUSE bug 1231441SUSE bug 1231442SUSE bug 1231452SUSE bug 1231453SUSE bug 1231465SUSE bug 1231474SUSE bug 1231481SUSE bug 1231496SUSE bug 1231502SUSE bug 1231537SUSE bug 1231539SUSE bug 1231540SUSE bug 1231541SUSE bug 1231617SUSE bug 1231630SUSE bug 1231634SUSE bug 1231635SUSE bug 1231636SUSE bug 1231637SUSE bug 1231638SUSE bug 1231639SUSE bug 1231640SUSE bug 1231673SUSE bug 1231828SUSE bug 1231849SUSE bug 1231855SUSE bug 1231856SUSE bug 1231857SUSE bug 1231858SUSE bug 1231859SUSE bug 1231860SUSE bug 1231861SUSE bug 1231864SUSE bug 1231865SUSE bug 1231868SUSE bug 1231869SUSE bug 1231871SUSE bug 1231872SUSE bug 1231901SUSE bug 1231902SUSE bug 1231903SUSE bug 1231904SUSE bug 1231906SUSE bug 1231907SUSE bug 1231908SUSE bug 1231914SUSE bug 1231916SUSE bug 1231920SUSE bug 1231924SUSE bug 1231926SUSE bug 1231930SUSE bug 1231931SUSE bug 1231935SUSE bug 1231942SUSE bug 1231944SUSE bug 1231946SUSE bug 1231947SUSE bug 1231950SUSE bug 1231951SUSE bug 1231952SUSE bug 1231953SUSE bug 1231954SUSE bug 1231955SUSE bug 1231956SUSE bug 1231957SUSE bug 1231965SUSE bug 1231967SUSE bug 1231968SUSE bug 1231987SUSE bug 1231988SUSE bug 1231989SUSE bug 1231990SUSE bug 1231998SUSE bug 1232000SUSE bug 1232003SUSE bug 1232009SUSE bug 1232013SUSE bug 1232015SUSE bug 1232016SUSE bug 1232017SUSE bug 1232018SUSE bug 1232033SUSE bug 1232034SUSE bug 1232036SUSE bug 1232043SUSE bug 1232047SUSE bug 1232048SUSE bug 1232049SUSE bug 1232050SUSE bug 1232056SUSE bug 1232075SUSE bug 1232076SUSE bug 1232079SUSE bug 1232080SUSE bug 1232083SUSE bug 1232084SUSE bug 1232085SUSE bug 1232089SUSE bug 1232090SUSE bug 1232093SUSE bug 1232094SUSE bug 1232096SUSE bug 1232097SUSE bug 1232098SUSE bug 1232103SUSE bug 1232104SUSE bug 1232105SUSE bug 1232109SUSE bug 1232111SUSE bug 1232114SUSE bug 1232116SUSE bug 1232117SUSE bug 1232124SUSE bug 1232126SUSE bug 1232127SUSE bug 1232129SUSE bug 1232130SUSE bug 1232131SUSE bug 1232132SUSE bug 1232134SUSE bug 1232135SUSE bug 1232140SUSE bug 1232141SUSE bug 1232142SUSE bug 1232145SUSE bug 1232147SUSE bug 1232148SUSE bug 1232149SUSE bug 1232151SUSE bug 1232152SUSE bug 1232154SUSE bug 1232155SUSE bug 1232156SUSE bug 1232157SUSE bug 1232159SUSE bug 1232160SUSE bug 1232162SUSE bug 1232164SUSE bug 1232165SUSE bug 1232166SUSE bug 1232174SUSE bug 1232180SUSE bug 1232182SUSE bug 1232183SUSE bug 1232185SUSE bug 1232187SUSE bug 1232189SUSE bug 1232192SUSE bug 1232195SUSE bug 1232196SUSE bug 1232198SUSE bug 1232199SUSE bug 1232200SUSE bug 1232201SUSE bug 1232207SUSE bug 1232208SUSE bug 1232217SUSE bug 1232218SUSE bug 1232220SUSE bug 1232221SUSE bug 1232222SUSE bug 1232224SUSE bug 1232232SUSE bug 1232250SUSE bug 1232251SUSE bug 1232253SUSE bug 1232254SUSE bug 1232255SUSE bug 1232256SUSE bug 1232258SUSE bug 1232259SUSE bug 1232260SUSE bug 1232262SUSE bug 1232263SUSE bug 1232264SUSE bug 1232272SUSE bug 1232275SUSE bug 1232279SUSE bug 1232282SUSE bug 1232285SUSE bug 1232287SUSE bug 1232295SUSE bug 1232305SUSE bug 1232307SUSE bug 1232309SUSE bug 1232310SUSE bug 1232312SUSE bug 1232313SUSE bug 1232314SUSE bug 1232315SUSE bug 1232316SUSE bug 1232317SUSE bug 1232318SUSE bug 1232329SUSE bug 1232332SUSE bug 1232333SUSE bug 1232334SUSE bug 1232335SUSE bug 1232337SUSE bug 1232339SUSE bug 1232340SUSE bug 1232342SUSE bug 1232345SUSE bug 1232349SUSE bug 1232352SUSE bug 1232354SUSE bug 1232355SUSE bug 1232357SUSE bug 1232358SUSE bug 1232359SUSE bug 1232361SUSE bug 1232362SUSE bug 1232366SUSE bug 1232367SUSE bug 1232368SUSE bug 1232369SUSE bug 1232370SUSE bug 1232371SUSE bug 1232374SUSE bug 1232378SUSE bug 1232381SUSE bug 1232383SUSE bug 1232385SUSE bug 1232386SUSE bug 1232387SUSE bug 1232392SUSE bug 1232394SUSE bug 1232395SUSE bug 1232396SUSE bug 1232413SUSE bug 1232416SUSE bug 1232417SUSE bug 1232418SUSE bug 1232424SUSE bug 1232427SUSE bug 1232432SUSE bug 1232435SUSE bug 1232436SUSE bug 1232442SUSE bug 1232446SUSE bug 1232483SUSE bug 1232494SUSE bug 1232498SUSE bug 1232499SUSE bug 1232500SUSE bug 1232501SUSE bug 1232502SUSE bug 1232503SUSE bug 1232504SUSE bug 1232505SUSE bug 1232506SUSE bug 1232507SUSE bug 1232511SUSE bug 1232519SUSE bug 1232520SUSE bug 1232529SUSE bug 1232552SUSE bug 1232623SUSE bug 1232626SUSE bug 1232627SUSE bug 1232628SUSE bug 1232629SUSE bug 1232704SUSE bug 1232757SUSE bug 1232768SUSE bug 1232819SUSE bug 1232823SUSE bug 1232860SUSE bug 1232869SUSE bug 1232870SUSE bug 1232873SUSE bug 1232876SUSE bug 1232877SUSE bug 1232878SUSE bug 1232880SUSE bug 1232881SUSE bug 1232884SUSE bug 1232885SUSE bug 1232887SUSE bug 1232888SUSE bug 1232890SUSE bug 1232892SUSE bug 1232894SUSE bug 1232896SUSE bug 1232897SUSE bug 1232905SUSE bug 1232907SUSE bug 1232914SUSE bug 1232919SUSE bug 1232925SUSE bug 1232926SUSE bug 1232928SUSE bug 1232935SUSE bug 1233029SUSE bug 1233032SUSE bug 1233035SUSE bug 1233036SUSE bug 1233041SUSE bug 1233044SUSE bug 1233049SUSE bug 1233050SUSE bug 1233051SUSE bug 1233056SUSE bug 1233057SUSE bug 1233061SUSE bug 1233062SUSE bug 1233063SUSE bug 1233065SUSE bug 1233067SUSE bug 1233070SUSE bug 1233073SUSE bug 1233074SUSE bug 1233088SUSE bug 1233091SUSE bug 1233092SUSE bug 1233097SUSE bug 1233100SUSE bug 1233103SUSE bug 1233104SUSE bug 1233105SUSE bug 1233106SUSE bug 1233107SUSE bug 1233108SUSE bug 1233110SUSE bug 1233111SUSE bug 1233113SUSE bug 1233114SUSE bug 1233115SUSE bug 1233117SUSE bug 1233119SUSE bug 1233123SUSE bug 1233125SUSE bug 1233127SUSE bug 1233129SUSE bug 1233130SUSE bug 1233132SUSE bug 1233135SUSE bug 1233176SUSE bug 1233179SUSE bug 1233185SUSE bug 1233188SUSE bug 1233189SUSE bug 1233191SUSE bug 1233193SUSE bug 1233197SUSE bug 1233201SUSE bug 1233203SUSE bug 1233204SUSE bug 1233205SUSE bug 1233206SUSE bug 1233207SUSE bug 1233208SUSE bug 1233209SUSE bug 1233210SUSE bug 1233211SUSE bug 1233212SUSE bug 1233216SUSE bug 1233217SUSE bug 1233219SUSE bug 1233226SUSE bug 1233238SUSE bug 1233241SUSE bug 1233244SUSE bug 1233253SUSE bug 1233255SUSE bug 1233293SUSE bug 1233298SUSE bug 1233305SUSE bug 1233320SUSE bug 1233350SUSE bug 1233443SUSE bug 1233452SUSE bug 1233453SUSE bug 1233454SUSE bug 1233456SUSE bug 1233457SUSE bug 1233458SUSE bug 1233460SUSE bug 1233462SUSE bug 1233463SUSE bug 1233464SUSE bug 1233465SUSE bug 1233468SUSE bug 1233471SUSE bug 1233476SUSE bug 1233478SUSE bug 1233479SUSE bug 1233481SUSE bug 1233484SUSE bug 1233485SUSE bug 1233487SUSE bug 1233490SUSE bug 1233491SUSE bug 1233523SUSE bug 1233524SUSE bug 1233540SUSE bug 1233547SUSE bug 1233548SUSE bug 1233550SUSE bug 1233552SUSE bug 1233553SUSE bug 1233554SUSE bug 1233555SUSE bug 1233557SUSE bug 1233560SUSE bug 1233561SUSE bug 1233564SUSE bug 1233566SUSE bug 1233567SUSE bug 1233568SUSE bug 1233570SUSE bug 1233572SUSE bug 1233573SUSE bug 1233577SUSE bug 1233580SUSE bug 1233640SUSE bug 1233641SUSE bug 1233642SUSE bug 1233721SUSE bug 1233754SUSE bug 1233756SUSE bug 1233769SUSE bug 1233771SUSE bug 1233977SUSE bug 1234009SUSE bug 1234011SUSE bug 1234012SUSE bug 1234025SUSE bug 1234039SUSE bug 1234040SUSE bug 1234041SUSE bug 1234042SUSE bug 1234043SUSE bug 1234044SUSE bug 1234045SUSE bug 1234046SUSE bug 1234072SUSE bug 1234078SUSE bug 1234081SUSE bug 1234083SUSE bug 1234085SUSE bug 1234087SUSE bug 1234093SUSE bug 1234098SUSE bug 1234108SUSE bug 1234121SUSE bug 1234223CVE-2023-52766 at SUSECVE-2023-52766 at NVDCVE-2023-52778 at SUSECVE-2023-52778 at NVDCVE-2023-52800 at SUSECVE-2023-52800 at NVDCVE-2023-52881 at SUSECVE-2023-52881 at NVDCVE-2023-52917 at SUSECVE-2023-52917 at NVDCVE-2023-52918 at SUSECVE-2023-52918 at NVDCVE-2023-52919 at SUSECVE-2023-52919 at NVDCVE-2023-52920 at SUSECVE-2023-52920 at NVDCVE-2023-52921 at SUSECVE-2023-52921 at NVDCVE-2023-52922 at SUSECVE-2023-52922 at NVDCVE-2023-6270 at SUSECVE-2023-6270 at NVDCVE-2024-26596 at SUSECVE-2024-26596 at NVDCVE-2024-26703 at SUSECVE-2024-26703 at NVDCVE-2024-26741 at SUSECVE-2024-26741 at NVDCVE-2024-26758 at SUSECVE-2024-26758 at NVDCVE-2024-26761 at SUSECVE-2024-26761 at NVDCVE-2024-26767 at SUSECVE-2024-26767 at NVDCVE-2024-26782 at SUSECVE-2024-26782 at NVDCVE-2024-26864 at SUSECVE-2024-26864 at NVDCVE-2024-26943 at SUSECVE-2024-26943 at NVDCVE-2024-26953 at SUSECVE-2024-26953 at NVDCVE-2024-27017 at SUSECVE-2024-27017 at NVDCVE-2024-27026 at SUSECVE-2024-27026 at NVDCVE-2024-27043 at SUSECVE-2024-27043 at NVDCVE-2024-27407 at SUSECVE-2024-27407 at NVDCVE-2024-35888 at SUSECVE-2024-35888 at NVDCVE-2024-35980 at SUSECVE-2024-35980 at NVDCVE-2024-36000 at SUSECVE-2024-36000 at NVDCVE-2024-36031 at SUSECVE-2024-36031 at NVDCVE-2024-36244 at SUSECVE-2024-36244 at NVDCVE-2024-36484 at SUSECVE-2024-36484 at NVDCVE-2024-36883 at SUSECVE-2024-36883 at NVDCVE-2024-36886 at SUSECVE-2024-36886 at NVDCVE-2024-36905 at SUSECVE-2024-36905 at NVDCVE-2024-36920 at SUSECVE-2024-36920 at NVDCVE-2024-36927 at SUSECVE-2024-36927 at NVDCVE-2024-36954 at SUSECVE-2024-36954 at NVDCVE-2024-36968 at SUSECVE-2024-36968 at NVDCVE-2024-38576 at SUSECVE-2024-38576 at NVDCVE-2024-38577 at SUSECVE-2024-38577 at NVDCVE-2024-38589 at SUSECVE-2024-38589 at NVDCVE-2024-38599 at SUSECVE-2024-38599 at NVDCVE-2024-40914 at SUSECVE-2024-40914 at NVDCVE-2024-41016 at SUSECVE-2024-41016 at NVDCVE-2024-41023 at SUSECVE-2024-41023 at NVDCVE-2024-41031 at SUSECVE-2024-41031 at NVDCVE-2024-41047 at SUSECVE-2024-41047 at NVDCVE-2024-41082 at SUSECVE-2024-41082 at NVDCVE-2024-42102 at SUSECVE-2024-42102 at NVDCVE-2024-42145 at SUSECVE-2024-42145 at NVDCVE-2024-44932 at SUSECVE-2024-44932 at NVDCVE-2024-44958 at SUSECVE-2024-44958 at NVDCVE-2024-44964 at SUSECVE-2024-44964 at NVDCVE-2024-44995 at SUSECVE-2024-44995 at NVDCVE-2024-45016 at SUSECVE-2024-45016 at NVDCVE-2024-45025 at SUSECVE-2024-45025 at NVDCVE-2024-46678 at SUSECVE-2024-46678 at NVDCVE-2024-46680 at SUSECVE-2024-46680 at NVDCVE-2024-46681 at SUSECVE-2024-46681 at NVDCVE-2024-46721 at SUSECVE-2024-46721 at NVDCVE-2024-46754 at SUSECVE-2024-46754 at NVDCVE-2024-46765 at SUSECVE-2024-46765 at NVDCVE-2024-46766 at SUSECVE-2024-46766 at NVDCVE-2024-46770 at SUSECVE-2024-46770 at NVDCVE-2024-46775 at SUSECVE-2024-46775 at NVDCVE-2024-46777 at SUSECVE-2024-46777 at NVDCVE-2024-46788 at SUSECVE-2024-46788 at NVDCVE-2024-46797 at SUSECVE-2024-46797 at NVDCVE-2024-46800 at SUSECVE-2024-46800 at NVDCVE-2024-46802 at SUSECVE-2024-46802 at NVDCVE-2024-46803 at SUSECVE-2024-46803 at NVDCVE-2024-46804 at SUSECVE-2024-46804 at NVDCVE-2024-46805 at SUSECVE-2024-46805 at NVDCVE-2024-46806 at SUSECVE-2024-46806 at NVDCVE-2024-46807 at SUSECVE-2024-46807 at NVDCVE-2024-46809 at SUSECVE-2024-46809 at NVDCVE-2024-46810 at SUSECVE-2024-46810 at NVDCVE-2024-46811 at SUSECVE-2024-46811 at NVDCVE-2024-46812 at SUSECVE-2024-46812 at NVDCVE-2024-46813 at SUSECVE-2024-46813 at NVDCVE-2024-46814 at SUSECVE-2024-46814 at NVDCVE-2024-46815 at SUSECVE-2024-46815 at NVDCVE-2024-46816 at SUSECVE-2024-46816 at NVDCVE-2024-46817 at SUSECVE-2024-46817 at NVDCVE-2024-46818 at SUSECVE-2024-46818 at NVDCVE-2024-46819 at SUSECVE-2024-46819 at NVDCVE-2024-46821 at SUSECVE-2024-46821 at NVDCVE-2024-46825 at SUSECVE-2024-46825 at NVDCVE-2024-46826 at SUSECVE-2024-46826 at NVDCVE-2024-46827 at SUSECVE-2024-46827 at NVDCVE-2024-46828 at SUSECVE-2024-46828 at NVDCVE-2024-46830 at SUSECVE-2024-46830 at NVDCVE-2024-46831 at SUSECVE-2024-46831 at NVDCVE-2024-46834 at SUSECVE-2024-46834 at NVDCVE-2024-46835 at SUSECVE-2024-46835 at NVDCVE-2024-46836 at SUSECVE-2024-46836 at NVDCVE-2024-46840 at SUSECVE-2024-46840 at NVDCVE-2024-46841 at SUSECVE-2024-46841 at NVDCVE-2024-46842 at SUSECVE-2024-46842 at NVDCVE-2024-46843 at SUSECVE-2024-46843 at NVDCVE-2024-46845 at SUSECVE-2024-46845 at NVDCVE-2024-46846 at SUSECVE-2024-46846 at NVDCVE-2024-46848 at SUSECVE-2024-46848 at NVDCVE-2024-46849 at SUSECVE-2024-46849 at NVDCVE-2024-46851 at SUSECVE-2024-46851 at NVDCVE-2024-46852 at SUSECVE-2024-46852 at NVDCVE-2024-46853 at SUSECVE-2024-46853 at NVDCVE-2024-46854 at SUSECVE-2024-46854 at NVDCVE-2024-46855 at SUSECVE-2024-46855 at NVDCVE-2024-46857 at SUSECVE-2024-46857 at NVDCVE-2024-46859 at SUSECVE-2024-46859 at NVDCVE-2024-46860 at SUSECVE-2024-46860 at NVDCVE-2024-46861 at SUSECVE-2024-46861 at NVDCVE-2024-46864 at SUSECVE-2024-46864 at NVDCVE-2024-46870 at SUSECVE-2024-46870 at NVDCVE-2024-46871 at SUSECVE-2024-46871 at NVDCVE-2024-47658 at SUSECVE-2024-47658 at NVDCVE-2024-47660 at SUSECVE-2024-47660 at NVDCVE-2024-47661 at SUSECVE-2024-47661 at NVDCVE-2024-47662 at SUSECVE-2024-47662 at NVDCVE-2024-47663 at SUSECVE-2024-47663 at NVDCVE-2024-47664 at SUSECVE-2024-47664 at NVDCVE-2024-47665 at SUSECVE-2024-47665 at NVDCVE-2024-47666 at SUSECVE-2024-47666 at NVDCVE-2024-47667 at SUSECVE-2024-47667 at NVDCVE-2024-47668 at SUSECVE-2024-47668 at NVDCVE-2024-47669 at SUSECVE-2024-47669 at NVDCVE-2024-47670 at SUSECVE-2024-47670 at NVDCVE-2024-47671 at SUSECVE-2024-47671 at NVDCVE-2024-47672 at SUSECVE-2024-47672 at NVDCVE-2024-47673 at SUSECVE-2024-47673 at NVDCVE-2024-47674 at SUSECVE-2024-47674 at NVDCVE-2024-47675 at SUSECVE-2024-47675 at NVDCVE-2024-47679 at SUSECVE-2024-47679 at NVDCVE-2024-47681 at SUSECVE-2024-47681 at NVDCVE-2024-47682 at SUSECVE-2024-47682 at NVDCVE-2024-47684 at SUSECVE-2024-47684 at NVDCVE-2024-47685 at SUSECVE-2024-47685 at NVDCVE-2024-47686 at SUSECVE-2024-47686 at NVDCVE-2024-47687 at SUSECVE-2024-47687 at NVDCVE-2024-47688 at SUSECVE-2024-47688 at NVDCVE-2024-47692 at SUSECVE-2024-47692 at NVDCVE-2024-47693 at SUSECVE-2024-47693 at NVDCVE-2024-47695 at SUSECVE-2024-47695 at NVDCVE-2024-47696 at SUSECVE-2024-47696 at NVDCVE-2024-47697 at SUSECVE-2024-47697 at NVDCVE-2024-47698 at SUSECVE-2024-47698 at NVDCVE-2024-47699 at SUSECVE-2024-47699 at NVDCVE-2024-47701 at SUSECVE-2024-47701 at NVDCVE-2024-47702 at SUSECVE-2024-47702 at NVDCVE-2024-47703 at SUSECVE-2024-47703 at NVDCVE-2024-47704 at SUSECVE-2024-47704 at NVDCVE-2024-47705 at SUSECVE-2024-47705 at NVDCVE-2024-47706 at SUSECVE-2024-47706 at NVDCVE-2024-47707 at SUSECVE-2024-47707 at NVDCVE-2024-47709 at SUSECVE-2024-47709 at NVDCVE-2024-47710 at SUSECVE-2024-47710 at NVDCVE-2024-47712 at SUSECVE-2024-47712 at NVDCVE-2024-47713 at SUSECVE-2024-47713 at NVDCVE-2024-47714 at SUSECVE-2024-47714 at NVDCVE-2024-47715 at SUSECVE-2024-47715 at NVDCVE-2024-47718 at SUSECVE-2024-47718 at NVDCVE-2024-47719 at SUSECVE-2024-47719 at NVDCVE-2024-47720 at SUSECVE-2024-47720 at NVDCVE-2024-47723 at SUSECVE-2024-47723 at NVDCVE-2024-47727 at SUSECVE-2024-47727 at NVDCVE-2024-47728 at SUSECVE-2024-47728 at NVDCVE-2024-47730 at SUSECVE-2024-47730 at NVDCVE-2024-47731 at SUSECVE-2024-47731 at NVDCVE-2024-47732 at SUSECVE-2024-47732 at NVDCVE-2024-47735 at SUSECVE-2024-47735 at NVDCVE-2024-47737 at SUSECVE-2024-47737 at NVDCVE-2024-47738 at SUSECVE-2024-47738 at NVDCVE-2024-47739 at SUSECVE-2024-47739 at NVDCVE-2024-47741 at SUSECVE-2024-47741 at NVDCVE-2024-47742 at SUSECVE-2024-47742 at NVDCVE-2024-47743 at SUSECVE-2024-47743 at NVDCVE-2024-47744 at SUSECVE-2024-47744 at NVDCVE-2024-47745 at SUSECVE-2024-47745 at NVDCVE-2024-47747 at SUSECVE-2024-47747 at NVDCVE-2024-47748 at SUSECVE-2024-47748 at NVDCVE-2024-47749 at SUSECVE-2024-47749 at NVDCVE-2024-47750 at SUSECVE-2024-47750 at NVDCVE-2024-47751 at SUSECVE-2024-47751 at NVDCVE-2024-47752 at SUSECVE-2024-47752 at NVDCVE-2024-47753 at SUSECVE-2024-47753 at NVDCVE-2024-47754 at SUSECVE-2024-47754 at NVDCVE-2024-47756 at SUSECVE-2024-47756 at NVDCVE-2024-47757 at SUSECVE-2024-47757 at NVDCVE-2024-49850 at SUSECVE-2024-49850 at NVDCVE-2024-49851 at SUSECVE-2024-49851 at NVDCVE-2024-49852 at SUSECVE-2024-49852 at NVDCVE-2024-49853 at SUSECVE-2024-49853 at NVDCVE-2024-49855 at SUSECVE-2024-49855 at NVDCVE-2024-49858 at SUSECVE-2024-49858 at NVDCVE-2024-49860 at SUSECVE-2024-49860 at NVDCVE-2024-49861 at SUSECVE-2024-49861 at NVDCVE-2024-49862 at SUSECVE-2024-49862 at NVDCVE-2024-49863 at SUSECVE-2024-49863 at NVDCVE-2024-49864 at SUSECVE-2024-49864 at NVDCVE-2024-49866 at SUSECVE-2024-49866 at NVDCVE-2024-49867 at SUSECVE-2024-49867 at NVDCVE-2024-49868 at SUSECVE-2024-49868 at NVDCVE-2024-49870 at SUSECVE-2024-49870 at NVDCVE-2024-49871 at SUSECVE-2024-49871 at NVDCVE-2024-49874 at SUSECVE-2024-49874 at NVDCVE-2024-49875 at SUSECVE-2024-49875 at NVDCVE-2024-49877 at SUSECVE-2024-49877 at NVDCVE-2024-49878 at SUSECVE-2024-49878 at NVDCVE-2024-49879 at SUSECVE-2024-49879 at NVDCVE-2024-49881 at SUSECVE-2024-49881 at NVDCVE-2024-49882 at SUSECVE-2024-49882 at NVDCVE-2024-49883 at SUSECVE-2024-49883 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49886 at SUSECVE-2024-49886 at NVDCVE-2024-49888 at SUSECVE-2024-49888 at NVDCVE-2024-49890 at SUSECVE-2024-49890 at NVDCVE-2024-49891 at SUSECVE-2024-49891 at NVDCVE-2024-49892 at SUSECVE-2024-49892 at NVDCVE-2024-49894 at SUSECVE-2024-49894 at NVDCVE-2024-49895 at SUSECVE-2024-49895 at NVDCVE-2024-49896 at SUSECVE-2024-49896 at NVDCVE-2024-49897 at SUSECVE-2024-49897 at NVDCVE-2024-49898 at SUSECVE-2024-49898 at NVDCVE-2024-49899 at SUSECVE-2024-49899 at NVDCVE-2024-49900 at SUSECVE-2024-49900 at NVDCVE-2024-49901 at SUSECVE-2024-49901 at NVDCVE-2024-49902 at SUSECVE-2024-49902 at NVDCVE-2024-49903 at SUSECVE-2024-49903 at NVDCVE-2024-49905 at SUSECVE-2024-49905 at NVDCVE-2024-49906 at SUSECVE-2024-49906 at NVDCVE-2024-49907 at SUSECVE-2024-49907 at NVDCVE-2024-49908 at SUSECVE-2024-49908 at NVDCVE-2024-49909 at SUSECVE-2024-49909 at NVDCVE-2024-49911 at SUSECVE-2024-49911 at NVDCVE-2024-49912 at SUSECVE-2024-49912 at NVDCVE-2024-49913 at SUSECVE-2024-49913 at NVDCVE-2024-49914 at SUSECVE-2024-49914 at NVDCVE-2024-49917 at SUSECVE-2024-49917 at NVDCVE-2024-49918 at SUSECVE-2024-49918 at NVDCVE-2024-49919 at SUSECVE-2024-49919 at NVDCVE-2024-49920 at SUSECVE-2024-49920 at NVDCVE-2024-49921 at SUSECVE-2024-49921 at NVDCVE-2024-49922 at SUSECVE-2024-49922 at NVDCVE-2024-49923 at SUSECVE-2024-49923 at NVDCVE-2024-49925 at SUSECVE-2024-49925 at NVDCVE-2024-49928 at SUSECVE-2024-49928 at NVDCVE-2024-49929 at SUSECVE-2024-49929 at NVDCVE-2024-49930 at SUSECVE-2024-49930 at NVDCVE-2024-49931 at SUSECVE-2024-49931 at NVDCVE-2024-49933 at SUSECVE-2024-49933 at NVDCVE-2024-49934 at SUSECVE-2024-49934 at NVDCVE-2024-49935 at SUSECVE-2024-49935 at NVDCVE-2024-49936 at SUSECVE-2024-49936 at NVDCVE-2024-49937 at SUSECVE-2024-49937 at NVDCVE-2024-49938 at SUSECVE-2024-49938 at NVDCVE-2024-49939 at SUSECVE-2024-49939 at NVDCVE-2024-49944 at SUSECVE-2024-49944 at NVDCVE-2024-49945 at SUSECVE-2024-49945 at NVDCVE-2024-49946 at SUSECVE-2024-49946 at NVDCVE-2024-49947 at SUSECVE-2024-49947 at NVDCVE-2024-49949 at SUSECVE-2024-49949 at NVDCVE-2024-49950 at SUSECVE-2024-49950 at NVDCVE-2024-49952 at SUSECVE-2024-49952 at NVDCVE-2024-49953 at SUSECVE-2024-49953 at NVDCVE-2024-49954 at SUSECVE-2024-49954 at NVDCVE-2024-49955 at SUSECVE-2024-49955 at NVDCVE-2024-49957 at SUSECVE-2024-49957 at NVDCVE-2024-49958 at SUSECVE-2024-49958 at NVDCVE-2024-49959 at SUSECVE-2024-49959 at NVDCVE-2024-49960 at SUSECVE-2024-49960 at NVDCVE-2024-49961 at SUSECVE-2024-49961 at NVDCVE-2024-49962 at SUSECVE-2024-49962 at NVDCVE-2024-49963 at SUSECVE-2024-49963 at NVDCVE-2024-49965 at SUSECVE-2024-49965 at NVDCVE-2024-49966 at SUSECVE-2024-49966 at NVDCVE-2024-49967 at SUSECVE-2024-49967 at NVDCVE-2024-49968 at SUSECVE-2024-49968 at NVDCVE-2024-49969 at SUSECVE-2024-49969 at NVDCVE-2024-49972 at SUSECVE-2024-49972 at NVDCVE-2024-49973 at SUSECVE-2024-49973 at NVDCVE-2024-49974 at SUSECVE-2024-49974 at NVDCVE-2024-49975 at SUSECVE-2024-49975 at NVDCVE-2024-49976 at SUSECVE-2024-49976 at NVDCVE-2024-49981 at SUSECVE-2024-49981 at NVDCVE-2024-49982 at SUSECVE-2024-49982 at NVDCVE-2024-49983 at SUSECVE-2024-49983 at NVDCVE-2024-49985 at SUSECVE-2024-49985 at NVDCVE-2024-49986 at SUSECVE-2024-49986 at NVDCVE-2024-49987 at SUSECVE-2024-49987 at NVDCVE-2024-49989 at SUSECVE-2024-49989 at NVDCVE-2024-49991 at SUSECVE-2024-49991 at NVDCVE-2024-49993 at SUSECVE-2024-49993 at NVDCVE-2024-49995 at SUSECVE-2024-49995 at NVDCVE-2024-49996 at SUSECVE-2024-49996 at NVDCVE-2024-50000 at SUSECVE-2024-50000 at NVDCVE-2024-50001 at SUSECVE-2024-50001 at NVDCVE-2024-50002 at SUSECVE-2024-50002 at NVDCVE-2024-50003 at SUSECVE-2024-50003 at NVDCVE-2024-50004 at SUSECVE-2024-50004 at NVDCVE-2024-50006 at SUSECVE-2024-50006 at NVDCVE-2024-50007 at SUSECVE-2024-50007 at NVDCVE-2024-50008 at SUSECVE-2024-50008 at NVDCVE-2024-50009 at SUSECVE-2024-50009 at NVDCVE-2024-50012 at SUSECVE-2024-50012 at NVDCVE-2024-50013 at SUSECVE-2024-50013 at NVDCVE-2024-50014 at SUSECVE-2024-50014 at NVDCVE-2024-50015 at SUSECVE-2024-50015 at NVDCVE-2024-50017 at SUSECVE-2024-50017 at NVDCVE-2024-50019 at SUSECVE-2024-50019 at NVDCVE-2024-50020 at SUSECVE-2024-50020 at NVDCVE-2024-50021 at SUSECVE-2024-50021 at NVDCVE-2024-50022 at SUSECVE-2024-50022 at NVDCVE-2024-50023 at SUSECVE-2024-50023 at NVDCVE-2024-50024 at SUSECVE-2024-50024 at NVDCVE-2024-50025 at SUSECVE-2024-50025 at NVDCVE-2024-50026 at SUSECVE-2024-50026 at NVDCVE-2024-50027 at SUSECVE-2024-50027 at NVDCVE-2024-50028 at SUSECVE-2024-50028 at NVDCVE-2024-50031 at SUSECVE-2024-50031 at NVDCVE-2024-50033 at SUSECVE-2024-50033 at NVDCVE-2024-50035 at SUSECVE-2024-50035 at NVDCVE-2024-50040 at SUSECVE-2024-50040 at NVDCVE-2024-50041 at SUSECVE-2024-50041 at NVDCVE-2024-50042 at SUSECVE-2024-50042 at NVDCVE-2024-50044 at SUSECVE-2024-50044 at NVDCVE-2024-50045 at SUSECVE-2024-50045 at NVDCVE-2024-50046 at SUSECVE-2024-50046 at NVDCVE-2024-50047 at SUSECVE-2024-50047 at NVDCVE-2024-50048 at SUSECVE-2024-50048 at NVDCVE-2024-50049 at SUSECVE-2024-50049 at NVDCVE-2024-50055 at SUSECVE-2024-50055 at NVDCVE-2024-50058 at SUSECVE-2024-50058 at NVDCVE-2024-50059 at SUSECVE-2024-50059 at NVDCVE-2024-50060 at SUSECVE-2024-50060 at NVDCVE-2024-50061 at SUSECVE-2024-50061 at NVDCVE-2024-50062 at SUSECVE-2024-50062 at NVDCVE-2024-50063 at SUSECVE-2024-50063 at NVDCVE-2024-50064 at SUSECVE-2024-50064 at NVDCVE-2024-50067 at SUSECVE-2024-50067 at NVDCVE-2024-50069 at SUSECVE-2024-50069 at NVDCVE-2024-50073 at SUSECVE-2024-50073 at NVDCVE-2024-50074 at SUSECVE-2024-50074 at NVDCVE-2024-50075 at SUSECVE-2024-50075 at NVDCVE-2024-50076 at SUSECVE-2024-50076 at NVDCVE-2024-50077 at SUSECVE-2024-50077 at NVDCVE-2024-50078 at SUSECVE-2024-50078 at NVDCVE-2024-50080 at SUSECVE-2024-50080 at NVDCVE-2024-50081 at SUSECVE-2024-50081 at NVDCVE-2024-50082 at SUSECVE-2024-50082 at NVDCVE-2024-50084 at SUSECVE-2024-50084 at NVDCVE-2024-50087 at SUSECVE-2024-50087 at NVDCVE-2024-50088 at SUSECVE-2024-50088 at NVDCVE-2024-50089 at SUSECVE-2024-50089 at NVDCVE-2024-50093 at SUSECVE-2024-50093 at NVDCVE-2024-50095 at SUSECVE-2024-50095 at NVDCVE-2024-50096 at SUSECVE-2024-50096 at NVDCVE-2024-50098 at SUSECVE-2024-50098 at NVDCVE-2024-50099 at SUSECVE-2024-50099 at NVDCVE-2024-50100 at SUSECVE-2024-50100 at NVDCVE-2024-50101 at SUSECVE-2024-50101 at NVDCVE-2024-50102 at SUSECVE-2024-50102 at NVDCVE-2024-50103 at SUSECVE-2024-50103 at NVDCVE-2024-50108 at SUSECVE-2024-50108 at NVDCVE-2024-50110 at SUSECVE-2024-50110 at NVDCVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-50116 at SUSECVE-2024-50116 at NVDCVE-2024-50117 at SUSECVE-2024-50117 at NVDCVE-2024-50121 at SUSECVE-2024-50121 at NVDCVE-2024-50124 at SUSECVE-2024-50124 at NVDCVE-2024-50125 at SUSECVE-2024-50125 at NVDCVE-2024-50127 at SUSECVE-2024-50127 at NVDCVE-2024-50128 at SUSECVE-2024-50128 at NVDCVE-2024-50130 at SUSECVE-2024-50130 at NVDCVE-2024-50131 at SUSECVE-2024-50131 at NVDCVE-2024-50134 at SUSECVE-2024-50134 at NVDCVE-2024-50135 at SUSECVE-2024-50135 at NVDCVE-2024-50136 at SUSECVE-2024-50136 at NVDCVE-2024-50138 at SUSECVE-2024-50138 at NVDCVE-2024-50139 at SUSECVE-2024-50139 at NVDCVE-2024-50141 at SUSECVE-2024-50141 at NVDCVE-2024-50145 at SUSECVE-2024-50145 at NVDCVE-2024-50146 at SUSECVE-2024-50146 at NVDCVE-2024-50147 at SUSECVE-2024-50147 at NVDCVE-2024-50148 at SUSECVE-2024-50148 at NVDCVE-2024-50150 at SUSECVE-2024-50150 at NVDCVE-2024-50153 at SUSECVE-2024-50153 at NVDCVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-50155 at SUSECVE-2024-50155 at NVDCVE-2024-50156 at SUSECVE-2024-50156 at NVDCVE-2024-50157 at SUSECVE-2024-50157 at NVDCVE-2024-50158 at SUSECVE-2024-50158 at NVDCVE-2024-50159 at SUSECVE-2024-50159 at NVDCVE-2024-50160 at SUSECVE-2024-50160 at NVDCVE-2024-50166 at SUSECVE-2024-50166 at NVDCVE-2024-50167 at SUSECVE-2024-50167 at NVDCVE-2024-50169 at SUSECVE-2024-50169 at NVDCVE-2024-50171 at SUSECVE-2024-50171 at NVDCVE-2024-50172 at SUSECVE-2024-50172 at NVDCVE-2024-50175 at SUSECVE-2024-50175 at NVDCVE-2024-50176 at SUSECVE-2024-50176 at NVDCVE-2024-50177 at SUSECVE-2024-50177 at NVDCVE-2024-50179 at SUSECVE-2024-50179 at NVDCVE-2024-50180 at SUSECVE-2024-50180 at NVDCVE-2024-50181 at SUSECVE-2024-50181 at NVDCVE-2024-50182 at SUSECVE-2024-50182 at NVDCVE-2024-50183 at SUSECVE-2024-50183 at NVDCVE-2024-50184 at SUSECVE-2024-50184 at NVDCVE-2024-50186 at SUSECVE-2024-50186 at NVDCVE-2024-50187 at SUSECVE-2024-50187 at NVDCVE-2024-50188 at SUSECVE-2024-50188 at NVDCVE-2024-50189 at SUSECVE-2024-50189 at NVDCVE-2024-50192 at SUSECVE-2024-50192 at NVDCVE-2024-50194 at SUSECVE-2024-50194 at NVDCVE-2024-50195 at SUSECVE-2024-50195 at NVDCVE-2024-50196 at SUSECVE-2024-50196 at NVDCVE-2024-50198 at SUSECVE-2024-50198 at NVDCVE-2024-50200 at SUSECVE-2024-50200 at NVDCVE-2024-50201 at SUSECVE-2024-50201 at NVDCVE-2024-50205 at SUSECVE-2024-50205 at NVDCVE-2024-50208 at SUSECVE-2024-50208 at NVDCVE-2024-50209 at SUSECVE-2024-50209 at NVDCVE-2024-50210 at SUSECVE-2024-50210 at NVDCVE-2024-50215 at SUSECVE-2024-50215 at NVDCVE-2024-50216 at SUSECVE-2024-50216 at NVDCVE-2024-50218 at SUSECVE-2024-50218 at NVDCVE-2024-50221 at SUSECVE-2024-50221 at NVDCVE-2024-50224 at SUSECVE-2024-50224 at NVDCVE-2024-50225 at SUSECVE-2024-50225 at NVDCVE-2024-50228 at SUSECVE-2024-50228 at NVDCVE-2024-50229 at SUSECVE-2024-50229 at NVDCVE-2024-50230 at SUSECVE-2024-50230 at NVDCVE-2024-50231 at SUSECVE-2024-50231 at NVDCVE-2024-50232 at SUSECVE-2024-50232 at NVDCVE-2024-50233 at SUSECVE-2024-50233 at NVDCVE-2024-50234 at SUSECVE-2024-50234 at NVDCVE-2024-50235 at SUSECVE-2024-50235 at NVDCVE-2024-50236 at SUSECVE-2024-50236 at NVDCVE-2024-50237 at SUSECVE-2024-50237 at NVDCVE-2024-50240 at SUSECVE-2024-50240 at NVDCVE-2024-50245 at SUSECVE-2024-50245 at NVDCVE-2024-50246 at SUSECVE-2024-50246 at NVDCVE-2024-50248 at SUSECVE-2024-50248 at NVDCVE-2024-50249 at SUSECVE-2024-50249 at NVDCVE-2024-50250 at SUSECVE-2024-50250 at NVDCVE-2024-50252 at SUSECVE-2024-50252 at NVDCVE-2024-50255 at SUSECVE-2024-50255 at NVDCVE-2024-50257 at SUSECVE-2024-50257 at NVDCVE-2024-50261 at SUSECVE-2024-50261 at NVDCVE-2024-50264 at SUSECVE-2024-50264 at NVDCVE-2024-50265 at SUSECVE-2024-50265 at NVDCVE-2024-50267 at SUSECVE-2024-50267 at NVDCVE-2024-50268 at SUSECVE-2024-50268 at NVDCVE-2024-50269 at SUSECVE-2024-50269 at NVDCVE-2024-50271 at SUSECVE-2024-50271 at NVDCVE-2024-50273 at SUSECVE-2024-50273 at NVDCVE-2024-50274 at SUSECVE-2024-50274 at NVDCVE-2024-50275 at SUSECVE-2024-50275 at NVDCVE-2024-50276 at SUSECVE-2024-50276 at NVDCVE-2024-50279 at SUSECVE-2024-50279 at NVDCVE-2024-50282 at SUSECVE-2024-50282 at NVDCVE-2024-50287 at SUSECVE-2024-50287 at NVDCVE-2024-50289 at SUSECVE-2024-50289 at NVDCVE-2024-50290 at SUSECVE-2024-50290 at NVDCVE-2024-50292 at SUSECVE-2024-50292 at NVDCVE-2024-50295 at SUSECVE-2024-50295 at NVDCVE-2024-50296 at SUSECVE-2024-50296 at NVDCVE-2024-50298 at SUSECVE-2024-50298 at NVDCVE-2024-50301 at SUSECVE-2024-50301 at NVDCVE-2024-50302 at SUSECVE-2024-50302 at NVDCVE-2024-53042 at SUSECVE-2024-53042 at NVDCVE-2024-53043 at SUSECVE-2024-53043 at NVDCVE-2024-53045 at SUSECVE-2024-53045 at NVDCVE-2024-53048 at SUSECVE-2024-53048 at NVDCVE-2024-53051 at SUSECVE-2024-53051 at NVDCVE-2024-53052 at SUSECVE-2024-53052 at NVDCVE-2024-53055 at SUSECVE-2024-53055 at NVDCVE-2024-53056 at SUSECVE-2024-53056 at NVDCVE-2024-53058 at SUSECVE-2024-53058 at NVDCVE-2024-53059 at SUSECVE-2024-53059 at NVDCVE-2024-53060 at SUSECVE-2024-53060 at NVDCVE-2024-53061 at SUSECVE-2024-53061 at NVDCVE-2024-53063 at SUSECVE-2024-53063 at NVDCVE-2024-53066 at SUSECVE-2024-53066 at NVDCVE-2024-53068 at SUSECVE-2024-53068 at NVDCVE-2024-53072 at SUSECVE-2024-53072 at NVDCVE-2024-53074 at SUSECVE-2024-53074 at NVDCVE-2024-53076 at SUSECVE-2024-53076 at NVDCVE-2024-53079 at SUSECVE-2024-53079 at NVDCVE-2024-53081 at SUSECVE-2024-53081 at NVDCVE-2024-53082 at SUSECVE-2024-53082 at NVDCVE-2024-53085 at SUSECVE-2024-53085 at NVDCVE-2024-53088 at SUSECVE-2024-53088 at NVDCVE-2024-53093 at SUSECVE-2024-53093 at NVDCVE-2024-53094 at SUSECVE-2024-53094 at NVDCVE-2024-53095 at SUSECVE-2024-53095 at NVDCVE-2024-53096 at SUSECVE-2024-53096 at NVDCVE-2024-53100 at SUSECVE-2024-53100 at NVDCVE-2024-53101 at SUSECVE-2024-53101 at NVDCVE-2024-53104 at SUSECVE-2024-53104 at NVDCVE-2024-53106 at SUSECVE-2024-53106 at NVDCVE-2024-53108 at SUSECVE-2024-53108 at NVDCVE-2024-53110 at SUSECVE-2024-53110 at NVDCVE-2024-53112 at SUSECVE-2024-53112 at NVDCVE-2024-53114 at SUSECVE-2024-53114 at NVDCVE-2024-53121 at SUSECVE-2024-53121 at NVDCVE-2024-53138 at SUSECVE-2024-53138 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rpm/config.sh: Update Leap project
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
ImportantSUSE bug 1012628SUSE bug 1213545SUSE bug 1215199SUSE bug 1221858SUSE bug 1222323SUSE bug 1230557SUSE bug 1230708SUSE bug 1233120SUSE bug 1240708SUSE bug 1240890SUSE bug 1242034SUSE bug 1242754SUSE bug 1244734SUSE bug 1244930SUSE bug 1245663SUSE bug 1245710SUSE bug 1245767SUSE bug 1245780SUSE bug 1245815SUSE bug 1245956SUSE bug 1245973SUSE bug 1245977SUSE bug 1246005SUSE bug 1246012SUSE bug 1246181SUSE bug 1246193SUSE bug 1247057SUSE bug 1247078SUSE bug 1247112SUSE bug 1247116SUSE bug 1247119SUSE bug 1247155SUSE bug 1247162SUSE bug 1247167SUSE bug 1247229SUSE bug 1247243SUSE bug 1247280SUSE bug 1247313SUSE bug 1247712SUSE bug 1247976SUSE bug 1248088SUSE bug 1248108SUSE bug 1248164SUSE bug 1248166SUSE bug 1248178SUSE bug 1248179SUSE bug 1248180SUSE bug 1248183SUSE bug 1248186SUSE bug 1248194SUSE bug 1248196SUSE bug 1248198SUSE bug 1248205SUSE bug 1248206SUSE bug 1248208SUSE bug 1248209SUSE bug 1248212SUSE bug 1248213SUSE bug 1248214SUSE bug 1248216SUSE bug 1248217SUSE bug 1248223SUSE bug 1248227SUSE bug 1248228SUSE bug 1248229SUSE bug 1248240SUSE bug 1248255SUSE bug 1248297SUSE bug 1248306SUSE bug 1248312SUSE bug 1248333SUSE bug 1248337SUSE bug 1248338SUSE bug 1248340SUSE bug 1248341SUSE bug 1248345SUSE bug 1248349SUSE bug 1248350SUSE bug 1248354SUSE bug 1248355SUSE bug 1248361SUSE bug 1248363SUSE bug 1248368SUSE bug 1248374SUSE bug 1248377SUSE bug 1248386SUSE bug 1248390SUSE bug 1248395SUSE bug 1248399SUSE bug 1248401SUSE bug 1248511SUSE bug 1248573SUSE bug 1248575SUSE bug 1248577SUSE bug 1248609SUSE bug 1248614SUSE bug 1248617SUSE bug 1248621SUSE bug 1248636SUSE bug 1248643SUSE bug 1248648SUSE bug 1248652SUSE bug 1248655SUSE bug 1248666SUSE bug 1248669SUSE bug 1248746SUSE bug 1248748SUSE bug 1249022CVE-2023-3867 at SUSECVE-2023-3867 at NVDCVE-2023-4130 at SUSECVE-2023-4130 at NVDCVE-2023-4515 at SUSECVE-2023-4515 at NVDCVE-2024-26661 at SUSECVE-2024-26661 at NVDCVE-2024-46733 at SUSECVE-2024-46733 at NVDCVE-2024-58238 at SUSECVE-2024-58238 at NVDCVE-2024-58239 at SUSECVE-2024-58239 at NVDCVE-2025-38006 at SUSECVE-2025-38006 at NVDCVE-2025-38075 at SUSECVE-2025-38075 at NVDCVE-2025-38103 at SUSECVE-2025-38103 at NVDCVE-2025-38125 at SUSECVE-2025-38125 at NVDCVE-2025-38146 at SUSECVE-2025-38146 at NVDCVE-2025-38160 at SUSECVE-2025-38160 at NVDCVE-2025-38184 at SUSECVE-2025-38184 at NVDCVE-2025-38185 at SUSECVE-2025-38185 at NVDCVE-2025-38190 at SUSECVE-2025-38190 at NVDCVE-2025-38201 at SUSECVE-2025-38201 at NVDCVE-2025-38205 at SUSECVE-2025-38205 at NVDCVE-2025-38208 at SUSECVE-2025-38208 at NVDCVE-2025-38245 at SUSECVE-2025-38245 at NVDCVE-2025-38251 at SUSECVE-2025-38251 at NVDCVE-2025-38360 at SUSECVE-2025-38360 at NVDCVE-2025-38439 at SUSECVE-2025-38439 at NVDCVE-2025-38441 at SUSECVE-2025-38441 at NVDCVE-2025-38444 at SUSECVE-2025-38444 at NVDCVE-2025-38445 at SUSECVE-2025-38445 at NVDCVE-2025-38458 at SUSECVE-2025-38458 at NVDCVE-2025-38459 at SUSECVE-2025-38459 at NVDCVE-2025-38464 at SUSECVE-2025-38464 at NVDCVE-2025-38472 at SUSECVE-2025-38472 at NVDCVE-2025-38490 at SUSECVE-2025-38490 at NVDCVE-2025-38491 at SUSECVE-2025-38491 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38503 at SUSECVE-2025-38503 at NVDCVE-2025-38506 at SUSECVE-2025-38506 at NVDCVE-2025-38510 at SUSECVE-2025-38510 at NVDCVE-2025-38512 at SUSECVE-2025-38512 at NVDCVE-2025-38513 at SUSECVE-2025-38513 at NVDCVE-2025-38515 at SUSECVE-2025-38515 at NVDCVE-2025-38516 at SUSECVE-2025-38516 at NVDCVE-2025-38520 at SUSECVE-2025-38520 at NVDCVE-2025-38524 at SUSECVE-2025-38524 at NVDCVE-2025-38528 at SUSECVE-2025-38528 at NVDCVE-2025-38529 at SUSECVE-2025-38529 at NVDCVE-2025-38530 at SUSECVE-2025-38530 at NVDCVE-2025-38531 at SUSECVE-2025-38531 at NVDCVE-2025-38535 at SUSECVE-2025-38535 at NVDCVE-2025-38537 at SUSECVE-2025-38537 at NVDCVE-2025-38538 at SUSECVE-2025-38538 at NVDCVE-2025-38540 at SUSECVE-2025-38540 at NVDCVE-2025-38541 at SUSECVE-2025-38541 at NVDCVE-2025-38543 at SUSECVE-2025-38543 at NVDCVE-2025-38546 at SUSECVE-2025-38546 at NVDCVE-2025-38548 at SUSECVE-2025-38548 at NVDCVE-2025-38550 at SUSECVE-2025-38550 at NVDCVE-2025-38553 at SUSECVE-2025-38553 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDCVE-2025-38560 at SUSECVE-2025-38560 at NVDCVE-2025-38563 at SUSECVE-2025-38563 at NVDCVE-2025-38565 at SUSECVE-2025-38565 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38568 at SUSECVE-2025-38568 at NVDCVE-2025-38571 at SUSECVE-2025-38571 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38576 at SUSECVE-2025-38576 at NVDCVE-2025-38581 at SUSECVE-2025-38581 at NVDCVE-2025-38582 at SUSECVE-2025-38582 at NVDCVE-2025-38583 at SUSECVE-2025-38583 at NVDCVE-2025-38585 at SUSECVE-2025-38585 at NVDCVE-2025-38587 at SUSECVE-2025-38587 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38591 at SUSECVE-2025-38591 at NVDCVE-2025-38601 at SUSECVE-2025-38601 at NVDCVE-2025-38602 at SUSECVE-2025-38602 at NVDCVE-2025-38604 at SUSECVE-2025-38604 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-38609 at SUSECVE-2025-38609 at NVDCVE-2025-38610 at SUSECVE-2025-38610 at NVDCVE-2025-38612 at SUSECVE-2025-38612 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38621 at SUSECVE-2025-38621 at NVDCVE-2025-38624 at SUSECVE-2025-38624 at NVDCVE-2025-38630 at SUSECVE-2025-38630 at NVDCVE-2025-38632 at SUSECVE-2025-38632 at NVDCVE-2025-38634 at SUSECVE-2025-38634 at NVDCVE-2025-38635 at SUSECVE-2025-38635 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38646 at SUSECVE-2025-38646 at NVDCVE-2025-38650 at SUSECVE-2025-38650 at NVDCVE-2025-38656 at SUSECVE-2025-38656 at NVDCVE-2025-38663 at SUSECVE-2025-38663 at NVDCVE-2025-38665 at SUSECVE-2025-38665 at NVDCVE-2025-38670 at SUSECVE-2025-38670 at NVDCVE-2025-38671 at SUSECVE-2025-38671 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_6 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1246030SUSE bug 1248108CVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_7 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1246030SUSE bug 1248108CVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_8 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1246030SUSE bug 1248108CVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1246030SUSE bug 1248108CVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1246030SUSE bug 1248108CVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232271)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231676)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231943)
ModerateSUSE bug 1231676SUSE bug 1231943SUSE bug 1232271SUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2024-47674 at SUSECVE-2024-47674 at NVDCVE-2024-47706 at SUSECVE-2024-47706 at NVDCVE-2024-49867 at SUSECVE-2024-49867 at NVDCVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1246030SUSE bug 1248108CVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1246030SUSE bug 1248108CVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232271)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231676)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231943)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1231676SUSE bug 1231943SUSE bug 1232271SUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2024-47674 at SUSECVE-2024-47674 at NVDCVE-2024-47706 at SUSECVE-2024-47706 at NVDCVE-2024-49867 at SUSECVE-2024-49867 at NVDCVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_5 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-38087: net/sched: fix use-after-free in taprio_dev_notifier (bsc#1245505)
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1242579)
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244235)
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236207)
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775)
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1245791)
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1245805)
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1236207SUSE bug 1242579SUSE bug 1244235SUSE bug 1245505SUSE bug 1245775SUSE bug 1245791SUSE bug 1245805SUSE bug 1246030SUSE bug 1248108CVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ModerateSUSE bug 1244337SUSE bug 1246030SUSE bug 1247350SUSE bug 1247351SUSE bug 1248108CVE-2025-38212 at SUSECVE-2025-38212 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_9 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030)
ModerateSUSE bug 1246030SUSE bug 1248108CVE-2025-38212 at SUSECVE-2025-38212 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231862)
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ModerateSUSE bug 1231862SUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2024-49860 at SUSECVE-2024-49860 at NVDCVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1247499SUSE bug 1248298CVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-56600: net: inet6: Fixed dangling sk pointer in inet6_create() (bsc#1235218).
- CVE-2024-57882: mptcp: Fixed TCP options overflow (bsc#1235916).
ImportantSUSE bug 1235218SUSE bug 1235916CVE-2024-56600 at SUSECVE-2024-56600 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231862)
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1231862SUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2024-49860 at SUSECVE-2024-49860 at NVDCVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ModerateSUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-21756: vsock: Keep the binding until socket destruction (bsc#1245795)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1245795SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356)
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1246356SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow (bsc#1245685)
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001)
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1245685SUSE bug 1246001SUSE bug 1247499SUSE bug 1248298CVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499)
- CVE-2025-38555: usb: gadget : fix use-after-free in composite_dev_cleanup() (bsc#1248298)
ImportantSUSE bug 1247499SUSE bug 1248298CVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rpm/config.sh: Update Leap project
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
ImportantSUSE bug 1012628SUSE bug 1213545SUSE bug 1215199SUSE bug 1221858SUSE bug 1222323SUSE bug 1230557SUSE bug 1230708SUSE bug 1233120SUSE bug 1240708SUSE bug 1240890SUSE bug 1242034SUSE bug 1242754SUSE bug 1244734SUSE bug 1244930SUSE bug 1245663SUSE bug 1245710SUSE bug 1245767SUSE bug 1245780SUSE bug 1245815SUSE bug 1245956SUSE bug 1245973SUSE bug 1245977SUSE bug 1246005SUSE bug 1246012SUSE bug 1246181SUSE bug 1246193SUSE bug 1247057SUSE bug 1247078SUSE bug 1247112SUSE bug 1247116SUSE bug 1247119SUSE bug 1247155SUSE bug 1247162SUSE bug 1247167SUSE bug 1247229SUSE bug 1247243SUSE bug 1247280SUSE bug 1247313SUSE bug 1247712SUSE bug 1247976SUSE bug 1248088SUSE bug 1248108SUSE bug 1248164SUSE bug 1248166SUSE bug 1248178SUSE bug 1248179SUSE bug 1248180SUSE bug 1248183SUSE bug 1248186SUSE bug 1248194SUSE bug 1248196SUSE bug 1248198SUSE bug 1248205SUSE bug 1248206SUSE bug 1248208SUSE bug 1248209SUSE bug 1248212SUSE bug 1248213SUSE bug 1248214SUSE bug 1248216SUSE bug 1248217SUSE bug 1248223SUSE bug 1248227SUSE bug 1248228SUSE bug 1248229SUSE bug 1248240SUSE bug 1248255SUSE bug 1248297SUSE bug 1248306SUSE bug 1248312SUSE bug 1248333SUSE bug 1248337SUSE bug 1248338SUSE bug 1248340SUSE bug 1248341SUSE bug 1248345SUSE bug 1248349SUSE bug 1248350SUSE bug 1248354SUSE bug 1248355SUSE bug 1248361SUSE bug 1248363SUSE bug 1248368SUSE bug 1248374SUSE bug 1248377SUSE bug 1248386SUSE bug 1248390SUSE bug 1248395SUSE bug 1248399SUSE bug 1248401SUSE bug 1248511SUSE bug 1248573SUSE bug 1248575SUSE bug 1248577SUSE bug 1248609SUSE bug 1248614SUSE bug 1248617SUSE bug 1248621SUSE bug 1248636SUSE bug 1248643SUSE bug 1248648SUSE bug 1248652SUSE bug 1248655SUSE bug 1248666SUSE bug 1248669SUSE bug 1248746SUSE bug 1248748SUSE bug 1249022CVE-2023-3867 at SUSECVE-2023-3867 at NVDCVE-2023-4130 at SUSECVE-2023-4130 at NVDCVE-2023-4515 at SUSECVE-2023-4515 at NVDCVE-2024-26661 at SUSECVE-2024-26661 at NVDCVE-2024-46733 at SUSECVE-2024-46733 at NVDCVE-2024-58238 at SUSECVE-2024-58238 at NVDCVE-2024-58239 at SUSECVE-2024-58239 at NVDCVE-2025-38006 at SUSECVE-2025-38006 at NVDCVE-2025-38075 at SUSECVE-2025-38075 at NVDCVE-2025-38103 at SUSECVE-2025-38103 at NVDCVE-2025-38125 at SUSECVE-2025-38125 at NVDCVE-2025-38146 at SUSECVE-2025-38146 at NVDCVE-2025-38160 at SUSECVE-2025-38160 at NVDCVE-2025-38184 at SUSECVE-2025-38184 at NVDCVE-2025-38185 at SUSECVE-2025-38185 at NVDCVE-2025-38190 at SUSECVE-2025-38190 at NVDCVE-2025-38201 at SUSECVE-2025-38201 at NVDCVE-2025-38205 at SUSECVE-2025-38205 at NVDCVE-2025-38208 at SUSECVE-2025-38208 at NVDCVE-2025-38245 at SUSECVE-2025-38245 at NVDCVE-2025-38251 at SUSECVE-2025-38251 at NVDCVE-2025-38360 at SUSECVE-2025-38360 at NVDCVE-2025-38439 at SUSECVE-2025-38439 at NVDCVE-2025-38441 at SUSECVE-2025-38441 at NVDCVE-2025-38444 at SUSECVE-2025-38444 at NVDCVE-2025-38445 at SUSECVE-2025-38445 at NVDCVE-2025-38458 at SUSECVE-2025-38458 at NVDCVE-2025-38459 at SUSECVE-2025-38459 at NVDCVE-2025-38464 at SUSECVE-2025-38464 at NVDCVE-2025-38472 at SUSECVE-2025-38472 at NVDCVE-2025-38490 at SUSECVE-2025-38490 at NVDCVE-2025-38491 at SUSECVE-2025-38491 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38503 at SUSECVE-2025-38503 at NVDCVE-2025-38506 at SUSECVE-2025-38506 at NVDCVE-2025-38510 at SUSECVE-2025-38510 at NVDCVE-2025-38512 at SUSECVE-2025-38512 at NVDCVE-2025-38513 at SUSECVE-2025-38513 at NVDCVE-2025-38515 at SUSECVE-2025-38515 at NVDCVE-2025-38516 at SUSECVE-2025-38516 at NVDCVE-2025-38520 at SUSECVE-2025-38520 at NVDCVE-2025-38524 at SUSECVE-2025-38524 at NVDCVE-2025-38528 at SUSECVE-2025-38528 at NVDCVE-2025-38529 at SUSECVE-2025-38529 at NVDCVE-2025-38530 at SUSECVE-2025-38530 at NVDCVE-2025-38531 at SUSECVE-2025-38531 at NVDCVE-2025-38535 at SUSECVE-2025-38535 at NVDCVE-2025-38537 at SUSECVE-2025-38537 at NVDCVE-2025-38538 at SUSECVE-2025-38538 at NVDCVE-2025-38540 at SUSECVE-2025-38540 at NVDCVE-2025-38541 at SUSECVE-2025-38541 at NVDCVE-2025-38543 at SUSECVE-2025-38543 at NVDCVE-2025-38546 at SUSECVE-2025-38546 at NVDCVE-2025-38548 at SUSECVE-2025-38548 at NVDCVE-2025-38550 at SUSECVE-2025-38550 at NVDCVE-2025-38553 at SUSECVE-2025-38553 at NVDCVE-2025-38555 at SUSECVE-2025-38555 at NVDCVE-2025-38560 at SUSECVE-2025-38560 at NVDCVE-2025-38563 at SUSECVE-2025-38563 at NVDCVE-2025-38565 at SUSECVE-2025-38565 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38568 at SUSECVE-2025-38568 at NVDCVE-2025-38571 at SUSECVE-2025-38571 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38576 at SUSECVE-2025-38576 at NVDCVE-2025-38581 at SUSECVE-2025-38581 at NVDCVE-2025-38582 at SUSECVE-2025-38582 at NVDCVE-2025-38583 at SUSECVE-2025-38583 at NVDCVE-2025-38585 at SUSECVE-2025-38585 at NVDCVE-2025-38587 at SUSECVE-2025-38587 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38591 at SUSECVE-2025-38591 at NVDCVE-2025-38601 at SUSECVE-2025-38601 at NVDCVE-2025-38602 at SUSECVE-2025-38602 at NVDCVE-2025-38604 at SUSECVE-2025-38604 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-38609 at SUSECVE-2025-38609 at NVDCVE-2025-38610 at SUSECVE-2025-38610 at NVDCVE-2025-38612 at SUSECVE-2025-38612 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38621 at SUSECVE-2025-38621 at NVDCVE-2025-38624 at SUSECVE-2025-38624 at NVDCVE-2025-38630 at SUSECVE-2025-38630 at NVDCVE-2025-38632 at SUSECVE-2025-38632 at NVDCVE-2025-38634 at SUSECVE-2025-38634 at NVDCVE-2025-38635 at SUSECVE-2025-38635 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38646 at SUSECVE-2025-38646 at NVDCVE-2025-38650 at SUSECVE-2025-38650 at NVDCVE-2025-38656 at SUSECVE-2025-38656 at NVDCVE-2025-38663 at SUSECVE-2025-38663 at NVDCVE-2025-38665 at SUSECVE-2025-38665 at NVDCVE-2025-38670 at SUSECVE-2025-38670 at NVDCVE-2025-38671 at SUSECVE-2025-38671 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_12 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_12 fixes the following issues:
- New livepatch SLE Micro 6.0/6.1 kernel rt update 12
Importantcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- CVE-2024-27415: netfilter: br_netfilter: skip conntrack input hook for promisc packets (bsc#1224757).
- CVE-2024-35910: kABI fix for tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).
- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).
- CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).
- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028).
- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).
- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).
- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).
- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).
- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).
- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).
- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).
- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).
- CVE-2024-56638: kABI fix for "netfilter: nft_inner: incorrect percpu area handling under softirq" (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).
- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113).
- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114).
- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).
- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).
- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).
- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).
- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).
- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).
- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).
- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).
- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).
- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).
- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).
- CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle (bsc#1236698).
- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).
- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).
- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).
- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).
- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).
- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).
- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).
- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).
- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).
- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).
- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).
- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).
- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).
- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).
- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).
- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).
- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).
- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).
- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).
- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed
if hclge_ptp_get_cycle returns an error (bsc#1240720).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).
- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).
- CVE-2025-21969: Bluetooth: L2CAP: Fix build errors in some archs (bsc#1240784).
- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).
- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).
- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).
- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).
- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).
- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
The following non-security bugs were fixed:
- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).
- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).
- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).
- ALSA: seq: Make dependency on UMP clearer (git-fixes).
- ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-fixes).
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).
- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).
- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).
- ASoC: ops: Consistently treat platform_max as control value (git-fixes).
- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).
- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).
- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- Fix memory-hotplug regression (bsc#1237504)
- Grab mm lock before grabbing pt lock (git-fixes).
- HID: Enable playstation driver independently of sony driver (git-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).
- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).
- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).
- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).
- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- Input: ads7846 - fix gpiod allocation (git-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- Input: iqs7222 - preserve system status register (git-fixes).
- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).
- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - rename QH controller to Legion Go S (stable-fixes).
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).
- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).
- KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes).
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes).
- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).
- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes).
- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).
- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).
- Move upstreamed ACPI patch into sorted section
- Move upstreamed PCI and initramfs patches into sorted section
- Move upstreamed nfsd and sunrpc patches into sorted section
- Move upstreamed powerpc and SCSI patches into sorted section
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- PCI/DOE: Support discovery version 2 (bsc#1237853)
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- PCI: Use downstream bridges for distributing resources (bsc#1237325).
- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).
- PCI: brcmstb: Use internal register to change link capability (git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).
- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- RDMA/efa: Reset device on probe failure (git-fixes)
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Reapply "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes).
- Revert "dm: requeue IO if mapping table not yet available" (git-fixes).
- Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (git-fixes).
- Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes).
- Revert "leds-pca955x: Remove the unused function pca95xx_num_led_regs()" (stable-fixes).
- Revert "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "wifi: ath11k: support hibernation" (bsc#1207948).
- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).
- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).
- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).
- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).
- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).
- Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094)
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).
- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- affs: do not write overlarge OFS data block size fields (git-fixes).
- affs: generate OFS sequence numbers starting at 1 (git-fixes).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)
- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)
- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)
- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)
- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)
- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- arm64: mm: Correct the update of max_pfn (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- bio-integrity: do not restrict the size of integrity metadata (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558).
- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).
- blk-mq: add number of queue calc helper (bsc#1236897).
- blk-mq: create correct map for fallback case (bsc#1236896).
- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).
- blk_iocost: remove some duplicate irq disable/enables (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add check of 'minors' and 'first_minor' in device_add_disk() (git-fixes).
- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).
- block: change rq_integrity_vec to respect the iterator (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- block: ensure we hold a queue reference when using queue limits (git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).
- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).
- block: retry call probe after request_module in blk_request_module (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- block: use the right type for stub rq_integrity_vec() (git-fixes).
- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).
- bpf: fix potential error return (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).
- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).
- cifs: Remove intermediate object of failed create reparse call (git-fixes).
- cifs: commands that are retried should have replay flag set (bsc#1231432).
- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).
- cifs: helper function to check replayable error codes (bsc#1231432).
- cifs: new mount option called retrans (bsc#1231432).
- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).
- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).
- cifs: update desired access while requesting for directory lease (git-fixes).
- cifs: update the same create_guid on replay (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- config: Set gcc version (jsc#PED-12251).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- counter: fix privdata alignment (git-fixes).
- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).
- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)
- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)
- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)
Keep the feature disabled by default on x86_64
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).
- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).
- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init()
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (jsc#PED-12416).
- crypto: qat - Fix typo "accelaration" (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix "Full Going True" macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- doc/README.SUSE: Point to the updated version of LKMPG
- doc: update managed_irq documentation (bsc#1236897).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/pm/smu11: Prevent division by zero (git-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- drm/amd/pm: Prevent division by zero (git-fixes).
- drm/amd: Keep display off while going into S4 (stable-fixes).
- drm/amdgpu/dma_buf: fix page_link check (git-fixes).
- drm/amdgpu/gfx11: fix num_mec (git-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to
avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).
- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake "gettin" -> "getting" (git-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).
- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).
- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).
- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).
- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
- drm/i915/selftests: avoid using uninitialized context (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).
- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).
- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).
- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/sti: remove duplicate object names (git-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes).
- eth: gve: use appropriate helper to set xdp_features (git-fixes).
- exfat: convert to ctime accessor functions (git-fixes).
- exfat: do not zero the extended part (bsc#1237356).
- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).
- exfat: fix file being changed by unaligned direct write (git-fixes).
- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).
- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).
- exfat: fix zero the unwritten part for dio read (git-fixes).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- futex: Do not include process MM in futex key on no-MMU (git-fixes).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).
- gpio: pca953x: Improve interrupt support (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).
- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
- gup: make the stack expansion warning a bit more targeted (bsc#1238214).
- hfs: Sanity check the root record (git-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).
- ice: gather page_count()'s of each frag right before XDP prog call (git-fixes).
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).
- ice: put Rx buffers after being done with current frame (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).
- igc: return early when failing to read EECD register (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kabi: fix bus type (bsc#1236896).
- kabi: fix group_cpus_evenly (bsc#1236897).
- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).
- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).
- kernel-binary: Support livepatch_rt with merged RT branch
- kernel-source: Also replace bin/env
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).
- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).
- lib: stackinit: hide never-taken branch from compiler (stable-fixes).
- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__default_new() to
perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698
jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).
- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).
- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).
- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes).
- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/raid0: do not free conf on raid0_run failure (git-fixes).
- md/raid1: do not free conf on raid0_run failure (git-fixes).
- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).
- md: Do not flush sync_work in md_write_start() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: ov08x40: Fix hblank out of range issue (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: "__ALIGN_KERNEL" redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).
- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).
- mptcp: export local_address (git-fixes)
- mptcp: fix NL PM announced address accounting (git-fixes)
- mptcp: fix data races on local_id (git-fixes)
- mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- mptcp: pm: do not try to create sf if alloc failed (git-fixes)
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- mptcp: pm: reduce indentation blocks (git-fixes)
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- mptcp: unify pm get_local_id interfaces (git-fixes)
- mptcp: unify pm set_flags interfaces (git-fixes)
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: Add status chack in r852_ready() (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions (git-fixes).
- nbd: do not allow reconnect after disconnect (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- net l2tp: drop flow hash on forward (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).
- net: Fix undefined behavior in netdev name allocation (bsc#1233749).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: check for altname conflicts when changing netdev's netns (bsc#1233749).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- net: do not send a MOVE event when netdev changes netns (bsc#1233749).
- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: fix removing a namespace with conflicting altnames (bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: move altnames together with the netdevice (bsc#1233749).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).
- net: remove else after return in dev_prep_valid_name() (bsc#1233749).
- net: rose: lock the socket in rose_bind() (git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).
- net: smc: fix spurious error message from __sock_release() (bsc#1237126).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).
- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).
- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).
- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).
- ntb: intel: Fix using link status DB's (git-fixes).
- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).
- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).
- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).
- ntb_perf: Fix printk format (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).
- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).
- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).
- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).
- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563).
- padata: fix sysfs store callback check (git-fixes).
- partitions: ldm: remove the initial kernel-doc notation (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- perf tools: annotate asm_pure_loop.S (bsc#1239906).
- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).
- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).
- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: ISST: Correct command storage data length (git-fixes).
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).
- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).
- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).
- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).
- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid
mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).
- powerpc: Stop using no_llseek (bsc#1239573).
- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).
- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).
- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).
- rbd: do not move requests to the running list on errors (git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).
- s390/cio: Fix CHPID "configure" attribute caching (git-fixes bsc#1240979).
- s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205).
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).
- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).
- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices (bsc#1236752).
- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/topology: Improve topology detection (bsc#1236591).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)
- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).
- scsi: core: Clear driver private data when retrying request (git-fixes).
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- scsi: core: Handle depopulation and restoration in progress (git-fixes).
- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).
- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).
- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).
- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).
- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).
- scsi: myrb: Remove dead code (git-fixes).
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes).
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- scsi: sg: Enable runtime power management (git-fixes).
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).
- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).
- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).
- scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).
- selftest: hugetlb_dio: fix test naming (git-fixes).
- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).
- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).
- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).
- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).
- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb3: fix creating FIFOs when mounting with "sfu" mount option (git-fixes).
- smb3: request handle caching when caching directories (bsc#1231432).
- smb3: retrying on failed server close (bsc#1231432).
- smb: cached directories can be more than root file handle (bsc#1231432).
- smb: cilent: set reparse mount points as automounts (git-fixes).
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).
- smb: client: Fix minor whitespace errors and warnings (git-fixes).
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).
- smb: client: add support for WSL reparse points (git-fixes).
- smb: client: allow creating special files via reparse points (git-fixes).
- smb: client: allow creating symlinks via reparse points (git-fixes).
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- smb: client: do not query reparse points twice on symlinks (git-fixes).
- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).
- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).
- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).
- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).
- smb: client: fix hardlinking of reparse points (git-fixes).
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616).
- smb: client: fix possible double free in smb2_set_ea() (git-fixes).
- smb: client: fix potential broken compound request (git-fixes).
- smb: client: fix renaming of reparse points (git-fixes).
- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).
- smb: client: handle path separator of created SMB symlinks (git-fixes).
- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).
- smb: client: ignore unhandled reparse tags (git-fixes).
- smb: client: implement ->query_reparse_point() for SMB1 (git-fixes).
- smb: client: instantiate when creating SFU files (git-fixes).
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- smb: client: introduce reparse mount option (git-fixes).
- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).
- smb: client: move most of reparse point handling code to common file (git-fixes).
- smb: client: move some params to cifs_open_info_data (bsc#1231432).
- smb: client: optimise reparse point querying (git-fixes).
- smb: client: parse owner/group when creating reparse points (git-fixes).
- smb: client: parse reparse point flag in create response (bsc#1231432).
- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).
- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).
- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).
- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).
- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- smb: client: retry compound request without reusing lease (git-fixes).
- smb: client: return reparse type in /proc/mounts (git-fixes).
- smb: client: reuse file lease key in compound operations (git-fixes).
- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).
- smb: client: set correct file type from NFS reparse points (git-fixes).
- smb: client: stop revalidating reparse points unnecessarily (git-fixes).
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes).
- tools: move alignment-related macros to new <linux/align.h> (git-fixes).
- topology: Set capacity_freq_ref in all cases (bsc#1238052)
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- tpm_tis: Move CRC check to generic send routine (bsc#1235870).
- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).
- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).
- tty: serial: 8250: Add some more device IDs (stable-fixes).
- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).
- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).
- tty: xilinx_uartps: split sysrq handling (git-fixes).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).
- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).
- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).
- usb: xhci: correct debug message page size calculation (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).
- usbnet: ipheth: document scope of NCM implementation (stable-fixes).
- usbnet:fix NPE during rx_complete (git-fixes).
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- vfio/pci: Lock external INTx masking ops (bsc#1222803).
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- virtio-mem: check if the config changed before fake offlining memory (git-fixes).
- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).
- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).
- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).
- vsock/virtio: cancel close work in the destructor (git-fixes)
- vsock: Keep the binding until socket destruction (git-fixes)
- vsock: reset socket state when de-assigning the transport (git-fixes)
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).
- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/asm: Make serialize() always_inline (git-fixes).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle "nosmt" correctly (git-fixes).
- x86/microcode: Handle "offline" CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).
- xen/swiotlb: relax alignment requirements (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).
- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- zram: fix potential UAF of zram table (git-fixes).
- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).
- zram: refuse to use zero sized block device as backing device (git-fixes).
- zram: split memory-tracking and ac-time tracking (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1207948SUSE bug 1215199SUSE bug 1215211SUSE bug 1218470SUSE bug 1219367SUSE bug 1221651SUSE bug 1222649SUSE bug 1222672SUSE bug 1222803SUSE bug 1223047SUSE bug 1224013SUSE bug 1224049SUSE bug 1224489SUSE bug 1224610SUSE bug 1224757SUSE bug 1225533SUSE bug 1225606SUSE bug 1225742SUSE bug 1225770SUSE bug 1225981SUSE bug 1226871SUSE bug 1227858SUSE bug 1227937SUSE bug 1228521SUSE bug 1228653SUSE bug 1228659SUSE bug 1229311SUSE bug 1229361SUSE bug 1230235SUSE bug 1230438SUSE bug 1230439SUSE bug 1230497SUSE bug 1230728SUSE bug 1230769SUSE bug 1230832SUSE bug 1231088SUSE bug 1231293SUSE bug 1231432SUSE bug 1231910SUSE bug 1231912SUSE bug 1231920SUSE bug 1231949SUSE bug 1232159SUSE bug 1232198SUSE bug 1232201SUSE bug 1232299SUSE bug 1232364SUSE bug 1232389SUSE bug 1232421SUSE bug 1232508SUSE bug 1232520SUSE bug 1232743SUSE bug 1232812SUSE bug 1232848SUSE bug 1232895SUSE bug 1232919SUSE bug 1233028SUSE bug 1233033SUSE bug 1233060SUSE bug 1233109SUSE bug 1233221SUSE bug 1233248SUSE bug 1233259SUSE bug 1233260SUSE bug 1233479SUSE bug 1233483SUSE bug 1233522SUSE bug 1233551SUSE bug 1233557SUSE bug 1233749SUSE bug 1234070SUSE bug 1234074SUSE bug 1234157SUSE bug 1234222SUSE bug 1234480SUSE bug 1234698SUSE bug 1234828SUSE bug 1234853SUSE bug 1234857SUSE bug 1234891SUSE bug 1234894SUSE bug 1234895SUSE bug 1234896SUSE bug 1234936SUSE bug 1234963SUSE bug 1235054SUSE bug 1235061SUSE bug 1235073SUSE bug 1235244SUSE bug 1235435SUSE bug 1235436SUSE bug 1235441SUSE bug 1235455SUSE bug 1235485SUSE bug 1235501SUSE bug 1235524SUSE bug 1235550SUSE bug 1235589SUSE bug 1235591SUSE bug 1235592SUSE bug 1235599SUSE bug 1235609SUSE bug 1235621SUSE bug 1235637SUSE bug 1235698SUSE bug 1235711SUSE bug 1235712SUSE bug 1235715SUSE bug 1235729SUSE bug 1235733SUSE bug 1235761SUSE bug 1235870SUSE bug 1235874SUSE bug 1235914SUSE bug 1235932SUSE bug 1235933SUSE bug 1235973SUSE bug 1236099SUSE bug 1236111SUSE bug 1236113SUSE bug 1236114SUSE bug 1236115SUSE bug 1236122SUSE bug 1236123SUSE bug 1236133SUSE bug 1236138SUSE bug 1236199SUSE bug 1236200SUSE bug 1236203SUSE bug 1236205SUSE bug 1236206SUSE bug 1236333SUSE bug 1236573SUSE bug 1236575SUSE bug 1236576SUSE bug 1236591SUSE bug 1236661SUSE bug 1236677SUSE bug 1236680SUSE bug 1236681SUSE bug 1236682SUSE bug 1236683SUSE bug 1236684SUSE bug 1236685SUSE bug 1236689SUSE bug 1236692SUSE bug 1236694SUSE bug 1236698SUSE bug 1236700SUSE bug 1236702SUSE bug 1236752SUSE bug 1236757SUSE bug 1236758SUSE bug 1236759SUSE bug 1236760SUSE bug 1236761SUSE bug 1236821SUSE bug 1236822SUSE bug 1236896SUSE bug 1236897SUSE bug 1236952SUSE bug 1236967SUSE bug 1236994SUSE bug 1237007SUSE bug 1237017SUSE bug 1237025SUSE bug 1237028SUSE bug 1237029SUSE bug 1237045SUSE bug 1237126SUSE bug 1237132SUSE bug 1237139SUSE bug 1237155SUSE bug 1237158SUSE bug 1237159SUSE bug 1237164SUSE bug 1237232SUSE bug 1237234SUSE bug 1237313SUSE bug 1237325SUSE bug 1237356SUSE bug 1237415SUSE bug 1237452SUSE bug 1237504SUSE bug 1237521SUSE bug 1237530SUSE bug 1237558SUSE bug 1237562SUSE bug 1237563SUSE bug 1237565SUSE bug 1237571SUSE bug 1237848SUSE bug 1237849SUSE bug 1237853SUSE bug 1237856SUSE bug 1237873SUSE bug 1237874SUSE bug 1237875SUSE bug 1237876SUSE bug 1237877SUSE bug 1237879SUSE bug 1237881SUSE bug 1237882SUSE bug 1237885SUSE bug 1237889SUSE bug 1237890SUSE bug 1237891SUSE bug 1237894SUSE bug 1237897SUSE bug 1237900SUSE bug 1237901SUSE bug 1237906SUSE bug 1237907SUSE bug 1237911SUSE bug 1237912SUSE bug 1237950SUSE bug 1238052SUSE bug 1238212SUSE bug 1238214SUSE bug 1238303SUSE bug 1238347SUSE bug 1238368SUSE bug 1238474SUSE bug 1238475SUSE bug 1238479SUSE bug 1238494SUSE bug 1238496SUSE bug 1238497SUSE bug 1238500SUSE bug 1238501SUSE bug 1238502SUSE bug 1238503SUSE bug 1238506SUSE bug 1238507SUSE bug 1238509SUSE bug 1238510SUSE bug 1238511SUSE bug 1238512SUSE bug 1238521SUSE bug 1238523SUSE bug 1238525SUSE bug 1238526SUSE bug 1238528SUSE bug 1238529SUSE bug 1238531SUSE bug 1238532SUSE bug 1238565SUSE bug 1238570SUSE bug 1238715SUSE bug 1238716SUSE bug 1238734SUSE bug 1238735SUSE bug 1238736SUSE bug 1238738SUSE bug 1238739SUSE bug 1238746SUSE bug 1238747SUSE bug 1238751SUSE bug 1238753SUSE bug 1238754SUSE bug 1238757SUSE bug 1238759SUSE bug 1238760SUSE bug 1238762SUSE bug 1238763SUSE bug 1238767SUSE bug 1238768SUSE bug 1238771SUSE bug 1238772SUSE bug 1238773SUSE bug 1238775SUSE bug 1238780SUSE bug 1238781SUSE bug 1238785SUSE bug 1238860SUSE bug 1238863SUSE bug 1238864SUSE bug 1238865SUSE bug 1238876SUSE bug 1238877SUSE bug 1238903SUSE bug 1238904SUSE bug 1238905SUSE bug 1238909SUSE bug 1238911SUSE bug 1238917SUSE bug 1238958SUSE bug 1238959SUSE bug 1238963SUSE bug 1238964SUSE bug 1238969SUSE bug 1238970SUSE bug 1238971SUSE bug 1238973SUSE bug 1238975SUSE bug 1238978SUSE bug 1238979SUSE bug 1238981SUSE bug 1238984SUSE bug 1238986SUSE bug 1238990SUSE bug 1238993SUSE bug 1238994SUSE bug 1238997SUSE bug 1239015SUSE bug 1239016SUSE bug 1239027SUSE bug 1239029SUSE bug 1239030SUSE bug 1239033SUSE bug 1239034SUSE bug 1239036SUSE bug 1239037SUSE bug 1239038SUSE bug 1239039SUSE bug 1239045SUSE bug 1239065SUSE bug 1239066SUSE bug 1239068SUSE bug 1239073SUSE bug 1239076SUSE bug 1239080SUSE bug 1239085SUSE bug 1239087SUSE bug 1239095SUSE bug 1239104SUSE bug 1239105SUSE bug 1239109SUSE bug 1239112SUSE bug 1239114SUSE bug 1239115SUSE bug 1239117SUSE bug 1239167SUSE bug 1239174SUSE bug 1239346SUSE bug 1239349SUSE bug 1239435SUSE bug 1239467SUSE bug 1239468SUSE bug 1239471SUSE bug 1239473SUSE bug 1239474SUSE bug 1239475SUSE bug 1239477SUSE bug 1239478SUSE bug 1239479SUSE bug 1239481SUSE bug 1239482SUSE bug 1239483SUSE bug 1239484SUSE bug 1239486SUSE bug 1239508SUSE bug 1239512SUSE bug 1239518SUSE bug 1239573SUSE bug 1239594SUSE bug 1239595SUSE bug 1239600SUSE bug 1239605SUSE bug 1239615SUSE bug 1239644SUSE bug 1239684SUSE bug 1239707SUSE bug 1239906SUSE bug 1239925SUSE bug 1239986SUSE bug 1239994SUSE bug 1240167SUSE bug 1240168SUSE bug 1240169SUSE bug 1240171SUSE bug 1240172SUSE bug 1240173SUSE bug 1240175SUSE bug 1240176SUSE bug 1240177SUSE bug 1240179SUSE bug 1240182SUSE bug 1240183SUSE bug 1240184SUSE bug 1240185SUSE bug 1240186SUSE bug 1240188SUSE bug 1240189SUSE bug 1240191SUSE bug 1240192SUSE bug 1240333SUSE bug 1240334SUSE bug 1240375SUSE bug 1240575SUSE bug 1240581SUSE bug 1240582SUSE bug 1240583SUSE bug 1240584SUSE bug 1240585SUSE bug 1240587SUSE bug 1240590SUSE bug 1240591SUSE bug 1240592SUSE bug 1240594SUSE bug 1240595SUSE bug 1240596SUSE bug 1240600SUSE bug 1240612SUSE bug 1240616SUSE bug 1240639SUSE bug 1240643SUSE bug 1240647SUSE bug 1240691SUSE bug 1240700SUSE bug 1240701SUSE bug 1240703SUSE bug 1240708SUSE bug 1240714SUSE bug 1240715SUSE bug 1240716SUSE bug 1240718SUSE bug 1240719SUSE bug 1240720SUSE bug 1240722SUSE bug 1240727SUSE bug 1240739SUSE bug 1240742SUSE bug 1240779SUSE bug 1240783SUSE bug 1240784SUSE bug 1240795SUSE bug 1240796SUSE bug 1240797SUSE bug 1240799SUSE bug 1240801SUSE bug 1240806SUSE bug 1240808SUSE bug 1240812SUSE bug 1240813SUSE bug 1240815SUSE bug 1240816SUSE bug 1240819SUSE bug 1240821SUSE bug 1240825SUSE bug 1240829SUSE bug 1240873SUSE bug 1240937SUSE bug 1240938SUSE bug 1240940SUSE bug 1240942SUSE bug 1240943SUSE bug 1240978SUSE bug 1240979SUSE bug 1241038CVE-2023-52831 at SUSECVE-2023-52831 at NVDCVE-2023-52924 at SUSECVE-2023-52924 at NVDCVE-2023-52925 at SUSECVE-2023-52925 at NVDCVE-2023-52926 at SUSECVE-2023-52926 at NVDCVE-2023-52927 at SUSECVE-2023-52927 at NVDCVE-2024-26634 at SUSECVE-2024-26634 at NVDCVE-2024-26708 at SUSECVE-2024-26708 at NVDCVE-2024-26810 at SUSECVE-2024-26810 at NVDCVE-2024-26873 at SUSECVE-2024-26873 at NVDCVE-2024-27415 at SUSECVE-2024-27415 at NVDCVE-2024-35826 at SUSECVE-2024-35826 at NVDCVE-2024-35910 at SUSECVE-2024-35910 at NVDCVE-2024-38606 at SUSECVE-2024-38606 at NVDCVE-2024-40980 at SUSECVE-2024-40980 at NVDCVE-2024-41005 at SUSECVE-2024-41005 at NVDCVE-2024-41055 at SUSECVE-2024-41055 at NVDCVE-2024-41077 at SUSECVE-2024-41077 at NVDCVE-2024-41149 at SUSECVE-2024-41149 at NVDCVE-2024-42307 at SUSECVE-2024-42307 at NVDCVE-2024-43820 at SUSECVE-2024-43820 at NVDCVE-2024-44974 at SUSECVE-2024-44974 at NVDCVE-2024-45009 at SUSECVE-2024-45009 at NVDCVE-2024-45010 at SUSECVE-2024-45010 at NVDCVE-2024-46736 at SUSECVE-2024-46736 at NVDCVE-2024-46782 at SUSECVE-2024-46782 at NVDCVE-2024-46796 at SUSECVE-2024-46796 at NVDCVE-2024-46858 at SUSECVE-2024-46858 at NVDCVE-2024-47408 at SUSECVE-2024-47408 at NVDCVE-2024-47701 at SUSECVE-2024-47701 at NVDCVE-2024-47794 at SUSECVE-2024-47794 at NVDCVE-2024-49571 at SUSECVE-2024-49571 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49924 at SUSECVE-2024-49924 at NVDCVE-2024-49940 at SUSECVE-2024-49940 at NVDCVE-2024-49950 at SUSECVE-2024-49950 at NVDCVE-2024-49994 at SUSECVE-2024-49994 at NVDCVE-2024-50029 at SUSECVE-2024-50029 at NVDCVE-2024-50036 at SUSECVE-2024-50036 at NVDCVE-2024-50038 at SUSECVE-2024-50038 at NVDCVE-2024-50056 at SUSECVE-2024-50056 at NVDCVE-2024-50073 at SUSECVE-2024-50073 at NVDCVE-2024-50085 at SUSECVE-2024-50085 at NVDCVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-50126 at SUSECVE-2024-50126 at NVDCVE-2024-50140 at SUSECVE-2024-50140 at NVDCVE-2024-50142 at SUSECVE-2024-50142 at NVDCVE-2024-50152 at SUSECVE-2024-50152 at NVDCVE-2024-50185 at SUSECVE-2024-50185 at NVDCVE-2024-50251 at SUSECVE-2024-50251 at NVDCVE-2024-50258 at SUSECVE-2024-50258 at NVDCVE-2024-50290 at SUSECVE-2024-50290 at NVDCVE-2024-50294 at SUSECVE-2024-50294 at NVDCVE-2024-50304 at SUSECVE-2024-50304 at NVDCVE-2024-52559 at SUSECVE-2024-52559 at NVDCVE-2024-53057 at SUSECVE-2024-53057 at NVDCVE-2024-53063 at SUSECVE-2024-53063 at NVDCVE-2024-53123 at SUSECVE-2024-53123 at NVDCVE-2024-53124 at SUSECVE-2024-53124 at NVDCVE-2024-53139 at SUSECVE-2024-53139 at NVDCVE-2024-53140 at SUSECVE-2024-53140 at NVDCVE-2024-53147 at SUSECVE-2024-53147 at NVDCVE-2024-53163 at SUSECVE-2024-53163 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53176 at SUSECVE-2024-53176 at NVDCVE-2024-53177 at SUSECVE-2024-53177 at NVDCVE-2024-53178 at SUSECVE-2024-53178 at NVDCVE-2024-53226 at SUSECVE-2024-53226 at NVDCVE-2024-53239 at SUSECVE-2024-53239 at NVDCVE-2024-53680 at SUSECVE-2024-53680 at NVDCVE-2024-54683 at SUSECVE-2024-54683 at NVDCVE-2024-56539 at SUSECVE-2024-56539 at NVDCVE-2024-56548 at SUSECVE-2024-56548 at NVDCVE-2024-56579 at SUSECVE-2024-56579 at NVDCVE-2024-56592 at SUSECVE-2024-56592 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDCVE-2024-56633 at SUSECVE-2024-56633 at NVDCVE-2024-56638 at SUSECVE-2024-56638 at NVDCVE-2024-56640 at SUSECVE-2024-56640 at NVDCVE-2024-56647 at SUSECVE-2024-56647 at NVDCVE-2024-56658 at SUSECVE-2024-56658 at NVDCVE-2024-56702 at SUSECVE-2024-56702 at NVDCVE-2024-56703 at SUSECVE-2024-56703 at NVDCVE-2024-56718 at SUSECVE-2024-56718 at NVDCVE-2024-56719 at SUSECVE-2024-56719 at NVDCVE-2024-56720 at SUSECVE-2024-56720 at NVDCVE-2024-56751 at SUSECVE-2024-56751 at NVDCVE-2024-56758 at SUSECVE-2024-56758 at NVDCVE-2024-56770 at SUSECVE-2024-56770 at NVDCVE-2024-57807 at SUSECVE-2024-57807 at NVDCVE-2024-57834 at SUSECVE-2024-57834 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDCVE-2024-57889 at SUSECVE-2024-57889 at NVDCVE-2024-57900 at SUSECVE-2024-57900 at NVDCVE-2024-57947 at SUSECVE-2024-57947 at NVDCVE-2024-57948 at SUSECVE-2024-57948 at NVDCVE-2024-57973 at SUSECVE-2024-57973 at NVDCVE-2024-57974 at SUSECVE-2024-57974 at NVDCVE-2024-57978 at SUSECVE-2024-57978 at NVDCVE-2024-57979 at SUSECVE-2024-57979 at NVDCVE-2024-57980 at SUSECVE-2024-57980 at NVDCVE-2024-57981 at SUSECVE-2024-57981 at NVDCVE-2024-57986 at SUSECVE-2024-57986 at NVDCVE-2024-57990 at SUSECVE-2024-57990 at NVDCVE-2024-57993 at SUSECVE-2024-57993 at NVDCVE-2024-57994 at SUSECVE-2024-57994 at NVDCVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-57997 at SUSECVE-2024-57997 at NVDCVE-2024-57999 at SUSECVE-2024-57999 at NVDCVE-2024-58002 at SUSECVE-2024-58002 at NVDCVE-2024-58005 at SUSECVE-2024-58005 at NVDCVE-2024-58006 at SUSECVE-2024-58006 at NVDCVE-2024-58007 at SUSECVE-2024-58007 at NVDCVE-2024-58009 at SUSECVE-2024-58009 at NVDCVE-2024-58011 at SUSECVE-2024-58011 at NVDCVE-2024-58012 at SUSECVE-2024-58012 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2024-58014 at SUSECVE-2024-58014 at NVDCVE-2024-58017 at SUSECVE-2024-58017 at NVDCVE-2024-58018 at SUSECVE-2024-58018 at NVDCVE-2024-58019 at SUSECVE-2024-58019 at NVDCVE-2024-58020 at SUSECVE-2024-58020 at NVDCVE-2024-58034 at SUSECVE-2024-58034 at NVDCVE-2024-58051 at SUSECVE-2024-58051 at NVDCVE-2024-58052 at SUSECVE-2024-58052 at NVDCVE-2024-58054 at SUSECVE-2024-58054 at NVDCVE-2024-58055 at SUSECVE-2024-58055 at NVDCVE-2024-58056 at SUSECVE-2024-58056 at NVDCVE-2024-58057 at SUSECVE-2024-58057 at NVDCVE-2024-58058 at SUSECVE-2024-58058 at NVDCVE-2024-58061 at SUSECVE-2024-58061 at NVDCVE-2024-58063 at SUSECVE-2024-58063 at NVDCVE-2024-58069 at SUSECVE-2024-58069 at NVDCVE-2024-58071 at SUSECVE-2024-58071 at NVDCVE-2024-58072 at SUSECVE-2024-58072 at NVDCVE-2024-58076 at SUSECVE-2024-58076 at NVDCVE-2024-58078 at SUSECVE-2024-58078 at NVDCVE-2024-58079 at SUSECVE-2024-58079 at NVDCVE-2024-58080 at SUSECVE-2024-58080 at NVDCVE-2024-58083 at SUSECVE-2024-58083 at NVDCVE-2024-58085 at SUSECVE-2024-58085 at NVDCVE-2024-58086 at SUSECVE-2024-58086 at NVDCVE-2025-21631 at SUSECVE-2025-21631 at NVDCVE-2025-21635 at SUSECVE-2025-21635 at NVDCVE-2025-21636 at SUSECVE-2025-21636 at NVDCVE-2025-21637 at SUSECVE-2025-21637 at NVDCVE-2025-21638 at SUSECVE-2025-21638 at NVDCVE-2025-21639 at SUSECVE-2025-21639 at NVDCVE-2025-21640 at SUSECVE-2025-21640 at NVDCVE-2025-21647 at SUSECVE-2025-21647 at NVDCVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21665 at SUSECVE-2025-21665 at NVDCVE-2025-21666 at SUSECVE-2025-21666 at NVDCVE-2025-21667 at SUSECVE-2025-21667 at NVDCVE-2025-21668 at SUSECVE-2025-21668 at NVDCVE-2025-21669 at SUSECVE-2025-21669 at NVDCVE-2025-21670 at SUSECVE-2025-21670 at NVDCVE-2025-21671 at SUSECVE-2025-21671 at NVDCVE-2025-21673 at SUSECVE-2025-21673 at NVDCVE-2025-21675 at SUSECVE-2025-21675 at NVDCVE-2025-21678 at SUSECVE-2025-21678 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDCVE-2025-21681 at SUSECVE-2025-21681 at NVDCVE-2025-21684 at SUSECVE-2025-21684 at NVDCVE-2025-21687 at SUSECVE-2025-21687 at NVDCVE-2025-21688 at SUSECVE-2025-21688 at NVDCVE-2025-21689 at SUSECVE-2025-21689 at NVDCVE-2025-21690 at SUSECVE-2025-21690 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21693 at SUSECVE-2025-21693 at NVDCVE-2025-21697 at SUSECVE-2025-21697 at NVDCVE-2025-21699 at SUSECVE-2025-21699 at NVDCVE-2025-21700 at SUSECVE-2025-21700 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21703 at SUSECVE-2025-21703 at NVDCVE-2025-21704 at SUSECVE-2025-21704 at NVDCVE-2025-21705 at SUSECVE-2025-21705 at NVDCVE-2025-21706 at SUSECVE-2025-21706 at NVDCVE-2025-21708 at SUSECVE-2025-21708 at NVDCVE-2025-21711 at SUSECVE-2025-21711 at NVDCVE-2025-21714 at SUSECVE-2025-21714 at NVDCVE-2025-21715 at SUSECVE-2025-21715 at NVDCVE-2025-21716 at SUSECVE-2025-21716 at NVDCVE-2025-21718 at SUSECVE-2025-21718 at NVDCVE-2025-21719 at SUSECVE-2025-21719 at NVDCVE-2025-21723 at SUSECVE-2025-21723 at NVDCVE-2025-21724 at SUSECVE-2025-21724 at NVDCVE-2025-21725 at SUSECVE-2025-21725 at NVDCVE-2025-21726 at SUSECVE-2025-21726 at NVDCVE-2025-21727 at SUSECVE-2025-21727 at NVDCVE-2025-21728 at SUSECVE-2025-21728 at NVDCVE-2025-21729 at SUSECVE-2025-21729 at NVDCVE-2025-21731 at SUSECVE-2025-21731 at NVDCVE-2025-21732 at SUSECVE-2025-21732 at NVDCVE-2025-21733 at SUSECVE-2025-21733 at NVDCVE-2025-21734 at SUSECVE-2025-21734 at NVDCVE-2025-21735 at SUSECVE-2025-21735 at NVDCVE-2025-21736 at SUSECVE-2025-21736 at NVDCVE-2025-21738 at SUSECVE-2025-21738 at NVDCVE-2025-21739 at SUSECVE-2025-21739 at NVDCVE-2025-21741 at SUSECVE-2025-21741 at NVDCVE-2025-21742 at SUSECVE-2025-21742 at NVDCVE-2025-21743 at SUSECVE-2025-21743 at NVDCVE-2025-21744 at SUSECVE-2025-21744 at NVDCVE-2025-21745 at SUSECVE-2025-21745 at NVDCVE-2025-21749 at SUSECVE-2025-21749 at NVDCVE-2025-21750 at SUSECVE-2025-21750 at NVDCVE-2025-21753 at SUSECVE-2025-21753 at NVDCVE-2025-21754 at SUSECVE-2025-21754 at NVDCVE-2025-21755 at SUSECVE-2025-21755 at NVDCVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-21759 at SUSECVE-2025-21759 at NVDCVE-2025-21760 at SUSECVE-2025-21760 at NVDCVE-2025-21761 at SUSECVE-2025-21761 at NVDCVE-2025-21762 at SUSECVE-2025-21762 at NVDCVE-2025-21763 at SUSECVE-2025-21763 at NVDCVE-2025-21764 at SUSECVE-2025-21764 at NVDCVE-2025-21765 at SUSECVE-2025-21765 at NVDCVE-2025-21766 at SUSECVE-2025-21766 at NVDCVE-2025-21767 at SUSECVE-2025-21767 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-21773 at SUSECVE-2025-21773 at NVDCVE-2025-21775 at SUSECVE-2025-21775 at NVDCVE-2025-21776 at SUSECVE-2025-21776 at NVDCVE-2025-21779 at SUSECVE-2025-21779 at NVDCVE-2025-21780 at SUSECVE-2025-21780 at NVDCVE-2025-21781 at SUSECVE-2025-21781 at NVDCVE-2025-21782 at SUSECVE-2025-21782 at NVDCVE-2025-21784 at SUSECVE-2025-21784 at NVDCVE-2025-21785 at SUSECVE-2025-21785 at NVDCVE-2025-21790 at SUSECVE-2025-21790 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-21793 at SUSECVE-2025-21793 at NVDCVE-2025-21794 at SUSECVE-2025-21794 at NVDCVE-2025-21795 at SUSECVE-2025-21795 at NVDCVE-2025-21796 at SUSECVE-2025-21796 at NVDCVE-2025-21799 at SUSECVE-2025-21799 at NVDCVE-2025-21802 at SUSECVE-2025-21802 at NVDCVE-2025-21804 at SUSECVE-2025-21804 at NVDCVE-2025-21806 at SUSECVE-2025-21806 at NVDCVE-2025-21810 at SUSECVE-2025-21810 at NVDCVE-2025-21815 at SUSECVE-2025-21815 at NVDCVE-2025-21819 at SUSECVE-2025-21819 at NVDCVE-2025-21820 at SUSECVE-2025-21820 at NVDCVE-2025-21821 at SUSECVE-2025-21821 at NVDCVE-2025-21823 at SUSECVE-2025-21823 at NVDCVE-2025-21825 at SUSECVE-2025-21825 at NVDCVE-2025-21828 at SUSECVE-2025-21828 at NVDCVE-2025-21829 at SUSECVE-2025-21829 at NVDCVE-2025-21830 at SUSECVE-2025-21830 at NVDCVE-2025-21831 at SUSECVE-2025-21831 at NVDCVE-2025-21832 at SUSECVE-2025-21832 at NVDCVE-2025-21835 at SUSECVE-2025-21835 at NVDCVE-2025-21836 at SUSECVE-2025-21836 at NVDCVE-2025-21838 at SUSECVE-2025-21838 at NVDCVE-2025-21844 at SUSECVE-2025-21844 at NVDCVE-2025-21846 at SUSECVE-2025-21846 at NVDCVE-2025-21847 at SUSECVE-2025-21847 at NVDCVE-2025-21848 at SUSECVE-2025-21848 at NVDCVE-2025-21850 at SUSECVE-2025-21850 at NVDCVE-2025-21855 at SUSECVE-2025-21855 at NVDCVE-2025-21856 at SUSECVE-2025-21856 at NVDCVE-2025-21857 at SUSECVE-2025-21857 at NVDCVE-2025-21858 at SUSECVE-2025-21858 at NVDCVE-2025-21859 at SUSECVE-2025-21859 at NVDCVE-2025-21861 at SUSECVE-2025-21861 at NVDCVE-2025-21862 at SUSECVE-2025-21862 at NVDCVE-2025-21863 at SUSECVE-2025-21863 at NVDCVE-2025-21864 at SUSECVE-2025-21864 at NVDCVE-2025-21865 at SUSECVE-2025-21865 at NVDCVE-2025-21866 at SUSECVE-2025-21866 at NVDCVE-2025-21869 at SUSECVE-2025-21869 at NVDCVE-2025-21870 at SUSECVE-2025-21870 at NVDCVE-2025-21871 at SUSECVE-2025-21871 at NVDCVE-2025-21873 at SUSECVE-2025-21873 at NVDCVE-2025-21875 at SUSECVE-2025-21875 at NVDCVE-2025-21876 at SUSECVE-2025-21876 at NVDCVE-2025-21877 at SUSECVE-2025-21877 at NVDCVE-2025-21878 at SUSECVE-2025-21878 at NVDCVE-2025-21881 at SUSECVE-2025-21881 at NVDCVE-2025-21883 at SUSECVE-2025-21883 at NVDCVE-2025-21884 at SUSECVE-2025-21884 at NVDCVE-2025-21885 at SUSECVE-2025-21885 at NVDCVE-2025-21886 at SUSECVE-2025-21886 at NVDCVE-2025-21887 at SUSECVE-2025-21887 at NVDCVE-2025-21888 at SUSECVE-2025-21888 at NVDCVE-2025-21889 at SUSECVE-2025-21889 at NVDCVE-2025-21890 at SUSECVE-2025-21890 at NVDCVE-2025-21891 at SUSECVE-2025-21891 at NVDCVE-2025-21892 at SUSECVE-2025-21892 at NVDCVE-2025-21894 at SUSECVE-2025-21894 at NVDCVE-2025-21895 at SUSECVE-2025-21895 at NVDCVE-2025-21905 at SUSECVE-2025-21905 at NVDCVE-2025-21906 at SUSECVE-2025-21906 at NVDCVE-2025-21908 at SUSECVE-2025-21908 at NVDCVE-2025-21909 at SUSECVE-2025-21909 at NVDCVE-2025-21910 at SUSECVE-2025-21910 at NVDCVE-2025-21912 at SUSECVE-2025-21912 at NVDCVE-2025-21913 at SUSECVE-2025-21913 at NVDCVE-2025-21914 at SUSECVE-2025-21914 at NVDCVE-2025-21915 at SUSECVE-2025-21915 at NVDCVE-2025-21916 at SUSECVE-2025-21916 at NVDCVE-2025-21917 at SUSECVE-2025-21917 at NVDCVE-2025-21918 at SUSECVE-2025-21918 at NVDCVE-2025-21922 at SUSECVE-2025-21922 at NVDCVE-2025-21923 at SUSECVE-2025-21923 at NVDCVE-2025-21924 at SUSECVE-2025-21924 at NVDCVE-2025-21927 at SUSECVE-2025-21927 at NVDCVE-2025-21928 at SUSECVE-2025-21928 at NVDCVE-2025-21930 at SUSECVE-2025-21930 at NVDCVE-2025-21934 at SUSECVE-2025-21934 at NVDCVE-2025-21935 at SUSECVE-2025-21935 at NVDCVE-2025-21936 at SUSECVE-2025-21936 at NVDCVE-2025-21937 at SUSECVE-2025-21937 at NVDCVE-2025-21941 at SUSECVE-2025-21941 at NVDCVE-2025-21943 at SUSECVE-2025-21943 at NVDCVE-2025-21948 at SUSECVE-2025-21948 at NVDCVE-2025-21950 at SUSECVE-2025-21950 at NVDCVE-2025-21951 at SUSECVE-2025-21951 at NVDCVE-2025-21953 at SUSECVE-2025-21953 at NVDCVE-2025-21956 at SUSECVE-2025-21956 at NVDCVE-2025-21957 at SUSECVE-2025-21957 at NVDCVE-2025-21960 at SUSECVE-2025-21960 at NVDCVE-2025-21961 at SUSECVE-2025-21961 at NVDCVE-2025-21966 at SUSECVE-2025-21966 at NVDCVE-2025-21968 at SUSECVE-2025-21968 at NVDCVE-2025-21969 at SUSECVE-2025-21969 at NVDCVE-2025-21970 at SUSECVE-2025-21970 at NVDCVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-21972 at SUSECVE-2025-21972 at NVDCVE-2025-21975 at SUSECVE-2025-21975 at NVDCVE-2025-21978 at SUSECVE-2025-21978 at NVDCVE-2025-21979 at SUSECVE-2025-21979 at NVDCVE-2025-21981 at SUSECVE-2025-21981 at NVDCVE-2025-21991 at SUSECVE-2025-21991 at NVDCVE-2025-21992 at SUSECVE-2025-21992 at NVDCVE-2025-21993 at SUSECVE-2025-21993 at NVDCVE-2025-21995 at SUSECVE-2025-21995 at NVDCVE-2025-21996 at SUSECVE-2025-21996 at NVDCVE-2025-22001 at SUSECVE-2025-22001 at NVDCVE-2025-22003 at SUSECVE-2025-22003 at NVDCVE-2025-22007 at SUSECVE-2025-22007 at NVDCVE-2025-22008 at SUSECVE-2025-22008 at NVDCVE-2025-22009 at SUSECVE-2025-22009 at NVDCVE-2025-22010 at SUSECVE-2025-22010 at NVDCVE-2025-22013 at SUSECVE-2025-22013 at NVDCVE-2025-22014 at SUSECVE-2025-22014 at NVDCVE-2025-2312 at SUSECVE-2025-2312 at NVDcpe:/o:suse:sl-micro:6.1Security update for nvidia-open-driver-G06-signed (Important)SUSE Linux Micro 6.1
This update for nvidia-open-driver-G06-signed fixes the following issues:
Update non-CUDA variant to 580.82.07 (bsc#1249235)
Update non-CUDA variant to 580.76.05 (bsc#1247907)
- get rid of rule of older KMPs not to load nvidia_drm module,
which are still installed in parallel and therefore still
active (bsc#1247923)
Update CUDA variant to 580.65.06, which addresses various security issues:
* CVE-2025-23277 (bsc#1247528)
* CVE-2025-23278 (bsc#1247529)
* CVE-2025-23286 (bsc#1247530)
* CVE-2025-23283 (bsc#1247531)
* CVE-2025-23279 (bsc#1247532)
Update non-CUDA variant to 570.172.08 (bsc#1246327)
- empty pci_ids-570.169; PCI ID hardware Supplements get moved to
gfx repository to package nvidia-open-driver-G06-signed-kmp-meta
(bsc#1246010)
- remove 60-nvidia-$flavor.conf, since driver no longer gets
autoselected without gfx/cuda repositories present and so we no
longer need to disable it by default (bsc#1246010)
ImportantSUSE bug 1237208SUSE bug 1246010SUSE bug 1246327SUSE bug 1247528SUSE bug 1247529SUSE bug 1247530SUSE bug 1247531SUSE bug 1247532SUSE bug 1247907SUSE bug 1247923SUSE bug 1249235CVE-2025-23277 at SUSECVE-2025-23277 at NVDCVE-2025-23278 at SUSECVE-2025-23278 at NVDCVE-2025-23279 at SUSECVE-2025-23279 at NVDCVE-2025-23283 at SUSECVE-2025-23283 at NVDCVE-2025-23286 at SUSECVE-2025-23286 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1237048SUSE bug 1240744SUSE bug 1243650SUSE bug 1245509SUSE bug 1247315CVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-50154: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink() (bsc#1233072)
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1233072SUSE bug 1237048SUSE bug 1240744SUSE bug 1243650SUSE bug 1245509SUSE bug 1247315CVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1237048SUSE bug 1240744SUSE bug 1245509SUSE bug 1247315CVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1247315CVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-27415: netfilter: br_netfilter: skip conntrack input hook for promisc packets (bsc#1224757).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).
- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).
- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).
- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).
- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).
- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).
- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).
- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).
- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).
- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).
- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).
- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).
- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).
- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).
- CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784).
- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).
- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).
- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).
- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).
- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).
- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
The following non-security bugs were fixed:
- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).
- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).
- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).
- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).
- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).
- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).
- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).
- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).
- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).
- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).
- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).
- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).
- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).
- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).
- affs: do not write overlarge OFS data block size fields (git-fixes).
- affs: generate OFS sequence numbers starting at 1 (git-fixes).
- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)
- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)
- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)
- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)
- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)
- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)
- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)
- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)
- arm64: mm: Correct the update of max_pfn (git-fixes)
- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).
- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).
- bpf: fix potential error return (git-fixes).
- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).
- counter: fix privdata alignment (git-fixes).
- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).
- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).
- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)
- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)
- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)
Keep the feature disabled by default on x86_64
- drm/amd/pm/smu11: Prevent division by zero (git-fixes).
- drm/amd/pm: Prevent division by zero (git-fixes).
- drm/amd: Keep display off while going into S4 (stable-fixes).
- drm/amdgpu/dma_buf: fix page_link check (git-fixes).
- drm/amdgpu/gfx11: fix num_mec (git-fixes).
- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).
- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).
- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).
- drm/sti: remove duplicate object names (git-fixes).
- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).
- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).
- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).
- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).
- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__default_new() to
perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).
- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).
- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).
- mtd: rawnand: Add status chack in r852_ready() (git-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).
- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).
- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).
- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).
- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).
- ntb: intel: Fix using link status DB's (git-fixes).
- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).
- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).
- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).
- ntb_perf: Fix printk format (git-fixes).
- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).
- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).
- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).
- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- perf tools: annotate asm_pure_loop.S (bsc#1239906).
- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).
- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).
- platform/x86: ISST: Correct command storage data length (git-fixes).
- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).
- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).
- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).
- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).
- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).
- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).
- s390/cio: Fix CHPID "configure" attribute caching (git-fixes bsc#1240979).
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).
- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)
- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).
- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).
- smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616).
- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).
- topology: Set capacity_freq_ref in all cases (bsc#1238052)
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- tpm_tis: Move CRC check to generic send routine (bsc#1235870).
- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).
- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).
- tty: serial: 8250: Add some more device IDs (stable-fixes).
- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).
- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).
- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).
- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).
- usb: xhci: correct debug message page size calculation (git-fixes).
- usbnet:fix NPE during rx_complete (git-fixes).
- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).
- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).
- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).
- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).
- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).
- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).
- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).
- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).
ImportantSUSE bug 1224013SUSE bug 1224757SUSE bug 1228659SUSE bug 1231910SUSE bug 1234074SUSE bug 1234157SUSE bug 1234698SUSE bug 1235550SUSE bug 1235870SUSE bug 1237874SUSE bug 1237882SUSE bug 1238052SUSE bug 1238565SUSE bug 1238746SUSE bug 1238970SUSE bug 1238990SUSE bug 1239066SUSE bug 1239475SUSE bug 1239684SUSE bug 1239906SUSE bug 1239925SUSE bug 1240167SUSE bug 1240168SUSE bug 1240171SUSE bug 1240176SUSE bug 1240184SUSE bug 1240185SUSE bug 1240375SUSE bug 1240575SUSE bug 1240581SUSE bug 1240582SUSE bug 1240583SUSE bug 1240584SUSE bug 1240585SUSE bug 1240587SUSE bug 1240590SUSE bug 1240591SUSE bug 1240592SUSE bug 1240594SUSE bug 1240595SUSE bug 1240596SUSE bug 1240600SUSE bug 1240612SUSE bug 1240616SUSE bug 1240639SUSE bug 1240643SUSE bug 1240647SUSE bug 1240691SUSE bug 1240700SUSE bug 1240701SUSE bug 1240703SUSE bug 1240708SUSE bug 1240714SUSE bug 1240715SUSE bug 1240716SUSE bug 1240718SUSE bug 1240719SUSE bug 1240720SUSE bug 1240722SUSE bug 1240727SUSE bug 1240739SUSE bug 1240742SUSE bug 1240779SUSE bug 1240783SUSE bug 1240784SUSE bug 1240795SUSE bug 1240796SUSE bug 1240797SUSE bug 1240799SUSE bug 1240801SUSE bug 1240806SUSE bug 1240808SUSE bug 1240812SUSE bug 1240813SUSE bug 1240815SUSE bug 1240816SUSE bug 1240819SUSE bug 1240821SUSE bug 1240825SUSE bug 1240829SUSE bug 1240873SUSE bug 1240937SUSE bug 1240938SUSE bug 1240940SUSE bug 1240942SUSE bug 1240943SUSE bug 1240978SUSE bug 1240979SUSE bug 1241038CVE-2024-27415 at SUSECVE-2024-27415 at NVDCVE-2024-50038 at SUSECVE-2024-50038 at NVDCVE-2024-53124 at SUSECVE-2024-53124 at NVDCVE-2024-53139 at SUSECVE-2024-53139 at NVDCVE-2024-58018 at SUSECVE-2024-58018 at NVDCVE-2024-58071 at SUSECVE-2024-58071 at NVDCVE-2025-21729 at SUSECVE-2025-21729 at NVDCVE-2025-21755 at SUSECVE-2025-21755 at NVDCVE-2025-21806 at SUSECVE-2025-21806 at NVDCVE-2025-21836 at SUSECVE-2025-21836 at NVDCVE-2025-21863 at SUSECVE-2025-21863 at NVDCVE-2025-21873 at SUSECVE-2025-21873 at NVDCVE-2025-21875 at SUSECVE-2025-21875 at NVDCVE-2025-21881 at SUSECVE-2025-21881 at NVDCVE-2025-21884 at SUSECVE-2025-21884 at NVDCVE-2025-21887 at SUSECVE-2025-21887 at NVDCVE-2025-21889 at SUSECVE-2025-21889 at NVDCVE-2025-21894 at SUSECVE-2025-21894 at NVDCVE-2025-21895 at SUSECVE-2025-21895 at NVDCVE-2025-21905 at SUSECVE-2025-21905 at NVDCVE-2025-21906 at SUSECVE-2025-21906 at NVDCVE-2025-21908 at SUSECVE-2025-21908 at NVDCVE-2025-21909 at SUSECVE-2025-21909 at NVDCVE-2025-21910 at SUSECVE-2025-21910 at NVDCVE-2025-21912 at SUSECVE-2025-21912 at NVDCVE-2025-21913 at SUSECVE-2025-21913 at NVDCVE-2025-21914 at SUSECVE-2025-21914 at NVDCVE-2025-21915 at SUSECVE-2025-21915 at NVDCVE-2025-21916 at SUSECVE-2025-21916 at NVDCVE-2025-21917 at SUSECVE-2025-21917 at NVDCVE-2025-21918 at SUSECVE-2025-21918 at NVDCVE-2025-21922 at SUSECVE-2025-21922 at NVDCVE-2025-21923 at SUSECVE-2025-21923 at NVDCVE-2025-21924 at SUSECVE-2025-21924 at NVDCVE-2025-21927 at SUSECVE-2025-21927 at NVDCVE-2025-21928 at SUSECVE-2025-21928 at NVDCVE-2025-21930 at SUSECVE-2025-21930 at NVDCVE-2025-21934 at SUSECVE-2025-21934 at NVDCVE-2025-21935 at SUSECVE-2025-21935 at NVDCVE-2025-21936 at SUSECVE-2025-21936 at NVDCVE-2025-21937 at SUSECVE-2025-21937 at NVDCVE-2025-21941 at SUSECVE-2025-21941 at NVDCVE-2025-21943 at SUSECVE-2025-21943 at NVDCVE-2025-21948 at SUSECVE-2025-21948 at NVDCVE-2025-21950 at SUSECVE-2025-21950 at NVDCVE-2025-21951 at SUSECVE-2025-21951 at NVDCVE-2025-21953 at SUSECVE-2025-21953 at NVDCVE-2025-21956 at SUSECVE-2025-21956 at NVDCVE-2025-21957 at SUSECVE-2025-21957 at NVDCVE-2025-21960 at SUSECVE-2025-21960 at NVDCVE-2025-21961 at SUSECVE-2025-21961 at NVDCVE-2025-21966 at SUSECVE-2025-21966 at NVDCVE-2025-21968 at SUSECVE-2025-21968 at NVDCVE-2025-21969 at SUSECVE-2025-21969 at NVDCVE-2025-21970 at SUSECVE-2025-21970 at NVDCVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-21972 at SUSECVE-2025-21972 at NVDCVE-2025-21975 at SUSECVE-2025-21975 at NVDCVE-2025-21978 at SUSECVE-2025-21978 at NVDCVE-2025-21979 at SUSECVE-2025-21979 at NVDCVE-2025-21981 at SUSECVE-2025-21981 at NVDCVE-2025-21991 at SUSECVE-2025-21991 at NVDCVE-2025-21992 at SUSECVE-2025-21992 at NVDCVE-2025-21993 at SUSECVE-2025-21993 at NVDCVE-2025-21995 at SUSECVE-2025-21995 at NVDCVE-2025-21996 at SUSECVE-2025-21996 at NVDCVE-2025-22001 at SUSECVE-2025-22001 at NVDCVE-2025-22003 at SUSECVE-2025-22003 at NVDCVE-2025-22007 at SUSECVE-2025-22007 at NVDCVE-2025-22008 at SUSECVE-2025-22008 at NVDCVE-2025-22009 at SUSECVE-2025-22009 at NVDCVE-2025-22010 at SUSECVE-2025-22010 at NVDCVE-2025-22013 at SUSECVE-2025-22013 at NVDCVE-2025-22014 at SUSECVE-2025-22014 at NVDCVE-2025-2312 at SUSECVE-2025-2312 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-50154: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink() (bsc#1233072)
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1233072SUSE bug 1237048SUSE bug 1240744SUSE bug 1243650SUSE bug 1245509SUSE bug 1247315CVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1237048SUSE bug 1240744SUSE bug 1243650SUSE bug 1245509SUSE bug 1247315CVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048)
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744)
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1237048SUSE bug 1240744SUSE bug 1245509SUSE bug 1247315CVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_7 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ModerateSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509)
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1245509SUSE bug 1247315CVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315)
ImportantSUSE bug 1247315CVE-2025-38477 at SUSECVE-2025-38477 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer (bsc#1249770).
- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
- CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
- CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
- CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
- CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).
- CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
- CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
- CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).
- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
- CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
- CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
- CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
- CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
- CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
- CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
- CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
- CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
- CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
- CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
- CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
- CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
- CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
- CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
- CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).
- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
- CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).
- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
- CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
- CVE-2025-39832: net/mlx5: Fix lockdep assertion on sync reset unload event (bsc#1249901).
- CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).
- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
- CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
- CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
- CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
- CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).
The following non-security bugs were fixed:
- !CONFIG & reference -> this is bug, immediate fail
- 9p/xen: fix init sequence (git-fixes).
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).
- ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message (git-fixes).
- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).
- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).
- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).
- ACPICA: Fix largest possible resource descriptor index (git-fixes).
- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).
- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).
- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).
- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).
- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).
- ALSA: lx_core: use int type to store negative error codes (git-fixes).
- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).
- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).
- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Convert comma to semicolon (git-fixes).
- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).
- ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-fixes).
- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).
- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).
- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).
- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).
- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).
- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).
- ASoC: wm8940: Correct PLL rate rounding (git-fixes).
- ASoC: wm8940: Correct typo in control name (git-fixes).
- ASoC: wm8974: Correct PLL rate rounding (git-fixes).
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).
- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
- Bluetooth: MGMT: Fix possible UAFs (git-fixes).
- Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).
- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).
- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).
- Bluetooth: qca: fix invalid device address check (git-fixes).
- Bluetooth: qca: fix wcn3991 device address check (git-fixes).
- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- Correct typos of References tags in some patches
- Do not self obsolete older kernel variants
- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).
- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).
- Drop PCI patches that broke kdump capture boot (bsc#1246509)
- Drop arm64 patches that may lead to module load failure (bsc#1250057)
- EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller (git-fixes).
- Fix BPF selftests compilation error in bpf_iter.c (git-fixes)
- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).
- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).
- HID: input: report battery status changes immediately (git-fixes).
- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).
- HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).
- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
- HID: wacom: Add a new Art Pen 2 (stable-fixes).
- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
- IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes)
- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
- KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes).
- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).
- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes).
- KVM: VMX: Extract checking of guest's DEBUGCTL into helper (git-fixes).
- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).
- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-fixes).
- KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-fixes).
- KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits (git-fixes).
- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).
- KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table (git-fixes).
- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).
- KVM: x86: Fully defer to vendor code to decide how to force immediate exit (git-fixes).
- KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-fixes).
- KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint (git-fixes).
- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).
- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186)
- Limit patch filenames to 100 characters (bsc#1249604).
- NFSv4.1: fix backchannel max_resp_sz verification check (git-fixes).
- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).
- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).
- NFSv4: Do not clear capabilities that won't be reset (git-fixes).
- PCI/AER: Fix missing uevent on recovery when a reset is requested (git-fixes).
- PCI/ERR: Fix uevent on failure to recover (git-fixes).
- PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (git-fixes).
- PCI/sysfs: Ensure devices are powered for config reads (git-fixes).
- PCI: Extend isolated function probing to LoongArch (git-fixes).
- PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit (git-fixes).
- PCI: rcar-host: Drop PMSR spinlock (git-fixes).
- PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() (git-fixes).
- PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes).
- PCI: tegra194: Handle errors in BPMP response (git-fixes).
- PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock (git-fixes).
- PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation (git-fixes).
- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).
- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).
- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes)
- RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes)
- RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes)
- RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes)
- RDMA/rxe: Fix race in do_task() when draining (git-fixes)
- RDMA/siw: Always report immediate post SQ errors (git-fixes)
- Revert "SUNRPC: Do not allow waiting for exiting tasks" (git-fixes).
- Revert "drm/amdgpu: fix incorrect vm flags to map bo" (stable-fixes).
- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
- Squashfs: add additional inode sanity checking (git-fixes).
- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).
- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).
- Update config files. (bsc#1249186) Plain run_oldconfig after Kconfig update.
- afs: Fix potential null pointer dereference in afs_put_server (git-fixes).
- arm64: Handle KCOV __init vs inline mismatches (git-fixes)
- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
- arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes)
- arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes)
- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
- arm64: dts: imx8mp: Correct thermal sensor index (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
- batman-adv: fix OOB read/write in network-coding decode (git-fixes).
- bpf, bpftool: Fix incorrect disasm pc (git-fixes).
- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
- bpf: Fix iter/task tid filtering (git-fixes).
- bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).
- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
- bpf: Properly test iter/task tid filtering (git-fixes).
- bpf: bpftool: Setting error code in do_loader() (git-fixes).
- bpf: handle implicit declaration of function gettid in bpf_iter.c
- bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).
- bpftool: Fix JSON writer resource leak in version command (git-fixes).
- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).
- bpftool: Fix readlink usage in get_fd_type (git-fixes).
- bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).
- bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).
- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).
- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).
- btrfs: add cancellation points to trim loops (git-fixes).
- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).
- btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).
- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).
- btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes).
- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).
- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).
- btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).
- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).
- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).
- btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).
- btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).
- btrfs: scrub: fix grouping of read IO (git-fixes).
- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
- btrfs: split remaining space to discard in chunks (git-fixes).
- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
- btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).
- build_bug.h: Add KABI assert (bsc#1249186).
- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).
- bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() (git-fixes).
- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).
- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).
- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).
- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).
- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
- ceph: validate snapdirname option length when mounting (git-fixes).
- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).
- cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).
- cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (bsc#1247963).
- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
- cgroup: make css_rstat_updated nmi safe (bsc#1247963).
- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).
- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).
- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).
- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
- config.sh: Use Step repository for building Leap kernel bs-upload-kernel does not understand the Leap repository layout
- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).
- cpufreq: Exit governor when failed to start old governor (stable-fixes).
- cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).
- cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).
- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
- cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes).
- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).
- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
- cpufreq: scpi: compare kHz instead of Hz (git-fixes).
- cpufreq: tegra186: Share policy per cluster (stable-fixes).
- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).
- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).
- crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes).
- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).
- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).
- crypto: qat - add shutdown handler to qat_c62x (git-fixes).
- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).
- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).
- dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation (git-fixes).
- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).
- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).
- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
- dmaengine: idxd: Remove improper idxd_free (git-fixes).
- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).
- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).
- docs: admin-guide: update to current minimum pipe size default (git-fixes).
- drivers/base/node: fix double free in register_one_node() (git-fixes).
- drivers/base/node: handle error properly in register_one_node() (git-fixes).
- drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).
- drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).
- drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).
- drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).
- drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).
- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
- drm/amd/display: Remove redundant semicolons (git-fixes).
- drm/amd/display: use udelay rather than fsleep (git-fixes).
- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).
- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).
- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).
- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).
- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).
- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).
- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
- drm/amdgpu: remove the redeclaration of variable i (git-fixes).
- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).
- drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).
- drm/bridge: it6505: select REGMAP_I2C (git-fixes).
- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).
- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).
- drm/edid: Define the quirks in an enum list (bsc#1248121).
- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).
- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).
- drm/mediatek: fix potential OF node use-after-free (git-fixes).
- drm/msm/dpu: fix incorrect type for ret (git-fixes).
- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).
- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).
- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).
- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).
- fbcon: Fix OOB access in font allocation (git-fixes).
- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).
- firmware: meson_sm: fix device leak at probe (git-fixes).
- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).
- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).
- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).
- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).
- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
- hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).
- i2c: designware: Add disabling clocks when probe fails (git-fixes).
- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).
- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).
- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
- i3c: Fix default I2C adapter timeout value (git-fixes).
- i3c: master: svc: Recycle unused IBI slot (git-fixes).
- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).
- iio: dac: ad5360: use int type to store negative error codes (git-fixes).
- iio: dac: ad5421: use int type to store negative error codes (git-fixes).
- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).
- iio: frequency: adf4350: Fix prescaler usage (git-fixes).
- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).
- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).
- iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-fixes).
- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
- kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- kABI fix for "netfilter: nf_tables: Audit log rule reset" (git-fixes).
- kABI workaround for "drm/dp: Add an EDID quirk for the DPCD register access probe" (bsc#1248121).
- kABI workaround for RCU tasks exit tracking (bsc#1246298).
- kABI: adjust new field on ip_ct_sctp struct (git-fixes).
- kABI: arm64: ftrace: Restore init_module behavior (git-fixes).
- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
- kABI: make nft_trans_gc_catchall() public again (git-fixes).
- kABI: netfilter flowtable move gc operation to bottom (git-fixes).
- kabi: Restore layout of parallel_data (bsc1248343).
- kabi: add struct cgroup_extra (bsc#1247963).
- kabi: drop kvm_x86_ops from kabi relevant symbols.
- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).
- kernel-binary: Another installation ordering fix (bsc#1241353).
- kernel-source.spec: Depend on python3-base for build Both kernel-binary and kernel-docs already have this dependency.
- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).
- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).
- media: cx18: Add missing check after DMA map (git-fixes).
- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
- media: lirc: Fix error handling in lirc_register() (git-fixes).
- media: pci: ivtv: Add missing check after DMA map (git-fixes).
- media: rc: fix races with imon_disconnect() (git-fixes).
- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
- media: st-delta: avoid excessive stack usage (git-fixes).
- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).
- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).
- media: zoran: Remove zoran_fh structure (git-fixes).
- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).
- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).
- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).
- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).
- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).
- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
- mm: move page table sync declarations to linux/pgtable.h (git-fixes).
- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
- mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).
- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).
- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).
- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).
- net: nfc: nci: Add parameter validation for packet data (git-fixes).
- net: phy: fix phy_uses_state_machine() (git-fixes).
- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).
- net: rose: convert 'use' field to refcount_t (git-fixes).
- net: rose: fix a typo in rose_clear_routes() (git-fixes).
- net: rose: include node references in rose_neigh refcount (git-fixes).
- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).
- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).
- net: usb: cdc-ncm: check for filtering capability (git-fixes).
- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).
- netfilter: conntrack: fix extension size table (git-fixes).
- netfilter: flowtable: GC pushes back packets to classic path (git-fixes).
- netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).
- netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).
- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
- netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).
- netfilter: nf_tables: Audit log rule reset (git-fixes).
- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).
- netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).
- netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).
- netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).
- netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).
- netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).
- netfilter: nf_tables: Unbreak audit log reset (git-fixes).
- netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).
- netfilter: nf_tables: audit log object reset once per table (git-fixes).
- netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).
- netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).
- netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: nft_obj_filter fits into cb->ctx (git-fixes).
- netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).
- netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).
- netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).
- netfilter: nft_payload: fix wrong mac header matching (git-fixes).
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).
- netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).
- netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).
- netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).
- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).
- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
- nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).
- nvme-pci: try function level reset on init failure (git-fixes).
- nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).
- nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500).
- nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).
- orangefs: Remove unused type in macro fill_default_sys_attrs (git-fixes).
- pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).
- pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).
- pcmcia: omap: Add missing check for platform_get_resource (git-fixes).
- phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568 (git-fixes).
- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
- phy: ti-pipe3: fix device leak at unbind (git-fixes).
- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
- pinctrl: renesas: Use int type to store negative error codes (git-fixes).
- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).
- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
- platform/x86: think-lmi: Fix class device unregistration (git-fixes).
- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).
- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).
- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).
- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).
- power: supply: max77976_charger: fix constant current reporting (git-fixes).
- pptp: fix pptp_xmit() error path (git-fixes).
- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).
- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).
- rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)
- rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)
- rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain real-time response in (bsc#1246298)
- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)
- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)
- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).
- regulator: scmi: Use int type to store negative error codes (git-fixes).
- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
- rpm: Configure KABI checkingness macro (bsc#1249186)
- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186)
- rpm: Link arch-symbols script from scripts directory.
- rpm: Link guards script from scripts directory.
- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).
- s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).
- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).
- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).
- s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).
- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).
- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).
- s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).
- sched/deadline: Collect sched_dl_entity initialization (git-fixes)
- sched/fair: Remove unused parameter from sched_asym() (git-fixes)
- sched/fair: Take the scheduling domain into account in (git-fixes)
- sched/isolation: Fix boot crash when maxcpus < first (git-fixes)
- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)
- scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).
- scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).
- scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519).
- scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).
- scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).
- scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).
- scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).
- scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).
- scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).
- scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519).
- scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).
- scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519).
- scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
- scsi: lpfc: Use int type to store negative error codes (bsc#1250519).
- scsi: lpfc: use min() to improve code (bsc#1250519).
- scsi: qla2xxx: Avoid stack frame size warning in qla_dfs (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp() (git-fixes).
- scsi: qla2xxx: Remove firmware URL (git-fixes).
- scsi: qla2xxx: Use secs_to_jiffies() instead of msecs_to_jiffies() (git-fixes).
- scsi: qla2xxx: edif: Fix incorrect sign of error code (git-fixes).
- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes).
- selftests/bpf: Add asserts for netfilter link info (git-fixes).
- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).
- selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).
- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).
- selftests: bpf: test batch lookup on array of maps with holes (git-fixes).
- serial: max310x: Add error checking in probe() (git-fixes).
- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).
- spi: bcm2835: Remove redundant semicolons (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).
- spi: mtk-snfi: Remove redundant semicolons (git-fixes).
- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).
- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
- struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).
- struct ci_hdrc: new member has_short_pkt_limit to end (git-fixes).
- struct l2cap_chan: shift new member rx_avail to end (git-fixes).
- supported.conf: mark hyperv_drm as external
- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
- thunderbolt: Compare HMAC values in constant time (git-fixes).
- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).
- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).
- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
- usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag (git-fixes).
- usb: core: Add 0x prefix to quirks debug output (stable-fixes).
- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).
- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).
- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).
- usb: typec: fusb302: cache PD RX state (git-fixes).
- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).
- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).
- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).
- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).
- usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register (git-fixes).
- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).
- use uniform permission checks for all mount propagation changes (git-fixes).
- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).
- vhost-scsi: Return queue full for page alloc failures during copy (git-fixes).
- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).
- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).
- vhost: fail early when __vhost_add_used() fails (git-fixes).
- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).
- vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- vsock: Allow retrying on connect() failure (git-fixes).
- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes).
- vsock: avoid timeout during connect() if the socket is closing (git-fixes).
- watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (git-fixes).
- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).
- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).
- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).
- wifi: ath11k: fix group data packet drops during rekey (git-fixes).
- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).
- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).
- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).
- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).
- wifi: mac80211: fix incorrect type for ret (stable-fixes).
- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).
- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).
- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
- wifi: mwifiex: send world regulatory domain to driver (git-fixes).
- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).
- wifi: virt_wifi: Fix page fault on connect (stable-fixes).
- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).
- writeback: Avoid contention on wb->list_lock when switching inodes (bsc#1237776).
- writeback: Avoid contention on wb->list_lock when switching inodes (kABI fixup) (bsc#1237776).
- writeback: Avoid excessively long inode switching times (bsc#1237776).
- writeback: Avoid softlockup when switching many inodes (bsc#1237776).
- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
- x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).
- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).
- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).
- xen/netfront: Fix TX response spurious interrupts (git-fixes).
- xen: Add support for XenServer 6.1 platform device (git-fixes).
- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).
- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).
- xfs: rework datasync tracking and execution (bsc#1237449).
- xhci: Fix control transfer error on Etron xHCI host (git-fixes).
- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).
- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1194869SUSE bug 1213061SUSE bug 1213666SUSE bug 1214073SUSE bug 1214928SUSE bug 1214953SUSE bug 1215150SUSE bug 1215696SUSE bug 1216436SUSE bug 1216976SUSE bug 1218644SUSE bug 1220186SUSE bug 1220419SUSE bug 1229165SUSE bug 1230062SUSE bug 1236897SUSE bug 1237449SUSE bug 1237776SUSE bug 1240324SUSE bug 1241166SUSE bug 1241292SUSE bug 1241353SUSE bug 1241866SUSE bug 1243100SUSE bug 1243112SUSE bug 1245193SUSE bug 1245260SUSE bug 1245700SUSE bug 1246057SUSE bug 1246125SUSE bug 1246190SUSE bug 1246248SUSE bug 1246298SUSE bug 1246509SUSE bug 1246782SUSE bug 1247099SUSE bug 1247118SUSE bug 1247126SUSE bug 1247136SUSE bug 1247137SUSE bug 1247223SUSE bug 1247239SUSE bug 1247262SUSE bug 1247442SUSE bug 1247483SUSE bug 1247500SUSE bug 1247963SUSE bug 1248111SUSE bug 1248121SUSE bug 1248192SUSE bug 1248199SUSE bug 1248200SUSE bug 1248202SUSE bug 1248225SUSE bug 1248296SUSE bug 1248334SUSE bug 1248343SUSE bug 1248357SUSE bug 1248360SUSE bug 1248365SUSE bug 1248378SUSE bug 1248380SUSE bug 1248392SUSE bug 1248512SUSE bug 1248610SUSE bug 1248619SUSE bug 1248622SUSE bug 1248626SUSE bug 1248628SUSE bug 1248634SUSE bug 1248639SUSE bug 1248647SUSE bug 1248674SUSE bug 1248681SUSE bug 1248733SUSE bug 1248734SUSE bug 1248735SUSE bug 1248775SUSE bug 1248847SUSE bug 1249122SUSE bug 1249123SUSE bug 1249124SUSE bug 1249125SUSE bug 1249126SUSE bug 1249143SUSE bug 1249156SUSE bug 1249159SUSE bug 1249163SUSE bug 1249164SUSE bug 1249166SUSE bug 1249169SUSE bug 1249170SUSE bug 1249172SUSE bug 1249176SUSE bug 1249177SUSE bug 1249186SUSE bug 1249190SUSE bug 1249194SUSE bug 1249195SUSE bug 1249196SUSE bug 1249199SUSE bug 1249200SUSE bug 1249202SUSE bug 1249203SUSE bug 1249204SUSE bug 1249206SUSE bug 1249215SUSE bug 1249220SUSE bug 1249221SUSE bug 1249254SUSE bug 1249255SUSE bug 1249257SUSE bug 1249258SUSE bug 1249260SUSE bug 1249262SUSE bug 1249263SUSE bug 1249265SUSE bug 1249266SUSE bug 1249271SUSE bug 1249272SUSE bug 1249273SUSE bug 1249278SUSE bug 1249279SUSE bug 1249281SUSE bug 1249282SUSE bug 1249284SUSE bug 1249285SUSE bug 1249288SUSE bug 1249290SUSE bug 1249292SUSE bug 1249295SUSE bug 1249296SUSE bug 1249299SUSE bug 1249300SUSE bug 1249303SUSE bug 1249304SUSE bug 1249305SUSE bug 1249308SUSE bug 1249312SUSE bug 1249315SUSE bug 1249318SUSE bug 1249321SUSE bug 1249323SUSE bug 1249324SUSE bug 1249334SUSE bug 1249338SUSE bug 1249346SUSE bug 1249374SUSE bug 1249413SUSE bug 1249479SUSE bug 1249481SUSE bug 1249482SUSE bug 1249486SUSE bug 1249488SUSE bug 1249489SUSE bug 1249490SUSE bug 1249494SUSE bug 1249504SUSE bug 1249506SUSE bug 1249508SUSE bug 1249510SUSE bug 1249513SUSE bug 1249515SUSE bug 1249516SUSE bug 1249522SUSE bug 1249523SUSE bug 1249524SUSE bug 1249526SUSE bug 1249533SUSE bug 1249538SUSE bug 1249540SUSE bug 1249542SUSE bug 1249545SUSE bug 1249548SUSE bug 1249554SUSE bug 1249598SUSE bug 1249604SUSE bug 1249608SUSE bug 1249615SUSE bug 1249640SUSE bug 1249641SUSE bug 1249642SUSE bug 1249658SUSE bug 1249662SUSE bug 1249672SUSE bug 1249673SUSE bug 1249677SUSE bug 1249678SUSE bug 1249679SUSE bug 1249682SUSE bug 1249687SUSE bug 1249698SUSE bug 1249707SUSE bug 1249712SUSE bug 1249730SUSE bug 1249756SUSE bug 1249758SUSE bug 1249761SUSE bug 1249762SUSE bug 1249768SUSE bug 1249770SUSE bug 1249774SUSE bug 1249779SUSE bug 1249780SUSE bug 1249785SUSE bug 1249787SUSE bug 1249795SUSE bug 1249815SUSE bug 1249820SUSE bug 1249823SUSE bug 1249824SUSE bug 1249825SUSE bug 1249826SUSE bug 1249833SUSE bug 1249842SUSE bug 1249845SUSE bug 1249849SUSE bug 1249850SUSE bug 1249853SUSE bug 1249856SUSE bug 1249861SUSE bug 1249863SUSE bug 1249864SUSE bug 1249865SUSE bug 1249866SUSE bug 1249869SUSE bug 1249870SUSE bug 1249880SUSE bug 1249883SUSE bug 1249888SUSE bug 1249894SUSE bug 1249896SUSE bug 1249897SUSE bug 1249901SUSE bug 1249911SUSE bug 1249917SUSE bug 1249919SUSE bug 1249923SUSE bug 1249926SUSE bug 1249938SUSE bug 1249949SUSE bug 1249950SUSE bug 1249952SUSE bug 1249975SUSE bug 1249979SUSE bug 1249984SUSE bug 1249988SUSE bug 1249990SUSE bug 1249993SUSE bug 1249994SUSE bug 1249997SUSE bug 1250002SUSE bug 1250004SUSE bug 1250006SUSE bug 1250007SUSE bug 1250012SUSE bug 1250022SUSE bug 1250024SUSE bug 1250025SUSE bug 1250028SUSE bug 1250029SUSE bug 1250035SUSE bug 1250049SUSE bug 1250055SUSE bug 1250057SUSE bug 1250058SUSE bug 1250062SUSE bug 1250063SUSE bug 1250065SUSE bug 1250066SUSE bug 1250067SUSE bug 1250069SUSE bug 1250070SUSE bug 1250073SUSE bug 1250074SUSE bug 1250088SUSE bug 1250089SUSE bug 1250106SUSE bug 1250112SUSE bug 1250117SUSE bug 1250120SUSE bug 1250125SUSE bug 1250127SUSE bug 1250128SUSE bug 1250145SUSE bug 1250150SUSE bug 1250156SUSE bug 1250157SUSE bug 1250161SUSE bug 1250163SUSE bug 1250166SUSE bug 1250167SUSE bug 1250169SUSE bug 1250171SUSE bug 1250177SUSE bug 1250179SUSE bug 1250180SUSE bug 1250186SUSE bug 1250196SUSE bug 1250198SUSE bug 1250199SUSE bug 1250201SUSE bug 1250203SUSE bug 1250204SUSE bug 1250206SUSE bug 1250208SUSE bug 1250241SUSE bug 1250242SUSE bug 1250243SUSE bug 1250247SUSE bug 1250249SUSE bug 1250251SUSE bug 1250262SUSE bug 1250263SUSE bug 1250266SUSE bug 1250267SUSE bug 1250268SUSE bug 1250275SUSE bug 1250276SUSE bug 1250281SUSE bug 1250290SUSE bug 1250291SUSE bug 1250292SUSE bug 1250294SUSE bug 1250297SUSE bug 1250298SUSE bug 1250313SUSE bug 1250319SUSE bug 1250323SUSE bug 1250325SUSE bug 1250329SUSE bug 1250336SUSE bug 1250337SUSE bug 1250344SUSE bug 1250358SUSE bug 1250365SUSE bug 1250371SUSE bug 1250377SUSE bug 1250384SUSE bug 1250389SUSE bug 1250395SUSE bug 1250397SUSE bug 1250402SUSE bug 1250406SUSE bug 1250407SUSE bug 1250426SUSE bug 1250450SUSE bug 1250459SUSE bug 1250519SUSE bug 1250522SUSE bug 1250530SUSE bug 1250655SUSE bug 1250712SUSE bug 1250713SUSE bug 1250732SUSE bug 1250736SUSE bug 1250741SUSE bug 1250759SUSE bug 1250763SUSE bug 1250765SUSE bug 1250807SUSE bug 1250808SUSE bug 1250809SUSE bug 1250812SUSE bug 1250813SUSE bug 1250815SUSE bug 1250816SUSE bug 1250820SUSE bug 1250823SUSE bug 1250825SUSE bug 1250827SUSE bug 1250830SUSE bug 1250831SUSE bug 1250837SUSE bug 1250841SUSE bug 1250861SUSE bug 1250863SUSE bug 1250867SUSE bug 1250872SUSE bug 1250873SUSE bug 1250878SUSE bug 1250905SUSE bug 1250907SUSE bug 1250917SUSE bug 1250918SUSE bug 1250923SUSE bug 1250926SUSE bug 1250928SUSE bug 1250929SUSE bug 1250930SUSE bug 1250931SUSE bug 1250941SUSE bug 1250942SUSE bug 1250949SUSE bug 1250952SUSE bug 1250957SUSE bug 1250964CVE-2023-31248 at SUSECVE-2023-31248 at NVDCVE-2023-3772 at SUSECVE-2023-3772 at NVDCVE-2023-39197 at SUSECVE-2023-39197 at NVDCVE-2023-42753 at SUSECVE-2023-42753 at NVDCVE-2023-53147 at SUSECVE-2023-53147 at NVDCVE-2023-53148 at SUSECVE-2023-53148 at NVDCVE-2023-53150 at SUSECVE-2023-53150 at NVDCVE-2023-53151 at SUSECVE-2023-53151 at NVDCVE-2023-53152 at SUSECVE-2023-53152 at NVDCVE-2023-53165 at SUSECVE-2023-53165 at NVDCVE-2023-53167 at SUSECVE-2023-53167 at NVDCVE-2023-53170 at SUSECVE-2023-53170 at NVDCVE-2023-53174 at SUSECVE-2023-53174 at NVDCVE-2023-53175 at SUSECVE-2023-53175 at NVDCVE-2023-53177 at SUSECVE-2023-53177 at NVDCVE-2023-53179 at SUSECVE-2023-53179 at NVDCVE-2023-53180 at SUSECVE-2023-53180 at NVDCVE-2023-53181 at SUSECVE-2023-53181 at NVDCVE-2023-53183 at SUSECVE-2023-53183 at NVDCVE-2023-53184 at SUSECVE-2023-53184 at NVDCVE-2023-53185 at SUSECVE-2023-53185 at NVDCVE-2023-53187 at SUSECVE-2023-53187 at NVDCVE-2023-53189 at SUSECVE-2023-53189 at NVDCVE-2023-53192 at SUSECVE-2023-53192 at NVDCVE-2023-53195 at SUSECVE-2023-53195 at NVDCVE-2023-53196 at SUSECVE-2023-53196 at NVDCVE-2023-53201 at SUSECVE-2023-53201 at NVDCVE-2023-53204 at SUSECVE-2023-53204 at NVDCVE-2023-53205 at SUSECVE-2023-53205 at NVDCVE-2023-53206 at SUSECVE-2023-53206 at NVDCVE-2023-53207 at SUSECVE-2023-53207 at NVDCVE-2023-53208 at SUSECVE-2023-53208 at NVDCVE-2023-53209 at SUSECVE-2023-53209 at NVDCVE-2023-53210 at SUSECVE-2023-53210 at NVDCVE-2023-53215 at SUSECVE-2023-53215 at NVDCVE-2023-53217 at SUSECVE-2023-53217 at NVDCVE-2023-53220 at SUSECVE-2023-53220 at NVDCVE-2023-53221 at SUSECVE-2023-53221 at NVDCVE-2023-53222 at SUSECVE-2023-53222 at NVDCVE-2023-53226 at SUSECVE-2023-53226 at NVDCVE-2023-53230 at SUSECVE-2023-53230 at NVDCVE-2023-53231 at SUSECVE-2023-53231 at NVDCVE-2023-53235 at SUSECVE-2023-53235 at NVDCVE-2023-53238 at SUSECVE-2023-53238 at NVDCVE-2023-53243 at SUSECVE-2023-53243 at NVDCVE-2023-53245 at SUSECVE-2023-53245 at NVDCVE-2023-53247 at SUSECVE-2023-53247 at NVDCVE-2023-53248 at SUSECVE-2023-53248 at NVDCVE-2023-53249 at SUSECVE-2023-53249 at NVDCVE-2023-53251 at SUSECVE-2023-53251 at NVDCVE-2023-53252 at SUSECVE-2023-53252 at NVDCVE-2023-53255 at SUSECVE-2023-53255 at NVDCVE-2023-53257 at SUSECVE-2023-53257 at NVDCVE-2023-53258 at SUSECVE-2023-53258 at NVDCVE-2023-53260 at SUSECVE-2023-53260 at NVDCVE-2023-53261 at SUSECVE-2023-53261 at NVDCVE-2023-53263 at SUSECVE-2023-53263 at NVDCVE-2023-53264 at SUSECVE-2023-53264 at NVDCVE-2023-53272 at SUSECVE-2023-53272 at NVDCVE-2023-53274 at SUSECVE-2023-53274 at NVDCVE-2023-53275 at SUSECVE-2023-53275 at NVDCVE-2023-53280 at SUSECVE-2023-53280 at NVDCVE-2023-53286 at SUSECVE-2023-53286 at NVDCVE-2023-53287 at SUSECVE-2023-53287 at NVDCVE-2023-53288 at SUSECVE-2023-53288 at NVDCVE-2023-53291 at SUSECVE-2023-53291 at NVDCVE-2023-53292 at SUSECVE-2023-53292 at NVDCVE-2023-53303 at SUSECVE-2023-53303 at NVDCVE-2023-53304 at SUSECVE-2023-53304 at NVDCVE-2023-53305 at SUSECVE-2023-53305 at NVDCVE-2023-53309 at SUSECVE-2023-53309 at NVDCVE-2023-53311 at SUSECVE-2023-53311 at NVDCVE-2023-53312 at SUSECVE-2023-53312 at NVDCVE-2023-53313 at SUSECVE-2023-53313 at NVDCVE-2023-53314 at SUSECVE-2023-53314 at NVDCVE-2023-53316 at SUSECVE-2023-53316 at NVDCVE-2023-53319 at SUSECVE-2023-53319 at NVDCVE-2023-53321 at SUSECVE-2023-53321 at NVDCVE-2023-53322 at SUSECVE-2023-53322 at NVDCVE-2023-53323 at SUSECVE-2023-53323 at NVDCVE-2023-53324 at SUSECVE-2023-53324 at NVDCVE-2023-53325 at SUSECVE-2023-53325 at NVDCVE-2023-53328 at SUSECVE-2023-53328 at NVDCVE-2023-53331 at SUSECVE-2023-53331 at NVDCVE-2023-53333 at SUSECVE-2023-53333 at NVDCVE-2023-53336 at SUSECVE-2023-53336 at NVDCVE-2023-53338 at SUSECVE-2023-53338 at NVDCVE-2023-53339 at SUSECVE-2023-53339 at NVDCVE-2023-53342 at SUSECVE-2023-53342 at NVDCVE-2023-53343 at SUSECVE-2023-53343 at NVDCVE-2023-53350 at SUSECVE-2023-53350 at NVDCVE-2023-53352 at SUSECVE-2023-53352 at NVDCVE-2023-53354 at SUSECVE-2023-53354 at NVDCVE-2023-53356 at SUSECVE-2023-53356 at NVDCVE-2023-53357 at SUSECVE-2023-53357 at NVDCVE-2023-53360 at SUSECVE-2023-53360 at NVDCVE-2023-53362 at SUSECVE-2023-53362 at NVDCVE-2023-53364 at SUSECVE-2023-53364 at NVDCVE-2023-53365 at SUSECVE-2023-53365 at NVDCVE-2023-53367 at SUSECVE-2023-53367 at NVDCVE-2023-53368 at SUSECVE-2023-53368 at NVDCVE-2023-53369 at SUSECVE-2023-53369 at NVDCVE-2023-53370 at SUSECVE-2023-53370 at NVDCVE-2023-53371 at SUSECVE-2023-53371 at NVDCVE-2023-53374 at SUSECVE-2023-53374 at NVDCVE-2023-53377 at SUSECVE-2023-53377 at NVDCVE-2023-53379 at SUSECVE-2023-53379 at NVDCVE-2023-53380 at SUSECVE-2023-53380 at NVDCVE-2023-53384 at SUSECVE-2023-53384 at NVDCVE-2023-53385 at SUSECVE-2023-53385 at NVDCVE-2023-53386 at SUSECVE-2023-53386 at NVDCVE-2023-53391 at SUSECVE-2023-53391 at NVDCVE-2023-53394 at SUSECVE-2023-53394 at NVDCVE-2023-53395 at SUSECVE-2023-53395 at NVDCVE-2023-53397 at SUSECVE-2023-53397 at NVDCVE-2023-53401 at SUSECVE-2023-53401 at NVDCVE-2023-53420 at SUSECVE-2023-53420 at NVDCVE-2023-53421 at SUSECVE-2023-53421 at NVDCVE-2023-53424 at SUSECVE-2023-53424 at NVDCVE-2023-53425 at SUSECVE-2023-53425 at NVDCVE-2023-53426 at SUSECVE-2023-53426 at NVDCVE-2023-53428 at SUSECVE-2023-53428 at NVDCVE-2023-53429 at SUSECVE-2023-53429 at NVDCVE-2023-53432 at SUSECVE-2023-53432 at NVDCVE-2023-53436 at SUSECVE-2023-53436 at NVDCVE-2023-53438 at SUSECVE-2023-53438 at NVDCVE-2023-53441 at SUSECVE-2023-53441 at NVDCVE-2023-53442 at SUSECVE-2023-53442 at NVDCVE-2023-53444 at SUSECVE-2023-53444 at NVDCVE-2023-53446 at SUSECVE-2023-53446 at NVDCVE-2023-53447 at SUSECVE-2023-53447 at NVDCVE-2023-53448 at SUSECVE-2023-53448 at NVDCVE-2023-53451 at SUSECVE-2023-53451 at NVDCVE-2023-53454 at SUSECVE-2023-53454 at NVDCVE-2023-53456 at SUSECVE-2023-53456 at NVDCVE-2023-53457 at SUSECVE-2023-53457 at NVDCVE-2023-53461 at SUSECVE-2023-53461 at NVDCVE-2023-53462 at SUSECVE-2023-53462 at NVDCVE-2023-53463 at SUSECVE-2023-53463 at NVDCVE-2023-53465 at SUSECVE-2023-53465 at NVDCVE-2023-53472 at SUSECVE-2023-53472 at NVDCVE-2023-53479 at SUSECVE-2023-53479 at NVDCVE-2023-53480 at SUSECVE-2023-53480 at NVDCVE-2023-53485 at SUSECVE-2023-53485 at NVDCVE-2023-53487 at SUSECVE-2023-53487 at NVDCVE-2023-53488 at SUSECVE-2023-53488 at NVDCVE-2023-53490 at SUSECVE-2023-53490 at NVDCVE-2023-53491 at SUSECVE-2023-53491 at NVDCVE-2023-53492 at SUSECVE-2023-53492 at NVDCVE-2023-53493 at SUSECVE-2023-53493 at NVDCVE-2023-53495 at SUSECVE-2023-53495 at NVDCVE-2023-53496 at SUSECVE-2023-53496 at NVDCVE-2023-53500 at SUSECVE-2023-53500 at NVDCVE-2023-53501 at SUSECVE-2023-53501 at NVDCVE-2023-53504 at SUSECVE-2023-53504 at NVDCVE-2023-53505 at SUSECVE-2023-53505 at NVDCVE-2023-53507 at SUSECVE-2023-53507 at NVDCVE-2023-53508 at SUSECVE-2023-53508 at NVDCVE-2023-53510 at SUSECVE-2023-53510 at NVDCVE-2023-53515 at SUSECVE-2023-53515 at NVDCVE-2023-53516 at SUSECVE-2023-53516 at NVDCVE-2023-53518 at SUSECVE-2023-53518 at NVDCVE-2023-53519 at SUSECVE-2023-53519 at NVDCVE-2023-53520 at SUSECVE-2023-53520 at NVDCVE-2023-53523 at SUSECVE-2023-53523 at NVDCVE-2023-53526 at SUSECVE-2023-53526 at NVDCVE-2023-53527 at SUSECVE-2023-53527 at NVDCVE-2023-53528 at SUSECVE-2023-53528 at NVDCVE-2023-53530 at SUSECVE-2023-53530 at NVDCVE-2023-53531 at SUSECVE-2023-53531 at NVDCVE-2024-26584 at SUSECVE-2024-26584 at NVDCVE-2024-58090 at SUSECVE-2024-58090 at NVDCVE-2024-58240 at SUSECVE-2024-58240 at NVDCVE-2025-22022 at SUSECVE-2025-22022 at NVDCVE-2025-38119 at SUSECVE-2025-38119 at NVDCVE-2025-38234 at SUSECVE-2025-38234 at NVDCVE-2025-38255 at SUSECVE-2025-38255 at NVDCVE-2025-38263 at SUSECVE-2025-38263 at NVDCVE-2025-38351 at SUSECVE-2025-38351 at NVDCVE-2025-38402 at SUSECVE-2025-38402 at NVDCVE-2025-38408 at SUSECVE-2025-38408 at NVDCVE-2025-38418 at SUSECVE-2025-38418 at NVDCVE-2025-38419 at SUSECVE-2025-38419 at NVDCVE-2025-38456 at SUSECVE-2025-38456 at NVDCVE-2025-38465 at SUSECVE-2025-38465 at NVDCVE-2025-38466 at SUSECVE-2025-38466 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-38514 at SUSECVE-2025-38514 at NVDCVE-2025-38526 at SUSECVE-2025-38526 at NVDCVE-2025-38527 at SUSECVE-2025-38527 at NVDCVE-2025-38533 at SUSECVE-2025-38533 at NVDCVE-2025-38544 at SUSECVE-2025-38544 at NVDCVE-2025-38556 at SUSECVE-2025-38556 at NVDCVE-2025-38574 at SUSECVE-2025-38574 at NVDCVE-2025-38584 at SUSECVE-2025-38584 at NVDCVE-2025-38590 at SUSECVE-2025-38590 at NVDCVE-2025-38593 at SUSECVE-2025-38593 at NVDCVE-2025-38595 at SUSECVE-2025-38595 at NVDCVE-2025-38597 at SUSECVE-2025-38597 at NVDCVE-2025-38605 at SUSECVE-2025-38605 at NVDCVE-2025-38614 at SUSECVE-2025-38614 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDCVE-2025-38622 at SUSECVE-2025-38622 at NVDCVE-2025-38623 at SUSECVE-2025-38623 at NVDCVE-2025-38639 at SUSECVE-2025-38639 at NVDCVE-2025-38640 at SUSECVE-2025-38640 at NVDCVE-2025-38643 at SUSECVE-2025-38643 at NVDCVE-2025-38645 at SUSECVE-2025-38645 at NVDCVE-2025-38659 at SUSECVE-2025-38659 at NVDCVE-2025-38660 at SUSECVE-2025-38660 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDCVE-2025-38668 at SUSECVE-2025-38668 at NVDCVE-2025-38676 at SUSECVE-2025-38676 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDCVE-2025-38679 at SUSECVE-2025-38679 at NVDCVE-2025-38680 at SUSECVE-2025-38680 at NVDCVE-2025-38681 at SUSECVE-2025-38681 at NVDCVE-2025-38683 at SUSECVE-2025-38683 at NVDCVE-2025-38684 at SUSECVE-2025-38684 at NVDCVE-2025-38685 at SUSECVE-2025-38685 at NVDCVE-2025-38687 at SUSECVE-2025-38687 at NVDCVE-2025-38691 at SUSECVE-2025-38691 at NVDCVE-2025-38692 at SUSECVE-2025-38692 at NVDCVE-2025-38693 at SUSECVE-2025-38693 at NVDCVE-2025-38694 at SUSECVE-2025-38694 at NVDCVE-2025-38695 at SUSECVE-2025-38695 at NVDCVE-2025-38697 at SUSECVE-2025-38697 at NVDCVE-2025-38698 at SUSECVE-2025-38698 at NVDCVE-2025-38701 at SUSECVE-2025-38701 at NVDCVE-2025-38702 at SUSECVE-2025-38702 at NVDCVE-2025-38705 at SUSECVE-2025-38705 at NVDCVE-2025-38706 at SUSECVE-2025-38706 at NVDCVE-2025-38709 at SUSECVE-2025-38709 at NVDCVE-2025-38712 at SUSECVE-2025-38712 at NVDCVE-2025-38713 at SUSECVE-2025-38713 at NVDCVE-2025-38714 at SUSECVE-2025-38714 at NVDCVE-2025-38715 at SUSECVE-2025-38715 at NVDCVE-2025-38721 at SUSECVE-2025-38721 at NVDCVE-2025-38722 at SUSECVE-2025-38722 at NVDCVE-2025-38724 at SUSECVE-2025-38724 at NVDCVE-2025-38725 at SUSECVE-2025-38725 at NVDCVE-2025-38727 at SUSECVE-2025-38727 at NVDCVE-2025-38729 at SUSECVE-2025-38729 at NVDCVE-2025-38730 at SUSECVE-2025-38730 at NVDCVE-2025-38732 at SUSECVE-2025-38732 at NVDCVE-2025-38734 at SUSECVE-2025-38734 at NVDCVE-2025-38735 at SUSECVE-2025-38735 at NVDCVE-2025-38736 at SUSECVE-2025-38736 at NVDCVE-2025-39675 at SUSECVE-2025-39675 at NVDCVE-2025-39677 at SUSECVE-2025-39677 at NVDCVE-2025-39678 at SUSECVE-2025-39678 at NVDCVE-2025-39679 at SUSECVE-2025-39679 at NVDCVE-2025-39681 at SUSECVE-2025-39681 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-39684 at SUSECVE-2025-39684 at NVDCVE-2025-39685 at SUSECVE-2025-39685 at NVDCVE-2025-39686 at SUSECVE-2025-39686 at NVDCVE-2025-39691 at SUSECVE-2025-39691 at NVDCVE-2025-39693 at SUSECVE-2025-39693 at NVDCVE-2025-39694 at SUSECVE-2025-39694 at NVDCVE-2025-39701 at SUSECVE-2025-39701 at NVDCVE-2025-39703 at SUSECVE-2025-39703 at NVDCVE-2025-39705 at SUSECVE-2025-39705 at NVDCVE-2025-39706 at SUSECVE-2025-39706 at NVDCVE-2025-39709 at SUSECVE-2025-39709 at NVDCVE-2025-39710 at SUSECVE-2025-39710 at NVDCVE-2025-39713 at SUSECVE-2025-39713 at NVDCVE-2025-39714 at SUSECVE-2025-39714 at NVDCVE-2025-39718 at SUSECVE-2025-39718 at NVDCVE-2025-39719 at SUSECVE-2025-39719 at NVDCVE-2025-39721 at SUSECVE-2025-39721 at NVDCVE-2025-39724 at SUSECVE-2025-39724 at NVDCVE-2025-39726 at SUSECVE-2025-39726 at NVDCVE-2025-39730 at SUSECVE-2025-39730 at NVDCVE-2025-39732 at SUSECVE-2025-39732 at NVDCVE-2025-39738 at SUSECVE-2025-39738 at NVDCVE-2025-39739 at SUSECVE-2025-39739 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-39743 at SUSECVE-2025-39743 at NVDCVE-2025-39744 at SUSECVE-2025-39744 at NVDCVE-2025-39746 at SUSECVE-2025-39746 at NVDCVE-2025-39749 at SUSECVE-2025-39749 at NVDCVE-2025-39750 at SUSECVE-2025-39750 at NVDCVE-2025-39751 at SUSECVE-2025-39751 at NVDCVE-2025-39754 at SUSECVE-2025-39754 at NVDCVE-2025-39757 at SUSECVE-2025-39757 at NVDCVE-2025-39758 at SUSECVE-2025-39758 at NVDCVE-2025-39759 at SUSECVE-2025-39759 at NVDCVE-2025-39760 at SUSECVE-2025-39760 at NVDCVE-2025-39761 at SUSECVE-2025-39761 at NVDCVE-2025-39763 at SUSECVE-2025-39763 at NVDCVE-2025-39764 at SUSECVE-2025-39764 at NVDCVE-2025-39766 at SUSECVE-2025-39766 at NVDCVE-2025-39770 at SUSECVE-2025-39770 at NVDCVE-2025-39772 at SUSECVE-2025-39772 at NVDCVE-2025-39773 at SUSECVE-2025-39773 at NVDCVE-2025-39782 at SUSECVE-2025-39782 at NVDCVE-2025-39783 at SUSECVE-2025-39783 at NVDCVE-2025-39787 at SUSECVE-2025-39787 at NVDCVE-2025-39790 at SUSECVE-2025-39790 at NVDCVE-2025-39797 at SUSECVE-2025-39797 at NVDCVE-2025-39798 at SUSECVE-2025-39798 at NVDCVE-2025-39800 at SUSECVE-2025-39800 at NVDCVE-2025-39801 at SUSECVE-2025-39801 at NVDCVE-2025-39806 at SUSECVE-2025-39806 at NVDCVE-2025-39808 at SUSECVE-2025-39808 at NVDCVE-2025-39810 at SUSECVE-2025-39810 at NVDCVE-2025-39823 at SUSECVE-2025-39823 at NVDCVE-2025-39824 at SUSECVE-2025-39824 at NVDCVE-2025-39825 at SUSECVE-2025-39825 at NVDCVE-2025-39826 at SUSECVE-2025-39826 at NVDCVE-2025-39827 at SUSECVE-2025-39827 at NVDCVE-2025-39832 at SUSECVE-2025-39832 at NVDCVE-2025-39833 at SUSECVE-2025-39833 at NVDCVE-2025-39835 at SUSECVE-2025-39835 at NVDCVE-2025-39838 at SUSECVE-2025-39838 at NVDCVE-2025-39839 at SUSECVE-2025-39839 at NVDCVE-2025-39842 at SUSECVE-2025-39842 at NVDCVE-2025-39844 at SUSECVE-2025-39844 at NVDCVE-2025-39845 at SUSECVE-2025-39845 at NVDCVE-2025-39846 at SUSECVE-2025-39846 at NVDCVE-2025-39847 at SUSECVE-2025-39847 at NVDCVE-2025-39848 at SUSECVE-2025-39848 at NVDCVE-2025-39849 at SUSECVE-2025-39849 at NVDCVE-2025-39850 at SUSECVE-2025-39850 at NVDCVE-2025-39853 at SUSECVE-2025-39853 at NVDCVE-2025-39854 at SUSECVE-2025-39854 at NVDCVE-2025-39857 at SUSECVE-2025-39857 at NVDCVE-2025-39860 at SUSECVE-2025-39860 at NVDCVE-2025-39861 at SUSECVE-2025-39861 at NVDCVE-2025-39863 at SUSECVE-2025-39863 at NVDCVE-2025-39864 at SUSECVE-2025-39864 at NVDCVE-2025-39865 at SUSECVE-2025-39865 at NVDCVE-2025-39869 at SUSECVE-2025-39869 at NVDCVE-2025-39870 at SUSECVE-2025-39870 at NVDCVE-2025-39871 at SUSECVE-2025-39871 at NVDCVE-2025-39873 at SUSECVE-2025-39873 at NVDCVE-2025-39882 at SUSECVE-2025-39882 at NVDCVE-2025-39885 at SUSECVE-2025-39885 at NVDCVE-2025-39889 at SUSECVE-2025-39889 at NVDCVE-2025-39891 at SUSECVE-2025-39891 at NVDCVE-2025-39907 at SUSECVE-2025-39907 at NVDCVE-2025-39920 at SUSECVE-2025-39920 at NVDCVE-2025-39923 at SUSECVE-2025-39923 at NVDCVE-2025-39925 at SUSECVE-2025-39925 at NVDCVE-2025-40300 at SUSECVE-2025-40300 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-53237: Fixed bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008)
- CVE-2024-53082: Fixed virtio_net: Add hash_key_length check (bsc#1233677)
- CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability (bsc#1240840)
- CVE-2024-56650: Fixed netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431)
ModerateSUSE bug 1233677SUSE bug 1235008SUSE bug 1235431SUSE bug 1240840CVE-2024-53082 at SUSECVE-2024-53082 at NVDCVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-8805 at SUSECVE-2024-8805 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_12 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_12 fixes the following issues:
New livepatch SLE Micro 6.0/6.1 kernel update 12.
Moderatecpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer (bsc#1249770).
- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
- CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
- CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
- CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
- CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).
- CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
- CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
- CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).
- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
- CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
- CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
- CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
- CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
- CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
- CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
- CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
- CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
- CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
- CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
- CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
- CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
- CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
- CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
- CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).
- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
- CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).
- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
- CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
- CVE-2025-39832: net/mlx5: Fix lockdep assertion on sync reset unload event (bsc#1249901).
- CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).
- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
- CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
- CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
- CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
- CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).
The following non-security bugs were fixed:
- !CONFIG & reference -> this is bug, immediate fail
- 9p/xen: fix init sequence (git-fixes).
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).
- ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message (git-fixes).
- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).
- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).
- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).
- ACPICA: Fix largest possible resource descriptor index (git-fixes).
- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).
- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).
- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).
- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).
- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).
- ALSA: lx_core: use int type to store negative error codes (git-fixes).
- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).
- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).
- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Convert comma to semicolon (git-fixes).
- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).
- ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-fixes).
- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).
- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).
- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).
- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).
- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).
- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).
- ASoC: wm8940: Correct PLL rate rounding (git-fixes).
- ASoC: wm8940: Correct typo in control name (git-fixes).
- ASoC: wm8974: Correct PLL rate rounding (git-fixes).
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).
- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
- Bluetooth: MGMT: Fix possible UAFs (git-fixes).
- Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).
- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).
- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).
- Bluetooth: qca: fix invalid device address check (git-fixes).
- Bluetooth: qca: fix wcn3991 device address check (git-fixes).
- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- Do not self obsolete older kernel variants
- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).
- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).
- EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller (git-fixes).
- Fix BPF selftests compilation error in bpf_iter.c (git-fixes).
- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).
- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).
- HID: input: report battery status changes immediately (git-fixes).
- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).
- HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).
- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
- HID: wacom: Add a new Art Pen 2 (stable-fixes).
- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
- IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes)
- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
- KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes).
- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).
- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes).
- KVM: VMX: Extract checking of guest's DEBUGCTL into helper (git-fixes).
- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).
- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-fixes).
- KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-fixes).
- KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits (git-fixes).
- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).
- KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table (git-fixes).
- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).
- KVM: x86: Fully defer to vendor code to decide how to force immediate exit (git-fixes).
- KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-fixes).
- KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint (git-fixes).
- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).
- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186).
- Limit patch filenames to 100 characters (bsc#1249604).
- NFSv4.1: fix backchannel max_resp_sz verification check (git-fixes).
- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).
- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).
- NFSv4: Do not clear capabilities that won't be reset (git-fixes).
- PCI/AER: Fix missing uevent on recovery when a reset is requested (git-fixes).
- PCI/ERR: Fix uevent on failure to recover (git-fixes).
- PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (git-fixes).
- PCI/sysfs: Ensure devices are powered for config reads (git-fixes).
- PCI: Extend isolated function probing to LoongArch (git-fixes).
- PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit (git-fixes).
- PCI: rcar-host: Drop PMSR spinlock (git-fixes).
- PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() (git-fixes).
- PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes).
- PCI: tegra194: Handle errors in BPMP response (git-fixes).
- PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock (git-fixes).
- PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation (git-fixes).
- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).
- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).
- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes)
- RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes)
- RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes)
- RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes)
- RDMA/rxe: Fix race in do_task() when draining (git-fixes)
- RDMA/siw: Always report immediate post SQ errors (git-fixes)
- Revert "SUNRPC: Do not allow waiting for exiting tasks" (git-fixes).
- Revert "drm/amdgpu: fix incorrect vm flags to map bo" (stable-fixes).
- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
- Squashfs: add additional inode sanity checking (git-fixes).
- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).
- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).
- Update config files. (bsc#1249186) Plain run_oldconfig after Kconfig update.
- afs: Fix potential null pointer dereference in afs_put_server (git-fixes).
- arm64: Handle KCOV __init vs inline mismatches (git-fixes)
- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
- arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes)
- arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes)
- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
- arm64: dts: imx8mp: Correct thermal sensor index (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
- batman-adv: fix OOB read/write in network-coding decode (git-fixes).
- bpf, bpftool: Fix incorrect disasm pc (git-fixes).
- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
- bpf: Fix iter/task tid filtering (git-fixes).
- bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).
- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
- bpf: Properly test iter/task tid filtering (git-fixes).
- bpf: bpftool: Setting error code in do_loader() (git-fixes).
- bpf: handle implicit declaration of function gettid in bpf_iter.c
- bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).
- bpftool: Fix JSON writer resource leak in version command (git-fixes).
- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).
- bpftool: Fix readlink usage in get_fd_type (git-fixes).
- bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).
- bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).
- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).
- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).
- btrfs: add cancellation points to trim loops (git-fixes).
- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).
- btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).
- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).
- btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes).
- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).
- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).
- btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).
- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).
- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).
- btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).
- btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).
- btrfs: scrub: fix grouping of read IO (git-fixes).
- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
- btrfs: split remaining space to discard in chunks (git-fixes).
- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
- btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).
- build_bug.h: Add KABI assert (bsc#1249186).
- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).
- bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() (git-fixes).
- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).
- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).
- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).
- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).
- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
- ceph: validate snapdirname option length when mounting (git-fixes).
- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).
- cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).
- cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (bsc#1247963).
- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
- cgroup: make css_rstat_updated nmi safe (bsc#1247963).
- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).
- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).
- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).
- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
- config.sh: Use Step repository for building Leap kernel bs-upload-kernel does not understand the Leap repository layout
- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).
- cpufreq: Exit governor when failed to start old governor (stable-fixes).
- cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).
- cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).
- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
- cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes).
- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).
- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
- cpufreq: scpi: compare kHz instead of Hz (git-fixes).
- cpufreq: tegra186: Share policy per cluster (stable-fixes).
- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).
- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).
- crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes).
- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).
- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).
- crypto: qat - add shutdown handler to qat_c62x (git-fixes).
- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).
- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).
- dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation (git-fixes).
- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).
- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).
- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
- dmaengine: idxd: Remove improper idxd_free (git-fixes).
- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).
- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).
- docs: admin-guide: update to current minimum pipe size default (git-fixes).
- drivers/base/node: fix double free in register_one_node() (git-fixes).
- drivers/base/node: handle error properly in register_one_node() (git-fixes).
- drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).
- drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).
- drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).
- drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).
- drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).
- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
- drm/amd/display: Remove redundant semicolons (git-fixes).
- drm/amd/display: use udelay rather than fsleep (git-fixes).
- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).
- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).
- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).
- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).
- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).
- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).
- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
- drm/amdgpu: remove the redeclaration of variable i (git-fixes).
- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).
- drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).
- drm/bridge: it6505: select REGMAP_I2C (git-fixes).
- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).
- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).
- drm/edid: Define the quirks in an enum list (bsc#1248121).
- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).
- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).
- drm/mediatek: fix potential OF node use-after-free (git-fixes).
- drm/msm/dpu: fix incorrect type for ret (git-fixes).
- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).
- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).
- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).
- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).
- fbcon: Fix OOB access in font allocation (git-fixes).
- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).
- firmware: meson_sm: fix device leak at probe (git-fixes).
- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).
- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).
- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).
- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).
- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
- hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).
- i2c: designware: Add disabling clocks when probe fails (git-fixes).
- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).
- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).
- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
- i3c: Fix default I2C adapter timeout value (git-fixes).
- i3c: master: svc: Recycle unused IBI slot (git-fixes).
- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).
- iio: dac: ad5360: use int type to store negative error codes (git-fixes).
- iio: dac: ad5421: use int type to store negative error codes (git-fixes).
- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).
- iio: frequency: adf4350: Fix prescaler usage (git-fixes).
- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).
- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).
- iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-fixes).
- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
- kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- kABI fix for "netfilter: nf_tables: Audit log rule reset" (git-fixes).
- kABI workaround for "drm/dp: Add an EDID quirk for the DPCD register access probe" (bsc#1248121).
- kABI workaround for RCU tasks exit tracking (bsc#1246298).
- kABI: adjust new field on ip_ct_sctp struct (git-fixes).
- kABI: arm64: ftrace: Restore init_module behavior (git-fixes).
- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
- kABI: make nft_trans_gc_catchall() public again (git-fixes).
- kABI: netfilter flowtable move gc operation to bottom (git-fixes).
- kabi: Restore layout of parallel_data (bsc1248343).
- kabi: add struct cgroup_extra (bsc#1247963).
- kabi: drop kvm_x86_ops from kabi relevant symbols.
- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).
- kernel-binary: Another installation ordering fix (bsc#1241353).
- kernel-source.spec: Depend on python3-base for build Both kernel-binary and kernel-docs already have this dependency.
- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).
- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).
- media: cx18: Add missing check after DMA map (git-fixes).
- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
- media: lirc: Fix error handling in lirc_register() (git-fixes).
- media: pci: ivtv: Add missing check after DMA map (git-fixes).
- media: rc: fix races with imon_disconnect() (git-fixes).
- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
- media: st-delta: avoid excessive stack usage (git-fixes).
- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).
- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).
- media: zoran: Remove zoran_fh structure (git-fixes).
- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).
- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).
- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).
- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).
- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).
- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
- mm: move page table sync declarations to linux/pgtable.h (git-fixes).
- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
- mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).
- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).
- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).
- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).
- net: nfc: nci: Add parameter validation for packet data (git-fixes).
- net: phy: fix phy_uses_state_machine() (git-fixes).
- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).
- net: rose: convert 'use' field to refcount_t (git-fixes).
- net: rose: fix a typo in rose_clear_routes() (git-fixes).
- net: rose: include node references in rose_neigh refcount (git-fixes).
- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).
- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).
- net: usb: cdc-ncm: check for filtering capability (git-fixes).
- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).
- netfilter: conntrack: fix extension size table (git-fixes).
- netfilter: flowtable: GC pushes back packets to classic path (git-fixes).
- netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).
- netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).
- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
- netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).
- netfilter: nf_tables: Audit log rule reset (git-fixes).
- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).
- netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).
- netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).
- netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).
- netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).
- netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).
- netfilter: nf_tables: Unbreak audit log reset (git-fixes).
- netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).
- netfilter: nf_tables: audit log object reset once per table (git-fixes).
- netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).
- netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).
- netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: nft_obj_filter fits into cb->ctx (git-fixes).
- netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).
- netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).
- netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).
- netfilter: nft_payload: fix wrong mac header matching (git-fixes).
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).
- netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).
- netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).
- netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).
- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).
- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
- nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).
- nvme-pci: try function level reset on init failure (git-fixes).
- nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).
- nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500).
- nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).
- orangefs: Remove unused type in macro fill_default_sys_attrs (git-fixes).
- pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).
- pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).
- pcmcia: omap: Add missing check for platform_get_resource (git-fixes).
- phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568 (git-fixes).
- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
- phy: ti-pipe3: fix device leak at unbind (git-fixes).
- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
- pinctrl: renesas: Use int type to store negative error codes (git-fixes).
- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).
- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
- platform/x86: think-lmi: Fix class device unregistration (git-fixes).
- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).
- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).
- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).
- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).
- power: supply: max77976_charger: fix constant current reporting (git-fixes).
- pptp: fix pptp_xmit() error path (git-fixes).
- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).
- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).
- rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)
- rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)
- rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain real-time response in (bsc#1246298)
- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)
- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)
- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).
- regulator: scmi: Use int type to store negative error codes (git-fixes).
- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
- rpm: Configure KABI checkingness macro (bsc#1249186).
- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).
- rpm: Link arch-symbols script from scripts directory.
- rpm: Link guards script from scripts directory.
- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).
- s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).
- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).
- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).
- s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).
- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).
- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).
- s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).
- sched/deadline: Collect sched_dl_entity initialization (git-fixes)
- sched/fair: Remove unused parameter from sched_asym() (git-fixes)
- sched/fair: Take the scheduling domain into account in (git-fixes)
- sched/isolation: Fix boot crash when maxcpus < first (git-fixes)
- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)
- sched: add a sched_ttwu_queue sysctl (bsc#1247963, jsc#PED-13659).
- scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).
- scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).
- scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519).
- scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).
- scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).
- scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).
- scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).
- scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).
- scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).
- scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519).
- scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).
- scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519).
- scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
- scsi: lpfc: Use int type to store negative error codes (bsc#1250519).
- scsi: lpfc: use min() to improve code (bsc#1250519).
- scsi: qla2xxx: Avoid stack frame size warning in qla_dfs (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp() (git-fixes).
- scsi: qla2xxx: Remove firmware URL (git-fixes).
- scsi: qla2xxx: Use secs_to_jiffies() instead of msecs_to_jiffies() (git-fixes).
- scsi: qla2xxx: edif: Fix incorrect sign of error code (git-fixes).
- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes).
- selftests/bpf: Add asserts for netfilter link info (git-fixes).
- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).
- selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).
- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).
- selftests: bpf: test batch lookup on array of maps with holes (git-fixes).
- serial: max310x: Add error checking in probe() (git-fixes).
- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).
- spi: bcm2835: Remove redundant semicolons (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).
- spi: mtk-snfi: Remove redundant semicolons (git-fixes).
- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).
- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
- struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).
- struct ci_hdrc: new member has_short_pkt_limit to end (git-fixes).
- struct l2cap_chan: shift new member rx_avail to end (git-fixes).
- supported.conf: mark hyperv_drm as external
- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
- thunderbolt: Compare HMAC values in constant time (git-fixes).
- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).
- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).
- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
- usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag (git-fixes).
- usb: core: Add 0x prefix to quirks debug output (stable-fixes).
- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).
- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).
- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).
- usb: typec: fusb302: cache PD RX state (git-fixes).
- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).
- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).
- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).
- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).
- usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register (git-fixes).
- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).
- use uniform permission checks for all mount propagation changes (git-fixes).
- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).
- vhost-scsi: Return queue full for page alloc failures during copy (git-fixes).
- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).
- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).
- vhost: fail early when __vhost_add_used() fails (git-fixes).
- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).
- vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- vsock: Allow retrying on connect() failure (git-fixes).
- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes).
- vsock: avoid timeout during connect() if the socket is closing (git-fixes).
- watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (git-fixes).
- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).
- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).
- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).
- wifi: ath11k: fix group data packet drops during rekey (git-fixes).
- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).
- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).
- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).
- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).
- wifi: mac80211: fix incorrect type for ret (stable-fixes).
- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).
- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).
- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
- wifi: mwifiex: send world regulatory domain to driver (git-fixes).
- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).
- wifi: virt_wifi: Fix page fault on connect (stable-fixes).
- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).
- writeback: Avoid contention on wb->list_lock when switching inodes (bsc#1237776).
- writeback: Avoid contention on wb->list_lock when switching inodes (kABI fixup) (bsc#1237776).
- writeback: Avoid excessively long inode switching times (bsc#1237776).
- writeback: Avoid softlockup when switching many inodes (bsc#1237776).
- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
- x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).
- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).
- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).
- xen/netfront: Fix TX response spurious interrupts (git-fixes).
- xen: Add support for XenServer 6.1 platform device (git-fixes).
- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).
- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).
- xfs: rework datasync tracking and execution (bsc#1237449).
- xhci: Fix control transfer error on Etron xHCI host (git-fixes).
- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).
- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1194869SUSE bug 1213061SUSE bug 1213666SUSE bug 1214073SUSE bug 1214928SUSE bug 1214953SUSE bug 1215150SUSE bug 1215696SUSE bug 1216436SUSE bug 1216976SUSE bug 1218644SUSE bug 1220186SUSE bug 1220419SUSE bug 1229165SUSE bug 1230062SUSE bug 1236897SUSE bug 1237449SUSE bug 1237776SUSE bug 1240324SUSE bug 1241166SUSE bug 1241292SUSE bug 1241353SUSE bug 1241866SUSE bug 1243100SUSE bug 1243112SUSE bug 1245193SUSE bug 1245260SUSE bug 1245700SUSE bug 1246057SUSE bug 1246125SUSE bug 1246190SUSE bug 1246248SUSE bug 1246298SUSE bug 1246509SUSE bug 1246782SUSE bug 1247099SUSE bug 1247118SUSE bug 1247126SUSE bug 1247136SUSE bug 1247137SUSE bug 1247223SUSE bug 1247239SUSE bug 1247262SUSE bug 1247442SUSE bug 1247483SUSE bug 1247500SUSE bug 1247963SUSE bug 1248111SUSE bug 1248121SUSE bug 1248192SUSE bug 1248199SUSE bug 1248200SUSE bug 1248202SUSE bug 1248225SUSE bug 1248296SUSE bug 1248334SUSE bug 1248343SUSE bug 1248357SUSE bug 1248360SUSE bug 1248365SUSE bug 1248378SUSE bug 1248380SUSE bug 1248392SUSE bug 1248512SUSE bug 1248610SUSE bug 1248619SUSE bug 1248622SUSE bug 1248626SUSE bug 1248628SUSE bug 1248634SUSE bug 1248639SUSE bug 1248647SUSE bug 1248674SUSE bug 1248681SUSE bug 1248733SUSE bug 1248734SUSE bug 1248735SUSE bug 1248775SUSE bug 1248847SUSE bug 1249122SUSE bug 1249123SUSE bug 1249124SUSE bug 1249125SUSE bug 1249126SUSE bug 1249143SUSE bug 1249156SUSE bug 1249159SUSE bug 1249163SUSE bug 1249164SUSE bug 1249166SUSE bug 1249169SUSE bug 1249170SUSE bug 1249172SUSE bug 1249176SUSE bug 1249177SUSE bug 1249186SUSE bug 1249190SUSE bug 1249194SUSE bug 1249195SUSE bug 1249196SUSE bug 1249199SUSE bug 1249200SUSE bug 1249202SUSE bug 1249203SUSE bug 1249204SUSE bug 1249206SUSE bug 1249215SUSE bug 1249220SUSE bug 1249221SUSE bug 1249254SUSE bug 1249255SUSE bug 1249257SUSE bug 1249258SUSE bug 1249260SUSE bug 1249262SUSE bug 1249263SUSE bug 1249265SUSE bug 1249266SUSE bug 1249271SUSE bug 1249272SUSE bug 1249273SUSE bug 1249278SUSE bug 1249279SUSE bug 1249281SUSE bug 1249282SUSE bug 1249284SUSE bug 1249285SUSE bug 1249288SUSE bug 1249290SUSE bug 1249292SUSE bug 1249295SUSE bug 1249296SUSE bug 1249299SUSE bug 1249300SUSE bug 1249303SUSE bug 1249304SUSE bug 1249305SUSE bug 1249308SUSE bug 1249312SUSE bug 1249315SUSE bug 1249318SUSE bug 1249321SUSE bug 1249323SUSE bug 1249324SUSE bug 1249334SUSE bug 1249338SUSE bug 1249346SUSE bug 1249374SUSE bug 1249413SUSE bug 1249479SUSE bug 1249481SUSE bug 1249482SUSE bug 1249486SUSE bug 1249488SUSE bug 1249489SUSE bug 1249490SUSE bug 1249494SUSE bug 1249504SUSE bug 1249506SUSE bug 1249508SUSE bug 1249510SUSE bug 1249513SUSE bug 1249515SUSE bug 1249516SUSE bug 1249522SUSE bug 1249523SUSE bug 1249524SUSE bug 1249526SUSE bug 1249533SUSE bug 1249538SUSE bug 1249540SUSE bug 1249542SUSE bug 1249545SUSE bug 1249548SUSE bug 1249554SUSE bug 1249598SUSE bug 1249604SUSE bug 1249608SUSE bug 1249615SUSE bug 1249640SUSE bug 1249641SUSE bug 1249642SUSE bug 1249658SUSE bug 1249662SUSE bug 1249672SUSE bug 1249673SUSE bug 1249677SUSE bug 1249678SUSE bug 1249679SUSE bug 1249682SUSE bug 1249687SUSE bug 1249698SUSE bug 1249707SUSE bug 1249712SUSE bug 1249730SUSE bug 1249756SUSE bug 1249758SUSE bug 1249761SUSE bug 1249762SUSE bug 1249768SUSE bug 1249770SUSE bug 1249774SUSE bug 1249779SUSE bug 1249780SUSE bug 1249785SUSE bug 1249787SUSE bug 1249795SUSE bug 1249815SUSE bug 1249820SUSE bug 1249823SUSE bug 1249824SUSE bug 1249825SUSE bug 1249826SUSE bug 1249833SUSE bug 1249842SUSE bug 1249845SUSE bug 1249849SUSE bug 1249850SUSE bug 1249853SUSE bug 1249856SUSE bug 1249861SUSE bug 1249863SUSE bug 1249864SUSE bug 1249865SUSE bug 1249866SUSE bug 1249869SUSE bug 1249870SUSE bug 1249880SUSE bug 1249883SUSE bug 1249888SUSE bug 1249894SUSE bug 1249896SUSE bug 1249897SUSE bug 1249901SUSE bug 1249911SUSE bug 1249917SUSE bug 1249919SUSE bug 1249923SUSE bug 1249926SUSE bug 1249938SUSE bug 1249949SUSE bug 1249950SUSE bug 1249952SUSE bug 1249975SUSE bug 1249979SUSE bug 1249984SUSE bug 1249988SUSE bug 1249990SUSE bug 1249993SUSE bug 1249994SUSE bug 1249997SUSE bug 1250002SUSE bug 1250004SUSE bug 1250006SUSE bug 1250007SUSE bug 1250012SUSE bug 1250022SUSE bug 1250024SUSE bug 1250025SUSE bug 1250028SUSE bug 1250029SUSE bug 1250035SUSE bug 1250049SUSE bug 1250055SUSE bug 1250057SUSE bug 1250058SUSE bug 1250062SUSE bug 1250063SUSE bug 1250065SUSE bug 1250066SUSE bug 1250067SUSE bug 1250069SUSE bug 1250070SUSE bug 1250073SUSE bug 1250074SUSE bug 1250088SUSE bug 1250089SUSE bug 1250106SUSE bug 1250112SUSE bug 1250117SUSE bug 1250120SUSE bug 1250125SUSE bug 1250127SUSE bug 1250128SUSE bug 1250145SUSE bug 1250150SUSE bug 1250156SUSE bug 1250157SUSE bug 1250161SUSE bug 1250163SUSE bug 1250166SUSE bug 1250167SUSE bug 1250169SUSE bug 1250171SUSE bug 1250177SUSE bug 1250179SUSE bug 1250180SUSE bug 1250186SUSE bug 1250196SUSE bug 1250198SUSE bug 1250199SUSE bug 1250201SUSE bug 1250203SUSE bug 1250204SUSE bug 1250206SUSE bug 1250208SUSE bug 1250241SUSE bug 1250242SUSE bug 1250243SUSE bug 1250247SUSE bug 1250249SUSE bug 1250251SUSE bug 1250262SUSE bug 1250263SUSE bug 1250266SUSE bug 1250267SUSE bug 1250268SUSE bug 1250275SUSE bug 1250276SUSE bug 1250281SUSE bug 1250290SUSE bug 1250291SUSE bug 1250292SUSE bug 1250294SUSE bug 1250297SUSE bug 1250298SUSE bug 1250313SUSE bug 1250319SUSE bug 1250323SUSE bug 1250325SUSE bug 1250329SUSE bug 1250336SUSE bug 1250337SUSE bug 1250344SUSE bug 1250358SUSE bug 1250365SUSE bug 1250371SUSE bug 1250377SUSE bug 1250384SUSE bug 1250389SUSE bug 1250395SUSE bug 1250397SUSE bug 1250402SUSE bug 1250406SUSE bug 1250407SUSE bug 1250426SUSE bug 1250450SUSE bug 1250459SUSE bug 1250519SUSE bug 1250522SUSE bug 1250530SUSE bug 1250655SUSE bug 1250712SUSE bug 1250713SUSE bug 1250732SUSE bug 1250736SUSE bug 1250741SUSE bug 1250759SUSE bug 1250763SUSE bug 1250765SUSE bug 1250807SUSE bug 1250808SUSE bug 1250809SUSE bug 1250812SUSE bug 1250813SUSE bug 1250815SUSE bug 1250816SUSE bug 1250820SUSE bug 1250823SUSE bug 1250825SUSE bug 1250827SUSE bug 1250830SUSE bug 1250831SUSE bug 1250837SUSE bug 1250841SUSE bug 1250861SUSE bug 1250863SUSE bug 1250867SUSE bug 1250872SUSE bug 1250873SUSE bug 1250878SUSE bug 1250905SUSE bug 1250907SUSE bug 1250917SUSE bug 1250918SUSE bug 1250923SUSE bug 1250926SUSE bug 1250928SUSE bug 1250929SUSE bug 1250930SUSE bug 1250931SUSE bug 1250941SUSE bug 1250942SUSE bug 1250949SUSE bug 1250952SUSE bug 1250957SUSE bug 1250964CVE-2023-31248 at SUSECVE-2023-31248 at NVDCVE-2023-3772 at SUSECVE-2023-3772 at NVDCVE-2023-39197 at SUSECVE-2023-39197 at NVDCVE-2023-42753 at SUSECVE-2023-42753 at NVDCVE-2023-53147 at SUSECVE-2023-53147 at NVDCVE-2023-53148 at SUSECVE-2023-53148 at NVDCVE-2023-53150 at SUSECVE-2023-53150 at NVDCVE-2023-53151 at SUSECVE-2023-53151 at NVDCVE-2023-53152 at SUSECVE-2023-53152 at NVDCVE-2023-53165 at SUSECVE-2023-53165 at NVDCVE-2023-53167 at SUSECVE-2023-53167 at NVDCVE-2023-53170 at SUSECVE-2023-53170 at NVDCVE-2023-53174 at SUSECVE-2023-53174 at NVDCVE-2023-53175 at SUSECVE-2023-53175 at NVDCVE-2023-53177 at SUSECVE-2023-53177 at NVDCVE-2023-53179 at SUSECVE-2023-53179 at NVDCVE-2023-53180 at SUSECVE-2023-53180 at NVDCVE-2023-53181 at SUSECVE-2023-53181 at NVDCVE-2023-53183 at SUSECVE-2023-53183 at NVDCVE-2023-53184 at SUSECVE-2023-53184 at NVDCVE-2023-53185 at SUSECVE-2023-53185 at NVDCVE-2023-53187 at SUSECVE-2023-53187 at NVDCVE-2023-53189 at SUSECVE-2023-53189 at NVDCVE-2023-53192 at SUSECVE-2023-53192 at NVDCVE-2023-53195 at SUSECVE-2023-53195 at NVDCVE-2023-53196 at SUSECVE-2023-53196 at NVDCVE-2023-53201 at SUSECVE-2023-53201 at NVDCVE-2023-53204 at SUSECVE-2023-53204 at NVDCVE-2023-53205 at SUSECVE-2023-53205 at NVDCVE-2023-53206 at SUSECVE-2023-53206 at NVDCVE-2023-53207 at SUSECVE-2023-53207 at NVDCVE-2023-53208 at SUSECVE-2023-53208 at NVDCVE-2023-53209 at SUSECVE-2023-53209 at NVDCVE-2023-53210 at SUSECVE-2023-53210 at NVDCVE-2023-53215 at SUSECVE-2023-53215 at NVDCVE-2023-53217 at SUSECVE-2023-53217 at NVDCVE-2023-53220 at SUSECVE-2023-53220 at NVDCVE-2023-53221 at SUSECVE-2023-53221 at NVDCVE-2023-53222 at SUSECVE-2023-53222 at NVDCVE-2023-53226 at SUSECVE-2023-53226 at NVDCVE-2023-53230 at SUSECVE-2023-53230 at NVDCVE-2023-53231 at SUSECVE-2023-53231 at NVDCVE-2023-53235 at SUSECVE-2023-53235 at NVDCVE-2023-53238 at SUSECVE-2023-53238 at NVDCVE-2023-53243 at SUSECVE-2023-53243 at NVDCVE-2023-53245 at SUSECVE-2023-53245 at NVDCVE-2023-53247 at SUSECVE-2023-53247 at NVDCVE-2023-53248 at SUSECVE-2023-53248 at NVDCVE-2023-53249 at SUSECVE-2023-53249 at NVDCVE-2023-53251 at SUSECVE-2023-53251 at NVDCVE-2023-53252 at SUSECVE-2023-53252 at NVDCVE-2023-53255 at SUSECVE-2023-53255 at NVDCVE-2023-53257 at SUSECVE-2023-53257 at NVDCVE-2023-53258 at SUSECVE-2023-53258 at NVDCVE-2023-53260 at SUSECVE-2023-53260 at NVDCVE-2023-53261 at SUSECVE-2023-53261 at NVDCVE-2023-53263 at SUSECVE-2023-53263 at NVDCVE-2023-53264 at SUSECVE-2023-53264 at NVDCVE-2023-53272 at SUSECVE-2023-53272 at NVDCVE-2023-53274 at SUSECVE-2023-53274 at NVDCVE-2023-53275 at SUSECVE-2023-53275 at NVDCVE-2023-53280 at SUSECVE-2023-53280 at NVDCVE-2023-53286 at SUSECVE-2023-53286 at NVDCVE-2023-53287 at SUSECVE-2023-53287 at NVDCVE-2023-53288 at SUSECVE-2023-53288 at NVDCVE-2023-53291 at SUSECVE-2023-53291 at NVDCVE-2023-53292 at SUSECVE-2023-53292 at NVDCVE-2023-53303 at SUSECVE-2023-53303 at NVDCVE-2023-53304 at SUSECVE-2023-53304 at NVDCVE-2023-53305 at SUSECVE-2023-53305 at NVDCVE-2023-53309 at SUSECVE-2023-53309 at NVDCVE-2023-53311 at SUSECVE-2023-53311 at NVDCVE-2023-53312 at SUSECVE-2023-53312 at NVDCVE-2023-53313 at SUSECVE-2023-53313 at NVDCVE-2023-53314 at SUSECVE-2023-53314 at NVDCVE-2023-53316 at SUSECVE-2023-53316 at NVDCVE-2023-53319 at SUSECVE-2023-53319 at NVDCVE-2023-53321 at SUSECVE-2023-53321 at NVDCVE-2023-53322 at SUSECVE-2023-53322 at NVDCVE-2023-53323 at SUSECVE-2023-53323 at NVDCVE-2023-53324 at SUSECVE-2023-53324 at NVDCVE-2023-53325 at SUSECVE-2023-53325 at NVDCVE-2023-53328 at SUSECVE-2023-53328 at NVDCVE-2023-53331 at SUSECVE-2023-53331 at NVDCVE-2023-53333 at SUSECVE-2023-53333 at NVDCVE-2023-53336 at SUSECVE-2023-53336 at NVDCVE-2023-53338 at SUSECVE-2023-53338 at NVDCVE-2023-53339 at SUSECVE-2023-53339 at NVDCVE-2023-53342 at SUSECVE-2023-53342 at NVDCVE-2023-53343 at SUSECVE-2023-53343 at NVDCVE-2023-53350 at SUSECVE-2023-53350 at NVDCVE-2023-53352 at SUSECVE-2023-53352 at NVDCVE-2023-53354 at SUSECVE-2023-53354 at NVDCVE-2023-53356 at SUSECVE-2023-53356 at NVDCVE-2023-53357 at SUSECVE-2023-53357 at NVDCVE-2023-53360 at SUSECVE-2023-53360 at NVDCVE-2023-53362 at SUSECVE-2023-53362 at NVDCVE-2023-53364 at SUSECVE-2023-53364 at NVDCVE-2023-53365 at SUSECVE-2023-53365 at NVDCVE-2023-53367 at SUSECVE-2023-53367 at NVDCVE-2023-53368 at SUSECVE-2023-53368 at NVDCVE-2023-53369 at SUSECVE-2023-53369 at NVDCVE-2023-53370 at SUSECVE-2023-53370 at NVDCVE-2023-53371 at SUSECVE-2023-53371 at NVDCVE-2023-53374 at SUSECVE-2023-53374 at NVDCVE-2023-53377 at SUSECVE-2023-53377 at NVDCVE-2023-53379 at SUSECVE-2023-53379 at NVDCVE-2023-53380 at SUSECVE-2023-53380 at NVDCVE-2023-53384 at SUSECVE-2023-53384 at NVDCVE-2023-53385 at SUSECVE-2023-53385 at NVDCVE-2023-53386 at SUSECVE-2023-53386 at NVDCVE-2023-53391 at SUSECVE-2023-53391 at NVDCVE-2023-53394 at SUSECVE-2023-53394 at NVDCVE-2023-53395 at SUSECVE-2023-53395 at NVDCVE-2023-53397 at SUSECVE-2023-53397 at NVDCVE-2023-53401 at SUSECVE-2023-53401 at NVDCVE-2023-53420 at SUSECVE-2023-53420 at NVDCVE-2023-53421 at SUSECVE-2023-53421 at NVDCVE-2023-53424 at SUSECVE-2023-53424 at NVDCVE-2023-53425 at SUSECVE-2023-53425 at NVDCVE-2023-53426 at SUSECVE-2023-53426 at NVDCVE-2023-53428 at SUSECVE-2023-53428 at NVDCVE-2023-53429 at SUSECVE-2023-53429 at NVDCVE-2023-53432 at SUSECVE-2023-53432 at NVDCVE-2023-53436 at SUSECVE-2023-53436 at NVDCVE-2023-53438 at SUSECVE-2023-53438 at NVDCVE-2023-53441 at SUSECVE-2023-53441 at NVDCVE-2023-53442 at SUSECVE-2023-53442 at NVDCVE-2023-53444 at SUSECVE-2023-53444 at NVDCVE-2023-53446 at SUSECVE-2023-53446 at NVDCVE-2023-53447 at SUSECVE-2023-53447 at NVDCVE-2023-53448 at SUSECVE-2023-53448 at NVDCVE-2023-53451 at SUSECVE-2023-53451 at NVDCVE-2023-53454 at SUSECVE-2023-53454 at NVDCVE-2023-53456 at SUSECVE-2023-53456 at NVDCVE-2023-53457 at SUSECVE-2023-53457 at NVDCVE-2023-53461 at SUSECVE-2023-53461 at NVDCVE-2023-53462 at SUSECVE-2023-53462 at NVDCVE-2023-53463 at SUSECVE-2023-53463 at NVDCVE-2023-53465 at SUSECVE-2023-53465 at NVDCVE-2023-53472 at SUSECVE-2023-53472 at NVDCVE-2023-53479 at SUSECVE-2023-53479 at NVDCVE-2023-53480 at SUSECVE-2023-53480 at NVDCVE-2023-53485 at SUSECVE-2023-53485 at NVDCVE-2023-53487 at SUSECVE-2023-53487 at NVDCVE-2023-53488 at SUSECVE-2023-53488 at NVDCVE-2023-53490 at SUSECVE-2023-53490 at NVDCVE-2023-53491 at SUSECVE-2023-53491 at NVDCVE-2023-53492 at SUSECVE-2023-53492 at NVDCVE-2023-53493 at SUSECVE-2023-53493 at NVDCVE-2023-53495 at SUSECVE-2023-53495 at NVDCVE-2023-53496 at SUSECVE-2023-53496 at NVDCVE-2023-53500 at SUSECVE-2023-53500 at NVDCVE-2023-53501 at SUSECVE-2023-53501 at NVDCVE-2023-53504 at SUSECVE-2023-53504 at NVDCVE-2023-53505 at SUSECVE-2023-53505 at NVDCVE-2023-53507 at SUSECVE-2023-53507 at NVDCVE-2023-53508 at SUSECVE-2023-53508 at NVDCVE-2023-53510 at SUSECVE-2023-53510 at NVDCVE-2023-53515 at SUSECVE-2023-53515 at NVDCVE-2023-53516 at SUSECVE-2023-53516 at NVDCVE-2023-53518 at SUSECVE-2023-53518 at NVDCVE-2023-53519 at SUSECVE-2023-53519 at NVDCVE-2023-53520 at SUSECVE-2023-53520 at NVDCVE-2023-53523 at SUSECVE-2023-53523 at NVDCVE-2023-53526 at SUSECVE-2023-53526 at NVDCVE-2023-53527 at SUSECVE-2023-53527 at NVDCVE-2023-53528 at SUSECVE-2023-53528 at NVDCVE-2023-53530 at SUSECVE-2023-53530 at NVDCVE-2023-53531 at SUSECVE-2023-53531 at NVDCVE-2024-26584 at SUSECVE-2024-26584 at NVDCVE-2024-58090 at SUSECVE-2024-58090 at NVDCVE-2024-58240 at SUSECVE-2024-58240 at NVDCVE-2025-22022 at SUSECVE-2025-22022 at NVDCVE-2025-38119 at SUSECVE-2025-38119 at NVDCVE-2025-38234 at SUSECVE-2025-38234 at NVDCVE-2025-38255 at SUSECVE-2025-38255 at NVDCVE-2025-38263 at SUSECVE-2025-38263 at NVDCVE-2025-38351 at SUSECVE-2025-38351 at NVDCVE-2025-38402 at SUSECVE-2025-38402 at NVDCVE-2025-38408 at SUSECVE-2025-38408 at NVDCVE-2025-38418 at SUSECVE-2025-38418 at NVDCVE-2025-38419 at SUSECVE-2025-38419 at NVDCVE-2025-38456 at SUSECVE-2025-38456 at NVDCVE-2025-38465 at SUSECVE-2025-38465 at NVDCVE-2025-38466 at SUSECVE-2025-38466 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-38514 at SUSECVE-2025-38514 at NVDCVE-2025-38526 at SUSECVE-2025-38526 at NVDCVE-2025-38527 at SUSECVE-2025-38527 at NVDCVE-2025-38533 at SUSECVE-2025-38533 at NVDCVE-2025-38544 at SUSECVE-2025-38544 at NVDCVE-2025-38556 at SUSECVE-2025-38556 at NVDCVE-2025-38574 at SUSECVE-2025-38574 at NVDCVE-2025-38584 at SUSECVE-2025-38584 at NVDCVE-2025-38590 at SUSECVE-2025-38590 at NVDCVE-2025-38593 at SUSECVE-2025-38593 at NVDCVE-2025-38595 at SUSECVE-2025-38595 at NVDCVE-2025-38597 at SUSECVE-2025-38597 at NVDCVE-2025-38605 at SUSECVE-2025-38605 at NVDCVE-2025-38614 at SUSECVE-2025-38614 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDCVE-2025-38622 at SUSECVE-2025-38622 at NVDCVE-2025-38623 at SUSECVE-2025-38623 at NVDCVE-2025-38639 at SUSECVE-2025-38639 at NVDCVE-2025-38640 at SUSECVE-2025-38640 at NVDCVE-2025-38643 at SUSECVE-2025-38643 at NVDCVE-2025-38645 at SUSECVE-2025-38645 at NVDCVE-2025-38659 at SUSECVE-2025-38659 at NVDCVE-2025-38660 at SUSECVE-2025-38660 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDCVE-2025-38668 at SUSECVE-2025-38668 at NVDCVE-2025-38676 at SUSECVE-2025-38676 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDCVE-2025-38679 at SUSECVE-2025-38679 at NVDCVE-2025-38680 at SUSECVE-2025-38680 at NVDCVE-2025-38681 at SUSECVE-2025-38681 at NVDCVE-2025-38683 at SUSECVE-2025-38683 at NVDCVE-2025-38684 at SUSECVE-2025-38684 at NVDCVE-2025-38685 at SUSECVE-2025-38685 at NVDCVE-2025-38687 at SUSECVE-2025-38687 at NVDCVE-2025-38691 at SUSECVE-2025-38691 at NVDCVE-2025-38692 at SUSECVE-2025-38692 at NVDCVE-2025-38693 at SUSECVE-2025-38693 at NVDCVE-2025-38694 at SUSECVE-2025-38694 at NVDCVE-2025-38695 at SUSECVE-2025-38695 at NVDCVE-2025-38697 at SUSECVE-2025-38697 at NVDCVE-2025-38698 at SUSECVE-2025-38698 at NVDCVE-2025-38701 at SUSECVE-2025-38701 at NVDCVE-2025-38702 at SUSECVE-2025-38702 at NVDCVE-2025-38705 at SUSECVE-2025-38705 at NVDCVE-2025-38706 at SUSECVE-2025-38706 at NVDCVE-2025-38709 at SUSECVE-2025-38709 at NVDCVE-2025-38712 at SUSECVE-2025-38712 at NVDCVE-2025-38713 at SUSECVE-2025-38713 at NVDCVE-2025-38714 at SUSECVE-2025-38714 at NVDCVE-2025-38715 at SUSECVE-2025-38715 at NVDCVE-2025-38721 at SUSECVE-2025-38721 at NVDCVE-2025-38722 at SUSECVE-2025-38722 at NVDCVE-2025-38724 at SUSECVE-2025-38724 at NVDCVE-2025-38725 at SUSECVE-2025-38725 at NVDCVE-2025-38727 at SUSECVE-2025-38727 at NVDCVE-2025-38729 at SUSECVE-2025-38729 at NVDCVE-2025-38730 at SUSECVE-2025-38730 at NVDCVE-2025-38732 at SUSECVE-2025-38732 at NVDCVE-2025-38734 at SUSECVE-2025-38734 at NVDCVE-2025-38735 at SUSECVE-2025-38735 at NVDCVE-2025-38736 at SUSECVE-2025-38736 at NVDCVE-2025-39675 at SUSECVE-2025-39675 at NVDCVE-2025-39677 at SUSECVE-2025-39677 at NVDCVE-2025-39678 at SUSECVE-2025-39678 at NVDCVE-2025-39679 at SUSECVE-2025-39679 at NVDCVE-2025-39681 at SUSECVE-2025-39681 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-39684 at SUSECVE-2025-39684 at NVDCVE-2025-39685 at SUSECVE-2025-39685 at NVDCVE-2025-39686 at SUSECVE-2025-39686 at NVDCVE-2025-39691 at SUSECVE-2025-39691 at NVDCVE-2025-39693 at SUSECVE-2025-39693 at NVDCVE-2025-39694 at SUSECVE-2025-39694 at NVDCVE-2025-39701 at SUSECVE-2025-39701 at NVDCVE-2025-39703 at SUSECVE-2025-39703 at NVDCVE-2025-39705 at SUSECVE-2025-39705 at NVDCVE-2025-39706 at SUSECVE-2025-39706 at NVDCVE-2025-39709 at SUSECVE-2025-39709 at NVDCVE-2025-39710 at SUSECVE-2025-39710 at NVDCVE-2025-39713 at SUSECVE-2025-39713 at NVDCVE-2025-39714 at SUSECVE-2025-39714 at NVDCVE-2025-39718 at SUSECVE-2025-39718 at NVDCVE-2025-39719 at SUSECVE-2025-39719 at NVDCVE-2025-39721 at SUSECVE-2025-39721 at NVDCVE-2025-39724 at SUSECVE-2025-39724 at NVDCVE-2025-39726 at SUSECVE-2025-39726 at NVDCVE-2025-39730 at SUSECVE-2025-39730 at NVDCVE-2025-39732 at SUSECVE-2025-39732 at NVDCVE-2025-39738 at SUSECVE-2025-39738 at NVDCVE-2025-39739 at SUSECVE-2025-39739 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-39743 at SUSECVE-2025-39743 at NVDCVE-2025-39744 at SUSECVE-2025-39744 at NVDCVE-2025-39746 at SUSECVE-2025-39746 at NVDCVE-2025-39749 at SUSECVE-2025-39749 at NVDCVE-2025-39750 at SUSECVE-2025-39750 at NVDCVE-2025-39751 at SUSECVE-2025-39751 at NVDCVE-2025-39754 at SUSECVE-2025-39754 at NVDCVE-2025-39757 at SUSECVE-2025-39757 at NVDCVE-2025-39758 at SUSECVE-2025-39758 at NVDCVE-2025-39759 at SUSECVE-2025-39759 at NVDCVE-2025-39760 at SUSECVE-2025-39760 at NVDCVE-2025-39761 at SUSECVE-2025-39761 at NVDCVE-2025-39763 at SUSECVE-2025-39763 at NVDCVE-2025-39764 at SUSECVE-2025-39764 at NVDCVE-2025-39766 at SUSECVE-2025-39766 at NVDCVE-2025-39770 at SUSECVE-2025-39770 at NVDCVE-2025-39772 at SUSECVE-2025-39772 at NVDCVE-2025-39773 at SUSECVE-2025-39773 at NVDCVE-2025-39782 at SUSECVE-2025-39782 at NVDCVE-2025-39783 at SUSECVE-2025-39783 at NVDCVE-2025-39787 at SUSECVE-2025-39787 at NVDCVE-2025-39790 at SUSECVE-2025-39790 at NVDCVE-2025-39797 at SUSECVE-2025-39797 at NVDCVE-2025-39798 at SUSECVE-2025-39798 at NVDCVE-2025-39800 at SUSECVE-2025-39800 at NVDCVE-2025-39801 at SUSECVE-2025-39801 at NVDCVE-2025-39806 at SUSECVE-2025-39806 at NVDCVE-2025-39808 at SUSECVE-2025-39808 at NVDCVE-2025-39810 at SUSECVE-2025-39810 at NVDCVE-2025-39823 at SUSECVE-2025-39823 at NVDCVE-2025-39824 at SUSECVE-2025-39824 at NVDCVE-2025-39825 at SUSECVE-2025-39825 at NVDCVE-2025-39826 at SUSECVE-2025-39826 at NVDCVE-2025-39827 at SUSECVE-2025-39827 at NVDCVE-2025-39832 at SUSECVE-2025-39832 at NVDCVE-2025-39833 at SUSECVE-2025-39833 at NVDCVE-2025-39835 at SUSECVE-2025-39835 at NVDCVE-2025-39838 at SUSECVE-2025-39838 at NVDCVE-2025-39839 at SUSECVE-2025-39839 at NVDCVE-2025-39842 at SUSECVE-2025-39842 at NVDCVE-2025-39844 at SUSECVE-2025-39844 at NVDCVE-2025-39845 at SUSECVE-2025-39845 at NVDCVE-2025-39846 at SUSECVE-2025-39846 at NVDCVE-2025-39847 at SUSECVE-2025-39847 at NVDCVE-2025-39848 at SUSECVE-2025-39848 at NVDCVE-2025-39849 at SUSECVE-2025-39849 at NVDCVE-2025-39850 at SUSECVE-2025-39850 at NVDCVE-2025-39853 at SUSECVE-2025-39853 at NVDCVE-2025-39854 at SUSECVE-2025-39854 at NVDCVE-2025-39857 at SUSECVE-2025-39857 at NVDCVE-2025-39860 at SUSECVE-2025-39860 at NVDCVE-2025-39861 at SUSECVE-2025-39861 at NVDCVE-2025-39863 at SUSECVE-2025-39863 at NVDCVE-2025-39864 at SUSECVE-2025-39864 at NVDCVE-2025-39865 at SUSECVE-2025-39865 at NVDCVE-2025-39869 at SUSECVE-2025-39869 at NVDCVE-2025-39870 at SUSECVE-2025-39870 at NVDCVE-2025-39871 at SUSECVE-2025-39871 at NVDCVE-2025-39873 at SUSECVE-2025-39873 at NVDCVE-2025-39882 at SUSECVE-2025-39882 at NVDCVE-2025-39885 at SUSECVE-2025-39885 at NVDCVE-2025-39889 at SUSECVE-2025-39889 at NVDCVE-2025-39891 at SUSECVE-2025-39891 at NVDCVE-2025-39907 at SUSECVE-2025-39907 at NVDCVE-2025-39920 at SUSECVE-2025-39920 at NVDCVE-2025-39923 at SUSECVE-2025-39923 at NVDCVE-2025-39925 at SUSECVE-2025-39925 at NVDCVE-2025-40300 at SUSECVE-2025-40300 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_13 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_13 fixes the following issues:
- New livepatch SLE Micro 6.0 kernel update 13
Importantcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249534CVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_11 fixes the following issues:
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1248108SUSE bug 1248376SUSE bug 1248673SUSE bug 1249534CVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations (bsc#1232384)
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1232384SUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2024-49974 at SUSECVE-2024-49974 at NVDCVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249534CVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_10 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_10 fixes the following issues:
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1248108SUSE bug 1248376SUSE bug 1248673SUSE bug 1249534CVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-53237: Fixed bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008)
- CVE-2024-53082: Fixed virtio_net: Add hash_key_length check (bsc#1233677)
- CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability (bsc#1240840)
- CVE-2024-56650: Fixed netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431)
ModerateSUSE bug 1233677SUSE bug 1235008SUSE bug 1235431SUSE bug 1240840CVE-2024-53082 at SUSECVE-2024-53082 at NVDCVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-8805 at SUSECVE-2024-8805 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations (bsc#1232384)
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794)
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075)
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158)
- CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452)
- CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376)
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673)
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749)
- CVE-2025-38110: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (bsc#1249458)
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1232384SUSE bug 1245794SUSE bug 1246075SUSE bug 1247158SUSE bug 1247452SUSE bug 1248376SUSE bug 1248673SUSE bug 1248749SUSE bug 1249458SUSE bug 1249534CVE-2024-49974 at SUSECVE-2024-49974 at NVDCVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38499 at SUSECVE-2025-38499 at NVDCVE-2025-38566 at SUSECVE-2025-38566 at NVDCVE-2025-38644 at SUSECVE-2025-38644 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019)
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1246019SUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019)
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1246019SUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_10 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_10 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
ImportantSUSE bug 1248631SUSE bug 1249207CVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_11 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
ImportantSUSE bug 1248631SUSE bug 1249207CVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019)
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1246019SUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_12 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_12 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
ImportantSUSE bug 1248631CVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_12 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_12 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
ImportantSUSE bug 1248631CVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52778: mptcp: deal with large GSO size (bsc#1224948).
- CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823).
- CVE-2024-26596: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events (bsc#1220355).
- CVE-2024-26741: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished() (bsc#1222587).
- CVE-2024-26782: mptcp: fix double-free on socket dismantle (bsc#1222590).
- CVE-2024-26953: net: esp: fix bad handling of pages from page_pool (bsc#1223656).
- CVE-2024-27017: netfilter: nft_set_pipapo: walk over current view on netlink dump (bsc#1223733).
- CVE-2024-35888: erspan: make sure erspan_base_hdr is present in skb->head (bsc#1224518).
- CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).
- CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797).
- CVE-2024-36883: net: fix out-of-bounds access in ops_init (bsc#1225725).
- CVE-2024-36886: tipc: fix UAF in error path (bsc#1225730).
- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).
- CVE-2024-36927: ipv4: Fix uninit-value access in __ip_make_skb() (bsc#1225813).
- CVE-2024-36954: tipc: fix a possible memleak in tipc_buf_append (bsc#1225764).
- CVE-2024-36968: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() (bsc#1226130).
- CVE-2024-38589: netrom: fix possible dead-lock in nr_rt_ioctl() (bsc#1226748).
- CVE-2024-40914: mm/huge_memory: do not unpoison huge_zero_folio (bsc#1227842).
- CVE-2024-41023: sched/deadline: Fix task_struct reference leak (bsc#1228430).
- CVE-2024-41031: mm/filemap: skip to create PMD-sized page cache if needed (bsc#1228454).
- CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620).
- CVE-2024-42102: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (bsc#1233132).
- CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179).
- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
- CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456).
- CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550).
- CVE-2024-46680: Bluetooth: btnxpuart: Fix random crash seen while removing driver (bsc#1230557).
- CVE-2024-46681: pktgen: use cpus_read_lock() in pg_net_init() (bsc#1230558).
- CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
- CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801).
- CVE-2024-46765: ice: protect XDP configuration with a mutex (bsc#1230807).
- CVE-2024-46766: ice: move netif_queue_set_napi to rtnl-protected sections (bsc#1230762).
- CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
- CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774).
- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191).
- CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197).
- CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115).
- CVE-2024-46831: net: microchip: vcap: Fix use-after-free error in kunit test (bsc#1231117).
- CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096).
- CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105).
- CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094).
- CVE-2024-46843: scsi: ufs: core: Remove SCSI host only if added (bsc#1231100).
- CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
- CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085).
- CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087).
- CVE-2024-46870: drm/amd/display: Disable DMCUB timeout for DCN35 (bsc#1231435).
- CVE-2024-47658: crypto: stm32/cryp - call finalize with bh disabled (bsc#1231436).
- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).
- CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442).
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()&iput() (bsc#1231930).
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987).
- CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998).
- CVE-2024-47687: vdpa/mlx5: Fix invalid mr resource destroy (bsc#1232003).
- CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857).
- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).
- CVE-2024-47703: bpf, lsm: add check for BPF LSM return value (bsc#1231946).
- CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944).
- CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872).
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942).
- CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935).
- CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049).
- CVE-2024-47727: x86/tdx: Fix "in-kernel MMIO" check (bsc#1232116).
- CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075).
- CVE-2024-47731: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing (bsc#1232117).
- CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124).
- CVE-2024-47741: btrfs: fix race setting file private on concurrent lseek using same fd (bsc#1231869).
- CVE-2024-47745: mm: call the security_mmap_file() LSM hook in remap_file_pages() (bsc#1232135).
- CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145).
- CVE-2024-47752: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning (bsc#1232130).
- CVE-2024-47753: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning (bsc#1231868).
- CVE-2024-47754: media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning (bsc#1232131).
- CVE-2024-49852: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (bsc#1232819).
- CVE-2024-49864: rxrpc: Fix a race between socket set up and I/O thread creation (bsc#1232256).
- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232262).
- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).
- CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201).
- CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200).
- CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199).
- CVE-2024-49888: bpf: Fix a sdiv overflow issue (bsc#1232208).
- CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217).
- CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220).
- CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354).
- CVE-2024-49895: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (bsc#1232352).
- CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221).
- CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355).
- CVE-2024-49898: drm/amd/display: Check null-initialized variables (bsc#1232222).
- CVE-2024-49899: drm/amd/display: Initialize denominators' default to 1 (bsc#1232358).
- CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305).
- CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332).
- CVE-2024-49907: drm/amd/display: Check null pointers before using dc->clk_mgr (bsc#1232334).
- CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337).
- CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366).
- CVE-2024-49912: drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' (bsc#1232367).
- CVE-2024-49913: drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (bsc#1232307).
- CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369).
- CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965).
- CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967).
- CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968).
- CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313).
- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).
- CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374).
- CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368).
- CVE-2024-49934: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (bsc#1232387).
- CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424).
- CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166).
- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).
- CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164).
- CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160).
- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-49953: net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (bsc#1232156).
- CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155).
- CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151).
- CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149).
- CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395).
- CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140).
- CVE-2024-49968: ext4: filesystems without casefold feature cannot be mounted with siphash (bsc#1232264).
- CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519).
- CVE-2024-49972: drm/amd/display: Deallocate DML memory if allocation fails (bsc#1232315).
- CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105).
- CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383).
- CVE-2024-49983: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free (bsc#1232096).
- CVE-2024-49986: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors (bsc#1232093).
- CVE-2024-49987: bpftool: Fix undefined behavior in qsort(NULL, 0, ...) (bsc#1232258).
- CVE-2024-49989: drm/amd/display: fix double free issue during amdgpu module unload (bsc#1232483).
- CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282).
- CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316).
- CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).
- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
- CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085).
- CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084).
- CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083).
- CVE-2024-50003: drm/amd/display: Fix system hang while resume with TBT monitor (bsc#1232385).
- CVE-2024-50004: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 (bsc#1232396).
- CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442).
- CVE-2024-50009: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value (bsc#1232318).
- CVE-2024-50012: cpufreq: Avoid a bad reference count on CPU node (bsc#1232386).
- CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446).
- CVE-2024-50015: ext4: dax: fix overflowing extents beyond inode size when partially writing (bsc#1232079).
- CVE-2024-50020: ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() (bsc#1231989).
- CVE-2024-50021: ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() (bsc#1231957).
- CVE-2024-50022: device-dax: correct pgoff align in dax_set_mapping() (bsc#1231956).
- CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954).
- CVE-2024-50027: thermal: core: Free tzp copy along with the thermal zone (bsc#1231951).
- CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950).
- CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914).
- CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392).
- CVE-2024-50040: igb: Do not bring the device up after non-fatal error (bsc#1231908).
- CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907).
- CVE-2024-50042: ice: Fix increasing MSI-X on VF (bsc#1231906).
- CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903).
- CVE-2024-50046: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902).
- CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418).
- CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345).
- CVE-2024-50060: io_uring: check if we need to reschedule during overflow flush (bsc#1232417).
- CVE-2024-50063: bpf: Prevent tail call between progs attached to different hooks (bsc#1232435).
- CVE-2024-50064: zram: free secondary algorithms names (bsc#1231901).
- CVE-2024-50080: ublk: do not allow user copy for unprivileged device (bsc#1232502).
- CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501).
- CVE-2024-50082: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (bsc#1232500).
- CVE-2024-50084: net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() (bsc#1232494).
- CVE-2024-50087: btrfs: fix uninitialized pointer free on read_alloc_one_name() error (bsc#1232499).
- CVE-2024-50088: btrfs: fix uninitialized pointer free in add_inode_ref() (bsc#1232498).
- CVE-2024-50098: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down (bsc#1232881).
- CVE-2024-50110: xfrm: fix one more kernel-infoleak in algo dumping (bsc#1232885).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232926).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).
- CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905).
- CVE-2024-50130: netfilter: bpf: must hold reference on net namespace (bsc#1232894).
- CVE-2024-50138: bpf: Use raw_spinlock_t in ringbuf (bsc#1232935).
- CVE-2024-50139: KVM: arm64: Fix shift-out-of-bounds bug (bsc#1233062).
- CVE-2024-50145: octeon_ep: add SKB allocation failures handling in __octep_oq_process_rx() (bsc#1233044).
- CVE-2024-50153: scsi: target: core: Fix null-ptr-deref in target_alloc_device() (bsc#1233061).
- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).
- CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050).
- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).
- CVE-2024-50169: vsock: Update rx_bytes on read_skb() (bsc#1233320).
- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).
- CVE-2024-50177: drm/amd/display: fix a UBSAN warning in DML2.1 (bsc#1233115).
- CVE-2024-50182: secretmem: disable memfd_secret() if arch cannot set direct map (bsc#1233129).
- CVE-2024-50184: virtio_pmem: Check device status before requesting flush (bsc#1233135).
- CVE-2024-50186: net: explicitly clear the sk pointer, when pf->create fails (bsc#1233110).
- CVE-2024-50192: irqchip/gic-v4: Do not allow a VMOVP on a dying VPE (bsc#1233106).
- CVE-2024-50225: btrfs: fix error propagation of split bios (bsc#1233193).
- CVE-2024-50228: mm: shmem: fix data-race in shmem_getattr() (bsc#1233204).
- CVE-2024-50230: nilfs2: fix kernel bug due to missing clearing of checked flag (bsc#1233206).
- CVE-2024-50245: fs/ntfs3: Fix possible deadlock in mi_read (bsc#1233203).
- CVE-2024-50246: fs/ntfs3: Add rough attr alloc_size check (bsc#1233207).
- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233226).
- CVE-2024-50252: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address (bsc#1233201).
- CVE-2024-50257: netfilter: Fix use-after-free in get_info() (bsc#1233244).
- CVE-2024-50261: macsec: Fix use-after-free while sending the offloading packet (bsc#1233253).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50271: signal: restore the override_rlimit logic (bsc#1233460).
- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).
- CVE-2024-50274: idpf: avoid vport access in idpf_get_link_ksettings (bsc#1233463).
- CVE-2024-50275: arm64/sve: Discard stale CPU state when handling SVE traps (bsc#1233464).
- CVE-2024-50276: net: vertexcom: mse102x: Fix possible double free of TX skb (bsc#1233465).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).
- CVE-2024-50295: net: arc: fix the device for dma_map_single/dma_unmap_single (bsc#1233484).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-50298: net: enetc: allocate vf_state during PF probes (bsc#1233487).
- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233540).
- CVE-2024-53043: mctp i2c: handle NULL header address (bsc#1233523).
- CVE-2024-53048: ice: fix crash on probe for DPLL enabled E810 LOM (bsc#1233721).
- CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547).
- CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550).
- CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568).
- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).
- CVE-2024-53079: mm/thp: fix deferred split unqueue naming and locking (bsc#1233570).
- CVE-2024-53082: virtio_net: Add hash_key_length check (bsc#1233573).
- CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642).
- CVE-2024-53110: vp_vdpa: fix id_table array not null terminated error (bsc#1234085).
- CVE-2024-53121: net/mlx5: fs, lock FTE when checking if active (bsc#1234078).
- CVE-2024-53138: net/mlx5e: kTLS, Fix incorrect page refcounting (bsc#1234223).
The following non-security bugs were fixed:
- 9p: explicitly deny setlease attempts (git-fixes).
- ACPI: CPPC: Add support for setting EPP register in FFH (stable-fixes).
- ACPI: CPPC: Fix _CPC register setting issue (git-fixes).
- ACPI: CPPC: Make rmw_lock a raw_spin_lock (git-fixes).
- ACPI: EC: Do not release locks during operation region accesses (stable-fixes).
- ACPI: PAD: fix crash in exit_round_robin() (stable-fixes).
- ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes).
- ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git-fixes).
- ACPI: battery: Fix possible crash when unregistering a battery hook (git-fixes).
- ACPI: battery: Simplify battery hook locking (stable-fixes).
- ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue (stable-fixes).
- ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable-fixes).
- ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes).
- ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes).
- ACPICA: iasl: handle empty connection_node (stable-fixes).
- ALSA/hda: intel-sdw-acpi: cleanup sdw_intel_scan_controller (stable-fixes).
- ALSA/hda: intel-sdw-acpi: fetch fwnode once in sdw_intel_scan_controller() (stable-fixes).
- ALSA/hda: intel-sdw-acpi: simplify sdw-master-count property read (stable-fixes).
- ALSA: 6fire: Release resources at card release (git-fixes).
- ALSA: Reorganize kerneldoc parameter names (stable-fixes).
- ALSA: ac97: bus: Fix the mistake in the comment (git-fixes).
- ALSA: asihpi: Fix potential OOB array access (stable-fixes).
- ALSA: caiaq: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ALSA: core: add isascii() check to card ID generator (stable-fixes).
- ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes).
- ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() (git-fixes).
- ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable-fixes).
- ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes).
- ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes).
- ALSA: hda/conexant: fix Z60MR100 startup pop issue (stable-fixes).
- ALSA: hda/conexant: fix some typos (stable-fixes).
- ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes).
- ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (bsc#1219803).
- ALSA: hda/realtek - Fixed Clevo platform headset Mic issue (stable-fixes).
- ALSA: hda/realtek - update set GPIO3 to default for Thinkpad with ALC1318 (git-fixes).
- ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 (stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 (stable-fixes).
- ALSA: hda/realtek: Add support for Samsung Galaxy Book3 360 (NP730QFG) (stable-fixes).
- ALSA: hda/realtek: Apply quirk for Medion E15433 (bsc#1233298).
- ALSA: hda/realtek: Enable mic on Vaio VJFH52 (stable-fixes).
- ALSA: hda/realtek: Enable mute and micmute LED on HP ProBook 430 G8 (stable-fixes).
- ALSA: hda/realtek: Enable speaker pins for Medion E15443 platform (bsc#1233298).
- ALSA: hda/realtek: Fix Internal Speaker and Mic boost of Infinix Y4 Max (bsc#1233298).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 (stable-fixes).
- ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes).
- ALSA: hda/realtek: Limit internal Mic boost on Dell platform (stable-fixes).
- ALSA: hda/realtek: Refactor and simplify Samsung Galaxy Book init (stable-fixes).
- ALSA: hda/realtek: Set PCBeep to default value for ALC274 (stable-fixes).
- ALSA: hda/realtek: Update ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Update ALC256 depop procedure (git-fixes).
- ALSA: hda/realtek: Update default depop procedure (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LED for HP mt645 G8 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 (stable-fixes).
- ALSA: hda/realtek: tas2781: Fix ROG ALLY X audio (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo Y990 Laptop (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects (stable-fixes).
- ALSA: hda/tas2781: select CRC32 instead of CRC32_SARWATE (git-fixes).
- ALSA: hda: Poll jack events for LS7A HD-Audio (stable-fixes).
- ALSA: hda: Show the codec quirk info at probing (stable-fixes).
- ALSA: hda: Sound support for HP Spectre x360 16 inch model 2024 (stable-fixes).
- ALSA: hda: tas2781: Fix missing setup at runtime PM (bsc#1230132).
- ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes).
- ALSA: ice1712: Remove redundant code in stac9460_dac_vol_put (stable-fixes).
- ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes).
- ALSA: line6: update contact information (stable-fixes).
- ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes).
- ALSA: pcm: Add sanity NULL check for the default mmap fault handler (stable-fixes).
- ALSA: silence integer wrapping warning (stable-fixes).
- ALSA: ump: Fix evaluation of MIDI 1.0 FB info (git-fixes).
- ALSA: us122l: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ALSA: usb-audio: Add Pioneer DJ/AlphaTheta DJM-A9 Mixer (stable-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes).
- ALSA: usb-audio: Add input value sanity checks for standard types (stable-fixes).
- ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes).
- ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes).
- ALSA: usb-audio: Add quirk for HP 320 FHD Webcam (bsc#1232768).
- ALSA: usb-audio: Add quirks for Dell WD19 dock (stable-fixes).
- ALSA: usb-audio: Define macros for quirk table entries (stable-fixes).
- ALSA: usb-audio: Fix Yamaha P-125 Quirk Entry (stable-fixes).
- ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (stable-fixes).
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (git-fixes).
- ALSA: usb-audio: Make mic volume workarounds globally applicable (stable-fixes).
- ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes).
- ALSA: usb-audio: Use snprintf instead of sprintf in build_mixer_unit_ctl (stable-fixes).
- ALSA: usb-audio: add mixer mapping for Corsair HS80 (stable-fixes).
- ALSA: usx2y: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ASoC: Intel: avs: da7219: Remove suspend_pre() and resume_post() (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated codec (stable-fixes).
- ASoC: Intel: sst: Fix used of uninitialized ctx to log an error (git-fixes).
- ASoC: Intel: sst: Support LPE0F28 ACPI HID (stable-fixes).
- ASoC: SOF: Add i2s bt dai configuration support for AMD platforms (bsc#1233305).
- ASoC: SOF: Add support for configuring PDM interface from topology (bsc#1233305).
- ASoC: SOF: Deprecate invalid enums in IPC3 (bsc#1233305).
- ASoC: SOF: IPC4: get pipeline priority from topology (bsc#1233305).
- ASoC: SOF: IPC4: synchronize fw_config_params with fw definitions (bsc#1233305).
- ASoC: SOF: Refactor sof_i2s_tokens reading to update acpbt dai (bsc#1233305).
- ASoC: SOF: Rename amd_bt sof_dai_type (bsc#1233305).
- ASoC: SOF: Wire up buffer flags (bsc#1233305).
- ASoC: SOF: add alignment for topology header file struct definition (bsc#1233305).
- ASoC: SOF: align topology header file with sof topology header (bsc#1233305).
- ASoC: SOF: ipc3-topology: Convert the topology pin index to ALH dai index (git-fixes).
- ASoC: SOF: ipc3-topology: fix resource leaks in sof_ipc3_widget_setup_comp_dai() (git-fixes).
- ASoC: SOF: ipc4-control: Add support for ALSA enum control (bsc#1233305).
- ASoC: SOF: ipc4-control: Add support for ALSA switch control (bsc#1233305).
- ASoC: SOF: ipc4-mtrace: move debug slot related definitions to header.h (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add deep buffer size to debug prints (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add definition for generic switch/enum control (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add module ID print during module set up (bsc#1233305).
- ASoC: SOF: ipc4-topology: Helper to find an swidget by module/instance id (bsc#1233305).
- ASoC: SOF: ipc4-topology: Only handle dai_config with HW_PARAMS for ChainDMA (bsc#1233305).
- ASoC: SOF: ipc4-topology: change chain_dma handling in dai_config (bsc#1233305).
- ASoC: SOF: ipc4-topology: export sof_ipc4_copier_is_single_format (bsc#1233305).
- ASoC: SOF: ipc4-topology: set config_length based on device_count (bsc#1233305).
- ASoC: SOF: ipc4: Add data struct for module notification message from firmware (bsc#1233305).
- ASoC: SOF: ipc4: Add new message type: SOF_IPC4_GLB_LOAD_LIBRARY_PREPARE (bsc#1233305).
- ASoC: SOF: sof-client-probes-ipc4: Set param_size extension bits (git-fixes).
- ASoC: SOF: topology: Parse DAI type token for dspless mode (bsc#1233305).
- ASoC: SOF: topology: dynamically allocate and store DAI widget->private (bsc#1233305).
- ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA (stable-fixes).
- ASoC: amd: yc: Add quirk for HP Dragonfly pro one (stable-fixes).
- ASoC: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry (git-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA (stable-fixes).
- ASoC: amd: yc: Support dmic on another model of Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022 (stable-fixes).
- ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is uninitialized (git-fixes).
- ASoC: audio-graph-card2: Purge absent supplies for device tree nodes (stable-fixes).
- ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() (git-fixes).
- ASoC: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes).
- ASoC: codecs: rt5640: Always disable IRQs from rt5640_cancel_work() (stable-fixes).
- ASoC: codecs: wsa883x: Handle reading version failure (stable-fixes).
- ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() (git-fixes).
- ASoC: dapm: fix bounds checker error in dapm_widget_list_create (git-fixes).
- ASoC: fsl_micfil: Add sample rate constraint (stable-fixes).
- ASoC: fsl_micfil: fix regmap_write_bits usage (git-fixes).
- ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit (stable-fixes).
- ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git-fixes).
- ASoC: max98388: Fix missing increment of variable slot_found (git-fixes).
- ASoC: mediatek: mt8188-mt6359: Remove hardcoded dmic codec (git-fixes).
- ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string (stable-fixes).
- ASoC: rt722-sdca: Remove logically deadcode in rt722-sdca.c (git-fixes).
- ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue (stable-fixes).
- ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove (git-fixes).
- ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() (stable-fixes).
- ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() (stable-fixes).
- ASoC: tas2781: Add new driver version for tas2563 & tas2781 qfn chip (stable-fixes).
- ASoC: tas2781: Use of_property_read_reg() (stable-fixes).
- Bluetooth: Call iso_exit() on module unload (git-fixes).
- Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (git-fixes).
- Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git-fixes).
- Bluetooth: Remove debugfs directory on module init failure (git-fixes).
- Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes).
- Bluetooth: btintel: Direct exception event to bluetooth stack (git-fixes).
- Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test (bsc#1230557)
- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 (stable-fixes).
- Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git-fixes).
- Bluetooth: fix use-after-free in device_for_each_child() (git-fixes).
- Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (git-fixes).
- Bluetooth: hci_core: Fix calling mgmt_device_connected (git-fixes).
- Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes).
- Documentation: kgdb: Correct parameter error (git-fixes).
- HID: Ignore battery for all ELAN I2C-HID devices (stable-fixes).
- HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes).
- HID: core: zero-initialize the report buffer (git-fixes).
- HID: i2c-hid: Remove I2C_HID_QUIRK_SET_PWR_WAKEUP_DEV quirk (stable-fixes).
- HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard (stable-fixes).
- HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad (stable-fixes).
- HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad (stable-fixes).
- HID: multitouch: Add support for B2402FVA track point (stable-fixes).
- HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable-fixes).
- HID: multitouch: Add support for lenovo Y9000P Touchpad (stable-fixes).
- HID: plantronics: Workaround for an unexcepted opposite volume key (stable-fixes).
- HID: wacom: Interpret tilt data from Intuos Pro BT as signed values (git-fixes).
- HID: wacom: fix when get product name maybe null pointer (git-fixes).
- Input: adp5589-keys - fix NULL pointer dereference (git-fixes).
- Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes).
- Input: edt-ft5x06 - fix regmap leak when probe fails (git-fixes).
- Input: hideep - add missing dependency on REGMAP_I2C (git-fixes).
- Input: hycon-hy46xx - add missing dependency on REGMAP_I2C (git-fixes).
- Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line (stable-fixes).
- Input: xpad - add GameSir T4 Kaleid Controller support (git-fixes).
- Input: xpad - add GameSir VID for Xbox One controllers (git-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2C Wireless Controller (git-fixes).
- Input: xpad - add support for MSI Claw A1M (git-fixes).
- Input: xpad - add support for Machenike G5 Pro Controller (git-fixes).
- Input: xpad - fix support for some third-party controllers (git-fixes).
- Input: xpad - sort xpad_device by vendor and product ID (git-fixes).
- Input: xpad - spelling fixes for "Xbox" (git-fixes).
- KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git-fixes).
- KVM: PPC: Book3S HV: Avoid returning to nested hypervisor on pending doorbells (bsc#1215199).
- KVM: PPC: Book3S HV: Stop using vc->dpdes for nested KVM guests (bsc#1215199).
- KVM: PPC: Book3S HV: remove unused varible (bsc#1194869).
- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (bsc#1232207).
- KVM: SEV-ES: Prevent MSR access post VMSA encryption (bsc#1232207).
- KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes).
- KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock (git-fixes).
- KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is disabled (git-fixes).
- KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid (git-fixes).
- KVM: Write the per-page "segment" when clearing (part of) a guest page (git-fixes).
- KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232626).
- KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231276).
- KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232623).
- KVM: x86/mmu: Skip emulation on page fault iff 1+ SPs were unprotected (git-fixes).
- KVM: x86/mmu: Trigger unprotect logic only on write-protection page faults (git-fixes).
- KVM: x86: Dedup fastpath MSR post-handling logic (git-fixes).
- KVM: x86: Enforce x2APIC's must-be-zero reserved ICR bits (git-fixes).
- KVM: x86: Exit to userspace if fastpath triggers one on instruction skip (git-fixes).
- KVM: x86: Move x2APIC ICR helper above kvm_apic_write_nodecode() (git-fixes).
- KVM: x86: Re-enter guest if WRMSR(X2APIC_ICR) fastpath is successful (git-fixes).
- KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).
- NFS: Avoid unnecessary rescanning of the per-server delegation list (git-fixes).
- NFS: remove revoked delegation from server's delegation list (git-fixes).
- NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes).
- NFSD: Mark filecache "down" if init fails (git-fixes).
- NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016).
- NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes).
- PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes).
- PCI: Add T_PVPERL macro (git-fixes).
- PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes).
- PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019).
- PCI: Fix reset_method_store() memory leak (git-fixes).
- PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes).
- PCI: endpoint: Clear secondary (not primary) EPC in pci_epc_remove_epf() (git-fixes).
- PCI: j721e: Deassert PERST# after a delay of PCIE_T_PVPERL_MS milliseconds (git-fixes).
- PCI: keystone: Add link up check to ks_pcie_other_map_bus() (git-fixes).
- PCI: keystone: Set mode as Root Complex for "ti,keystone-pcie" compatible (git-fixes).
- PCI: rockchip-ep: Fix address translation unit programming (git-fixes).
- RAS/AMD/ATL: Add amd_atl pr_fmt() prefix (jsc#PED-10559).
- RAS/AMD/ATL: Expand helpers for adding and removing base and hole (jsc#PED-10559).
- RAS/AMD/ATL: Implement DF 4.5 NP2 denormalization (jsc#PED-10559).
- RAS/AMD/ATL: Read DRAM hole base early (jsc#PED-10559).
- RAS/AMD/ATL: Validate address map when information is gathered (jsc#PED-10559).
- RDMA/bnxt_re: Add a check for memory allocation (git-fixes)
- RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop (git-fixes)
- RDMA/bnxt_re: Change the sequence of updating the CQ toggle value (git-fixes)
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (git-fixes)
- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes)
- RDMA/bnxt_re: Fix a possible memory leak (git-fixes)
- RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes)
- RDMA/bnxt_re: Fix incorrect dereference of srq in async event (git-fixes)
- RDMA/bnxt_re: Fix out of bound check (git-fixes)
- RDMA/bnxt_re: Fix the GID table length (git-fixes)
- RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes)
- RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes)
- RDMA/bnxt_re: Return more meaningful error (git-fixes)
- RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes)
- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)
- RDMA/cxgb4: Dump vendor specific QP details (git-fixes)
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes)
- RDMA/hns: Add mutex_destroy() (git-fixes)
- RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes)
- RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (git-fixes)
- RDMA/hns: Fix an AEQE overflow error caused by untimely update of eq_db_ci (git-fixes)
- RDMA/hns: Fix cpu stuck caused by printings during reset (git-fixes)
- RDMA/hns: Fix different dgids mapping to the same dip_idx (git-fixes)
- RDMA/hns: Fix flush cqe error when racing with destroy qp (git-fixes)
- RDMA/hns: Fix out-of-order issue of requester when setting FENCE (git-fixes)
- RDMA/hns: Use dev_* printings in hem code instead of ibdev_* (git-fixes)
- RDMA/hns: Use macro instead of magic number (git-fixes)
- RDMA/irdma: Fix misspelling of "accept*" (git-fixes)
- RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes)
- RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes).
- RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes).
- RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (git-fixes)
- RDMA/mlx5: Move events notifier registration to be after device registration (git-fixes)
- RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git-fixes)
- RDMA/mlx5: Use sq timestamp as QP timestamp when RoCE is disabled (git-fixes).
- RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git-fixes)
- RDMA/rxe: Fix the qp flush warnings in req (git-fixes)
- RDMA/rxe: Set queue pair cur_qp_state when being queried (git-fixes)
- RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES (git-fixes)
- RDMA/srpt: Make slab cache names unique (git-fixes)
- Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" (bsc#1228269).
- Revert "ALSA: hda: Conditionally use snooping for AMD HDMI" (stable-fixes).
- Revert "KEYS: encrypted: Add check for strsep" (git-fixes).
- Revert "KVM: PPC: Book3S HV Nested: Stop forwarding all HFUs to L1" (bsc#1215199).
- Revert "RDMA/core: Fix ENODEV error for iWARP test over vlan" (git-fixes)
- Revert "cgroup: Fix memory leak caused by missing cgroup_bpf_offline" (bsc#1234108).
- Revert "cpufreq: brcmstb-avs-cpufreq: Fix initial command check" (stable-fixes).
- Revert "driver core: Fix uevent_show() vs driver detach race" (git-fixes).
- Revert "ixgbe: Manual AN-37 for troublesome link partners for X550 SFI" (git-fixes).
- Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" (git-fixes).
- Revert "ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path" (git-fixes).
- Revert "usb: gadget: composite: fix OS descriptors w_value logic" (git-fixes).
- Revert "wifi: iwlwifi: remove retry loops in start" (git-fixes).
- SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes).
- SUNRPC: Fixup gss_status tracepoint error output (git-fixes).
- SUNRPC: Remove BUG_ON call sites (git-fixes).
- SUNRPC: clnt.c: Remove misleading comment (git-fixes).
- USB: appledisplay: close race between probe and completion handler (git-fixes).
- USB: chaoskey: Fix possible deadlock chaoskey_list_lock (git-fixes).
- USB: chaoskey: fail open after removal (git-fixes).
- USB: gadget: dummy-hcd: Fix "task hung" problem (git-fixes).
- USB: misc: cypress_cy7c63: check for short transfer (git-fixes).
- USB: misc: yurex: fix race between read and write (git-fixes).
- USB: serial: ftdi_sio: Fix atomicity violation in get_serial_info() (git-fixes).
- USB: serial: io_edgeport: fix use after free in debug printk (git-fixes).
- USB: serial: option: add Fibocom FG132 0x0112 composition (stable-fixes).
- USB: serial: option: add Quectel RG650V (stable-fixes).
- USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes).
- USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes).
- USB: serial: qcserial: add support for Sierra Wireless EM86xx (stable-fixes).
- accel/qaic: Fix the for loop used to walk SG table (git-fixes).
- accel: Use XArray instead of IDR for minors (jsc#PED-11580).
- acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block() (git-fixes).
- ad7780: fix division by zero in ad7780_write_raw() (git-fixes).
- aes-gcm-p10: Use the correct bit to test for P10 (bsc#1232704).
- amd-pstate: Set min_perf to nominal_perf for active mode performance gov (git-fixes).
- apparmor: fix 'Do simple duplicate message elimination' (git-fixes).
- apparmor: test: Fix memory leak for aa_unpack_strdup() (git-fixes).
- apparmor: use kvfree_sensitive to free data->data (git-fixes).
- arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 (git-fixes)
- arm64: cputype: Add Neoverse-N3 definitions (git-fixes)
- arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Fix SD regulator startup delay (git-fixes)
- arm64: dts: freescale: imx8mp-verdin: Fix SD regulator startup delay (git-fixes)
- arm64: dts: imx8-ss-vpu: Fix imx8qm VPU IRQs (git-fixes)
- arm64: dts: imx8qxp: Add VPU subsystem file (git-fixes)
- arm64: dts: imx93: add nvmem property for eqos (git-fixes)
- arm64: dts: imx93: add nvmem property for fec1 (git-fixes)
- arm64: dts: imx93: add ocotp node (git-fixes)
- arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus (git-fixes)
- arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes (git-fixes)
- arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes)
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes)
- arm64: dts: rockchip: Fix bluetooth properties on rk3566 box demo (git-fixes)
- arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes (git-fixes)
- arm64: dts: rockchip: Fix rt5651 compatible value on (git-fixes)
- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 (git-fixes)
- arm64: dts: rockchip: Fix wakeup prop names on PineNote BT node (git-fixes)
- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma (git-fixes)
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes)
- arm64: dts: rockchip: Remove undocumented supports-emmc property (git-fixes)
- arm64: dts: rockchip: fix i2c2 pinctrl-names property on (git-fixes)
- arm64: dts: rockchip: remove num-slots property from (git-fixes)
- arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone (git-fixes)
- arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a (git-fixes).
- arm64: errata: Expand speculative SSBS workaround once more (git-fixes)
- arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes)
- arm64: fix .data.rel.ro size assertion when CONFIG_LTO_CLANG (git-fixes)
- arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS (git-fixes).
- arm64: probes: Fix simulate_ldr*_literal() (git-fixes)
- arm64: probes: Fix uprobes for big-endian kernels (git-fixes)
- arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes)
- arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint (git-fixes)
- arm64: smccc: replace custom COUNT_ARGS() & CONCATENATE() (git-fixes)
- arm64: tegra: Move AGX Orin nodes to correct location (git-fixes)
- arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (git-fixes)
- ata: libata: Set DID_TIME_OUT for commands that actually timed out (git-fixes).
- ata: libata: avoid superfluous disk spin down + spin up during hibernation (git-fixes).
- audit: do not WARN_ON_ONCE(!current->mm) in audit_exe_compare() (git-fixes).
- audit: do not take task_lock() in audit_exe_compare() code path (git-fixes).
- block: print symbolic error name instead of error code (bsc#1231872).
- block: sed-opal: add ioctl IOC_OPAL_SET_SID_PW (bsc#1229677).
- bnxt_en: Cap the size of HWRM_PORT_PHY_QCFG forwarded response (git-fixes).
- bnxt_en: Fix error recovery for 5760X (P7) chips (git-fixes).
- bnxt_en: Fix the PCI-AER routines (git-fixes).
- bnxt_en: Restore PTP tx_avail count in case of skb_pad() error (git-fixes).
- bnxt_en: refactor reset close code (git-fixes).
- bpf, arm64: Fix address emission with tag-based KASAN enabled (git-fixes)
- bpf, arm64: Remove garbage frame for struct_ops trampoline (git-fixes)
- bpf, lsm: Add disabled BPF LSM hook list (git-fixes).
- bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes).
- bpf, sockmap: SK_DROP on attempted redirects of unsupported af_vsock (git-fixes).
- bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes).
- bpf, vsock: Drop static vsock_bpf_prot initialization (git-fixes).
- bpf, x64: Remove tail call detection (git-fixes).
- bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes).
- bpf: Fail verification for sign-extension of packet data/data_end/data_meta (git-fixes).
- bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes).
- bpf: Fix error message on kfunc arg type mismatch (git-fixes).
- bpf: Fix helper writes to read-only maps (git-fixes).
- bpf: Fix tailcall cases in test_bpf (git-fixes).
- bpf: Fix truncation bug in coerce_reg_to_size_sx() (git-fixes).
- bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes).
- bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git-fixes).
- bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes).
- bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes).
- btf, scripts: rust: drop is_rust_module.sh (bsc#1230414 bsc#1229450).
- btrfs: merge btrfs_orig_bbio_end_io() into btrfs_bio_end_io() (bsc#1233193)
- btrfs: send: fix invalid clone operation for file that got its size decreased (git-fixes).
- can: c_can: c_can_handle_bus_err(): update statistics if skb allocation fails (git-fixes).
- can: c_can: fix {rx,tx}_errors statistics (git-fixes).
- can: dev: can_set_termination(): allow sleeping GPIOs (git-fixes).
- can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: hi311x: hi3110_can_ist(): fix potential use-after-free (git-fixes).
- can: hi311x: hi3110_can_ist(): fix {rx,tx}_errors statistics (git-fixes).
- can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: j1939: j1939_session_new(): fix skb reference counting (git-fixes).
- can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation (git-fixes).
- can: mcp251xfd: mcp251xfd_get_tef_len(): work around erratum DS80000789E 6 (git-fixes).
- can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes (git-fixes).
- can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode (stable-fixes).
- can: sja1000: sja1000_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (git-fixes).
- can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (git-fixes).
- ceph: fix cap ref leak via netfs init_request (bsc#1231384).
- cgroup/bpf: only cgroup v2 can be attached by bpf programs (bsc#1234108).
- clk: bcm: bcm53573: fix OF node leak in init (stable-fixes).
- clk: clk-apple-nco: Add NULL check in applnco_probe (git-fixes).
- clk: clk-axi-clkgen: make sure to enable the AXI bus clock (git-fixes).
- clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (stable-fixes).
- clk: imx: clk-scu: fix clk enable state save and restore (git-fixes).
- clk: imx: fracn-gppll: correct PLL initialization flow (git-fixes).
- clk: imx: fracn-gppll: fix pll power up (git-fixes).
- clk: imx: lpcg-scu: SW workaround for errata (e10858) (git-fixes).
- clk: qcom: clk-alpha-pll: drop lucid-evo pll enabled warning (git-fixes).
- clk: qcom: clk-alpha-pll: fix lucid 5lpe pll enabled check (git-fixes).
- clk: qcom: gcc-qcs404: fix initial rate of GPLL3 (git-fixes).
- clk: renesas: rzg2l: Fix FOUTPOSTDIV clk (git-fixes).
- clk: sunxi-ng: d1: Fix PLL_AUDIO0 preset (git-fixes).
- comedi: Flush partial mappings in error case (git-fixes).
- comedi: ni_routing: tools: Check when the file could not be opened (stable-fixes).
- config s390x: build ultravisor userspace access into the kernel (bsc#1232090).
- config.sh: Remove Arm build project, we do not build armv7 configs
- config: Disable LAM on x86 (bsc#1217845).
- cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw() (git-fixes).
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_cost() (git-fixes).
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_power() (git-fixes).
- cpufreq: loongson2: Unregister platform_driver on failure (git-fixes).
- cpufreq: mediatek-hw: Fix wrong return value in mtk_cpufreq_get_cpu_power() (git-fixes).
- crypto: aes-gcm-p10 - Use the correct bit to test for P10 (bsc#1232704).
- crypto: api - Fix liveliness check in crypto_alg_tested (stable-fixes).
- crypto: bcm - add error check in the ahash_hmac_init function (git-fixes).
- crypto: caam - Fix the pointer passed to caam_qi_shutdown() (git-fixes).
- crypto: caam - add error check to caam_rsa_set_priv_key_form (git-fixes).
- crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() (git-fixes).
- crypto: cavium - Fix the if condition to exit loop after timeout (git-fixes).
- crypto: hisilicon/qm - flush all work before driver removed (bsc#1232075)
- crypto: inside-secure - Fix the return value of safexcel_xcbcmac_cra_init() (git-fixes).
- crypto: octeontx - Fix authenc setkey (stable-fixes).
- crypto: octeontx* - Select CRYPTO_AUTHENC (git-fixes).
- crypto: octeontx2 - Fix authenc setkey (stable-fixes).
- crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (git-fixes).
- crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMD and re-enable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched implementation (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Register modules as SIMD (bsc#1230501 ltc#208632).
- crypto: qat - remove check after debugfs_create_dir() (git-fixes).
- crypto: qat - remove faulty arbiter config reset (git-fixes).
- crypto: qat/qat_4xxx - fix off by one in uof_get_name() (git-fixes).
- crypto: x86/aegis128 - access 32-bit arguments as 32-bit (git-fixes).
- cxgb4: Properly lock TX queue for the selftest (git-fixes).
- cxgb4: add forgotten u64 ivlan cast before shift (git-fixes).
- cxgb4: unnecessary check for 0 in the free_sge_txq_uld() function (git-fixes).
- cxl: downgrade a warning message to debug level in cxl_probe_component_regs() (bsc#1229165).
- dcache: keep dentry_hashtable or d_hash_shift even when not used (git-fixes).
- debugfs: fix automount d_fsdata usage (git-fixes).
- devlink: Fix command annotation documentation (git-fixes).
- dma-fence: Fix reference leak on fence merge failure path (git-fixes).
- dma-fence: Use kernel's sort for merging fences (git-fixes).
- dmaengine: sh: rz-dmac: handle configs where one address is zero (git-fixes).
- dmaengine: ti: k3-udma: Set EOP for all TRs in cyclic BCDMA transfer (git-fixes).
- doc: rcu: update printed dynticks counter bits (git-fixes).
- driver core: bus: Fix double free in driver API bus_register() (stable-fixes).
- driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes).
- drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend() (git-fixes).
- drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes).
- drm/amd/display: Add HDMI DSC native YCbCr422 support (stable-fixes).
- drm/amd/display: Add disable timeout option (bsc#1231435)
- drm/amd/display: Adjust VSDB parser for replay feature (stable-fixes).
- drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944)
- drm/amd/display: Check null pointer before dereferencing se (stable-fixes).
- drm/amd/display: Clean up dsc blocks in accelerated mode (stable-fixes).
- drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (stable-fixes).
- drm/amd/display: Fix brightness level not retained over reboot (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp (git-fixes).
- drm/amd/display: Remove a redundant check in authenticated_dp (stable-fixes).
- drm/amd/display: Revert "Check HDCP returned status" (stable-fixes).
- drm/amd/display: Round calculated vtotal (stable-fixes).
- drm/amd/display: Skip to enable dsc if it has been off (stable-fixes).
- drm/amd/display: Validate backlight caps are sane (stable-fixes).
- drm/amd/pm: Vangogh: Fix kernel memory out of bounds write (git-fixes).
- drm/amd: Add some missing straps from NBIO 7.11.0 (git-fixes).
- drm/amd: Fix initialization mistake for NBIO 7.7.0 (stable-fixes).
- drm/amd: Guard against bad data for ATIF ACPI method (git-fixes).
- drm/amdgpu/swsmu: Only force workload setup on init (git-fixes).
- drm/amdgpu/vcn: enable AV1 on both instances (stable-fixes).
- drm/amdgpu: Adjust debugfs eviction and IB access permissions (stable-fixes).
- drm/amdgpu: Adjust debugfs register access permissions (stable-fixes).
- drm/amdgpu: Fix DPX valid mode check on GC 9.4.3 (git-fixes).
- drm/amdgpu: Fix JPEG v4.0.3 register write (git-fixes).
- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (stable-fixes).
- drm/amdgpu: fix check in gmc_v9_0_get_vm_pte() (git-fixes).
- drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (git-fixes).
- drm/amdkfd: Accounting pdd vram_usage for svm (stable-fixes).
- drm/amdkfd: Fix wrong usage of INIT_WORK() (git-fixes).
- drm/bridge: anx7625: Drop EDID cache on bridge power off (git-fixes).
- drm/bridge: it6505: Drop EDID cache on bridge power off (git-fixes).
- drm/bridge: tc358767: Fix link properties discovery (git-fixes).
- drm/bridge: tc358768: Fix DSI command tx (git-fixes).
- drm/etnaviv: Request pages from DMA32 zone on addressing_limited (git-fixes).
- drm/etnaviv: hold GPU lock across perfmon sampling (git-fixes).
- drm/i915/gem: fix bitwise and logical AND mixup (git-fixes).
- drm/i915/hdcp: fix connector refcounting (git-fixes).
- drm/imx/dcss: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/mediatek: Fix child node refcount handling in early exit (git-fixes).
- drm/mediatek: Fix get efuse issue for MT8188 DPTX (git-fixes).
- drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused (git-fixes).
- drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/msm/dpu: cast crtc_clk calculation to u64 in _dpu_core_perf_calc_clk() (git-fixes).
- drm/msm/dpu: check for overflow in _dpu_crtc_setup_lm_bounds() (git-fixes).
- drm/msm/dpu: do not always program merge_3d block (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on MSM8998 (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on SDM845 (git-fixes).
- drm/msm/dpu: make sure phys resources are properly initialized (git-fixes).
- drm/msm/dpu: move CRTC resource assignment to dpu_encoder_virt_atomic_check (git-fixes).
- drm/msm/dpu: on SDM845 move DSPP_3 to LM_5 block (git-fixes).
- drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes).
- drm/msm/dsi: improve/fix dsc pclk calculation (git-fixes).
- drm/msm/gpu: Check the status of registration to PM QoS (git-fixes).
- drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes).
- drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes).
- drm/msm: Fix some typos in comment (git-fixes).
- drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() (git-fixes).
- drm/omap: Fix locking in omap_gem_new_dmabuf() (git-fixes).
- drm/omap: Fix possible NULL dereference (git-fixes).
- drm/panfrost: Add missing OPP table refcnt decremental (git-fixes).
- drm/panfrost: Remove unused id_mask from struct panfrost_model (git-fixes).
- drm/radeon: Fix encoder->possible_clones (git-fixes).
- drm/rockchip: vop: Fix a dereferenced before check warning (git-fixes).
- drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes).
- drm/sched: Always wake up correct scheduler in drm_sched_entity_push_job (git-fixes).
- drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes).
- drm/sti: avoid potential dereference of error pointers (git-fixes).
- drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check (git-fixes).
- drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check (git-fixes).
- drm/v3d: Address race-condition in MMU flush (git-fixes).
- drm/v3d: Enable Performance Counters before clearing them (git-fixes).
- drm/v3d: Stop the active perfmon before being destroyed (git-fixes).
- drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA (stable-fixes).
- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_atomic_flush (git-fixes).
- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_lut_load (git-fixes).
- drm/vc4: Stop the active perfmon before being destroyed (git-fixes).
- drm/vc4: hdmi: Avoid hang with debug registers when suspended (git-fixes).
- drm/vc4: hvs: Correct logic on stopping an HVS channel (git-fixes).
- drm/vc4: hvs: Do not write gamma luts on 2711 (git-fixes).
- drm/vc4: hvs: Fix dlist debug not resetting the next entry pointer (git-fixes).
- drm/vc4: hvs: Remove incorrect limit from hvs_dlist debugfs function (git-fixes).
- drm/vkms: Drop unnecessary call to drm_crtc_cleanup() (git-fixes).
- drm/vmwgfx: Handle surface check failure correctly (git-fixes).
- drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS (stable-fixes).
- drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes).
- drm: Expand max DRM device number to full MINORBITS (jsc#PED-11580).
- drm: Use XArray instead of IDR for minors (jsc#PED-11580).
- drm: use ATOMIC64_INIT() for atomic64_t (git-fixes).
- drm: xlnx: zynqmp_dpsub: fix hotplug detection (git-fixes).
- drm: zynqmp_kms: Unplug DRM device before removal (git-fixes).
- dwc2: Drop USB dwc2 patch that caused a regression on RPi3 (bsc#1232342)
- e1000e: Fix S0ix residency on corporate systems (git-fixes).
- e1000e: Remove Meteor Lake SMBUS workarounds (git-fixes).
- e1000e: change I219 (19) devices to ADP (git-fixes).
- e1000e: fix force smbus during suspend flow (git-fixes).
- e1000e: move force SMBUS near the end of enable_ulp function (git-fixes).
- efi/libstub: Free correct pointer on failure (git-fixes).
- efi/libstub: fix efi_parse_options() ignoring the default command line (git-fixes).
- efi/libstub: zboot.lds: Discard .discard sections (stable-fixes).
- efi/memattr: Ignore table if the size is clearly bogus (bsc#1231465).
- efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes).
- eth: bnxt: fix counting packets discarded due to OOM and netpoll (git-fixes).
- ext4: do not track ranges in fast_commit if inode has inlined data (bsc#1231635).
- ext4: fix fast commit inode enqueueing during a full journal commit (bsc#1231636).
- ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible() (bsc#1231637).
- ext4: fix possible tid_t sequence overflows (bsc#1231634).
- ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201)
- ext4: fix unttached inode after power cut with orphan file feature enabled (bsc#1234009).
- ext4: mark fc as ineligible using an handle in ext4_xattr_set() (bsc#1231640).
- ext4: use handle to mark fc as ineligible in __track_dentry_update() (bsc#1231639).
- f2fs: get out of a repeat loop when getting a locked data page (bsc#1234011).
- fat: fix uninitialized variable (git-fixes).
- fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (stable-fixes).
- fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() (git-fixes).
- fbdev: sisfb: Fix strbuf array overflow (stable-fixes).
- fgraph: Change the name of cpuhp state to "fgraph:online" (git-fixes).
- fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes).
- fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git-fixes).
- filemap: remove use of wait bookmarks (bsc#1224088).
- firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (git-fixes).
- firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() (git-fixes).
- firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (git-fixes).
- firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() (git-fixes).
- firmware: google: Unregister driver_info on failure (git-fixes).
- firmware_loader: Fix possible resource leak in fw_log_firmware_info() (git-fixes).
- fs/9p: drop inodes immediately on non-.L too (git-fixes).
- fs/9p: fix the cache always being enabled on files with qid flags (git-fixes).
- fs/ntfs3: Add more attributes checks in mi_enum_attr() (bsc#1233207)
- fs/ntfs3: Fixed overflow check in mi_enum_attr() (bsc#1233207)
- fs/ntfs3: Sequential field availability check in mi_enum_attr() (bsc#1233207)
- fs: Fix uninitialized value issue in from_kuid and from_kgid (git-fixes).
- genirq/msi: Fix off-by-one error in msi_domain_alloc() (git-fixes).
- goldfish: Fix unused const variable 'goldfish_pipe_acpi_match' (git-fixes).
- gpio: aspeed: Add the flush write to ensure the write complete (git-fixes).
- gpio: aspeed: Use devm_clk api to manage clock source (git-fixes).
- gpio: davinci: fix lazy disable (git-fixes).
- gpio: exar: set value when external pull-up or pull-down is present (git-fixes).
- gpio: zevio: Add missed label initialisation (git-fixes).
- gve: Fix XDP TX completion handling when counters overflow (git-fixes).
- gve: Fix an edge case for TSO skb validity check (git-fixes).
- gve: ignore nonrelevant GSO type bits when processing TSO headers (git-fixes).
- hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes).
- hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes).
- hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (git-fixes).
- hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (adt7470) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (max16065) Fix alarm attributes (git-fixes).
- hwmon: (max16065) Remove use of i2c_match_id() (stable-fixes).
- hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (nct6775) add G15CF to ASUS WMI monitoring list (stable-fixes).
- hwmon: (nct6775-core) Fix overflows seen when writing limit attributes (git-fixes).
- hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (tps23861) Fix reporting of negative temperatures (git-fixes).
- hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die Temperature (git-fixes).
- i2c: core: Setup i2c_adapter runtime-pm before calling device_add() (git-fixes).
- i2c: core: fix lockdep warning for sparsely nested adapter chain (git-fixes).
- i2c: cpm: Remove linux,i2c-index conversion from be32 (git-fixes).
- i2c: designware: do not hold SCL low when I2C_DYNAMIC_TAR_UPDATE is not set (git-fixes).
- i2c: exynos5: Calculate t_scl_l, t_scl_h according to i2c spec (git-fixes).
- i2c: i801: Add lis3lv02d for Dell Precision 3540 (git-fixes).
- i2c: i801: Add lis3lv02d for Dell XPS 15 7590 (git-fixes).
- i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes).
- i2c: i801: add helper i801_restore_regs (git-fixes).
- i2c: ismt: kill transaction in hardware on timeout (git-fixes).
- i2c: ocores: Move system PM hooks to the NOIRQ phase (git-fixes).
- i2c: ocores: Remove #ifdef guards for PM related functions (git-fixes).
- i2c: omap: switch to NOIRQ_SYSTEM_SLEEP_PM_OPS() and RUNTIME_PM_OPS() (git-fixes).
- i2c: omap: wakeup the controller during suspend() callback (git-fixes).
- i2c: rcar: properly format a debug output (git-fixes).
- i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes).
- i2c: stm32f7: perform most of irq job in threaded handler (git-fixes).
- i2c: synquacer: Deal with optional PCLK correctly (git-fixes).
- i2c: synquacer: Remove a clk reference from struct synquacer_i2c (stable-fixes).
- i2c: xiic: Try re-initialization on bus busy timeout (git-fixes).
- i2c: xiic: improve error message when transfer fails to start (stable-fixes).
- i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() (git-fixes).
- i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (stable-fixes).
- i3c: master: svc: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- i40e: Fix XDP program unloading while removing the driver (git-fixes).
- i40e: Report MFS in decimal base instead of hex (git-fixes).
- i40e: fix race condition by adding filter's intermediate sync state (git-fixes).
- iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (git-fixes).
- iavf: Fix TC config comparison with existing adapter TC config (git-fixes).
- ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes).
- ice: Fix checking for unsupported keys on non-tunnel device (git-fixes).
- ice: Fix lldp packets dropping after changing the number of channels (git-fixes).
- ice: Fix netif_is_ice() in Safe Mode (git-fixes).
- ice: Fix package download algorithm (git-fixes).
- ice: Fix recipe read procedure (git-fixes).
- ice: Fix reset handler (git-fixes).
- ice: Flush FDB entries before reset (git-fixes).
- ice: Interpret .set_channels() input differently (git-fixes).
- ice: Rebuild TC queues on VSI queue reconfiguration (git-fixes).
- ice: Reject pin requests with unsupported flags (git-fixes).
- ice: add flag to distinguish reset from .ndo_bpf in XDP rings config (git-fixes).
- ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (git-fixes).
- ice: avoid IRQ collision to fix init failure on ACPI S3 resume (git-fixes).
- ice: clear port vlan config during reset (git-fixes).
- ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins (git-fixes).
- ice: do not bring the VSI up, if it was down before the XDP setup (git-fixes).
- ice: do not busy wait for Rx queue disable in ice_qp_dis() (git-fixes).
- ice: fix 200G PHY types to link speed mapping (git-fixes).
- ice: fix 200G link speed message log (git-fixes).
- ice: fix ICE_LAST_OFFSET formula (git-fixes).
- ice: fix VLAN replay after reset (git-fixes).
- ice: fix VSI lists confusion when adding VLANs (git-fixes).
- ice: fix accounting for filters shared by multiple VSIs (git-fixes).
- ice: fix accounting if a VLAN already exists (git-fixes).
- ice: fix iteration of TLVs in Preserved Fields Area (git-fixes).
- ice: fix page reuse when PAGE_SIZE is over 8k (git-fixes).
- ice: fix reads from NVM Shadow RAM on E830 and E825-C devices (git-fixes).
- ice: fix truesize operations for PAGE_SIZE >= 8192 (git-fixes).
- ice: implement AQ download pkg retry (git-fixes).
- ice: map XDP queues to vectors in ice_vsi_map_rings_to_vectors() (git-fixes).
- ice: remove af_xdp_zc_qps bitmap (git-fixes).
- ice: replace synchronize_rcu with synchronize_net (git-fixes).
- ice: respect netif readiness in AF_XDP ZC related ndo's (git-fixes).
- ice: set correct dst VSI in only LAN filters (git-fixes).
- ice: tc: allow zero flags in parsing tc flower (git-fixes).
- ice: tc: check src_vsi in case of traffic from VF (git-fixes).
- ice: use proper macro for testing bit (git-fixes).
- idpf: Interpret .set_channels() input differently (git-fixes).
- idpf: avoid bloating &idpf_q_vector with big %NR_CPUS (git-fixes).
- idpf: do not enable NAPI and interrupts prior to allocating Rx buffers (git-fixes).
- idpf: do not skip over ethtool tcp-data-split setting (git-fixes).
- idpf: fix UAFs when destroying the queues (git-fixes).
- idpf: fix memleak in vport interrupt configuration (git-fixes).
- idpf: fix memory leaks and crashes while performing a soft reset (git-fixes).
- ieee802154: Fix build error (git-fixes).
- igb: Always call igb_xdp_ring_update_tail() under Tx lock (git-fixes).
- igb: Disable threaded IRQ for igb_msix_other (git-fixes).
- igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes).
- igc: Fix double reset adapter triggered from a single taprio cmd (git-fixes).
- igc: Fix packet still tx after gate close by reducing i226 MAC retry buffer (git-fixes).
- igc: Fix qbv tx latency by setting gtxoffset (git-fixes).
- igc: Fix qbv_config_change_errors logics (git-fixes).
- igc: Fix reset adapter logics when tx mode change (git-fixes).
- igc: Unlock on error in igc_io_resume() (git-fixes).
- iio: Fix fwnode_handle in __fwnode_iio_channel_get_by_name() (git-fixes).
- iio: accel: bma400: Fix uninitialized variable field_value in tap event handling (git-fixes).
- iio: accel: kx022a: Fix raw read format (git-fixes).
- iio: accel: kx022a: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (git-fixes).
- iio: adc: ad7606: Fix typo in the driver name (git-fixes).
- iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer (git-fixes).
- iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ti-lmp92064: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git-fixes).
- iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig (git-fixes).
- iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig (git-fixes).
- iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() (git-fixes).
- iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() (git-fixes).
- iio: gts: Fix uninitialized symbol 'ret' (git-fixes).
- iio: gts: fix infinite loop for gain_to_scaletables() (git-fixes).
- iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes).
- iio: light: al3010: Fix an error handling path in al3010_probe() (git-fixes).
- iio: light: opt3001: add missing full-scale range value (git-fixes).
- iio: light: veml6030: fix ALS sensor resolution (git-fixes).
- iio: light: veml6030: fix IIO device retrieval from embedded device (git-fixes).
- iio: light: veml6030: fix microlux value calculation (git-fixes).
- iio: magnetometer: ak8975: Convert enum->pointer for data in the match tables (stable-fixes).
- iio: magnetometer: ak8975: Fix 'Unexpected device' error (git-fixes).
- iio: magnetometer: ak8975: drop incorrect AK09116 compatible (git-fixes).
- iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- ima: fix buffer overrun in ima_eventdigest_init_common (git-fixes).
- initramfs: avoid filename buffer overrun (bsc#1232436).
- intel_idle: add Granite Rapids Xeon support (bsc#1231630).
- intel_idle: fix ACPI _CST matching for newer Xeon platforms (bsc#1231630).
- io_uring/eventfd: move to more idiomatic RCU free usage (git-fixes).
- io_uring/io-wq: do not allow pinning outside of cpuset (git-fixes).
- io_uring/io-wq: inherit cpuset of cgroup in io worker (git-fixes).
- io_uring/net: harden multishot termination case for recv (git-fixes).
- io_uring/rw: fix cflags posting for single issue multishot read (git-fixes).
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (git-fixes).
- io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN (git-fixes).
- io_uring/sqpoll: close race on waiting for sqring entries (git-fixes).
- io_uring/sqpoll: do not allow pinning outside of cpuset (git-fixes).
- io_uring/sqpoll: do not put cpumask on stack (git-fixes).
- io_uring/sqpoll: retain test for whether the CPU is valid (git-fixes).
- io_uring: check for presence of task_work rather than TIF_NOTIFY_SIGNAL (git-fixes).
- iommu/amd: Allocate the page table root using GFP_KERNEL (git-fixes).
- iommu/amd: Do not set the D bit on AMD v2 table entries (git-fixes).
- iommu/amd: Fix typo of , instead of ; (git-fixes).
- iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes).
- iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices (git-fixes).
- iommufd: Check the domain owner of the parent before creating a nesting domain (git-fixes).
- iommufd: Protect against overflow of ALIGN() during iova allocation (git-fixes).
- irqchip/gic-v3-its: Avoid explicit cpumask allocation on stack (git-fixes).
- jbd2: Move j_transaction_overhead_buffers into a hole (bsc#1234042).
- jbd2: avoid infinite transaction commit loop (bsc#1234039).
- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (bsc#1234043).
- jbd2: avoid mount failed when commit block is partial submitted (bsc#1234040).
- jbd2: correct the printing of write_flags in jbd2_write_superblock() (bsc#1234045).
- jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit (bsc#1231638).
- jbd2: fix kernel-doc for j_transaction_overhead_buffers (bsc#1234042).
- jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev (bsc#1234044).
- jbd2: fix soft lockup in journal_finish_inode_data_buffers() (bsc#1234046).
- jbd2: make jbd2_journal_get_max_txn_bufs() internal (bsc#1234041).
- jbd2: precompute number of transaction descriptor blocks (bsc#1234042).
- jfs: Fix sanity check in dbMount (git-fixes).
- jfs: Fix uaf in dbFreeBits (git-fixes).
- jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes).
- jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes).
- jfs: check if leafidx greater than num leaves per dmap tree (git-fixes).
- jump_label: Fix static_key_slow_dec() yet again (git-fixes).
- kABI fix of VM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).
- kABI workaround for ASoC SOF (bsc#1233305).
- kABI: Restore exported __arm_smccc_sve_check (git-fixes)
- kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes).
- kABI: bpf: struct bpf_insn_acces_aux kABI workaround (git-fixes).
- kabi, mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes kabi).
- kasan: Fix Software Tag-Based KASAN with GCC (git-fixes).
- kasan: move checks to do_strncpy_from_user (git-fixes).
- kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450).
- kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450).
- kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450).
- kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450).
- kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450).
- kconfig: qconf: fix buffer overflow in debug links (git-fixes).
- kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644).
- kexec_file: fix elfcorehdr digest exclusion when CONFIG_CRASH_HOTPLUG=y (git-fixes).
- keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry (git-fixes).
- keys: Fix overwrite of key expiration on instantiation (git-fixes).
- kthread: unpark only parked kthread (git-fixes).
- leds: lp55xx: Remove redundant test for invalid channel number (git-fixes).
- lib/xarray: introduce a new helper xas_get_order (bsc#1231617).
- lib: string_helpers: silence snprintf() output truncation warning (git-fixes).
- mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING (git-fixes).
- macsec: do not increment counters for an unrelated SA (git-fixes).
- mailbox: arm_mhuv2: clean up loop in get_irq_chan_comb() (git-fixes).
- maple_tree: correct tree corruption on spanning store (git-fixes).
- maple_tree: fix alloc node fail issue (git-fixes).
- maple_tree: refine mas_store_root() on storing NULL (git-fixes).
- media: Drop the previous HD-audio TAS2781 fix (bsc#1230132)
- media: adv7604: prevent underflow condition when reporting colorspace (git-fixes).
- media: amphion: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: amphion: Set video drvdata before register video device (git-fixes).
- media: ar0521: do not overflow when checking PLL values (git-fixes).
- media: atomisp: Add check for rgby_data memory allocation failure (git-fixes).
- media: bttv: use audio defaults for winfast2000 (git-fixes).
- media: core: v4l2-ioctl: check if ioctl is known to avoid NULL name (git-fixes).
- media: cx24116: prevent overflows on SNR calculus (git-fixes).
- media: dvb_frontend: do not play tricks with underflow values (git-fixes).
- media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set (stable-fixes).
- media: dvbdev: prevent the risk of out of memory access (git-fixes).
- media: gspca: ov534-ov772x: Fix off-by-one error in set_frame_rate() (git-fixes).
- media: i2c: dw9768: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: i2c: imx335: Enable regulator supplies (stable-fixes).
- media: i2c: tc358743: Fix crash in the probe error path when using polling (git-fixes).
- media: imx-jpeg: Ensure power suppliers be suspended before detach them (git-fixes).
- media: imx-jpeg: Set video drvdata before register video device (git-fixes).
- media: imx335: Fix reset-gpio handling (git-fixes).
- media: mantis: remove orphan mantis_core.h (git-fixes).
- media: mtk-jpeg: Fix null-ptr-deref during unload module (git-fixes).
- media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning (git-fixes).
- media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() (git-fixes).
- media: platform: exynos4-is: Fix an OF node reference leak in fimc_md_is_isp_available (git-fixes).
- media: pulse8-cec: fix data timestamp at pulse8_setup() (git-fixes).
- media: s5p-jpeg: prevent buffer overflows (git-fixes).
- media: stb0899_algo: initialize cfr before using it (git-fixes).
- media: ts2020: fix null-ptr-deref in ts2020_probe() (git-fixes).
- media: uvcvideo: Require entities to have a non-zero unique ID (git-fixes).
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (git-fixes).
- media: uvcvideo: Stop stream during unregister (git-fixes).
- media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() (git-fixes).
- media: v4l2-tpg: prevent the risk of a division by zero (git-fixes).
- media: vb2: Fix comment (git-fixes).
- media: venus: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes).
- media: videobuf2: fix typo: vb2_dbuf -> vb2_qbuf (git-fixes).
- media: wl128x: Fix atomicity violation in fmc_send_cmd() (git-fixes).
- mei: use kvmalloc for read buffer (git-fixes).
- mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- mfd: rt5033: Fix missing regmap_del_irq_chip() (git-fixes).
- mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to fix race (git-fixes).
- minmax: avoid overly complex min()/max() macro arguments in xen (git-fixes).
- minmax: scsi: fix mis-use of 'clamp()' in sr.c (git-fixes).
- misc: apds990x: Fix missing pm_runtime_disable() (git-fixes).
- mlx5: avoid truncating error message (git-fixes).
- mlx5: stop warning for 64KB pages (git-fixes).
- mlxbf_gige: disable RX filters until RX path initialized (git-fixes).
- mm/filemap: optimize filemap folio adding (bsc#1231617).
- mm/filemap: return early if failed to allocate memory for split (bsc#1231617).
- mm/hugetlb: fix nodes huge page allocation when there are surplus pages (bsc#1234012).
- mm: avoid unsafe VMA hook invocation when error arises on mmap hook (git-fixes).
- mm: khugepaged: fix the arguments order in khugepaged_collapse_file trace point (git-fixes).
- mm: mmap: no need to call khugepaged_enter_vma() for stack (jsc#PED-10978).
- mm: move dummy_vm_ops out of a header (git-fixes prerequisity).
- mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes).
- mm: refactor map_deny_write_exec() (git-fixes).
- mm: resolve faulty mmap_region() error path behaviour (git-fixes).
- mm: unconditionally close VMAs on error (git-fixes).
- mmc: core: Further prevent card detect during shutdown (git-fixes).
- mmc: mmc_spi: drop buggy snprintf() (git-fixes).
- mmc: sunxi-mmc: Fix A100 compatible description (git-fixes).
- modpost: fix acpi MODULE_DEVICE_TABLE built with mismatched endianness (git-fixes).
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (git-fixes).
- modpost: remove incorrect code in do_eisa_entry() (git-fixes).
- module: abort module loading when sysfs setup suffer errors (git-fixes).
- mtd: rawnand: atmel: Fix possible memory leak (git-fixes).
- mtd: spi-nor: core: replace dummy buswidth from addr to data (git-fixes).
- nbd: fix race between timeout and normal completion (bsc#1230918).
- net/mlx5: Add missing masks and QoS bit masks for scheduling elements (git-fixes).
- net/mlx5: Added cond_resched() to crdump collection (git-fixes).
- net/mlx5: Check capability for fw_reset (git-fixes).
- net/mlx5: Check for invalid vector index on EQ creation (git-fixes).
- net/mlx5: Explicitly set scheduling element and TSAR type (git-fixes).
- net/mlx5: Fix command bitmask initialization (git-fixes).
- net/mlx5: Fix error handling in irq_pool_request_irq (git-fixes).
- net/mlx5: Lag, do bond only if slaves agree on roce state (git-fixes).
- net/mlx5: Lag, do not use the hardcoded value of the first port (git-fixes).
- net/mlx5: Stop waiting for PCI if pci channel is offline (git-fixes).
- net/mlx5: Unregister notifier on eswitch init failure (git-fixes).
- net/mlx5: Update the list of the PCI supported devices (git-fixes).
- net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (git-fixes).
- net/mlx5e: Add missing link mode to ptys2ext_ethtool_map (git-fixes).
- net/mlx5e: Add missing link modes to ptys2ethtool_map (git-fixes).
- net/mlx5e: Add mqprio_rl cleanup and free in mlx5e_priv_cleanup() (git-fixes).
- net/mlx5e: Correctly report errors for ethtool rx flows (git-fixes).
- net/mlx5e: Do not call cleanup on profile rollback failure (git-fixes).
- net/mlx5e: Fix IPsec tunnel mode offload feature check (git-fixes).
- net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes).
- net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets (git-fixes).
- net/mlx5e: Require mlx5 tc classifier action support for IPsec prio capability (git-fixes).
- net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (git-fixes).
- net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891).
- net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289).
- net: mdio-ipq4019: add missing error check (git-fixes).
- net: phy: Remove LED entry from LEDs list on unregister (git-fixes).
- net: phy: bcm84881: Fix some error handling paths (git-fixes).
- net: phy: dp83822: Fix reset pin definitions (git-fixes).
- net: phy: dp83869: fix memory corruption when enabling fiber (git-fixes).
- net: phy: ti: add PHY_RST_AFTER_CLK_EN flag (git-fixes).
- net: qede: sanitize 'rc' in qede_add_tc_flower_fltr() (git-fixes).
- net: qede: use return from qede_parse_actions() (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flow_spec (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flower (git-fixes).
- net: relax socket state check at accept time (git-fixes).
- net: stmmac: dwmac-tegra: Fix link bring-up sequence (git-fixes)
- net: sysfs: Fix /sys/class/net/<iface> path for statistics (git-fixes).
- net: test for not too small csum_start in virtio_net_hdr_to_skb() (git-fixes).
- net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (git-fixes).
- net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device (git-fixes).
- net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration (git-fixes).
- net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition (stable-fixes).
- net: usb: usbnet: fix name regression (get-fixes).
- net: usb: usbnet: fix race in probe failure (git-fixes).
- net: wwan: fix global oob in wwan_rtnl_policy (git-fixes).
- net: wwan: t7xx: Fix off-by-one error in t7xx_dpmaif_rx_buf_alloc() (git-fixes).
- net: xfrm: preserve kabi for xfrm_state (bsc#1233754).
- netdevsim: copy addresses for both in and out paths (git-fixes).
- netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes).
- netfilter: nf_tables: missing iterator type in lookup walk (git-fixes).
- nfs: Fix KMSAN warning in decode_getfattr_attrs() (git-fixes).
- nfs: avoid i_lock contention in nfs_clear_invalid_mapping (git-fixes).
- nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes).
- nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes).
- nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net (git-fixes).
- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes).
- nfsd: fix refcount leak when file is unhashed after being found (git-fixes).
- nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes).
- nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git-fixes).
- nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234121).
- nfsd: return -EINVAL when namelen is 0 (git-fixes).
- nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git-fixes).
- nilfs2: fix potential deadlock with newly created symlinks (git-fixes).
- nouveau/dmem: Fix privileged error in copy engine channel (git-fixes).
- nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git-fixes).
- nouveau/dp: handle retries for AUX CH transfers with GSP (git-fixes).
- nouveau/gsp: Avoid addressing beyond end of rpc->entries (stable-fixes).
- nouveau: fw: sync dma after setup is called (git-fixes).
- nouveau: handle EBUSY and EAGAIN for GSP aux errors (git-fixes).
- ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes).
- ntfs3: Add bounds checking to mi_enum_attr() (bsc#1233207)
- nvme-fabrics: fix kernel crash while shutting down controller (git-fixes).
- nvme-loop: flush off pending I/O while shutting down loop controller (git-fixes).
- nvme-multipath: suppress partition scan until the disk is ready (bsc#1228244).
- nvme-pci: fix freeing of the HMB descriptor table (git-fixes).
- nvme-pci: fix race condition between reset and nvme_dev_disable() (git-fixes).
- nvme-pci: qdepth 1 quirk (git-fixes).
- nvme-pci: reverse request order in nvme_queue_rqs (git-fixes).
- nvme-pci: set doorbell config before unquiescing (git-fixes).
- nvme/host: Fix RCU list traversal to use SRCU primitive (git-fixes).
- nvme: disable CC.CRIME (NVME_CC_CRIME) (jsc#PED-9901).
- nvme: null terminate nvme_tls_attrs (git-fixes).
- nvme: re-fix error-handling for io_uring nvme-passthrough (git-fixes).
- nvme: tcp: avoid race between queue_lock lock and destroy (git-fixes).
- nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes).
- ocfs2: Drop OCFS2 patch causing a regression (bsc#1233255)
- ocfs2: fix UBSAN warning in ocfs2_verify_volume() (git-fixes).
- ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes).
- ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes).
- ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes).
- ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (git-fixes).
- ocfs2: uncache inode which has failed entering the group (git-fixes).
- of: Add cleanup.h based auto release via __free(device_node) markings (bsc#1232386)
- parport: Proper fix for array out-of-bounds access (git-fixes).
- phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check (git-fixes).
- phy: qcom: qmp-combo: move driver data initialisation earlier (git-fixes).
- phy: qcom: qmp-usb: fix NULL-deref on runtime suspend (git-fixes).
- phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes).
- phy: ti: phy-j721e-wiz: fix usxgmii configuration (git-fixes).
- pinctrl: apple: check devm_kasprintf() returned value (git-fixes).
- pinctrl: k210: Undef K210_PC_DEFAULT (git-fixes).
- pinctrl: ocelot: fix system hang on level based interrupts (stable-fixes).
- pinctrl: qcom: spmi: fix debugfs drive strength (git-fixes).
- pinctrl: zynqmp: drop excess struct member description (git-fixes).
- platform/chrome: cros_ec_typec: fix missing fwnode reference decrement (git-fixes).
- platform/x86/amd/pmc: Detect when STB is not available (git-fixes).
- platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (git-fixes).
- platform/x86: dell-sysman: add support for alienware products (stable-fixes).
- platform/x86: dell-wmi: Ignore suspend notifications (stable-fixes).
- platform/x86: lenovo-ymc: Ignore the 0x0 state (stable-fixes).
- platform/x86: panasonic-laptop: Return errno correctly in show callback (git-fixes).
- platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes).
- posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone (bsc#1234098).
- power: reset: brcmstb: Do not go into infinite loop if reset fails (stable-fixes).
- power: supply: bq27xxx: Fix registers of bq27426 (git-fixes).
- power: supply: core: Remove might_sleep() from power_supply_put() (git-fixes).
- power: supply: rt9471: Fix wrong WDT function regfield declaration (git-fixes).
- power: supply: rt9471: Use IC status regfield to report real charger status (git-fixes).
- powercap: intel_rapl: Fix off by one in get_rpi() (git-fixes).
- powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869).
- powerpc/64s: Fix unnecessary copy to 0 when kernel is booted at address 0 (bsc#1215199).
- powerpc/atomic: Use YZ constraints for DS-form instructions (bsc#1194869).
- powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869).
- powerpc/boot: Only free if realloc() succeeds (bsc#1194869).
- powerpc/code-patching: Add generic memory patching (bsc#1194869).
- powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869).
- powerpc/crypto: do not build aes-gcm-p10 by default (bsc#1230501 ltc#208632).
- powerpc/crypto: fix missing skcipher dependency for aes-gcm-p10 (bsc#1230501 ltc#208632).
- powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() (bsc#1215199).
- powerpc/fadump: Refactor and prepare fadump_cma_init for late init (bsc#1215199).
- powerpc/kexec: Fix return of uninitialized variable (bsc#1194869).
- powerpc/mm/fault: Fix kfence page fault reporting (bsc#1194869).
- powerpc/mm: Fix boot crash with FLATMEM (bsc#1194869).
- powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL (bsc#1194869).
- powerpc/powernv: Free name on error in opal_event_init() (bsc#1194869).
- powerpc/pseries: Fix KVM guest detection for disabling hardlockup detector (bsc#1194869).
- powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore (bsc#1194869).
- powerpc/pseries: Use correct data types from pseries_hp_errorlog struct (bsc#1215199).
- powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869).
- powerpc/vdso: Inconditionally use CFUNC macro (bsc#1215199).
- powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869).
- powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729).
- printk: Add notation to console_srcu locking (bsc#1232183).
- pwm: imx-tpm: Use correct MODULO value for EPWM mode (git-fixes).
- qed: avoid truncating work queue length (git-fixes).
- rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631).
- rcu: Fix buffer overflow in print_cpu_stall_info() (bsc#1226623).
- regmap: detach regmap from dev on regmap_exit (git-fixes).
- regmap: irq: Set lockdep class for hierarchical IRQ domains (git-fixes).
- rpm/check-for-config-changes: add HAVE_RUST and RUSTC_SUPPORTS_ to IGNORED_CONFIGS_RE They depend on SHADOW_CALL_STACK.
- rpm/release-projects: Add SLFO projects (bsc#1231293).
- rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644)
- rpmsg: glink: Handle rejected intent request better (git-fixes).
- rtc: ab-eoz9: do not fail temperature reads on undervoltage notification (git-fixes).
- rtc: abx80x: Fix WDT bit position of the status register (git-fixes).
- rtc: bbnsm: add remove hook (git-fixes).
- rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (git-fixes).
- rtc: rzn1: fix BCD to rtc_time conversion errors (git-fixes).
- rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- runtime constants: add default dummy infrastructure (git-fixes).
- runtime constants: add x86 architecture support (git-fixes).
- s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747).
- s390/pci: Handle PCI error codes other than 0x3a (git-fixes bsc#1232629).
- s390/sclp: Deactivate sclp after all its users (git-fixes bsc#1232628).
- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232627).
- scsi: NCR5380: Check for phase match during PDMA fixup (git-fixes).
- scsi: NCR5380: Initialize buffer for MSG IN and STATUS transfers (git-fixes).
- scsi: Remove scsi device no_start_on_resume flag (git-fixes).
- scsi: aacraid: Rearrange order of struct aac_srb_unit (git-fixes).
- scsi: cdrom: kABI: fix cdrom_dev_ops change (git-fixes).
- scsi: core: Disable CDL by default (git-fixes).
- scsi: core: Fix handling of SCMD_FAIL_IF_RECOVERING (git-fixes).
- scsi: core: Fix the return value of scsi_logical_block_count() (git-fixes).
- scsi: core: Handle devices which return an unusually large VPD page count (git-fixes).
- scsi: core: alua: I/O errors for ALUA state transitions (git-fixes).
- scsi: fnic: Move flush_work initialization out of if block (bsc#1230055).
- scsi: hisi_sas: Handle the NCQ error returned by D2H frame (git-fixes).
- scsi: hpsa: Fix allocation size for Scsi_Host private data (git-fixes).
- scsi: kABI: restore no_start_on_resume to scsi_device (git-fixes).
- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (git-fixes).
- scsi: libsas: Fix the failure of adding phy with zero-address to port (git-fixes).
- scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757).
- scsi: lpfc: Add cleanup of nvmels_wq after HBA reset (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Call lpfc_sli4_queue_unset() in restart and rmmod paths (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check SLI_ACTIVE flag in FDMI cmpl before submitting follow up FDMI (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check devloss callbk done flag for potential stale NDLP ptrs (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Copyright updates for 14.4.0.6 patches (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757).
- scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757).
- scsi: lpfc: Modify CGN warning signal calculation based on EDC response (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Prevent NDLP reference count underflow in dev_loss_tmo callback (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Remove trailing space after \n newline (bsc#1232757).
- scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (bsc#1232757 bsc#1228119).
- scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757).
- scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757).
- scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757).
- scsi: lpfc: Update lpfc version to 14.4.0.6 (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Update lpfc_els_flush_cmd() to check for SLI_ACTIVE before BSG flag (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757).
- scsi: mac_scsi: Disallow bus errors during PDMA send (git-fixes).
- scsi: mac_scsi: Refactor polling loop (git-fixes).
- scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages (git-fixes).
- scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: mpi3mr: Avoid memcpy field-spanning write WARNING (git-fixes).
- scsi: mpi3mr: Avoid possible run-time warning with long manufacturer strings (git-fixes).
- scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes).
- scsi: mpi3mr: Validate SAS port assignments (git-fixes).
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: pm8001: Do not overwrite PCI queue mapping (git-fixes).
- scsi: pm80xx: Set phy->enable_completion only when we wait for it (git-fixes).
- scsi: qedf: Set qed_slowpath_params to zero before use (git-fixes).
- scsi: scsi_transport_fc: Allow setting rport state to current state (git-fixes).
- scsi: sd: Ignore command SYNCHRONIZE CACHE error if format in progress (git-fixes).
- scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer (git-fixes).
- scsi: smartpqi: correct stream detection (git-fixes).
- scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly (git-fixes).
- scsi: spi: Fix sshdr use (git-fixes).
- scsi: sr: Fix unintentional arithmetic wraparound (git-fixes).
- scsi: wd33c93: Do not use stale scsi_pointer value (git-fixes).
- security/keys: fix slab-out-of-bounds in key_task_permission (git-fixes).
- selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes).
- selftests/bpf: Add a test case to write strtol result into .rodata (git-fixes).
- selftests/bpf: Add test for sign extension in coerce_subreg_to_size_sx() (git-fixes).
- selftests/bpf: Add test for truncation after sign extension in coerce_reg_to_size_sx() (git-fixes).
- selftests/bpf: Add tests for ldsx of pkt data/data_end/data_meta accesses (git-fixes).
- selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes).
- selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes).
- selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git-fixes).
- serial: 8250: omap: Move pm_runtime_get_sync (git-fixes).
- serial: imx: Update mctrl old_status on RTSD interrupt (git-fixes).
- serial: protect uart_port_dtr_rts() in uart_shutdown() too (stable-fixes).
- signal: Replace BUG_ON()s (bsc#1234093).
- soc: fsl: rcpm: fix missing of_node_put() in copy_ippdexpcr1_setting() (git-fixes).
- soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (git-fixes).
- soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- soundwire: intel_bus_common: enable interrupts before exiting reset (stable-fixes).
- spi: Fix acpi deferred irq probe (git-fixes).
- spi: atmel-quadspi: Fix register name in verbose logging function (git-fixes).
- spi: atmel-quadspi: Fix wrong register value written to MR (git-fixes).
- spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes).
- spi: mtk-snfi: fix kerneldoc for mtk_snand_is_page_ops() (git-fixes).
- spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes).
- spi: spi-fsl-dspi: Fix crash when not using GPIO chip select (git-fixes).
- spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- spi: tegra210-quad: Avoid shift-out-of-bounds (git-fixes).
- splice: always fsnotify_access(in), fsnotify_modify(out) on success (git-fixes).
- splice: fsnotify_access(fd)/fsnotify_modify(fd) in vmsplice (git-fixes).
- splice: fsnotify_access(in), fsnotify_modify(out) on success in tee (git-fixes).
- srcu: Fix callbacks acceleration mishandling (git-fixes).
- staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() (git-fixes).
- sumversion: Fix a memory leak in get_src_version() (git-fixes).
- supported.conf: mark nhpoly1305 module as supported (bsc#1231035).
- supported.conf: mark ultravisor userspace access as supported (bsc#1232090).
- task_work: add kerneldoc annotation for 'data' argument (git-fixes).
- tcp: Fix refcnt handling in __inet_hash_connect() (git-fixes).
- thermal: core: Initialize thermal zones before registering them (git-fixes).
- thermal: int3400: Fix reading of current_uuid for active policy (git-fixes).
- thermal: intel: int340x: processor: Fix warning during module unload (git-fixes).
- thunderbolt: Honor TMU requirements in the domain when setting TMU mode (stable-fixes).
- thunderbolt: Improve DisplayPort tunnel setup process to be more robust (stable-fixes).
- tools/lib/thermal: Fix sampling handler context ptr (git-fixes).
- tools/power turbostat: Fix trailing '\n' parsing (git-fixes).
- tools/power turbostat: Increase the limit for fd opened (bsc#1233119).
- tools: hv: rm .*.cmd when make clean (git-fixes).
- tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 git-fixes).
- tpm: fix signed/unsigned bug when checking event logs (git-fixes).
- tracing/hwlat: Fix a race during cpuhp processing (git-fixes).
- tracing/osnoise: Fix build when timerlat is not enabled (git-fixes).
- tracing/osnoise: Skip running osnoise if all instances are off (git-fixes).
- tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (git-fixes).
- tracing/osnoise: Use a cpumask to know what threads are kthreads (git-fixes).
- tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread() (git-fixes).
- tracing/timerlat: Add user-space interface (git-fixes).
- tracing/timerlat: Drop interface_lock in stop_kthread() (git-fixes).
- tracing/timerlat: Fix a race during cpuhp processing (git-fixes).
- tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline (git-fixes).
- tracing/timerlat: Move hrtimer_init to timerlat_fd open() (git-fixes).
- tracing/timerlat: Only clear timer if a kthread exists (git-fixes).
- tracing: Consider the NULL character when validating the event length (git-fixes).
- tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler (git-fixes).
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (stable-fixes).
- u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one file (git-fixes).
- ubifs: Fix adding orphan entry twice for the same inode (git-fixes).
- ubifs: Fix unattached xattr inode if powercut happens after deleting (git-fixes).
- ubifs: add check for crypto_shash_tfm_digest (git-fixes).
- ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes).
- ucounts: fix counter leak in inc_rlimit_get_ucounts() (bsc#1233460).
- unicode: Do not special case ignorable code points (stable-fixes).
- unicode: Fix utf8_load() error path (git-fixes).
- uprobe: avoid out-of-bounds memory access of fetching args (git-fixes).
- uprobes: encapsulate preparation of uprobe args buffer (git-fixes).
- uprobes: introduce the global struct vm_special_mapping xol_mapping (bsc#1231114).
- uprobes: turn xol_area->pages into xol_area->page (bsc#1231114).
- usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes).
- usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes).
- usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG (git-fixes).
- usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes).
- usb: dwc3: gadget: Add missing check for single port RAM in TxFIFO resizing logic (git-fixes).
- usb: dwc3: gadget: Fix checking for number of TRBs left (git-fixes).
- usb: dwc3: gadget: Fix looping of queued SG entries (git-fixes).
- usb: ehci-spear: fix call balance of sehci clk handling routines (git-fixes).
- usb: gadget: core: force synchronous registration (git-fixes).
- usb: gadget: dummy_hcd: Set transfer interval to 1 microframe (stable-fixes).
- usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler (stable-fixes).
- usb: gadget: dummy_hcd: execute hrtimer callback in softirq context (git-fixes).
- usb: gadget: f_uac2: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: gadget: f_uac2: fix non-newline-terminated function name (stable-fixes).
- usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store (git-fixes).
- usb: musb: Fix hardware lockup on first Rx endpoint request (git-fixes).
- usb: musb: sunxi: Fix accessing an released usb phy (git-fixes).
- usb: phy: Fix API devm_usb_put_phy() can not release the phy (git-fixes).
- usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes).
- usb: typec: altmode should keep reference to parent (git-fixes).
- usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() (git-fixes).
- usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() (git-fixes).
- usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() (git-fixes).
- usb: xhci: Fix TD invalidation under pending Set TR Dequeue (git-fixes).
- usb: xhci: Fix problem with xhci resume from suspend (stable-fixes).
- usb: xhci: fix loss of data on Cadence xHC (git-fixes).
- usb: yurex: make waiting on yurex_write interruptible (git-fixes).
- usbip: tools: Fix detach_port() invalid port error path (git-fixes).
- usbnet: fix cyclical race on disconnect with work queue (git-fixes).
- vdpa: Fix an error handling path in eni_vdpa_probe() (git-fixes).
- vdpa_sim_blk: Fix the potential leak of mgmt_dev (git-fixes).
- vdpa_sim_blk: allocate the buffer zeroed (git-fixes).
- vduse: avoid using __GFP_NOFAIL (git-fixes).
- vfs: dcache: move hashlen_hash() from callers into d_hash() (git-fixes).
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes).
- vhost_vdpa: assign irq bypass producer token correctly (git-fixes).
- virtio_console: fix misc probe bugs (git-fixes).
- vmalloc: modify the alloc_vmap_area() error message for better diagnostics (jsc#PED-10978).
- vmxnet3: Add XDP support (bsc#1226498).
- vmxnet3: Fix missing reserved tailroom (bsc#1226498).
- vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame (bsc#1226498).
- vmxnet3: add command to allow disabling of offloads (bsc#1226498).
- vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498).
- vmxnet3: prepare for version 9 changes (bsc#1226498).
- vmxnet3: update to version 9 (bsc#1226498).
- vsock: Update msg_count on read_skb() (git-fixes).
- vt: prevent kernel-infoleak in con_font_get() (git-fixes).
- watchdog: apple: Actually flush writes after requesting watchdog restart (git-fixes).
- watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (git-fixes).
- watchdog: rti: of: honor timeout-sec property (git-fixes).
- wifi: ath10k: Fix memory leak in management tx (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss1 (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss2 (git-fixes).
- wifi: ath11k: Fix CE offset address calculation for WCN6750 in SSR (git-fixes).
- wifi: ath11k: Fix invalid ring usage in full monitor mode (git-fixes).
- wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes).
- wifi: ath12k: Skip Rx TID cleanup for self peer (git-fixes).
- wifi: ath12k: fix array out-of-bound access in SoC stats (stable-fixes).
- wifi: ath12k: fix crash when unbinding (git-fixes).
- wifi: ath12k: fix warning when unbinding (git-fixes).
- wifi: ath12k: remove msdu_end structure for WCN7850 (git-fixes).
- wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (git-fixes).
- wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable-fixes).
- wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes).
- wifi: brcm80211: BRCM_TRACING should depend on TRACING (git-fixes).
- wifi: brcmfmac: release 'root' node in all execution paths (git-fixes).
- wifi: cfg80211: Set correct chandef when starting CAC (stable-fixes).
- wifi: cfg80211: clear wdev->cqm_config pointer on free (git-fixes).
- wifi: cw1200: Fix potential NULL dereference (git-fixes).
- wifi: iwlegacy: Clear stale interrupts before resuming device (stable-fixes).
- wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd() (git-fixes).
- wifi: iwlwifi: allow only CN mcc from WRDD (stable-fixes).
- wifi: iwlwifi: config: label 'gl' devices as discrete (git-fixes).
- wifi: iwlwifi: mvm: Fix a race in scan abort flow (stable-fixes).
- wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (git-fixes).
- wifi: iwlwifi: mvm: avoid NULL pointer dereference (stable-fixes).
- wifi: iwlwifi: mvm: do not add default link in fw restart flow (git-fixes).
- wifi: iwlwifi: mvm: do not leak a link on AP removal (git-fixes).
- wifi: iwlwifi: mvm: drop wrong STA selection in TX (stable-fixes).
- wifi: iwlwifi: mvm: use correct key iteration (stable-fixes).
- wifi: iwlwifi: remove AX101, AX201 and AX203 support from LNL (stable-fixes).
- wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (git-fixes).
- wifi: mac80211: fix RCU list iterations (stable-fixes).
- wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys (git-fixes).
- wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation (stable-fixes).
- wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable (stable-fixes).
- wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (git-fixes).
- wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- wifi: rtw88: 8821cu: Remove VID/PID 0bda:c82c (stable-fixes).
- wifi: rtw88: Fix USB/SDIO devices not transmitting beacons (git-fixes).
- wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes).
- wifi: rtw89: avoid reading out of bounds when loading TX power FW elements (stable-fixes).
- wifi: rtw89: avoid to add interface to list twice when SER (stable-fixes).
- wifi: rtw89: correct base HT rate mask for firmware (stable-fixes).
- wifi: wfx: Fix error handling in wfx_core_init() (git-fixes).
- x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1233443).
- x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load (git-fixes).
- x86/Documentation: Indent 'note::' directive for protocol version number note (git-fixes).
- x86/PCI: Check pcie_find_root_port() return for NULL (git-fixes).
- x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h (git-fixes).
- x86/apic: Always explicitly disarm TSC-deadline timer (git-fixes).
- x86/apic: Make x2apic_disable() work correctly (git-fixes).
- x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes).
- x86/bugs: Skip RSB fill at VMEXIT (git-fixes).
- x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes).
- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes).
- x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes).
- x86/entry: Remove unwanted instrumentation in common_interrupt() (git-fixes).
- x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes).
- x86/microcode/intel: Remove unnecessary cache writeback and invalidation (git-fixes).
- x86/mm: Use IPIs to synchronize LAM enablement (git-fixes).
- x86/resctrl: Annotate get_mem_config() functions as __init (git-fixes).
- x86/resctrl: Avoid overflow in MB settings in bw_validate() (git-fixes).
- x86/resctrl: Remove hard-coded memory bandwidth limit (git-fixes).
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes).
- x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments() (git-fixes).
- x86/tdx: Dynamically disable SEPT violations from causing #VEs (git-fixes).
- x86/tdx: Enable CPU topology enumeration (git-fixes).
- x86/tdx: Introduce wrappers to read and write TD metadata (git-fixes).
- x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() (git-fixes).
- x86/traps: move kmsan check after instrumentation_begin (git-fixes).
- x86: Increase brk randomness entropy for 64-bit systems (git-fixes).
- x86: do the user address masking outside the user access area (git-fixes).
- x86: fix off-by-one in access_ok() (git-fixes).
- x86: fix user address masking non-canonical speculation issue (git-fixes).
- x86: make the masked_user_access_begin() macro use its argument only once (git-fixes).
- x86: support user address masking instead of non-speculative conditional (git-fixes).
- xfrm: Export symbol xfrm_dev_state_delete (bsc#1233754).
- xfrm: Fix unregister netdevice hang on hardware offload (bsc#1233754).
- xfs: check opcode and iovec count match in xlog_recover_attri_commit_pass2 (git-fixes).
- xfs: check shortform attr entry flags specifically (git-fixes).
- xfs: convert delayed extents to unwritten when zeroing post eof blocks (git-fixes).
- xfs: fix finding a last resort AG in xfs_filestream_pick_ag (git-fixes).
- xfs: fix freeing speculative preallocations for preallocated files (git-fixes).
- xfs: make sure sb_fdblocks is non-negative (git-fixes).
- xfs: make the seq argument to xfs_bmapi_convert_delalloc() optional (git-fixes).
- xfs: make xfs_bmapi_convert_delalloc() to allocate the target offset (git-fixes).
- xfs: remove a racy if_bytes check in xfs_reflink_end_cow_extent (git-fixes).
- xfs: validate recovered name buffers when recovering xattr items (git-fixes).
- xhci: Add a quirk for writing ERST in high-low order (git-fixes).
- xhci: Fix Link TRB DMA in command ring stopped completion event (git-fixes).
- xhci: Fix incorrect stream context type macro (git-fixes).
- xhci: Mitigate failed set dequeue pointer commands (git-fixes).
- xhci: Use pm_runtime_get to prevent RPM on unsupported systems (git-fixes).
- xhci: tegra: fix checked USB2 port number (git-fixes).
- zonefs: Improve error handling (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1082555SUSE bug 1194869SUSE bug 1215199SUSE bug 1217845SUSE bug 1218562SUSE bug 1218644SUSE bug 1219596SUSE bug 1219803SUSE bug 1220355SUSE bug 1220382SUSE bug 1221309SUSE bug 1222423SUSE bug 1222587SUSE bug 1222590SUSE bug 1223112SUSE bug 1223384SUSE bug 1223656SUSE bug 1223700SUSE bug 1223733SUSE bug 1223824SUSE bug 1223848SUSE bug 1224088SUSE bug 1224429SUSE bug 1224518SUSE bug 1224548SUSE bug 1224574SUSE bug 1224948SUSE bug 1225611SUSE bug 1225713SUSE bug 1225725SUSE bug 1225730SUSE bug 1225742SUSE bug 1225764SUSE bug 1225768SUSE bug 1225813SUSE bug 1225903SUSE bug 1226003SUSE bug 1226130SUSE bug 1226498SUSE bug 1226623SUSE bug 1226631SUSE bug 1226748SUSE bug 1226797SUSE bug 1226848SUSE bug 1226872SUSE bug 1227726SUSE bug 1227842SUSE bug 1228119SUSE bug 1228244SUSE bug 1228269SUSE bug 1228410SUSE bug 1228430SUSE bug 1228454SUSE bug 1228537SUSE bug 1228620SUSE bug 1228743SUSE bug 1228747SUSE bug 1228850SUSE bug 1228857SUSE bug 1229019SUSE bug 1229165SUSE bug 1229429SUSE bug 1229450SUSE bug 1229585SUSE bug 1229677SUSE bug 1229769SUSE bug 1229808SUSE bug 1229891SUSE bug 1230055SUSE bug 1230132SUSE bug 1230179SUSE bug 1230220SUSE bug 1230231SUSE bug 1230289SUSE bug 1230295SUSE bug 1230339SUSE bug 1230341SUSE bug 1230375SUSE bug 1230414SUSE bug 1230429SUSE bug 1230456SUSE bug 1230501SUSE bug 1230527SUSE bug 1230550SUSE bug 1230557SUSE bug 1230558SUSE bug 1230600SUSE bug 1230620SUSE bug 1230710SUSE bug 1230733SUSE bug 1230762SUSE bug 1230763SUSE bug 1230773SUSE bug 1230774SUSE bug 1230801SUSE bug 1230807SUSE bug 1230817SUSE bug 1230827SUSE bug 1230831SUSE bug 1230914SUSE bug 1230918SUSE bug 1230971SUSE bug 1231016SUSE bug 1231035SUSE bug 1231072SUSE bug 1231073SUSE bug 1231075SUSE bug 1231076SUSE bug 1231081SUSE bug 1231082SUSE bug 1231083SUSE bug 1231084SUSE bug 1231085SUSE bug 1231087SUSE bug 1231089SUSE bug 1231092SUSE bug 1231093SUSE bug 1231094SUSE bug 1231096SUSE bug 1231098SUSE bug 1231100SUSE bug 1231101SUSE bug 1231102SUSE bug 1231105SUSE bug 1231108SUSE bug 1231111SUSE bug 1231114SUSE bug 1231115SUSE bug 1231116SUSE bug 1231117SUSE bug 1231131SUSE bug 1231132SUSE bug 1231135SUSE bug 1231136SUSE bug 1231138SUSE bug 1231148SUSE bug 1231169SUSE bug 1231170SUSE bug 1231171SUSE bug 1231178SUSE bug 1231179SUSE bug 1231182SUSE bug 1231183SUSE bug 1231187SUSE bug 1231191SUSE bug 1231193SUSE bug 1231195SUSE bug 1231197SUSE bug 1231200SUSE bug 1231202SUSE bug 1231203SUSE bug 1231276SUSE bug 1231293SUSE bug 1231384SUSE bug 1231434SUSE bug 1231435SUSE bug 1231436SUSE bug 1231439SUSE bug 1231440SUSE bug 1231441SUSE bug 1231442SUSE bug 1231452SUSE bug 1231453SUSE bug 1231465SUSE bug 1231474SUSE bug 1231481SUSE bug 1231496SUSE bug 1231502SUSE bug 1231537SUSE bug 1231539SUSE bug 1231540SUSE bug 1231541SUSE bug 1231617SUSE bug 1231630SUSE bug 1231634SUSE bug 1231635SUSE bug 1231636SUSE bug 1231637SUSE bug 1231638SUSE bug 1231639SUSE bug 1231640SUSE bug 1231673SUSE bug 1231828SUSE bug 1231849SUSE bug 1231855SUSE bug 1231856SUSE bug 1231857SUSE bug 1231858SUSE bug 1231859SUSE bug 1231860SUSE bug 1231861SUSE bug 1231864SUSE bug 1231865SUSE bug 1231868SUSE bug 1231869SUSE bug 1231871SUSE bug 1231872SUSE bug 1231901SUSE bug 1231902SUSE bug 1231903SUSE bug 1231904SUSE bug 1231906SUSE bug 1231907SUSE bug 1231908SUSE bug 1231914SUSE bug 1231916SUSE bug 1231920SUSE bug 1231924SUSE bug 1231926SUSE bug 1231930SUSE bug 1231931SUSE bug 1231935SUSE bug 1231942SUSE bug 1231944SUSE bug 1231946SUSE bug 1231947SUSE bug 1231950SUSE bug 1231951SUSE bug 1231952SUSE bug 1231953SUSE bug 1231954SUSE bug 1231955SUSE bug 1231956SUSE bug 1231957SUSE bug 1231965SUSE bug 1231967SUSE bug 1231968SUSE bug 1231987SUSE bug 1231988SUSE bug 1231989SUSE bug 1231990SUSE bug 1231998SUSE bug 1232000SUSE bug 1232003SUSE bug 1232009SUSE bug 1232013SUSE bug 1232015SUSE bug 1232016SUSE bug 1232017SUSE bug 1232018SUSE bug 1232033SUSE bug 1232034SUSE bug 1232036SUSE bug 1232043SUSE bug 1232047SUSE bug 1232048SUSE bug 1232049SUSE bug 1232050SUSE bug 1232056SUSE bug 1232075SUSE bug 1232076SUSE bug 1232079SUSE bug 1232080SUSE bug 1232083SUSE bug 1232084SUSE bug 1232085SUSE bug 1232089SUSE bug 1232090SUSE bug 1232093SUSE bug 1232094SUSE bug 1232096SUSE bug 1232097SUSE bug 1232098SUSE bug 1232103SUSE bug 1232104SUSE bug 1232105SUSE bug 1232109SUSE bug 1232111SUSE bug 1232114SUSE bug 1232116SUSE bug 1232117SUSE bug 1232124SUSE bug 1232126SUSE bug 1232127SUSE bug 1232129SUSE bug 1232130SUSE bug 1232131SUSE bug 1232132SUSE bug 1232134SUSE bug 1232135SUSE bug 1232140SUSE bug 1232141SUSE bug 1232142SUSE bug 1232145SUSE bug 1232147SUSE bug 1232148SUSE bug 1232149SUSE bug 1232151SUSE bug 1232152SUSE bug 1232154SUSE bug 1232155SUSE bug 1232156SUSE bug 1232157SUSE bug 1232159SUSE bug 1232160SUSE bug 1232162SUSE bug 1232164SUSE bug 1232165SUSE bug 1232166SUSE bug 1232174SUSE bug 1232180SUSE bug 1232182SUSE bug 1232183SUSE bug 1232185SUSE bug 1232187SUSE bug 1232189SUSE bug 1232192SUSE bug 1232195SUSE bug 1232196SUSE bug 1232198SUSE bug 1232199SUSE bug 1232200SUSE bug 1232201SUSE bug 1232207SUSE bug 1232208SUSE bug 1232217SUSE bug 1232218SUSE bug 1232220SUSE bug 1232221SUSE bug 1232222SUSE bug 1232224SUSE bug 1232232SUSE bug 1232250SUSE bug 1232251SUSE bug 1232253SUSE bug 1232254SUSE bug 1232255SUSE bug 1232256SUSE bug 1232258SUSE bug 1232259SUSE bug 1232260SUSE bug 1232262SUSE bug 1232263SUSE bug 1232264SUSE bug 1232272SUSE bug 1232275SUSE bug 1232279SUSE bug 1232282SUSE bug 1232285SUSE bug 1232287SUSE bug 1232295SUSE bug 1232305SUSE bug 1232307SUSE bug 1232309SUSE bug 1232310SUSE bug 1232312SUSE bug 1232313SUSE bug 1232314SUSE bug 1232315SUSE bug 1232316SUSE bug 1232317SUSE bug 1232318SUSE bug 1232329SUSE bug 1232332SUSE bug 1232333SUSE bug 1232334SUSE bug 1232335SUSE bug 1232337SUSE bug 1232339SUSE bug 1232340SUSE bug 1232342SUSE bug 1232345SUSE bug 1232349SUSE bug 1232352SUSE bug 1232354SUSE bug 1232355SUSE bug 1232357SUSE bug 1232358SUSE bug 1232359SUSE bug 1232361SUSE bug 1232362SUSE bug 1232366SUSE bug 1232367SUSE bug 1232368SUSE bug 1232369SUSE bug 1232370SUSE bug 1232371SUSE bug 1232374SUSE bug 1232378SUSE bug 1232381SUSE bug 1232383SUSE bug 1232385SUSE bug 1232386SUSE bug 1232387SUSE bug 1232392SUSE bug 1232394SUSE bug 1232395SUSE bug 1232396SUSE bug 1232413SUSE bug 1232416SUSE bug 1232417SUSE bug 1232418SUSE bug 1232424SUSE bug 1232427SUSE bug 1232432SUSE bug 1232435SUSE bug 1232436SUSE bug 1232442SUSE bug 1232446SUSE bug 1232483SUSE bug 1232494SUSE bug 1232498SUSE bug 1232499SUSE bug 1232500SUSE bug 1232501SUSE bug 1232502SUSE bug 1232503SUSE bug 1232504SUSE bug 1232505SUSE bug 1232506SUSE bug 1232507SUSE bug 1232511SUSE bug 1232519SUSE bug 1232520SUSE bug 1232529SUSE bug 1232552SUSE bug 1232623SUSE bug 1232626SUSE bug 1232627SUSE bug 1232628SUSE bug 1232629SUSE bug 1232704SUSE bug 1232757SUSE bug 1232768SUSE bug 1232819SUSE bug 1232823SUSE bug 1232860SUSE bug 1232869SUSE bug 1232870SUSE bug 1232873SUSE bug 1232876SUSE bug 1232877SUSE bug 1232878SUSE bug 1232880SUSE bug 1232881SUSE bug 1232884SUSE bug 1232885SUSE bug 1232887SUSE bug 1232888SUSE bug 1232890SUSE bug 1232892SUSE bug 1232894SUSE bug 1232896SUSE bug 1232897SUSE bug 1232905SUSE bug 1232907SUSE bug 1232914SUSE bug 1232919SUSE bug 1232925SUSE bug 1232926SUSE bug 1232928SUSE bug 1232935SUSE bug 1233029SUSE bug 1233032SUSE bug 1233035SUSE bug 1233036SUSE bug 1233041SUSE bug 1233044SUSE bug 1233049SUSE bug 1233050SUSE bug 1233051SUSE bug 1233056SUSE bug 1233057SUSE bug 1233061SUSE bug 1233062SUSE bug 1233063SUSE bug 1233065SUSE bug 1233067SUSE bug 1233070SUSE bug 1233073SUSE bug 1233074SUSE bug 1233088SUSE bug 1233091SUSE bug 1233092SUSE bug 1233097SUSE bug 1233100SUSE bug 1233103SUSE bug 1233104SUSE bug 1233105SUSE bug 1233106SUSE bug 1233107SUSE bug 1233108SUSE bug 1233110SUSE bug 1233111SUSE bug 1233113SUSE bug 1233114SUSE bug 1233115SUSE bug 1233117SUSE bug 1233119SUSE bug 1233123SUSE bug 1233125SUSE bug 1233127SUSE bug 1233129SUSE bug 1233130SUSE bug 1233132SUSE bug 1233135SUSE bug 1233176SUSE bug 1233179SUSE bug 1233185SUSE bug 1233188SUSE bug 1233189SUSE bug 1233191SUSE bug 1233193SUSE bug 1233197SUSE bug 1233201SUSE bug 1233203SUSE bug 1233204SUSE bug 1233205SUSE bug 1233206SUSE bug 1233207SUSE bug 1233208SUSE bug 1233209SUSE bug 1233210SUSE bug 1233211SUSE bug 1233212SUSE bug 1233216SUSE bug 1233217SUSE bug 1233219SUSE bug 1233226SUSE bug 1233238SUSE bug 1233241SUSE bug 1233244SUSE bug 1233253SUSE bug 1233255SUSE bug 1233293SUSE bug 1233298SUSE bug 1233305SUSE bug 1233320SUSE bug 1233350SUSE bug 1233443SUSE bug 1233452SUSE bug 1233453SUSE bug 1233454SUSE bug 1233456SUSE bug 1233457SUSE bug 1233458SUSE bug 1233460SUSE bug 1233462SUSE bug 1233463SUSE bug 1233464SUSE bug 1233465SUSE bug 1233468SUSE bug 1233471SUSE bug 1233476SUSE bug 1233478SUSE bug 1233479SUSE bug 1233481SUSE bug 1233484SUSE bug 1233485SUSE bug 1233487SUSE bug 1233490SUSE bug 1233491SUSE bug 1233523SUSE bug 1233524SUSE bug 1233540SUSE bug 1233547SUSE bug 1233548SUSE bug 1233550SUSE bug 1233552SUSE bug 1233553SUSE bug 1233554SUSE bug 1233555SUSE bug 1233557SUSE bug 1233560SUSE bug 1233561SUSE bug 1233564SUSE bug 1233566SUSE bug 1233567SUSE bug 1233568SUSE bug 1233570SUSE bug 1233572SUSE bug 1233573SUSE bug 1233577SUSE bug 1233580SUSE bug 1233640SUSE bug 1233641SUSE bug 1233642SUSE bug 1233721SUSE bug 1233754SUSE bug 1233756SUSE bug 1233769SUSE bug 1233771SUSE bug 1233977SUSE bug 1234009SUSE bug 1234011SUSE bug 1234012SUSE bug 1234025SUSE bug 1234039SUSE bug 1234040SUSE bug 1234041SUSE bug 1234042SUSE bug 1234043SUSE bug 1234044SUSE bug 1234045SUSE bug 1234046SUSE bug 1234072SUSE bug 1234078SUSE bug 1234081SUSE bug 1234083SUSE bug 1234085SUSE bug 1234087SUSE bug 1234093SUSE bug 1234098SUSE bug 1234108SUSE bug 1234121SUSE bug 1234223CVE-2023-52766 at SUSECVE-2023-52766 at NVDCVE-2023-52778 at SUSECVE-2023-52778 at NVDCVE-2023-52800 at SUSECVE-2023-52800 at NVDCVE-2023-52881 at SUSECVE-2023-52881 at NVDCVE-2023-52917 at SUSECVE-2023-52917 at NVDCVE-2023-52918 at SUSECVE-2023-52918 at NVDCVE-2023-52919 at SUSECVE-2023-52919 at NVDCVE-2023-52920 at SUSECVE-2023-52920 at NVDCVE-2023-52921 at SUSECVE-2023-52921 at NVDCVE-2023-52922 at SUSECVE-2023-52922 at NVDCVE-2023-6270 at SUSECVE-2023-6270 at NVDCVE-2024-26596 at SUSECVE-2024-26596 at NVDCVE-2024-26703 at SUSECVE-2024-26703 at NVDCVE-2024-26741 at SUSECVE-2024-26741 at NVDCVE-2024-26758 at SUSECVE-2024-26758 at NVDCVE-2024-26761 at SUSECVE-2024-26761 at NVDCVE-2024-26767 at SUSECVE-2024-26767 at NVDCVE-2024-26782 at SUSECVE-2024-26782 at NVDCVE-2024-26864 at SUSECVE-2024-26864 at NVDCVE-2024-26943 at SUSECVE-2024-26943 at NVDCVE-2024-26953 at SUSECVE-2024-26953 at NVDCVE-2024-27017 at SUSECVE-2024-27017 at NVDCVE-2024-27026 at SUSECVE-2024-27026 at NVDCVE-2024-27043 at SUSECVE-2024-27043 at NVDCVE-2024-27407 at SUSECVE-2024-27407 at NVDCVE-2024-35888 at SUSECVE-2024-35888 at NVDCVE-2024-35980 at SUSECVE-2024-35980 at NVDCVE-2024-36000 at SUSECVE-2024-36000 at NVDCVE-2024-36031 at SUSECVE-2024-36031 at NVDCVE-2024-36244 at SUSECVE-2024-36244 at NVDCVE-2024-36484 at SUSECVE-2024-36484 at NVDCVE-2024-36883 at SUSECVE-2024-36883 at NVDCVE-2024-36886 at SUSECVE-2024-36886 at NVDCVE-2024-36905 at SUSECVE-2024-36905 at NVDCVE-2024-36920 at SUSECVE-2024-36920 at NVDCVE-2024-36927 at SUSECVE-2024-36927 at NVDCVE-2024-36954 at SUSECVE-2024-36954 at NVDCVE-2024-36968 at SUSECVE-2024-36968 at NVDCVE-2024-38576 at SUSECVE-2024-38576 at NVDCVE-2024-38577 at SUSECVE-2024-38577 at NVDCVE-2024-38589 at SUSECVE-2024-38589 at NVDCVE-2024-38599 at SUSECVE-2024-38599 at NVDCVE-2024-40914 at SUSECVE-2024-40914 at NVDCVE-2024-41016 at SUSECVE-2024-41016 at NVDCVE-2024-41023 at SUSECVE-2024-41023 at NVDCVE-2024-41031 at SUSECVE-2024-41031 at NVDCVE-2024-41047 at SUSECVE-2024-41047 at NVDCVE-2024-41082 at SUSECVE-2024-41082 at NVDCVE-2024-42102 at SUSECVE-2024-42102 at NVDCVE-2024-42145 at SUSECVE-2024-42145 at NVDCVE-2024-44932 at SUSECVE-2024-44932 at NVDCVE-2024-44958 at SUSECVE-2024-44958 at NVDCVE-2024-44964 at SUSECVE-2024-44964 at NVDCVE-2024-44995 at SUSECVE-2024-44995 at NVDCVE-2024-45016 at SUSECVE-2024-45016 at NVDCVE-2024-45025 at SUSECVE-2024-45025 at NVDCVE-2024-46678 at SUSECVE-2024-46678 at NVDCVE-2024-46680 at SUSECVE-2024-46680 at NVDCVE-2024-46681 at SUSECVE-2024-46681 at NVDCVE-2024-46721 at SUSECVE-2024-46721 at NVDCVE-2024-46754 at SUSECVE-2024-46754 at NVDCVE-2024-46765 at SUSECVE-2024-46765 at NVDCVE-2024-46766 at SUSECVE-2024-46766 at NVDCVE-2024-46770 at SUSECVE-2024-46770 at NVDCVE-2024-46775 at SUSECVE-2024-46775 at NVDCVE-2024-46777 at SUSECVE-2024-46777 at NVDCVE-2024-46788 at SUSECVE-2024-46788 at NVDCVE-2024-46797 at SUSECVE-2024-46797 at NVDCVE-2024-46800 at SUSECVE-2024-46800 at NVDCVE-2024-46802 at SUSECVE-2024-46802 at NVDCVE-2024-46803 at SUSECVE-2024-46803 at NVDCVE-2024-46804 at SUSECVE-2024-46804 at NVDCVE-2024-46805 at SUSECVE-2024-46805 at NVDCVE-2024-46806 at SUSECVE-2024-46806 at NVDCVE-2024-46807 at SUSECVE-2024-46807 at NVDCVE-2024-46809 at SUSECVE-2024-46809 at NVDCVE-2024-46810 at SUSECVE-2024-46810 at NVDCVE-2024-46811 at SUSECVE-2024-46811 at NVDCVE-2024-46812 at SUSECVE-2024-46812 at NVDCVE-2024-46813 at SUSECVE-2024-46813 at NVDCVE-2024-46814 at SUSECVE-2024-46814 at NVDCVE-2024-46815 at SUSECVE-2024-46815 at NVDCVE-2024-46816 at SUSECVE-2024-46816 at NVDCVE-2024-46817 at SUSECVE-2024-46817 at NVDCVE-2024-46818 at SUSECVE-2024-46818 at NVDCVE-2024-46819 at SUSECVE-2024-46819 at NVDCVE-2024-46821 at SUSECVE-2024-46821 at NVDCVE-2024-46825 at SUSECVE-2024-46825 at NVDCVE-2024-46826 at SUSECVE-2024-46826 at NVDCVE-2024-46827 at SUSECVE-2024-46827 at NVDCVE-2024-46828 at SUSECVE-2024-46828 at NVDCVE-2024-46830 at SUSECVE-2024-46830 at NVDCVE-2024-46831 at SUSECVE-2024-46831 at NVDCVE-2024-46834 at SUSECVE-2024-46834 at NVDCVE-2024-46835 at SUSECVE-2024-46835 at NVDCVE-2024-46836 at SUSECVE-2024-46836 at NVDCVE-2024-46840 at SUSECVE-2024-46840 at NVDCVE-2024-46841 at SUSECVE-2024-46841 at NVDCVE-2024-46842 at SUSECVE-2024-46842 at NVDCVE-2024-46843 at SUSECVE-2024-46843 at NVDCVE-2024-46845 at SUSECVE-2024-46845 at NVDCVE-2024-46846 at SUSECVE-2024-46846 at NVDCVE-2024-46848 at SUSECVE-2024-46848 at NVDCVE-2024-46849 at SUSECVE-2024-46849 at NVDCVE-2024-46851 at SUSECVE-2024-46851 at NVDCVE-2024-46852 at SUSECVE-2024-46852 at NVDCVE-2024-46853 at SUSECVE-2024-46853 at NVDCVE-2024-46854 at SUSECVE-2024-46854 at NVDCVE-2024-46855 at SUSECVE-2024-46855 at NVDCVE-2024-46857 at SUSECVE-2024-46857 at NVDCVE-2024-46859 at SUSECVE-2024-46859 at NVDCVE-2024-46860 at SUSECVE-2024-46860 at NVDCVE-2024-46861 at SUSECVE-2024-46861 at NVDCVE-2024-46864 at SUSECVE-2024-46864 at NVDCVE-2024-46870 at SUSECVE-2024-46870 at NVDCVE-2024-46871 at SUSECVE-2024-46871 at NVDCVE-2024-47658 at SUSECVE-2024-47658 at NVDCVE-2024-47660 at SUSECVE-2024-47660 at NVDCVE-2024-47661 at SUSECVE-2024-47661 at NVDCVE-2024-47662 at SUSECVE-2024-47662 at NVDCVE-2024-47663 at SUSECVE-2024-47663 at NVDCVE-2024-47664 at SUSECVE-2024-47664 at NVDCVE-2024-47665 at SUSECVE-2024-47665 at NVDCVE-2024-47666 at SUSECVE-2024-47666 at NVDCVE-2024-47667 at SUSECVE-2024-47667 at NVDCVE-2024-47668 at SUSECVE-2024-47668 at NVDCVE-2024-47669 at SUSECVE-2024-47669 at NVDCVE-2024-47670 at SUSECVE-2024-47670 at NVDCVE-2024-47671 at SUSECVE-2024-47671 at NVDCVE-2024-47672 at SUSECVE-2024-47672 at NVDCVE-2024-47673 at SUSECVE-2024-47673 at NVDCVE-2024-47674 at SUSECVE-2024-47674 at NVDCVE-2024-47675 at SUSECVE-2024-47675 at NVDCVE-2024-47679 at SUSECVE-2024-47679 at NVDCVE-2024-47681 at SUSECVE-2024-47681 at NVDCVE-2024-47682 at SUSECVE-2024-47682 at NVDCVE-2024-47684 at SUSECVE-2024-47684 at NVDCVE-2024-47685 at SUSECVE-2024-47685 at NVDCVE-2024-47686 at SUSECVE-2024-47686 at NVDCVE-2024-47687 at SUSECVE-2024-47687 at NVDCVE-2024-47688 at SUSECVE-2024-47688 at NVDCVE-2024-47692 at SUSECVE-2024-47692 at NVDCVE-2024-47693 at SUSECVE-2024-47693 at NVDCVE-2024-47695 at SUSECVE-2024-47695 at NVDCVE-2024-47696 at SUSECVE-2024-47696 at NVDCVE-2024-47697 at SUSECVE-2024-47697 at NVDCVE-2024-47698 at SUSECVE-2024-47698 at NVDCVE-2024-47699 at SUSECVE-2024-47699 at NVDCVE-2024-47701 at SUSECVE-2024-47701 at NVDCVE-2024-47702 at SUSECVE-2024-47702 at NVDCVE-2024-47703 at SUSECVE-2024-47703 at NVDCVE-2024-47704 at SUSECVE-2024-47704 at NVDCVE-2024-47705 at SUSECVE-2024-47705 at NVDCVE-2024-47706 at SUSECVE-2024-47706 at NVDCVE-2024-47707 at SUSECVE-2024-47707 at NVDCVE-2024-47709 at SUSECVE-2024-47709 at NVDCVE-2024-47710 at SUSECVE-2024-47710 at NVDCVE-2024-47712 at SUSECVE-2024-47712 at NVDCVE-2024-47713 at SUSECVE-2024-47713 at NVDCVE-2024-47714 at SUSECVE-2024-47714 at NVDCVE-2024-47715 at SUSECVE-2024-47715 at NVDCVE-2024-47718 at SUSECVE-2024-47718 at NVDCVE-2024-47719 at SUSECVE-2024-47719 at NVDCVE-2024-47720 at SUSECVE-2024-47720 at NVDCVE-2024-47723 at SUSECVE-2024-47723 at NVDCVE-2024-47727 at SUSECVE-2024-47727 at NVDCVE-2024-47728 at SUSECVE-2024-47728 at NVDCVE-2024-47730 at SUSECVE-2024-47730 at NVDCVE-2024-47731 at SUSECVE-2024-47731 at NVDCVE-2024-47732 at SUSECVE-2024-47732 at NVDCVE-2024-47735 at SUSECVE-2024-47735 at NVDCVE-2024-47737 at SUSECVE-2024-47737 at NVDCVE-2024-47738 at SUSECVE-2024-47738 at NVDCVE-2024-47739 at SUSECVE-2024-47739 at NVDCVE-2024-47741 at SUSECVE-2024-47741 at NVDCVE-2024-47742 at SUSECVE-2024-47742 at NVDCVE-2024-47743 at SUSECVE-2024-47743 at NVDCVE-2024-47744 at SUSECVE-2024-47744 at NVDCVE-2024-47745 at SUSECVE-2024-47745 at NVDCVE-2024-47747 at SUSECVE-2024-47747 at NVDCVE-2024-47748 at SUSECVE-2024-47748 at NVDCVE-2024-47749 at SUSECVE-2024-47749 at NVDCVE-2024-47750 at SUSECVE-2024-47750 at NVDCVE-2024-47751 at SUSECVE-2024-47751 at NVDCVE-2024-47752 at SUSECVE-2024-47752 at NVDCVE-2024-47753 at SUSECVE-2024-47753 at NVDCVE-2024-47754 at SUSECVE-2024-47754 at NVDCVE-2024-47756 at SUSECVE-2024-47756 at NVDCVE-2024-47757 at SUSECVE-2024-47757 at NVDCVE-2024-49850 at SUSECVE-2024-49850 at NVDCVE-2024-49851 at SUSECVE-2024-49851 at NVDCVE-2024-49852 at SUSECVE-2024-49852 at NVDCVE-2024-49853 at SUSECVE-2024-49853 at NVDCVE-2024-49855 at SUSECVE-2024-49855 at NVDCVE-2024-49858 at SUSECVE-2024-49858 at NVDCVE-2024-49860 at SUSECVE-2024-49860 at NVDCVE-2024-49861 at SUSECVE-2024-49861 at NVDCVE-2024-49862 at SUSECVE-2024-49862 at NVDCVE-2024-49863 at SUSECVE-2024-49863 at NVDCVE-2024-49864 at SUSECVE-2024-49864 at NVDCVE-2024-49866 at SUSECVE-2024-49866 at NVDCVE-2024-49867 at SUSECVE-2024-49867 at NVDCVE-2024-49868 at SUSECVE-2024-49868 at NVDCVE-2024-49870 at SUSECVE-2024-49870 at NVDCVE-2024-49871 at SUSECVE-2024-49871 at NVDCVE-2024-49874 at SUSECVE-2024-49874 at NVDCVE-2024-49875 at SUSECVE-2024-49875 at NVDCVE-2024-49877 at SUSECVE-2024-49877 at NVDCVE-2024-49878 at SUSECVE-2024-49878 at NVDCVE-2024-49879 at SUSECVE-2024-49879 at NVDCVE-2024-49881 at SUSECVE-2024-49881 at NVDCVE-2024-49882 at SUSECVE-2024-49882 at NVDCVE-2024-49883 at SUSECVE-2024-49883 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49886 at SUSECVE-2024-49886 at NVDCVE-2024-49888 at SUSECVE-2024-49888 at NVDCVE-2024-49890 at SUSECVE-2024-49890 at NVDCVE-2024-49891 at SUSECVE-2024-49891 at NVDCVE-2024-49892 at SUSECVE-2024-49892 at NVDCVE-2024-49894 at SUSECVE-2024-49894 at NVDCVE-2024-49895 at SUSECVE-2024-49895 at NVDCVE-2024-49896 at SUSECVE-2024-49896 at NVDCVE-2024-49897 at SUSECVE-2024-49897 at NVDCVE-2024-49898 at SUSECVE-2024-49898 at NVDCVE-2024-49899 at SUSECVE-2024-49899 at NVDCVE-2024-49900 at SUSECVE-2024-49900 at NVDCVE-2024-49901 at SUSECVE-2024-49901 at NVDCVE-2024-49902 at SUSECVE-2024-49902 at NVDCVE-2024-49903 at SUSECVE-2024-49903 at NVDCVE-2024-49905 at SUSECVE-2024-49905 at NVDCVE-2024-49906 at SUSECVE-2024-49906 at NVDCVE-2024-49907 at SUSECVE-2024-49907 at NVDCVE-2024-49908 at SUSECVE-2024-49908 at NVDCVE-2024-49909 at SUSECVE-2024-49909 at NVDCVE-2024-49911 at SUSECVE-2024-49911 at NVDCVE-2024-49912 at SUSECVE-2024-49912 at NVDCVE-2024-49913 at SUSECVE-2024-49913 at NVDCVE-2024-49914 at SUSECVE-2024-49914 at NVDCVE-2024-49917 at SUSECVE-2024-49917 at NVDCVE-2024-49918 at SUSECVE-2024-49918 at NVDCVE-2024-49919 at SUSECVE-2024-49919 at NVDCVE-2024-49920 at SUSECVE-2024-49920 at NVDCVE-2024-49921 at SUSECVE-2024-49921 at NVDCVE-2024-49922 at SUSECVE-2024-49922 at NVDCVE-2024-49923 at SUSECVE-2024-49923 at NVDCVE-2024-49925 at SUSECVE-2024-49925 at NVDCVE-2024-49928 at SUSECVE-2024-49928 at NVDCVE-2024-49929 at SUSECVE-2024-49929 at NVDCVE-2024-49930 at SUSECVE-2024-49930 at NVDCVE-2024-49931 at SUSECVE-2024-49931 at NVDCVE-2024-49933 at SUSECVE-2024-49933 at NVDCVE-2024-49934 at SUSECVE-2024-49934 at NVDCVE-2024-49935 at SUSECVE-2024-49935 at NVDCVE-2024-49936 at SUSECVE-2024-49936 at NVDCVE-2024-49937 at SUSECVE-2024-49937 at NVDCVE-2024-49938 at SUSECVE-2024-49938 at NVDCVE-2024-49939 at SUSECVE-2024-49939 at NVDCVE-2024-49944 at SUSECVE-2024-49944 at NVDCVE-2024-49945 at SUSECVE-2024-49945 at NVDCVE-2024-49946 at SUSECVE-2024-49946 at NVDCVE-2024-49947 at SUSECVE-2024-49947 at NVDCVE-2024-49949 at SUSECVE-2024-49949 at NVDCVE-2024-49950 at SUSECVE-2024-49950 at NVDCVE-2024-49952 at SUSECVE-2024-49952 at NVDCVE-2024-49953 at SUSECVE-2024-49953 at NVDCVE-2024-49954 at SUSECVE-2024-49954 at NVDCVE-2024-49955 at SUSECVE-2024-49955 at NVDCVE-2024-49957 at SUSECVE-2024-49957 at NVDCVE-2024-49958 at SUSECVE-2024-49958 at NVDCVE-2024-49959 at SUSECVE-2024-49959 at NVDCVE-2024-49960 at SUSECVE-2024-49960 at NVDCVE-2024-49961 at SUSECVE-2024-49961 at NVDCVE-2024-49962 at SUSECVE-2024-49962 at NVDCVE-2024-49963 at SUSECVE-2024-49963 at NVDCVE-2024-49965 at SUSECVE-2024-49965 at NVDCVE-2024-49966 at SUSECVE-2024-49966 at NVDCVE-2024-49967 at SUSECVE-2024-49967 at NVDCVE-2024-49968 at SUSECVE-2024-49968 at NVDCVE-2024-49969 at SUSECVE-2024-49969 at NVDCVE-2024-49972 at SUSECVE-2024-49972 at NVDCVE-2024-49973 at SUSECVE-2024-49973 at NVDCVE-2024-49974 at SUSECVE-2024-49974 at NVDCVE-2024-49975 at SUSECVE-2024-49975 at NVDCVE-2024-49976 at SUSECVE-2024-49976 at NVDCVE-2024-49981 at SUSECVE-2024-49981 at NVDCVE-2024-49982 at SUSECVE-2024-49982 at NVDCVE-2024-49983 at SUSECVE-2024-49983 at NVDCVE-2024-49985 at SUSECVE-2024-49985 at NVDCVE-2024-49986 at SUSECVE-2024-49986 at NVDCVE-2024-49987 at SUSECVE-2024-49987 at NVDCVE-2024-49989 at SUSECVE-2024-49989 at NVDCVE-2024-49991 at SUSECVE-2024-49991 at NVDCVE-2024-49993 at SUSECVE-2024-49993 at NVDCVE-2024-49995 at SUSECVE-2024-49995 at NVDCVE-2024-49996 at SUSECVE-2024-49996 at NVDCVE-2024-50000 at SUSECVE-2024-50000 at NVDCVE-2024-50001 at SUSECVE-2024-50001 at NVDCVE-2024-50002 at SUSECVE-2024-50002 at NVDCVE-2024-50003 at SUSECVE-2024-50003 at NVDCVE-2024-50004 at SUSECVE-2024-50004 at NVDCVE-2024-50006 at SUSECVE-2024-50006 at NVDCVE-2024-50007 at SUSECVE-2024-50007 at NVDCVE-2024-50008 at SUSECVE-2024-50008 at NVDCVE-2024-50009 at SUSECVE-2024-50009 at NVDCVE-2024-50012 at SUSECVE-2024-50012 at NVDCVE-2024-50013 at SUSECVE-2024-50013 at NVDCVE-2024-50014 at SUSECVE-2024-50014 at NVDCVE-2024-50015 at SUSECVE-2024-50015 at NVDCVE-2024-50017 at SUSECVE-2024-50017 at NVDCVE-2024-50019 at SUSECVE-2024-50019 at NVDCVE-2024-50020 at SUSECVE-2024-50020 at NVDCVE-2024-50021 at SUSECVE-2024-50021 at NVDCVE-2024-50022 at SUSECVE-2024-50022 at NVDCVE-2024-50023 at SUSECVE-2024-50023 at NVDCVE-2024-50024 at SUSECVE-2024-50024 at NVDCVE-2024-50025 at SUSECVE-2024-50025 at NVDCVE-2024-50026 at SUSECVE-2024-50026 at NVDCVE-2024-50027 at SUSECVE-2024-50027 at NVDCVE-2024-50028 at SUSECVE-2024-50028 at NVDCVE-2024-50031 at SUSECVE-2024-50031 at NVDCVE-2024-50033 at SUSECVE-2024-50033 at NVDCVE-2024-50035 at SUSECVE-2024-50035 at NVDCVE-2024-50040 at SUSECVE-2024-50040 at NVDCVE-2024-50041 at SUSECVE-2024-50041 at NVDCVE-2024-50042 at SUSECVE-2024-50042 at NVDCVE-2024-50044 at SUSECVE-2024-50044 at NVDCVE-2024-50045 at SUSECVE-2024-50045 at NVDCVE-2024-50046 at SUSECVE-2024-50046 at NVDCVE-2024-50047 at SUSECVE-2024-50047 at NVDCVE-2024-50048 at SUSECVE-2024-50048 at NVDCVE-2024-50049 at SUSECVE-2024-50049 at NVDCVE-2024-50055 at SUSECVE-2024-50055 at NVDCVE-2024-50058 at SUSECVE-2024-50058 at NVDCVE-2024-50059 at SUSECVE-2024-50059 at NVDCVE-2024-50060 at SUSECVE-2024-50060 at NVDCVE-2024-50061 at SUSECVE-2024-50061 at NVDCVE-2024-50062 at SUSECVE-2024-50062 at NVDCVE-2024-50063 at SUSECVE-2024-50063 at NVDCVE-2024-50064 at SUSECVE-2024-50064 at NVDCVE-2024-50067 at SUSECVE-2024-50067 at NVDCVE-2024-50069 at SUSECVE-2024-50069 at NVDCVE-2024-50073 at SUSECVE-2024-50073 at NVDCVE-2024-50074 at SUSECVE-2024-50074 at NVDCVE-2024-50075 at SUSECVE-2024-50075 at NVDCVE-2024-50076 at SUSECVE-2024-50076 at NVDCVE-2024-50077 at SUSECVE-2024-50077 at NVDCVE-2024-50078 at SUSECVE-2024-50078 at NVDCVE-2024-50080 at SUSECVE-2024-50080 at NVDCVE-2024-50081 at SUSECVE-2024-50081 at NVDCVE-2024-50082 at SUSECVE-2024-50082 at NVDCVE-2024-50084 at SUSECVE-2024-50084 at NVDCVE-2024-50087 at SUSECVE-2024-50087 at NVDCVE-2024-50088 at SUSECVE-2024-50088 at NVDCVE-2024-50089 at SUSECVE-2024-50089 at NVDCVE-2024-50093 at SUSECVE-2024-50093 at NVDCVE-2024-50095 at SUSECVE-2024-50095 at NVDCVE-2024-50096 at SUSECVE-2024-50096 at NVDCVE-2024-50098 at SUSECVE-2024-50098 at NVDCVE-2024-50099 at SUSECVE-2024-50099 at NVDCVE-2024-50100 at SUSECVE-2024-50100 at NVDCVE-2024-50101 at SUSECVE-2024-50101 at NVDCVE-2024-50102 at SUSECVE-2024-50102 at NVDCVE-2024-50103 at SUSECVE-2024-50103 at NVDCVE-2024-50108 at SUSECVE-2024-50108 at NVDCVE-2024-50110 at SUSECVE-2024-50110 at NVDCVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-50116 at SUSECVE-2024-50116 at NVDCVE-2024-50117 at SUSECVE-2024-50117 at NVDCVE-2024-50121 at SUSECVE-2024-50121 at NVDCVE-2024-50124 at SUSECVE-2024-50124 at NVDCVE-2024-50125 at SUSECVE-2024-50125 at NVDCVE-2024-50127 at SUSECVE-2024-50127 at NVDCVE-2024-50128 at SUSECVE-2024-50128 at NVDCVE-2024-50130 at SUSECVE-2024-50130 at NVDCVE-2024-50131 at SUSECVE-2024-50131 at NVDCVE-2024-50134 at SUSECVE-2024-50134 at NVDCVE-2024-50135 at SUSECVE-2024-50135 at NVDCVE-2024-50136 at SUSECVE-2024-50136 at NVDCVE-2024-50138 at SUSECVE-2024-50138 at NVDCVE-2024-50139 at SUSECVE-2024-50139 at NVDCVE-2024-50141 at SUSECVE-2024-50141 at NVDCVE-2024-50145 at SUSECVE-2024-50145 at NVDCVE-2024-50146 at SUSECVE-2024-50146 at NVDCVE-2024-50147 at SUSECVE-2024-50147 at NVDCVE-2024-50148 at SUSECVE-2024-50148 at NVDCVE-2024-50150 at SUSECVE-2024-50150 at NVDCVE-2024-50153 at SUSECVE-2024-50153 at NVDCVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-50155 at SUSECVE-2024-50155 at NVDCVE-2024-50156 at SUSECVE-2024-50156 at NVDCVE-2024-50157 at SUSECVE-2024-50157 at NVDCVE-2024-50158 at SUSECVE-2024-50158 at NVDCVE-2024-50159 at SUSECVE-2024-50159 at NVDCVE-2024-50160 at SUSECVE-2024-50160 at NVDCVE-2024-50166 at SUSECVE-2024-50166 at NVDCVE-2024-50167 at SUSECVE-2024-50167 at NVDCVE-2024-50169 at SUSECVE-2024-50169 at NVDCVE-2024-50171 at SUSECVE-2024-50171 at NVDCVE-2024-50172 at SUSECVE-2024-50172 at NVDCVE-2024-50175 at SUSECVE-2024-50175 at NVDCVE-2024-50176 at SUSECVE-2024-50176 at NVDCVE-2024-50177 at SUSECVE-2024-50177 at NVDCVE-2024-50179 at SUSECVE-2024-50179 at NVDCVE-2024-50180 at SUSECVE-2024-50180 at NVDCVE-2024-50181 at SUSECVE-2024-50181 at NVDCVE-2024-50182 at SUSECVE-2024-50182 at NVDCVE-2024-50183 at SUSECVE-2024-50183 at NVDCVE-2024-50184 at SUSECVE-2024-50184 at NVDCVE-2024-50186 at SUSECVE-2024-50186 at NVDCVE-2024-50187 at SUSECVE-2024-50187 at NVDCVE-2024-50188 at SUSECVE-2024-50188 at NVDCVE-2024-50189 at SUSECVE-2024-50189 at NVDCVE-2024-50192 at SUSECVE-2024-50192 at NVDCVE-2024-50194 at SUSECVE-2024-50194 at NVDCVE-2024-50195 at SUSECVE-2024-50195 at NVDCVE-2024-50196 at SUSECVE-2024-50196 at NVDCVE-2024-50198 at SUSECVE-2024-50198 at NVDCVE-2024-50200 at SUSECVE-2024-50200 at NVDCVE-2024-50201 at SUSECVE-2024-50201 at NVDCVE-2024-50205 at SUSECVE-2024-50205 at NVDCVE-2024-50208 at SUSECVE-2024-50208 at NVDCVE-2024-50209 at SUSECVE-2024-50209 at NVDCVE-2024-50210 at SUSECVE-2024-50210 at NVDCVE-2024-50215 at SUSECVE-2024-50215 at NVDCVE-2024-50216 at SUSECVE-2024-50216 at NVDCVE-2024-50218 at SUSECVE-2024-50218 at NVDCVE-2024-50221 at SUSECVE-2024-50221 at NVDCVE-2024-50224 at SUSECVE-2024-50224 at NVDCVE-2024-50225 at SUSECVE-2024-50225 at NVDCVE-2024-50228 at SUSECVE-2024-50228 at NVDCVE-2024-50229 at SUSECVE-2024-50229 at NVDCVE-2024-50230 at SUSECVE-2024-50230 at NVDCVE-2024-50231 at SUSECVE-2024-50231 at NVDCVE-2024-50232 at SUSECVE-2024-50232 at NVDCVE-2024-50233 at SUSECVE-2024-50233 at NVDCVE-2024-50234 at SUSECVE-2024-50234 at NVDCVE-2024-50235 at SUSECVE-2024-50235 at NVDCVE-2024-50236 at SUSECVE-2024-50236 at NVDCVE-2024-50237 at SUSECVE-2024-50237 at NVDCVE-2024-50240 at SUSECVE-2024-50240 at NVDCVE-2024-50245 at SUSECVE-2024-50245 at NVDCVE-2024-50246 at SUSECVE-2024-50246 at NVDCVE-2024-50248 at SUSECVE-2024-50248 at NVDCVE-2024-50249 at SUSECVE-2024-50249 at NVDCVE-2024-50250 at SUSECVE-2024-50250 at NVDCVE-2024-50252 at SUSECVE-2024-50252 at NVDCVE-2024-50255 at SUSECVE-2024-50255 at NVDCVE-2024-50257 at SUSECVE-2024-50257 at NVDCVE-2024-50261 at SUSECVE-2024-50261 at NVDCVE-2024-50264 at SUSECVE-2024-50264 at NVDCVE-2024-50265 at SUSECVE-2024-50265 at NVDCVE-2024-50267 at SUSECVE-2024-50267 at NVDCVE-2024-50268 at SUSECVE-2024-50268 at NVDCVE-2024-50269 at SUSECVE-2024-50269 at NVDCVE-2024-50271 at SUSECVE-2024-50271 at NVDCVE-2024-50273 at SUSECVE-2024-50273 at NVDCVE-2024-50274 at SUSECVE-2024-50274 at NVDCVE-2024-50275 at SUSECVE-2024-50275 at NVDCVE-2024-50276 at SUSECVE-2024-50276 at NVDCVE-2024-50279 at SUSECVE-2024-50279 at NVDCVE-2024-50282 at SUSECVE-2024-50282 at NVDCVE-2024-50287 at SUSECVE-2024-50287 at NVDCVE-2024-50289 at SUSECVE-2024-50289 at NVDCVE-2024-50290 at SUSECVE-2024-50290 at NVDCVE-2024-50292 at SUSECVE-2024-50292 at NVDCVE-2024-50295 at SUSECVE-2024-50295 at NVDCVE-2024-50296 at SUSECVE-2024-50296 at NVDCVE-2024-50298 at SUSECVE-2024-50298 at NVDCVE-2024-50301 at SUSECVE-2024-50301 at NVDCVE-2024-50302 at SUSECVE-2024-50302 at NVDCVE-2024-53042 at SUSECVE-2024-53042 at NVDCVE-2024-53043 at SUSECVE-2024-53043 at NVDCVE-2024-53045 at SUSECVE-2024-53045 at NVDCVE-2024-53048 at SUSECVE-2024-53048 at NVDCVE-2024-53051 at SUSECVE-2024-53051 at NVDCVE-2024-53052 at SUSECVE-2024-53052 at NVDCVE-2024-53055 at SUSECVE-2024-53055 at NVDCVE-2024-53056 at SUSECVE-2024-53056 at NVDCVE-2024-53058 at SUSECVE-2024-53058 at NVDCVE-2024-53059 at SUSECVE-2024-53059 at NVDCVE-2024-53060 at SUSECVE-2024-53060 at NVDCVE-2024-53061 at SUSECVE-2024-53061 at NVDCVE-2024-53063 at SUSECVE-2024-53063 at NVDCVE-2024-53066 at SUSECVE-2024-53066 at NVDCVE-2024-53068 at SUSECVE-2024-53068 at NVDCVE-2024-53072 at SUSECVE-2024-53072 at NVDCVE-2024-53074 at SUSECVE-2024-53074 at NVDCVE-2024-53076 at SUSECVE-2024-53076 at NVDCVE-2024-53079 at SUSECVE-2024-53079 at NVDCVE-2024-53081 at SUSECVE-2024-53081 at NVDCVE-2024-53082 at SUSECVE-2024-53082 at NVDCVE-2024-53085 at SUSECVE-2024-53085 at NVDCVE-2024-53088 at SUSECVE-2024-53088 at NVDCVE-2024-53093 at SUSECVE-2024-53093 at NVDCVE-2024-53094 at SUSECVE-2024-53094 at NVDCVE-2024-53095 at SUSECVE-2024-53095 at NVDCVE-2024-53096 at SUSECVE-2024-53096 at NVDCVE-2024-53100 at SUSECVE-2024-53100 at NVDCVE-2024-53101 at SUSECVE-2024-53101 at NVDCVE-2024-53104 at SUSECVE-2024-53104 at NVDCVE-2024-53106 at SUSECVE-2024-53106 at NVDCVE-2024-53108 at SUSECVE-2024-53108 at NVDCVE-2024-53110 at SUSECVE-2024-53110 at NVDCVE-2024-53112 at SUSECVE-2024-53112 at NVDCVE-2024-53114 at SUSECVE-2024-53114 at NVDCVE-2024-53121 at SUSECVE-2024-53121 at NVDCVE-2024-53138 at SUSECVE-2024-53138 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-53237: Fixed bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008)
- CVE-2024-56650: Fixed netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431)
ModerateSUSE bug 1235008SUSE bug 1235431CVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_11 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_11 fixes the following issues:
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38678: nf_tables: reject duplicate device on updates (bsc#1249534)
ImportantSUSE bug 1248631SUSE bug 1249534CVE-2025-38664 at SUSECVE-2025-38664 at NVDCVE-2025-38678 at SUSECVE-2025-38678 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1246019)
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631)
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207)
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208)
ImportantSUSE bug 1246019SUSE bug 1248631SUSE bug 1249207SUSE bug 1249208CVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38618 at SUSECVE-2025-38618 at NVDCVE-2025-38664 at SUSECVE-2025-38664 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
- CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
- CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).
- CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (bsc#1248630).
- CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
- CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (bsc#1249182).
- CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
- CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
- CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
- CVE-2025-39683: tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286).
- CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).
- CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
- CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
- CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).
- CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
- CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).
- CVE-2025-39828: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control() (bsc#1250205).
- CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
- CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
- CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
- CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
- CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).
- CVE-2025-39898: e1000e: fix heap overflow in e1000_set_eeprom (bsc#1250742).
- CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
- CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
- CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
- CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
- CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
- CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
- CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
- CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
- CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
- CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).
- CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
- CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).
- CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
- CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
- CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774).
- CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree (bsc#1252918).
The following non-security bugs were fixed:
- ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path (stable-fixes).
- ACPI: battery: Add synchronization between interface updates (git-fixes).
- ACPI: battery: Check for error code from devm_mutex_init() call (git-fixes).
- ACPI: battery: allocate driver data through devm_ APIs (stable-fixes).
- ACPI: battery: initialize mutexes through devm_ APIs (stable-fixes).
- ACPI: button: Call input_free_device() on failing input device registration (git-fixes).
- ACPI: property: Add code comments explaining what is going on (stable-fixes).
- ACPI: property: Disregard references in data-only subnode lists (stable-fixes).
- ACPI: property: Do not pass NULL handles to acpi_attach_data() (stable-fixes git-fixes).
- ACPI: video: Fix use-after-free in acpi_video_switch_brightness() (git-fixes).
- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).
- ACPICA: Allow to skip Global Lock initialization (stable-fixes).
- ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings (git-fixes).
- ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card (git-fixes).
- ALSA: usb-audio: fix control pipe direction (git-fixes).
- ASoC: Intel: avs: Unprepare a stream when XRUN occurs (git-fixes).
- ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines tear down (git-fixes).
- ASoC: SOF: ipc4-topology: Correct the minimum host DMA buffer size (git-fixes).
- ASoC: amd: acp: Adjust pdm gain value (stable-fixes).
- ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec (git-fixes).
- ASoC: fsl_sai: fix bit order for DSD format (git-fixes).
- ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit (git-fixes).
- ASoC: nau8821: Cancel jdet_work before handling jack ejection (git-fixes).
- ASoC: nau8821: Generalize helper to clear IRQ status (git-fixes).
- ASoC: qdsp6: q6asm: do not sleep while atomic (git-fixes).
- ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue (stable-fixes).
- Bluetooth: btmtksdio: Add pmctrl handling for BT closed state during reset (git-fixes).
- Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 (stable-fixes).
- Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once (git-fixes).
- HID: hid-input: only ignore 0 battery events for digitizers (git-fixes).
- HID: multitouch: fix name of Stylus input devices (git-fixes).
- Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (git-fixes).
- KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).
- KVM: SEV: Read save fields from GHCB exactly once (git-fixes).
- KVM: SEV: Rename kvm_ghcb_get_sw_exit_code() to kvm_get_cached_sw_exit_code() (git-fixes).
- KVM: SEV: Validate XCR0 provided by guest in GHCB (git-fixes).
- KVM: SVM: Inject #GP if memory operand for INVPCID is non-canonical (git-fixes).
- KVM: SVM: Pass through GHCB MSR if and only if VM is an SEV-ES guest (git-fixes).
- KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow (git-fixes).
- KVM: x86/mmu: Prevent installing hugepages when mem attributes are changing (git-fixes).
- KVM: x86: Bypass register cache when querying CPL from kvm_sched_out() (git-fixes).
- KVM: x86: Clear pv_unhalted on all transitions to KVM_MP_STATE_RUNNABLE (git-fixes).
- KVM: x86: Do not bleed PVCLOCK_GUEST_STOPPED across PV clocks (git-fixes).
- KVM: x86: Do not inject PV async #PF if SEND_ALWAYS=0 and guest state is protected (git-fixes).
- KVM: x86: Introduce kvm_set_mp_state() (git-fixes).
- KVM: x86: Introduce kvm_x86_call() to simplify static calls of kvm_x86_ops (git-fixes).
- KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes).
- KVM: x86: Process "guest stopped request" once per guest time update (git-fixes).
- KVM: x86: Replace static_call_cond() with static_call() (git-fixes).
- KVM: x86: Set PVCLOCK_GUEST_STOPPED only for kvmclock, not for Xen PV clock (git-fixes).
- KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs (git-fixes).
- KVM: x86: Snapshot the host's DEBUGCTL in common x86 (git-fixes).
- KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer (git-fixes).
- NFSD: Define a proc_layoutcommit for the FlexFiles layout type (git-fixes).
- NFSD: Fix crash in nfsd4_read_release() (git-fixes).
- NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul() (git-fixes).
- NFSD: Minor cleanup in layoutcommit processing (git-fixes).
- NFSD: Rework encoding and decoding of nfsd4_deviceid (git-fixes).
- PCI/AER: Support errors introduced by PCIe r6.0 (stable-fixes).
- PCI: Add PCI_VDEVICE_SUB helper macro (stable-fixes).
- PCI: endpoint: Remove surplus return statement from pci_epf_test_clean_dma_chan() (stable-fixes).
- PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release (git-fixes).
- PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists (stable-fixes).
- PCI: j721e: Fix programming sequence of "strap" settings (git-fixes).
- PM: runtime: Add new devm functions (stable-fixes).
- Revert "KVM: VMX: Move LOAD_IA32_PERF_GLOBAL_CTRL errata handling out of setup_vmcs_config()" (git-fixes).
- USB: serial: option: add SIMCom 8230C compositions (git-fixes).
- USB: serial: option: add SIMCom 8230C compositions (stable-fixes).
- accel/ivpu: Add missing MODULE_FIRMWARE metadata (git-fixes).
- accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() (git-fixes).
- add bug reference to existing hv_netvsc change (bsc#1252265)
- arm64, mm: avoid always making PTE dirty in pte_mkwrite() (git-fixes)
- arm64: cputype: Add Neoverse-V3AE definitions (git-fixes)
- arm64: errata: Apply workarounds for Neoverse-V3AE (git-fixes)
- arm64: mte: Do not flag the zero page as PG_mte_tagged (git-fixes)
- bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364).
- bpf: Avoid RCU context warning when unpinning htab with internal structs (git-fixes).
- bpf: Check link_create.flags parameter for multi_kprobe (git-fixes).
- bpf: Check link_create.flags parameter for multi_uprobe (git-fixes).
- bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} (git-fixes).
- bpf: Use preempt_count() directly in bpf_send_signal_common() (git-fixes).
- btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (git-fixes).
- btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running (git-fixes).
- btrfs: fix the incorrect max_bytes value for find_lock_delalloc_range() (git-fixes).
- can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() (git-fixes).
- can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled (stable-fixes).
- can: netlink: can_changelink(): allow disabling of automatic restart (git-fixes).
- can: rcar_canfd: Fix controller mode setting (stable-fixes).
- clk: at91: peripheral: fix return value (git-fixes).
- clk: mediatek: clk-mux: Do not pass flags to clk_mux_determine_rate_flags() (git-fixes).
- clk: mediatek: mt8195-infra_ao: Fix parent for infra_ao_hdmi_26m (git-fixes).
- clk: tegra: do not overallocate memory for bpmp clocks (git-fixes).
- cpufreq: CPPC: fix perf_to_khz/khz_to_perf conversion exception (git-fixes).
- cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() (stable-fixes git-fixes).
- cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes).
- cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus() (git-fixes).
- cpufreq: scmi: Skip SCMI devices that are not used by the CPUs (stable-fixes).
- cpufreq: tegra186: Set target frequency for all cpus in policy (git-fixes).
- cpuidle: governors: menu: Avoid using invalid recent intervals data (git-fixes).
- cpuidle: menu: Avoid discarding useful information (stable-fixes).
- cpuidle: qcom-spm: fix device and OF node leaks at probe (git-fixes).
- crypto: essiv - Check ssize for decryption and in-place encryption (git-fixes).
- crypto: rng - Ensure set_ent is always present (git-fixes).
- driver core/PM: Set power.no_callbacks along with power.no_pm (stable-fixes).
- drivers/perf: arm_spe: Use perf_allow_kernel() for permissions (git-fixes).
- drm/amd/display: Add missing DCE6 SCL_HORZ_FILTER_INIT* SRIs (git-fixes).
- drm/amd/display: Disable scaling on DCE6 for now (git-fixes).
- drm/amd/display: Properly clear SCL_*_FILTER_CONTROL on DCE6 (git-fixes).
- drm/amd/display: Properly disable scaling on DCE6 (git-fixes).
- drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Fiji (git-fixes).
- drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Iceland (git-fixes).
- drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).
- drm/amd/powerplay: Fix CIK shutdown temperature (git-fixes).
- drm/amd: Check whether secure display TA loaded successfully (stable-fixes).
- drm/amdgpu: Add additional DCE6 SCL registers (git-fixes).
- drm/amdgpu: use atomic functions with memory barriers for vm fault info (git-fixes).
- drm/bridge: lt9211: Drop check for last nibble of version register (git-fixes).
- drm/etnaviv: fix flush sequence logic (git-fixes).
- drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions (stable-fixes).
- drm/exynos: exynos7_drm_decon: properly clear channels during bind (stable-fixes).
- drm/i915/guc: Skip communication warning on reset in progress (git-fixes).
- drm/mediatek: Fix device use-after-free on unbind (git-fixes).
- drm/msm/a6xx: Fix GMU firmware parser (git-fixes).
- drm/msm/adreno: De-spaghettify the use of memory barriers (stable-fixes).
- drm/msm/dpu: Fix pixel extension sub-sampling (git-fixes).
- drm/nouveau: fix bad ret code in nouveau_bo_move_prep (git-fixes).
- drm/panel: kingdisplay-kd097d04: Disable EoTp (git-fixes).
- drm/panel: sitronix-st7789v: fix sync flags for t28cp45tn89 (git-fixes).
- drm/rockchip: vop2: use correct destination rectangle height check (git-fixes).
- drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (git-fixes).
- drm/vmwgfx: Fix Use-after-free in validation (git-fixes).
- drm/vmwgfx: Fix a null-ptr access in the cursor snooper (git-fixes).
- drm/vmwgfx: Fix copy-paste typo in validation (git-fixes).
- ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (git-fixes).
- ext4: check fast symlink for ea_inode correctly (git-fixes).
- ext4: do not convert the unwritten extents if data writeback fails (git-fixes).
- ext4: do not try to clear the orphan_present feature block device is r/o (git-fixes).
- ext4: ensure i_size is smaller than maxbytes (git-fixes).
- ext4: factor out ext4_get_maxbytes() (git-fixes).
- ext4: fix calculation of credits for extent tree modification (git-fixes).
- ext4: fix checks for orphan inodes (bsc#1250119).
- ext4: fix fsmap end of range reporting with bigalloc (git-fixes).
- ext4: fix hole length calculation overflow in non-extent inodes (git-fixes).
- ext4: fix largest free orders lists corruption on mb_optimize_scan switch (git-fixes).
- ext4: fix reserved gdt blocks handling in fsmap (git-fixes).
- ext4: fix zombie groups in average fragment size lists (git-fixes).
- ext4: preserve SB_I_VERSION on remount (git-fixes).
- ext4: reorder capability check last (git-fixes).
- fbdev: Fix logic error in "offb" name match (git-fixes).
- fbdev: atyfb: Check if pll_ops->init_pll failed (git-fixes).
- fbdev: valkyriefb: Fix reference count leak in valkyriefb_init (git-fixes).
- firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode (git-fixes).
- fs: udf: fix OOB read in lengthAllocDescs handling (git-fixes).
- ftrace: fix incorrect hash size in register_ftrace_direct() (git-fixes).
- gpio: wcd934x: mark the GPIO controller as sleeping (git-fixes).
- hfs: validate record offset in hfsplus_bmap_alloc (git-fixes).
- hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() (git-fixes).
- hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() (git-fixes).
- hid: fix I2C read buffer overflow in raw_event() for mcp2221 (stable-fixes).
- i2c: ocores: use devm_ managed clks (git-fixes).
- iomap: Fix iomap_adjust_read_range for plen calculation (git-fixes).
- iomap: handle a post-direct I/O invalidate race in iomap_write_delalloc_release (git-fixes).
- iommu/vt-d: Disallow dirty tracking if incoherent page walk (git-fixes).
- iommu/vt-d: PRS isn't usable if PDS isn't supported (git-fixes).
- isofs: Verify inode mode when loading from disk (git-fixes).
- jbd2: do not try to recover wiped journal (git-fixes).
- kABI fix for KVM: x86: Snapshot the host's DEBUGCTL in common x86 (git-fixes).
- kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
- kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930).
- lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older (stable-fixes).
- locking/mutex: Introduce devm_mutex_init() (stable-fixes).
- locking/mutex: Mark devm_mutex_init() as __must_check (stable-fixes).
- mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop (git-fixes).
- mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes (git-fixes).
- mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call (git-fixes).
- media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe (git-fixes).
- media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() (stable-fixes).
- media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c) (git-fixes).
- media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes).
- media: tunner: xc5000: Refactor firmware load (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag (git-fixes).
- misc: fastrpc: Add missing dev_err newlines (stable-fixes).
- misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup (git-fixes).
- misc: fastrpc: Fix fastrpc_map_lookup operation (git-fixes).
- misc: fastrpc: Save actual DMA size in fastrpc_map structure (git-fixes).
- misc: fastrpc: Skip reference for DMA handles (git-fixes).
- misc: fastrpc: fix possible map leak in fastrpc_put_args (git-fixes).
- mmc: core: SPI mode remove cmd7 (stable-fixes).
- module: Prevent silent truncation of module name in delete_module(2) (git-fixes).
- most: usb: Fix use-after-free in hdm_disconnect (git-fixes).
- most: usb: hdm_probe: Fix calling put_device() before device initialization (git-fixes).
- mtd: rawnand: fsmc: Default to autodetect buswidth (stable-fixes).
- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
- net: phy: dp83869: fix STRAP_OPMODE bitmask (git-fixes).
- net: sysfs: Fix /sys/class/net/<iface> path (git-fixes).
- net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock (git-fixes).
- net: usb: asix_devices: Check return value of usbnet_get_endpoints (git-fixes).
- net: usb: lan78xx: Add error handling to lan78xx_init_mac_address (git-fixes).
- net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset (git-fixes).
- net: usb: rtl8150: Fix frame padding (git-fixes).
- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
- nfsd: nfserr_jukebox in nlm_fopen should lead to a retry (git-fixes).
- nvme-multipath: Skip nr_active increments in RETRY disposition (git-fixes).
- nvme-pci: Add TUXEDO IBS Gen8 to Samsung sleep quirk (git-fixes).
- nvme/tcp: handle tls partially sent records in write_space() (git-fixes).
- overlayfs: set ctime when setting mtime and atime (stable-fixes).
- ovl: Always reevaluate the file signature for IMA (stable-fixes).
- ovl: fix file reference leak when submitting aio (stable-fixes).
- ovl: fix incorrect fdput() on aio completion (stable-fixes).
- perf/amd/ibs: Fix ->config to sample period calculation for OP PMU (git-fixes).
- perf/amd/ibs: Fix perf_ibs_op.cnt_mask for CurCnt (git-fixes).
- perf/amd: Prevent grouping of IBS events (git-fixes).
- perf/aux: Fix pending disable flow when the AUX ring buffer overruns (git-fixes).
- perf/bpf: Robustify perf_event_free_bpf_prog() (git-fixes).
- perf/core: Fix WARN in perf_cgroup_switch() (git-fixes).
- perf/core: Fix broken throttling when max_samples_per_tick=1 (git-fixes).
- perf/core: Fix child_total_time_enabled accounting bug at task exit (git-fixes).
- perf/core: Fix low freq setting via IOC_PERIOD (git-fixes).
- perf/core: Fix pmus_lock vs. pmus_srcu ordering (git-fixes).
- perf/core: Fix small negative period being ignored (git-fixes).
- perf/core: Fix the WARN_ON_ONCE is out of lock protected region (git-fixes).
- perf/hw_breakpoint: Return EOPNOTSUPP for unsupported breakpoint type (git-fixes).
- perf/ring_buffer: Allow the EPOLLRDNORM flag for poll (git-fixes).
- perf/x86/amd: Warn only on new bits set (git-fixes).
- perf/x86/intel/ds: Unconditionally drain PEBS DS when changing PEBS_DATA_CFG (git-fixes).
- perf/x86/intel/pt: Fix sampling synchronization (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on ICX (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SPR (git-fixes).
- perf/x86/intel: Allow to setup LBR for counting event for BPF (git-fixes).
- perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).
- perf/x86/intel: Apply static call for drain_pebs (git-fixes).
- perf/x86/intel: Avoid disable PMU if !cpuc->enabled in sample read (git-fixes).
- perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes).
- perf/x86/intel: Only check the group flag for X86 leader (git-fixes).
- perf/x86/intel: Use better start period for frequency mode (git-fixes).
- perf/x86: Fix low freqency setting issue (git-fixes).
- perf/x86: Fix non-sampling (counting) events on certain x86 platforms (git-fixes).
- perf: Ensure bpf_perf_link path is properly serialized (git-fixes).
- perf: Extract a few helpers (git-fixes).
- perf: Fix cgroup state vs ERROR (git-fixes).
- phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling (git-fixes).
- phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
- phy: cdns-dphy: Store hs_clk_rate and return it (stable-fixes).
- platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list (stable-fixes).
- platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list (stable-fixes).
- powerpc/boot: Fix build with gcc 15 (bsc#1215199).
- powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
- powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
- powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
- powerpc: export MIN RMA size (bsc#1236743 ltc#211409).
- powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
- powerpc: increase MIN RMA size for CAS negotiation (bsc#1236743 ltc#211409 bsc#1252269 ltc#215957).
- proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
- proc: fix type confusion in pde_set_flags() (bsc#1248630)
- r8152: add error handling in rtl8152_driver_init (git-fixes).
- r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H (git-fixes).
- regmap: slimbus: fix bus_context pointer in regmap init calls (git-fixes).
- regulator: bd718x7: Fix voltages scaled by resistor divider (git-fixes).
- rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946).
- rtc: interface: Ensure alarm irq is enabled when UIE is enabled (stable-fixes).
- rtc: interface: Fix long-standing race when setting alarm (stable-fixes).
- rtc: optee: fix memory leak on driver removal (git-fixes).
- rtc: x1205: Fix Xicor X1205 vendor prefix (git-fixes).
- s390: Initialize psw mask in perf_arch_fetch_caller_regs() (git-fixes).
- samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora (git-fixes).
- sched/fair: set_load_weight() must also call reweight_task() (git-fixes)
- sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517).
- selftests/bpf: Add test for unpinning htab with internal timer struct (git-fixes).
- selftests/bpf: Fix C++ compile error from missing _Bool type (git-fixes).
- selftests/bpf: Fix a fd leak in error paths in open_netns (git-fixes).
- selftests/bpf: Fix backtrace printing for selftests crashes (git-fixes).
- selftests/bpf: Fix compile error from rlim_t in sk_storage_map.c (git-fixes).
- selftests/bpf: Fix compile if backtrace support missing in libc (git-fixes).
- selftests/bpf: Fix compiling core_reloc.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling flow_dissector.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling kfree_skb.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling parse_tcp_hdr_opt.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling tcp_rtt.c with musl-libc (git-fixes).
- selftests/bpf: Fix cross-compiling urandom_read (git-fixes).
- selftests/bpf: Fix error compiling bpf_iter_setsockopt.c with musl libc (git-fixes).
- selftests/bpf: Fix error compiling tc_redirect.c with musl libc (git-fixes).
- selftests/bpf: Fix error compiling test_lru_map.c (git-fixes).
- selftests/bpf: Fix errors compiling cg_storage_multi.h with musl libc (git-fixes).
- selftests/bpf: Fix errors compiling decap_sanity.c with musl libc (git-fixes).
- selftests/bpf: Fix errors compiling lwt_redirect.c with musl libc (git-fixes).
- selftests/bpf: Fix redefinition errors compiling lwt_reroute.c (git-fixes).
- selftests/bpf: Fix umount cgroup2 error in test_sockmap (git-fixes).
- selftests/bpf: Use bpf_link__destroy in fill_link_info tests (git-fixes).
- selftests/tracing: Fix event filter test to retry up to 10 times (git-fixes).
- selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len (git-fixes).
- serial: 8250_dw: handle reset control deassert error (git-fixes).
- skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
- smb: client: fix crypto buffers in non-linear memory (bsc#1250491, boo#1239206).
- smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886).
- spi: spi-nxp-fspi: add extra delay after dll locked (git-fixes).
- staging: axis-fifo: fix TX handling on copy_from_user() failure (git-fixes).
- staging: axis-fifo: fix maximum TX packet length check (git-fixes).
- staging: axis-fifo: flush RX FIFO on read errors (git-fixes).
- sunrpc: fix null pointer dereference on zero-length checksum (git-fixes).
- tcp: Do not call reqsk_fastopen_remove() in tcp_conn_request() (git-fixes).
- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
- tools/resolve_btfids: Fix build when cross compiling kernel with clang (git-fixes).
- tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single (git-fixes).
- tracing/selftests: Fix kprobe event name test for .isra. functions (git-fixes).
- tracing: Correct the refcount if the hist/hist_debug file fails to open (git-fixes).
- tracing: Fix filter string testing (git-fixes).
- tracing: Remove unneeded goto out logic (bsc#1249286).
- udf: Make sure i_lenExtents is uptodate on inode eviction (git-fixes).
- udf: Verify partition map count (git-fixes).
- usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm (git-fixes).
- usb: hub: Fix flushing of delayed work used for post resume purposes (git-fixes).
- usb: hub: fix detection of high tier USB3 devices behind suspended hubs (git-fixes).
- usb: phy: twl6030: Fix incorrect type for ret (git-fixes).
- usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes).
- usb: xhci: Limit Stop Endpoint retries (git-fixes).
- usb: xhci: Limit Stop Endpoint retries (git-fixes).
- usbnet: Fix using smp_processor_id() in preemptible code warnings (git-fixes).
- usbnet: Prevents free active kevent (git-fixes).
- wifi: ath10k: Fix memory leak on unsupported WMI command (git-fixes).
- wifi: ath11k: Add missing platform IDs for quirk table (git-fixes).
- wifi: ath12k: free skb during idr cleanup callback (git-fixes).
- wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (git-fixes).
- wifi: mac80211: reset FILS discovery and unsol probe resp intervals (git-fixes).
- wifi: mt76: mt7921u: Add VID/PID for Netgear A7500 (stable-fixes).
- wifi: rtlwifi: rtl8192cu: Do not claim USB ID 07b8:8188 (stable-fixes).
- x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).
- xfs: rename the old_crc variable in xlog_recover_process (git-fixes).
- xhci: dbc: enable back DbC in resume if it was enabled before suspend (git-fixes).
- xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1214954SUSE bug 1215143SUSE bug 1215199SUSE bug 1216396SUSE bug 1220419SUSE bug 1236743SUSE bug 1239206SUSE bug 1244939SUSE bug 1248211SUSE bug 1248230SUSE bug 1248517SUSE bug 1248630SUSE bug 1248754SUSE bug 1248886SUSE bug 1249161SUSE bug 1249182SUSE bug 1249224SUSE bug 1249286SUSE bug 1249302SUSE bug 1249317SUSE bug 1249319SUSE bug 1249320SUSE bug 1249512SUSE bug 1249595SUSE bug 1249608SUSE bug 1250032SUSE bug 1250119SUSE bug 1250202SUSE bug 1250205SUSE bug 1250237SUSE bug 1250274SUSE bug 1250296SUSE bug 1250379SUSE bug 1250400SUSE bug 1250455SUSE bug 1250491SUSE bug 1250519SUSE bug 1250650SUSE bug 1250702SUSE bug 1250704SUSE bug 1250721SUSE bug 1250742SUSE bug 1250946SUSE bug 1251024SUSE bug 1251027SUSE bug 1251028SUSE bug 1251031SUSE bug 1251035SUSE bug 1251038SUSE bug 1251043SUSE bug 1251045SUSE bug 1251052SUSE bug 1251053SUSE bug 1251054SUSE bug 1251056SUSE bug 1251057SUSE bug 1251059SUSE bug 1251060SUSE bug 1251065SUSE bug 1251066SUSE bug 1251067SUSE bug 1251068SUSE bug 1251071SUSE bug 1251076SUSE bug 1251079SUSE bug 1251081SUSE bug 1251083SUSE bug 1251084SUSE bug 1251100SUSE bug 1251105SUSE bug 1251106SUSE bug 1251108SUSE bug 1251113SUSE bug 1251114SUSE bug 1251119SUSE bug 1251123SUSE bug 1251126SUSE bug 1251132SUSE bug 1251134SUSE bug 1251143SUSE bug 1251146SUSE bug 1251150SUSE bug 1251152SUSE bug 1251153SUSE bug 1251159SUSE bug 1251161SUSE bug 1251170SUSE bug 1251177SUSE bug 1251180SUSE bug 1251206SUSE bug 1251215SUSE bug 1251216SUSE bug 1251222SUSE bug 1251230SUSE bug 1251232SUSE bug 1251233SUSE bug 1251247SUSE bug 1251268SUSE bug 1251269SUSE bug 1251270SUSE bug 1251282SUSE bug 1251283SUSE bug 1251286SUSE bug 1251290SUSE bug 1251319SUSE bug 1251321SUSE bug 1251323SUSE bug 1251328SUSE bug 1251529SUSE bug 1251721SUSE bug 1251732SUSE bug 1251742SUSE bug 1251743SUSE bug 1251746SUSE bug 1251748SUSE bug 1251749SUSE bug 1251750SUSE bug 1251754SUSE bug 1251755SUSE bug 1251756SUSE bug 1251758SUSE bug 1251759SUSE bug 1251760SUSE bug 1251762SUSE bug 1251763SUSE bug 1251764SUSE bug 1251769SUSE bug 1251771SUSE bug 1251772SUSE bug 1251777SUSE bug 1251780SUSE bug 1251804SUSE bug 1251810SUSE bug 1251930SUSE bug 1251967SUSE bug 1252033SUSE bug 1252035SUSE bug 1252039SUSE bug 1252044SUSE bug 1252047SUSE bug 1252051SUSE bug 1252052SUSE bug 1252056SUSE bug 1252060SUSE bug 1252062SUSE bug 1252064SUSE bug 1252065SUSE bug 1252069SUSE bug 1252070SUSE bug 1252072SUSE bug 1252074SUSE bug 1252075SUSE bug 1252078SUSE bug 1252079SUSE bug 1252082SUSE bug 1252083SUSE bug 1252265SUSE bug 1252269SUSE bug 1252332SUSE bug 1252336SUSE bug 1252346SUSE bug 1252348SUSE bug 1252349SUSE bug 1252364SUSE bug 1252479SUSE bug 1252481SUSE bug 1252489SUSE bug 1252490SUSE bug 1252492SUSE bug 1252495SUSE bug 1252496SUSE bug 1252499SUSE bug 1252534SUSE bug 1252536SUSE bug 1252537SUSE bug 1252550SUSE bug 1252553SUSE bug 1252559SUSE bug 1252561SUSE bug 1252564SUSE bug 1252565SUSE bug 1252566SUSE bug 1252632SUSE bug 1252668SUSE bug 1252678SUSE bug 1252679SUSE bug 1252685SUSE bug 1252688SUSE bug 1252772SUSE bug 1252774SUSE bug 1252775SUSE bug 1252785SUSE bug 1252787SUSE bug 1252789SUSE bug 1252797SUSE bug 1252822SUSE bug 1252826SUSE bug 1252841SUSE bug 1252848SUSE bug 1252849SUSE bug 1252850SUSE bug 1252851SUSE bug 1252854SUSE bug 1252858SUSE bug 1252865SUSE bug 1252866SUSE bug 1252873SUSE bug 1252902SUSE bug 1252904SUSE bug 1252909SUSE bug 1252918SUSE bug 1252939CVE-2023-53538 at SUSECVE-2023-53538 at NVDCVE-2023-53539 at SUSECVE-2023-53539 at NVDCVE-2023-53540 at SUSECVE-2023-53540 at NVDCVE-2023-53541 at SUSECVE-2023-53541 at NVDCVE-2023-53543 at SUSECVE-2023-53543 at NVDCVE-2023-53545 at SUSECVE-2023-53545 at NVDCVE-2023-53546 at SUSECVE-2023-53546 at NVDCVE-2023-53548 at SUSECVE-2023-53548 at NVDCVE-2023-53550 at SUSECVE-2023-53550 at NVDCVE-2023-53552 at SUSECVE-2023-53552 at NVDCVE-2023-53553 at SUSECVE-2023-53553 at NVDCVE-2023-53554 at SUSECVE-2023-53554 at NVDCVE-2023-53555 at SUSECVE-2023-53555 at NVDCVE-2023-53556 at SUSECVE-2023-53556 at NVDCVE-2023-53557 at SUSECVE-2023-53557 at NVDCVE-2023-53558 at SUSECVE-2023-53558 at NVDCVE-2023-53559 at SUSECVE-2023-53559 at NVDCVE-2023-53560 at SUSECVE-2023-53560 at NVDCVE-2023-53563 at SUSECVE-2023-53563 at NVDCVE-2023-53568 at SUSECVE-2023-53568 at NVDCVE-2023-53570 at SUSECVE-2023-53570 at NVDCVE-2023-53572 at SUSECVE-2023-53572 at NVDCVE-2023-53574 at SUSECVE-2023-53574 at NVDCVE-2023-53575 at SUSECVE-2023-53575 at NVDCVE-2023-53577 at SUSECVE-2023-53577 at NVDCVE-2023-53579 at SUSECVE-2023-53579 at NVDCVE-2023-53580 at SUSECVE-2023-53580 at NVDCVE-2023-53581 at SUSECVE-2023-53581 at NVDCVE-2023-53583 at SUSECVE-2023-53583 at NVDCVE-2023-53585 at SUSECVE-2023-53585 at NVDCVE-2023-53588 at SUSECVE-2023-53588 at NVDCVE-2023-53593 at SUSECVE-2023-53593 at NVDCVE-2023-53596 at SUSECVE-2023-53596 at NVDCVE-2023-53597 at SUSECVE-2023-53597 at NVDCVE-2023-53599 at SUSECVE-2023-53599 at NVDCVE-2023-53600 at SUSECVE-2023-53600 at NVDCVE-2023-53601 at SUSECVE-2023-53601 at NVDCVE-2023-53602 at SUSECVE-2023-53602 at NVDCVE-2023-53603 at SUSECVE-2023-53603 at NVDCVE-2023-53611 at SUSECVE-2023-53611 at NVDCVE-2023-53613 at SUSECVE-2023-53613 at NVDCVE-2023-53615 at SUSECVE-2023-53615 at NVDCVE-2023-53616 at SUSECVE-2023-53616 at NVDCVE-2023-53617 at SUSECVE-2023-53617 at NVDCVE-2023-53618 at SUSECVE-2023-53618 at NVDCVE-2023-53619 at SUSECVE-2023-53619 at NVDCVE-2023-53621 at SUSECVE-2023-53621 at NVDCVE-2023-53622 at SUSECVE-2023-53622 at NVDCVE-2023-53631 at SUSECVE-2023-53631 at NVDCVE-2023-53632 at SUSECVE-2023-53632 at NVDCVE-2023-53633 at SUSECVE-2023-53633 at NVDCVE-2023-53638 at SUSECVE-2023-53638 at NVDCVE-2023-53645 at SUSECVE-2023-53645 at NVDCVE-2023-53646 at SUSECVE-2023-53646 at NVDCVE-2023-53647 at SUSECVE-2023-53647 at NVDCVE-2023-53648 at SUSECVE-2023-53648 at NVDCVE-2023-53649 at SUSECVE-2023-53649 at NVDCVE-2023-53650 at SUSECVE-2023-53650 at NVDCVE-2023-53652 at SUSECVE-2023-53652 at NVDCVE-2023-53653 at SUSECVE-2023-53653 at NVDCVE-2023-53654 at SUSECVE-2023-53654 at NVDCVE-2023-53656 at SUSECVE-2023-53656 at NVDCVE-2023-53657 at SUSECVE-2023-53657 at NVDCVE-2023-53658 at SUSECVE-2023-53658 at NVDCVE-2023-53659 at SUSECVE-2023-53659 at NVDCVE-2023-53660 at SUSECVE-2023-53660 at NVDCVE-2023-53662 at SUSECVE-2023-53662 at NVDCVE-2023-53663 at SUSECVE-2023-53663 at NVDCVE-2023-53665 at SUSECVE-2023-53665 at NVDCVE-2023-53666 at SUSECVE-2023-53666 at NVDCVE-2023-53668 at SUSECVE-2023-53668 at NVDCVE-2023-53670 at SUSECVE-2023-53670 at NVDCVE-2023-53672 at SUSECVE-2023-53672 at NVDCVE-2023-53673 at SUSECVE-2023-53673 at NVDCVE-2023-53674 at SUSECVE-2023-53674 at NVDCVE-2023-53681 at SUSECVE-2023-53681 at NVDCVE-2023-53686 at SUSECVE-2023-53686 at NVDCVE-2023-53687 at SUSECVE-2023-53687 at NVDCVE-2023-53693 at SUSECVE-2023-53693 at NVDCVE-2023-53697 at SUSECVE-2023-53697 at NVDCVE-2023-53698 at SUSECVE-2023-53698 at NVDCVE-2023-53699 at SUSECVE-2023-53699 at NVDCVE-2023-53703 at SUSECVE-2023-53703 at NVDCVE-2023-53704 at SUSECVE-2023-53704 at NVDCVE-2023-53707 at SUSECVE-2023-53707 at NVDCVE-2023-53708 at SUSECVE-2023-53708 at NVDCVE-2023-53711 at SUSECVE-2023-53711 at NVDCVE-2023-53713 at SUSECVE-2023-53713 at NVDCVE-2023-53718 at SUSECVE-2023-53718 at NVDCVE-2023-53721 at SUSECVE-2023-53721 at NVDCVE-2023-53722 at SUSECVE-2023-53722 at NVDCVE-2023-53725 at SUSECVE-2023-53725 at NVDCVE-2023-53726 at SUSECVE-2023-53726 at NVDCVE-2023-53727 at SUSECVE-2023-53727 at NVDCVE-2023-53728 at SUSECVE-2023-53728 at NVDCVE-2023-53729 at SUSECVE-2023-53729 at NVDCVE-2023-53730 at SUSECVE-2023-53730 at NVDCVE-2023-53731 at SUSECVE-2023-53731 at NVDCVE-2023-53733 at SUSECVE-2023-53733 at NVDCVE-2025-38008 at SUSECVE-2025-38008 at NVDCVE-2025-38539 at SUSECVE-2025-38539 at NVDCVE-2025-38552 at SUSECVE-2025-38552 at NVDCVE-2025-38653 at SUSECVE-2025-38653 at NVDCVE-2025-38699 at SUSECVE-2025-38699 at NVDCVE-2025-38700 at SUSECVE-2025-38700 at NVDCVE-2025-38718 at SUSECVE-2025-38718 at NVDCVE-2025-39673 at SUSECVE-2025-39673 at NVDCVE-2025-39676 at SUSECVE-2025-39676 at NVDCVE-2025-39683 at SUSECVE-2025-39683 at NVDCVE-2025-39697 at SUSECVE-2025-39697 at NVDCVE-2025-39702 at SUSECVE-2025-39702 at NVDCVE-2025-39756 at SUSECVE-2025-39756 at NVDCVE-2025-39794 at SUSECVE-2025-39794 at NVDCVE-2025-39797 at SUSECVE-2025-39797 at NVDCVE-2025-39812 at SUSECVE-2025-39812 at NVDCVE-2025-39813 at SUSECVE-2025-39813 at NVDCVE-2025-39828 at SUSECVE-2025-39828 at NVDCVE-2025-39841 at SUSECVE-2025-39841 at NVDCVE-2025-39851 at SUSECVE-2025-39851 at NVDCVE-2025-39866 at SUSECVE-2025-39866 at NVDCVE-2025-39876 at SUSECVE-2025-39876 at NVDCVE-2025-39881 at SUSECVE-2025-39881 at NVDCVE-2025-39895 at SUSECVE-2025-39895 at NVDCVE-2025-39898 at SUSECVE-2025-39898 at NVDCVE-2025-39902 at SUSECVE-2025-39902 at NVDCVE-2025-39911 at SUSECVE-2025-39911 at NVDCVE-2025-39931 at SUSECVE-2025-39931 at NVDCVE-2025-39934 at SUSECVE-2025-39934 at NVDCVE-2025-39937 at SUSECVE-2025-39937 at NVDCVE-2025-39938 at SUSECVE-2025-39938 at NVDCVE-2025-39945 at SUSECVE-2025-39945 at NVDCVE-2025-39946 at SUSECVE-2025-39946 at NVDCVE-2025-39947 at SUSECVE-2025-39947 at NVDCVE-2025-39948 at SUSECVE-2025-39948 at NVDCVE-2025-39949 at SUSECVE-2025-39949 at NVDCVE-2025-39952 at SUSECVE-2025-39952 at NVDCVE-2025-39955 at SUSECVE-2025-39955 at NVDCVE-2025-39957 at SUSECVE-2025-39957 at NVDCVE-2025-39965 at SUSECVE-2025-39965 at NVDCVE-2025-39967 at SUSECVE-2025-39967 at NVDCVE-2025-39968 at SUSECVE-2025-39968 at NVDCVE-2025-39969 at SUSECVE-2025-39969 at NVDCVE-2025-39970 at SUSECVE-2025-39970 at NVDCVE-2025-39971 at SUSECVE-2025-39971 at NVDCVE-2025-39972 at SUSECVE-2025-39972 at NVDCVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-39978 at SUSECVE-2025-39978 at NVDCVE-2025-39981 at SUSECVE-2025-39981 at NVDCVE-2025-39982 at SUSECVE-2025-39982 at NVDCVE-2025-39985 at SUSECVE-2025-39985 at NVDCVE-2025-39986 at SUSECVE-2025-39986 at NVDCVE-2025-39987 at SUSECVE-2025-39987 at NVDCVE-2025-39988 at SUSECVE-2025-39988 at NVDCVE-2025-39991 at SUSECVE-2025-39991 at NVDCVE-2025-39993 at SUSECVE-2025-39993 at NVDCVE-2025-39994 at SUSECVE-2025-39994 at NVDCVE-2025-39995 at SUSECVE-2025-39995 at NVDCVE-2025-39996 at SUSECVE-2025-39996 at NVDCVE-2025-39997 at SUSECVE-2025-39997 at NVDCVE-2025-40000 at SUSECVE-2025-40000 at NVDCVE-2025-40005 at SUSECVE-2025-40005 at NVDCVE-2025-40010 at SUSECVE-2025-40010 at NVDCVE-2025-40011 at SUSECVE-2025-40011 at NVDCVE-2025-40013 at SUSECVE-2025-40013 at NVDCVE-2025-40016 at SUSECVE-2025-40016 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40019 at SUSECVE-2025-40019 at NVDCVE-2025-40020 at SUSECVE-2025-40020 at NVDCVE-2025-40029 at SUSECVE-2025-40029 at NVDCVE-2025-40032 at SUSECVE-2025-40032 at NVDCVE-2025-40035 at SUSECVE-2025-40035 at NVDCVE-2025-40036 at SUSECVE-2025-40036 at NVDCVE-2025-40043 at SUSECVE-2025-40043 at NVDCVE-2025-40044 at SUSECVE-2025-40044 at NVDCVE-2025-40049 at SUSECVE-2025-40049 at NVDCVE-2025-40051 at SUSECVE-2025-40051 at NVDCVE-2025-40052 at SUSECVE-2025-40052 at NVDCVE-2025-40056 at SUSECVE-2025-40056 at NVDCVE-2025-40058 at SUSECVE-2025-40058 at NVDCVE-2025-40060 at SUSECVE-2025-40060 at NVDCVE-2025-40061 at SUSECVE-2025-40061 at NVDCVE-2025-40062 at SUSECVE-2025-40062 at NVDCVE-2025-40071 at SUSECVE-2025-40071 at NVDCVE-2025-40078 at SUSECVE-2025-40078 at NVDCVE-2025-40080 at SUSECVE-2025-40080 at NVDCVE-2025-40082 at SUSECVE-2025-40082 at NVDCVE-2025-40085 at SUSECVE-2025-40085 at NVDCVE-2025-40087 at SUSECVE-2025-40087 at NVDCVE-2025-40088 at SUSECVE-2025-40088 at NVDCVE-2025-40096 at SUSECVE-2025-40096 at NVDCVE-2025-40100 at SUSECVE-2025-40100 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
- CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
- CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).
- CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (bsc#1248630).
- CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
- CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (bsc#1249182).
- CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
- CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
- CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
- CVE-2025-39683: tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286).
- CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).
- CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
- CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
- CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).
- CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
- CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).
- CVE-2025-39828: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control() (bsc#1250205).
- CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
- CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
- CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
- CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
- CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).
- CVE-2025-39898: e1000e: fix heap overflow in e1000_set_eeprom (bsc#1250742).
- CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
- CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
- CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
- CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
- CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
- CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
- CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
- CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
- CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
- CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).
- CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
- CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).
- CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
- CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
- CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774).
- CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree (bsc#1252918).
The following non-security bugs were fixed:
- ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path (stable-fixes).
- ACPI: battery: Add synchronization between interface updates (git-fixes).
- ACPI: battery: Check for error code from devm_mutex_init() call (git-fixes).
- ACPI: battery: allocate driver data through devm_ APIs (stable-fixes).
- ACPI: battery: initialize mutexes through devm_ APIs (stable-fixes).
- ACPI: button: Call input_free_device() on failing input device registration (git-fixes).
- ACPI: property: Add code comments explaining what is going on (stable-fixes).
- ACPI: property: Disregard references in data-only subnode lists (stable-fixes).
- ACPI: property: Do not pass NULL handles to acpi_attach_data() (stable-fixes git-fixes).
- ACPI: video: Fix use-after-free in acpi_video_switch_brightness() (git-fixes).
- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).
- ACPICA: Allow to skip Global Lock initialization (stable-fixes).
- ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings (git-fixes).
- ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card (git-fixes).
- ALSA: usb-audio: fix control pipe direction (git-fixes).
- ASoC: Intel: avs: Unprepare a stream when XRUN occurs (git-fixes).
- ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines tear down (git-fixes).
- ASoC: SOF: ipc4-topology: Correct the minimum host DMA buffer size (git-fixes).
- ASoC: amd: acp: Adjust pdm gain value (stable-fixes).
- ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec (git-fixes).
- ASoC: fsl_sai: fix bit order for DSD format (git-fixes).
- ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit (git-fixes).
- ASoC: nau8821: Cancel jdet_work before handling jack ejection (git-fixes).
- ASoC: nau8821: Generalize helper to clear IRQ status (git-fixes).
- ASoC: qdsp6: q6asm: do not sleep while atomic (git-fixes).
- ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue (stable-fixes).
- Bluetooth: btmtksdio: Add pmctrl handling for BT closed state during reset (git-fixes).
- Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 (stable-fixes).
- Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once (git-fixes).
- HID: hid-input: only ignore 0 battery events for digitizers (git-fixes).
- HID: multitouch: fix name of Stylus input devices (git-fixes).
- Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (git-fixes).
- KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).
- KVM: SEV: Read save fields from GHCB exactly once (git-fixes).
- KVM: SEV: Rename kvm_ghcb_get_sw_exit_code() to kvm_get_cached_sw_exit_code() (git-fixes).
- KVM: SEV: Validate XCR0 provided by guest in GHCB (git-fixes).
- KVM: SVM: Inject #GP if memory operand for INVPCID is non-canonical (git-fixes).
- KVM: SVM: Pass through GHCB MSR if and only if VM is an SEV-ES guest (git-fixes).
- KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow (git-fixes).
- KVM: x86/mmu: Prevent installing hugepages when mem attributes are changing (git-fixes).
- KVM: x86: Bypass register cache when querying CPL from kvm_sched_out() (git-fixes).
- KVM: x86: Clear pv_unhalted on all transitions to KVM_MP_STATE_RUNNABLE (git-fixes).
- KVM: x86: Do not bleed PVCLOCK_GUEST_STOPPED across PV clocks (git-fixes).
- KVM: x86: Do not inject PV async #PF if SEND_ALWAYS=0 and guest state is protected (git-fixes).
- KVM: x86: Introduce kvm_set_mp_state() (git-fixes).
- KVM: x86: Introduce kvm_x86_call() to simplify static calls of kvm_x86_ops (git-fixes).
- KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes).
- KVM: x86: Process "guest stopped request" once per guest time update (git-fixes).
- KVM: x86: Replace static_call_cond() with static_call() (git-fixes).
- KVM: x86: Set PVCLOCK_GUEST_STOPPED only for kvmclock, not for Xen PV clock (git-fixes).
- KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs (git-fixes).
- KVM: x86: Snapshot the host's DEBUGCTL in common x86 (git-fixes).
- KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer (git-fixes).
- NFSD: Define a proc_layoutcommit for the FlexFiles layout type (git-fixes).
- NFSD: Fix crash in nfsd4_read_release() (git-fixes).
- NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul() (git-fixes).
- NFSD: Minor cleanup in layoutcommit processing (git-fixes).
- NFSD: Rework encoding and decoding of nfsd4_deviceid (git-fixes).
- PCI/AER: Support errors introduced by PCIe r6.0 (stable-fixes).
- PCI: Add PCI_VDEVICE_SUB helper macro (stable-fixes).
- PCI: endpoint: Remove surplus return statement from pci_epf_test_clean_dma_chan() (stable-fixes).
- PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release (git-fixes).
- PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists (stable-fixes).
- PCI: j721e: Fix programming sequence of "strap" settings (git-fixes).
- PM: runtime: Add new devm functions (stable-fixes).
- Revert "KVM: VMX: Move LOAD_IA32_PERF_GLOBAL_CTRL errata handling out of setup_vmcs_config()" (git-fixes).
- USB: serial: option: add SIMCom 8230C compositions (git-fixes).
- USB: serial: option: add SIMCom 8230C compositions (stable-fixes).
- accel/ivpu: Add missing MODULE_FIRMWARE metadata (git-fixes).
- accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() (git-fixes).
- add bug reference to existing hv_netvsc change (bsc#1252265)
- arm64, mm: avoid always making PTE dirty in pte_mkwrite() (git-fixes)
- arm64: cputype: Add Neoverse-V3AE definitions (git-fixes)
- arm64: errata: Apply workarounds for Neoverse-V3AE (git-fixes)
- arm64: mte: Do not flag the zero page as PG_mte_tagged (git-fixes)
- bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364).
- bpf: Avoid RCU context warning when unpinning htab with internal structs (git-fixes).
- bpf: Check link_create.flags parameter for multi_kprobe (git-fixes).
- bpf: Check link_create.flags parameter for multi_uprobe (git-fixes).
- bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} (git-fixes).
- bpf: Use preempt_count() directly in bpf_send_signal_common() (git-fixes).
- btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (git-fixes).
- btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running (git-fixes).
- btrfs: fix the incorrect max_bytes value for find_lock_delalloc_range() (git-fixes).
- can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() (git-fixes).
- can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled (stable-fixes).
- can: netlink: can_changelink(): allow disabling of automatic restart (git-fixes).
- can: rcar_canfd: Fix controller mode setting (stable-fixes).
- clk: at91: peripheral: fix return value (git-fixes).
- clk: mediatek: clk-mux: Do not pass flags to clk_mux_determine_rate_flags() (git-fixes).
- clk: mediatek: mt8195-infra_ao: Fix parent for infra_ao_hdmi_26m (git-fixes).
- clk: tegra: do not overallocate memory for bpmp clocks (git-fixes).
- cpufreq: CPPC: fix perf_to_khz/khz_to_perf conversion exception (git-fixes).
- cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() (stable-fixes git-fixes).
- cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes).
- cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus() (git-fixes).
- cpufreq: scmi: Skip SCMI devices that are not used by the CPUs (stable-fixes).
- cpufreq: tegra186: Set target frequency for all cpus in policy (git-fixes).
- cpuidle: governors: menu: Avoid using invalid recent intervals data (git-fixes).
- cpuidle: menu: Avoid discarding useful information (stable-fixes).
- cpuidle: qcom-spm: fix device and OF node leaks at probe (git-fixes).
- crypto: essiv - Check ssize for decryption and in-place encryption (git-fixes).
- crypto: rng - Ensure set_ent is always present (git-fixes).
- driver core/PM: Set power.no_callbacks along with power.no_pm (stable-fixes).
- drivers/perf: arm_spe: Use perf_allow_kernel() for permissions (git-fixes).
- drm/amd/display: Add missing DCE6 SCL_HORZ_FILTER_INIT* SRIs (git-fixes).
- drm/amd/display: Disable scaling on DCE6 for now (git-fixes).
- drm/amd/display: Properly clear SCL_*_FILTER_CONTROL on DCE6 (git-fixes).
- drm/amd/display: Properly disable scaling on DCE6 (git-fixes).
- drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Fiji (git-fixes).
- drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Iceland (git-fixes).
- drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).
- drm/amd/powerplay: Fix CIK shutdown temperature (git-fixes).
- drm/amd: Check whether secure display TA loaded successfully (stable-fixes).
- drm/amdgpu: Add additional DCE6 SCL registers (git-fixes).
- drm/amdgpu: use atomic functions with memory barriers for vm fault info (git-fixes).
- drm/bridge: lt9211: Drop check for last nibble of version register (git-fixes).
- drm/etnaviv: fix flush sequence logic (git-fixes).
- drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions (stable-fixes).
- drm/exynos: exynos7_drm_decon: properly clear channels during bind (stable-fixes).
- drm/i915/guc: Skip communication warning on reset in progress (git-fixes).
- drm/mediatek: Fix device use-after-free on unbind (git-fixes).
- drm/msm/a6xx: Fix GMU firmware parser (git-fixes).
- drm/msm/adreno: De-spaghettify the use of memory barriers (stable-fixes).
- drm/msm/dpu: Fix pixel extension sub-sampling (git-fixes).
- drm/nouveau: fix bad ret code in nouveau_bo_move_prep (git-fixes).
- drm/panel: kingdisplay-kd097d04: Disable EoTp (git-fixes).
- drm/panel: sitronix-st7789v: fix sync flags for t28cp45tn89 (git-fixes).
- drm/rockchip: vop2: use correct destination rectangle height check (git-fixes).
- drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (git-fixes).
- drm/vmwgfx: Fix Use-after-free in validation (git-fixes).
- drm/vmwgfx: Fix a null-ptr access in the cursor snooper (git-fixes).
- drm/vmwgfx: Fix copy-paste typo in validation (git-fixes).
- ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (git-fixes).
- ext4: check fast symlink for ea_inode correctly (git-fixes).
- ext4: do not convert the unwritten extents if data writeback fails (git-fixes).
- ext4: do not try to clear the orphan_present feature block device is r/o (git-fixes).
- ext4: ensure i_size is smaller than maxbytes (git-fixes).
- ext4: factor out ext4_get_maxbytes() (git-fixes).
- ext4: fix calculation of credits for extent tree modification (git-fixes).
- ext4: fix checks for orphan inodes (bsc#1250119).
- ext4: fix fsmap end of range reporting with bigalloc (git-fixes).
- ext4: fix hole length calculation overflow in non-extent inodes (git-fixes).
- ext4: fix largest free orders lists corruption on mb_optimize_scan switch (git-fixes).
- ext4: fix reserved gdt blocks handling in fsmap (git-fixes).
- ext4: fix zombie groups in average fragment size lists (git-fixes).
- ext4: preserve SB_I_VERSION on remount (git-fixes).
- ext4: reorder capability check last (git-fixes).
- fbdev: Fix logic error in "offb" name match (git-fixes).
- fbdev: atyfb: Check if pll_ops->init_pll failed (git-fixes).
- fbdev: valkyriefb: Fix reference count leak in valkyriefb_init (git-fixes).
- firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode (git-fixes).
- fs: udf: fix OOB read in lengthAllocDescs handling (git-fixes).
- ftrace: fix incorrect hash size in register_ftrace_direct() (git-fixes).
- gpio: wcd934x: mark the GPIO controller as sleeping (git-fixes).
- hfs: validate record offset in hfsplus_bmap_alloc (git-fixes).
- hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() (git-fixes).
- hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() (git-fixes).
- hid: fix I2C read buffer overflow in raw_event() for mcp2221 (stable-fixes).
- i2c: ocores: use devm_ managed clks (git-fixes).
- iomap: Fix iomap_adjust_read_range for plen calculation (git-fixes).
- iomap: handle a post-direct I/O invalidate race in iomap_write_delalloc_release (git-fixes).
- iommu/vt-d: Disallow dirty tracking if incoherent page walk (git-fixes).
- iommu/vt-d: PRS isn't usable if PDS isn't supported (git-fixes).
- isofs: Verify inode mode when loading from disk (git-fixes).
- jbd2: do not try to recover wiped journal (git-fixes).
- kABI fix for KVM: x86: Snapshot the host's DEBUGCTL in common x86 (git-fixes).
- kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
- kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930).
- lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older (stable-fixes).
- locking/mutex: Introduce devm_mutex_init() (stable-fixes).
- locking/mutex: Mark devm_mutex_init() as __must_check (stable-fixes).
- mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop (git-fixes).
- mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes (git-fixes).
- mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call (git-fixes).
- media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe (git-fixes).
- media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() (stable-fixes).
- media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c) (git-fixes).
- media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes).
- media: tunner: xc5000: Refactor firmware load (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value (stable-fixes).
- mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag (git-fixes).
- misc: fastrpc: Add missing dev_err newlines (stable-fixes).
- misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup (git-fixes).
- misc: fastrpc: Fix fastrpc_map_lookup operation (git-fixes).
- misc: fastrpc: Save actual DMA size in fastrpc_map structure (git-fixes).
- misc: fastrpc: Skip reference for DMA handles (git-fixes).
- misc: fastrpc: fix possible map leak in fastrpc_put_args (git-fixes).
- mmc: core: SPI mode remove cmd7 (stable-fixes).
- most: usb: Fix use-after-free in hdm_disconnect (git-fixes).
- most: usb: hdm_probe: Fix calling put_device() before device initialization (git-fixes).
- mtd: rawnand: fsmc: Default to autodetect buswidth (stable-fixes).
- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
- net: phy: dp83869: fix STRAP_OPMODE bitmask (git-fixes).
- net: sysfs: Fix /sys/class/net/<iface> path (git-fixes).
- net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock (git-fixes).
- net: usb: asix_devices: Check return value of usbnet_get_endpoints (git-fixes).
- net: usb: lan78xx: Add error handling to lan78xx_init_mac_address (git-fixes).
- net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset (git-fixes).
- net: usb: rtl8150: Fix frame padding (git-fixes).
- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
- nfsd: nfserr_jukebox in nlm_fopen should lead to a retry (git-fixes).
- nvme-multipath: Skip nr_active increments in RETRY disposition (git-fixes).
- nvme-pci: Add TUXEDO IBS Gen8 to Samsung sleep quirk (git-fixes).
- nvme/tcp: handle tls partially sent records in write_space() (git-fixes).
- overlayfs: set ctime when setting mtime and atime (stable-fixes).
- ovl: Always reevaluate the file signature for IMA (stable-fixes).
- ovl: fix file reference leak when submitting aio (stable-fixes).
- ovl: fix incorrect fdput() on aio completion (stable-fixes).
- perf/amd/ibs: Fix ->config to sample period calculation for OP PMU (git-fixes).
- perf/amd/ibs: Fix perf_ibs_op.cnt_mask for CurCnt (git-fixes).
- perf/amd: Prevent grouping of IBS events (git-fixes).
- perf/aux: Fix pending disable flow when the AUX ring buffer overruns (git-fixes).
- perf/bpf: Robustify perf_event_free_bpf_prog() (git-fixes).
- perf/core: Fix WARN in perf_cgroup_switch() (git-fixes).
- perf/core: Fix broken throttling when max_samples_per_tick=1 (git-fixes).
- perf/core: Fix child_total_time_enabled accounting bug at task exit (git-fixes).
- perf/core: Fix low freq setting via IOC_PERIOD (git-fixes).
- perf/core: Fix pmus_lock vs. pmus_srcu ordering (git-fixes).
- perf/core: Fix small negative period being ignored (git-fixes).
- perf/core: Fix the WARN_ON_ONCE is out of lock protected region (git-fixes).
- perf/hw_breakpoint: Return EOPNOTSUPP for unsupported breakpoint type (git-fixes).
- perf/ring_buffer: Allow the EPOLLRDNORM flag for poll (git-fixes).
- perf/x86/amd: Warn only on new bits set (git-fixes).
- perf/x86/intel/ds: Unconditionally drain PEBS DS when changing PEBS_DATA_CFG (git-fixes).
- perf/x86/intel/pt: Fix sampling synchronization (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on ICX (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR (git-fixes).
- perf/x86/intel/uncore: Fix the scale of IIO free running counters on SPR (git-fixes).
- perf/x86/intel: Allow to setup LBR for counting event for BPF (git-fixes).
- perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).
- perf/x86/intel: Apply static call for drain_pebs (git-fixes).
- perf/x86/intel: Avoid disable PMU if !cpuc->enabled in sample read (git-fixes).
- perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes).
- perf/x86/intel: Only check the group flag for X86 leader (git-fixes).
- perf/x86/intel: Use better start period for frequency mode (git-fixes).
- perf/x86: Fix low freqency setting issue (git-fixes).
- perf/x86: Fix non-sampling (counting) events on certain x86 platforms (git-fixes).
- perf: Ensure bpf_perf_link path is properly serialized (git-fixes).
- perf: Extract a few helpers (git-fixes).
- perf: Fix cgroup state vs ERROR (git-fixes).
- phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling (git-fixes).
- phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
- phy: cdns-dphy: Store hs_clk_rate and return it (stable-fixes).
- platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list (stable-fixes).
- platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list (stable-fixes).
- powerpc/boot: Fix build with gcc 15 (bsc#1215199).
- powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
- powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
- powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
- powerpc: export MIN RMA size (bsc#1236743 ltc#211409).
- powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
- powerpc: increase MIN RMA size for CAS negotiation (bsc#1236743 ltc#211409 bsc#1252269 ltc#215957).
- proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
- proc: fix type confusion in pde_set_flags() (bsc#1248630)
- r8152: add error handling in rtl8152_driver_init (git-fixes).
- r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H (git-fixes).
- regmap: slimbus: fix bus_context pointer in regmap init calls (git-fixes).
- regulator: bd718x7: Fix voltages scaled by resistor divider (git-fixes).
- rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946).
- rtc: interface: Ensure alarm irq is enabled when UIE is enabled (stable-fixes).
- rtc: interface: Fix long-standing race when setting alarm (stable-fixes).
- rtc: optee: fix memory leak on driver removal (git-fixes).
- rtc: x1205: Fix Xicor X1205 vendor prefix (git-fixes).
- s390: Initialize psw mask in perf_arch_fetch_caller_regs() (git-fixes).
- samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora (git-fixes).
- sched/fair: set_load_weight() must also call reweight_task() (git-fixes)
- sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517).
- selftests/bpf: Add test for unpinning htab with internal timer struct (git-fixes).
- selftests/bpf: Fix C++ compile error from missing _Bool type (git-fixes).
- selftests/bpf: Fix a fd leak in error paths in open_netns (git-fixes).
- selftests/bpf: Fix backtrace printing for selftests crashes (git-fixes).
- selftests/bpf: Fix compile error from rlim_t in sk_storage_map.c (git-fixes).
- selftests/bpf: Fix compile if backtrace support missing in libc (git-fixes).
- selftests/bpf: Fix compiling core_reloc.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling flow_dissector.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling kfree_skb.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling parse_tcp_hdr_opt.c with musl-libc (git-fixes).
- selftests/bpf: Fix compiling tcp_rtt.c with musl-libc (git-fixes).
- selftests/bpf: Fix cross-compiling urandom_read (git-fixes).
- selftests/bpf: Fix error compiling bpf_iter_setsockopt.c with musl libc (git-fixes).
- selftests/bpf: Fix error compiling tc_redirect.c with musl libc (git-fixes).
- selftests/bpf: Fix error compiling test_lru_map.c (git-fixes).
- selftests/bpf: Fix errors compiling cg_storage_multi.h with musl libc (git-fixes).
- selftests/bpf: Fix errors compiling decap_sanity.c with musl libc (git-fixes).
- selftests/bpf: Fix errors compiling lwt_redirect.c with musl libc (git-fixes).
- selftests/bpf: Fix redefinition errors compiling lwt_reroute.c (git-fixes).
- selftests/bpf: Fix umount cgroup2 error in test_sockmap (git-fixes).
- selftests/bpf: Use bpf_link__destroy in fill_link_info tests (git-fixes).
- selftests/tracing: Fix event filter test to retry up to 10 times (git-fixes).
- selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len (git-fixes).
- serial: 8250_dw: handle reset control deassert error (git-fixes).
- serial: jsm: fix NPE during jsm_uart_port_init (git fixes, bsc#1246244).
- skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
- smb: client: fix crypto buffers in non-linear memory (bsc#1250491, boo#1239206).
- smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886).
- spi: spi-nxp-fspi: add extra delay after dll locked (git-fixes).
- staging: axis-fifo: fix TX handling on copy_from_user() failure (git-fixes).
- staging: axis-fifo: fix maximum TX packet length check (git-fixes).
- staging: axis-fifo: flush RX FIFO on read errors (git-fixes).
- sunrpc: fix null pointer dereference on zero-length checksum (git-fixes).
- tcp: Do not call reqsk_fastopen_remove() in tcp_conn_request() (git-fixes).
- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
- tools/resolve_btfids: Fix build when cross compiling kernel with clang (git-fixes).
- tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single (git-fixes).
- tracing/selftests: Fix kprobe event name test for .isra. functions (git-fixes).
- tracing: Correct the refcount if the hist/hist_debug file fails to open (git-fixes).
- tracing: Fix filter string testing (git-fixes).
- tracing: Remove unneeded goto out logic (bsc#1249286).
- udf: Make sure i_lenExtents is uptodate on inode eviction (git-fixes).
- udf: Verify partition map count (git-fixes).
- usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm (git-fixes).
- usb: hub: Fix flushing of delayed work used for post resume purposes (git-fixes).
- usb: hub: fix detection of high tier USB3 devices behind suspended hubs (git-fixes).
- usb: phy: twl6030: Fix incorrect type for ret (git-fixes).
- usb: xhci: Avoid queuing redundant Stop Endpoint commands (git-fixes).
- usb: xhci: Limit Stop Endpoint retries (git-fixes).
- usbnet: Fix using smp_processor_id() in preemptible code warnings (git-fixes).
- usbnet: Prevents free active kevent (git-fixes).
- wifi: ath10k: Fix memory leak on unsupported WMI command (git-fixes).
- wifi: ath11k: Add missing platform IDs for quirk table (git-fixes).
- wifi: ath12k: free skb during idr cleanup callback (git-fixes).
- wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (git-fixes).
- wifi: mac80211: reset FILS discovery and unsol probe resp intervals (git-fixes).
- wifi: mt76: mt7921u: Add VID/PID for Netgear A7500 (stable-fixes).
- wifi: rtlwifi: rtl8192cu: Do not claim USB ID 07b8:8188 (stable-fixes).
- x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).
- xfs: rename the old_crc variable in xlog_recover_process (git-fixes).
- xhci: dbc: enable back DbC in resume if it was enabled before suspend (git-fixes).
- xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1214954SUSE bug 1215143SUSE bug 1215199SUSE bug 1216396SUSE bug 1220419SUSE bug 1236743SUSE bug 1239206SUSE bug 1244939SUSE bug 1246244SUSE bug 1248211SUSE bug 1248230SUSE bug 1248517SUSE bug 1248630SUSE bug 1248754SUSE bug 1248886SUSE bug 1249161SUSE bug 1249182SUSE bug 1249224SUSE bug 1249286SUSE bug 1249302SUSE bug 1249317SUSE bug 1249319SUSE bug 1249320SUSE bug 1249512SUSE bug 1249595SUSE bug 1249608SUSE bug 1250032SUSE bug 1250119SUSE bug 1250202SUSE bug 1250205SUSE bug 1250237SUSE bug 1250274SUSE bug 1250296SUSE bug 1250379SUSE bug 1250400SUSE bug 1250455SUSE bug 1250491SUSE bug 1250519SUSE bug 1250650SUSE bug 1250702SUSE bug 1250704SUSE bug 1250721SUSE bug 1250742SUSE bug 1250946SUSE bug 1251024SUSE bug 1251027SUSE bug 1251028SUSE bug 1251031SUSE bug 1251035SUSE bug 1251038SUSE bug 1251043SUSE bug 1251045SUSE bug 1251052SUSE bug 1251053SUSE bug 1251054SUSE bug 1251056SUSE bug 1251057SUSE bug 1251059SUSE bug 1251060SUSE bug 1251065SUSE bug 1251066SUSE bug 1251067SUSE bug 1251068SUSE bug 1251071SUSE bug 1251076SUSE bug 1251079SUSE bug 1251081SUSE bug 1251083SUSE bug 1251084SUSE bug 1251100SUSE bug 1251105SUSE bug 1251106SUSE bug 1251108SUSE bug 1251113SUSE bug 1251114SUSE bug 1251119SUSE bug 1251123SUSE bug 1251126SUSE bug 1251132SUSE bug 1251134SUSE bug 1251143SUSE bug 1251146SUSE bug 1251150SUSE bug 1251152SUSE bug 1251153SUSE bug 1251159SUSE bug 1251161SUSE bug 1251170SUSE bug 1251177SUSE bug 1251180SUSE bug 1251206SUSE bug 1251215SUSE bug 1251216SUSE bug 1251222SUSE bug 1251230SUSE bug 1251232SUSE bug 1251233SUSE bug 1251247SUSE bug 1251268SUSE bug 1251269SUSE bug 1251270SUSE bug 1251282SUSE bug 1251283SUSE bug 1251286SUSE bug 1251290SUSE bug 1251319SUSE bug 1251321SUSE bug 1251323SUSE bug 1251328SUSE bug 1251529SUSE bug 1251721SUSE bug 1251732SUSE bug 1251742SUSE bug 1251743SUSE bug 1251746SUSE bug 1251748SUSE bug 1251749SUSE bug 1251750SUSE bug 1251754SUSE bug 1251755SUSE bug 1251756SUSE bug 1251758SUSE bug 1251759SUSE bug 1251760SUSE bug 1251762SUSE bug 1251763SUSE bug 1251764SUSE bug 1251769SUSE bug 1251771SUSE bug 1251772SUSE bug 1251777SUSE bug 1251780SUSE bug 1251804SUSE bug 1251810SUSE bug 1251930SUSE bug 1251967SUSE bug 1252033SUSE bug 1252035SUSE bug 1252039SUSE bug 1252044SUSE bug 1252047SUSE bug 1252051SUSE bug 1252052SUSE bug 1252056SUSE bug 1252060SUSE bug 1252062SUSE bug 1252064SUSE bug 1252065SUSE bug 1252069SUSE bug 1252070SUSE bug 1252072SUSE bug 1252074SUSE bug 1252075SUSE bug 1252078SUSE bug 1252079SUSE bug 1252082SUSE bug 1252083SUSE bug 1252265SUSE bug 1252269SUSE bug 1252332SUSE bug 1252336SUSE bug 1252346SUSE bug 1252348SUSE bug 1252349SUSE bug 1252364SUSE bug 1252479SUSE bug 1252481SUSE bug 1252489SUSE bug 1252490SUSE bug 1252492SUSE bug 1252495SUSE bug 1252496SUSE bug 1252499SUSE bug 1252534SUSE bug 1252536SUSE bug 1252537SUSE bug 1252550SUSE bug 1252553SUSE bug 1252559SUSE bug 1252561SUSE bug 1252564SUSE bug 1252565SUSE bug 1252566SUSE bug 1252632SUSE bug 1252668SUSE bug 1252678SUSE bug 1252679SUSE bug 1252685SUSE bug 1252688SUSE bug 1252772SUSE bug 1252774SUSE bug 1252775SUSE bug 1252785SUSE bug 1252787SUSE bug 1252789SUSE bug 1252797SUSE bug 1252822SUSE bug 1252826SUSE bug 1252841SUSE bug 1252848SUSE bug 1252849SUSE bug 1252850SUSE bug 1252851SUSE bug 1252854SUSE bug 1252858SUSE bug 1252865SUSE bug 1252866SUSE bug 1252873SUSE bug 1252902SUSE bug 1252904SUSE bug 1252909SUSE bug 1252918SUSE bug 1252939CVE-2023-53538 at SUSECVE-2023-53538 at NVDCVE-2023-53539 at SUSECVE-2023-53539 at NVDCVE-2023-53540 at SUSECVE-2023-53540 at NVDCVE-2023-53541 at SUSECVE-2023-53541 at NVDCVE-2023-53543 at SUSECVE-2023-53543 at NVDCVE-2023-53545 at SUSECVE-2023-53545 at NVDCVE-2023-53546 at SUSECVE-2023-53546 at NVDCVE-2023-53548 at SUSECVE-2023-53548 at NVDCVE-2023-53550 at SUSECVE-2023-53550 at NVDCVE-2023-53552 at SUSECVE-2023-53552 at NVDCVE-2023-53553 at SUSECVE-2023-53553 at NVDCVE-2023-53554 at SUSECVE-2023-53554 at NVDCVE-2023-53555 at SUSECVE-2023-53555 at NVDCVE-2023-53556 at SUSECVE-2023-53556 at NVDCVE-2023-53557 at SUSECVE-2023-53557 at NVDCVE-2023-53558 at SUSECVE-2023-53558 at NVDCVE-2023-53559 at SUSECVE-2023-53559 at NVDCVE-2023-53560 at SUSECVE-2023-53560 at NVDCVE-2023-53563 at SUSECVE-2023-53563 at NVDCVE-2023-53568 at SUSECVE-2023-53568 at NVDCVE-2023-53570 at SUSECVE-2023-53570 at NVDCVE-2023-53572 at SUSECVE-2023-53572 at NVDCVE-2023-53574 at SUSECVE-2023-53574 at NVDCVE-2023-53575 at SUSECVE-2023-53575 at NVDCVE-2023-53577 at SUSECVE-2023-53577 at NVDCVE-2023-53579 at SUSECVE-2023-53579 at NVDCVE-2023-53580 at SUSECVE-2023-53580 at NVDCVE-2023-53581 at SUSECVE-2023-53581 at NVDCVE-2023-53583 at SUSECVE-2023-53583 at NVDCVE-2023-53585 at SUSECVE-2023-53585 at NVDCVE-2023-53588 at SUSECVE-2023-53588 at NVDCVE-2023-53593 at SUSECVE-2023-53593 at NVDCVE-2023-53596 at SUSECVE-2023-53596 at NVDCVE-2023-53597 at SUSECVE-2023-53597 at NVDCVE-2023-53599 at SUSECVE-2023-53599 at NVDCVE-2023-53600 at SUSECVE-2023-53600 at NVDCVE-2023-53601 at SUSECVE-2023-53601 at NVDCVE-2023-53602 at SUSECVE-2023-53602 at NVDCVE-2023-53603 at SUSECVE-2023-53603 at NVDCVE-2023-53611 at SUSECVE-2023-53611 at NVDCVE-2023-53613 at SUSECVE-2023-53613 at NVDCVE-2023-53615 at SUSECVE-2023-53615 at NVDCVE-2023-53616 at SUSECVE-2023-53616 at NVDCVE-2023-53617 at SUSECVE-2023-53617 at NVDCVE-2023-53618 at SUSECVE-2023-53618 at NVDCVE-2023-53619 at SUSECVE-2023-53619 at NVDCVE-2023-53621 at SUSECVE-2023-53621 at NVDCVE-2023-53622 at SUSECVE-2023-53622 at NVDCVE-2023-53631 at SUSECVE-2023-53631 at NVDCVE-2023-53632 at SUSECVE-2023-53632 at NVDCVE-2023-53633 at SUSECVE-2023-53633 at NVDCVE-2023-53638 at SUSECVE-2023-53638 at NVDCVE-2023-53645 at SUSECVE-2023-53645 at NVDCVE-2023-53646 at SUSECVE-2023-53646 at NVDCVE-2023-53647 at SUSECVE-2023-53647 at NVDCVE-2023-53648 at SUSECVE-2023-53648 at NVDCVE-2023-53649 at SUSECVE-2023-53649 at NVDCVE-2023-53650 at SUSECVE-2023-53650 at NVDCVE-2023-53652 at SUSECVE-2023-53652 at NVDCVE-2023-53653 at SUSECVE-2023-53653 at NVDCVE-2023-53654 at SUSECVE-2023-53654 at NVDCVE-2023-53656 at SUSECVE-2023-53656 at NVDCVE-2023-53657 at SUSECVE-2023-53657 at NVDCVE-2023-53658 at SUSECVE-2023-53658 at NVDCVE-2023-53659 at SUSECVE-2023-53659 at NVDCVE-2023-53660 at SUSECVE-2023-53660 at NVDCVE-2023-53662 at SUSECVE-2023-53662 at NVDCVE-2023-53663 at SUSECVE-2023-53663 at NVDCVE-2023-53665 at SUSECVE-2023-53665 at NVDCVE-2023-53666 at SUSECVE-2023-53666 at NVDCVE-2023-53668 at SUSECVE-2023-53668 at NVDCVE-2023-53670 at SUSECVE-2023-53670 at NVDCVE-2023-53672 at SUSECVE-2023-53672 at NVDCVE-2023-53673 at SUSECVE-2023-53673 at NVDCVE-2023-53674 at SUSECVE-2023-53674 at NVDCVE-2023-53681 at SUSECVE-2023-53681 at NVDCVE-2023-53686 at SUSECVE-2023-53686 at NVDCVE-2023-53687 at SUSECVE-2023-53687 at NVDCVE-2023-53693 at SUSECVE-2023-53693 at NVDCVE-2023-53697 at SUSECVE-2023-53697 at NVDCVE-2023-53698 at SUSECVE-2023-53698 at NVDCVE-2023-53699 at SUSECVE-2023-53699 at NVDCVE-2023-53703 at SUSECVE-2023-53703 at NVDCVE-2023-53704 at SUSECVE-2023-53704 at NVDCVE-2023-53707 at SUSECVE-2023-53707 at NVDCVE-2023-53708 at SUSECVE-2023-53708 at NVDCVE-2023-53711 at SUSECVE-2023-53711 at NVDCVE-2023-53713 at SUSECVE-2023-53713 at NVDCVE-2023-53718 at SUSECVE-2023-53718 at NVDCVE-2023-53721 at SUSECVE-2023-53721 at NVDCVE-2023-53722 at SUSECVE-2023-53722 at NVDCVE-2023-53725 at SUSECVE-2023-53725 at NVDCVE-2023-53726 at SUSECVE-2023-53726 at NVDCVE-2023-53727 at SUSECVE-2023-53727 at NVDCVE-2023-53728 at SUSECVE-2023-53728 at NVDCVE-2023-53729 at SUSECVE-2023-53729 at NVDCVE-2023-53730 at SUSECVE-2023-53730 at NVDCVE-2023-53731 at SUSECVE-2023-53731 at NVDCVE-2023-53733 at SUSECVE-2023-53733 at NVDCVE-2025-38008 at SUSECVE-2025-38008 at NVDCVE-2025-38539 at SUSECVE-2025-38539 at NVDCVE-2025-38552 at SUSECVE-2025-38552 at NVDCVE-2025-38653 at SUSECVE-2025-38653 at NVDCVE-2025-38699 at SUSECVE-2025-38699 at NVDCVE-2025-38700 at SUSECVE-2025-38700 at NVDCVE-2025-38718 at SUSECVE-2025-38718 at NVDCVE-2025-39673 at SUSECVE-2025-39673 at NVDCVE-2025-39676 at SUSECVE-2025-39676 at NVDCVE-2025-39683 at SUSECVE-2025-39683 at NVDCVE-2025-39697 at SUSECVE-2025-39697 at NVDCVE-2025-39702 at SUSECVE-2025-39702 at NVDCVE-2025-39756 at SUSECVE-2025-39756 at NVDCVE-2025-39794 at SUSECVE-2025-39794 at NVDCVE-2025-39797 at SUSECVE-2025-39797 at NVDCVE-2025-39812 at SUSECVE-2025-39812 at NVDCVE-2025-39813 at SUSECVE-2025-39813 at NVDCVE-2025-39828 at SUSECVE-2025-39828 at NVDCVE-2025-39841 at SUSECVE-2025-39841 at NVDCVE-2025-39851 at SUSECVE-2025-39851 at NVDCVE-2025-39866 at SUSECVE-2025-39866 at NVDCVE-2025-39876 at SUSECVE-2025-39876 at NVDCVE-2025-39881 at SUSECVE-2025-39881 at NVDCVE-2025-39895 at SUSECVE-2025-39895 at NVDCVE-2025-39898 at SUSECVE-2025-39898 at NVDCVE-2025-39902 at SUSECVE-2025-39902 at NVDCVE-2025-39911 at SUSECVE-2025-39911 at NVDCVE-2025-39931 at SUSECVE-2025-39931 at NVDCVE-2025-39934 at SUSECVE-2025-39934 at NVDCVE-2025-39937 at SUSECVE-2025-39937 at NVDCVE-2025-39938 at SUSECVE-2025-39938 at NVDCVE-2025-39945 at SUSECVE-2025-39945 at NVDCVE-2025-39946 at SUSECVE-2025-39946 at NVDCVE-2025-39947 at SUSECVE-2025-39947 at NVDCVE-2025-39948 at SUSECVE-2025-39948 at NVDCVE-2025-39949 at SUSECVE-2025-39949 at NVDCVE-2025-39952 at SUSECVE-2025-39952 at NVDCVE-2025-39955 at SUSECVE-2025-39955 at NVDCVE-2025-39957 at SUSECVE-2025-39957 at NVDCVE-2025-39965 at SUSECVE-2025-39965 at NVDCVE-2025-39967 at SUSECVE-2025-39967 at NVDCVE-2025-39968 at SUSECVE-2025-39968 at NVDCVE-2025-39969 at SUSECVE-2025-39969 at NVDCVE-2025-39970 at SUSECVE-2025-39970 at NVDCVE-2025-39971 at SUSECVE-2025-39971 at NVDCVE-2025-39972 at SUSECVE-2025-39972 at NVDCVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-39978 at SUSECVE-2025-39978 at NVDCVE-2025-39981 at SUSECVE-2025-39981 at NVDCVE-2025-39982 at SUSECVE-2025-39982 at NVDCVE-2025-39985 at SUSECVE-2025-39985 at NVDCVE-2025-39986 at SUSECVE-2025-39986 at NVDCVE-2025-39987 at SUSECVE-2025-39987 at NVDCVE-2025-39988 at SUSECVE-2025-39988 at NVDCVE-2025-39991 at SUSECVE-2025-39991 at NVDCVE-2025-39993 at SUSECVE-2025-39993 at NVDCVE-2025-39994 at SUSECVE-2025-39994 at NVDCVE-2025-39995 at SUSECVE-2025-39995 at NVDCVE-2025-39996 at SUSECVE-2025-39996 at NVDCVE-2025-39997 at SUSECVE-2025-39997 at NVDCVE-2025-40000 at SUSECVE-2025-40000 at NVDCVE-2025-40005 at SUSECVE-2025-40005 at NVDCVE-2025-40010 at SUSECVE-2025-40010 at NVDCVE-2025-40011 at SUSECVE-2025-40011 at NVDCVE-2025-40013 at SUSECVE-2025-40013 at NVDCVE-2025-40016 at SUSECVE-2025-40016 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40019 at SUSECVE-2025-40019 at NVDCVE-2025-40020 at SUSECVE-2025-40020 at NVDCVE-2025-40029 at SUSECVE-2025-40029 at NVDCVE-2025-40032 at SUSECVE-2025-40032 at NVDCVE-2025-40035 at SUSECVE-2025-40035 at NVDCVE-2025-40036 at SUSECVE-2025-40036 at NVDCVE-2025-40043 at SUSECVE-2025-40043 at NVDCVE-2025-40044 at SUSECVE-2025-40044 at NVDCVE-2025-40049 at SUSECVE-2025-40049 at NVDCVE-2025-40051 at SUSECVE-2025-40051 at NVDCVE-2025-40052 at SUSECVE-2025-40052 at NVDCVE-2025-40056 at SUSECVE-2025-40056 at NVDCVE-2025-40058 at SUSECVE-2025-40058 at NVDCVE-2025-40060 at SUSECVE-2025-40060 at NVDCVE-2025-40061 at SUSECVE-2025-40061 at NVDCVE-2025-40062 at SUSECVE-2025-40062 at NVDCVE-2025-40071 at SUSECVE-2025-40071 at NVDCVE-2025-40078 at SUSECVE-2025-40078 at NVDCVE-2025-40080 at SUSECVE-2025-40080 at NVDCVE-2025-40082 at SUSECVE-2025-40082 at NVDCVE-2025-40085 at SUSECVE-2025-40085 at NVDCVE-2025-40087 at SUSECVE-2025-40087 at NVDCVE-2025-40088 at SUSECVE-2025-40088 at NVDCVE-2025-40096 at SUSECVE-2025-40096 at NVDCVE-2025-40100 at SUSECVE-2025-40100 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1245778SUSE bug 1248672SUSE bug 1249537CVE-2024-53141 at SUSECVE-2024-53141 at NVDCVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for nvidia-open-driver-G06-signed (Important)SUSE Linux Micro 6.1
This update for nvidia-open-driver-G06-signed fixes the following issues:
Update CUDA variant to 570.133.20
Update non-CUDA variant to 570.144 (bsc#1241231)
Update non-CUDA variant to 570.133.07 (bsc#1239653)
- removed obsolete kernel-firmware-nvidia-gspx-G06-cuda; firmware
has moved to nvidia-common-G06 and
kernel-firmware-nvidia-gspx-G06 is no longer available either
(bsc#1239139)
Update CUDA variant to 570.124.06
Update non-CUDA variant to 570.124.04 (bsc#1237585)
Update non-CUDA variant to 570.124.02 (bsc#1237585)
In the module install path revert the order of the 'updates'
subdirectory and the package name & version. This satisfies
the kmp dependency checker (bsc#1237308).
update non-CUDA variant to 570.86.16 (bsc#1236658)
Update to 565.77
- non-CUDA variant:
* get rid of modprobe.d and dracut.d files and udev magic;
instead require nvidia-common-G06
* Supplements: switch to really supported devices; not only the
initially supported ones without graphical output
update non-CUDA and CUDA variant to 570.86.15
- preamble: let -cuda KMP conflict with no-cuda variants < 550.135
(bsc#1236191)
Update to 550.144.03 (bsc#1235461, bsc#1235871)
* fixes CVE-2024-0131, CVE-2024-0147, CVE-2024-0149, CVE-2024-0150, CVE-2024-53869
ImportantSUSE bug 1235461SUSE bug 1235871SUSE bug 1236191SUSE bug 1236658SUSE bug 1236746SUSE bug 1237308SUSE bug 1237585SUSE bug 1239139SUSE bug 1239653SUSE bug 1241231CVE-2024-0131 at SUSECVE-2024-0131 at NVDCVE-2024-0147 at SUSECVE-2024-0147 at NVDCVE-2024-0149 at SUSECVE-2024-0149 at NVDCVE-2024-0150 at SUSECVE-2024-0150 at NVDCVE-2024-53869 at SUSECVE-2024-53869 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1248672SUSE bug 1249537CVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1248672SUSE bug 1249537CVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1248672SUSE bug 1249537CVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_11 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_12 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_12 fixes the following issues:
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1249537CVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1245778SUSE bug 1248672SUSE bug 1249537CVE-2024-53141 at SUSECVE-2024-53141 at NVDCVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075).
- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).
- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).
- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).
- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).
- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).
- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378).
- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).
- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).
- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).
The following non-security bugs were fixed:
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).
- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).
- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).
- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).
- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).
- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).
- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).
- ASoC: fsl_audmix: register card device depends on 'dais' property (stable-fixes).
- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).
- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).
- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).
- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).
- Bluetooth: hci_uart: fix race during initialization (stable-fixes).
- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).
- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).
- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).
- Drop PCI patch that caused a regression (bsc#1241123)
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)
- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)
- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)
- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)
- Revert "drivers: core: synchronize really_probe() and dev_uevent()" (stable-fixes).
- Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates" (git-fixes).
- Revert "tcp: Fix bind() regression for v6-only wildcard and"
- Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- USB: wdm: add annotation (git-fixes).
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).
- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).
- asus-laptop: Fix an uninitialized variable (git-fixes).
- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- badblocks: Fix error shitf ops (git-fixes).
- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).
- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).
- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).
- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).
- badblocks: return error if any badblock set fails (git-fixes).
- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).
- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).
- block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes).
- block: fix conversion of GPT partition name to 7-bit (git-fixes).
- block: fix resource leak in blk_register_queue() error path (git-fixes).
- block: integrity: Do not call set_page_dirty_lock() (git-fixes).
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).
- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).
- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).
- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).
- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).
- bpf: add find_containing_subprog() utility function (bsc#1241590).
- bpf: check changes_pkt_data property for extension programs (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).
- bpf: track changes_pkt_data property for global functions (bsc#1241590).
- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).
- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).
- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).
- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).
- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).
- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).
- char: misc: register chrdev region with all possible minors (git-fixes).
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).
- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).
- dm-bufio: do not schedule in atomic context (git-fixes).
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- dm-integrity: set ti->error on memory allocation failure (git-fixes).
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- dm: always update the array size in realloc_argv on success (git-fixes).
- dm: fix copying after src array boundaries (git-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).
- drivers: base: devres: Allow to release group on device release (stable-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).
- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).
- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).
- drm/amdkfd: clamp queue size to minimum (stable-fixes).
- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).
- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).
- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).
- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).
- drm/i915: Disable RPG during live selftest (git-fixes).
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).
- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/tests: Add helper to create mock crtc (stable-fixes).
- drm/tests: Add helper to create mock plane (stable-fixes).
- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).
- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: helpers: Add atomic helpers (stable-fixes).
- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).
- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).
- drm/tests: helpers: Fix compiler warning (git-fixes).
- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).
- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).
- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).
- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).
- e1000e: change k1 configuration on MTP and later platforms (git-fixes).
- eth: bnxt: fix missing ring index trim on error path (git-fixes).
- ethtool: Fix context creation with no parameters (git-fixes).
- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).
- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).
- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).
- ethtool: fix setting key and resetting indir at once (git-fixes).
- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).
- ethtool: netlink: do not return SQI value if link is down (git-fixes).
- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).
- ethtool: rss: echo the context number back (git-fixes).
- exfat: do not fallback to buffered write (git-fixes).
- exfat: drop ->i_size_ondisk (git-fixes).
- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).
- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).
- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).
- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).
- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).
- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).
- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).
- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).
- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).
- fbdev: omapfb: Add 'plane' value check (stable-fixes).
- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).
- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).
- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).
- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).
- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).
- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).
- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).
- gve: handle overflow when reporting TX consumed descriptors (git-fixes).
- gve: set xdp redirect target only when it is available (git-fixes).
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- ice: Add check for devm_kzalloc() (git-fixes).
- ice: fix reservation of resources for RDMA when disabled (git-fixes).
- ice: stop truncating queue ids when checking (git-fixes).
- idpf: check error for register_netdev() on init (git-fixes).
- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).
- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).
- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).
- igc: cleanup PTP module if probe fails (git-fixes).
- igc: fix PTM cycle trigger logic (git-fixes).
- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).
- igc: increase wait time before retrying PTM (git-fixes).
- igc: move ktime snapshot into PTM retry loop (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).
- ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git-fixes).
- irqchip/davinci: Remove leftover header (git-fixes).
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).
- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).
- jbd2: increase IO priority for writing revoke records (bsc#1242332).
- jbd2: increase the journal IO's priority (bsc#1242537).
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).
- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).
- jfs: add sanity check for agwidth in dbMount (git-fixes).
- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- kABI workaround for powercap update (bsc#1241010).
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).
- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).
- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).
- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).
- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).
- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212)
- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).
- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).
- mm/readahead: fix large folio support in async readahead (bsc#1242321).
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).
- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).
- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).
- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).
- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).
- net/mlx5: IRQ, Fix null string in debug print (git-fixes).
- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).
- net/mlx5: Start health poll after enable hca (git-fixes).
- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).
- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).
- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).
- net/tcp: refactor tcp_inet6_sk() (git-fixes).
- net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes).
- net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes).
- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).
- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).
- net: ethtool: Fix RSS setting (git-fixes).
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- net: mana: Switch to page pool for jumbo frames (git-fixes).
- net: mark racy access on sk->sk_rcvbuf (git-fixes).
- net: phy: leds: fix memory leak (git-fixes).
- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).
- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).
- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).
- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).
- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).
- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).
- nfs: add missing selections of CONFIG_CRC32 (git-fixes).
- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).
- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).
- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).
- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).
- nvmet-fcloop: swap list_add_tail arguments (git-fixes).
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).
- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).
- powerpc/boot: Check for ld-option support (bsc#1215199).
- powerpc/boot: Fix dash warning (bsc#1215199).
- powerpc: Do not use --- in kernel logs (git-fixes).
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).
- pwm: rcar: Improve register calculation (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).
- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).
- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes).
- scsi: mpi3mr: Fix locking in an error path (git-fixes).
- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).
- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).
- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).
- sctp: Fix undefined behavior in left shift operation (git-fixes).
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).
- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).
- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).
- sctp: fix busy polling (git-fixes).
- sctp: prefer struct_size over open coded arithmetic (git-fixes).
- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).
- selftests/bpf: Add a few tests to cover (git-fixes).
- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).
- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).
- selftests/bpf: test for changing packet data from global functions (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).
- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).
- serial: msm: Configure correct working mode before starting earlycon (git-fixes).
- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).
- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).
- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).
- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).
- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).
- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).
- tools/hv: update route parsing in kvp daemon (git-fixes).
- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).
- tools/power turbostat: report CoreThr per measurement interval (git-fixes).
- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).
- ublk: set_params: properly check if parameters can be applied (git-fixes).
- udf: Fix inode_getblk() return value (bsc#1242313).
- udf: Skip parent dir link count update if corrupted (bsc#1242315).
- udf: Verify inode link counts before performing rename (bsc#1242314).
- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).
- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).
- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).
- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).
- virtchnl: make proto and filter action count unsigned (git-fixes).
- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).
- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).
- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).
- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes).
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).
- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
- x86/bugs: Add RSB mitigation document (git-fixes).
- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).
- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).
- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).
- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).
- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).
- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).
- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).
- x86/microcode/intel: Set new revision only after a successful update (git-fixes).
- x86/microcode: Remove the driver announcement and version (git-fixes).
- x86/microcode: Rework early revisions reporting (git-fixes).
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).
- xfs: flush inodegc before swapon (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).
ImportantSUSE bug 1215199SUSE bug 1223809SUSE bug 1224013SUSE bug 1224597SUSE bug 1224757SUSE bug 1228659SUSE bug 1230764SUSE bug 1231103SUSE bug 1232493SUSE bug 1233075SUSE bug 1233098SUSE bug 1235501SUSE bug 1235526SUSE bug 1236086SUSE bug 1236704SUSE bug 1237111SUSE bug 1238212SUSE bug 1238471SUSE bug 1238527SUSE bug 1238714SUSE bug 1238737SUSE bug 1238742SUSE bug 1238745SUSE bug 1238862SUSE bug 1238961SUSE bug 1238983SUSE bug 1239079SUSE bug 1239108SUSE bug 1239470SUSE bug 1239476SUSE bug 1239487SUSE bug 1239510SUSE bug 1239997SUSE bug 1240181SUSE bug 1240557SUSE bug 1240576SUSE bug 1240655SUSE bug 1240709SUSE bug 1240712SUSE bug 1240713SUSE bug 1240717SUSE bug 1240740SUSE bug 1240785SUSE bug 1240802SUSE bug 1240809SUSE bug 1240811SUSE bug 1240835SUSE bug 1240934SUSE bug 1240936SUSE bug 1240944SUSE bug 1241010SUSE bug 1241038SUSE bug 1241051SUSE bug 1241123SUSE bug 1241151SUSE bug 1241167SUSE bug 1241175SUSE bug 1241204SUSE bug 1241250SUSE bug 1241265SUSE bug 1241266SUSE bug 1241280SUSE bug 1241332SUSE bug 1241333SUSE bug 1241341SUSE bug 1241343SUSE bug 1241344SUSE bug 1241347SUSE bug 1241357SUSE bug 1241361SUSE bug 1241369SUSE bug 1241371SUSE bug 1241373SUSE bug 1241378SUSE bug 1241394SUSE bug 1241402SUSE bug 1241412SUSE bug 1241413SUSE bug 1241416SUSE bug 1241424SUSE bug 1241426SUSE bug 1241433SUSE bug 1241436SUSE bug 1241441SUSE bug 1241442SUSE bug 1241443SUSE bug 1241451SUSE bug 1241452SUSE bug 1241456SUSE bug 1241458SUSE bug 1241459SUSE bug 1241526SUSE bug 1241528SUSE bug 1241537SUSE bug 1241541SUSE bug 1241545SUSE bug 1241547SUSE bug 1241548SUSE bug 1241550SUSE bug 1241573SUSE bug 1241574SUSE bug 1241575SUSE bug 1241578SUSE bug 1241590SUSE bug 1241593SUSE bug 1241598SUSE bug 1241599SUSE bug 1241601SUSE bug 1241626SUSE bug 1241640SUSE bug 1241648SUSE bug 1242006SUSE bug 1242044SUSE bug 1242172SUSE bug 1242283SUSE bug 1242307SUSE bug 1242313SUSE bug 1242314SUSE bug 1242315SUSE bug 1242321SUSE bug 1242326SUSE bug 1242327SUSE bug 1242328SUSE bug 1242332SUSE bug 1242333SUSE bug 1242335SUSE bug 1242336SUSE bug 1242342SUSE bug 1242343SUSE bug 1242344SUSE bug 1242345SUSE bug 1242346SUSE bug 1242347SUSE bug 1242348SUSE bug 1242414SUSE bug 1242526SUSE bug 1242528SUSE bug 1242534SUSE bug 1242535SUSE bug 1242536SUSE bug 1242537SUSE bug 1242538SUSE bug 1242539SUSE bug 1242540SUSE bug 1242546SUSE bug 1242556SUSE bug 1242596SUSE bug 1242710SUSE bug 1242778SUSE bug 1242831SUSE bug 1242985CVE-2023-53034 at SUSECVE-2023-53034 at NVDCVE-2024-27018 at SUSECVE-2024-27018 at NVDCVE-2024-27415 at SUSECVE-2024-27415 at NVDCVE-2024-28956 at SUSECVE-2024-28956 at NVDCVE-2024-35840 at SUSECVE-2024-35840 at NVDCVE-2024-46763 at SUSECVE-2024-46763 at NVDCVE-2024-46865 at SUSECVE-2024-46865 at NVDCVE-2024-50083 at SUSECVE-2024-50083 at NVDCVE-2024-50162 at SUSECVE-2024-50162 at NVDCVE-2024-50163 at SUSECVE-2024-50163 at NVDCVE-2024-56641 at SUSECVE-2024-56641 at NVDCVE-2024-56702 at SUSECVE-2024-56702 at NVDCVE-2024-57924 at SUSECVE-2024-57924 at NVDCVE-2024-57998 at SUSECVE-2024-57998 at NVDCVE-2024-58001 at SUSECVE-2024-58001 at NVDCVE-2024-58068 at SUSECVE-2024-58068 at NVDCVE-2024-58070 at SUSECVE-2024-58070 at NVDCVE-2024-58088 at SUSECVE-2024-58088 at NVDCVE-2024-58093 at SUSECVE-2024-58093 at NVDCVE-2024-58094 at SUSECVE-2024-58094 at NVDCVE-2024-58095 at SUSECVE-2024-58095 at NVDCVE-2024-58096 at SUSECVE-2024-58096 at NVDCVE-2024-58097 at SUSECVE-2024-58097 at NVDCVE-2025-21683 at SUSECVE-2025-21683 at NVDCVE-2025-21696 at SUSECVE-2025-21696 at NVDCVE-2025-21707 at SUSECVE-2025-21707 at NVDCVE-2025-21758 at SUSECVE-2025-21758 at NVDCVE-2025-21768 at SUSECVE-2025-21768 at NVDCVE-2025-21792 at SUSECVE-2025-21792 at NVDCVE-2025-21808 at SUSECVE-2025-21808 at NVDCVE-2025-21812 at SUSECVE-2025-21812 at NVDCVE-2025-21833 at SUSECVE-2025-21833 at NVDCVE-2025-21852 at SUSECVE-2025-21852 at NVDCVE-2025-21853 at SUSECVE-2025-21853 at NVDCVE-2025-21854 at SUSECVE-2025-21854 at NVDCVE-2025-21867 at SUSECVE-2025-21867 at NVDCVE-2025-21904 at SUSECVE-2025-21904 at NVDCVE-2025-21925 at SUSECVE-2025-21925 at NVDCVE-2025-21926 at SUSECVE-2025-21926 at NVDCVE-2025-21931 at SUSECVE-2025-21931 at NVDCVE-2025-21962 at SUSECVE-2025-21962 at NVDCVE-2025-21963 at SUSECVE-2025-21963 at NVDCVE-2025-21964 at SUSECVE-2025-21964 at NVDCVE-2025-21980 at SUSECVE-2025-21980 at NVDCVE-2025-21985 at SUSECVE-2025-21985 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-22004 at SUSECVE-2025-22004 at NVDCVE-2025-22015 at SUSECVE-2025-22015 at NVDCVE-2025-22016 at SUSECVE-2025-22016 at NVDCVE-2025-22017 at SUSECVE-2025-22017 at NVDCVE-2025-22018 at SUSECVE-2025-22018 at NVDCVE-2025-22020 at SUSECVE-2025-22020 at NVDCVE-2025-22025 at SUSECVE-2025-22025 at NVDCVE-2025-22027 at SUSECVE-2025-22027 at NVDCVE-2025-22029 at SUSECVE-2025-22029 at NVDCVE-2025-22033 at SUSECVE-2025-22033 at NVDCVE-2025-22036 at SUSECVE-2025-22036 at NVDCVE-2025-22044 at SUSECVE-2025-22044 at NVDCVE-2025-22045 at SUSECVE-2025-22045 at NVDCVE-2025-22050 at SUSECVE-2025-22050 at NVDCVE-2025-22053 at SUSECVE-2025-22053 at NVDCVE-2025-22055 at SUSECVE-2025-22055 at NVDCVE-2025-22058 at SUSECVE-2025-22058 at NVDCVE-2025-22060 at SUSECVE-2025-22060 at NVDCVE-2025-22062 at SUSECVE-2025-22062 at NVDCVE-2025-22064 at SUSECVE-2025-22064 at NVDCVE-2025-22065 at SUSECVE-2025-22065 at NVDCVE-2025-22075 at SUSECVE-2025-22075 at NVDCVE-2025-22080 at SUSECVE-2025-22080 at NVDCVE-2025-22086 at SUSECVE-2025-22086 at NVDCVE-2025-22088 at SUSECVE-2025-22088 at NVDCVE-2025-22090 at SUSECVE-2025-22090 at NVDCVE-2025-22093 at SUSECVE-2025-22093 at NVDCVE-2025-22097 at SUSECVE-2025-22097 at NVDCVE-2025-22102 at SUSECVE-2025-22102 at NVDCVE-2025-22104 at SUSECVE-2025-22104 at NVDCVE-2025-22105 at SUSECVE-2025-22105 at NVDCVE-2025-22106 at SUSECVE-2025-22106 at NVDCVE-2025-22107 at SUSECVE-2025-22107 at NVDCVE-2025-22108 at SUSECVE-2025-22108 at NVDCVE-2025-22109 at SUSECVE-2025-22109 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDCVE-2025-22116 at SUSECVE-2025-22116 at NVDCVE-2025-22121 at SUSECVE-2025-22121 at NVDCVE-2025-22128 at SUSECVE-2025-22128 at NVDCVE-2025-23129 at SUSECVE-2025-23129 at NVDCVE-2025-23131 at SUSECVE-2025-23131 at NVDCVE-2025-23133 at SUSECVE-2025-23133 at NVDCVE-2025-23136 at SUSECVE-2025-23136 at NVDCVE-2025-23138 at SUSECVE-2025-23138 at NVDCVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-37785 at SUSECVE-2025-37785 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37799 at SUSECVE-2025-37799 at NVDCVE-2025-37860 at SUSECVE-2025-37860 at NVDCVE-2025-39728 at SUSECVE-2025-39728 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1248672SUSE bug 1249537CVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1242882SUSE bug 1248672SUSE bug 1249537CVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_10 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_10 fixes the following issues:
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1248672SUSE bug 1249537CVE-2025-38500 at SUSECVE-2025-38500 at NVDCVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_11 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_11 fixes the following issues:
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1249537CVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_12 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_12 fixes the following issues:
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
ImportantSUSE bug 1249537CVE-2025-38616 at SUSECVE-2025-38616 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075).
- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).
- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).
- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).
- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).
- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).
- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378).
- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).
- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).
- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).
The following non-security bugs were fixed:
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).
- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).
- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).
- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).
- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).
- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).
- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).
- ASoC: fsl_audmix: register card device depends on 'dais' property (stable-fixes).
- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).
- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).
- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).
- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).
- Bluetooth: hci_uart: fix race during initialization (stable-fixes).
- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).
- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).
- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).
- Correct the upsteram version numbers in the previous patches
- Drop PCI patch that caused a regression (bsc#1241123)
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- Move upstreamed smb patch into sorted section Also move other out-of-tree patches into the proper section
- Move upstreamed sound patch into sorted section
- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)
- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)
- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)
- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)
- Revert "drivers: core: synchronize really_probe() and dev_uevent()" (stable-fixes).
- Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates" (git-fixes).
- Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- USB: wdm: add annotation (git-fixes).
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).
- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).
- asus-laptop: Fix an uninitialized variable (git-fixes).
- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- badblocks: Fix error shitf ops (git-fixes).
- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).
- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).
- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).
- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).
- badblocks: return error if any badblock set fails (git-fixes).
- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).
- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).
- block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes).
- block: fix conversion of GPT partition name to 7-bit (git-fixes).
- block: fix resource leak in blk_register_queue() error path (git-fixes).
- block: integrity: Do not call set_page_dirty_lock() (git-fixes).
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).
- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).
- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).
- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).
- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).
- bpf: add find_containing_subprog() utility function (bsc#1241590).
- bpf: check changes_pkt_data property for extension programs (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).
- bpf: track changes_pkt_data property for global functions (bsc#1241590).
- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).
- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).
- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).
- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).
- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).
- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).
- char: misc: register chrdev region with all possible minors (git-fixes).
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).
- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).
- dm-bufio: do not schedule in atomic context (git-fixes).
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- dm-integrity: set ti->error on memory allocation failure (git-fixes).
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- dm: always update the array size in realloc_argv on success (git-fixes).
- dm: fix copying after src array boundaries (git-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).
- drivers: base: devres: Allow to release group on device release (stable-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).
- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).
- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).
- drm/amdkfd: clamp queue size to minimum (stable-fixes).
- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).
- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).
- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).
- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).
- drm/i915: Disable RPG during live selftest (git-fixes).
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).
- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/tests: Add helper to create mock crtc (stable-fixes).
- drm/tests: Add helper to create mock plane (stable-fixes).
- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).
- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: helpers: Add atomic helpers (stable-fixes).
- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).
- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).
- drm/tests: helpers: Fix compiler warning (git-fixes).
- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).
- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).
- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).
- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).
- e1000e: change k1 configuration on MTP and later platforms (git-fixes).
- eth: bnxt: fix missing ring index trim on error path (git-fixes).
- ethtool: Fix context creation with no parameters (git-fixes).
- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).
- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).
- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).
- ethtool: fix setting key and resetting indir at once (git-fixes).
- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).
- ethtool: netlink: do not return SQI value if link is down (git-fixes).
- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).
- ethtool: rss: echo the context number back (git-fixes).
- exfat: do not fallback to buffered write (git-fixes).
- exfat: drop ->i_size_ondisk (git-fixes).
- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).
- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).
- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).
- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).
- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).
- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).
- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).
- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).
- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).
- fbdev: omapfb: Add 'plane' value check (stable-fixes).
- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).
- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).
- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).
- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).
- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).
- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).
- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).
- gve: handle overflow when reporting TX consumed descriptors (git-fixes).
- gve: set xdp redirect target only when it is available (git-fixes).
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- ice: Add check for devm_kzalloc() (git-fixes).
- ice: fix reservation of resources for RDMA when disabled (git-fixes).
- ice: stop truncating queue ids when checking (git-fixes).
- idpf: check error for register_netdev() on init (git-fixes).
- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).
- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).
- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).
- igc: cleanup PTP module if probe fails (git-fixes).
- igc: fix PTM cycle trigger logic (git-fixes).
- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).
- igc: increase wait time before retrying PTM (git-fixes).
- igc: move ktime snapshot into PTM retry loop (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).
- ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git-fixes).
- irqchip/davinci: Remove leftover header (git-fixes).
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).
- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).
- jbd2: increase IO priority for writing revoke records (bsc#1242332).
- jbd2: increase the journal IO's priority (bsc#1242537).
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).
- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).
- jfs: add sanity check for agwidth in dbMount (git-fixes).
- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- kABI workaround for powercap update (bsc#1241010).
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).
- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).
- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).
- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).
- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).
- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212)
- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).
- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).
- mm/readahead: fix large folio support in async readahead (bsc#1242321).
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).
- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).
- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).
- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).
- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).
- net/mlx5: IRQ, Fix null string in debug print (git-fixes).
- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).
- net/mlx5: Start health poll after enable hca (git-fixes).
- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).
- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).
- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).
- net/tcp: refactor tcp_inet6_sk() (git-fixes).
- net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes).
- net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes).
- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).
- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).
- net: ethtool: Fix RSS setting (git-fixes).
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- net: mana: Switch to page pool for jumbo frames (git-fixes).
- net: mark racy access on sk->sk_rcvbuf (git-fixes).
- net: phy: leds: fix memory leak (git-fixes).
- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).
- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).
- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).
- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).
- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).
- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).
- nfs: add missing selections of CONFIG_CRC32 (git-fixes).
- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).
- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).
- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).
- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).
- nvmet-fcloop: swap list_add_tail arguments (git-fixes).
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).
- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).
- powerpc/boot: Check for ld-option support (bsc#1215199).
- powerpc/boot: Fix dash warning (bsc#1215199).
- powerpc: Do not use --- in kernel logs (git-fixes).
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).
- pwm: rcar: Improve register calculation (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).
- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).
- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes).
- scsi: mpi3mr: Fix locking in an error path (git-fixes).
- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).
- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).
- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).
- sctp: Fix undefined behavior in left shift operation (git-fixes).
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).
- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).
- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).
- sctp: fix busy polling (git-fixes).
- sctp: prefer struct_size over open coded arithmetic (git-fixes).
- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).
- selftests/bpf: Add a few tests to cover (git-fixes).
- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).
- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).
- selftests/bpf: test for changing packet data from global functions (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).
- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).
- serial: msm: Configure correct working mode before starting earlycon (git-fixes).
- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).
- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).
- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).
- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).
- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).
- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).
- tools/hv: update route parsing in kvp daemon (git-fixes).
- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).
- tools/power turbostat: report CoreThr per measurement interval (git-fixes).
- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).
- ublk: set_params: properly check if parameters can be applied (git-fixes).
- udf: Fix inode_getblk() return value (bsc#1242313).
- udf: Skip parent dir link count update if corrupted (bsc#1242315).
- udf: Verify inode link counts before performing rename (bsc#1242314).
- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).
- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).
- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).
- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).
- virtchnl: make proto and filter action count unsigned (git-fixes).
- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).
- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).
- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).
- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes).
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).
- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
- x86/bugs: Add RSB mitigation document (git-fixes).
- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).
- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).
- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).
- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).
- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).
- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).
- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).
- x86/microcode/intel: Set new revision only after a successful update (git-fixes).
- x86/microcode: Remove the driver announcement and version (git-fixes).
- x86/microcode: Rework early revisions reporting (git-fixes).
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(),
on non-FSRM/ERMS CPUs (git-fixes).
- xfs: flush inodegc before swapon (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).
ImportantSUSE bug 1215199SUSE bug 1223809SUSE bug 1224013SUSE bug 1224597SUSE bug 1224757SUSE bug 1228659SUSE bug 1230764SUSE bug 1231103SUSE bug 1232493SUSE bug 1233075SUSE bug 1233098SUSE bug 1235501SUSE bug 1235526SUSE bug 1236086SUSE bug 1236704SUSE bug 1237111SUSE bug 1238212SUSE bug 1238471SUSE bug 1238527SUSE bug 1238714SUSE bug 1238737SUSE bug 1238742SUSE bug 1238745SUSE bug 1238862SUSE bug 1238961SUSE bug 1238983SUSE bug 1239079SUSE bug 1239108SUSE bug 1239470SUSE bug 1239476SUSE bug 1239487SUSE bug 1239510SUSE bug 1239997SUSE bug 1240181SUSE bug 1240557SUSE bug 1240576SUSE bug 1240655SUSE bug 1240709SUSE bug 1240712SUSE bug 1240713SUSE bug 1240717SUSE bug 1240740SUSE bug 1240785SUSE bug 1240802SUSE bug 1240809SUSE bug 1240811SUSE bug 1240835SUSE bug 1240934SUSE bug 1240936SUSE bug 1240944SUSE bug 1241010SUSE bug 1241038SUSE bug 1241051SUSE bug 1241123SUSE bug 1241151SUSE bug 1241167SUSE bug 1241175SUSE bug 1241204SUSE bug 1241250SUSE bug 1241265SUSE bug 1241266SUSE bug 1241280SUSE bug 1241332SUSE bug 1241333SUSE bug 1241341SUSE bug 1241343SUSE bug 1241344SUSE bug 1241347SUSE bug 1241357SUSE bug 1241361SUSE bug 1241369SUSE bug 1241371SUSE bug 1241373SUSE bug 1241378SUSE bug 1241394SUSE bug 1241402SUSE bug 1241412SUSE bug 1241413SUSE bug 1241416SUSE bug 1241424SUSE bug 1241426SUSE bug 1241433SUSE bug 1241436SUSE bug 1241441SUSE bug 1241442SUSE bug 1241443SUSE bug 1241451SUSE bug 1241452SUSE bug 1241456SUSE bug 1241458SUSE bug 1241459SUSE bug 1241526SUSE bug 1241528SUSE bug 1241537SUSE bug 1241541SUSE bug 1241545SUSE bug 1241547SUSE bug 1241548SUSE bug 1241550SUSE bug 1241573SUSE bug 1241574SUSE bug 1241575SUSE bug 1241578SUSE bug 1241590SUSE bug 1241593SUSE bug 1241598SUSE bug 1241599SUSE bug 1241601SUSE bug 1241626SUSE bug 1241640SUSE bug 1241648SUSE bug 1242006SUSE bug 1242044SUSE bug 1242172SUSE bug 1242283SUSE bug 1242307SUSE bug 1242313SUSE bug 1242314SUSE bug 1242315SUSE bug 1242321SUSE bug 1242326SUSE bug 1242327SUSE bug 1242328SUSE bug 1242332SUSE bug 1242333SUSE bug 1242335SUSE bug 1242336SUSE bug 1242342SUSE bug 1242343SUSE bug 1242344SUSE bug 1242345SUSE bug 1242346SUSE bug 1242347SUSE bug 1242348SUSE bug 1242414SUSE bug 1242526SUSE bug 1242528SUSE bug 1242534SUSE bug 1242535SUSE bug 1242536SUSE bug 1242537SUSE bug 1242538SUSE bug 1242539SUSE bug 1242540SUSE bug 1242546SUSE bug 1242556SUSE bug 1242596SUSE bug 1242710SUSE bug 1242778SUSE bug 1242831SUSE bug 1242985CVE-2023-53034 at SUSECVE-2023-53034 at NVDCVE-2024-27018 at SUSECVE-2024-27018 at NVDCVE-2024-27415 at SUSECVE-2024-27415 at NVDCVE-2024-28956 at SUSECVE-2024-28956 at NVDCVE-2024-35840 at SUSECVE-2024-35840 at NVDCVE-2024-46763 at SUSECVE-2024-46763 at NVDCVE-2024-46865 at SUSECVE-2024-46865 at NVDCVE-2024-50083 at SUSECVE-2024-50083 at NVDCVE-2024-50162 at SUSECVE-2024-50162 at NVDCVE-2024-50163 at SUSECVE-2024-50163 at NVDCVE-2024-56641 at SUSECVE-2024-56641 at NVDCVE-2024-56702 at SUSECVE-2024-56702 at NVDCVE-2024-57924 at SUSECVE-2024-57924 at NVDCVE-2024-57998 at SUSECVE-2024-57998 at NVDCVE-2024-58001 at SUSECVE-2024-58001 at NVDCVE-2024-58068 at SUSECVE-2024-58068 at NVDCVE-2024-58070 at SUSECVE-2024-58070 at NVDCVE-2024-58088 at SUSECVE-2024-58088 at NVDCVE-2024-58093 at SUSECVE-2024-58093 at NVDCVE-2024-58094 at SUSECVE-2024-58094 at NVDCVE-2024-58095 at SUSECVE-2024-58095 at NVDCVE-2024-58096 at SUSECVE-2024-58096 at NVDCVE-2024-58097 at SUSECVE-2024-58097 at NVDCVE-2025-21683 at SUSECVE-2025-21683 at NVDCVE-2025-21696 at SUSECVE-2025-21696 at NVDCVE-2025-21707 at SUSECVE-2025-21707 at NVDCVE-2025-21758 at SUSECVE-2025-21758 at NVDCVE-2025-21768 at SUSECVE-2025-21768 at NVDCVE-2025-21792 at SUSECVE-2025-21792 at NVDCVE-2025-21808 at SUSECVE-2025-21808 at NVDCVE-2025-21812 at SUSECVE-2025-21812 at NVDCVE-2025-21833 at SUSECVE-2025-21833 at NVDCVE-2025-21852 at SUSECVE-2025-21852 at NVDCVE-2025-21853 at SUSECVE-2025-21853 at NVDCVE-2025-21854 at SUSECVE-2025-21854 at NVDCVE-2025-21867 at SUSECVE-2025-21867 at NVDCVE-2025-21904 at SUSECVE-2025-21904 at NVDCVE-2025-21925 at SUSECVE-2025-21925 at NVDCVE-2025-21926 at SUSECVE-2025-21926 at NVDCVE-2025-21931 at SUSECVE-2025-21931 at NVDCVE-2025-21962 at SUSECVE-2025-21962 at NVDCVE-2025-21963 at SUSECVE-2025-21963 at NVDCVE-2025-21964 at SUSECVE-2025-21964 at NVDCVE-2025-21980 at SUSECVE-2025-21980 at NVDCVE-2025-21985 at SUSECVE-2025-21985 at NVDCVE-2025-21999 at SUSECVE-2025-21999 at NVDCVE-2025-22004 at SUSECVE-2025-22004 at NVDCVE-2025-22015 at SUSECVE-2025-22015 at NVDCVE-2025-22016 at SUSECVE-2025-22016 at NVDCVE-2025-22017 at SUSECVE-2025-22017 at NVDCVE-2025-22018 at SUSECVE-2025-22018 at NVDCVE-2025-22020 at SUSECVE-2025-22020 at NVDCVE-2025-22025 at SUSECVE-2025-22025 at NVDCVE-2025-22027 at SUSECVE-2025-22027 at NVDCVE-2025-22029 at SUSECVE-2025-22029 at NVDCVE-2025-22033 at SUSECVE-2025-22033 at NVDCVE-2025-22036 at SUSECVE-2025-22036 at NVDCVE-2025-22044 at SUSECVE-2025-22044 at NVDCVE-2025-22045 at SUSECVE-2025-22045 at NVDCVE-2025-22050 at SUSECVE-2025-22050 at NVDCVE-2025-22053 at SUSECVE-2025-22053 at NVDCVE-2025-22055 at SUSECVE-2025-22055 at NVDCVE-2025-22058 at SUSECVE-2025-22058 at NVDCVE-2025-22060 at SUSECVE-2025-22060 at NVDCVE-2025-22062 at SUSECVE-2025-22062 at NVDCVE-2025-22064 at SUSECVE-2025-22064 at NVDCVE-2025-22065 at SUSECVE-2025-22065 at NVDCVE-2025-22075 at SUSECVE-2025-22075 at NVDCVE-2025-22080 at SUSECVE-2025-22080 at NVDCVE-2025-22086 at SUSECVE-2025-22086 at NVDCVE-2025-22088 at SUSECVE-2025-22088 at NVDCVE-2025-22090 at SUSECVE-2025-22090 at NVDCVE-2025-22093 at SUSECVE-2025-22093 at NVDCVE-2025-22097 at SUSECVE-2025-22097 at NVDCVE-2025-22102 at SUSECVE-2025-22102 at NVDCVE-2025-22104 at SUSECVE-2025-22104 at NVDCVE-2025-22105 at SUSECVE-2025-22105 at NVDCVE-2025-22106 at SUSECVE-2025-22106 at NVDCVE-2025-22107 at SUSECVE-2025-22107 at NVDCVE-2025-22108 at SUSECVE-2025-22108 at NVDCVE-2025-22109 at SUSECVE-2025-22109 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDCVE-2025-22116 at SUSECVE-2025-22116 at NVDCVE-2025-22121 at SUSECVE-2025-22121 at NVDCVE-2025-22128 at SUSECVE-2025-22128 at NVDCVE-2025-23129 at SUSECVE-2025-23129 at NVDCVE-2025-23131 at SUSECVE-2025-23131 at NVDCVE-2025-23133 at SUSECVE-2025-23133 at NVDCVE-2025-23136 at SUSECVE-2025-23136 at NVDCVE-2025-23138 at SUSECVE-2025-23138 at NVDCVE-2025-23145 at SUSECVE-2025-23145 at NVDCVE-2025-37785 at SUSECVE-2025-37785 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37799 at SUSECVE-2025-37799 at NVDCVE-2025-37860 at SUSECVE-2025-37860 at NVDCVE-2025-39728 at SUSECVE-2025-39728 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-50253: bpf: make sure skb->len != 0 when redirecting to a tunneling device (bsc#1249912).
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786).
- CVE-2025-21710: tcp: correct handling of extreme memory squeeze (bsc#1237888).
- CVE-2025-37916: pds_core: remove write-after-free of client_id (bsc#1243474).
- CVE-2025-38359: s390/mm: Fix in_atomic() handling in do_secure_storage_access() (bsc#1247076).
- CVE-2025-38361: drm/amd/display: Check dce_hwseq before dereferencing it (bsc#1247079).
- CVE-2025-39788: scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE (bsc#1249547).
- CVE-2025-39805: net: macb: fix unregister_netdev call order in macb_remove() (bsc#1249982).
- CVE-2025-39819: fs/smb: Fix inconsistent refcnt update (bsc#1250176).
- CVE-2025-39859: ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog (bsc#1250252).
- CVE-2025-39944: octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() (bsc#1251120).
- CVE-2025-39980: nexthop: Forbid FDB status change while nexthop is in a group (bsc#1252063).
- CVE-2025-40001: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (bsc#1252303).
- CVE-2025-40021: tracing: dynevent: Add a missing lockdown check on dynevent (bsc#1252681).
- CVE-2025-40027: net/9p: fix double req put in p9_fd_cancelled (bsc#1252763).
- CVE-2025-40030: pinctrl: check the return value of pinmux_ops::get_function_name() (bsc#1252773).
- CVE-2025-40038: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid (bsc#1252817).
- CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780).
- CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862).
- CVE-2025-40055: ocfs2: fix double free in user_cluster_connect() (bsc#1252821).
- CVE-2025-40059: coresight: Fix incorrect handling for return value of devm_kzalloc (bsc#1252809).
- CVE-2025-40064: smc: Fix use-after-free in __pnet_find_base_ndev() (bsc#1252845).
- CVE-2025-40070: pps: fix warning in pps_register_cdev when register device fail (bsc#1252836).
- CVE-2025-40074: net: dst_cache: annotate data-races around dst_cache->reset_ts (bsc#1252794).
- CVE-2025-40075: tcp_metrics: use dst_dev_net_rcu() (bsc#1252795).
- CVE-2025-40083: net/sched: sch_qfq: Fix null-deref in agg_dequeue (bsc#1252912).
- CVE-2025-40098: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (bsc#1252917).
- CVE-2025-40105: vfs: Don't leak disconnected dentries on umount (bsc#1252928).
- CVE-2025-40139: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (bsc#1253409).
- CVE-2025-40149: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (bsc#1253355).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253403).
- CVE-2025-40168: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (bsc#1253427).
- CVE-2025-40169: bpf: Reject negative offsets for ALU ops (bsc#1253416).
- CVE-2025-40173: net/ip6_tunnel: Prevent perpetual tunnel growth (bsc#1253421).
- CVE-2025-40176: tls: wait for pending async decryptions if tls_strp_msg_hold fails (bsc#1253425).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).
- CVE-2025-40206: Add missing bugzilla reference to net fix (bsc#1250237 bsc#1253393).
The following non-security bugs were fixed:
- ACPI: CPPC: Check _CPC validity for only the online CPUs (git-fixes).
- ACPI: CPPC: Limit perf ctrs in PCC check only to online CPUs (git-fixes).
- ACPI: CPPC: Perform fast check switch only for online CPUs (git-fixes).
- ACPI: PRM: Skip handlers with NULL handler_address or NULL VA (stable-fixes).
- ACPI: SBS: Fix present test in acpi_battery_read() (git-fixes).
- ACPI: property: Return present device nodes only on fwnode interface (stable-fixes).
- ACPI: scan: Add Intel CVS ACPI HIDs to acpi_ignore_dep_ids (stable-fixes).
- ACPICA: Update dsmethod.c to get rid of unused variable warning (stable-fixes).
- ACPICA: dispatcher: Use acpi_ds_clear_operands() in acpi_ds_call_control_method() (stable-fixes).
- ALSA: hda: Fix missing pointer check in hda_component_manager_init function (git-fixes).
- ALSA: serial-generic: remove shared static buffer (stable-fixes).
- ALSA: usb-audio: Add validation of UAC2/UAC3 effect units (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (git-fixes).
- ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (stable-fixes).
- ALSA: usb-audio: add mono main switch to Presonus S1824c (stable-fixes).
- ALSA: usb-audio: apply quirk for MOONDROP Quark2 (stable-fixes).
- ALSA: usb-audio: do not log messages meant for 1810c when initializing 1824c (git-fixes).
- ALSA: usb-audio: fix uac2 clock source at terminal parser (git-fixes).
- ASoC: codecs: va-macro: fix resource leak in probe error path (git-fixes).
- ASoC: cs4271: Fix regulator leak on probe failure (git-fixes).
- ASoC: max98090/91: fixed max98091 ALSA widget powering up/down (stable-fixes).
- ASoC: meson: aiu-encoder-i2s: fix bit clock polarity (stable-fixes).
- ASoC: qcom: sc8280xp: explicitly set S16LE format in sc8280xp_be_hw_params_fixup() (stable-fixes).
- ASoC: stm32: sai: manage context in set_sysclk callback (stable-fixes).
- ASoC: tlv320aic3x: Fix class-D initialization for tlv320aic3007 (stable-fixes).
- Bluetooth: 6lowpan: Do not hold spin lock over sleeping functions (git-fixes).
- Bluetooth: 6lowpan: add missing l2cap_chan_lock() (git-fixes).
- Bluetooth: 6lowpan: fix BDADDR_LE vs ADDR_LE_DEV address type confusion (git-fixes).
- Bluetooth: 6lowpan: reset link-local header on ipv6 recv path (git-fixes).
- Bluetooth: L2CAP: export l2cap_chan_hold for modules (stable-fixes).
- Bluetooth: MGMT: cancel mesh send timer when hdev removed (git-fixes).
- Bluetooth: SCO: Fix UAF on sco_conn_free (stable-fixes).
- Bluetooth: bcsp: receive data only if registered (stable-fixes).
- Bluetooth: btrtl: Fix memory leak in rtlbt_parse_firmware_v2() (git-fixes).
- Bluetooth: btusb: Check for unexpected bytes when defragmenting HCI frames (stable-fixes).
- Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (git-fixes).
- Bluetooth: hci_event: validate skb length for unknown CC opcode (git-fixes).
- Documentation: ACPI: i2c-muxes: fix I2C device references (git-fixes).
- Drivers: hv: vmbus: Add utility function for querying ring size (git-fixes).
- HID: amd_sfh: Stop sensor before starting (git-fixes).
- HID: hid-ntrig: Prevent memory leak in ntrig_report_version() (git-fixes).
- HID: quirks: avoid Cooler Master MM712 dongle wakeup bug (stable-fixes).
- HID: quirks: work around VID/PID conflict for 0x4c4a/0x4155 (git-fixes).
- HID: uclogic: Fix potential memory leak in error path (git-fixes).
- Input: atmel_mxt_ts - allow reset GPIO to sleep (stable-fixes).
- Input: imx_sc_key - fix memory corruption on unload (git-fixes).
- Input: pegasus-notetaker - fix potential out-of-bounds access (git-fixes).
- KVM: Pass new routing entries and irqfd when updating IRTEs (git-fixes).
- KVM: SVM: Delete IRTE link from previous vCPU before setting new IRTE (git-fixes).
- KVM: SVM: Delete IRTE link from previous vCPU irrespective of new routing (git-fixes).
- KVM: SVM: Emulate PERF_CNTR_GLOBAL_STATUS_SET for PerfMonV2 (git-fixes).
- KVM: SVM: Mark VMCB_LBR dirty when MSR_IA32_DEBUGCTLMSR is updated (git-fixes).
- KVM: SVM: Re-load current, not host, TSC_AUX on #VMEXIT from SEV-ES guest (git-fixes).
- KVM: SVM: Track per-vCPU IRTEs using kvm_kernel_irqfd structure (git-fixes).
- KVM: SVM: WARN if an invalid posted interrupt IRTE entry is added (git-fixes).
- KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported (git-fixes).
- KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes).
- KVM: VMX: Fix check for valid GVA on an EPT violation (git-fixes).
- KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest (git-fixes).
- KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs (git-fixes).
- KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter (git-fixes).
- KVM: x86/mmu: Locally cache whether a PFN is host MMIO when making a SPTE (git-fixes).
- KVM: x86: Add helper to retrieve current value of user return MSR (git-fixes).
- KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap (git-fixes).
- KVM: x86: Do not treat ENTER and LEAVE as branches, because they are not (git-fixes).
- KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag (git-fixes).
- NFS4: Fix state renewals missing after boot (git-fixes).
- NFS: check if suid/sgid was cleared after a write as needed (git-fixes).
- NFSD: Never cache a COMPOUND when the SEQUENCE operation fails (git-fixes).
- NFSD: Skip close replay processing if XDR encoding fails (git-fixes).
- NFSD: free copynotify stateid in nfs4_free_ol_stateid() (git-fixes).
- NFSv4.1: fix mount hang after CREATE_SESSION failure (git-fixes).
- NFSv4: handle ERR_GRACE on delegation recalls (git-fixes).
- PCI/P2PDMA: Fix incorrect pointer usage in devm_kfree() call (stable-fixes).
- PCI/PM: Skip resuming to D0 if device is disconnected (stable-fixes).
- PCI: Disable MSI on RDC PCI to PCIe bridges (stable-fixes).
- PCI: cadence: Check for the existence of cdns_pcie::ops before using it (stable-fixes).
- PCI: dwc: Verify the single eDMA IRQ in dw_pcie_edma_irq_verify() (stable-fixes).
- PCI: j721e: Fix incorrect error message in probe() (git-fixes).
- PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock (git-fixes).
- PCI: tegra194: Reset BARs when running in PCIe endpoint mode (git-fixes).
- RDMA/bnxt_re: Do not fail destroy QP and cleanup debugfs earlier (git-fixes)
- RDMA/bnxt_re: Fix a potential memory leak in destroy_gsi_sqp (git-fixes)
- RDMA/hns: Fix recv CQ and QP cache affinity (git-fixes)
- RDMA/hns: Fix the modification of max_send_sge (git-fixes)
- RDMA/hns: Fix wrong WQE data when QP wraps around (git-fixes)
- RDMA/irdma: Fix SD index calculation (git-fixes)
- RDMA/irdma: Set irdma_cq cq_num field during CQ create (git-fixes)
- Revert "drm/tegra: dsi: Clear enable register if powered by bootloader" (git-fixes).
- Revert "wifi: ath10k: avoid unnecessary wait for service ready message" (git-fixes).
- accel/habanalabs/gaudi2: fix BMON disable configuration (stable-fixes).
- accel/habanalabs/gaudi2: read preboot status after recovering from dirty state (stable-fixes).
- accel/habanalabs: return ENOMEM if less than requested pages were pinned (stable-fixes).
- accel/habanalabs: support mapping cb with vmalloc-backed coherent memory (stable-fixes).
- acpi,srat: Fix incorrect device handle check for Generic Initiator (git-fixes).
- amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw (stable-fixes).
- block: avoid possible overflow for chunk_sectors check in blk_stack_limits() (git-fixes).
- block: fix kobject double initialization in add_disk (git-fixes).
- btrfs: abort transaction on failure to add link to inode (git-fixes).
- btrfs: avoid page_lockend underflow in btrfs_punch_hole_lock_range() (git-fix).
- btrfs: avoid using fixed char array size for tree names (git-fix).
- btrfs: do not update last_log_commit when logging inode due to a new name (git-fixes).
- btrfs: fix COW handling in run_delalloc_nocow() (git-fix).
- btrfs: fix inode leak on failure to add link to inode (git-fixes).
- btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve (git-fix).
- btrfs: mark dirty extent range for out of bound prealloc extents (git-fixes).
- btrfs: qgroup: correctly model root qgroup rsv in convert (git-fix).
- btrfs: rename err to ret in btrfs_link() (git-fixes).
- btrfs: run btrfs_error_commit_super() early (git-fix).
- btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fix).
- btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fixes).
- btrfs: send: fix duplicated rmdir operations when using extrefs (git-fixes).
- btrfs: set inode flag BTRFS_INODE_COPY_EVERYTHING when logging new name (git-fixes).
- btrfs: simplify error handling logic for btrfs_link() (git-fixes).
- btrfs: tree-checker: add dev extent item checks (git-fix).
- btrfs: tree-checker: add type and sequence check for inline backrefs (git-fix).
- btrfs: tree-checker: fix the wrong output of data backref objectid (git-fix).
- btrfs: tree-checker: reject BTRFS_FT_UNKNOWN dir type (git-fix).
- btrfs: tree-checker: validate dref root and objectid (git-fix).
- btrfs: use smp_mb__after_atomic() when forcing COW in create_pending_snapshot() (git-fixes).
- char: misc: Does not request module for miscdevice with dynamic minor (stable-fixes).
- char: misc: Make misc_register() reentry for miscdevice who wants dynamic minor (stable-fixes).
- char: misc: restrict the dynamic range to exclude reserved minors (stable-fixes).
- cramfs: Verify inode mode when loading from disk (git-fixes).
- crypto: aspeed - fix double free caused by devm (git-fixes).
- crypto: aspeed-acry - Convert to platform remove callback returning void (stable-fixes).
- crypto: hisilicon/qm - Fix device reference leak in qm_get_qos_value (git-fixes).
- crypto: iaa - Do not clobber req->base.data (git-fixes).
- crypto: qat - use kcalloc() in qat_uclo_map_objs_from_mof() (stable-fixes).
- dmaengine: dw-edma: Set status for callback_result (stable-fixes).
- dmaengine: mv_xor: match alloc_wc and free_wc (stable-fixes).
- drm/amd/display: Add AVI infoframe copy in copy_stream_update_to_stream (stable-fixes).
- drm/amd/display: Disable VRR on DCE 6 (stable-fixes).
- drm/amd/display: Fix DVI-D/HDMI adapters (stable-fixes).
- drm/amd/display: Fix NULL deref in debugfs odm_combine_segments (git-fixes).
- drm/amd/display: Fix black screen with HDMI outputs (git-fixes).
- drm/amd/display: Increase AUX Intra-Hop Done Max Wait Duration (stable-fixes).
- drm/amd/display: add more cyan skillfish devices (stable-fixes).
- drm/amd/display: ensure committing streams is seamless (stable-fixes).
- drm/amd/display: update dpp/disp clock from smu clock table (stable-fixes).
- drm/amd/pm: Disable MCLK switching on SI at high pixel clocks (stable-fixes).
- drm/amd/pm: Use cached metrics data on aldebaran (stable-fixes).
- drm/amd/pm: Use cached metrics data on arcturus (stable-fixes).
- drm/amd: Avoid evicting resources at S5 (stable-fixes).
- drm/amd: Fix suspend failure with secure display TA (git-fixes).
- drm/amd: add more cyan skillfish PCI ids (stable-fixes).
- drm/amdgpu/jpeg: Hold pg_lock before jpeg poweroff (stable-fixes).
- drm/amdgpu: Allow kfd CRIU with no buffer objects (stable-fixes).
- drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices (stable-fixes).
- drm/amdgpu: Use memdup_array_user in amdgpu_cs_wait_fences_ioctl (stable-fixes).
- drm/amdgpu: add support for cyan skillfish gpu_info (stable-fixes).
- drm/amdgpu: do not enable SMU on cyan skillfish (stable-fixes).
- drm/amdgpu: reject gang submissions under SRIOV (stable-fixes).
- drm/amdkfd: Handle lack of READ permissions in SVM mapping (stable-fixes).
- drm/amdkfd: Tie UNMAP_LATENCY to queue_preemption (stable-fixes).
- drm/amdkfd: fix vram allocation failure for a special case (stable-fixes).
- drm/amdkfd: return -ENOTTY for unsupported IOCTLs (stable-fixes).
- drm/bridge: cdns-dsi: Do not fail on MIPI_DSI_MODE_VIDEO_BURST (stable-fixes).
- drm/bridge: cdns-dsi: Fix REG_WAKEUP_TIME value (stable-fixes).
- drm/bridge: display-connector: do not set OP_DETECT for DisplayPorts (stable-fixes).
- drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD (git-fixes).
- drm/i915: Fix conversion between clock ticks and nanoseconds (git-fixes).
- drm/msm/dsi/phy: Toggle back buffer resync after preparing PLL (stable-fixes).
- drm/msm/dsi/phy_7nm: Fix missing initial VCO rate (stable-fixes).
- drm/msm: make sure to not queue up recovery more than once (stable-fixes).
- drm/nouveau: replace snprintf() with scnprintf() in nvkm_snprintbf() (stable-fixes).
- drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb (git-fixes).
- drm/tegra: Add call to put_pid() (git-fixes).
- drm/tegra: dc: Fix reference leak in tegra_dc_couple() (git-fixes).
- drm/tidss: Set crtc modesetting parameters with adjusted mode (stable-fixes).
- drm/tidss: Use the crtc_* timings when programming the HW (stable-fixes).
- drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (git-fixes).
- exfat: limit log print for IO error (git-fixes).
- extcon: adc-jack: Cleanup wakeup source only if it was enabled (git-fixes).
- extcon: adc-jack: Fix wakeup source leaks on device unbind (stable-fixes).
- fbcon: Set fb_display[i]->mode to NULL when the mode is released (stable-fixes).
- fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (stable-fixes).
- fbdev: bitblit: bound-check glyph index in bit_putcs* (stable-fixes).
- fbdev: pvr2fb: Fix leftover reference to ONCHIP_NR_DMA_CHANNELS (stable-fixes).
- hwmon: (asus-ec-sensors) increase timeout for locking ACPI mutex (stable-fixes).
- hwmon: (dell-smm) Add support for Dell OptiPlex 7040 (stable-fixes).
- hwmon: (k10temp) Add device ID for Strix Halo (stable-fixes).
- hwmon: (k10temp) Add thermal support for AMD Family 1Ah-based models (stable-fixes).
- hwmon: (sbtsi_temp) AMD CPU extended temperature range support (stable-fixes).
- hwmon: sy7636a: add alias (stable-fixes).
- iio: adc: imx93_adc: load calibrated values even calibration failed (stable-fixes).
- iio: adc: spear_adc: mask SPEAR_ADC_STATUS channel and avg sample before setting register (stable-fixes).
- ima: do not clear IMA_DIGSIG flag when setting or removing non-IMA xattr (stable-fixes).
- iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE (git-fixes).
- isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe() (git-fixes).
- jfs: Verify inode mode when loading from disk (git-fixes).
- jfs: fix uninitialized waitqueue in transaction manager (git-fixes).
- kABI fix for KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes) (git-fixes).
- lib/crypto: curve25519-hacl64: Fix older clang KASAN workaround for GCC (git-fixes).
- md/raid1: fix data lost for writemostly rdev (git-fixes).
- md: fix mssing blktrace bio split events (git-fixes).
- media: adv7180: Add missing lock in suspend callback (stable-fixes).
- media: adv7180: Do not write format to device in set_fmt (stable-fixes).
- media: adv7180: Only validate format in querystd (stable-fixes).
- media: amphion: Delete v4l2_fh synchronously in .release() (stable-fixes).
- media: fix uninitialized symbol warnings (stable-fixes).
- media: i2c: Kconfig: Ensure a dependency on HAVE_CLK for VIDEO_CAMERA_SENSOR (stable-fixes).
- media: i2c: og01a1b: Specify monochrome media bus format instead of Bayer (stable-fixes).
- media: imon: make send_packet() more robust (stable-fixes).
- media: ov08x40: Fix the horizontal flip control (stable-fixes).
- media: redrat3: use int type to store negative error codes (stable-fixes).
- media: uvcvideo: Use heuristic to find stream entity (git-fixes).
- memstick: Add timeout to prevent indefinite waiting (stable-fixes).
- mfd: da9063: Split chip variant reading in two bus transactions (stable-fixes).
- mfd: madera: Work around false-positive -Wininitialized warning (stable-fixes).
- mfd: stmpe-i2c: Add missing MODULE_LICENSE (stable-fixes).
- mfd: stmpe: Remove IRQ domain upon removal (stable-fixes).
- minixfs: Verify inode mode when loading from disk (git-fixes).
- mm/mm_init: fix hash table order logging in alloc_large_system_hash() (git-fixes).
- mm/secretmem: fix use-after-free race in fault handler (git-fixes).
- mmc: host: renesas_sdhi: Fix the actual clock (stable-fixes).
- mmc: sdhci-msm: Enable tuning for SDR50 mode for SD card (stable-fixes).
- mmc: sdhci-of-dwcmshc: Change DLL_STRBIN_TAPNUM_DEFAULT to 0x4 (git-fixes).
- mtd: onenand: Pass correct pointer to IRQ handler (git-fixes).
- mtd: rawnand: cadence: fix DMA device NULL pointer dereference (git-fixes).
- mtdchar: fix integer overflow in read/write ioctls (git-fixes).
- net/mana: fix warning in the writer of client oob (git-fixes).
- net/smc: Remove validation of reserved bits in CLC Decline message (bsc#1253779).
- net: nfc: nci: Increase NCI_DATA_TIMEOUT to 3000 ms (stable-fixes).
- net: phy: clear link parameters on admin link down (stable-fixes).
- net: phy: fixed_phy: let fixed_phy_unregister free the phy_device (stable-fixes).
- net: phy: marvell: Fix 88e1510 downshift counter errata (stable-fixes).
- net: tcp: send zero-window ACK when no memory (bsc#1253779).
- net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (git-fixes).
- nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing (git-fixes).
- nfsd: do not defer requests during idmap lookup in v4 compound decode (bsc#1232223).
- nfsd: fix return error codes for nfsd_map_name_to_id (bsc#1232223).
- nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot (git-fixes).
- perf script: add --addr2line option (bsc#1247509).
- phy: cadence: cdns-dphy: Enable lower resolutions in dphy (stable-fixes).
- phy: renesas: r8a779f0-ether-serdes: add new step added to latest datasheet (stable-fixes).
- phy: rockchip: phy-rockchip-inno-csidphy: allow writes to grf register 0 (stable-fixes).
- pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc (git-fixes).
- pinctrl: s32cc: initialize gpio_pin_config::list after kmalloc() (git-fixes).
- pinctrl: single: fix bias pull up/down handling in pin_config_set (stable-fixes).
- platform/x86/intel/speed_select_if: Convert PCIBIOS_* return codes to errnos (git-fixes).
- power: supply: qcom_battmgr: add OOI chemistry (stable-fixes).
- power: supply: qcom_battmgr: handle charging state change notifications (stable-fixes).
- power: supply: sbs-charger: Support multiple devices (stable-fixes).
- regulator: fixed: fix GPIO descriptor leak on register failure (git-fixes).
- rtc: rx8025: fix incorrect register reference (git-fixes).
- s390/mm,fault: simplify kfence fault handling (bsc#1247076).
- scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans (git-fixes).
- scsi: aacraid: Stop using PCI_IRQ_AFFINITY (git-fixes).
- scsi: core: sysfs: Correct sysfs attributes access rights (git-fixes).
- scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() (git-fixes).
- scsi: libfc: Prevent integer overflow in fc_fcp_recv_data() (git-fixes).
- scsi: mpi3mr: Correctly handle ATA device errors (git-fixes).
- scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers (git-fixes).
- scsi: mpt3sas: Correctly handle ATA device errors (git-fixes).
- scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() (git-fixes).
- scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod (git-fixes).
- scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267).
- selftests/bpf: Close fd in error path in drop_on_reuseport (git-fixes).
- selftests/bpf: Close obj in error path in xdp_adjust_tail (git-fixes).
- selftests/bpf: Fix missing ARRAY_SIZE() definition in bench.c (git-fixes).
- selftests/bpf: Fix missing BUILD_BUG_ON() declaration (git-fixes).
- selftests/bpf: Fix missing UINT_MAX definitions in benchmarks (git-fixes).
- selftests/bpf: Fix string read in strncmp benchmark (git-fixes).
- selftests/bpf: Use pid_t consistently in test_progs.c (git-fixes).
- selftests/bpf: fix signedness bug in redir_partial() (git-fixes).
- serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 (git-fixes).
- serial: 8250_mtk: Enable baud clock and manage in runtime PM (git-fixes).
- soc/tegra: fuse: Add Tegra114 nvmem cells and fuse lookups (stable-fixes).
- soc: aspeed: socinfo: Add AST27xx silicon IDs (stable-fixes).
- soc: qcom: smem: Fix endian-unaware access of num_entries (stable-fixes).
- spi: Try to get ACPI GPIO IRQ earlier (git-fixes).
- spi: loopback-test: Do not use %pK through printk (stable-fixes).
- spi: rpc-if: Add resume support for RZ/G3E (stable-fixes).
- strparser: Fix signed/unsigned mismatch bug (git-fixes).
- tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork (bsc#1250705).
- thunderbolt: Use is_pciehp instead of is_hotplug_bridge (stable-fixes).
- tools/cpupower: Fix incorrect size in cpuidle_state_disable() (stable-fixes).
- tools/cpupower: fix error return value in cpupower_write_sysfs() (stable-fixes).
- tools/power x86_energy_perf_policy: Enhance HWP enable (stable-fixes).
- tools/power x86_energy_perf_policy: Fix incorrect fopen mode usage (stable-fixes).
- tools/power x86_energy_perf_policy: Prefer driver HWP limits (stable-fixes).
- tools: lib: thermal: do not preserve owner in install (stable-fixes).
- tools: lib: thermal: use pkg-config to locate libnl3 (stable-fixes).
- uio_hv_generic: Query the ringbuffer size for device (git-fixes).
- usb/core/quirks: Add Huawei ME906S to wakeup quirk (git-fixes).
- usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget (stable-fixes).
- usb: gadget: f_fs: Fix epfile null pointer access after ep enable (stable-fixes).
- usb: gadget: f_hid: Fix zero length packet transfer (stable-fixes).
- usb: gadget: f_ncm: Fix MAC assignment NCM ethernet (stable-fixes).
- usb: mon: Increase BUFF_MAX to 64 MiB to support multi-MB URBs (stable-fixes).
- usb: xhci: plat: Facilitate using autosuspend for xhci plat devices (stable-fixes).
- video: backlight: lp855x_bl: Set correct EPROM start for LP8556 (stable-fixes).
- watchdog: s3c2410_wdt: Fix max_timeout being calculated larger (stable-fixes).
- wifi: ath10k: Fix connection after GTK rekeying (stable-fixes).
- wifi: ath11k: zero init info->status in wmi_process_mgmt_tx_comp() (git-fixes).
- wifi: ath12k: Increase DP_REO_CMD_RING_SIZE to 256 (stable-fixes).
- wifi: mac80211: Fix HE capabilities element check (stable-fixes).
- wifi: mac80211: reject address change while connecting (git-fixes).
- wifi: mac80211: skip rate verification for not captured PSDUs (git-fixes).
- wifi: mac80211_hwsim: Limit destroy_on_close radio removal to netgroup (git-fixes).
- wifi: mt76: mt7921: Add 160MHz beamformee capability for mt7922 device (stable-fixes).
- wifi: mt76: mt7996: Temporarily disable EPCS (stable-fixes).
- wifi: mwl8k: inject DSSS Parameter Set element into beacons if missing (git-fixes).
- wifi: rtw88: sdio: use indirect IO for device registers before power-on (stable-fixes).
- wifi: zd1211rw: fix potential memory leak in __zd_usb_enable_rx() (git-fixes).
- x86/CPU/AMD: Add RDSEED fix for Zen5 (git-fixes).
- x86/CPU/AMD: Add additional fixed RDSEED microcode revisions (git-fixes).
- x86/CPU/AMD: Add missing terminator for zen5_rdseed_microcode (git-fixes).
- x86/CPU/AMD: Do the common init on future Zens too (git-fixes).
- x86/amd_nb: Add new PCI IDs for AMD family 0x1a (stable-fixes).
- x86/bugs: Fix reporting of LFENCE retpoline (git-fixes).
- x86/bugs: Report correct retbleed mitigation status (git-fixes).
- x86/vmscape: Add old Intel CPUs to affected list (git-fixes).
- xhci: dbc: Allow users to modify DbC poll interval via sysfs (stable-fixes).
- xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes).
- xhci: dbc: Improve performance by removing delay in transfer event polling (stable-fixes).
- xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event (git-fixes).
- xhci: dbc: poll at different rate depending on data transfer activity (stable-fixes).
ImportantSUSE bug 1232223SUSE bug 1237888SUSE bug 1243474SUSE bug 1245193SUSE bug 1247076SUSE bug 1247079SUSE bug 1247500SUSE bug 1247509SUSE bug 1249547SUSE bug 1249912SUSE bug 1249982SUSE bug 1250176SUSE bug 1250237SUSE bug 1250252SUSE bug 1250705SUSE bug 1251120SUSE bug 1251786SUSE bug 1252063SUSE bug 1252267SUSE bug 1252303SUSE bug 1252353SUSE bug 1252681SUSE bug 1252763SUSE bug 1252773SUSE bug 1252780SUSE bug 1252794SUSE bug 1252795SUSE bug 1252809SUSE bug 1252817SUSE bug 1252821SUSE bug 1252836SUSE bug 1252845SUSE bug 1252862SUSE bug 1252912SUSE bug 1252917SUSE bug 1252928SUSE bug 1253018SUSE bug 1253176SUSE bug 1253275SUSE bug 1253318SUSE bug 1253324SUSE bug 1253349SUSE bug 1253352SUSE bug 1253355SUSE bug 1253360SUSE bug 1253362SUSE bug 1253363SUSE bug 1253367SUSE bug 1253369SUSE bug 1253393SUSE bug 1253395SUSE bug 1253403SUSE bug 1253407SUSE bug 1253409SUSE bug 1253412SUSE bug 1253416SUSE bug 1253421SUSE bug 1253423SUSE bug 1253424SUSE bug 1253425SUSE bug 1253427SUSE bug 1253428SUSE bug 1253431SUSE bug 1253436SUSE bug 1253438SUSE bug 1253440SUSE bug 1253441SUSE bug 1253445SUSE bug 1253448SUSE bug 1253449SUSE bug 1253453SUSE bug 1253456SUSE bug 1253472SUSE bug 1253779CVE-2022-50253 at SUSECVE-2022-50253 at NVDCVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-21710 at SUSECVE-2025-21710 at NVDCVE-2025-37916 at SUSECVE-2025-37916 at NVDCVE-2025-38359 at SUSECVE-2025-38359 at NVDCVE-2025-38361 at SUSECVE-2025-38361 at NVDCVE-2025-39788 at SUSECVE-2025-39788 at NVDCVE-2025-39805 at SUSECVE-2025-39805 at NVDCVE-2025-39819 at SUSECVE-2025-39819 at NVDCVE-2025-39859 at SUSECVE-2025-39859 at NVDCVE-2025-39944 at SUSECVE-2025-39944 at NVDCVE-2025-39980 at SUSECVE-2025-39980 at NVDCVE-2025-40001 at SUSECVE-2025-40001 at NVDCVE-2025-40021 at SUSECVE-2025-40021 at NVDCVE-2025-40027 at SUSECVE-2025-40027 at NVDCVE-2025-40030 at SUSECVE-2025-40030 at NVDCVE-2025-40038 at SUSECVE-2025-40038 at NVDCVE-2025-40040 at SUSECVE-2025-40040 at NVDCVE-2025-40048 at SUSECVE-2025-40048 at NVDCVE-2025-40055 at SUSECVE-2025-40055 at NVDCVE-2025-40059 at SUSECVE-2025-40059 at NVDCVE-2025-40064 at SUSECVE-2025-40064 at NVDCVE-2025-40070 at SUSECVE-2025-40070 at NVDCVE-2025-40074 at SUSECVE-2025-40074 at NVDCVE-2025-40075 at SUSECVE-2025-40075 at NVDCVE-2025-40083 at SUSECVE-2025-40083 at NVDCVE-2025-40098 at SUSECVE-2025-40098 at NVDCVE-2025-40105 at SUSECVE-2025-40105 at NVDCVE-2025-40107 at SUSECVE-2025-40107 at NVDCVE-2025-40109 at SUSECVE-2025-40109 at NVDCVE-2025-40110 at SUSECVE-2025-40110 at NVDCVE-2025-40111 at SUSECVE-2025-40111 at NVDCVE-2025-40115 at SUSECVE-2025-40115 at NVDCVE-2025-40116 at SUSECVE-2025-40116 at NVDCVE-2025-40118 at SUSECVE-2025-40118 at NVDCVE-2025-40120 at SUSECVE-2025-40120 at NVDCVE-2025-40121 at SUSECVE-2025-40121 at NVDCVE-2025-40127 at SUSECVE-2025-40127 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40139 at SUSECVE-2025-40139 at NVDCVE-2025-40140 at SUSECVE-2025-40140 at NVDCVE-2025-40141 at SUSECVE-2025-40141 at NVDCVE-2025-40149 at SUSECVE-2025-40149 at NVDCVE-2025-40154 at SUSECVE-2025-40154 at NVDCVE-2025-40156 at SUSECVE-2025-40156 at NVDCVE-2025-40157 at SUSECVE-2025-40157 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-40164 at SUSECVE-2025-40164 at NVDCVE-2025-40168 at SUSECVE-2025-40168 at NVDCVE-2025-40169 at SUSECVE-2025-40169 at NVDCVE-2025-40171 at SUSECVE-2025-40171 at NVDCVE-2025-40172 at SUSECVE-2025-40172 at NVDCVE-2025-40173 at SUSECVE-2025-40173 at NVDCVE-2025-40176 at SUSECVE-2025-40176 at NVDCVE-2025-40180 at SUSECVE-2025-40180 at NVDCVE-2025-40183 at SUSECVE-2025-40183 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDCVE-2025-40188 at SUSECVE-2025-40188 at NVDCVE-2025-40194 at SUSECVE-2025-40194 at NVDCVE-2025-40198 at SUSECVE-2025-40198 at NVDCVE-2025-40200 at SUSECVE-2025-40200 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDCVE-2025-40205 at SUSECVE-2025-40205 at NVDCVE-2025-40206 at SUSECVE-2025-40206 at NVDCVE-2025-40207 at SUSECVE-2025-40207 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-33.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248670SUSE bug 1250192SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678)
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847)
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019)
ModerateSUSE bug 1233019SUSE bug 1233678SUSE bug 1234847CVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-53042 at SUSECVE-2024-53042 at NVDCVE-2024-53156 at SUSECVE-2024-53156 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1250192SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-24.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2024-57849: s390/cpum_sf: handle CPU hotplug remove during sampling (bsc#1235815).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1235815SUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2024-57849 at SUSECVE-2024-57849 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-29.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248670SUSE bug 1250192SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1250192SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-35.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-22.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251787).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1251203).
- CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248400).
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248670).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1250192).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253437).
ImportantSUSE bug 1248400SUSE bug 1248670SUSE bug 1249241SUSE bug 1250192SUSE bug 1251203SUSE bug 1251787SUSE bug 1253437CVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38572 at SUSECVE-2025-38572 at NVDCVE-2025-38588 at SUSECVE-2025-38588 at NVDCVE-2025-38608 at SUSECVE-2025-38608 at NVDCVE-2025-39682 at SUSECVE-2025-39682 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-24.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-29.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1249241).
The following non security issue was fixed:
- fix addr_bit_set() issue on big-endian machines (bsc#1256928).
ImportantSUSE bug 1249241SUSE bug 1256928CVE-2025-38588 at SUSECVE-2025-38588 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2024-53237: Bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008)
- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431)
- CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (CVE-2024-56600)
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916)
ModerateSUSE bug 1235008SUSE bug 1235218SUSE bug 1235431SUSE bug 1235916CVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-56600 at SUSECVE-2024-56600 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-50253: bpf: make sure skb->len != 0 when redirecting to a tunneling device (bsc#1249912).
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786).
- CVE-2025-21710: tcp: correct handling of extreme memory squeeze (bsc#1237888).
- CVE-2025-37916: pds_core: remove write-after-free of client_id (bsc#1243474).
- CVE-2025-38359: s390/mm: Fix in_atomic() handling in do_secure_storage_access() (bsc#1247076).
- CVE-2025-38361: drm/amd/display: Check dce_hwseq before dereferencing it (bsc#1247079).
- CVE-2025-39788: scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE (bsc#1249547).
- CVE-2025-39805: net: macb: fix unregister_netdev call order in macb_remove() (bsc#1249982).
- CVE-2025-39819: fs/smb: Fix inconsistent refcnt update (bsc#1250176).
- CVE-2025-39859: ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog (bsc#1250252).
- CVE-2025-39944: octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() (bsc#1251120).
- CVE-2025-39980: nexthop: Forbid FDB status change while nexthop is in a group (bsc#1252063).
- CVE-2025-40001: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (bsc#1252303).
- CVE-2025-40021: tracing: dynevent: Add a missing lockdown check on dynevent (bsc#1252681).
- CVE-2025-40027: net/9p: fix double req put in p9_fd_cancelled (bsc#1252763).
- CVE-2025-40030: pinctrl: check the return value of pinmux_ops::get_function_name() (bsc#1252773).
- CVE-2025-40038: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid (bsc#1252817).
- CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780).
- CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862).
- CVE-2025-40055: ocfs2: fix double free in user_cluster_connect() (bsc#1252821).
- CVE-2025-40059: coresight: Fix incorrect handling for return value of devm_kzalloc (bsc#1252809).
- CVE-2025-40064: smc: Fix use-after-free in __pnet_find_base_ndev() (bsc#1252845).
- CVE-2025-40070: pps: fix warning in pps_register_cdev when register device fail (bsc#1252836).
- CVE-2025-40074: ipv4: start using dst_dev_rcu() (bsc#1252794).
- CVE-2025-40075: tcp_metrics: use dst_dev_net_rcu() (bsc#1252795).
- CVE-2025-40083: net/sched: sch_qfq: Fix null-deref in agg_dequeue (bsc#1252912).
- CVE-2025-40098: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (bsc#1252917).
- CVE-2025-40105: vfs: Do not leak disconnected dentries on umount (bsc#1252928).
- CVE-2025-40139: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (bsc#1253409).
- CVE-2025-40149: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (bsc#1253355).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253403).
- CVE-2025-40168: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (bsc#1253427).
- CVE-2025-40169: bpf: Reject negative offsets for ALU ops (bsc#1253416).
- CVE-2025-40173: net/ip6_tunnel: Prevent perpetual tunnel growth (bsc#1253421).
- CVE-2025-40176: tls: wait for pending async decryptions if tls_strp_msg_hold fails (bsc#1253425).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).
- CVE-2025-40206: Add missing bugzilla reference to net fix (bsc#1253393).
The following non-security bugs were fixed:
- ACPI: CPPC: Check _CPC validity for only the online CPUs (git-fixes).
- ACPI: CPPC: Limit perf ctrs in PCC check only to online CPUs (git-fixes).
- ACPI: CPPC: Perform fast check switch only for online CPUs (git-fixes).
- ACPI: PRM: Skip handlers with NULL handler_address or NULL VA (stable-fixes).
- ACPI: SBS: Fix present test in acpi_battery_read() (git-fixes).
- ACPI: property: Return present device nodes only on fwnode interface (stable-fixes).
- ACPI: scan: Add Intel CVS ACPI HIDs to acpi_ignore_dep_ids (stable-fixes).
- ACPICA: Update dsmethod.c to get rid of unused variable warning (stable-fixes).
- ACPICA: dispatcher: Use acpi_ds_clear_operands() in acpi_ds_call_control_method() (stable-fixes).
- ALSA: hda: Fix missing pointer check in hda_component_manager_init function (git-fixes).
- ALSA: serial-generic: remove shared static buffer (stable-fixes).
- ALSA: usb-audio: Add validation of UAC2/UAC3 effect units (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (git-fixes).
- ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (stable-fixes).
- ALSA: usb-audio: add mono main switch to Presonus S1824c (stable-fixes).
- ALSA: usb-audio: apply quirk for MOONDROP Quark2 (stable-fixes).
- ALSA: usb-audio: do not log messages meant for 1810c when initializing 1824c (git-fixes).
- ALSA: usb-audio: fix uac2 clock source at terminal parser (git-fixes).
- ASoC: codecs: va-macro: fix resource leak in probe error path (git-fixes).
- ASoC: cs4271: Fix regulator leak on probe failure (git-fixes).
- ASoC: max98090/91: fixed max98091 ALSA widget powering up/down (stable-fixes).
- ASoC: meson: aiu-encoder-i2s: fix bit clock polarity (stable-fixes).
- ASoC: qcom: sc8280xp: explicitly set S16LE format in sc8280xp_be_hw_params_fixup() (stable-fixes).
- ASoC: stm32: sai: manage context in set_sysclk callback (stable-fixes).
- ASoC: tlv320aic3x: Fix class-D initialization for tlv320aic3007 (stable-fixes).
- Bluetooth: 6lowpan: Do not hold spin lock over sleeping functions (git-fixes).
- Bluetooth: 6lowpan: add missing l2cap_chan_lock() (git-fixes).
- Bluetooth: 6lowpan: fix BDADDR_LE vs ADDR_LE_DEV address type confusion (git-fixes).
- Bluetooth: 6lowpan: reset link-local header on ipv6 recv path (git-fixes).
- Bluetooth: L2CAP: export l2cap_chan_hold for modules (stable-fixes).
- Bluetooth: MGMT: cancel mesh send timer when hdev removed (git-fixes).
- Bluetooth: SCO: Fix UAF on sco_conn_free (stable-fixes).
- Bluetooth: bcsp: receive data only if registered (stable-fixes).
- Bluetooth: btrtl: Fix memory leak in rtlbt_parse_firmware_v2() (git-fixes).
- Bluetooth: btusb: Check for unexpected bytes when defragmenting HCI frames (stable-fixes).
- Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (git-fixes).
- Bluetooth: hci_event: validate skb length for unknown CC opcode (git-fixes).
- Documentation: ACPI: i2c-muxes: fix I2C device references (git-fixes).
- Drivers: hv: vmbus: Add utility function for querying ring size (git-fixes).
- HID: amd_sfh: Stop sensor before starting (git-fixes).
- HID: hid-ntrig: Prevent memory leak in ntrig_report_version() (git-fixes).
- HID: quirks: avoid Cooler Master MM712 dongle wakeup bug (stable-fixes).
- HID: quirks: work around VID/PID conflict for 0x4c4a/0x4155 (git-fixes).
- HID: uclogic: Fix potential memory leak in error path (git-fixes).
- Input: atmel_mxt_ts - allow reset GPIO to sleep (stable-fixes).
- Input: imx_sc_key - fix memory corruption on unload (git-fixes).
- Input: pegasus-notetaker - fix potential out-of-bounds access (git-fixes).
- KVM: Pass new routing entries and irqfd when updating IRTEs (git-fixes).
- KVM: SVM: Delete IRTE link from previous vCPU before setting new IRTE (git-fixes).
- KVM: SVM: Delete IRTE link from previous vCPU irrespective of new routing (git-fixes).
- KVM: SVM: Emulate PERF_CNTR_GLOBAL_STATUS_SET for PerfMonV2 (git-fixes).
- KVM: SVM: Mark VMCB_LBR dirty when MSR_IA32_DEBUGCTLMSR is updated (git-fixes).
- KVM: SVM: Re-load current, not host, TSC_AUX on #VMEXIT from SEV-ES guest (git-fixes).
- KVM: SVM: Track per-vCPU IRTEs using kvm_kernel_irqfd structure (git-fixes).
- KVM: SVM: WARN if an invalid posted interrupt IRTE entry is added (git-fixes).
- KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported (git-fixes).
- KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes) (git-fixes).
- KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes).
- KVM: VMX: Fix check for valid GVA on an EPT violation (git-fixes).
- KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest (git-fixes).
- KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs (git-fixes).
- KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter (git-fixes).
- KVM: x86/mmu: Locally cache whether a PFN is host MMIO when making a SPTE (git-fixes).
- KVM: x86: Add helper to retrieve current value of user return MSR (git-fixes).
- KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap (git-fixes).
- KVM: x86: Do not treat ENTER and LEAVE as branches, because they are not (git-fixes).
- KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag (git-fixes).
- NFS4: Fix state renewals missing after boot (git-fixes).
- NFS: check if suid/sgid was cleared after a write as needed (git-fixes).
- NFSD: Never cache a COMPOUND when the SEQUENCE operation fails (git-fixes).
- NFSD: Skip close replay processing if XDR encoding fails (git-fixes).
- NFSD: free copynotify stateid in nfs4_free_ol_stateid() (git-fixes).
- NFSv4.1: fix mount hang after CREATE_SESSION failure (git-fixes).
- NFSv4: handle ERR_GRACE on delegation recalls (git-fixes).
- PCI/P2PDMA: Fix incorrect pointer usage in devm_kfree() call (stable-fixes).
- PCI/PM: Skip resuming to D0 if device is disconnected (stable-fixes).
- PCI: Disable MSI on RDC PCI to PCIe bridges (stable-fixes).
- PCI: cadence: Check for the existence of cdns_pcie::ops before using it (stable-fixes).
- PCI: dwc: Verify the single eDMA IRQ in dw_pcie_edma_irq_verify() (stable-fixes).
- PCI: j721e: Fix incorrect error message in probe() (git-fixes).
- PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock (git-fixes).
- PCI: tegra194: Reset BARs when running in PCIe endpoint mode (git-fixes).
- RDMA/bnxt_re: Do not fail destroy QP and cleanup debugfs earlier (git-fixes)
- RDMA/bnxt_re: Fix a potential memory leak in destroy_gsi_sqp (git-fixes)
- RDMA/hns: Fix recv CQ and QP cache affinity (git-fixes)
- RDMA/hns: Fix the modification of max_send_sge (git-fixes)
- RDMA/hns: Fix wrong WQE data when QP wraps around (git-fixes)
- RDMA/irdma: Fix SD index calculation (git-fixes)
- RDMA/irdma: Set irdma_cq cq_num field during CQ create (git-fixes)
- accel/habanalabs/gaudi2: fix BMON disable configuration (stable-fixes).
- accel/habanalabs/gaudi2: read preboot status after recovering from dirty state (stable-fixes).
- accel/habanalabs: return ENOMEM if less than requested pages were pinned (stable-fixes).
- accel/habanalabs: support mapping cb with vmalloc-backed coherent memory (stable-fixes).
- acpi,srat: Fix incorrect device handle check for Generic Initiator (git-fixes).
- amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw (stable-fixes).
- block: avoid possible overflow for chunk_sectors check in blk_stack_limits() (git-fixes).
- block: fix kobject double initialization in add_disk (git-fixes).
- btrfs: abort transaction on failure to add link to inode (git-fixes).
- btrfs: avoid page_lockend underflow in btrfs_punch_hole_lock_range() (git-fix).
- btrfs: avoid using fixed char array size for tree names (git-fix).
- btrfs: do not update last_log_commit when logging inode due to a new name (git-fixes).
- btrfs: fix COW handling in run_delalloc_nocow() (git-fix).
- btrfs: fix inode leak on failure to add link to inode (git-fixes).
- btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve (git-fix).
- btrfs: mark dirty extent range for out of bound prealloc extents (git-fixes).
- btrfs: qgroup: correctly model root qgroup rsv in convert (git-fix).
- btrfs: rename err to ret in btrfs_link() (git-fixes).
- btrfs: run btrfs_error_commit_super() early (git-fix).
- btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fix).
- btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fixes).
- btrfs: send: fix duplicated rmdir operations when using extrefs (git-fixes).
- btrfs: set inode flag BTRFS_INODE_COPY_EVERYTHING when logging new name (git-fixes).
- btrfs: simplify error handling logic for btrfs_link() (git-fixes).
- btrfs: tree-checker: add dev extent item checks (git-fix).
- btrfs: tree-checker: add type and sequence check for inline backrefs (git-fix).
- btrfs: tree-checker: fix the wrong output of data backref objectid (git-fix).
- btrfs: tree-checker: reject BTRFS_FT_UNKNOWN dir type (git-fix).
- btrfs: tree-checker: validate dref root and objectid (git-fix).
- btrfs: use smp_mb__after_atomic() when forcing COW in create_pending_snapshot() (git-fixes).
- char: misc: Does not request module for miscdevice with dynamic minor (stable-fixes).
- char: misc: Make misc_register() reentry for miscdevice who wants dynamic minor (stable-fixes).
- char: misc: restrict the dynamic range to exclude reserved minors (stable-fixes).
- cramfs: Verify inode mode when loading from disk (git-fixes).
- crypto: aspeed - fix double free caused by devm (git-fixes).
- crypto: aspeed-acry - Convert to platform remove callback returning void (stable-fixes).
- crypto: hisilicon/qm - Fix device reference leak in qm_get_qos_value (git-fixes).
- crypto: iaa - Do not clobber req->base.data (git-fixes).
- crypto: qat - use kcalloc() in qat_uclo_map_objs_from_mof() (stable-fixes).
- dmaengine: dw-edma: Set status for callback_result (stable-fixes).
- dmaengine: mv_xor: match alloc_wc and free_wc (stable-fixes).
- drm/amd/display: Add AVI infoframe copy in copy_stream_update_to_stream (stable-fixes).
- drm/amd/display: Disable VRR on DCE 6 (stable-fixes).
- drm/amd/display: Fix DVI-D/HDMI adapters (stable-fixes).
- drm/amd/display: Fix NULL deref in debugfs odm_combine_segments (git-fixes).
- drm/amd/display: Fix black screen with HDMI outputs (git-fixes).
- drm/amd/display: Increase AUX Intra-Hop Done Max Wait Duration (stable-fixes).
- drm/amd/display: add more cyan skillfish devices (stable-fixes).
- drm/amd/display: ensure committing streams is seamless (stable-fixes).
- drm/amd/display: update dpp/disp clock from smu clock table (stable-fixes).
- drm/amd/pm: Disable MCLK switching on SI at high pixel clocks (stable-fixes).
- drm/amd/pm: Use cached metrics data on aldebaran (stable-fixes).
- drm/amd/pm: Use cached metrics data on arcturus (stable-fixes).
- drm/amd: Avoid evicting resources at S5 (stable-fixes).
- drm/amd: Fix suspend failure with secure display TA (git-fixes).
- drm/amd: add more cyan skillfish PCI ids (stable-fixes).
- drm/amdgpu/jpeg: Hold pg_lock before jpeg poweroff (stable-fixes).
- drm/amdgpu: Allow kfd CRIU with no buffer objects (stable-fixes).
- drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices (stable-fixes).
- drm/amdgpu: Use memdup_array_user in amdgpu_cs_wait_fences_ioctl (stable-fixes).
- drm/amdgpu: add support for cyan skillfish gpu_info (stable-fixes).
- drm/amdgpu: do not enable SMU on cyan skillfish (stable-fixes).
- drm/amdgpu: reject gang submissions under SRIOV (stable-fixes).
- drm/amdkfd: Handle lack of READ permissions in SVM mapping (stable-fixes).
- drm/amdkfd: Tie UNMAP_LATENCY to queue_preemption (stable-fixes).
- drm/amdkfd: fix vram allocation failure for a special case (stable-fixes).
- drm/amdkfd: return -ENOTTY for unsupported IOCTLs (stable-fixes).
- drm/bridge: cdns-dsi: Do not fail on MIPI_DSI_MODE_VIDEO_BURST (stable-fixes).
- drm/bridge: cdns-dsi: Fix REG_WAKEUP_TIME value (stable-fixes).
- drm/bridge: display-connector: do not set OP_DETECT for DisplayPorts (stable-fixes).
- drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD (git-fixes).
- drm/i915: Fix conversion between clock ticks and nanoseconds (git-fixes).
- drm/msm/dsi/phy: Toggle back buffer resync after preparing PLL (stable-fixes).
- drm/msm/dsi/phy_7nm: Fix missing initial VCO rate (stable-fixes).
- drm/msm: make sure to not queue up recovery more than once (stable-fixes).
- drm/nouveau: replace snprintf() with scnprintf() in nvkm_snprintbf() (stable-fixes).
- drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb (git-fixes).
- drm/tegra: Add call to put_pid() (git-fixes).
- drm/tegra: dc: Fix reference leak in tegra_dc_couple() (git-fixes).
- drm/tidss: Set crtc modesetting parameters with adjusted mode (stable-fixes).
- drm/tidss: Use the crtc_* timings when programming the HW (stable-fixes).
- drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (git-fixes).
- exfat: limit log print for IO error (git-fixes).
- extcon: adc-jack: Cleanup wakeup source only if it was enabled (git-fixes).
- extcon: adc-jack: Fix wakeup source leaks on device unbind (stable-fixes).
- fbcon: Set fb_display[i]->mode to NULL when the mode is released (stable-fixes).
- fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (stable-fixes).
- fbdev: bitblit: bound-check glyph index in bit_putcs* (stable-fixes).
- fbdev: pvr2fb: Fix leftover reference to ONCHIP_NR_DMA_CHANNELS (stable-fixes).
- hwmon: (asus-ec-sensors) increase timeout for locking ACPI mutex (stable-fixes).
- hwmon: (dell-smm) Add support for Dell OptiPlex 7040 (stable-fixes).
- hwmon: (k10temp) Add device ID for Strix Halo (stable-fixes).
- hwmon: (k10temp) Add thermal support for AMD Family 1Ah-based models (stable-fixes).
- hwmon: (sbtsi_temp) AMD CPU extended temperature range support (stable-fixes).
- hwmon: sy7636a: add alias (stable-fixes).
- iio: adc: imx93_adc: load calibrated values even calibration failed (stable-fixes).
- iio: adc: spear_adc: mask SPEAR_ADC_STATUS channel and avg sample before setting register (stable-fixes).
- ima: do not clear IMA_DIGSIG flag when setting or removing non-IMA xattr (stable-fixes).
- iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE (git-fixes).
- isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe() (git-fixes).
- jfs: Verify inode mode when loading from disk (git-fixes).
- jfs: fix uninitialized waitqueue in transaction manager (git-fixes).
- lib/crypto: curve25519-hacl64: Fix older clang KASAN workaround for GCC (git-fixes).
- md/raid1: fix data lost for writemostly rdev (git-fixes).
- md: fix mssing blktrace bio split events (git-fixes).
- media: adv7180: Add missing lock in suspend callback (stable-fixes).
- media: adv7180: Do not write format to device in set_fmt (stable-fixes).
- media: adv7180: Only validate format in querystd (stable-fixes).
- media: amphion: Delete v4l2_fh synchronously in .release() (stable-fixes).
- media: fix uninitialized symbol warnings (stable-fixes).
- media: i2c: Kconfig: Ensure a dependency on HAVE_CLK for VIDEO_CAMERA_SENSOR (stable-fixes).
- media: i2c: og01a1b: Specify monochrome media bus format instead of Bayer (stable-fixes).
- media: imon: make send_packet() more robust (stable-fixes).
- media: ov08x40: Fix the horizontal flip control (stable-fixes).
- media: redrat3: use int type to store negative error codes (stable-fixes).
- media: uvcvideo: Use heuristic to find stream entity (git-fixes).
- memstick: Add timeout to prevent indefinite waiting (stable-fixes).
- mfd: da9063: Split chip variant reading in two bus transactions (stable-fixes).
- mfd: madera: Work around false-positive -Wininitialized warning (stable-fixes).
- mfd: stmpe-i2c: Add missing MODULE_LICENSE (stable-fixes).
- mfd: stmpe: Remove IRQ domain upon removal (stable-fixes).
- minixfs: Verify inode mode when loading from disk (git-fixes).
- mm/mm_init: fix hash table order logging in alloc_large_system_hash() (git-fixes).
- mm/secretmem: fix use-after-free race in fault handler (git-fixes).
- mmc: host: renesas_sdhi: Fix the actual clock (stable-fixes).
- mmc: sdhci-msm: Enable tuning for SDR50 mode for SD card (stable-fixes).
- mmc: sdhci-of-dwcmshc: Change DLL_STRBIN_TAPNUM_DEFAULT to 0x4 (git-fixes).
- mtd: onenand: Pass correct pointer to IRQ handler (git-fixes).
- mtd: rawnand: cadence: fix DMA device NULL pointer dereference (git-fixes).
- mtdchar: fix integer overflow in read/write ioctls (git-fixes).
- net/mana: fix warning in the writer of client oob (git-fixes).
- net/smc: Remove validation of reserved bits in CLC Decline message (bsc#1253779).
- net: nfc: nci: Increase NCI_DATA_TIMEOUT to 3000 ms (stable-fixes).
- net: phy: clear link parameters on admin link down (stable-fixes).
- net: phy: fixed_phy: let fixed_phy_unregister free the phy_device (stable-fixes).
- net: phy: marvell: Fix 88e1510 downshift counter errata (stable-fixes).
- net: tcp: send zero-window ACK when no memory (bsc#1253779).
- net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (git-fixes).
- nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing (git-fixes).
- nfsd: do not defer requests during idmap lookup in v4 compound decode (bsc#1232223).
- nfsd: fix return error codes for nfsd_map_name_to_id (bsc#1232223).
- nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot (git-fixes).
- perf script: add --addr2line option (bsc#1247509).
- phy: cadence: cdns-dphy: Enable lower resolutions in dphy (stable-fixes).
- phy: renesas: r8a779f0-ether-serdes: add new step added to latest datasheet (stable-fixes).
- phy: rockchip: phy-rockchip-inno-csidphy: allow writes to grf register 0 (stable-fixes).
- pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc (git-fixes).
- pinctrl: s32cc: initialize gpio_pin_config::list after kmalloc() (git-fixes).
- pinctrl: single: fix bias pull up/down handling in pin_config_set (stable-fixes).
- platform/x86/intel/speed_select_if: Convert PCIBIOS_* return codes to errnos (git-fixes).
- power: supply: qcom_battmgr: add OOI chemistry (stable-fixes).
- power: supply: qcom_battmgr: handle charging state change notifications (stable-fixes).
- power: supply: sbs-charger: Support multiple devices (stable-fixes).
- regulator: fixed: fix GPIO descriptor leak on register failure (git-fixes).
- rtc: rx8025: fix incorrect register reference (git-fixes).
- s390/mm,fault: simplify kfence fault handling (bsc#1247076).
- scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans (git-fixes).
- scsi: aacraid: Stop using PCI_IRQ_AFFINITY (git-fixes).
- scsi: core: sysfs: Correct sysfs attributes access rights (git-fixes).
- scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() (git-fixes).
- scsi: libfc: Prevent integer overflow in fc_fcp_recv_data() (git-fixes).
- scsi: mpi3mr: Correctly handle ATA device errors (git-fixes).
- scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers (git-fixes).
- scsi: mpt3sas: Correctly handle ATA device errors (git-fixes).
- scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() (git-fixes).
- scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod (git-fixes).
- scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267).
- selftests/bpf: Close fd in error path in drop_on_reuseport (git-fixes).
- selftests/bpf: Close obj in error path in xdp_adjust_tail (git-fixes).
- selftests/bpf: Fix missing ARRAY_SIZE() definition in bench.c (git-fixes).
- selftests/bpf: Fix missing BUILD_BUG_ON() declaration (git-fixes).
- selftests/bpf: Fix missing UINT_MAX definitions in benchmarks (git-fixes).
- selftests/bpf: Fix string read in strncmp benchmark (git-fixes).
- selftests/bpf: Mitigate sockmap_ktls disconnect_after_delete failure (git-fixes).
- selftests/bpf: Use pid_t consistently in test_progs.c (git-fixes).
- selftests/bpf: fix signedness bug in redir_partial() (git-fixes).
- serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 (git-fixes).
- serial: 8250_mtk: Enable baud clock and manage in runtime PM (git-fixes).
- soc/tegra: fuse: Add Tegra114 nvmem cells and fuse lookups (stable-fixes).
- soc: aspeed: socinfo: Add AST27xx silicon IDs (stable-fixes).
- soc: qcom: smem: Fix endian-unaware access of num_entries (stable-fixes).
- spi: Try to get ACPI GPIO IRQ earlier (git-fixes).
- spi: loopback-test: Do not use %pK through printk (stable-fixes).
- spi: rpc-if: Add resume support for RZ/G3E (stable-fixes).
- strparser: Fix signed/unsigned mismatch bug (git-fixes).
- tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork (bsc#1250705).
- thunderbolt: Use is_pciehp instead of is_hotplug_bridge (stable-fixes).
- tools/cpupower: Fix incorrect size in cpuidle_state_disable() (stable-fixes).
- tools/cpupower: fix error return value in cpupower_write_sysfs() (stable-fixes).
- tools/power x86_energy_perf_policy: Enhance HWP enable (stable-fixes).
- tools/power x86_energy_perf_policy: Fix incorrect fopen mode usage (stable-fixes).
- tools/power x86_energy_perf_policy: Prefer driver HWP limits (stable-fixes).
- tools: lib: thermal: do not preserve owner in install (stable-fixes).
- tools: lib: thermal: use pkg-config to locate libnl3 (stable-fixes).
- uio_hv_generic: Query the ringbuffer size for device (git-fixes).
- usb/core/quirks: Add Huawei ME906S to wakeup quirk (git-fixes).
- usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget (stable-fixes).
- usb: gadget: f_fs: Fix epfile null pointer access after ep enable (stable-fixes).
- usb: gadget: f_hid: Fix zero length packet transfer (stable-fixes).
- usb: gadget: f_ncm: Fix MAC assignment NCM ethernet (stable-fixes).
- usb: mon: Increase BUFF_MAX to 64 MiB to support multi-MB URBs (stable-fixes).
- usb: xhci: plat: Facilitate using autosuspend for xhci plat devices (stable-fixes).
- video: backlight: lp855x_bl: Set correct EPROM start for LP8556 (stable-fixes).
- watchdog: s3c2410_wdt: Fix max_timeout being calculated larger (stable-fixes).
- wifi: ath10k: Fix connection after GTK rekeying (stable-fixes).
- wifi: ath11k: zero init info->status in wmi_process_mgmt_tx_comp() (git-fixes).
- wifi: ath12k: Increase DP_REO_CMD_RING_SIZE to 256 (stable-fixes).
- wifi: mac80211: Fix HE capabilities element check (stable-fixes).
- wifi: mac80211: reject address change while connecting (git-fixes).
- wifi: mac80211: skip rate verification for not captured PSDUs (git-fixes).
- wifi: mac80211_hwsim: Limit destroy_on_close radio removal to netgroup (git-fixes).
- wifi: mt76: mt7921: Add 160MHz beamformee capability for mt7922 device (stable-fixes).
- wifi: mt76: mt7996: Temporarily disable EPCS (stable-fixes).
- wifi: mwl8k: inject DSSS Parameter Set element into beacons if missing (git-fixes).
- wifi: rtw88: sdio: use indirect IO for device registers before power-on (stable-fixes).
- wifi: zd1211rw: fix potential memory leak in __zd_usb_enable_rx() (git-fixes).
- x86/CPU/AMD: Add RDSEED fix for Zen5 (git-fixes).
- x86/CPU/AMD: Add additional fixed RDSEED microcode revisions (git-fixes).
- x86/CPU/AMD: Add missing terminator for zen5_rdseed_microcode (git-fixes).
- x86/CPU/AMD: Do the common init on future Zens too (git-fixes).
- x86/amd_nb: Add new PCI IDs for AMD family 0x1a (stable-fixes).
- x86/bugs: Fix reporting of LFENCE retpoline (git-fixes).
- x86/bugs: Report correct retbleed mitigation status (git-fixes).
- x86/vmscape: Add old Intel CPUs to affected list (git-fixes).
- xhci: dbc: Allow users to modify DbC poll interval via sysfs (stable-fixes).
- xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes).
- xhci: dbc: Improve performance by removing delay in transfer event polling (stable-fixes).
- xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event (git-fixes).
- xhci: dbc: poll at different rate depending on data transfer activity (stable-fixes).
ImportantSUSE bug 1232223SUSE bug 1237888SUSE bug 1243474SUSE bug 1245193SUSE bug 1247076SUSE bug 1247079SUSE bug 1247500SUSE bug 1247509SUSE bug 1249547SUSE bug 1249912SUSE bug 1249982SUSE bug 1250176SUSE bug 1250237SUSE bug 1250252SUSE bug 1250705SUSE bug 1251120SUSE bug 1251786SUSE bug 1252063SUSE bug 1252267SUSE bug 1252303SUSE bug 1252353SUSE bug 1252681SUSE bug 1252763SUSE bug 1252773SUSE bug 1252780SUSE bug 1252794SUSE bug 1252795SUSE bug 1252809SUSE bug 1252817SUSE bug 1252821SUSE bug 1252836SUSE bug 1252845SUSE bug 1252862SUSE bug 1252912SUSE bug 1252917SUSE bug 1252928SUSE bug 1253018SUSE bug 1253176SUSE bug 1253275SUSE bug 1253318SUSE bug 1253324SUSE bug 1253349SUSE bug 1253352SUSE bug 1253355SUSE bug 1253360SUSE bug 1253362SUSE bug 1253363SUSE bug 1253367SUSE bug 1253369SUSE bug 1253393SUSE bug 1253395SUSE bug 1253403SUSE bug 1253407SUSE bug 1253409SUSE bug 1253412SUSE bug 1253416SUSE bug 1253421SUSE bug 1253423SUSE bug 1253424SUSE bug 1253425SUSE bug 1253427SUSE bug 1253428SUSE bug 1253431SUSE bug 1253436SUSE bug 1253438SUSE bug 1253440SUSE bug 1253441SUSE bug 1253445SUSE bug 1253448SUSE bug 1253449SUSE bug 1253453SUSE bug 1253456SUSE bug 1253472SUSE bug 1253779CVE-2022-50253 at SUSECVE-2022-50253 at NVDCVE-2023-53676 at SUSECVE-2023-53676 at NVDCVE-2025-21710 at SUSECVE-2025-21710 at NVDCVE-2025-37916 at SUSECVE-2025-37916 at NVDCVE-2025-38359 at SUSECVE-2025-38359 at NVDCVE-2025-38361 at SUSECVE-2025-38361 at NVDCVE-2025-39788 at SUSECVE-2025-39788 at NVDCVE-2025-39805 at SUSECVE-2025-39805 at NVDCVE-2025-39819 at SUSECVE-2025-39819 at NVDCVE-2025-39859 at SUSECVE-2025-39859 at NVDCVE-2025-39944 at SUSECVE-2025-39944 at NVDCVE-2025-39980 at SUSECVE-2025-39980 at NVDCVE-2025-40001 at SUSECVE-2025-40001 at NVDCVE-2025-40021 at SUSECVE-2025-40021 at NVDCVE-2025-40027 at SUSECVE-2025-40027 at NVDCVE-2025-40030 at SUSECVE-2025-40030 at NVDCVE-2025-40038 at SUSECVE-2025-40038 at NVDCVE-2025-40040 at SUSECVE-2025-40040 at NVDCVE-2025-40048 at SUSECVE-2025-40048 at NVDCVE-2025-40055 at SUSECVE-2025-40055 at NVDCVE-2025-40059 at SUSECVE-2025-40059 at NVDCVE-2025-40064 at SUSECVE-2025-40064 at NVDCVE-2025-40070 at SUSECVE-2025-40070 at NVDCVE-2025-40074 at SUSECVE-2025-40074 at NVDCVE-2025-40075 at SUSECVE-2025-40075 at NVDCVE-2025-40083 at SUSECVE-2025-40083 at NVDCVE-2025-40098 at SUSECVE-2025-40098 at NVDCVE-2025-40105 at SUSECVE-2025-40105 at NVDCVE-2025-40107 at SUSECVE-2025-40107 at NVDCVE-2025-40109 at SUSECVE-2025-40109 at NVDCVE-2025-40110 at SUSECVE-2025-40110 at NVDCVE-2025-40111 at SUSECVE-2025-40111 at NVDCVE-2025-40115 at SUSECVE-2025-40115 at NVDCVE-2025-40116 at SUSECVE-2025-40116 at NVDCVE-2025-40118 at SUSECVE-2025-40118 at NVDCVE-2025-40120 at SUSECVE-2025-40120 at NVDCVE-2025-40121 at SUSECVE-2025-40121 at NVDCVE-2025-40127 at SUSECVE-2025-40127 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40139 at SUSECVE-2025-40139 at NVDCVE-2025-40140 at SUSECVE-2025-40140 at NVDCVE-2025-40141 at SUSECVE-2025-40141 at NVDCVE-2025-40149 at SUSECVE-2025-40149 at NVDCVE-2025-40154 at SUSECVE-2025-40154 at NVDCVE-2025-40156 at SUSECVE-2025-40156 at NVDCVE-2025-40157 at SUSECVE-2025-40157 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-40164 at SUSECVE-2025-40164 at NVDCVE-2025-40168 at SUSECVE-2025-40168 at NVDCVE-2025-40169 at SUSECVE-2025-40169 at NVDCVE-2025-40171 at SUSECVE-2025-40171 at NVDCVE-2025-40172 at SUSECVE-2025-40172 at NVDCVE-2025-40173 at SUSECVE-2025-40173 at NVDCVE-2025-40176 at SUSECVE-2025-40176 at NVDCVE-2025-40180 at SUSECVE-2025-40180 at NVDCVE-2025-40183 at SUSECVE-2025-40183 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDCVE-2025-40188 at SUSECVE-2025-40188 at NVDCVE-2025-40194 at SUSECVE-2025-40194 at NVDCVE-2025-40198 at SUSECVE-2025-40198 at NVDCVE-2025-40200 at SUSECVE-2025-40200 at NVDCVE-2025-40204 at SUSECVE-2025-40204 at NVDCVE-2025-40205 at SUSECVE-2025-40205 at NVDCVE-2025-40206 at SUSECVE-2025-40206 at NVDCVE-2025-40207 at SUSECVE-2025-40207 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-33.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
The following non security issue was fixed:
- bsc#1249241: fix addr_bit_set() issue on big-endian machines BITOP_BE32_SWIZZLE ought to be defined depending on the target's endianess, but the livepatch includes only the little-endian variant. Fix that. (bsc#1249241 bsc#1256928).
ImportantSUSE bug 1249205SUSE bug 1249241SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473SUSE bug 1256928CVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1253439SUSE bug 1253473CVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916)
ModerateSUSE bug 1235916CVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-24.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-29.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249455SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249205SUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1249480SUSE bug 1253439SUSE bug 1253473CVE-2025-39742 at SUSECVE-2025-39742 at NVDCVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1253439SUSE bug 1253473CVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-35.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1253439SUSE bug 1253473CVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
ImportantSUSE bug 1253439SUSE bug 1253473CVE-2025-40129 at SUSECVE-2025-40129 at NVDCVE-2025-40186 at SUSECVE-2025-40186 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233678)
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847)
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019)
ModerateSUSE bug 1233019SUSE bug 1233678SUSE bug 1234847CVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-53042 at SUSECVE-2024-53042 at NVDCVE-2024-53156 at SUSECVE-2024-53156 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim (bsc#1256280).
- CVE-2025-38321: smb: Log an error when close_all_cached_dirs fails (bsc#1246328).
- CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256).
- CVE-2025-39880: libceph: fix invalid accesses to ceph_connection_v1_info (bsc#1250388).
- CVE-2025-39890: wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (bsc#1250334).
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046).
- CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342).
- CVE-2025-40024: vhost: Take a reference on the task in struct vhost_task (bsc#1252686).
- CVE-2025-40033: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (bsc#1252824).
- CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861).
- CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808).
- CVE-2025-40081: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (bsc#1252776).
- CVE-2025-40102: KVM: arm64: Prevent access to vCPU events before init (bsc#1252919).
- CVE-2025-40123: bpf: Enforce expected_attach_type for tailcall compatibility (bsc#1253365).
- CVE-2025-40134: dm: fix NULL pointer dereference in __dm_suspend() (bsc#1253386).
- CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342).
- CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408).
- CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402).
- CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400).
- CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458).
- CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413).
- CVE-2025-40178: pid: Add a judgment for ns null in pid_nr_ns (bsc#1253463).
- CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442).
- CVE-2025-40187: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (bsc#1253647).
- CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623).
- CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959).
- CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520).
- CVE-2025-40231: vsock: fix lock inversion in vsock_assign_transport() (bsc#1254815).
- CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
- CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871).
- CVE-2025-40240: sctp: avoid NULL dereference when chunk data buffer is missing (bsc#1254869).
- CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075).
- CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864).
- CVE-2025-40250: net/mlx5: Clean up only new IRQ glue on request_irq() failure (bsc#1254854).
- CVE-2025-40251: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (bsc#1254856).
- CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (bsc#1254849).
- CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852).
- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843).
- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
- CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).
- CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).
- CVE-2025-40268: cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082).
- CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297).
- CVE-2025-40274: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (bsc#1254830).
- CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825).
- CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846).
- CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847).
- CVE-2025-40287: exfat: fix improper check of dentry.stream.valid_size (bsc#1255030).
- CVE-2025-40289: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM (bsc#1255042).
- CVE-2025-40292: virtio-net: fix received length check in big packets (bsc#1255175).
- CVE-2025-40293: iommufd: Don't overflow during division for dirty tracking (bsc#1255179).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255187).
- CVE-2025-40307: exfat: validate cluster allocation bits of the allocation bitmap (bsc#1255039).
- CVE-2025-40319: bpf: Sync pending IRQ work before freeing ring buffer (bsc#1254794).
- CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624).
- CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615).
- CVE-2025-40337: net: stmmac: Correctly handle Rx checksum offload errors (bsc#1255081).
- CVE-2025-40338: ASoC: Intel: avs: Do not share the name pointer between components (bsc#1255273).
- CVE-2025-40339: drm/amdgpu: fix nullptr err of vm_handle_moved (bsc#1255428).
- CVE-2025-40346: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (bsc#1255318).
- CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260).
- CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261).
- CVE-2025-40360: drm/sysfb: Do not dereference NULL pointer in plane reset (bsc#1255095).
- CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
- CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255).
- CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).
- CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).
- CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).
- CVE-2025-68190: drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked() (bsc#1255131).
- CVE-2025-68200: bpf: Add bpf_prog_run_data_pointers() (bsc#1255241).
- CVE-2025-68201: drm/amdgpu: remove two invalid BUG_ON()s (bsc#1255136).
- CVE-2025-68204: pmdomain: arm: scmi: Fix genpd leak on provider registration failure (bsc#1255224).
- CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142).
- CVE-2025-68208: bpf: account for current allocated stack depth in widen_imprecise_scalars() (bsc#1255227).
- CVE-2025-68209: mlx5: Fix default values in create CQ (bsc#1255230).
- CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).
- CVE-2025-68230: drm/amdgpu: fix gpu page fault after hibernation on PF passthrough (bsc#1255134).
- CVE-2025-68239: binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272).
- CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).
- CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
- CVE-2025-68255: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing (bsc#1255395).
- CVE-2025-68259: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (bsc#1255199).
- CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).
- CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).
- CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
- CVE-2025-68297: ceph: fix crash in process_v2_sparse_read() for encrypted directories (bsc#1255403).
- CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120).
- CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).
- CVE-2025-68325: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (bsc#1255417).
- CVE-2025-68327: usb: renesas_usbhs: Fix synchronous external abort on unbind (bsc#1255488).
- CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482).
- CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507).
- CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (bsc#1255544).
- CVE-2025-68363: bpf: Check skb->transport_header is set in bpf_skb_check_mtu (bsc#1255552).
- CVE-2025-68365: fs/ntfs3: Initialize allocated memory before use (bsc#1255548).
- CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).
- CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).
- CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
- CVE-2025-68378: bpf: Refactor stack map trace depth calculation into helper function (bsc#1255614).
- CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
- CVE-2025-68727: ntfs3: Fix uninit buffer allocated by __getname() (bsc#1255568).
- CVE-2025-68728: ntfs3: fix uninit memory after failed mi_read in mi_format_new (bsc#1255539).
- CVE-2025-68733: smack: fix bug: unprivileged task can create labels (bsc#1255615).
- CVE-2025-68742: bpf: Improve program stats run-time calculation (bsc#1255707).
- CVE-2025-68744: bpf: Free special fields when update [lru_,]percpu_hash maps (bsc#1255709).
- CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).
- CVE-2025-68768: inet: frags: add inet_frag_queue_flush() (bsc#1256579).
- CVE-2025-68770: bnxt_en: Fix XDP_TX path (bsc#1256584).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).
- CVE-2025-68776: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (bsc#1256659).
- CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
- CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
- CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).
- CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (bsc#1256646).
- CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).
- CVE-2025-68803: nfsd: set security label during create operations (bsc#1256770).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-68814: io_uring: fix filename leak in __io_openat_prep() (bsc#1256651).
- CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict (bsc#1256680).
- CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
- CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754).
- CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645).
- CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).
- CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).
- CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed() (bsc#1256773).
- CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).
- CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).
- CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).
- CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606).
- CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects (bsc#1256607).
- CVE-2025-71098: ip6_gre: make ip6gre_header() robust (bsc#1256591).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2025-71123: ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757).
- CVE-2025-71133: RDMA/irdma: avoid invalid read in irdma_net_event (bsc#1256733).
- CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (bsc#1256761).
- CVE-2025-71137: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" (bsc#1256760).
- CVE-2025-71149: io_uring/poll: correctly handle io_poll_add() return value on update (bsc#1257164).
- CVE-2026-22976: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (bsc#1257035).
- CVE-2026-22977: net: sock: fix hardened usercopy panic in sock_recv_errqueue (bsc#1257053).
- CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handle_auth_done() (bsc#1257217).
- CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221).
- CVE-2026-22991: libceph: make free_choose_arg_map() resilient to partial allocation (bsc#1257220).
- CVE-2026-22992: libceph: return the handler error from mon_handle_auth_done() (bsc#1257218).
- CVE-2026-22993: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (bsc#1257180).
- CVE-2026-22996: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv.
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).
- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).
- CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).
- CVE-2026-23010: ipv6: Fix use-after-free in inet6_addr_del() (bsc#1257332).
- CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).
The following non security issues were fixed:
- ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).
- Disable CONFIG_CPU5_WDT The cpu5wdt driver doesn't implement a
proper watchdog interface and has many code issues. It only handles
obscure and obsolete hardware. Stop building and supporting this driver
(jsc#PED-14062).
- Update config files (jsc#PED-12554 jsc#PED-6996
bsc#1243677 ltc#213602 bsc#1243678 ltc#213596)
CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y
CONFIG_INTEGRITY_CA_MACHINE_KEYRING_MAX=y
- Update config files: disable CONFIG_DEVPORT for arm64 (bsc#1256792)
- bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).
- bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).
- cifs: Fix copy offload to flush destination region (bsc#1252511).
- cifs: Fix flushing, invalidation and file size with copy_file_range() (bsc#1252511).
- cifs: Fix uncached read into ITER_KVEC iterator (bsc#1245449).
- cifs: make cifs_chan_update_iface() a void function (git-fixes).
- cifs: update dstaddr whenever channel iface is updated (git-fixes).
- cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026).
- dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386)
- drm/amdgpu: update mappings not managed by KFD (bsc#1255428)
- ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378).
- ext4: wait for ongoing I/O to complete before freeing blocks (bsc#1256366).
- fs: dlm: allow to F_SETLKW getting interrupted (bsc#1255025).
- ice: use netif_get_num_default_rss_queues() (bsc#1247712).
- media: atomisp: Prefix firmware paths with "intel/ipu/" (bsc#1252973).
- media: atomisp: Remove firmware_name module parameter (bsc#1252973).
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1254447 bsc#1253087).
- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
- net: tcp: allow zero-window ACK update the window (bsc#1254767).
- net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes).
- powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).
- powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event
handling (bsc#1253262 ltc#216029).
- powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285
bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493
bsc#1254244 ltc#216496).
- sched: Increase sched_tick_remote timeout (bsc#1254510).
- scsi: lpfc: Add capability to register Platform Name ID to fabric (bsc#1254119).
- scsi: lpfc: Allow support for BB credit recovery in point-to-point topology (bsc#1254119).
- scsi: lpfc: Ensure unregistration of rpis for received PLOGIs (bsc#1254119).
- scsi: lpfc: Fix leaked ndlp krefs when in point-to-point topology (bsc#1254119).
- scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (bsc#1254119).
- scsi: lpfc: Modify kref handling for Fabric Controller ndlps (bsc#1254119).
- scsi: lpfc: Remove redundant NULL ptr assignment in lpfc_els_free_iocb() (bsc#1254119).
- scsi: lpfc: Revise discovery related function headers and comments (bsc#1254119).
- scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256861).
- scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119).
- scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256861).
- scsi: lpfc: Update various NPIV diagnostic log messaging (bsc#1254119).
- scsi: qla2xxx: Add Speed in SFP print information (bsc#1256863).
- scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256863).
- scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256863).
- scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256863).
- scsi: qla2xxx: Allow recovery for tape devices (bsc#1256863).
- scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256863).
- scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256863).
- scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256863).
- scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256863).
- scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256863).
- scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256863).
- scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256863).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748,bsc#1257154).
- smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes).
- smb: improve directory cache reuse for readdir operations (bsc#1252712).
- soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes).
- spi: tegra210-quad: Check hardware status on timeout (bsc#1253155)
- spi: tegra210-quad: Fix timeout handling (bsc#1253155)
- spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155)
- spi: tegra210-quad: Update dummy sequence configuration (git-fixes)
- supported.conf: Mark lan 743x supported (jsc#PED-14571)
- tracing: Fix access to trace_event_file (bsc#1254373).
- wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes).
- x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).
- x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528).
- x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528).
- x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528).
- x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528).
- x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any
unreleased standalone Zen5 microcode patches (bsc#1256528).
- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528).
- x86/microcode/AMD: Fix __apply_microcode_amd()'s return value (bsc#1256528).
- x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528).
- x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528).
- x86/microcode/AMD: Select which microcode patch to load (bsc#1256528).
- x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528).
- x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1194869SUSE bug 1205462SUSE bug 1214285SUSE bug 1214635SUSE bug 1214847SUSE bug 1215146SUSE bug 1215199SUSE bug 1215211SUSE bug 1215344SUSE bug 1216062SUSE bug 1216436SUSE bug 1219165SUSE bug 1220419SUSE bug 1223731SUSE bug 1223800SUSE bug 1228490SUSE bug 1233563SUSE bug 1234163SUSE bug 1234842SUSE bug 1241437SUSE bug 1242909SUSE bug 1243677SUSE bug 1243678SUSE bug 1245193SUSE bug 1245449SUSE bug 1246184SUSE bug 1246328SUSE bug 1246447SUSE bug 1247030SUSE bug 1247500SUSE bug 1247712SUSE bug 1248211SUSE bug 1248886SUSE bug 1249256SUSE bug 1249307SUSE bug 1250032SUSE bug 1250082SUSE bug 1250334SUSE bug 1250388SUSE bug 1250705SUSE bug 1250748SUSE bug 1252046SUSE bug 1252342SUSE bug 1252511SUSE bug 1252686SUSE bug 1252712SUSE bug 1252776SUSE bug 1252808SUSE bug 1252824SUSE bug 1252861SUSE bug 1252891SUSE bug 1252900SUSE bug 1252919SUSE bug 1252973SUSE bug 1253087SUSE bug 1253155SUSE bug 1253262SUSE bug 1253342SUSE bug 1253365SUSE bug 1253386SUSE bug 1253400SUSE bug 1253402SUSE bug 1253408SUSE bug 1253413SUSE bug 1253442SUSE bug 1253451SUSE bug 1253458SUSE bug 1253463SUSE bug 1253623SUSE bug 1253647SUSE bug 1253739SUSE bug 1254119SUSE bug 1254126SUSE bug 1254244SUSE bug 1254373SUSE bug 1254378SUSE bug 1254447SUSE bug 1254465SUSE bug 1254510SUSE bug 1254518SUSE bug 1254520SUSE bug 1254599SUSE bug 1254606SUSE bug 1254611SUSE bug 1254613SUSE bug 1254615SUSE bug 1254621SUSE bug 1254623SUSE bug 1254624SUSE bug 1254626SUSE bug 1254648SUSE bug 1254649SUSE bug 1254653SUSE bug 1254655SUSE bug 1254657SUSE bug 1254660SUSE bug 1254661SUSE bug 1254663SUSE bug 1254669SUSE bug 1254677SUSE bug 1254678SUSE bug 1254688SUSE bug 1254690SUSE bug 1254691SUSE bug 1254693SUSE bug 1254695SUSE bug 1254698SUSE bug 1254701SUSE bug 1254704SUSE bug 1254705SUSE bug 1254707SUSE bug 1254712SUSE bug 1254715SUSE bug 1254717SUSE bug 1254723SUSE bug 1254724SUSE bug 1254732SUSE bug 1254733SUSE bug 1254737SUSE bug 1254739SUSE bug 1254742SUSE bug 1254743SUSE bug 1254749SUSE bug 1254750SUSE bug 1254753SUSE bug 1254754SUSE bug 1254758SUSE bug 1254761SUSE bug 1254762SUSE bug 1254765SUSE bug 1254767SUSE bug 1254782SUSE bug 1254791SUSE bug 1254793SUSE bug 1254794SUSE bug 1254795SUSE bug 1254796SUSE bug 1254797SUSE bug 1254798SUSE bug 1254813SUSE bug 1254815SUSE bug 1254825SUSE bug 1254828SUSE bug 1254829SUSE bug 1254830SUSE bug 1254832SUSE bug 1254835SUSE bug 1254839SUSE bug 1254840SUSE bug 1254842SUSE bug 1254843SUSE bug 1254845SUSE bug 1254846SUSE bug 1254847SUSE bug 1254849SUSE bug 1254850SUSE bug 1254851SUSE bug 1254852SUSE bug 1254854SUSE bug 1254856SUSE bug 1254858SUSE bug 1254860SUSE bug 1254864SUSE bug 1254869SUSE bug 1254871SUSE bug 1254894SUSE bug 1254918SUSE bug 1254957SUSE bug 1254959SUSE bug 1254983SUSE bug 1255005SUSE bug 1255009SUSE bug 1255025SUSE bug 1255026SUSE bug 1255030SUSE bug 1255033SUSE bug 1255034SUSE bug 1255035SUSE bug 1255039SUSE bug 1255041SUSE bug 1255042SUSE bug 1255046SUSE bug 1255057SUSE bug 1255062SUSE bug 1255064SUSE bug 1255065SUSE bug 1255068SUSE bug 1255072SUSE bug 1255075SUSE bug 1255077SUSE bug 1255081SUSE bug 1255082SUSE bug 1255083SUSE bug 1255092SUSE bug 1255094SUSE bug 1255095SUSE bug 1255100SUSE bug 1255102SUSE bug 1255120SUSE bug 1255122SUSE bug 1255128SUSE bug 1255131SUSE bug 1255134SUSE bug 1255135SUSE bug 1255136SUSE bug 1255138SUSE bug 1255140SUSE bug 1255142SUSE bug 1255146SUSE bug 1255149SUSE bug 1255152SUSE bug 1255154SUSE bug 1255155SUSE bug 1255157SUSE bug 1255163SUSE bug 1255164SUSE bug 1255167SUSE bug 1255169SUSE bug 1255171SUSE bug 1255172SUSE bug 1255175SUSE bug 1255179SUSE bug 1255182SUSE bug 1255187SUSE bug 1255190SUSE bug 1255193SUSE bug 1255197SUSE bug 1255199SUSE bug 1255202SUSE bug 1255203SUSE bug 1255206SUSE bug 1255209SUSE bug 1255216SUSE bug 1255218SUSE bug 1255221SUSE bug 1255224SUSE bug 1255227SUSE bug 1255230SUSE bug 1255233SUSE bug 1255241SUSE bug 1255245SUSE bug 1255246SUSE bug 1255251SUSE bug 1255252SUSE bug 1255253SUSE bug 1255255SUSE bug 1255259SUSE bug 1255260SUSE bug 1255261SUSE bug 1255262SUSE bug 1255266SUSE bug 1255268SUSE bug 1255269SUSE bug 1255272SUSE bug 1255273SUSE bug 1255274SUSE bug 1255276SUSE bug 1255279SUSE bug 1255280SUSE bug 1255281SUSE bug 1255297SUSE bug 1255318SUSE bug 1255325SUSE bug 1255327SUSE bug 1255329SUSE bug 1255351SUSE bug 1255377SUSE bug 1255380SUSE bug 1255395SUSE bug 1255401SUSE bug 1255403SUSE bug 1255415SUSE bug 1255417SUSE bug 1255428SUSE bug 1255480SUSE bug 1255482SUSE bug 1255483SUSE bug 1255488SUSE bug 1255489SUSE bug 1255493SUSE bug 1255495SUSE bug 1255505SUSE bug 1255507SUSE bug 1255537SUSE bug 1255538SUSE bug 1255539SUSE bug 1255540SUSE bug 1255544SUSE bug 1255545SUSE bug 1255547SUSE bug 1255548SUSE bug 1255549SUSE bug 1255550SUSE bug 1255552SUSE bug 1255553SUSE bug 1255557SUSE bug 1255558SUSE bug 1255563SUSE bug 1255564SUSE bug 1255567SUSE bug 1255568SUSE bug 1255569SUSE bug 1255570SUSE bug 1255578SUSE bug 1255579SUSE bug 1255580SUSE bug 1255583SUSE bug 1255591SUSE bug 1255601SUSE bug 1255603SUSE bug 1255605SUSE bug 1255611SUSE bug 1255614SUSE bug 1255615SUSE bug 1255616SUSE bug 1255617SUSE bug 1255618SUSE bug 1255621SUSE bug 1255622SUSE bug 1255628SUSE bug 1255629SUSE bug 1255630SUSE bug 1255632SUSE bug 1255636SUSE bug 1255688SUSE bug 1255691SUSE bug 1255695SUSE bug 1255702SUSE bug 1255704SUSE bug 1255706SUSE bug 1255707SUSE bug 1255709SUSE bug 1255722SUSE bug 1255758SUSE bug 1255759SUSE bug 1255760SUSE bug 1255763SUSE bug 1255769SUSE bug 1255770SUSE bug 1255772SUSE bug 1255774SUSE bug 1255775SUSE bug 1255776SUSE bug 1255780SUSE bug 1255785SUSE bug 1255786SUSE bug 1255789SUSE bug 1255790SUSE bug 1255792SUSE bug 1255793SUSE bug 1255795SUSE bug 1255798SUSE bug 1255800SUSE bug 1255801SUSE bug 1255806SUSE bug 1255807SUSE bug 1255809SUSE bug 1255810SUSE bug 1255812SUSE bug 1255814SUSE bug 1255820SUSE bug 1255838SUSE bug 1255842SUSE bug 1255843SUSE bug 1255872SUSE bug 1255875SUSE bug 1255879SUSE bug 1255883SUSE bug 1255884SUSE bug 1255886SUSE bug 1255888SUSE bug 1255890SUSE bug 1255891SUSE bug 1255892SUSE bug 1255899SUSE bug 1255902SUSE bug 1255907SUSE bug 1255911SUSE bug 1255915SUSE bug 1255918SUSE bug 1255921SUSE bug 1255924SUSE bug 1255925SUSE bug 1255930SUSE bug 1255931SUSE bug 1255932SUSE bug 1255934SUSE bug 1255943SUSE bug 1255944SUSE bug 1255949SUSE bug 1255951SUSE bug 1255952SUSE bug 1255955SUSE bug 1255957SUSE bug 1255961SUSE bug 1255963SUSE bug 1255964SUSE bug 1255967SUSE bug 1255974SUSE bug 1255978SUSE bug 1255984SUSE bug 1255988SUSE bug 1255990SUSE bug 1255992SUSE bug 1255993SUSE bug 1255994SUSE bug 1255996SUSE bug 1256033SUSE bug 1256034SUSE bug 1256045SUSE bug 1256050SUSE bug 1256058SUSE bug 1256071SUSE bug 1256074SUSE bug 1256081SUSE bug 1256082SUSE bug 1256083SUSE bug 1256084SUSE bug 1256085SUSE bug 1256090SUSE bug 1256093SUSE bug 1256094SUSE bug 1256095SUSE bug 1256096SUSE bug 1256099SUSE bug 1256100SUSE bug 1256104SUSE bug 1256106SUSE bug 1256107SUSE bug 1256117SUSE bug 1256119SUSE bug 1256121SUSE bug 1256145SUSE bug 1256153SUSE bug 1256178SUSE bug 1256197SUSE bug 1256231SUSE bug 1256233SUSE bug 1256234SUSE bug 1256238SUSE bug 1256263SUSE bug 1256267SUSE bug 1256268SUSE bug 1256271SUSE bug 1256273SUSE bug 1256274SUSE bug 1256279SUSE bug 1256280SUSE bug 1256285SUSE bug 1256291SUSE bug 1256292SUSE bug 1256300SUSE bug 1256301SUSE bug 1256302SUSE bug 1256335SUSE bug 1256348SUSE bug 1256351SUSE bug 1256354SUSE bug 1256358SUSE bug 1256361SUSE bug 1256364SUSE bug 1256366SUSE bug 1256367SUSE bug 1256368SUSE bug 1256369SUSE bug 1256370SUSE bug 1256371SUSE bug 1256373SUSE bug 1256375SUSE bug 1256379SUSE bug 1256387SUSE bug 1256394SUSE bug 1256395SUSE bug 1256396SUSE bug 1256528SUSE bug 1256579SUSE bug 1256582SUSE bug 1256584SUSE bug 1256586SUSE bug 1256591SUSE bug 1256593SUSE bug 1256597SUSE bug 1256605SUSE bug 1256606SUSE bug 1256607SUSE bug 1256609SUSE bug 1256610SUSE bug 1256611SUSE bug 1256612SUSE bug 1256613SUSE bug 1256616SUSE bug 1256617SUSE bug 1256619SUSE bug 1256622SUSE bug 1256623SUSE bug 1256625SUSE bug 1256628SUSE bug 1256630SUSE bug 1256638SUSE bug 1256641SUSE bug 1256645SUSE bug 1256646SUSE bug 1256650SUSE bug 1256651SUSE bug 1256653SUSE bug 1256654SUSE bug 1256655SUSE bug 1256659SUSE bug 1256660SUSE bug 1256664SUSE bug 1256665SUSE bug 1256674SUSE bug 1256680SUSE bug 1256682SUSE bug 1256688SUSE bug 1256689SUSE bug 1256726SUSE bug 1256728SUSE bug 1256730SUSE bug 1256733SUSE bug 1256737SUSE bug 1256741SUSE bug 1256742SUSE bug 1256744SUSE bug 1256752SUSE bug 1256754SUSE bug 1256757SUSE bug 1256759SUSE bug 1256760SUSE bug 1256761SUSE bug 1256763SUSE bug 1256770SUSE bug 1256773SUSE bug 1256774SUSE bug 1256777SUSE bug 1256779SUSE bug 1256781SUSE bug 1256785SUSE bug 1256792SUSE bug 1256861SUSE bug 1256863SUSE bug 1257035SUSE bug 1257053SUSE bug 1257154SUSE bug 1257155SUSE bug 1257158SUSE bug 1257163SUSE bug 1257164SUSE bug 1257180SUSE bug 1257202SUSE bug 1257204SUSE bug 1257207SUSE bug 1257208SUSE bug 1257215SUSE bug 1257217SUSE bug 1257218SUSE bug 1257220SUSE bug 1257221SUSE bug 1257227SUSE bug 1257232SUSE bug 1257234SUSE bug 1257236SUSE bug 1257245SUSE bug 1257277SUSE bug 1257282SUSE bug 1257296SUSE bug 1257332SUSE bug 1257473SUSE bug 1257603CVE-2023-42752 at SUSECVE-2023-42752 at NVDCVE-2023-53714 at SUSECVE-2023-53714 at NVDCVE-2023-53743 at SUSECVE-2023-53743 at NVDCVE-2023-53750 at SUSECVE-2023-53750 at NVDCVE-2023-53752 at SUSECVE-2023-53752 at NVDCVE-2023-53759 at SUSECVE-2023-53759 at NVDCVE-2023-53762 at SUSECVE-2023-53762 at NVDCVE-2023-53766 at SUSECVE-2023-53766 at NVDCVE-2023-53768 at SUSECVE-2023-53768 at NVDCVE-2023-53777 at SUSECVE-2023-53777 at NVDCVE-2023-53778 at SUSECVE-2023-53778 at NVDCVE-2023-53782 at SUSECVE-2023-53782 at NVDCVE-2023-53784 at SUSECVE-2023-53784 at NVDCVE-2023-53785 at SUSECVE-2023-53785 at NVDCVE-2023-53787 at SUSECVE-2023-53787 at NVDCVE-2023-53791 at SUSECVE-2023-53791 at NVDCVE-2023-53792 at SUSECVE-2023-53792 at NVDCVE-2023-53793 at SUSECVE-2023-53793 at NVDCVE-2023-53794 at SUSECVE-2023-53794 at NVDCVE-2023-53795 at SUSECVE-2023-53795 at NVDCVE-2023-53797 at SUSECVE-2023-53797 at NVDCVE-2023-53799 at SUSECVE-2023-53799 at NVDCVE-2023-53807 at SUSECVE-2023-53807 at NVDCVE-2023-53808 at SUSECVE-2023-53808 at NVDCVE-2023-53813 at SUSECVE-2023-53813 at NVDCVE-2023-53815 at SUSECVE-2023-53815 at NVDCVE-2023-53819 at SUSECVE-2023-53819 at NVDCVE-2023-53821 at SUSECVE-2023-53821 at NVDCVE-2023-53823 at SUSECVE-2023-53823 at NVDCVE-2023-53825 at SUSECVE-2023-53825 at NVDCVE-2023-53828 at SUSECVE-2023-53828 at NVDCVE-2023-53831 at SUSECVE-2023-53831 at NVDCVE-2023-53834 at SUSECVE-2023-53834 at NVDCVE-2023-53836 at SUSECVE-2023-53836 at NVDCVE-2023-53839 at SUSECVE-2023-53839 at NVDCVE-2023-53841 at SUSECVE-2023-53841 at NVDCVE-2023-53842 at SUSECVE-2023-53842 at NVDCVE-2023-53843 at SUSECVE-2023-53843 at NVDCVE-2023-53844 at SUSECVE-2023-53844 at NVDCVE-2023-53846 at SUSECVE-2023-53846 at NVDCVE-2023-53847 at SUSECVE-2023-53847 at NVDCVE-2023-53848 at SUSECVE-2023-53848 at NVDCVE-2023-53850 at SUSECVE-2023-53850 at NVDCVE-2023-53851 at SUSECVE-2023-53851 at NVDCVE-2023-53852 at SUSECVE-2023-53852 at NVDCVE-2023-53855 at SUSECVE-2023-53855 at NVDCVE-2023-53856 at SUSECVE-2023-53856 at NVDCVE-2023-53857 at SUSECVE-2023-53857 at NVDCVE-2023-53858 at SUSECVE-2023-53858 at NVDCVE-2023-53860 at SUSECVE-2023-53860 at NVDCVE-2023-53861 at SUSECVE-2023-53861 at NVDCVE-2023-53863 at SUSECVE-2023-53863 at NVDCVE-2023-53864 at SUSECVE-2023-53864 at NVDCVE-2023-53865 at SUSECVE-2023-53865 at NVDCVE-2023-53989 at SUSECVE-2023-53989 at NVDCVE-2023-53992 at SUSECVE-2023-53992 at NVDCVE-2023-53994 at SUSECVE-2023-53994 at NVDCVE-2023-53995 at SUSECVE-2023-53995 at NVDCVE-2023-53996 at SUSECVE-2023-53996 at NVDCVE-2023-53997 at SUSECVE-2023-53997 at NVDCVE-2023-53998 at SUSECVE-2023-53998 at NVDCVE-2023-53999 at SUSECVE-2023-53999 at NVDCVE-2023-54000 at SUSECVE-2023-54000 at NVDCVE-2023-54001 at SUSECVE-2023-54001 at NVDCVE-2023-54005 at SUSECVE-2023-54005 at NVDCVE-2023-54006 at SUSECVE-2023-54006 at NVDCVE-2023-54008 at SUSECVE-2023-54008 at NVDCVE-2023-54013 at SUSECVE-2023-54013 at NVDCVE-2023-54014 at SUSECVE-2023-54014 at NVDCVE-2023-54016 at SUSECVE-2023-54016 at NVDCVE-2023-54017 at SUSECVE-2023-54017 at NVDCVE-2023-54019 at SUSECVE-2023-54019 at NVDCVE-2023-54022 at SUSECVE-2023-54022 at NVDCVE-2023-54023 at SUSECVE-2023-54023 at NVDCVE-2023-54025 at SUSECVE-2023-54025 at NVDCVE-2023-54026 at SUSECVE-2023-54026 at NVDCVE-2023-54027 at SUSECVE-2023-54027 at NVDCVE-2023-54030 at SUSECVE-2023-54030 at NVDCVE-2023-54031 at SUSECVE-2023-54031 at NVDCVE-2023-54032 at SUSECVE-2023-54032 at NVDCVE-2023-54035 at SUSECVE-2023-54035 at NVDCVE-2023-54037 at SUSECVE-2023-54037 at NVDCVE-2023-54038 at SUSECVE-2023-54038 at NVDCVE-2023-54042 at SUSECVE-2023-54042 at NVDCVE-2023-54045 at SUSECVE-2023-54045 at NVDCVE-2023-54048 at SUSECVE-2023-54048 at NVDCVE-2023-54049 at SUSECVE-2023-54049 at NVDCVE-2023-54051 at SUSECVE-2023-54051 at NVDCVE-2023-54052 at SUSECVE-2023-54052 at NVDCVE-2023-54060 at SUSECVE-2023-54060 at NVDCVE-2023-54064 at SUSECVE-2023-54064 at NVDCVE-2023-54066 at SUSECVE-2023-54066 at NVDCVE-2023-54067 at SUSECVE-2023-54067 at NVDCVE-2023-54069 at SUSECVE-2023-54069 at NVDCVE-2023-54070 at SUSECVE-2023-54070 at NVDCVE-2023-54072 at SUSECVE-2023-54072 at NVDCVE-2023-54076 at SUSECVE-2023-54076 at NVDCVE-2023-54080 at SUSECVE-2023-54080 at NVDCVE-2023-54081 at SUSECVE-2023-54081 at NVDCVE-2023-54083 at SUSECVE-2023-54083 at NVDCVE-2023-54088 at SUSECVE-2023-54088 at NVDCVE-2023-54089 at SUSECVE-2023-54089 at NVDCVE-2023-54091 at SUSECVE-2023-54091 at NVDCVE-2023-54092 at SUSECVE-2023-54092 at NVDCVE-2023-54093 at SUSECVE-2023-54093 at NVDCVE-2023-54094 at SUSECVE-2023-54094 at NVDCVE-2023-54095 at SUSECVE-2023-54095 at NVDCVE-2023-54096 at SUSECVE-2023-54096 at NVDCVE-2023-54099 at SUSECVE-2023-54099 at NVDCVE-2023-54101 at SUSECVE-2023-54101 at NVDCVE-2023-54104 at SUSECVE-2023-54104 at NVDCVE-2023-54106 at SUSECVE-2023-54106 at NVDCVE-2023-54112 at SUSECVE-2023-54112 at NVDCVE-2023-54113 at SUSECVE-2023-54113 at NVDCVE-2023-54115 at SUSECVE-2023-54115 at NVDCVE-2023-54117 at SUSECVE-2023-54117 at NVDCVE-2023-54121 at SUSECVE-2023-54121 at NVDCVE-2023-54125 at SUSECVE-2023-54125 at NVDCVE-2023-54127 at SUSECVE-2023-54127 at NVDCVE-2023-54133 at SUSECVE-2023-54133 at NVDCVE-2023-54134 at SUSECVE-2023-54134 at NVDCVE-2023-54135 at SUSECVE-2023-54135 at NVDCVE-2023-54136 at SUSECVE-2023-54136 at NVDCVE-2023-54137 at SUSECVE-2023-54137 at NVDCVE-2023-54140 at SUSECVE-2023-54140 at NVDCVE-2023-54141 at SUSECVE-2023-54141 at NVDCVE-2023-54142 at SUSECVE-2023-54142 at NVDCVE-2023-54143 at SUSECVE-2023-54143 at NVDCVE-2023-54145 at SUSECVE-2023-54145 at NVDCVE-2023-54148 at SUSECVE-2023-54148 at NVDCVE-2023-54149 at SUSECVE-2023-54149 at NVDCVE-2023-54153 at SUSECVE-2023-54153 at NVDCVE-2023-54154 at SUSECVE-2023-54154 at NVDCVE-2023-54155 at SUSECVE-2023-54155 at NVDCVE-2023-54156 at SUSECVE-2023-54156 at NVDCVE-2023-54164 at SUSECVE-2023-54164 at NVDCVE-2023-54166 at SUSECVE-2023-54166 at NVDCVE-2023-54169 at SUSECVE-2023-54169 at NVDCVE-2023-54170 at SUSECVE-2023-54170 at NVDCVE-2023-54171 at SUSECVE-2023-54171 at NVDCVE-2023-54172 at SUSECVE-2023-54172 at NVDCVE-2023-54173 at SUSECVE-2023-54173 at NVDCVE-2023-54177 at SUSECVE-2023-54177 at NVDCVE-2023-54178 at SUSECVE-2023-54178 at NVDCVE-2023-54179 at SUSECVE-2023-54179 at NVDCVE-2023-54181 at SUSECVE-2023-54181 at NVDCVE-2023-54183 at SUSECVE-2023-54183 at NVDCVE-2023-54185 at SUSECVE-2023-54185 at NVDCVE-2023-54189 at SUSECVE-2023-54189 at NVDCVE-2023-54194 at SUSECVE-2023-54194 at NVDCVE-2023-54201 at SUSECVE-2023-54201 at NVDCVE-2023-54204 at SUSECVE-2023-54204 at NVDCVE-2023-54207 at SUSECVE-2023-54207 at NVDCVE-2023-54209 at SUSECVE-2023-54209 at NVDCVE-2023-54210 at SUSECVE-2023-54210 at NVDCVE-2023-54211 at SUSECVE-2023-54211 at NVDCVE-2023-54215 at SUSECVE-2023-54215 at NVDCVE-2023-54219 at SUSECVE-2023-54219 at NVDCVE-2023-54220 at SUSECVE-2023-54220 at NVDCVE-2023-54221 at SUSECVE-2023-54221 at NVDCVE-2023-54223 at SUSECVE-2023-54223 at NVDCVE-2023-54224 at SUSECVE-2023-54224 at NVDCVE-2023-54225 at SUSECVE-2023-54225 at NVDCVE-2023-54227 at SUSECVE-2023-54227 at NVDCVE-2023-54229 at SUSECVE-2023-54229 at NVDCVE-2023-54230 at SUSECVE-2023-54230 at NVDCVE-2023-54235 at SUSECVE-2023-54235 at NVDCVE-2023-54240 at SUSECVE-2023-54240 at NVDCVE-2023-54241 at SUSECVE-2023-54241 at NVDCVE-2023-54246 at SUSECVE-2023-54246 at NVDCVE-2023-54247 at SUSECVE-2023-54247 at NVDCVE-2023-54251 at SUSECVE-2023-54251 at NVDCVE-2023-54253 at SUSECVE-2023-54253 at NVDCVE-2023-54254 at SUSECVE-2023-54254 at NVDCVE-2023-54255 at SUSECVE-2023-54255 at NVDCVE-2023-54258 at SUSECVE-2023-54258 at NVDCVE-2023-54261 at SUSECVE-2023-54261 at NVDCVE-2023-54263 at SUSECVE-2023-54263 at NVDCVE-2023-54264 at SUSECVE-2023-54264 at NVDCVE-2023-54266 at SUSECVE-2023-54266 at NVDCVE-2023-54267 at SUSECVE-2023-54267 at NVDCVE-2023-54271 at SUSECVE-2023-54271 at NVDCVE-2023-54276 at SUSECVE-2023-54276 at NVDCVE-2023-54278 at SUSECVE-2023-54278 at NVDCVE-2023-54281 at SUSECVE-2023-54281 at NVDCVE-2023-54282 at SUSECVE-2023-54282 at NVDCVE-2023-54283 at SUSECVE-2023-54283 at NVDCVE-2023-54285 at SUSECVE-2023-54285 at NVDCVE-2023-54289 at SUSECVE-2023-54289 at NVDCVE-2023-54291 at SUSECVE-2023-54291 at NVDCVE-2023-54292 at SUSECVE-2023-54292 at NVDCVE-2023-54293 at SUSECVE-2023-54293 at NVDCVE-2023-54296 at SUSECVE-2023-54296 at NVDCVE-2023-54297 at SUSECVE-2023-54297 at NVDCVE-2023-54299 at SUSECVE-2023-54299 at NVDCVE-2023-54300 at SUSECVE-2023-54300 at NVDCVE-2023-54302 at SUSECVE-2023-54302 at NVDCVE-2023-54303 at SUSECVE-2023-54303 at NVDCVE-2023-54304 at SUSECVE-2023-54304 at NVDCVE-2023-54309 at SUSECVE-2023-54309 at NVDCVE-2023-54312 at SUSECVE-2023-54312 at NVDCVE-2023-54313 at SUSECVE-2023-54313 at NVDCVE-2023-54314 at SUSECVE-2023-54314 at NVDCVE-2023-54315 at SUSECVE-2023-54315 at NVDCVE-2023-54316 at SUSECVE-2023-54316 at NVDCVE-2023-54318 at SUSECVE-2023-54318 at NVDCVE-2023-54319 at SUSECVE-2023-54319 at NVDCVE-2023-54322 at SUSECVE-2023-54322 at NVDCVE-2023-54324 at SUSECVE-2023-54324 at NVDCVE-2023-54326 at SUSECVE-2023-54326 at NVDCVE-2024-26944 at SUSECVE-2024-26944 at NVDCVE-2024-27005 at SUSECVE-2024-27005 at NVDCVE-2024-42103 at SUSECVE-2024-42103 at NVDCVE-2024-53070 at SUSECVE-2024-53070 at NVDCVE-2024-53149 at SUSECVE-2024-53149 at NVDCVE-2025-22047 at SUSECVE-2025-22047 at NVDCVE-2025-37813 at SUSECVE-2025-37813 at NVDCVE-2025-38243 at SUSECVE-2025-38243 at NVDCVE-2025-38321 at SUSECVE-2025-38321 at NVDCVE-2025-38322 at SUSECVE-2025-38322 at NVDCVE-2025-38379 at SUSECVE-2025-38379 at NVDCVE-2025-38539 at SUSECVE-2025-38539 at NVDCVE-2025-38728 at SUSECVE-2025-38728 at NVDCVE-2025-39689 at SUSECVE-2025-39689 at NVDCVE-2025-39813 at SUSECVE-2025-39813 at NVDCVE-2025-39829 at SUSECVE-2025-39829 at NVDCVE-2025-39880 at SUSECVE-2025-39880 at NVDCVE-2025-39890 at SUSECVE-2025-39890 at NVDCVE-2025-39913 at SUSECVE-2025-39913 at NVDCVE-2025-39977 at SUSECVE-2025-39977 at NVDCVE-2025-40006 at SUSECVE-2025-40006 at NVDCVE-2025-40024 at SUSECVE-2025-40024 at NVDCVE-2025-40033 at SUSECVE-2025-40033 at NVDCVE-2025-40042 at SUSECVE-2025-40042 at NVDCVE-2025-40053 at SUSECVE-2025-40053 at NVDCVE-2025-40081 at SUSECVE-2025-40081 at NVDCVE-2025-40097 at SUSECVE-2025-40097 at NVDCVE-2025-40102 at SUSECVE-2025-40102 at NVDCVE-2025-40106 at SUSECVE-2025-40106 at NVDCVE-2025-40123 at SUSECVE-2025-40123 at NVDCVE-2025-40134 at SUSECVE-2025-40134 at NVDCVE-2025-40135 at SUSECVE-2025-40135 at NVDCVE-2025-40153 at SUSECVE-2025-40153 at NVDCVE-2025-40158 at SUSECVE-2025-40158 at NVDCVE-2025-40160 at SUSECVE-2025-40160 at NVDCVE-2025-40167 at SUSECVE-2025-40167 at NVDCVE-2025-40170 at SUSECVE-2025-40170 at NVDCVE-2025-40178 at SUSECVE-2025-40178 at NVDCVE-2025-40179 at SUSECVE-2025-40179 at NVDCVE-2025-40187 at SUSECVE-2025-40187 at NVDCVE-2025-40190 at SUSECVE-2025-40190 at NVDCVE-2025-40202 at SUSECVE-2025-40202 at NVDCVE-2025-40211 at SUSECVE-2025-40211 at NVDCVE-2025-40215 at SUSECVE-2025-40215 at NVDCVE-2025-40219 at SUSECVE-2025-40219 at NVDCVE-2025-40220 at SUSECVE-2025-40220 at NVDCVE-2025-40223 at SUSECVE-2025-40223 at NVDCVE-2025-40231 at SUSECVE-2025-40231 at NVDCVE-2025-40233 at SUSECVE-2025-40233 at NVDCVE-2025-40238 at SUSECVE-2025-40238 at NVDCVE-2025-40240 at SUSECVE-2025-40240 at NVDCVE-2025-40242 at SUSECVE-2025-40242 at NVDCVE-2025-40244 at SUSECVE-2025-40244 at NVDCVE-2025-40248 at SUSECVE-2025-40248 at NVDCVE-2025-40250 at SUSECVE-2025-40250 at NVDCVE-2025-40251 at SUSECVE-2025-40251 at NVDCVE-2025-40252 at SUSECVE-2025-40252 at NVDCVE-2025-40254 at SUSECVE-2025-40254 at NVDCVE-2025-40256 at SUSECVE-2025-40256 at NVDCVE-2025-40257 at SUSECVE-2025-40257 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40259 at SUSECVE-2025-40259 at NVDCVE-2025-40261 at SUSECVE-2025-40261 at NVDCVE-2025-40262 at SUSECVE-2025-40262 at NVDCVE-2025-40263 at SUSECVE-2025-40263 at NVDCVE-2025-40264 at SUSECVE-2025-40264 at NVDCVE-2025-40268 at SUSECVE-2025-40268 at NVDCVE-2025-40269 at SUSECVE-2025-40269 at NVDCVE-2025-40271 at SUSECVE-2025-40271 at NVDCVE-2025-40272 at SUSECVE-2025-40272 at NVDCVE-2025-40273 at SUSECVE-2025-40273 at NVDCVE-2025-40274 at SUSECVE-2025-40274 at NVDCVE-2025-40275 at SUSECVE-2025-40275 at NVDCVE-2025-40277 at SUSECVE-2025-40277 at NVDCVE-2025-40278 at SUSECVE-2025-40278 at NVDCVE-2025-40279 at SUSECVE-2025-40279 at NVDCVE-2025-40280 at SUSECVE-2025-40280 at NVDCVE-2025-40282 at SUSECVE-2025-40282 at NVDCVE-2025-40283 at SUSECVE-2025-40283 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40287 at SUSECVE-2025-40287 at NVDCVE-2025-40288 at SUSECVE-2025-40288 at NVDCVE-2025-40289 at SUSECVE-2025-40289 at NVDCVE-2025-40292 at SUSECVE-2025-40292 at NVDCVE-2025-40293 at SUSECVE-2025-40293 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-40301 at SUSECVE-2025-40301 at NVDCVE-2025-40304 at SUSECVE-2025-40304 at NVDCVE-2025-40306 at SUSECVE-2025-40306 at NVDCVE-2025-40307 at SUSECVE-2025-40307 at NVDCVE-2025-40308 at SUSECVE-2025-40308 at NVDCVE-2025-40309 at SUSECVE-2025-40309 at NVDCVE-2025-40310 at SUSECVE-2025-40310 at NVDCVE-2025-40311 at SUSECVE-2025-40311 at NVDCVE-2025-40312 at SUSECVE-2025-40312 at NVDCVE-2025-40314 at SUSECVE-2025-40314 at NVDCVE-2025-40315 at SUSECVE-2025-40315 at NVDCVE-2025-40316 at SUSECVE-2025-40316 at NVDCVE-2025-40317 at SUSECVE-2025-40317 at NVDCVE-2025-40318 at SUSECVE-2025-40318 at NVDCVE-2025-40319 at SUSECVE-2025-40319 at NVDCVE-2025-40320 at SUSECVE-2025-40320 at NVDCVE-2025-40321 at SUSECVE-2025-40321 at NVDCVE-2025-40322 at SUSECVE-2025-40322 at NVDCVE-2025-40323 at SUSECVE-2025-40323 at NVDCVE-2025-40324 at SUSECVE-2025-40324 at NVDCVE-2025-40328 at SUSECVE-2025-40328 at NVDCVE-2025-40329 at SUSECVE-2025-40329 at NVDCVE-2025-40331 at SUSECVE-2025-40331 at NVDCVE-2025-40337 at SUSECVE-2025-40337 at NVDCVE-2025-40338 at SUSECVE-2025-40338 at NVDCVE-2025-40339 at SUSECVE-2025-40339 at NVDCVE-2025-40342 at SUSECVE-2025-40342 at NVDCVE-2025-40343 at SUSECVE-2025-40343 at NVDCVE-2025-40345 at SUSECVE-2025-40345 at NVDCVE-2025-40346 at SUSECVE-2025-40346 at NVDCVE-2025-40347 at SUSECVE-2025-40347 at NVDCVE-2025-40349 at SUSECVE-2025-40349 at NVDCVE-2025-40350 at SUSECVE-2025-40350 at NVDCVE-2025-40351 at SUSECVE-2025-40351 at NVDCVE-2025-40355 at SUSECVE-2025-40355 at NVDCVE-2025-40360 at SUSECVE-2025-40360 at NVDCVE-2025-40363 at SUSECVE-2025-40363 at NVDCVE-2025-68168 at SUSECVE-2025-68168 at NVDCVE-2025-68171 at SUSECVE-2025-68171 at NVDCVE-2025-68172 at SUSECVE-2025-68172 at NVDCVE-2025-68174 at SUSECVE-2025-68174 at NVDCVE-2025-68176 at SUSECVE-2025-68176 at NVDCVE-2025-68178 at SUSECVE-2025-68178 at NVDCVE-2025-68180 at SUSECVE-2025-68180 at NVDCVE-2025-68183 at SUSECVE-2025-68183 at NVDCVE-2025-68185 at SUSECVE-2025-68185 at NVDCVE-2025-68188 at SUSECVE-2025-68188 at NVDCVE-2025-68190 at SUSECVE-2025-68190 at NVDCVE-2025-68192 at SUSECVE-2025-68192 at NVDCVE-2025-68194 at SUSECVE-2025-68194 at NVDCVE-2025-68195 at SUSECVE-2025-68195 at NVDCVE-2025-68200 at SUSECVE-2025-68200 at NVDCVE-2025-68201 at SUSECVE-2025-68201 at NVDCVE-2025-68204 at SUSECVE-2025-68204 at NVDCVE-2025-68206 at SUSECVE-2025-68206 at NVDCVE-2025-68208 at SUSECVE-2025-68208 at NVDCVE-2025-68209 at SUSECVE-2025-68209 at NVDCVE-2025-68217 at SUSECVE-2025-68217 at NVDCVE-2025-68218 at SUSECVE-2025-68218 at NVDCVE-2025-68222 at SUSECVE-2025-68222 at NVDCVE-2025-68227 at SUSECVE-2025-68227 at NVDCVE-2025-68230 at SUSECVE-2025-68230 at NVDCVE-2025-68233 at SUSECVE-2025-68233 at NVDCVE-2025-68235 at SUSECVE-2025-68235 at NVDCVE-2025-68237 at SUSECVE-2025-68237 at NVDCVE-2025-68238 at SUSECVE-2025-68238 at NVDCVE-2025-68239 at SUSECVE-2025-68239 at NVDCVE-2025-68241 at SUSECVE-2025-68241 at NVDCVE-2025-68244 at SUSECVE-2025-68244 at NVDCVE-2025-68245 at SUSECVE-2025-68245 at NVDCVE-2025-68249 at SUSECVE-2025-68249 at NVDCVE-2025-68252 at SUSECVE-2025-68252 at NVDCVE-2025-68254 at SUSECVE-2025-68254 at NVDCVE-2025-68255 at SUSECVE-2025-68255 at NVDCVE-2025-68256 at SUSECVE-2025-68256 at NVDCVE-2025-68257 at SUSECVE-2025-68257 at NVDCVE-2025-68258 at SUSECVE-2025-68258 at NVDCVE-2025-68259 at SUSECVE-2025-68259 at NVDCVE-2025-68261 at SUSECVE-2025-68261 at NVDCVE-2025-68264 at SUSECVE-2025-68264 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68286 at SUSECVE-2025-68286 at NVDCVE-2025-68287 at SUSECVE-2025-68287 at NVDCVE-2025-68289 at SUSECVE-2025-68289 at NVDCVE-2025-68290 at SUSECVE-2025-68290 at NVDCVE-2025-68296 at SUSECVE-2025-68296 at NVDCVE-2025-68297 at SUSECVE-2025-68297 at NVDCVE-2025-68301 at SUSECVE-2025-68301 at NVDCVE-2025-68303 at SUSECVE-2025-68303 at NVDCVE-2025-68305 at SUSECVE-2025-68305 at NVDCVE-2025-68307 at SUSECVE-2025-68307 at NVDCVE-2025-68308 at SUSECVE-2025-68308 at NVDCVE-2025-68312 at SUSECVE-2025-68312 at NVDCVE-2025-68313 at SUSECVE-2025-68313 at NVDCVE-2025-68320 at SUSECVE-2025-68320 at NVDCVE-2025-68325 at SUSECVE-2025-68325 at NVDCVE-2025-68327 at SUSECVE-2025-68327 at NVDCVE-2025-68328 at SUSECVE-2025-68328 at NVDCVE-2025-68330 at SUSECVE-2025-68330 at NVDCVE-2025-68331 at SUSECVE-2025-68331 at NVDCVE-2025-68332 at SUSECVE-2025-68332 at NVDCVE-2025-68335 at SUSECVE-2025-68335 at NVDCVE-2025-68337 at SUSECVE-2025-68337 at NVDCVE-2025-68339 at SUSECVE-2025-68339 at NVDCVE-2025-68340 at SUSECVE-2025-68340 at NVDCVE-2025-68345 at SUSECVE-2025-68345 at NVDCVE-2025-68346 at SUSECVE-2025-68346 at NVDCVE-2025-68347 at SUSECVE-2025-68347 at NVDCVE-2025-68349 at SUSECVE-2025-68349 at NVDCVE-2025-68351 at SUSECVE-2025-68351 at NVDCVE-2025-68354 at SUSECVE-2025-68354 at NVDCVE-2025-68362 at SUSECVE-2025-68362 at NVDCVE-2025-68363 at SUSECVE-2025-68363 at NVDCVE-2025-68365 at SUSECVE-2025-68365 at NVDCVE-2025-68366 at SUSECVE-2025-68366 at NVDCVE-2025-68367 at SUSECVE-2025-68367 at NVDCVE-2025-68372 at SUSECVE-2025-68372 at NVDCVE-2025-68378 at SUSECVE-2025-68378 at NVDCVE-2025-68379 at SUSECVE-2025-68379 at NVDCVE-2025-68380 at SUSECVE-2025-68380 at NVDCVE-2025-68724 at SUSECVE-2025-68724 at NVDCVE-2025-68725 at SUSECVE-2025-68725 at NVDCVE-2025-68727 at SUSECVE-2025-68727 at NVDCVE-2025-68728 at SUSECVE-2025-68728 at NVDCVE-2025-68732 at SUSECVE-2025-68732 at NVDCVE-2025-68733 at SUSECVE-2025-68733 at NVDCVE-2025-68734 at SUSECVE-2025-68734 at NVDCVE-2025-68740 at SUSECVE-2025-68740 at NVDCVE-2025-68742 at SUSECVE-2025-68742 at NVDCVE-2025-68744 at SUSECVE-2025-68744 at NVDCVE-2025-68746 at SUSECVE-2025-68746 at NVDCVE-2025-68750 at SUSECVE-2025-68750 at NVDCVE-2025-68753 at SUSECVE-2025-68753 at NVDCVE-2025-68757 at SUSECVE-2025-68757 at NVDCVE-2025-68758 at SUSECVE-2025-68758 at NVDCVE-2025-68759 at SUSECVE-2025-68759 at NVDCVE-2025-68764 at SUSECVE-2025-68764 at NVDCVE-2025-68765 at SUSECVE-2025-68765 at NVDCVE-2025-68766 at SUSECVE-2025-68766 at NVDCVE-2025-68768 at SUSECVE-2025-68768 at NVDCVE-2025-68770 at SUSECVE-2025-68770 at NVDCVE-2025-68771 at SUSECVE-2025-68771 at NVDCVE-2025-68773 at SUSECVE-2025-68773 at NVDCVE-2025-68775 at SUSECVE-2025-68775 at NVDCVE-2025-68776 at SUSECVE-2025-68776 at NVDCVE-2025-68777 at SUSECVE-2025-68777 at NVDCVE-2025-68783 at SUSECVE-2025-68783 at NVDCVE-2025-68788 at SUSECVE-2025-68788 at NVDCVE-2025-68789 at SUSECVE-2025-68789 at NVDCVE-2025-68795 at SUSECVE-2025-68795 at NVDCVE-2025-68797 at SUSECVE-2025-68797 at NVDCVE-2025-68798 at SUSECVE-2025-68798 at NVDCVE-2025-68800 at SUSECVE-2025-68800 at NVDCVE-2025-68801 at SUSECVE-2025-68801 at NVDCVE-2025-68803 at SUSECVE-2025-68803 at NVDCVE-2025-68804 at SUSECVE-2025-68804 at NVDCVE-2025-68808 at SUSECVE-2025-68808 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-68814 at SUSECVE-2025-68814 at NVDCVE-2025-68815 at SUSECVE-2025-68815 at NVDCVE-2025-68816 at SUSECVE-2025-68816 at NVDCVE-2025-68819 at SUSECVE-2025-68819 at NVDCVE-2025-68820 at SUSECVE-2025-68820 at NVDCVE-2025-71064 at SUSECVE-2025-71064 at NVDCVE-2025-71066 at SUSECVE-2025-71066 at NVDCVE-2025-71077 at SUSECVE-2025-71077 at NVDCVE-2025-71078 at SUSECVE-2025-71078 at NVDCVE-2025-71079 at SUSECVE-2025-71079 at NVDCVE-2025-71081 at SUSECVE-2025-71081 at NVDCVE-2025-71082 at SUSECVE-2025-71082 at NVDCVE-2025-71083 at SUSECVE-2025-71083 at NVDCVE-2025-71084 at SUSECVE-2025-71084 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDCVE-2025-71086 at SUSECVE-2025-71086 at NVDCVE-2025-71087 at SUSECVE-2025-71087 at NVDCVE-2025-71088 at SUSECVE-2025-71088 at NVDCVE-2025-71089 at SUSECVE-2025-71089 at NVDCVE-2025-71091 at SUSECVE-2025-71091 at NVDCVE-2025-71093 at SUSECVE-2025-71093 at NVDCVE-2025-71094 at SUSECVE-2025-71094 at NVDCVE-2025-71095 at SUSECVE-2025-71095 at NVDCVE-2025-71096 at SUSECVE-2025-71096 at NVDCVE-2025-71097 at SUSECVE-2025-71097 at NVDCVE-2025-71098 at SUSECVE-2025-71098 at NVDCVE-2025-71100 at SUSECVE-2025-71100 at NVDCVE-2025-71108 at SUSECVE-2025-71108 at NVDCVE-2025-71111 at SUSECVE-2025-71111 at NVDCVE-2025-71112 at SUSECVE-2025-71112 at NVDCVE-2025-71114 at SUSECVE-2025-71114 at NVDCVE-2025-71116 at SUSECVE-2025-71116 at NVDCVE-2025-71118 at SUSECVE-2025-71118 at NVDCVE-2025-71119 at SUSECVE-2025-71119 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2025-71123 at SUSECVE-2025-71123 at NVDCVE-2025-71130 at SUSECVE-2025-71130 at NVDCVE-2025-71131 at SUSECVE-2025-71131 at NVDCVE-2025-71132 at SUSECVE-2025-71132 at NVDCVE-2025-71133 at SUSECVE-2025-71133 at NVDCVE-2025-71135 at SUSECVE-2025-71135 at NVDCVE-2025-71136 at SUSECVE-2025-71136 at NVDCVE-2025-71137 at SUSECVE-2025-71137 at NVDCVE-2025-71138 at SUSECVE-2025-71138 at NVDCVE-2025-71145 at SUSECVE-2025-71145 at NVDCVE-2025-71147 at SUSECVE-2025-71147 at NVDCVE-2025-71149 at SUSECVE-2025-71149 at NVDCVE-2025-71154 at SUSECVE-2025-71154 at NVDCVE-2025-71162 at SUSECVE-2025-71162 at NVDCVE-2025-71163 at SUSECVE-2025-71163 at NVDCVE-2026-22976 at SUSECVE-2026-22976 at NVDCVE-2026-22977 at SUSECVE-2026-22977 at NVDCVE-2026-22978 at SUSECVE-2026-22978 at NVDCVE-2026-22984 at SUSECVE-2026-22984 at NVDCVE-2026-22985 at SUSECVE-2026-22985 at NVDCVE-2026-22988 at SUSECVE-2026-22988 at NVDCVE-2026-22990 at SUSECVE-2026-22990 at NVDCVE-2026-22991 at SUSECVE-2026-22991 at NVDCVE-2026-22992 at SUSECVE-2026-22992 at NVDCVE-2026-22993 at SUSECVE-2026-22993 at NVDCVE-2026-22996 at SUSECVE-2026-22996 at NVDCVE-2026-22997 at SUSECVE-2026-22997 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23000 at SUSECVE-2026-23000 at NVDCVE-2026-23001 at SUSECVE-2026-23001 at NVDCVE-2026-23005 at SUSECVE-2026-23005 at NVDCVE-2026-23006 at SUSECVE-2026-23006 at NVDCVE-2026-23010 at SUSECVE-2026-23010 at NVDCVE-2026-23011 at SUSECVE-2026-23011 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_16 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_16 fixes the following issues:
Initial livepatch for Update 16 of kernel default.
Importantcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-31.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise kernel 6.4.0-29.1 fixes one security issue
The following security issue was fixed:
- CVE-2025-38129: page_pool: fix use-after-free in page_pool_recycle_in_ring (bsc#1258139).
ImportantSUSE bug 1258139CVE-2025-38129 at SUSECVE-2025-38129 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() (bsc#1254992).
- CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055).
- CVE-2025-39748: bpf: Forget ranges when refining tnum after JSET (bsc#1249587).
- CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966).
- CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911).
- CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924).
- CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379).
- CVE-2025-68295: smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129).
- CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530).
- CVE-2025-68736: landlock: Fix handling of disconnected directories (bsc#1255698).
- CVE-2025-68778: btrfs: don't log conflicting inode if it's a dir moved in the current transaction (bsc#1256683).
- CVE-2025-68785: net: openvswitch: fix middle attribute validation in push_nsh() action (bsc#1256640).
- CVE-2025-68810: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (bsc#1256679).
- CVE-2025-71071: iommu/mediatek: fix use-after-free on probe deferral (bsc#1256802).
- CVE-2025-71104: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708).
- CVE-2025-71113: crypto: af_alg - zero initialize memory allocated via sock_kmalloc (bsc#1256716).
- CVE-2025-71126: mptcp: reset fallback status gracefully at disconnect() time (bsc#1256755).
- CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159).
- CVE-2025-71184: btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635).
- CVE-2025-71194: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (bsc#1257687).
- CVE-2025-71225: md: suspend array while updating raid_disks via sysfs (bsc#1258411).
- CVE-2026-22979: net: fix memory leak in skb_segment_list for GRO packets (bsc#1257228).
- CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179).
- CVE-2026-22998: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (bsc#1257209).
- CVE-2026-23003: geneve: Fix incorrect inner network header offset when innerprotoinherit is set (bsc#1257246).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231).
- CVE-2026-23017: idpf: fix error handling in the init_task on load (bsc#1257552).
- CVE-2026-23035: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (bsc#1257559).
- CVE-2026-23053: NFS: Fix a deadlock involving nfs_release_folio() (bsc#1257718).
- CVE-2026-23057: vsock/virtio: Coalesce only linear skb (bsc#1257740).
- CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735).
- CVE-2026-23064: net/sched: act_ife: avoid possible NULL deref (bsc#1257765).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749).
- CVE-2026-23083: fou: Don't allow 0 for FOU_ATTR_IPPROTO (bsc#1257745).
- CVE-2026-23084: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (bsc#1257830).
- CVE-2026-23085: irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758).
- CVE-2026-23086: vsock/virtio: cap TX credit to local buffer size (bsc#1257757).
- CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790).
- CVE-2026-23095: gue: Fix skb memleak with inner IP protocol 0 (bsc#1257808).
- CVE-2026-23099: bonding: limit BOND_MODE_8023AD to Ethernet devices (bsc#1257816).
- CVE-2026-23102: arm64/fpsimd: signal: Mandate SVE payload for streaming-mode state (bsc#1257772).
- CVE-2026-23104: ice: fix devlink reload call trace (bsc#1257763).
- CVE-2026-23105: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (bsc#1257775).
- CVE-2026-23107: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762).
- CVE-2026-23110: scsi: core: Wake up the error handler when final completions race against each other (bsc#1257761).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258181).
- CVE-2026-23112: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (bsc#1258184).
- CVE-2026-23113: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (bsc#1258278).
- CVE-2026-23116: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (bsc#1258277).
- CVE-2026-23119: bonding: provide a net pointer to __skb_flow_dissect() (bsc#1258273).
- CVE-2026-23139: netfilter: nf_conncount: update last_gc only when GC has been performed (bsc#1258304).
- CVE-2026-23141: btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377).
- CVE-2026-23166: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (bsc#1258272).
- CVE-2026-23171: net: bonding: update the slave array for broadcast mode (bsc#1258349).
- CVE-2026-23173: net/mlx5e: TC, delete flows only for existing peers (bsc#1258520).
- CVE-2026-23179: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (bsc#1258394).
- CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395).
- CVE-2026-23198: KVM: Don't clobber irqfd routing type when deassigning irqfd (bsc#1258321).
- CVE-2026-23208: ALSA: usb-audio: Prevent excessive number of frames (bsc#1258468).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518).
- CVE-2026-23213: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (bsc#1258465).
- CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-only (bsc#1258464).
The following non security issues were fixed:
- ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes).
- ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes).
- ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes).
- HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes).
- PM: sleep: wakeirq: Update outdated documentation comments (git-fixes).
- Update "drm/mgag200: fix mgag200_bmc_stop_scanout()" bug number (bsc#1258153)
- Update upstreamed net and powerpc patch references and sorting
- bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691).
- btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes).
- clocksource: Print durations for sync check unconditionally (bsc#1241345).
- clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1241345).
- drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes).
- ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes).
- landlock: Optimize file path walks and prepare for audit support (bsc#1255698).
- media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes).
- shrink_slab_memcg: clear_bits of skipped shrinkers (bsc#1256564).
- spi: tegra210-quad: Move curr_xfer read inside spinlock (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer assignment in (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer check in IRQ handler (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer clearing in (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (bsc#1257952)
- spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed (bsc#1257952)
- staging: rtl8723bs: fix missing status update on sdio_alloc_irq() failure (stable-fixes).
- wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes).
- workqueue: mark power efficient workqueue as unbounded if (bsc#1257891)
ImportantSUSE bug 1241345SUSE bug 1243055SUSE bug 1249587SUSE bug 1251966SUSE bug 1252911SUSE bug 1252924SUSE bug 1253691SUSE bug 1254992SUSE bug 1255129SUSE bug 1255265SUSE bug 1255379SUSE bug 1255530SUSE bug 1255698SUSE bug 1256564SUSE bug 1256640SUSE bug 1256679SUSE bug 1256683SUSE bug 1256708SUSE bug 1256716SUSE bug 1256755SUSE bug 1256802SUSE bug 1256863SUSE bug 1257159SUSE bug 1257179SUSE bug 1257209SUSE bug 1257228SUSE bug 1257231SUSE bug 1257246SUSE bug 1257552SUSE bug 1257554SUSE bug 1257557SUSE bug 1257559SUSE bug 1257560SUSE bug 1257562SUSE bug 1257570SUSE bug 1257573SUSE bug 1257576SUSE bug 1257579SUSE bug 1257580SUSE bug 1257586SUSE bug 1257635SUSE bug 1257679SUSE bug 1257687SUSE bug 1257704SUSE bug 1257706SUSE bug 1257707SUSE bug 1257714SUSE bug 1257715SUSE bug 1257716SUSE bug 1257718SUSE bug 1257722SUSE bug 1257723SUSE bug 1257729SUSE bug 1257735SUSE bug 1257739SUSE bug 1257740SUSE bug 1257741SUSE bug 1257743SUSE bug 1257745SUSE bug 1257749SUSE bug 1257750SUSE bug 1257757SUSE bug 1257758SUSE bug 1257759SUSE bug 1257761SUSE bug 1257762SUSE bug 1257763SUSE bug 1257765SUSE bug 1257768SUSE bug 1257770SUSE bug 1257772SUSE bug 1257775SUSE bug 1257776SUSE bug 1257788SUSE bug 1257789SUSE bug 1257790SUSE bug 1257805SUSE bug 1257808SUSE bug 1257809SUSE bug 1257811SUSE bug 1257813SUSE bug 1257816SUSE bug 1257830SUSE bug 1257891SUSE bug 1257942SUSE bug 1257952SUSE bug 1258153SUSE bug 1258181SUSE bug 1258184SUSE bug 1258222SUSE bug 1258234SUSE bug 1258237SUSE bug 1258245SUSE bug 1258249SUSE bug 1258252SUSE bug 1258256SUSE bug 1258259SUSE bug 1258272SUSE bug 1258273SUSE bug 1258277SUSE bug 1258278SUSE bug 1258279SUSE bug 1258299SUSE bug 1258304SUSE bug 1258309SUSE bug 1258313SUSE bug 1258317SUSE bug 1258321SUSE bug 1258326SUSE bug 1258338SUSE bug 1258349SUSE bug 1258354SUSE bug 1258358SUSE bug 1258374SUSE bug 1258377SUSE bug 1258379SUSE bug 1258394SUSE bug 1258395SUSE bug 1258397SUSE bug 1258411SUSE bug 1258415SUSE bug 1258419SUSE bug 1258422SUSE bug 1258424SUSE bug 1258429SUSE bug 1258442SUSE bug 1258464SUSE bug 1258465SUSE bug 1258468SUSE bug 1258469SUSE bug 1258484SUSE bug 1258518SUSE bug 1258519SUSE bug 1258520SUSE bug 1258524SUSE bug 1258544SUSE bug 1258660SUSE bug 1258824SUSE bug 1258928SUSE bug 1259070CVE-2023-53817 at SUSECVE-2023-53817 at NVDCVE-2025-37861 at SUSECVE-2025-37861 at NVDCVE-2025-39748 at SUSECVE-2025-39748 at NVDCVE-2025-39964 at SUSECVE-2025-39964 at NVDCVE-2025-40099 at SUSECVE-2025-40099 at NVDCVE-2025-40103 at SUSECVE-2025-40103 at NVDCVE-2025-68283 at SUSECVE-2025-68283 at NVDCVE-2025-68295 at SUSECVE-2025-68295 at NVDCVE-2025-68374 at SUSECVE-2025-68374 at NVDCVE-2025-68736 at SUSECVE-2025-68736 at NVDCVE-2025-68778 at SUSECVE-2025-68778 at NVDCVE-2025-68785 at SUSECVE-2025-68785 at NVDCVE-2025-68810 at SUSECVE-2025-68810 at NVDCVE-2025-71071 at SUSECVE-2025-71071 at NVDCVE-2025-71104 at SUSECVE-2025-71104 at NVDCVE-2025-71113 at SUSECVE-2025-71113 at NVDCVE-2025-71126 at SUSECVE-2025-71126 at NVDCVE-2025-71148 at SUSECVE-2025-71148 at NVDCVE-2025-71182 at SUSECVE-2025-71182 at NVDCVE-2025-71184 at SUSECVE-2025-71184 at NVDCVE-2025-71185 at SUSECVE-2025-71185 at NVDCVE-2025-71188 at SUSECVE-2025-71188 at NVDCVE-2025-71189 at SUSECVE-2025-71189 at NVDCVE-2025-71190 at SUSECVE-2025-71190 at NVDCVE-2025-71191 at SUSECVE-2025-71191 at NVDCVE-2025-71192 at SUSECVE-2025-71192 at NVDCVE-2025-71194 at SUSECVE-2025-71194 at NVDCVE-2025-71195 at SUSECVE-2025-71195 at NVDCVE-2025-71196 at SUSECVE-2025-71196 at NVDCVE-2025-71197 at SUSECVE-2025-71197 at NVDCVE-2025-71198 at SUSECVE-2025-71198 at NVDCVE-2025-71199 at SUSECVE-2025-71199 at NVDCVE-2025-71200 at SUSECVE-2025-71200 at NVDCVE-2025-71222 at SUSECVE-2025-71222 at NVDCVE-2025-71224 at SUSECVE-2025-71224 at NVDCVE-2025-71225 at SUSECVE-2025-71225 at NVDCVE-2025-71229 at SUSECVE-2025-71229 at NVDCVE-2025-71231 at SUSECVE-2025-71231 at NVDCVE-2025-71232 at SUSECVE-2025-71232 at NVDCVE-2025-71234 at SUSECVE-2025-71234 at NVDCVE-2025-71235 at SUSECVE-2025-71235 at NVDCVE-2025-71236 at SUSECVE-2025-71236 at NVDCVE-2026-22979 at SUSECVE-2026-22979 at NVDCVE-2026-22982 at SUSECVE-2026-22982 at NVDCVE-2026-22998 at SUSECVE-2026-22998 at NVDCVE-2026-23003 at SUSECVE-2026-23003 at NVDCVE-2026-23004 at SUSECVE-2026-23004 at NVDCVE-2026-23017 at SUSECVE-2026-23017 at NVDCVE-2026-23021 at SUSECVE-2026-23021 at NVDCVE-2026-23026 at SUSECVE-2026-23026 at NVDCVE-2026-23033 at SUSECVE-2026-23033 at NVDCVE-2026-23035 at SUSECVE-2026-23035 at NVDCVE-2026-23037 at SUSECVE-2026-23037 at NVDCVE-2026-23049 at SUSECVE-2026-23049 at NVDCVE-2026-23053 at SUSECVE-2026-23053 at NVDCVE-2026-23056 at SUSECVE-2026-23056 at NVDCVE-2026-23057 at SUSECVE-2026-23057 at NVDCVE-2026-23058 at SUSECVE-2026-23058 at NVDCVE-2026-23060 at SUSECVE-2026-23060 at NVDCVE-2026-23061 at SUSECVE-2026-23061 at NVDCVE-2026-23063 at SUSECVE-2026-23063 at NVDCVE-2026-23064 at SUSECVE-2026-23064 at NVDCVE-2026-23068 at SUSECVE-2026-23068 at NVDCVE-2026-23071 at SUSECVE-2026-23071 at NVDCVE-2026-23073 at SUSECVE-2026-23073 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23076 at SUSECVE-2026-23076 at NVDCVE-2026-23078 at SUSECVE-2026-23078 at NVDCVE-2026-23080 at SUSECVE-2026-23080 at NVDCVE-2026-23082 at SUSECVE-2026-23082 at NVDCVE-2026-23083 at SUSECVE-2026-23083 at NVDCVE-2026-23084 at SUSECVE-2026-23084 at NVDCVE-2026-23085 at SUSECVE-2026-23085 at NVDCVE-2026-23086 at SUSECVE-2026-23086 at NVDCVE-2026-23089 at SUSECVE-2026-23089 at NVDCVE-2026-23090 at SUSECVE-2026-23090 at NVDCVE-2026-23091 at SUSECVE-2026-23091 at NVDCVE-2026-23094 at SUSECVE-2026-23094 at NVDCVE-2026-23095 at SUSECVE-2026-23095 at NVDCVE-2026-23096 at SUSECVE-2026-23096 at NVDCVE-2026-23099 at SUSECVE-2026-23099 at NVDCVE-2026-23101 at SUSECVE-2026-23101 at NVDCVE-2026-23102 at SUSECVE-2026-23102 at NVDCVE-2026-23104 at SUSECVE-2026-23104 at NVDCVE-2026-23105 at SUSECVE-2026-23105 at NVDCVE-2026-23107 at SUSECVE-2026-23107 at NVDCVE-2026-23108 at SUSECVE-2026-23108 at NVDCVE-2026-23110 at SUSECVE-2026-23110 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23112 at SUSECVE-2026-23112 at NVDCVE-2026-23113 at SUSECVE-2026-23113 at NVDCVE-2026-23116 at SUSECVE-2026-23116 at NVDCVE-2026-23119 at SUSECVE-2026-23119 at NVDCVE-2026-23121 at SUSECVE-2026-23121 at NVDCVE-2026-23129 at SUSECVE-2026-23129 at NVDCVE-2026-23133 at SUSECVE-2026-23133 at NVDCVE-2026-23135 at SUSECVE-2026-23135 at NVDCVE-2026-23139 at SUSECVE-2026-23139 at NVDCVE-2026-23141 at SUSECVE-2026-23141 at NVDCVE-2026-23145 at SUSECVE-2026-23145 at NVDCVE-2026-23146 at SUSECVE-2026-23146 at NVDCVE-2026-23150 at SUSECVE-2026-23150 at NVDCVE-2026-23151 at SUSECVE-2026-23151 at NVDCVE-2026-23152 at SUSECVE-2026-23152 at NVDCVE-2026-23155 at SUSECVE-2026-23155 at NVDCVE-2026-23156 at SUSECVE-2026-23156 at NVDCVE-2026-23163 at SUSECVE-2026-23163 at NVDCVE-2026-23166 at SUSECVE-2026-23166 at NVDCVE-2026-23167 at SUSECVE-2026-23167 at NVDCVE-2026-23170 at SUSECVE-2026-23170 at NVDCVE-2026-23171 at SUSECVE-2026-23171 at NVDCVE-2026-23172 at SUSECVE-2026-23172 at NVDCVE-2026-23173 at SUSECVE-2026-23173 at NVDCVE-2026-23176 at SUSECVE-2026-23176 at NVDCVE-2026-23178 at SUSECVE-2026-23178 at NVDCVE-2026-23179 at SUSECVE-2026-23179 at NVDCVE-2026-23182 at SUSECVE-2026-23182 at NVDCVE-2026-23190 at SUSECVE-2026-23190 at NVDCVE-2026-23191 at SUSECVE-2026-23191 at NVDCVE-2026-23198 at SUSECVE-2026-23198 at NVDCVE-2026-23202 at SUSECVE-2026-23202 at NVDCVE-2026-23207 at SUSECVE-2026-23207 at NVDCVE-2026-23208 at SUSECVE-2026-23208 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDCVE-2026-23213 at SUSECVE-2026-23213 at NVDCVE-2026-23214 at SUSECVE-2026-23214 at NVDCVE-2026-23221 at SUSECVE-2026-23221 at NVDCVE-2026-23222 at SUSECVE-2026-23222 at NVDCVE-2026-23229 at SUSECVE-2026-23229 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_17 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_17 fixes the following issues:
Initial livepatch for Update 17 of SLE Micro 6.0 and 6.1 kernel.
Importantcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() (bsc#1254992).
- CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055).
- CVE-2025-38321: smb: Log an error when close_all_cached_dirs fails (bsc#1246328).
- CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256).
- CVE-2025-39748: bpf: Forget ranges when refining tnum after JSET (bsc#1249587).
- CVE-2025-39880: libceph: fix invalid accesses to ceph_connection_v1_info (bsc#1250388).
- CVE-2025-39890: wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (bsc#1250334).
- CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966).
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046).
- CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342).
- CVE-2025-40024: vhost: Take a reference on the task in struct vhost_task (bsc#1252686).
- CVE-2025-40033: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (bsc#1252824).
- CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861).
- CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808).
- CVE-2025-40081: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (bsc#1252776).
- CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911).
- CVE-2025-40102: KVM: arm64: Prevent access to vCPU events before init (bsc#1252919).
- CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924).
- CVE-2025-40123: bpf: Enforce expected_attach_type for tailcall compatibility (bsc#1253365).
- CVE-2025-40134: dm: fix NULL pointer dereference in __dm_suspend() (bsc#1253386).
- CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342).
- CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408).
- CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402).
- CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400).
- CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458).
- CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413).
- CVE-2025-40178: pid: Add a judgment for ns null in pid_nr_ns (bsc#1253463).
- CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442).
- CVE-2025-40187: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (bsc#1253647).
- CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623).
- CVE-2025-40192: Revert "ipmi: fix msg stack when IPMI is disconnected" (bsc#1253622).
- CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520).
- CVE-2025-40231: vsock: fix lock inversion in vsock_assign_transport() (bsc#1254815).
- CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
- CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871).
- CVE-2025-40240: sctp: avoid NULL dereference when chunk data buffer is missing (bsc#1254869).
- CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075).
- CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864).
- CVE-2025-40250: net/mlx5: Clean up only new IRQ glue on request_irq() failure (bsc#1254854).
- CVE-2025-40251: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (bsc#1254856).
- CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (bsc#1254849).
- CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852).
- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1254843).
- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
- CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).
- CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).
- CVE-2025-40268: cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082).
- CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297).
- CVE-2025-40274: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (bsc#1254830).
- CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825).
- CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846).
- CVE-2025-40280: tipc: Fix use-after-free in tipc_mon_reinit_self() (bsc#1254847).
- CVE-2025-40289: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM (bsc#1255042).
- CVE-2025-40292: virtio-net: fix received length check in big packets (bsc#1255175).
- CVE-2025-40293: iommufd: Don't overflow during division for dirty tracking (bsc#1255179).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255187).
- CVE-2025-40307: exfat: validate cluster allocation bits of the allocation bitmap (bsc#1255039).
- CVE-2025-40319: bpf: Sync pending IRQ work before freeing ring buffer (bsc#1254794).
- CVE-2025-40328: smb: client: fix potential UAF in smb2_close_cached_fid() (bsc#1254624).
- CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615).
- CVE-2025-40338: ASoC: Intel: avs: Do not share the name pointer between components (bsc#1255273).
- CVE-2025-40339: drm/amdgpu: fix nullptr err of vm_handle_moved (bsc#1255428).
- CVE-2025-40346: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (bsc#1255318).
- CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260).
- CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261).
- CVE-2025-40360: drm/sysfb: Do not dereference NULL pointer in plane reset (bsc#1255095).
- CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
- CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255).
- CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).
- CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).
- CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).
- CVE-2025-68190: drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked() (bsc#1255131).
- CVE-2025-68200: bpf: Add bpf_prog_run_data_pointers() (bsc#1255241).
- CVE-2025-68201: drm/amdgpu: remove two invalid BUG_ON()s (bsc#1255136).
- CVE-2025-68204: pmdomain: arm: scmi: Fix genpd leak on provider registration failure (bsc#1255224).
- CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142).
- CVE-2025-68208: bpf: account for current allocated stack depth in widen_imprecise_scalars() (bsc#1255227).
- CVE-2025-68209: mlx5: Fix default values in create CQ (bsc#1255230).
- CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).
- CVE-2025-68230: drm/amdgpu: fix gpu page fault after hibernation on PF passthrough (bsc#1255134).
- CVE-2025-68239: binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272).
- CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).
- CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
- CVE-2025-68255: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing (bsc#1255395).
- CVE-2025-68259: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (bsc#1255199).
- CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).
- CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380).
- CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).
- CVE-2025-68295: smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129).
- CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
- CVE-2025-68297: ceph: fix crash in process_v2_sparse_read() for encrypted directories (bsc#1255403).
- CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120).
- CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).
- CVE-2025-68325: net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (bsc#1255417).
- CVE-2025-68327: usb: renesas_usbhs: Fix synchronous external abort on unbind (bsc#1255488).
- CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482).
- CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507).
- CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (bsc#1255544).
- CVE-2025-68363: bpf: Check skb->transport_header is set in bpf_skb_check_mtu (bsc#1255552).
- CVE-2025-68365: fs/ntfs3: Initialize allocated memory before use (bsc#1255548).
- CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).
- CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).
- CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
- CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530).
- CVE-2025-68378: bpf: Refactor stack map trace depth calculation into helper function (bsc#1255614).
- CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
- CVE-2025-68727: ntfs3: Fix uninit buffer allocated by __getname() (bsc#1255568).
- CVE-2025-68728: ntfs3: fix uninit memory after failed mi_read in mi_format_new (bsc#1255539).
- CVE-2025-68733: smack: fix bug: unprivileged task can create labels (bsc#1255615).
- CVE-2025-68736: landlock: Fix handling of disconnected directories (bsc#1255698).
- CVE-2025-68742: bpf: Improve program stats run-time calculation (bsc#1255707).
- CVE-2025-68744: bpf: Free special fields when update [lru_,]percpu_hash maps (bsc#1255709).
- CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).
- CVE-2025-68768: inet: frags: add inet_frag_queue_flush() (bsc#1256579).
- CVE-2025-68770: bnxt_en: Fix XDP_TX path (bsc#1256584).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).
- CVE-2025-68776: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (bsc#1256659).
- CVE-2025-68778: btrfs: don't log conflicting inode if it's a dir moved in the current transaction (bsc#1256683).
- CVE-2025-68785: net: openvswitch: fix middle attribute validation in push_nsh() action (bsc#1256640).
- CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
- CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
- CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).
- CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (bsc#1256646).
- CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).
- CVE-2025-68803: nfsd: set security label during create operations (bsc#1256770).
- CVE-2025-68810: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (bsc#1256679).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-68814: io_uring: fix filename leak in __io_openat_prep() (bsc#1256651).
- CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict (bsc#1256680).
- CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
- CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754).
- CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
- CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645).
- CVE-2025-71071: iommu/mediatek: fix use-after-free on probe deferral (bsc#1256802).
- CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).
- CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).
- CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed() (bsc#1256773).
- CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).
- CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).
- CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).
- CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606).
- CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects (bsc#1256607).
- CVE-2025-71104: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71113: crypto: af_alg - zero initialize memory allocated via sock_kmalloc (bsc#1256716).
- CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2025-71123: ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757).
- CVE-2025-71126: mptcp: reset fallback status gracefully at disconnect() time (bsc#1256755).
- CVE-2025-71133: RDMA/irdma: avoid invalid read in irdma_net_event (bsc#1256733).
- CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (bsc#1256761).
- CVE-2025-71137: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" (bsc#1256760).
- CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159).
- CVE-2025-71149: io_uring/poll: correctly handle io_poll_add() return value on update (bsc#1257164).
- CVE-2025-71184: btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635).
- CVE-2025-71194: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (bsc#1257687).
- CVE-2025-71225: md: suspend array while updating raid_disks via sysfs (bsc#1258411).
- CVE-2026-22976: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (bsc#1257035).
- CVE-2026-22977: net: sock: fix hardened usercopy panic in sock_recv_errqueue (bsc#1257053).
- CVE-2026-22979: net: fix memory leak in skb_segment_list for GRO packets (bsc#1257228).
- CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179).
- CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handle_auth_done() (bsc#1257217).
- CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221).
- CVE-2026-22991: libceph: make free_choose_arg_map() resilient to partial allocation (bsc#1257220).
- CVE-2026-22992: libceph: return the handler error from mon_handle_auth_done() (bsc#1257218).
- CVE-2026-22996: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv.
- CVE-2026-22998: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (bsc#1257209).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).
- CVE-2026-23001: macvlan: Use 'hash' iterators to simplify code (bsc#1257232).
- CVE-2026-23003: geneve: Fix incorrect inner network header offset when innerprotoinherit is set (bsc#1257246).
- CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231).
- CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).
- CVE-2026-23010: ipv6: Fix use-after-free in inet6_addr_del() (bsc#1257332).
- CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).
- CVE-2026-23017: idpf: fix error handling in the init_task on load (bsc#1257552).
- CVE-2026-23035: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (bsc#1257559).
- CVE-2026-23053: NFS: Fix a deadlock involving nfs_release_folio() (bsc#1257718).
- CVE-2026-23057: vsock/virtio: Coalesce only linear skb (bsc#1257740).
- CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735).
- CVE-2026-23064: net/sched: act_ife: avoid possible NULL deref (bsc#1257765).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749).
- CVE-2026-23083: fou: Don't allow 0 for FOU_ATTR_IPPROTO (bsc#1257745).
- CVE-2026-23084: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (bsc#1257830).
- CVE-2026-23085: irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758).
- CVE-2026-23086: vsock/virtio: cap TX credit to local buffer size (bsc#1257757).
- CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790).
- CVE-2026-23095: gue: Fix skb memleak with inner IP protocol 0 (bsc#1257808).
- CVE-2026-23099: bonding: limit BOND_MODE_8023AD to Ethernet devices (bsc#1257816).
- CVE-2026-23102: arm64/fpsimd: signal: Mandate SVE payload for streaming-mode state (bsc#1257772).
- CVE-2026-23104: ice: fix devlink reload call trace (bsc#1257763).
- CVE-2026-23105: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (bsc#1257775).
- CVE-2026-23107: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762).
- CVE-2026-23110: scsi: core: Wake up the error handler when final completions race against each other (bsc#1257761).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258181).
- CVE-2026-23112: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (bsc#1258184).
- CVE-2026-23113: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (bsc#1258278).
- CVE-2026-23116: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (bsc#1258277).
- CVE-2026-23119: bonding: provide a net pointer to __skb_flow_dissect() (bsc#1258273).
- CVE-2026-23139: netfilter: nf_conncount: update last_gc only when GC has been performed (bsc#1258304).
- CVE-2026-23141: btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377).
- CVE-2026-23166: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (bsc#1258272).
- CVE-2026-23171: net: bonding: update the slave array for broadcast mode (bsc#1258349).
- CVE-2026-23173: net/mlx5e: TC, delete flows only for existing peers (bsc#1258520).
- CVE-2026-23179: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (bsc#1258394).
- CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395).
- CVE-2026-23198: KVM: Don't clobber irqfd routing type when deassigning irqfd (bsc#1258321).
- CVE-2026-23208: ALSA: usb-audio: Prevent excessive number of frames (bsc#1258468).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518).
- CVE-2026-23213: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (bsc#1258465).
- CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-only (bsc#1258464).
The following non-security bugs were fixed:
- ACPI: CPPC: Fix missing PCC check for guaranteed_perf (git-fixes).
- ACPI: CPPC: Fix remaining for_each_possible_cpu() to use online CPUs (git-fixes).
- ACPI: PCC: Fix race condition by removing static qualifier (git-fixes).
- ACPI: PM: Add unused power resource quirk for THUNDEROBOT ZERO (git-fixes).
- ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() (stable-fixes).
- ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4 (git-fixes).
- ACPI: property: Fix fwnode refcount leak in acpi_fwnode_graph_parse_endpoint() (git-fixes).
- ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint() only (stable-fixes).
- ACPICA: Abort AML bytecode execution when executing AML_FATAL_OP (stable-fixes).
- ACPICA: Avoid walking the Namespace if start_node is NULL (stable-fixes).
- ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch() (git-fixes).
- ALSA: ac97: fix a double free in snd_ac97_controller_register() (git-fixes).
- ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes).
- ALSA: dice: fix buffer overflow in detect_stream_formats() (git-fixes).
- ALSA: firewire-motu: add bounds check in put_user loop for DSP events (git-fixes).
- ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events (git-fixes).
- ALSA: hda/conexant: Add headset mic fix for MECHREVO Wujie 15X Pro (stable-fixes).
- ALSA: hda/realtek - fixed speaker no sound (stable-fixes).
- ALSA: hda/realtek: Add quirk for Inspur S14-G1 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU (stable-fixes).
- ALSA: hda/realtek: Really fix headset mic for TongFang X6AR55xU (git-fixes).
- ALSA: hda/realtek: add HP Laptop 15s-eq1xxx mute LED quirk (stable-fixes).
- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (stable-fixes).
- ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() (git-fixes).
- ALSA: pcmcia: Fix resource leak in snd_pdacf_probe error path (git-fixes).
- ALSA: scarlett2: Fix buffer overflow in config retrieval (git-fixes).
- ALSA: uapi: Fix typo in asound.h comment (git-fixes).
- ALSA: usb-audio: Add DSD quirk for LEAK Stereo 230 (stable-fixes).
- ALSA: usb-audio: Add iface reset and delay quirk for AB13X USB Audio (stable-fixes).
- ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series (stable-fixes).
- ALSA: usb-audio: Add sanity check for OOB writes at silencing (stable-fixes).
- ALSA: usb-audio: Avoid implicit feedback mode on DIYINHK USB Audio 2.0 (stable-fixes).
- ALSA: usb-audio: Cap the packet size pre-calculations (git-fixes).
- ALSA: usb-audio: Check max frame size for implicit feedback mode, too (stable-fixes).
- ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (git-fixes).
- ALSA: usb-audio: Remove VALIDATE_RATES quirk for Focusrite devices (git-fixes).
- ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).
- ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes).
- ALSA: usb-audio: Use correct version for UAC3 header validation (git-fixes).
- ALSA: usb-audio: Use inclusive terms (git-fixes).
- ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes).
- ALSA: usb-mixer: us16x08: validate meter packet indices (git-fixes).
- ALSA: usb: Increase volume range that triggers a warning (git-fixes).
- ALSA: vxpocket: Fix resource leak in vxpocket_probe error path (git-fixes).
- APEI/GHES: ensure that won't go past CPER allocated record (stable-fixes).
- ASoC: Intel: catpt: Fix error path in hw_params() (git-fixes).
- ASoC: Intel: sof_es8336: Add DMI quirk for Huawei BOD-WXX9 (stable-fixes).
- ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes).
- ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes).
- ASoC: SOF: ipc4-control: Keep the payload size up to date (git-fixes).
- ASoC: SOF: ipc4-control: Use the correct size for scontrol->ipc_control_data (git-fixes).
- ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls (git-fixes).
- ASoC: ak4458: Disable regulator when error happens (git-fixes).
- ASoC: ak5558: Disable regulator when error happens (git-fixes).
- ASoC: amd: drop unused Kconfig symbols (git-fixes).
- ASoC: amd: fix memory leak in acp3x pdm dma ops (git-fixes).
- ASoC: amd: yc: Add ASUS ExpertBook PM1503CDA to quirks list (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for ASUS Vivobook Pro 15X M6501RR (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for Acer TravelMate P216-41-TCO (stable-fixes).
- ASoC: amd: yc: Add quirk for HP 200 G2a 16 (stable-fixes).
- ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025 (stable-fixes).
- ASoC: amd: yc: Fix microphone on ASUS M6500RE (stable-fixes).
- ASoC: bcm: bcm63xx-pcm-whistler: Check return value of of_dma_configure() (git-fixes).
- ASoC: codecs: max98390: Check return value of devm_gpiod_get_optional() in max98390_i2c_probe() (stable-fixes).
- ASoC: codecs: wcd938x: fix OF node leaks on probe failure (git-fixes).
- ASoC: codecs: wsa881x: Drop unused version readout (stable-fixes).
- ASoC: codecs: wsa881x: fix unnecessary initialisation (git-fixes).
- ASoC: codecs: wsa883x: fix unnecessary initialisation (git-fixes).
- ASoC: codecs: wsa884x: fix codec initialisation (git-fixes).
- ASoC: cs35l45: Corrects ASP_TX5 DAPM widget channel (stable-fixes).
- ASoC: davinci-evm: Fix reference leak in davinci_evm_probe (stable-fixes).
- ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes).
- ASoC: fsl_sai: Add missing registers to cache default (stable-fixes).
- ASoC: fsl_xcvr: clear the channel status control memory (git-fixes).
- ASoC: nau8821: Avoid unnecessary blocking in IRQ handler (stable-fixes).
- ASoC: nau8821: Cancel delayed work on component remove (git-fixes).
- ASoC: nau8821: Cancel pending work before suspend (git-fixes).
- ASoC: nau8821: Consistently clear interrupts before unmasking (git-fixes).
- ASoC: nau8821: Fixup nau8821_enable_jack_detect() (git-fixes).
- ASoC: pxa: drop unused Kconfig symbol (git-fixes).
- ASoC: qcom: q6adm: the the copp device only during last instance (git-fixes).
- ASoC: qcom: q6apm-dai: set flags to reflect correct operation of appl_ptr (git-fixes).
- ASoC: qcom: q6asm-dai: perform correct state check before closing (git-fixes).
- ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: rockchip: i2s-tdm: Use param rate if not provided by set_sysclk (git-fixes).
- ASoC: stm32: sai: fix OF node leak on probe (git-fixes).
- ASoC: stm32: sai: fix clk prepare imbalance on probe failure (git-fixes).
- ASoC: stm32: sai: fix device leak on probe (git-fixes).
- ASoC: sun4i-spdif: Add missing kerneldoc fields for sun4i_spdif_quirks (git-fixes).
- ASoC: sunxi: sun50i-dmic: Add missing check for devm_regmap_init_mmio (stable-fixes).
- ASoC: tlv320adcx140: Propagate error codes during probe (stable-fixes).
- ASoC: tlv320adcx140: fix null pointer (git-fixes).
- ASoC: tlv320adcx140: fix word length (git-fixes).
- ASoC: wm8962: Add WM8962_ADC_MONOMIX to "3D Coefficients" mask (stable-fixes).
- ASoC: wm8962: Do not report a microphone if it's shorted to ground on plug (stable-fixes).
- Add dtb-spacemit SpacemiT boards include MilkV-Jupiter, Banana Pi F3 and Orange Pi RV2.
- Bluetooth: HCI: Fix tracking of advertisement set/instance 0x00 (git-fixes).
- Bluetooth: L2CAP: Fix invalid response to L2CAP_ECRED_RECONF_REQ (git-fixes).
- Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ (git-fixes).
- Bluetooth: L2CAP: Fix not checking output MTU is acceptable on L2CAP_ECRED_CONN_REQ (git-fixes).
- Bluetooth: L2CAP: Fix response to L2CAP_ECRED_CONN_REQ (git-fixes).
- Bluetooth: MGMT: Fix memory leak in set_ssp_complete (git-fixes).
- Bluetooth: SMP: Fix not generating mackey and ltk when repairing (git-fixes).
- Bluetooth: btrtl: Avoid loading the config file on security chips (stable-fixes).
- Bluetooth: btusb: Add USB ID 7392:e611 for Edimax EW-7611UXB (stable-fixes).
- Bluetooth: btusb: Add device ID for Realtek RTL8761BU (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV (stable-fixes).
- Bluetooth: btusb: Add new VID/PID for RTL8852CE (stable-fixes).
- Bluetooth: btusb: revert use of devm_kzalloc in btusb (git-fixes).
- Bluetooth: hci_conn: Set link_policy on incoming ACL connections (stable-fixes).
- Bluetooth: hci_conn: use mod_delayed_work for active mode timeout (stable-fixes).
- Bluetooth: hci_qca: Cleanup on all setup failures (git-fixes).
- Bluetooth: hci_sock: Prevent race in socket write iter and sock bind (git-fixes).
- Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (git-fixes).
- Documentation/kernel-parameters: fix typo in retbleed= kernel parameter description (git-fixes).
- Documentation: PCI: endpoint: Fix ntb/vntb copy & paste errors (git-fixes).
- Documentation: hid-alps: Fix packet format section headings (git-fixes).
- Documentation: mailbox: mbox_chan_ops.flush() is optional (git-fixes).
- Documentation: parport-lowlevel: Separate function listing code blocks (git-fixes).
- HID: Apply quirk HID_QUIRK_ALWAYS_POLL to Edifier QR30 (2d99:a101) (stable-fixes).
- HID: apple: Add "SONiX KN85 Keyboard" to the list of non-apple keyboards (stable-fixes).
- HID: apple: Add SONiX AK870 PRO to non_apple_keyboards quirk list (stable-fixes).
- HID: elecom: Add support for ELECOM HUGE Plus M-HT1MRBK (stable-fixes).
- HID: elecom: Add support for ELECOM M-XT3URBK (018F) (stable-fixes).
- HID: hid-input: Extend Elan ignore battery quirk to USB (stable-fixes).
- HID: hid-pl: handle probe errors (git-fixes).
- HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() (stable-fixes).
- HID: input: map HID_GD_Z to ABS_DISTANCE for stylus/pen (stable-fixes).
- HID: intel-ish-hid: Reset enum_devices_done before enumeration (stable-fixes).
- HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes).
- HID: logitech-dj: Remove duplicate error logging (git-fixes).
- HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() (stable-fixes).
- HID: logitech-hidpp: Do not assume FAP in hidpp_send_message_sync() (git-fixes).
- HID: magicmouse: Do not crash on missing msc->input (stable-fixes).
- HID: multitouch: add MT_QUIRK_STICKY_FINGERS to MT_CLS_VTL (stable-fixes).
- HID: multitouch: add eGalaxTouch EXC3188 support (stable-fixes).
- HID: playstation: Add missing check for input_ff_create_memless (git-fixes).
- HID: playstation: Center initial joystick axes to prevent spurious events (stable-fixes).
- HID: prodikeys: Check presence of pm->input_ep82 (stable-fixes).
- HID: quirks: Add another Chicony HP 5MP Cameras to hid_ignore_list (stable-fixes).
- HID: quirks: work around VID/PID conflict for appledisplay (git-fixes).
- HID: usbhid: paper over wrong bNumDescriptor field (stable-fixes).
- Input: atkbd - skip deactivate for HONOR FMB-P's internal keyboard (git-fixes).
- Input: cros_ec_keyb - fix an invalid memory access (stable-fixes).
- Input: goodix - add support for ACPI ID GDIX1003 (stable-fixes).
- Input: goodix - add support for ACPI ID GDX9110 (stable-fixes).
- Input: i8042 - add TUXEDO InfinityBook Max Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes).
- Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes).
- Input: stmfts - correct wording for the warning message (git-fixes).
- Input: stmfts - make comments correct (git-fixes).
- Input: ti_am335x_tsc - fix off-by-one error in wire_order validation (git-fixes).
- KEYS: trusted: Fix a memory leak in tpm2_load_cmd (git-fixes).
- KEYS: trusted_tpm1: Compare HMAC values in constant time (git-fixes).
- Move upstreamed SCSI patches into sorted section
- Move upstreamed ath12k patch into sorted section
- Move upstreamed mm and SCSI patches into sorted section
- NTB: ntb_transport: Fix too small buffer for debugfs_name (git-fixes).
- PCI/ACPI: Restrict program_hpx_type2() to AER bits (git-fixes).
- PCI/IOV: Fix race between SR-IOV enable/disable and hotplug (git-fixes).
- PCI/MSI: Unmap MSI-X region on error (stable-fixes).
- PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails (git-fixes).
- PCI/PM: Avoid redundant delays on D3hot->D3cold (git-fixes).
- PCI/PM: Reinstate clearing state_saved in legacy and !PM codepaths (git-fixes).
- PCI/portdrv: Fix potential resource leak (git-fixes).
- PCI: Add ACS quirk for Pericom PI7C9X2G404 switches [12d8:b404] (git-fixes).
- PCI: Add ACS quirk for Qualcomm Hamoa & Glymur (stable-fixes).
- PCI: Add PCIE_MSG_CODE_ASSERT_INTx message macros (stable-fixes).
- PCI: Add defines for bridge window indexing (stable-fixes).
- PCI: Correct PCI_CAP_EXP_ENDPOINT_SIZEOF_V2 value (git-fixes).
- PCI: Do not attempt to set ExtTag for VFs (git-fixes).
- PCI: Enable ACS after configuring IOMMU for OF platforms (stable-fixes).
- PCI: Fix pci_slot_lock () device locking (stable-fixes).
- PCI: Fix pci_slot_trylock() error handling (git-fixes).
- PCI: Initialize RCB from pci_configure_device() (git-fixes).
- PCI: Log bridge info when first enumerating bridge (stable-fixes).
- PCI: Log bridge windows conditionally (stable-fixes).
- PCI: Mark 3ware-9650SA Root Port Extended Tags as broken (git-fixes).
- PCI: Mark ASM1164 SATA controller to avoid bus reset (stable-fixes).
- PCI: Mark Nvidia GB10 to avoid bus reset (stable-fixes).
- PCI: Move pci_read_bridge_windows() below individual window accessors (stable-fixes).
- PCI: Supply bridge device, not secondary bus, to read window details (stable-fixes).
- PCI: dw-rockchip: Disable BAR 0 and BAR 1 for Root Port (stable-fixes).
- PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition (git-fixes).
- PCI: endpoint: Fix swapped parameters in pci_{primary/secondary}_epc_epf_unlink() functions (git-fixes).
- PCI: keystone: Exit ks_pcie_probe() for invalid mode (git-fixes).
- PCI: mediatek: Fix IRQ domain leak when MSI allocation fails (git-fixes).
- PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2 (git-fixes).
- PM: runtime: Do not clear needs_force_resume with enabled runtime PM (git-fixes).
- PM: sleep: wakeirq: Update outdated documentation comments (git-fixes).
- PM: sleep: wakeirq: harden dev_pm_clear_wake_irq() against races (git-fixes).
- PM: wakeup: Handle empty list in wakeup_sources_walk_start() (git-fixes).
- USB: Fix descriptor count when handling invalid MBIM extended descriptor (git-fixes).
- USB: OHCI/UHCI: Add soft dependencies on ehci_platform (stable-fixes).
- USB: lpc32xx_udc: Fix error handling in probe (git-fixes).
- USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC (git-fixes).
- USB: serial: ftdi_sio: add support for PICAXE AXE027 cable (stable-fixes).
- USB: serial: ftdi_sio: add support for u-blox EVK-M101 (stable-fixes).
- USB: serial: ftdi_sio: match on interface number for jtag (stable-fixes).
- USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC (git-fixes).
- USB: serial: option: add Foxconn T99W760 (stable-fixes).
- USB: serial: option: add Quectel RG255C (stable-fixes).
- USB: serial: option: add Telit Cinterion FE910C04 new compositions (stable-fixes).
- USB: serial: option: add Telit FN920C04 ECM compositions (stable-fixes).
- USB: serial: option: add Telit FN920C04 RNDIS compositions (stable-fixes).
- USB: serial: option: add Telit LE910 MBIM composition (stable-fixes).
- USB: serial: option: add UNISOC UIS7720 (stable-fixes).
- USB: serial: option: add support for Rolling RW101R-GL (stable-fixes).
- USB: serial: option: move Telit 0x10c7 composition in the right place (stable-fixes).
- USB: storage: Remove subclass and protocol overrides from Novatek quirk (git-fixes).
- Update config files: disable CONFIG_DEVPORT for arm64 (bsc#1256792)
- Workaround for hybrid git workflow in SLFO 1.0/1.1
- arm64: zynqmp: Fix usb node drive strength and slew rate (git-fixes)
- arm64: zynqmp: Revert usb node drive strength and slew rate for (git-fixes)
- ata: libata: Add cpr_log to ata_dev_print_features() early return (git-fixes).
- ata: libata: avoid long timeouts on hot-unplugged SATA DAS (stable-fixes).
- ata: pata_ftide010: Fix some DMA timings (git-fixes).
- atm/fore200e: Fix possible data race in fore200e_open() (git-fixes).
- atm: Fix dma_free_coherent() size (git-fixes).
- atm: fore200e: fix use-after-free in tasklets during device removal (git-fixes).
- atm: idt77252: Add missing `dma_map_error()` (stable-fixes).
- auxdisplay: arm-charlcd: fix release_mem_region() size (git-fixes).
- backlight: led-bl: Add devlink to supplier LEDs (git-fixes).
- backlight: lp855x: Fix lp855x.h kernel-doc warnings (git-fixes).
- backlight: qcom-wled: Change PM8950 WLED configurations (git-fixes).
- backlight: qcom-wled: Support ovp values for PMI8994 (git-fixes).
- bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691).
- bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).
- bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).
- bpf: Reject bpf_timer for PREEMPT_RT (git-fixes).
- broadcom: b44: prevent uninitialized value usage (git-fixes).
- bs-upload-kernel: Fix cve branch uploads
- btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes).
- btrfs: make sure extent and csum paths are always released in scrub_raid56_parity_stripe() (git-fixes).
- btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes).
- bus: fsl-mc: Replace snprintf and sprintf with sysfs_emit in sysfs show functions (stable-fixes).
- bus: fsl-mc: fix an error handling in fsl_mc_device_add() (git-fixes).
- bus: fsl-mc: fix use-after-free in driver_override_show() (git-fixes).
- can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit (git-fixes).
- can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: etas_es58x: allow partial RX URB allocation to succeed (git-fixes).
- can: gs_usb: gs_can_open(): fix error handling (git-fixes).
- can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (git-fixes).
- can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error (git-fixes).
- can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs (git-fixes).
- can: j1939: make j1939_session_activate() fail if device is no longer registered (stable-fixes).
- can: j1939: make j1939_sk_bind() fail if device is no longer registered (git-fixes).
- can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: kvaser_usb: leaf: Fix potential infinite loop in command parsers (git-fixes).
- can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak (git-fixes).
- can: sja1000: fix max irq loop handling (git-fixes).
- can: sun4i_can: sun4i_can_interrupt(): fix max irq loop handling (git-fixes).
- can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak (git-fixes).
- char: applicom: fix NULL pointer dereference in ac_ioctl (stable-fixes).
- char: tpm: cr50: Remove IRQF_ONESHOT (stable-fixes).
- cifs: Fix copy offload to flush destination region (bsc#1252511).
- cifs: Fix flushing, invalidation and file size with copy_file_range() (bsc#1252511).
- cifs: Fix uncached read into ITER_KVEC iterator (bsc#1245449).
- cifs: add new field to track the last access time of cfid (git-fixes).
- cifs: add xid to query server interface call (git-fixes).
- cifs: after disabling multichannel, mark tcon for reconnect (git-fixes).
- cifs: avoid redundant calls to disable multichannel (git-fixes).
- cifs: cifs_pick_channel should try selecting active channels (git-fixes).
- cifs: deal with the channel loading lag while picking channels (git-fixes).
- cifs: dns resolution is needed only for primary channel (git-fixes).
- cifs: do not disable interface polling on failure (git-fixes).
- cifs: do not search for channel if server is terminating (git-fixes).
- cifs: fix a pending undercount of srv_count (git-fixes).
- cifs: fix lock ordering while disabling multichannel (git-fixes).
- cifs: fix stray unlock in cifs_chan_skip_or_disable (git-fixes).
- cifs: fix use after free for iface while disabling secondary channels (git-fixes).
- cifs: handle servers that still advertise multichannel after disabling (git-fixes).
- cifs: handle when server starts supporting multichannel (git-fixes).
- cifs: handle when server stops supporting multichannel (git-fixes).
- cifs: make cifs_chan_update_iface() a void function (git-fixes).
- cifs: make sure server interfaces are requested only for SMB3+ (git-fixes).
- cifs: make sure that channel scaling is done only once (git-fixes).
- cifs: reconnect worker should take reference on server struct unconditionally (git-fixes).
- cifs: reset connections for all channels when reconnect requested (git-fixes).
- cifs: reset iface weights when we cannot find a candidate (git-fixes).
- cifs: serialize other channels when query server interfaces is pending (git-fixes).
- cifs: update dstaddr whenever channel iface is updated (git-fixes).
- clk: clk-apple-nco: Add "apple,t8103-nco" compatible (git-fixes).
- clk: mediatek: Fix error handling in runtime PM setup (git-fixes).
- clk: meson: g12a: Limit the HDMI PLL OD to /4 (git-fixes).
- clk: meson: gxbb: Limit the HDMI PLL OD to /4 on GXL/GXM SoCs (git-fixes).
- clk: qcom: camcc-sm6350: Fix PLL config of PLL2 (git-fixes).
- clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to other (git-fixes).
- clk: qcom: dispcc-sdm845: Enable parents for pixel clocks (git-fixes).
- clk: qcom: gcc-msm8917: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes).
- clk: qcom: gcc-msm8953: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes).
- clk: qcom: gfx3d: add parent to parent request map (git-fixes).
- clk: qcom: rcg2: compute 2d using duty fraction directly (git-fixes).
- clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback (git-fixes).
- clk: renesas: r9a06g032: Fix memory leak in error path (git-fixes).
- clk: renesas: rzg2l: Fix intin variable size (git-fixes).
- clk: renesas: rzg2l: Select correct div round macro (git-fixes).
- clk: tegra: tegra124-emc: Fix potential memory leak in tegra124_clk_register_emc() (git-fixes).
- clk: tegra: tegra124-emc: fix device leak on set_rate() (git-fixes).
- clocksource: Print durations for sync check unconditionally (bsc#1241345).
- clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1241345).
- comedi: Fix getting range information for subdevices 16 to 255 (git-fixes).
- comedi: c6xdigio: Fix invalid PNP driver unregistration (git-fixes).
- comedi: check device's attached status in compat ioctls (git-fixes).
- comedi: dmm32at: serialize use of paged registers (git-fixes).
- comedi: fix divide-by-zero in comedi_buf_munge() (stable-fixes).
- comedi: multiq3: sanitize config options in multiq3_attach() (git-fixes).
- comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() (git-fixes).
- cpufreq: intel_pstate: Check IDA only before MSR_IA32_PERF_CTL writes (git-fixes).
- cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026).
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (git-fixes).
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (git-fixes).
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (git-fixes).
- crypto: cavium - fix dma_free_coherent() size (git-fixes).
- crypto: ccp - Add an S4 restore flow (git-fixes).
- crypto: ccree - Correctly handle return of sg_nents_for_len (git-fixes).
- crypto: hisilicon/qm - restore original qos values (git-fixes).
- crypto: hisilicon/sec2 - support skcipher/aead fallback for hardware queue unavailable (git-fixes).
- crypto: iaa - Fix incorrect return value in save_iaa_wq() (git-fixes).
- crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode (git-fixes).
- crypto: octeontx - Fix length check to avoid truncation in ucode_load_store (git-fixes).
- crypto: octeontx - fix dma_free_coherent() size (git-fixes).
- crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly (git-fixes).
- crypto: qat - fix duplicate restarting msg during AER error (git-fixes).
- crypto: qat - fix parameter order used in ICP_QAT_FW_COMN_FLAGS_BUILD (git-fixes).
- crypto: qat - fix warning on adf_pfvf_pf_proto.c (git-fixes).
- crypto: rockchip - drop redundant crypto_skcipher_ivsize() calls (git-fixes).
- crypto: seqiv - Do not use req->iv after crypto_aead_encrypt (git-fixes).
- crypto: virtio - Add spinlock protection with virtqueue notification (git-fixes).
- crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req (git-fixes).
- device property: Allow secondary lookup in fwnode_get_next_child_node() (git-fixes).
- dm-integrity: limit MAX_TAG_SIZE to 255 (git-fixes).
- dm-verity: fix unreliable memory allocation (git-fixes).
- dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386)
- dma: dma-axi-dmac: fix SW cyclic transfers (git-fixes).
- dmaengine: apple-admac: Add "apple,t8103-admac" compatible (git-fixes).
- dmaengine: at_hdmac: fix device leak on of_dma_xlate() (git-fixes).
- dmaengine: bcm-sba-raid: fix device leak on probe (git-fixes).
- dmaengine: dw: dmamux: fix OF node leak on route allocation failure (git-fixes).
- dmaengine: idxd: fix device leaks on compat bind and unbind (git-fixes).
- dmaengine: lpc18xx-dmamux: fix device leak on route allocation (git-fixes).
- dmaengine: mediatek: uart-apdma: Fix above 4G addressing TX/RX (git-fixes).
- dmaengine: omap-dma: fix dma_pool resource leak in error paths (git-fixes).
- dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() (git-fixes).
- dmaengine: sh: rz-dmac: Fix rz_dmac_terminate_all() (git-fixes).
- dmaengine: sun6i: Choose appropriate burst length under maxburst (stable-fixes).
- dmaengine: tegra-adma: Fix use-after-free (git-fixes).
- dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation (git-fixes).
- dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation (git-fixes).
- dmaengine: ti: k3-udma: fix device leak on udma lookup (git-fixes).
- dmaengine: xilinx: xdma: Fix regmap max_register (git-fixes).
- dmaengine: xilinx_dma: Fix uninitialized addr_width when "xlnx,addrwidth" property is missing (git-fixes).
- docs: ABI: sysfs-devices-soc: Fix swapped sample values (git-fixes).
- docs: fix WARNING document not included in any toctree (stable-fixes).
- docs: w1: fix w1-netlink invalid URL (git-fixes).
- dpll: Prevent duplicate registrations (git-fixes).
- dpll: fix device-id-get and pin-id-get to return errors properly (git-fixes).
- dpll: fix return value check for kmemdup (git-fixes).
- dpll: indent DPLL option type by a tab (git-fixes).
- dpll: spec: add missing module-name and clock-id to pin-get reply (git-fixes).
- drivers/usb/dwc3: fix PCI parent check (git-fixes).
- drivers: iio: mpu3050: use dev_err_probe for regulator request (git-fixes).
- drm/amd/display: Avoid updating surface with the same surface under MPO (stable-fixes).
- drm/amd/display: Bump the HDMI clock to 340MHz (stable-fixes).
- drm/amd/display: Check NULL before accessing (stable-fixes).
- drm/amd/display: Fix DP no audio issue (stable-fixes).
- drm/amd/display: Fix logical vs bitwise bug in get_embedded_panel_info_v2_1() (git-fixes).
- drm/amd/display: Increase DPCD read retries (stable-fixes).
- drm/amd/display: Move sleep into each retry for retrieve_link_cap() (stable-fixes).
- drm/amd/display: Use GFP_ATOMIC in dc_create_plane_state() (stable-fixes).
- drm/amd/display: Use same max plane scaling limits for all 64 bpp formats (git-fixes).
- drm/amd/display: fix wrong color value mapping on MCM shaper LUT (git-fixes).
- drm/amd/pm: Do not clear SI SMC table when setting power limit (git-fixes).
- drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2) (git-fixes).
- drm/amd/pm: fix race in power state check before mutex lock (git-fixes).
- drm/amd: Clean up kfd node on surprise disconnect (stable-fixes).
- drm/amd: Fix hang on amdgpu unload by using pci_dev_is_disconnected() (git-fixes).
- drm/amdgpu/gfx10: fix wptr reset in KGQ init (stable-fixes).
- drm/amdgpu/gfx11: fix wptr reset in KGQ init (stable-fixes).
- drm/amdgpu/soc21: fix xclk for APUs (stable-fixes).
- drm/amdgpu: Add HAINAN clock adjustment (stable-fixes).
- drm/amdgpu: Adjust usleep_range in fence wait (stable-fixes).
- drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc() (git-fixes).
- drm/amdgpu: Fix memory leak in amdgpu_ras_init() (git-fixes).
- drm/amdgpu: Forward VMID reservation errors (git-fixes).
- drm/amdgpu: Skip emit de meta data on gfx11 with rs64 enabled (stable-fixes).
- drm/amdgpu: add missing lock to amdgpu_ttm_access_memory_sdma (git-fixes).
- drm/amdgpu: add support for HDP IP version 6.1.1 (stable-fixes).
- drm/amdgpu: avoid a warning in timedout job handler (stable-fixes).
- drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (git-fixes).
- drm/amdgpu: fix cyan_skillfish2 gpu info fw handling (git-fixes).
- drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify (git-fixes).
- drm/amdgpu: update mappings not managed by KFD (bsc#1255428)
- drm/amdkfd: Fix GART PTE for non-4K pagesize in svm_migrate_gart_map() (stable-fixes).
- drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (stable-fixes).
- drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 (git-fixes).
- drm/amdkfd: fix a memory leak in device_queue_manager_init() (git-fixes).
- drm/amdkfd: fix debug watchpoints for logical devices (stable-fixes).
- drm/atmel-hlcdc: do not reject the commit if the src rect has fractional parts (stable-fixes).
- drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback (stable-fixes).
- drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release (stable-fixes).
- drm/bridge: samsung-dsim: Fix memory leak in error path (git-fixes).
- drm/bridge: ti-sn65dsi86: Enable HPD polling if IRQ is not used (git-fixes).
- drm/buddy: Prevent BUG_ON by validating rounded allocation (git-fixes).
- drm/display/dp_mst: Add protection against 0 vcpi (stable-fixes).
- drm/gma500: Remove unused helper psb_fbdev_fb_setcolreg() (git-fixes).
- drm/i915/acpi: free _DSM package when no connectors (git-fixes).
- drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer (git-fixes).
- drm/i915/wakeref: clean up INTEL_WAKEREF_PUT_* flag macros (stable-fixes).
- drm/imx/tve: fix probe device leak (git-fixes).
- drm/logicvc: Fix device node reference leak in logicvc_drm_config_parse() (git-fixes).
- drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue (git-fixes).
- drm/mediatek: Fix device node reference leak in mtk_dp_dt_parse() (git-fixes).
- drm/mgag200: Fix big-endian support (git-fixes).
- drm/mgag200: fix mgag200_bmc_stop_scanout() (git-fixes).
- drm/msm/a2xx: fix pixel shader start on A225 (git-fixes).
- drm/msm/a2xx: stop over-complaining about the legacy firmware (git-fixes).
- drm/msm/a6xx: Fix out of bound IO access in a6xx_get_gmu_registers (git-fixes).
- drm/msm/a6xx: Flush LRZ cache before PT switch (git-fixes).
- drm/msm/dpu: Add missing NULL pointer check for pingpong interface (git-fixes).
- drm/msm/dpu: Remove dead-code in dpu_encoder_helper_reset_mixers() (git-fixes).
- drm/msm/dpu: fix CMD panels on DPU 1.x - 3.x (git-fixes).
- drm/nouveau/disp/nv50-: Set lock_core in curs507a_prepare (git-fixes).
- drm/nouveau/dispnv50: Do not call drm_atomic_get_crtc_state() in prepare_fb (git-fixes).
- drm/nouveau: add missing DCB connector types (git-fixes).
- drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors (git-fixes).
- drm/nouveau: restrict the flush page to a 32-bit address (git-fixes).
- drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel (git-fixes).
- drm/panel: sony-td4353-jdi: Enable prepare_prev_first (git-fixes).
- drm/pl111: Fix error handling in pl111_amba_probe (git-fixes).
- drm/radeon: Add HAINAN clock adjustment (stable-fixes).
- drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[] (stable-fixes).
- drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes).
- drm/tegra: dsi: fix device leak on probe (git-fixes).
- drm/tegra: hdmi: sor: Fix error: variable ‘j’ set but not used (stable-fixes).
- drm/tilcdc: request and mapp iomem with devres (stable-fixes).
- drm/ttm: Avoid NULL pointer deref for evicted BOs (git-fixes).
- drm/v3d: Set DMA segment size to avoid debug warnings (stable-fixes).
- drm/vgem-fence: Fix potential deadlock on release (git-fixes).
- drm/vmwgfx: Fix an error return check in vmw_compat_shader_add() (git-fixes).
- drm/vmwgfx: Fix invalid kref_put callback in vmw_bo_dirty_release (git-fixes).
- drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (git-fixes).
- drm/vmwgfx: Use kref in vmw_bo_dirty (stable-fixes).
- drm: Account property blob allocations to memcg (stable-fixes).
- drm: nouveau: Replace sprintf() with sysfs_emit() (git-fixes).
- drm: sti: fix device leaks at component probe (git-fixes).
- efi/libstub: Describe missing 'out' parameter in efi_load_initrd (git-fixes).
- efi/libstub: Fix page table access in 5-level to 4-level paging transition (git-fixes).
- efi: Fix reservation of unaccepted memory table (git-fixes).
- efivarfs: fix error propagation in efivar_entry_get() (git-fixes).
- exfat: add a check for invalid data size (git-fixes).
- exfat: using hweight instead of internal logic (git-fixes).
- ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes).
- ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378).
- ext4: wait for ongoing I/O to complete before freeing blocks (bsc#1256366).
- fbcon: check return value of con2fb_acquire_newinfo() (git-fixes).
- fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe() (git-fixes).
- fbdev: ffb: fix corrupted video output on Sun FFB1 (stable-fixes).
- fbdev: gbefb: fix to use physical address instead of dma address (stable-fixes).
- fbdev: of: display_timing: fix refcount leak in of_get_display_timings() (git-fixes).
- fbdev: pxafb: Fix multiple clamped values in pxafb_adjust_timing (git-fixes).
- fbdev: rivafb: fix divide error in nv3_arb() (git-fixes).
- fbdev: smscufx: properly copy ioctl memory to kernelspace (stable-fixes).
- fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe() (git-fixes).
- fbdev: tcx.c fix mem_map to correct smem_start offset (git-fixes).
- fbdev: vt8500lcdfb: fix missing dma_free_coherent() (git-fixes).
- firewire: nosy: Fix dma_free_coherent() size (git-fixes).
- firmware: imx: scu-irq: Init workqueue before request mbox channel (stable-fixes).
- firmware: imx: scu-irq: fix OF node leak in (git-fixes).
- firmware: stratix10-svc: Add mutex in stratix10 memory management (git-fixes).
- firmware: stratix10-svc: fix bug in saving controller data (git-fixes).
- firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc (git-fixes).
- fix it87_wdt early reboot by reporting running timer (stable-fixes).
- fpga: dfl: use subsys_initcall to allow built-in drivers to be added (git-fixes).
- fpga: of-fpga-region: Fail if any bridge is missing (stable-fixes).
- fs: dlm: allow to F_SETLKW getting interrupted (bsc#1255025).
- genalloc.h: fix htmldocs warning (git-fixes).
- gpio: aspeed-sgpio: Change the macro to support deferred probe (stable-fixes).
- gpio: omap: do not register driver in probe() (git-fixes).
- gpio: pca953x: Add support for level-triggered interrupts (stable-fixes).
- gpio: pca953x: Utilise dev_err_probe() where it makes sense (stable-fixes).
- gpio: pca953x: Utilise temporary variable for struct device (stable-fixes).
- gpio: pca953x: fix wrong error probe return value (git-fixes).
- gpio: pca953x: handle short interrupt pulses on PCAL devices (git-fixes).
- gpio: pca953x: mask interrupts in irq shutdown (stable-fixes).
- gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes).
- gpio: rockchip: mark the GPIO controller as sleeping (git-fixes).
- gpio: sprd: Change sprd_gpio lock to raw_spin_lock (stable-fixes).
- gpu: host1x: Fix race in syncpt alloc/free (git-fixes).
- hwmon: (f71882fg) Add F81968 support (stable-fixes).
- hwmon: (ibmpex) fix use-after-free in high/low store (git-fixes).
- hwmon: (max16065) Use READ/WRITE_ONCE to avoid compiler optimization induced race (git-fixes).
- hwmon: (max16065) Use local variable to avoid TOCTOU (git-fixes).
- hwmon: (nct6775) Add ASUS Pro WS WRX90E-SAGE SE (stable-fixes).
- hwmon: (occ) Mark occ_init_attribute() as __printf (git-fixes).
- hwmon: (tmp401) fix overflow caused by default conversion rate value (git-fixes).
- hwmon: (w83791d) Convert macros to functions to avoid TOCTOU (git-fixes).
- hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU (git-fixes).
- hwmon: sy7636a: Fix regulator_enable resource leak on error path (git-fixes).
- i2c: amd-mp2: fix reference leak in MP2 PCI device (git-fixes).
- i2c: designware: Disable SMBus interrupts to prevent storms from mis-configured firmware (stable-fixes).
- i2c: i2c.h: fix a bad kernel-doc line (git-fixes).
- i3c: Move device name assignment after i3c_bus_init (git-fixes).
- i3c: dw: Initialize spinlock to avoid upsetting lockdep (git-fixes).
- i3c: fix refcount inconsistency in i3c_master_register (git-fixes).
- i3c: master: Inherit DMA masks and parameters from parent device (stable-fixes).
- i3c: master: svc: Initialize 'dev' to NULL in svc_i3c_master_ibi_isr() (stable-fixes).
- i3c: master: svc: Prevent incomplete IBI transaction (git-fixes).
- ice: use netif_get_num_default_rss_queues() (bsc#1247712).
- idr: fix idr_alloc() returning an ID out of range (git-fixes).
- iio: Use IRQF_NO_THREAD (stable-fixes).
- iio: accel: bmc150: Fix irq assumption regression (stable-fixes).
- iio: accel: fix ADXL355 startup race condition (git-fixes).
- iio: accel: iis328dq: fix gain values (git-fixes).
- iio: adc: ad7280a: fix ad7280_store_balance_timer() (git-fixes).
- iio: adc: ad7280a: handle spi_setup() errors in probe() (git-fixes).
- iio: adc: ad9467: fix ad9434 vref mask (git-fixes).
- iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver (git-fixes).
- iio: adc: ti_am335x_adc: Limit step_avg to valid range for gcc complains (stable-fixes).
- iio: core: Clean up device correctly on iio_device_alloc() failure (git-fixes).
- iio: core: add missing mutex_destroy in iio_dev_release() (git-fixes).
- iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl (git-fixes).
- iio: gyro: itg3200: Fix unchecked return value in read_raw (git-fixes).
- iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member (git-fixes).
- iio: imu: st_lsm6dsx: fix array size for st_lsm6dsx_settings fields (git-fixes).
- iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection (git-fixes).
- iio: magnetometer: Remove IRQF_ONESHOT (stable-fixes).
- iio: sca3000: Fix a resource leak in sca3000_probe() (git-fixes).
- iio: st_lsm6dsx: Fixed calibrated timestamp calculation (git-fixes).
- iio:common:ssp_sensors: Fix an error handling path ssp_probe() (git-fixes).
- ima: Handle error code returned by ima_filter_rule_match() (git-fixes).
- intel_th: Fix error handling in intel_th_output_open (git-fixes).
- intel_th: fix device leak on output open() (git-fixes).
- iomap: account for unaligned end offsets when truncating read range (git-fixes).
- ipmi: Fix __scan_channels() failing to rescan channels (stable-fixes).
- ipmi: Fix handling of messages with provided receive message pointer (git-fixes).
- ipmi: Fix the race between __scan_channels() and deliver_response() (stable-fixes).
- ipmi: Rework user message limit handling (git-fixes).
- ipmi: ipmb: initialise event handler read bytes (git-fixes).
- irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() (git-fixes).
- kABI workaround for HCI_LE_ADV_0 addition (git-fixes).
- kconfig/mconf: Initialize the default locale at startup (stable-fixes).
- kconfig/nconf: Initialize the default locale at startup (stable-fixes).
- kernel-binary: Require libdw in Factory Libdw is required for gendwarfksyms
- kernel-binary: Support building gendwarfksyms on SLE/Leap 15
- landlock: Optimize file path walks and prepare for audit support (bsc#1255698).
- leds: led-class: Only Add LED to leds_list when it is fully ready (git-fixes).
- leds: leds-lp50xx: Allow LED 0 to be added to module bank (git-fixes).
- leds: leds-lp50xx: Enable chip before any communication (git-fixes).
- leds: leds-lp50xx: LP5009 supports 3 modules for a total of 9 LEDs (git-fixes).
- leds: netxbig: Fix GPIO descriptor leak in error paths (git-fixes).
- leds: qcom-lpg: Check the return value of regmap_bulk_write() (git-fixes).
- lib/crypto: aes: Fix missing MMU protection for AES S-box (git-fixes).
- lib/vsprintf: Check pointer before dereferencing in time_and_date() (git-fixes).
- mISDN: annotate data-race around dev->work (git-fixes).
- mailbox: mailbox-test: Fix debugfs_create_dir error checking (git-fixes).
- media: TDA1997x: Remove redundant cancel_delayed_work in probe (git-fixes).
- media: adv7180: fix frame interval in progressive mode (stable-fixes).
- media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() (git-fixes).
- media: amphion: Add a frame flush mode for decoder (stable-fixes).
- media: amphion: Cancel message work before releasing the VPU core (git-fixes).
- media: amphion: Clear last_buffer_dequeued flag for DEC_CMD_START (stable-fixes).
- media: amphion: Make some vpu_v4l2 functions static (stable-fixes).
- media: amphion: Remove vpu_vb_is_codecconfig (git-fixes).
- media: atomisp: Prefix firmware paths with "intel/ipu/" (bsc#1252973).
- media: atomisp: Remove firmware_name module parameter (bsc#1252973).
- media: ccs: Accommodate C-PHY into the calculation (git-fixes).
- media: ccs: Avoid possible division by zero (git-fixes).
- media: cec: Fix debugfs leak on bus_register() failure (git-fixes).
- media: cx23885: Add missing unmap in snd_cx23885_hw_params() (git-fixes).
- media: cx25821: Add missing unmap in snd_cx25821_hw_params() (git-fixes).
- media: cx25821: Fix a resource leak in cx25821_dev_setup() (stable-fixes).
- media: cx88: Add missing unmap in snd_cx88_hw_params() (git-fixes).
- media: dvb-core: dmxdevfilter must always flush bufs (stable-fixes).
- media: dvb-core: fix wrong reinitialization of ringbuffer on reopen (git-fixes).
- media: dvb-net: fix OOB access in ULE extension header tables (git-fixes).
- media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() (git-fixes).
- media: i2c/tw9903: Fix potential memory leak in tw9903_probe() (git-fixes).
- media: i2c/tw9906: Fix potential memory leak in tw9906_probe() (git-fixes).
- media: i2c: ADV7604: Remove redundant cancel_delayed_work in probe (git-fixes).
- media: i2c: adv7842: Remove redundant cancel_delayed_work in probe (git-fixes).
- media: i2c: ov5647: Correct minimum VBLANK value (git-fixes).
- media: i2c: ov5647: Correct pixel array offset (git-fixes).
- media: i2c: ov5647: Fix PIXEL_RATE value for VGA mode (git-fixes).
- media: i2c: ov5647: Initialize subdev before controls (git-fixes).
- media: i2c: ov5647: Sensor should report RAW color space (git-fixes).
- media: i2c: ov5647: use our own mutex for the ctrl lock (git-fixes).
- media: msp3400: Avoid possible out-of-bounds array accesses in msp3400c_thread() (git-fixes).
- media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() (git-fixes).
- media: mtk-mdp: Fix error handling in probe function (git-fixes).
- media: omap3isp: isp_video_mbus_to_pix/pix_to_mbus fixes (stable-fixes).
- media: omap3isp: isppreview: always clamp in preview_try_format() (stable-fixes).
- media: omap3isp: set initial format (stable-fixes).
- media: pvrusb2: Fix incorrect variable used in trace message (git-fixes).
- media: pvrusb2: fix URB leak in pvr2_send_request_ex (stable-fixes).
- media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes).
- media: radio-keene: fix memory leak in error path (git-fixes).
- media: rc: st_rc: Fix reset control resource leak (git-fixes).
- media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled (git-fixes).
- media: rkisp1: Fix filter mode register configuration (stable-fixes).
- media: samsung: exynos4-is: fix potential ABBA deadlock on init (git-fixes).
- media: solo6x10: Check for out of bounds chip_id (stable-fixes).
- media: uvcvideo: Fix allocation for small frame sizes (git-fixes).
- media: v4l2-mem2mem: Fix outdated documentation (git-fixes).
- media: venus: vdec: fix error state assignment for zero bytesused (git-fixes).
- media: verisilicon: Fix CPU stalls on G2 bus error (git-fixes).
- media: verisilicon: Protect G2 HEVC decoder against invalid DPB index (git-fixes).
- media: verisilicon: Store chroma and motion vectors offset (stable-fixes).
- media: verisilicon: g2: Use common helpers to compute chroma and mv offsets (stable-fixes).
- media: videobuf2: Fix device reference leak in vb2_dc_alloc error path (git-fixes).
- media: vidtv: initialize local pointers upon transfer of memory ownership (git-fixes).
- media: vpif_capture: fix section mismatch (git-fixes).
- media: vpif_display: fix section mismatch (git-fixes).
- mei: me: add nova lake point S DID (stable-fixes).
- mei: me: add wildcat lake P DID (stable-fixes).
- mfd: altera-sysmgr: Fix device leak on sysmgr regmap lookup (git-fixes).
- mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure (git-fixes).
- mfd: core: Add locking around 'mfd_of_node_list' (git-fixes).
- mfd: da9055: Fix missing regmap_del_irq_chip() in error path (git-fixes).
- mfd: max77620: Fix potential IRQ chip conflict when probing two devices (git-fixes).
- mfd: mt6358-irq: Fix missing irq_domain_remove() in error path (git-fixes).
- mfd: mt6397-irq: Fix missing irq_domain_remove() in error path (git-fixes).
- mfd: tps6105x: Fix kernel-doc warnings relating to the core struct and tps6105x_mode (git-fixes).
- mfd: wm8350-core: Use IRQF_ONESHOT (git-fixes).
- misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read() (stable-fixes).
- misc: eeprom: Fix EWEN/EWDS/ERAL commands for 93xx56 and 93xx66 (stable-fixes).
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1254447 bsc#1253087).
- mmc: mmci: Fix device_node reference leak in of_get_dml_pipe_index() (git-fixes).
- mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function (git-fixes).
- mmc: rtsx_pci_sdmmc: increase power-on settling delay to 5ms (git-fixes).
- mmc: sdhci-esdhc-imx: add alternate ARCH_S32 dependency to Kconfig (git-fixes).
- mmc: sdhci-msm: Avoid early clock doubling during HS400 transition (stable-fixes).
- mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode (git-fixes).
- most: usb: fix double free on late probe failure (git-fixes).
- mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() (git-fixes).
- mtd: lpddr_cmds: fix signed shifts in lpddr_cmds (git-fixes).
- mtd: maps: pcmciamtd: fix potential memory leak in pcmciamtd_detach() (git-fixes).
- mtd: nand: relax ECC parameter validation check (git-fixes).
- mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse() (git-fixes).
- mtd: parsers: ofpart: fix OF node refcount leak in parse_fixed_partitions() (git-fixes).
- mtd: rawnand: cadence: Fix return type of CDMA send-and-wait helper (git-fixes).
- mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe error and remove (git-fixes).
- mtd: rawnand: pl353: Fix software ECC support (git-fixes).
- mtd: rawnand: renesas: Handle devm_pm_runtime_enable() errors (git-fixes).
- mtd: spinand: Fix kernel doc (git-fixes).
- myri10ge: avoid uninitialized variable use (stable-fixes).
- net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts (git-fixes).
- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
- net: mdio: aspeed: add dummy read to avoid read-after-write issue (git-fixes).
- net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write (git-fixes).
- net: nfc: nci: Fix parameter validation for packet data (git-fixes).
- net: phy: adin1100: Fix software power-down ready condition (git-fixes).
- net: phy: mxl-gpy: fix bogus error on USXGMII and integrated PHY (git-fixes).
- net: phy: mxl-gpy: fix link properties on USXGMII and internal PHYs (git-fixes).
- net: rose: fix invalid array index in rose_kill_by_device() (git-fixes).
- net: tcp: allow zero-window ACK update the window (bsc#1254767).
- net: usb: catc: enable basic endpoint checking (git-fixes).
- net: usb: dm9601: remove broken SR9700 support (git-fixes).
- net: usb: kalmia: validate USB endpoints (git-fixes).
- net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode (git-fixes).
- net: usb: kaweth: validate USB endpoints (git-fixes).
- net: usb: lan78xx: scan all MDIO addresses on LAN7801 (git-fixes).
- net: usb: pegasus: enable basic endpoint checking (git-fixes).
- net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes).
- net: usb: r8152: fix transmit queue timeout (stable-fixes).
- net: usb: rtl8150: fix memory leak on usb_submit_urb() failure (git-fixes).
- net: usb: sr9700: fix incorrect command used to write single register (git-fixes).
- net: usb: sr9700: remove code to drive nonexistent multicast filter (stable-fixes).
- net: usb: sr9700: support devices with virtual driver CD (stable-fixes).
- net: wan/fsl_ucc_hdlc: Fix dma_free_coherent() in uhdlc_memclean() (git-fixes).
- net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets (git-fixes).
- net: wwan: iosm: Fix memory leak in ipc_mux_deinit() (git-fixes).
- net: wwan: t7xx: fix potential skb->frags overflow in RX path (git-fixes).
- nfc: hci: shdlc: Stop timers and work before freeing context (git-fixes).
- nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame() (git-fixes).
- nfc: nci: Fix race between rfkill and nci_unregister_device() (git-fixes).
- nfc: nxp-nci: remove interrupt trigger type (stable-fixes).
- nfc: pn533: Fix error code in pn533_acr122_poweron_rdr() (git-fixes).
- nfc: pn533: properly drop the usb interface reference on disconnect (git-fixes).
- ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access (stable-fixes).
- ntb: ntb_hw_switchtec: Fix shift-out-of-bounds for 0 mw lut (stable-fixes).
- nvme: Use non zero KATO for persistent discovery connections (git-fixes).
- of: fix reference count leak in of_alias_scan() (git-fixes).
- of: platform: Use default match table for /firmware (git-fixes).
- orangefs: fix xattr related buffer overflow.. (git-fixes).
- phy: broadcom: bcm63xx-usbh: fix section mismatches (git-fixes).
- phy: freescale: imx8m-pcie: assert phy reset during power on (stable-fixes).
- phy: fsl-imx8mq-usb: disable bind/unbind platform driver feature (stable-fixes).
- phy: mvebu-cp110-utmi: fix dr_mode property read from dts (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Fix an error handling path in rcar_gen3_phy_usb2_probe() (git-fixes).
- phy: rockchip: inno-usb2: fix communication disruption in gadget mode (git-fixes).
- phy: rockchip: inno-usb2: fix disconnection in gadget mode (git-fixes).
- phy: stm32-usphyc: Fix off by one in probe() (git-fixes).
- phy: tegra: xusb: Explicitly configure HS_DISCON_LEVEL to 0x7 (git-fixes).
- pinctrl: equilibrium: Fix device node reference leak in pinbank_init() (git-fixes).
- pinctrl: meson: mark the GPIO controller as sleeping (git-fixes).
- pinctrl: qcom: lpass-lpi: mark the GPIO controller as sleeping (git-fixes).
- pinctrl: qcom: msm: Fix deadlock in pinmux configuration (stable-fixes).
- pinctrl: qcom: sm8250-lpass-lpi: Fix i2s2_data_groups definition (git-fixes).
- pinctrl: single: Fix PIN_CONFIG_BIAS_DISABLE handling (stable-fixes).
- pinctrl: single: Fix incorrect type for error return variable (git-fixes).
- pinctrl: single: fix refcount leak in pcs_add_gpio_func() (git-fixes).
- pinctrl: stm32: fix hwspinlock resource leak in probe function (git-fixes).
- platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver (git-fixes).
- platform/chrome: cros_ec_lightbar: Fix response size initialization (git-fixes).
- platform/chrome: cros_typec_switch: Do not touch struct fwnode_handle::dev (git-fixes).
- platform/mellanox: mlxbf-pmc: Remove trailing whitespaces from event names (git-fixes).
- platform/x86/amd/pmc: Add quirk for MECHREVO Wujie 15X Pro (stable-fixes).
- platform/x86/amd/pmc: Add spurious_8042 to Xbox Ally (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Legion Go 2 to pmc quirk list (stable-fixes).
- platform/x86/intel/hid: Add Dell Pro Rugged 10/12 tablet to VGBS DMI quirks (stable-fixes).
- platform/x86: acer-wmi: Ignore backlight event (stable-fixes).
- platform/x86: asus-wmi: use brightness_set_blocking() for kbd led (git-fixes).
- platform/x86: classmate-laptop: Add missing NULL pointer checks (stable-fixes).
- platform/x86: huawei-wmi: add keys for HONOR models (stable-fixes).
- platform/x86: ibm_rtl: fix EBDA signature search pointer arithmetic (git-fixes).
- platform/x86: intel: chtwc_int33fe: do not dereference swnode args (git-fixes).
- platform/x86: intel: punit_ipc: fix memory corruption (git-fixes).
- platform/x86: intel_telemetry: Fix PSS event register mask (git-fixes).
- platform/x86: intel_telemetry: Fix swapped arrays in PSS output (git-fixes).
- platform/x86: msi-laptop: add missing sysfs_remove_group() (git-fixes).
- platform/x86: panasonic-laptop: Fix sysfs group leak in error path (stable-fixes).
- platform/x86: toshiba_haps: Fix memory leaks in add/remove routines (git-fixes).
- power: reset: nvmem-reboot-mode: respect cell size for nvmem_cell_write (git-fixes).
- power: supply: ab8500: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: act8945a: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: apm_power: only unset own apm_get_power_status (git-fixes).
- power: supply: bq256xx: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: bq25980: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: bq27xxx: fix wrong errno when bus ops are unsupported (git-fixes).
- power: supply: cpcap-battery: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: cw2015: Check devm_delayed_work_autocancel() return code (git-fixes).
- power: supply: goldfish: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: qcom_battmgr: Recognize "LiP" as lithium-polymer (git-fixes).
- power: supply: rt9455: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: rt9467: Prevent using uninitialized local variable in rt9467_set_value_from_ranges() (git-fixes).
- power: supply: rt9467: Return error on failure in rt9467_set_value_from_ranges() (git-fixes).
- power: supply: sbs-battery: Fix use-after-free in power_supply_changed() (git-fixes).
- power: supply: wm831x: Check wm831x_set_bits() return value (git-fixes).
- power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed() (git-fixes).
- powercap: fix race condition in register_control_type() (stable-fixes).
- powercap: fix sscanf() error return value handling (stable-fixes).
- powercap: intel_rapl_tpmi: Remove FW_BUG from invalid version check (git-fixes).
- powerpc/64s/slb: Fix SLB multihit issue during SLB preload (bac#1236022 ltc#211187).
- powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).
- powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling (bsc#1253262 ltc#216029).
- powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285 bsc#1205462 bsc#1253739 bsc#1254244).
- pwm: bcm2835: Make sure the channel is enabled after pwm_request() (git-fixes).
- rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net() (git-fixes).
- regmap: Fix race condition in hwspinlock irqsave routine (git-fixes).
- regmap: maple: free entry on mas_store_gfp() failure (stable-fixes).
- regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex (git-fixes).
- regulator: core: disable supply if enabling main regulator fails (git-fixes).
- regulator: core: fix locking in regulator_resolve_supply() error path (git-fixes).
- regulator: core: move supply check earlier in set_machine_constraints() (git-fixes).
- remove a bpf CVE change which is already part of the base kernel
- remove an Intel CPU model change which is already part of the base kernel
- reset: fix BIT macro reference (stable-fixes).
- rpm/mkspec-dtb: add riscv64 dtb-thead subpackage
- rpmsg: core: fix race in driver_override_show() and use core helper (git-fixes).
- rpmsg: glink: fix rpmsg device leak (git-fixes).
- rtc: gamecube: Check the return value of ioremap() (git-fixes).
- rtc: interface: Alarm race handling should not discard preceding error (git-fixes).
- rtc: zynqmp: correct frequency value (stable-fixes).
- sched: Increase sched_tick_remote timeout (bsc#1254510).
- scripts/python/git_sort/git_sort.yaml: add cifs for-next repository
- scripts: obsapi: Support URL trailing / in oscrc
- scripts: teaapi: Add paging
- scripts: uploader: Fix no change condition for _maintainership.json
- scripts: uploader: Handle missing upstream in is_pr_open
- scrits: teaapi: Add list_repos
- scsi: lpfc: Add capability to register Platform Name ID to fabric (bsc#1254119).
- scsi: lpfc: Allow support for BB credit recovery in point-to-point topology (bsc#1254119).
- scsi: lpfc: Ensure unregistration of rpis for received PLOGIs (bsc#1254119).
- scsi: lpfc: Fix leaked ndlp krefs when in point-to-point topology (bsc#1254119).
- scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (bsc#1254119).
- scsi: lpfc: Modify kref handling for Fabric Controller ndlps (bsc#1254119).
- scsi: lpfc: Remove redundant NULL ptr assignment in lpfc_els_free_iocb() (bsc#1254119).
- scsi: lpfc: Revise discovery related function headers and comments (bsc#1254119).
- scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256861).
- scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119).
- scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256861).
- scsi: lpfc: Update various NPIV diagnostic log messaging (bsc#1254119).
- scsi: qla2xxx: Add Speed in SFP print information (bsc#1256863).
- scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256863).
- scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256863).
- scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256863).
- scsi: qla2xxx: Allow recovery for tape devices (bsc#1256863).
- scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256863).
- scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256863).
- scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256863).
- scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256863).
- scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256863).
- scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256863).
- scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256863).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- selftests/bpf: Skip timer cases when bpf_timer is not supported (git-fixes).
- serial: 8250: 8250_omap.c: Clear DMA RX running status only after DMA termination is done (stable-fixes).
- serial: 8250_dw: handle clock enable errors in runtime_resume (stable-fixes).
- serial: 8250_pci: Fix broken RS485 for F81504/508/512 (git-fixes).
- serial: SH_SCI: improve "DMA support" prompt (git-fixes).
- serial: add support of CPCI cards (stable-fixes).
- serial: amba-pl011: prefer dma_mapping_error() over explicit address checking (git-fixes).
- serial: imx: change SERIAL_IMX_CONSOLE to bool (git-fixes).
- serial: sprd: Return -EPROBE_DEFER when uart clock is not ready (stable-fixes).
- shrink_slab_memcg: clear_bits of skipped shrinkers (bsc#1256564).
- slimbus: core: fix OF node leak on registration failure (git-fixes).
- slimbus: core: fix device reference leak on report present (git-fixes).
- slimbus: core: fix of_slim_get_device() kernel doc (git-fixes).
- slimbus: core: fix runtime PM imbalance on report present (git-fixes).
- slimbus: ngd: Fix reference count leak in qcom_slim_ngd_notify_slaves (git-fixes).
- smb3: add missing null server pointer check (git-fixes).
- smb: change return type of cached_dir_lease_break() to bool (git-fixes).
- smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid (git-fixes).
- smb: client: fix cifs_pick_channel when channel needs reconnect (git-fixes).
- smb: client: fix warning when reconnecting channel (git-fixes).
- smb: client: introduce close_cached_dir_locked() (git-fixes).
- smb: client: remove unused fid_lock (git-fixes).
- smb: client: short-circuit in open_cached_dir_by_dentry() if !dentry (git-fixes).
- smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748,bsc#1257154).
- smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes).
- smb: improve directory cache reuse for readdir operations (bsc#1252712).
- smc91x: fix broken irq-context in PREEMPT_RT (git-fixes).
- soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes).
- soc: amlogic: canvas: fix device leak on lookup (git-fixes).
- soc: mediatek: svs: Fix memory leak in svs_enable_debug_write() (git-fixes).
- soc: qcom: cmd-db: Use devm_memremap() to fix memory leak in cmd_db_dev_probe (git-fixes).
- soc: qcom: ocmem: fix device leak on lookup (git-fixes).
- soc: qcom: smem: fix hwspinlock resource leak in probe error paths (git-fixes).
- soc: qcom: smem: handle ENOMEM error during probe (git-fixes).
- soc: ti: k3-socinfo: Fix regmap leak on probe failure (git-fixes).
- soc: ti: pruss: Fix double free in pruss_clk_mux_setup() (git-fixes).
- soundwire: dmi-quirks: add mapping for Avell B.ON (OEM rebranded of NUC15) (stable-fixes).
- spi-geni-qcom: initialize mode related registers to 0 (stable-fixes).
- spi-geni-qcom: use xfer->bits_per_word for can_dma() (stable-fixes).
- spi: amlogic-spifc-a1: Handle devm_pm_runtime_enable() errors (git-fixes).
- spi: bcm63xx: drop wrong casts in probe() (git-fixes).
- spi: bcm63xx: fix premature CS deassertion on RX-only transactions (git-fixes).
- spi: fsl-cpm: Check length parity before switching to 16 bit mode (git-fixes).
- spi: imx: keep dma request disabled before dma transfer setup (stable-fixes).
- spi: spi-mem: Limit octal DTR constraints to octal DTR situations (stable-fixes).
- spi: spi-mem: Protect dirmap_create() with spi_mem_access_start/end (stable-fixes).
- spi: spi-sprd-adi: Fix double free in probe error path (git-fixes).
- spi: sprd-adi: switch to use spi_alloc_host() (stable-fixes).
- spi: sprd: adi: Use devm_register_restart_handler() (stable-fixes).
- spi: stm32: fix Overrun issue at < 8bpw (stable-fixes).
- spi: tegra114: Preserve SPI mode bits in def_command1_reg (git-fixes).
- spi: tegra210-qspi: Remove cache operations (git-fixes)
- spi: tegra210-quad: Add support for internal DMA (git-fixes)
- spi: tegra210-quad: Check hardware status on timeout (bsc#1253155)
- spi: tegra210-quad: Fix timeout handling (bsc#1253155)
- spi: tegra210-quad: Fix timeout handling (git-fixes).
- spi: tegra210-quad: Move curr_xfer read inside spinlock (bsc#1257952)
- spi: tegra210-quad: Move curr_xfer read inside spinlock (git-fixes).
- spi: tegra210-quad: Protect curr_xfer assignment in (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer assignment in tegra_qspi_setup_transfer_one (git-fixes).
- spi: tegra210-quad: Protect curr_xfer check in IRQ handler (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer check in IRQ handler (git-fixes).
- spi: tegra210-quad: Protect curr_xfer clearing in (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer clearing in tegra_qspi_non_combined_seq_xfer (git-fixes).
- spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (bsc#1257952)
- spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (git-fixes).
- spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155)
- spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed (bsc#1257952)
- spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed transfer (git-fixes).
- spi: tegra210-quad: Update dummy sequence configuration (git-fixes)
- spi: tegra: Fix a memory leak in tegra_slink_probe() (git-fixes).
- spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() (git-fixes).
- spi: wpcm-fiu: Fix uninitialized res (git-fixes).
- spi: wpcm-fiu: Simplify with dev_err_probe() (stable-fixes).
- spi: wpcm-fiu: Use devm_platform_ioremap_resource_byname() (stable-fixes).
- spi: xilinx: increase number of retries before declaring stall (stable-fixes).
- staging: fbtft: core: fix potential memory leak in fbtft_probe_common() (git-fixes).
- staging: rtl8723bs: fix memory leak on failure path (stable-fixes).
- staging: rtl8723bs: fix null dereference in find_network (git-fixes).
- staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing (stable-fixes).
- staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser (stable-fixes).
- supported.conf: Mark lan 743x supported (jsc#PED-14571)
- thermal: int340x: Fix sysfs group leak on DLVR registration failure (stable-fixes).
- thunderbolt: Add support for Intel Wildcat Lake (stable-fixes).
- tools/power cpupower: Reset errno before strtoull() (stable-fixes).
- tools/power/x86/intel-speed-select: Fix file descriptor leak in isolate_cpus() (git-fixes).
- tpm: st33zp24: Fix missing cleanup on get_burstcount() error (git-fixes).
- tpm: tpm_i2c_infineon: Fix locality leak on get_burstcount() failure (git-fixes).
- tracing: Fix access to trace_event_file (bsc#1254373).
- uacce: ensure safe queue release with state management (git-fixes).
- uacce: fix cdev handling in the cleanup path (git-fixes).
- uacce: fix isolate sysfs check condition (git-fixes).
- uacce: implement mremap in uacce_vm_ops to return -EPERM (git-fixes).
- uio: uio_fsl_elbc_gpcm:: Add null pointer check to uio_fsl_elbc_gpcm_probe (git-fixes).
- usb: bdc: fix sleep during atomic (git-fixes).
- usb: cdns3: Fix double resource release in cdns3_pci_probe (git-fixes).
- usb: chaoskey: fix locking for O_NONBLOCK (git-fixes).
- usb: chipidea: udc: limit usb request length to max 16KB (stable-fixes).
- usb: core: add USB_QUIRK_NO_BOS for devices that hang on BOS descriptor (stable-fixes).
- usb: dwc2: disable platform lowlevel hw resources during shutdown (stable-fixes).
- usb: dwc2: fix hang during shutdown if set as peripheral (git-fixes).
- usb: dwc2: fix hang during suspend if set as peripheral (git-fixes).
- usb: dwc2: fix resume failure if dr_mode is host (git-fixes).
- usb: dwc3: Abort suspend on soft disconnect failure (git-fixes).
- usb: dwc3: Check for USB4 IP_NAME (stable-fixes).
- usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths (git-fixes).
- usb: dwc3: keep susphy enabled during exit to avoid controller faults (git-fixes).
- usb: dwc3: of-simple: fix clock resource leak in dwc3_of_simple_probe (git-fixes).
- usb: dwc3: pci: Sort out the Intel device IDs (stable-fixes).
- usb: dwc3: pci: add support for the Intel Nova Lake -S (stable-fixes).
- usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes).
- usb: gadget: f_eem: Fix memory leak in eem_unwrap (git-fixes).
- usb: gadget: lpc32xx_udc: fix clock imbalance in error path (git-fixes).
- usb: gadget: renesas_usbf: Handle devm_pm_runtime_enable() errors (git-fixes).
- usb: gadget: tegra-xudc: Add handling for BLCG_COREPLL_PWRDN (git-fixes).
- usb: gadget: tegra-xudc: Always reinitialize data toggle when clear halt (git-fixes).
- usb: ohci-nxp: Use helper function devm_clk_get_enabled() (stable-fixes).
- usb: ohci-nxp: fix device leak on probe failure (git-fixes).
- usb: phy: Initialize struct usb_phy list_head (git-fixes).
- usb: phy: isp1301: fix non-OF device reference imbalance (git-fixes).
- usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE (git-fixes).
- usb: raw-gadget: do not limit transfer length (git-fixes).
- usb: renesas_usbhs: Fix a resource leak in usbhs_pipe_malloc() (git-fixes).
- usb: storage: Fix memory leak in USB bulk transport (git-fixes).
- usb: storage: sddr55: Reject out-of-bound new_pba (stable-fixes).
- usb: typec: tipd: Clear interrupts first (git-fixes).
- usb: typec: ucsi: Handle incorrect num_connectors capability (stable-fixes).
- usb: typec: ucsi: psy: Set max current to zero when disconnected (git-fixes).
- usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer (git-fixes).
- usb: udc: Add trace event for usb_gadget_set_state (stable-fixes).
- usb: usb-storage: Maintain minimal modifications to the bcdDevice range (git-fixes).
- usb: usb-storage: No additional quirks need to be added to the EL-R12 optical drive (stable-fixes).
- usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes).
- usb: xhci: limit run_graceperiod for only usb 3.0 devices (stable-fixes).
- usbip: Fix locking bug in RT-enabled kernels (stable-fixes).
- usbnet: limit max_mtu based on device's hard_mtu (git-fixes).
- via_wdt: fix critical boot hang due to unnamed resource allocation (stable-fixes).
- virtio_console: fix order of fields cols and rows (stable-fixes).
- w1: fix redundant counter decrement in w1_attach_slave_device() (git-fixes).
- w1: therm: Fix off-by-one buffer overflow in alarms_store (git-fixes).
- watchdog: imx7ulp_wdt: handle the nowayout option (stable-fixes).
- watchdog: wdat_wdt: Fix ACPI table leak in probe function (git-fixes).
- wifi: ath10k: fix dma_free_coherent() pointer (git-fixes).
- wifi: ath10k: fix lock protection in ath10k_wmi_event_peer_sta_ps_state_chg() (stable-fixes).
- wifi: ath10k: sdio: add missing lock protection in ath10k_sdio_fw_crashed_dump() (git-fixes).
- wifi: ath11k: add pm quirk for Thinkpad Z13/Z16 Gen1 (stable-fixes).
- wifi: ath11k: fix peer HE MCS assignment (git-fixes).
- wifi: ath11k: restore register window after global reset (git-fixes).
- wifi: ath12k: fix dma_free_coherent() pointer (git-fixes).
- wifi: ath12k: fix preferred hardware mode calculation (stable-fixes).
- wifi: ath9k: debug.h: fix kernel-doc bad lines and struct ath_tx_stats (git-fixes).
- wifi: ath9k: fix kernel-doc warnings in common-debug.h (git-fixes).
- wifi: avoid kernel-infoleak from struct iw_point (git-fixes).
- wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet (stable-fixes).
- wifi: cfg80211: Fix bitrate calculation overflow for HE rates (stable-fixes).
- wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes).
- wifi: cfg80211: cancel rfkill_block work in wiphy_unregister() (git-fixes).
- wifi: cfg80211: sme: store capped length in __cfg80211_connect_result() (git-fixes).
- wifi: cfg80211: stop NAN and P2P in cfg80211_leave (git-fixes).
- wifi: cfg80211: wext: fix IGTK key ID off-by-one (git-fixes).
- wifi: cw1200: Fix potential memory leak in cw1200_bh_rx_helper() (git-fixes).
- wifi: ieee80211: correct FILS status codes (git-fixes).
- wifi: iwlegacy: add missing mutex protection in il3945_store_measurement() (stable-fixes).
- wifi: iwlegacy: add missing mutex protection in il4965_store_tx_power() (stable-fixes).
- wifi: iwlwifi: mvm: check the validity of noa_len (stable-fixes).
- wifi: libertas: fix WARNING in usb_tx_block (stable-fixes).
- wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration (git-fixes).
- wifi: mac80211: collect station statistics earlier when disconnect (stable-fixes).
- wifi: mac80211: correctly check if CSA is active (stable-fixes).
- wifi: mac80211: correctly decode TTLM with default link map (git-fixes).
- wifi: mac80211: do not increment crypto_tx_tailroom_needed_cnt twice (stable-fixes).
- wifi: mac80211: do not use old MBSSID elements (git-fixes).
- wifi: mac80211: fix CMAC functions not handling errors (git-fixes).
- wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() (git-fixes).
- wifi: mac80211: ocb: skip rx_no_sta when interface is not joined (stable-fixes).
- wifi: mac80211: restore non-chanctx injection behaviour (git-fixes).
- wifi: mt76: Fix DTS power-limits on little endian systems (git-fixes).
- wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes).
- wifi: nl80211: vendor-cmd: intel: fix a blank kernel-doc line warning (git-fixes).
- wifi: radiotap: reject radiotap with unknown bits (git-fixes).
- wifi: rsi: Fix memory corruption due to not set vif driver data size (git-fixes).
- wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() (git-fixes).
- wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() (git-fixes).
- wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add (git-fixes).
- wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc() (git-fixes).
- wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode() (stable-fixes).
- wifi: rtw88: Add USB ID 2001:3329 for D-Link AC13U rev. A1 (stable-fixes).
- wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() (git-fixes).
- wifi: rtw88: fix DTIM period handling when conf->dtim_period is zero (stable-fixes).
- wifi: rtw88: limit indirect IO under powered off for RTL8822CS (git-fixes).
- wifi: rtw88: rtw8821cu: Add ID for Mercusys MU6H (stable-fixes).
- wifi: rtw89: pci: restore LDO setting after device resume (stable-fixes).
- wifi: rtw89: wow: add reason codes for disassociation in WoWLAN mode (stable-fixes).
- wifi: wlcore: ensure skb headroom before skb_push (stable-fixes).
- workqueue: mark power efficient workqueue as unbounded if (bsc#1257891)
- x86/hyperv: Fix APIC ID and VP index confusion in hv_snp_boot_ap() (git-fixes).
- x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).
- x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528).
- x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528).
- x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528).
- x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528).
- x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (bsc#1256528).
- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528).
- x86/microcode/AMD: Fix __apply_microcode_amd()'s return value (bsc#1256528).
- x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528).
- x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528).
- x86/microcode/AMD: Select which microcode patch to load (bsc#1256528).
- x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528).
- x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528).
- x86: make page fault handling disable interrupts properly (git-fixes).
- xhci: dbgtty: fix device unregister (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1194869SUSE bug 1205462SUSE bug 1214285SUSE bug 1214635SUSE bug 1214847SUSE bug 1215146SUSE bug 1215199SUSE bug 1215211SUSE bug 1215344SUSE bug 1216062SUSE bug 1216436SUSE bug 1219165SUSE bug 1220419SUSE bug 1223731SUSE bug 1223800SUSE bug 1228490SUSE bug 1233563SUSE bug 1233640SUSE bug 1234163SUSE bug 1234842SUSE bug 1236022SUSE bug 1241345SUSE bug 1241437SUSE bug 1242909SUSE bug 1243055SUSE bug 1243677SUSE bug 1243678SUSE bug 1245193SUSE bug 1245449SUSE bug 1246184SUSE bug 1246328SUSE bug 1246447SUSE bug 1247030SUSE bug 1247500SUSE bug 1247712SUSE bug 1248211SUSE bug 1248886SUSE bug 1249256SUSE bug 1249307SUSE bug 1249587SUSE bug 1250032SUSE bug 1250082SUSE bug 1250334SUSE bug 1250388SUSE bug 1250705SUSE bug 1250748SUSE bug 1251966SUSE bug 1252046SUSE bug 1252342SUSE bug 1252511SUSE bug 1252686SUSE bug 1252712SUSE bug 1252776SUSE bug 1252808SUSE bug 1252824SUSE bug 1252861SUSE bug 1252891SUSE bug 1252900SUSE bug 1252911SUSE bug 1252919SUSE bug 1252924SUSE bug 1252973SUSE bug 1253087SUSE bug 1253155SUSE bug 1253262SUSE bug 1253342SUSE bug 1253365SUSE bug 1253386SUSE bug 1253400SUSE bug 1253402SUSE bug 1253408SUSE bug 1253413SUSE bug 1253442SUSE bug 1253451SUSE bug 1253458SUSE bug 1253463SUSE bug 1253622SUSE bug 1253623SUSE bug 1253647SUSE bug 1253691SUSE bug 1253739SUSE bug 1254119SUSE bug 1254126SUSE bug 1254244SUSE bug 1254373SUSE bug 1254378SUSE bug 1254447SUSE bug 1254465SUSE bug 1254510SUSE bug 1254518SUSE bug 1254520SUSE bug 1254599SUSE bug 1254606SUSE bug 1254611SUSE bug 1254613SUSE bug 1254615SUSE bug 1254621SUSE bug 1254623SUSE bug 1254624SUSE bug 1254626SUSE bug 1254648SUSE bug 1254649SUSE bug 1254653SUSE bug 1254655SUSE bug 1254657SUSE bug 1254660SUSE bug 1254661SUSE bug 1254663SUSE bug 1254669SUSE bug 1254677SUSE bug 1254678SUSE bug 1254688SUSE bug 1254690SUSE bug 1254691SUSE bug 1254693SUSE bug 1254695SUSE bug 1254698SUSE bug 1254701SUSE bug 1254704SUSE bug 1254705SUSE bug 1254707SUSE bug 1254712SUSE bug 1254715SUSE bug 1254717SUSE bug 1254723SUSE bug 1254724SUSE bug 1254732SUSE bug 1254733SUSE bug 1254737SUSE bug 1254739SUSE bug 1254742SUSE bug 1254743SUSE bug 1254749SUSE bug 1254750SUSE bug 1254753SUSE bug 1254754SUSE bug 1254758SUSE bug 1254761SUSE bug 1254762SUSE bug 1254765SUSE bug 1254767SUSE bug 1254782SUSE bug 1254791SUSE bug 1254793SUSE bug 1254794SUSE bug 1254795SUSE bug 1254796SUSE bug 1254797SUSE bug 1254798SUSE bug 1254813SUSE bug 1254815SUSE bug 1254825SUSE bug 1254828SUSE bug 1254829SUSE bug 1254830SUSE bug 1254832SUSE bug 1254835SUSE bug 1254839SUSE bug 1254840SUSE bug 1254842SUSE bug 1254843SUSE bug 1254845SUSE bug 1254846SUSE bug 1254847SUSE bug 1254849SUSE bug 1254850SUSE bug 1254851SUSE bug 1254852SUSE bug 1254854SUSE bug 1254856SUSE bug 1254858SUSE bug 1254860SUSE bug 1254864SUSE bug 1254869SUSE bug 1254871SUSE bug 1254894SUSE bug 1254918SUSE bug 1254957SUSE bug 1254959SUSE bug 1254983SUSE bug 1254992SUSE bug 1255005SUSE bug 1255009SUSE bug 1255025SUSE bug 1255026SUSE bug 1255030SUSE bug 1255033SUSE bug 1255034SUSE bug 1255035SUSE bug 1255039SUSE bug 1255041SUSE bug 1255042SUSE bug 1255046SUSE bug 1255057SUSE bug 1255062SUSE bug 1255064SUSE bug 1255065SUSE bug 1255068SUSE bug 1255072SUSE bug 1255075SUSE bug 1255077SUSE bug 1255081SUSE bug 1255082SUSE bug 1255083SUSE bug 1255092SUSE bug 1255094SUSE bug 1255095SUSE bug 1255100SUSE bug 1255102SUSE bug 1255120SUSE bug 1255122SUSE bug 1255128SUSE bug 1255129SUSE bug 1255131SUSE bug 1255134SUSE bug 1255135SUSE bug 1255136SUSE bug 1255138SUSE bug 1255140SUSE bug 1255142SUSE bug 1255146SUSE bug 1255149SUSE bug 1255152SUSE bug 1255154SUSE bug 1255155SUSE bug 1255157SUSE bug 1255163SUSE bug 1255164SUSE bug 1255167SUSE bug 1255169SUSE bug 1255171SUSE bug 1255172SUSE bug 1255175SUSE bug 1255179SUSE bug 1255182SUSE bug 1255187SUSE bug 1255190SUSE bug 1255193SUSE bug 1255197SUSE bug 1255199SUSE bug 1255202SUSE bug 1255203SUSE bug 1255206SUSE bug 1255209SUSE bug 1255216SUSE bug 1255218SUSE bug 1255221SUSE bug 1255224SUSE bug 1255227SUSE bug 1255230SUSE bug 1255233SUSE bug 1255241SUSE bug 1255245SUSE bug 1255246SUSE bug 1255251SUSE bug 1255252SUSE bug 1255253SUSE bug 1255255SUSE bug 1255259SUSE bug 1255260SUSE bug 1255261SUSE bug 1255262SUSE bug 1255265SUSE bug 1255266SUSE bug 1255268SUSE bug 1255269SUSE bug 1255272SUSE bug 1255273SUSE bug 1255274SUSE bug 1255276SUSE bug 1255279SUSE bug 1255280SUSE bug 1255281SUSE bug 1255297SUSE bug 1255318SUSE bug 1255325SUSE bug 1255327SUSE bug 1255329SUSE bug 1255351SUSE bug 1255377SUSE bug 1255379SUSE bug 1255380SUSE bug 1255395SUSE bug 1255401SUSE bug 1255403SUSE bug 1255415SUSE bug 1255417SUSE bug 1255428SUSE bug 1255480SUSE bug 1255482SUSE bug 1255483SUSE bug 1255488SUSE bug 1255489SUSE bug 1255493SUSE bug 1255495SUSE bug 1255505SUSE bug 1255507SUSE bug 1255530SUSE bug 1255537SUSE bug 1255538SUSE bug 1255539SUSE bug 1255540SUSE bug 1255544SUSE bug 1255545SUSE bug 1255547SUSE bug 1255548SUSE bug 1255549SUSE bug 1255550SUSE bug 1255552SUSE bug 1255553SUSE bug 1255557SUSE bug 1255558SUSE bug 1255563SUSE bug 1255564SUSE bug 1255567SUSE bug 1255568SUSE bug 1255569SUSE bug 1255570SUSE bug 1255578SUSE bug 1255579SUSE bug 1255580SUSE bug 1255583SUSE bug 1255591SUSE bug 1255601SUSE bug 1255603SUSE bug 1255605SUSE bug 1255611SUSE bug 1255614SUSE bug 1255615SUSE bug 1255616SUSE bug 1255617SUSE bug 1255618SUSE bug 1255621SUSE bug 1255622SUSE bug 1255628SUSE bug 1255629SUSE bug 1255630SUSE bug 1255632SUSE bug 1255636SUSE bug 1255688SUSE bug 1255691SUSE bug 1255695SUSE bug 1255698SUSE bug 1255702SUSE bug 1255704SUSE bug 1255706SUSE bug 1255707SUSE bug 1255709SUSE bug 1255722SUSE bug 1255758SUSE bug 1255759SUSE bug 1255760SUSE bug 1255763SUSE bug 1255769SUSE bug 1255770SUSE bug 1255772SUSE bug 1255774SUSE bug 1255775SUSE bug 1255776SUSE bug 1255780SUSE bug 1255785SUSE bug 1255786SUSE bug 1255789SUSE bug 1255790SUSE bug 1255792SUSE bug 1255793SUSE bug 1255795SUSE bug 1255798SUSE bug 1255800SUSE bug 1255801SUSE bug 1255806SUSE bug 1255807SUSE bug 1255809SUSE bug 1255810SUSE bug 1255812SUSE bug 1255814SUSE bug 1255820SUSE bug 1255838SUSE bug 1255842SUSE bug 1255843SUSE bug 1255872SUSE bug 1255875SUSE bug 1255879SUSE bug 1255883SUSE bug 1255884SUSE bug 1255886SUSE bug 1255888SUSE bug 1255890SUSE bug 1255891SUSE bug 1255892SUSE bug 1255899SUSE bug 1255902SUSE bug 1255907SUSE bug 1255911SUSE bug 1255915SUSE bug 1255918SUSE bug 1255921SUSE bug 1255924SUSE bug 1255925SUSE bug 1255930SUSE bug 1255931SUSE bug 1255932SUSE bug 1255934SUSE bug 1255943SUSE bug 1255944SUSE bug 1255949SUSE bug 1255951SUSE bug 1255952SUSE bug 1255955SUSE bug 1255957SUSE bug 1255961SUSE bug 1255963SUSE bug 1255964SUSE bug 1255967SUSE bug 1255974SUSE bug 1255978SUSE bug 1255984SUSE bug 1255988SUSE bug 1255990SUSE bug 1255992SUSE bug 1255993SUSE bug 1255994SUSE bug 1255996SUSE bug 1256033SUSE bug 1256034SUSE bug 1256045SUSE bug 1256050SUSE bug 1256058SUSE bug 1256071SUSE bug 1256074SUSE bug 1256081SUSE bug 1256082SUSE bug 1256083SUSE bug 1256084SUSE bug 1256085SUSE bug 1256090SUSE bug 1256093SUSE bug 1256094SUSE bug 1256095SUSE bug 1256096SUSE bug 1256099SUSE bug 1256100SUSE bug 1256104SUSE bug 1256106SUSE bug 1256107SUSE bug 1256117SUSE bug 1256119SUSE bug 1256121SUSE bug 1256145SUSE bug 1256153SUSE bug 1256178SUSE bug 1256197SUSE bug 1256231SUSE bug 1256233SUSE bug 1256234SUSE bug 1256238SUSE bug 1256263SUSE bug 1256267SUSE bug 1256268SUSE bug 1256271SUSE bug 1256273SUSE bug 1256274SUSE bug 1256279SUSE bug 1256280SUSE bug 1256285SUSE bug 1256291SUSE bug 1256292SUSE bug 1256300SUSE bug 1256301SUSE bug 1256302SUSE bug 1256335SUSE bug 1256348SUSE bug 1256351SUSE bug 1256354SUSE bug 1256358SUSE bug 1256361SUSE bug 1256364SUSE bug 1256366SUSE bug 1256367SUSE bug 1256368SUSE bug 1256369SUSE bug 1256370SUSE bug 1256371SUSE bug 1256373SUSE bug 1256375SUSE bug 1256379SUSE bug 1256387SUSE bug 1256394SUSE bug 1256395SUSE bug 1256396SUSE bug 1256528SUSE bug 1256564SUSE bug 1256579SUSE bug 1256582SUSE bug 1256584SUSE bug 1256586SUSE bug 1256591SUSE bug 1256593SUSE bug 1256597SUSE bug 1256605SUSE bug 1256606SUSE bug 1256607SUSE bug 1256609SUSE bug 1256610SUSE bug 1256611SUSE bug 1256612SUSE bug 1256613SUSE bug 1256616SUSE bug 1256617SUSE bug 1256619SUSE bug 1256622SUSE bug 1256623SUSE bug 1256625SUSE bug 1256628SUSE bug 1256630SUSE bug 1256638SUSE bug 1256640SUSE bug 1256641SUSE bug 1256645SUSE bug 1256646SUSE bug 1256650SUSE bug 1256651SUSE bug 1256653SUSE bug 1256654SUSE bug 1256655SUSE bug 1256659SUSE bug 1256660SUSE bug 1256664SUSE bug 1256665SUSE bug 1256674SUSE bug 1256679SUSE bug 1256680SUSE bug 1256682SUSE bug 1256683SUSE bug 1256688SUSE bug 1256689SUSE bug 1256708SUSE bug 1256716SUSE bug 1256726SUSE bug 1256728SUSE bug 1256730SUSE bug 1256733SUSE bug 1256737SUSE bug 1256741SUSE bug 1256742SUSE bug 1256744SUSE bug 1256752SUSE bug 1256754SUSE bug 1256755SUSE bug 1256757SUSE bug 1256759SUSE bug 1256760SUSE bug 1256761SUSE bug 1256763SUSE bug 1256770SUSE bug 1256773SUSE bug 1256774SUSE bug 1256777SUSE bug 1256779SUSE bug 1256781SUSE bug 1256785SUSE bug 1256792SUSE bug 1256802SUSE bug 1256861SUSE bug 1256863SUSE bug 1257035SUSE bug 1257053SUSE bug 1257154SUSE bug 1257155SUSE bug 1257158SUSE bug 1257159SUSE bug 1257163SUSE bug 1257164SUSE bug 1257179SUSE bug 1257180SUSE bug 1257202SUSE bug 1257204SUSE bug 1257207SUSE bug 1257208SUSE bug 1257209SUSE bug 1257215SUSE bug 1257217SUSE bug 1257218SUSE bug 1257220SUSE bug 1257221SUSE bug 1257227SUSE bug 1257228SUSE bug 1257231SUSE bug 1257232SUSE bug 1257234SUSE bug 1257236SUSE bug 1257245SUSE bug 1257246SUSE bug 1257277SUSE bug 1257282SUSE bug 1257296SUSE bug 1257332SUSE bug 1257473SUSE bug 1257552SUSE bug 1257554SUSE bug 1257557SUSE bug 1257559SUSE bug 1257560SUSE bug 1257562SUSE bug 1257570SUSE bug 1257573SUSE bug 1257576SUSE bug 1257579SUSE bug 1257580SUSE bug 1257586SUSE bug 1257603SUSE bug 1257635SUSE bug 1257679SUSE bug 1257687SUSE bug 1257704SUSE bug 1257706SUSE bug 1257707SUSE bug 1257714SUSE bug 1257715SUSE bug 1257716SUSE bug 1257718SUSE bug 1257722SUSE bug 1257723SUSE bug 1257729SUSE bug 1257735SUSE bug 1257739SUSE bug 1257740SUSE bug 1257741SUSE bug 1257743SUSE bug 1257745SUSE bug 1257749SUSE bug 1257750SUSE bug 1257757SUSE bug 1257758SUSE bug 1257759SUSE bug 1257761SUSE bug 1257762SUSE bug 1257763SUSE bug 1257765SUSE bug 1257768SUSE bug 1257770SUSE bug 1257772SUSE bug 1257775SUSE bug 1257776SUSE bug 1257788SUSE bug 1257789SUSE bug 1257790SUSE bug 1257805SUSE bug 1257808SUSE bug 1257809SUSE bug 1257811SUSE bug 1257813SUSE bug 1257816SUSE bug 1257830SUSE bug 1257891SUSE bug 1257952SUSE bug 1258153SUSE bug 1258181SUSE bug 1258184SUSE bug 1258222SUSE bug 1258234SUSE bug 1258237SUSE bug 1258245SUSE bug 1258249SUSE bug 1258252SUSE bug 1258256SUSE bug 1258259SUSE bug 1258272SUSE bug 1258273SUSE bug 1258277SUSE bug 1258278SUSE bug 1258279SUSE bug 1258299SUSE bug 1258304SUSE bug 1258309SUSE bug 1258313SUSE bug 1258317SUSE bug 1258321SUSE bug 1258326SUSE bug 1258338SUSE bug 1258349SUSE bug 1258354SUSE bug 1258358SUSE bug 1258374SUSE bug 1258377SUSE bug 1258379SUSE bug 1258394SUSE bug 1258395SUSE bug 1258397SUSE bug 1258411SUSE bug 1258415SUSE bug 1258419SUSE bug 1258422SUSE bug 1258424SUSE bug 1258429SUSE bug 1258442SUSE bug 1258464SUSE bug 1258465SUSE bug 1258468SUSE bug 1258469SUSE bug 1258484SUSE bug 1258518SUSE bug 1258519SUSE bug 1258520SUSE bug 1258524SUSE bug 1258544SUSE bug 1258660SUSE bug 1258824SUSE bug 1258928SUSE bug 1259070CVE-2023-42752 at SUSECVE-2023-42752 at NVDCVE-2023-53714 at SUSECVE-2023-53714 at NVDCVE-2023-53743 at SUSECVE-2023-53743 at NVDCVE-2023-53750 at SUSECVE-2023-53750 at NVDCVE-2023-53752 at SUSECVE-2023-53752 at NVDCVE-2023-53759 at SUSECVE-2023-53759 at NVDCVE-2023-53762 at SUSECVE-2023-53762 at NVDCVE-2023-53766 at SUSECVE-2023-53766 at NVDCVE-2023-53768 at SUSECVE-2023-53768 at NVDCVE-2023-53777 at SUSECVE-2023-53777 at NVDCVE-2023-53778 at SUSECVE-2023-53778 at NVDCVE-2023-53782 at SUSECVE-2023-53782 at NVDCVE-2023-53784 at SUSECVE-2023-53784 at NVDCVE-2023-53785 at SUSECVE-2023-53785 at NVDCVE-2023-53787 at SUSECVE-2023-53787 at NVDCVE-2023-53791 at SUSECVE-2023-53791 at NVDCVE-2023-53792 at SUSECVE-2023-53792 at NVDCVE-2023-53793 at SUSECVE-2023-53793 at NVDCVE-2023-53794 at SUSECVE-2023-53794 at NVDCVE-2023-53795 at SUSECVE-2023-53795 at NVDCVE-2023-53797 at SUSECVE-2023-53797 at NVDCVE-2023-53799 at SUSECVE-2023-53799 at NVDCVE-2023-53807 at SUSECVE-2023-53807 at NVDCVE-2023-53808 at SUSECVE-2023-53808 at NVDCVE-2023-53813 at SUSECVE-2023-53813 at NVDCVE-2023-53815 at SUSECVE-2023-53815 at NVDCVE-2023-53817 at SUSECVE-2023-53817 at NVDCVE-2023-53819 at SUSECVE-2023-53819 at NVDCVE-2023-53821 at SUSECVE-2023-53821 at NVDCVE-2023-53823 at SUSECVE-2023-53823 at NVDCVE-2023-53825 at SUSECVE-2023-53825 at NVDCVE-2023-53828 at SUSECVE-2023-53828 at NVDCVE-2023-53831 at SUSECVE-2023-53831 at NVDCVE-2023-53834 at SUSECVE-2023-53834 at NVDCVE-2023-53836 at SUSECVE-2023-53836 at NVDCVE-2023-53839 at SUSECVE-2023-53839 at NVDCVE-2023-53841 at SUSECVE-2023-53841 at NVDCVE-2023-53842 at SUSECVE-2023-53842 at NVDCVE-2023-53843 at SUSECVE-2023-53843 at NVDCVE-2023-53844 at SUSECVE-2023-53844 at NVDCVE-2023-53846 at SUSECVE-2023-53846 at NVDCVE-2023-53847 at SUSECVE-2023-53847 at NVDCVE-2023-53848 at SUSECVE-2023-53848 at NVDCVE-2023-53850 at SUSECVE-2023-53850 at NVDCVE-2023-53851 at SUSECVE-2023-53851 at NVDCVE-2023-53852 at SUSECVE-2023-53852 at NVDCVE-2023-53855 at SUSECVE-2023-53855 at NVDCVE-2023-53856 at SUSECVE-2023-53856 at NVDCVE-2023-53857 at SUSECVE-2023-53857 at NVDCVE-2023-53858 at SUSECVE-2023-53858 at NVDCVE-2023-53860 at SUSECVE-2023-53860 at NVDCVE-2023-53861 at SUSECVE-2023-53861 at NVDCVE-2023-53863 at SUSECVE-2023-53863 at NVDCVE-2023-53864 at SUSECVE-2023-53864 at NVDCVE-2023-53865 at SUSECVE-2023-53865 at NVDCVE-2023-53989 at SUSECVE-2023-53989 at NVDCVE-2023-53992 at SUSECVE-2023-53992 at NVDCVE-2023-53994 at SUSECVE-2023-53994 at NVDCVE-2023-53995 at SUSECVE-2023-53995 at NVDCVE-2023-53996 at SUSECVE-2023-53996 at NVDCVE-2023-53997 at SUSECVE-2023-53997 at NVDCVE-2023-53998 at SUSECVE-2023-53998 at NVDCVE-2023-53999 at SUSECVE-2023-53999 at NVDCVE-2023-54000 at SUSECVE-2023-54000 at NVDCVE-2023-54001 at SUSECVE-2023-54001 at NVDCVE-2023-54005 at SUSECVE-2023-54005 at NVDCVE-2023-54006 at SUSECVE-2023-54006 at NVDCVE-2023-54008 at SUSECVE-2023-54008 at NVDCVE-2023-54013 at SUSECVE-2023-54013 at NVDCVE-2023-54014 at SUSECVE-2023-54014 at NVDCVE-2023-54016 at SUSECVE-2023-54016 at NVDCVE-2023-54017 at SUSECVE-2023-54017 at NVDCVE-2023-54019 at SUSECVE-2023-54019 at NVDCVE-2023-54022 at SUSECVE-2023-54022 at NVDCVE-2023-54023 at SUSECVE-2023-54023 at NVDCVE-2023-54025 at SUSECVE-2023-54025 at NVDCVE-2023-54026 at SUSECVE-2023-54026 at NVDCVE-2023-54027 at SUSECVE-2023-54027 at NVDCVE-2023-54030 at SUSECVE-2023-54030 at NVDCVE-2023-54031 at SUSECVE-2023-54031 at NVDCVE-2023-54032 at SUSECVE-2023-54032 at NVDCVE-2023-54035 at SUSECVE-2023-54035 at NVDCVE-2023-54037 at SUSECVE-2023-54037 at NVDCVE-2023-54038 at SUSECVE-2023-54038 at NVDCVE-2023-54042 at SUSECVE-2023-54042 at NVDCVE-2023-54045 at SUSECVE-2023-54045 at NVDCVE-2023-54048 at SUSECVE-2023-54048 at NVDCVE-2023-54049 at SUSECVE-2023-54049 at NVDCVE-2023-54051 at SUSECVE-2023-54051 at NVDCVE-2023-54052 at SUSECVE-2023-54052 at NVDCVE-2023-54060 at SUSECVE-2023-54060 at NVDCVE-2023-54064 at SUSECVE-2023-54064 at NVDCVE-2023-54066 at SUSECVE-2023-54066 at NVDCVE-2023-54067 at SUSECVE-2023-54067 at NVDCVE-2023-54069 at SUSECVE-2023-54069 at NVDCVE-2023-54070 at SUSECVE-2023-54070 at NVDCVE-2023-54072 at SUSECVE-2023-54072 at NVDCVE-2023-54076 at SUSECVE-2023-54076 at NVDCVE-2023-54080 at SUSECVE-2023-54080 at NVDCVE-2023-54081 at SUSECVE-2023-54081 at NVDCVE-2023-54083 at SUSECVE-2023-54083 at NVDCVE-2023-54088 at SUSECVE-2023-54088 at NVDCVE-2023-54089 at SUSECVE-2023-54089 at NVDCVE-2023-54091 at SUSECVE-2023-54091 at NVDCVE-2023-54092 at SUSECVE-2023-54092 at NVDCVE-2023-54093 at SUSECVE-2023-54093 at NVDCVE-2023-54094 at SUSECVE-2023-54094 at NVDCVE-2023-54095 at SUSECVE-2023-54095 at NVDCVE-2023-54096 at SUSECVE-2023-54096 at NVDCVE-2023-54099 at SUSECVE-2023-54099 at NVDCVE-2023-54101 at SUSECVE-2023-54101 at NVDCVE-2023-54104 at SUSECVE-2023-54104 at NVDCVE-2023-54106 at SUSECVE-2023-54106 at NVDCVE-2023-54112 at SUSECVE-2023-54112 at NVDCVE-2023-54113 at SUSECVE-2023-54113 at NVDCVE-2023-54115 at SUSECVE-2023-54115 at NVDCVE-2023-54117 at SUSECVE-2023-54117 at NVDCVE-2023-54121 at SUSECVE-2023-54121 at NVDCVE-2023-54125 at SUSECVE-2023-54125 at NVDCVE-2023-54127 at SUSECVE-2023-54127 at NVDCVE-2023-54133 at SUSECVE-2023-54133 at NVDCVE-2023-54134 at SUSECVE-2023-54134 at NVDCVE-2023-54135 at SUSECVE-2023-54135 at NVDCVE-2023-54136 at SUSECVE-2023-54136 at NVDCVE-2023-54137 at SUSECVE-2023-54137 at NVDCVE-2023-54140 at SUSECVE-2023-54140 at NVDCVE-2023-54141 at SUSECVE-2023-54141 at NVDCVE-2023-54142 at SUSECVE-2023-54142 at NVDCVE-2023-54143 at SUSECVE-2023-54143 at NVDCVE-2023-54145 at SUSECVE-2023-54145 at NVDCVE-2023-54148 at SUSECVE-2023-54148 at NVDCVE-2023-54149 at SUSECVE-2023-54149 at NVDCVE-2023-54153 at SUSECVE-2023-54153 at NVDCVE-2023-54154 at SUSECVE-2023-54154 at NVDCVE-2023-54155 at SUSECVE-2023-54155 at NVDCVE-2023-54156 at SUSECVE-2023-54156 at NVDCVE-2023-54164 at SUSECVE-2023-54164 at NVDCVE-2023-54166 at SUSECVE-2023-54166 at NVDCVE-2023-54169 at SUSECVE-2023-54169 at NVDCVE-2023-54170 at SUSECVE-2023-54170 at NVDCVE-2023-54171 at SUSECVE-2023-54171 at NVDCVE-2023-54172 at SUSECVE-2023-54172 at NVDCVE-2023-54173 at SUSECVE-2023-54173 at NVDCVE-2023-54177 at SUSECVE-2023-54177 at NVDCVE-2023-54178 at SUSECVE-2023-54178 at NVDCVE-2023-54179 at SUSECVE-2023-54179 at NVDCVE-2023-54181 at SUSECVE-2023-54181 at NVDCVE-2023-54183 at SUSECVE-2023-54183 at NVDCVE-2023-54185 at SUSECVE-2023-54185 at NVDCVE-2023-54189 at SUSECVE-2023-54189 at NVDCVE-2023-54194 at SUSECVE-2023-54194 at NVDCVE-2023-54201 at SUSECVE-2023-54201 at NVDCVE-2023-54204 at SUSECVE-2023-54204 at NVDCVE-2023-54207 at SUSECVE-2023-54207 at NVDCVE-2023-54209 at SUSECVE-2023-54209 at NVDCVE-2023-54210 at SUSECVE-2023-54210 at NVDCVE-2023-54211 at SUSECVE-2023-54211 at NVDCVE-2023-54215 at SUSECVE-2023-54215 at NVDCVE-2023-54219 at SUSECVE-2023-54219 at NVDCVE-2023-54220 at SUSECVE-2023-54220 at NVDCVE-2023-54221 at SUSECVE-2023-54221 at NVDCVE-2023-54223 at SUSECVE-2023-54223 at NVDCVE-2023-54224 at SUSECVE-2023-54224 at NVDCVE-2023-54225 at SUSECVE-2023-54225 at NVDCVE-2023-54227 at SUSECVE-2023-54227 at NVDCVE-2023-54229 at SUSECVE-2023-54229 at NVDCVE-2023-54230 at SUSECVE-2023-54230 at NVDCVE-2023-54235 at SUSECVE-2023-54235 at NVDCVE-2023-54240 at SUSECVE-2023-54240 at NVDCVE-2023-54241 at SUSECVE-2023-54241 at NVDCVE-2023-54246 at SUSECVE-2023-54246 at NVDCVE-2023-54247 at SUSECVE-2023-54247 at NVDCVE-2023-54251 at SUSECVE-2023-54251 at NVDCVE-2023-54253 at SUSECVE-2023-54253 at NVDCVE-2023-54254 at SUSECVE-2023-54254 at NVDCVE-2023-54255 at SUSECVE-2023-54255 at NVDCVE-2023-54258 at SUSECVE-2023-54258 at NVDCVE-2023-54261 at SUSECVE-2023-54261 at NVDCVE-2023-54263 at SUSECVE-2023-54263 at NVDCVE-2023-54264 at SUSECVE-2023-54264 at NVDCVE-2023-54266 at SUSECVE-2023-54266 at NVDCVE-2023-54267 at SUSECVE-2023-54267 at NVDCVE-2023-54271 at SUSECVE-2023-54271 at NVDCVE-2023-54276 at SUSECVE-2023-54276 at NVDCVE-2023-54278 at SUSECVE-2023-54278 at NVDCVE-2023-54281 at SUSECVE-2023-54281 at NVDCVE-2023-54282 at SUSECVE-2023-54282 at NVDCVE-2023-54283 at SUSECVE-2023-54283 at NVDCVE-2023-54285 at SUSECVE-2023-54285 at NVDCVE-2023-54289 at SUSECVE-2023-54289 at NVDCVE-2023-54291 at SUSECVE-2023-54291 at NVDCVE-2023-54292 at SUSECVE-2023-54292 at NVDCVE-2023-54293 at SUSECVE-2023-54293 at NVDCVE-2023-54296 at SUSECVE-2023-54296 at NVDCVE-2023-54297 at SUSECVE-2023-54297 at NVDCVE-2023-54299 at SUSECVE-2023-54299 at NVDCVE-2023-54300 at SUSECVE-2023-54300 at NVDCVE-2023-54302 at SUSECVE-2023-54302 at NVDCVE-2023-54303 at SUSECVE-2023-54303 at NVDCVE-2023-54304 at SUSECVE-2023-54304 at NVDCVE-2023-54309 at SUSECVE-2023-54309 at NVDCVE-2023-54312 at SUSECVE-2023-54312 at NVDCVE-2023-54313 at SUSECVE-2023-54313 at NVDCVE-2023-54314 at SUSECVE-2023-54314 at NVDCVE-2023-54315 at SUSECVE-2023-54315 at NVDCVE-2023-54316 at SUSECVE-2023-54316 at NVDCVE-2023-54318 at SUSECVE-2023-54318 at NVDCVE-2023-54319 at SUSECVE-2023-54319 at NVDCVE-2023-54322 at SUSECVE-2023-54322 at NVDCVE-2023-54324 at SUSECVE-2023-54324 at NVDCVE-2023-54326 at SUSECVE-2023-54326 at NVDCVE-2024-26944 at SUSECVE-2024-26944 at NVDCVE-2024-27005 at SUSECVE-2024-27005 at NVDCVE-2024-42103 at SUSECVE-2024-42103 at NVDCVE-2024-53070 at SUSECVE-2024-53070 at NVDCVE-2024-53093 at SUSECVE-2024-53093 at NVDCVE-2024-53149 at SUSECVE-2024-53149 at NVDCVE-2025-22047 at SUSECVE-2025-22047 at NVDCVE-2025-37813 at SUSECVE-2025-37813 at NVDCVE-2025-37861 at SUSECVE-2025-37861 at NVDCVE-2025-38243 at SUSECVE-2025-38243 at NVDCVE-2025-38321 at SUSECVE-2025-38321 at NVDCVE-2025-38322 at SUSECVE-2025-38322 at NVDCVE-2025-38379 at SUSECVE-2025-38379 at NVDCVE-2025-38539 at SUSECVE-2025-38539 at NVDCVE-2025-38728 at SUSECVE-2025-38728 at NVDCVE-2025-39689 at SUSECVE-2025-39689 at NVDCVE-2025-39748 at SUSECVE-2025-39748 at NVDCVE-2025-39813 at SUSECVE-2025-39813 at NVDCVE-2025-39829 at SUSECVE-2025-39829 at NVDCVE-2025-39880 at SUSECVE-2025-39880 at NVDCVE-2025-39890 at SUSECVE-2025-39890 at NVDCVE-2025-39913 at SUSECVE-2025-39913 at NVDCVE-2025-39964 at SUSECVE-2025-39964 at NVDCVE-2025-39977 at SUSECVE-2025-39977 at NVDCVE-2025-40006 at SUSECVE-2025-40006 at NVDCVE-2025-40024 at SUSECVE-2025-40024 at NVDCVE-2025-40033 at SUSECVE-2025-40033 at NVDCVE-2025-40042 at SUSECVE-2025-40042 at NVDCVE-2025-40053 at SUSECVE-2025-40053 at NVDCVE-2025-40081 at SUSECVE-2025-40081 at NVDCVE-2025-40097 at SUSECVE-2025-40097 at NVDCVE-2025-40099 at SUSECVE-2025-40099 at NVDCVE-2025-40102 at SUSECVE-2025-40102 at NVDCVE-2025-40103 at SUSECVE-2025-40103 at NVDCVE-2025-40106 at SUSECVE-2025-40106 at NVDCVE-2025-40123 at SUSECVE-2025-40123 at NVDCVE-2025-40134 at SUSECVE-2025-40134 at NVDCVE-2025-40135 at SUSECVE-2025-40135 at NVDCVE-2025-40153 at SUSECVE-2025-40153 at NVDCVE-2025-40158 at SUSECVE-2025-40158 at NVDCVE-2025-40160 at SUSECVE-2025-40160 at NVDCVE-2025-40167 at SUSECVE-2025-40167 at NVDCVE-2025-40170 at SUSECVE-2025-40170 at NVDCVE-2025-40178 at SUSECVE-2025-40178 at NVDCVE-2025-40179 at SUSECVE-2025-40179 at NVDCVE-2025-40187 at SUSECVE-2025-40187 at NVDCVE-2025-40190 at SUSECVE-2025-40190 at NVDCVE-2025-40192 at SUSECVE-2025-40192 at NVDCVE-2025-40202 at SUSECVE-2025-40202 at NVDCVE-2025-40211 at SUSECVE-2025-40211 at NVDCVE-2025-40215 at SUSECVE-2025-40215 at NVDCVE-2025-40219 at SUSECVE-2025-40219 at NVDCVE-2025-40220 at SUSECVE-2025-40220 at NVDCVE-2025-40223 at SUSECVE-2025-40223 at NVDCVE-2025-40231 at SUSECVE-2025-40231 at NVDCVE-2025-40233 at SUSECVE-2025-40233 at NVDCVE-2025-40238 at SUSECVE-2025-40238 at NVDCVE-2025-40240 at SUSECVE-2025-40240 at NVDCVE-2025-40242 at SUSECVE-2025-40242 at NVDCVE-2025-40244 at SUSECVE-2025-40244 at NVDCVE-2025-40248 at SUSECVE-2025-40248 at NVDCVE-2025-40250 at SUSECVE-2025-40250 at NVDCVE-2025-40251 at SUSECVE-2025-40251 at NVDCVE-2025-40252 at SUSECVE-2025-40252 at NVDCVE-2025-40254 at SUSECVE-2025-40254 at NVDCVE-2025-40256 at SUSECVE-2025-40256 at NVDCVE-2025-40257 at SUSECVE-2025-40257 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40259 at SUSECVE-2025-40259 at NVDCVE-2025-40261 at SUSECVE-2025-40261 at NVDCVE-2025-40262 at SUSECVE-2025-40262 at NVDCVE-2025-40263 at SUSECVE-2025-40263 at NVDCVE-2025-40264 at SUSECVE-2025-40264 at NVDCVE-2025-40268 at SUSECVE-2025-40268 at NVDCVE-2025-40269 at SUSECVE-2025-40269 at NVDCVE-2025-40271 at SUSECVE-2025-40271 at NVDCVE-2025-40272 at SUSECVE-2025-40272 at NVDCVE-2025-40273 at SUSECVE-2025-40273 at NVDCVE-2025-40274 at SUSECVE-2025-40274 at NVDCVE-2025-40275 at SUSECVE-2025-40275 at NVDCVE-2025-40277 at SUSECVE-2025-40277 at NVDCVE-2025-40278 at SUSECVE-2025-40278 at NVDCVE-2025-40279 at SUSECVE-2025-40279 at NVDCVE-2025-40280 at SUSECVE-2025-40280 at NVDCVE-2025-40282 at SUSECVE-2025-40282 at NVDCVE-2025-40283 at SUSECVE-2025-40283 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40287 at SUSECVE-2025-40287 at NVDCVE-2025-40288 at SUSECVE-2025-40288 at NVDCVE-2025-40289 at SUSECVE-2025-40289 at NVDCVE-2025-40292 at SUSECVE-2025-40292 at NVDCVE-2025-40293 at SUSECVE-2025-40293 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-40301 at SUSECVE-2025-40301 at NVDCVE-2025-40304 at SUSECVE-2025-40304 at NVDCVE-2025-40306 at SUSECVE-2025-40306 at NVDCVE-2025-40307 at SUSECVE-2025-40307 at NVDCVE-2025-40308 at SUSECVE-2025-40308 at NVDCVE-2025-40309 at SUSECVE-2025-40309 at NVDCVE-2025-40310 at SUSECVE-2025-40310 at NVDCVE-2025-40311 at SUSECVE-2025-40311 at NVDCVE-2025-40312 at SUSECVE-2025-40312 at NVDCVE-2025-40314 at SUSECVE-2025-40314 at NVDCVE-2025-40315 at SUSECVE-2025-40315 at NVDCVE-2025-40316 at SUSECVE-2025-40316 at NVDCVE-2025-40317 at SUSECVE-2025-40317 at NVDCVE-2025-40318 at SUSECVE-2025-40318 at NVDCVE-2025-40319 at SUSECVE-2025-40319 at NVDCVE-2025-40320 at SUSECVE-2025-40320 at NVDCVE-2025-40321 at SUSECVE-2025-40321 at NVDCVE-2025-40322 at SUSECVE-2025-40322 at NVDCVE-2025-40323 at SUSECVE-2025-40323 at NVDCVE-2025-40324 at SUSECVE-2025-40324 at NVDCVE-2025-40328 at SUSECVE-2025-40328 at NVDCVE-2025-40329 at SUSECVE-2025-40329 at NVDCVE-2025-40331 at SUSECVE-2025-40331 at NVDCVE-2025-40337 at SUSECVE-2025-40337 at NVDCVE-2025-40338 at SUSECVE-2025-40338 at NVDCVE-2025-40339 at SUSECVE-2025-40339 at NVDCVE-2025-40342 at SUSECVE-2025-40342 at NVDCVE-2025-40343 at SUSECVE-2025-40343 at NVDCVE-2025-40345 at SUSECVE-2025-40345 at NVDCVE-2025-40346 at SUSECVE-2025-40346 at NVDCVE-2025-40347 at SUSECVE-2025-40347 at NVDCVE-2025-40349 at SUSECVE-2025-40349 at NVDCVE-2025-40350 at SUSECVE-2025-40350 at NVDCVE-2025-40351 at SUSECVE-2025-40351 at NVDCVE-2025-40355 at SUSECVE-2025-40355 at NVDCVE-2025-40360 at SUSECVE-2025-40360 at NVDCVE-2025-40363 at SUSECVE-2025-40363 at NVDCVE-2025-68168 at SUSECVE-2025-68168 at NVDCVE-2025-68171 at SUSECVE-2025-68171 at NVDCVE-2025-68172 at SUSECVE-2025-68172 at NVDCVE-2025-68174 at SUSECVE-2025-68174 at NVDCVE-2025-68176 at SUSECVE-2025-68176 at NVDCVE-2025-68178 at SUSECVE-2025-68178 at NVDCVE-2025-68180 at SUSECVE-2025-68180 at NVDCVE-2025-68183 at SUSECVE-2025-68183 at NVDCVE-2025-68185 at SUSECVE-2025-68185 at NVDCVE-2025-68188 at SUSECVE-2025-68188 at NVDCVE-2025-68190 at SUSECVE-2025-68190 at NVDCVE-2025-68192 at SUSECVE-2025-68192 at NVDCVE-2025-68194 at SUSECVE-2025-68194 at NVDCVE-2025-68195 at SUSECVE-2025-68195 at NVDCVE-2025-68200 at SUSECVE-2025-68200 at NVDCVE-2025-68201 at SUSECVE-2025-68201 at NVDCVE-2025-68204 at SUSECVE-2025-68204 at NVDCVE-2025-68206 at SUSECVE-2025-68206 at NVDCVE-2025-68208 at SUSECVE-2025-68208 at NVDCVE-2025-68209 at SUSECVE-2025-68209 at NVDCVE-2025-68217 at SUSECVE-2025-68217 at NVDCVE-2025-68218 at SUSECVE-2025-68218 at NVDCVE-2025-68222 at SUSECVE-2025-68222 at NVDCVE-2025-68227 at SUSECVE-2025-68227 at NVDCVE-2025-68230 at SUSECVE-2025-68230 at NVDCVE-2025-68233 at SUSECVE-2025-68233 at NVDCVE-2025-68235 at SUSECVE-2025-68235 at NVDCVE-2025-68237 at SUSECVE-2025-68237 at NVDCVE-2025-68238 at SUSECVE-2025-68238 at NVDCVE-2025-68239 at SUSECVE-2025-68239 at NVDCVE-2025-68241 at SUSECVE-2025-68241 at NVDCVE-2025-68244 at SUSECVE-2025-68244 at NVDCVE-2025-68245 at SUSECVE-2025-68245 at NVDCVE-2025-68249 at SUSECVE-2025-68249 at NVDCVE-2025-68252 at SUSECVE-2025-68252 at NVDCVE-2025-68254 at SUSECVE-2025-68254 at NVDCVE-2025-68255 at SUSECVE-2025-68255 at NVDCVE-2025-68256 at SUSECVE-2025-68256 at NVDCVE-2025-68257 at SUSECVE-2025-68257 at NVDCVE-2025-68258 at SUSECVE-2025-68258 at NVDCVE-2025-68259 at SUSECVE-2025-68259 at NVDCVE-2025-68261 at SUSECVE-2025-68261 at NVDCVE-2025-68264 at SUSECVE-2025-68264 at NVDCVE-2025-68283 at SUSECVE-2025-68283 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68286 at SUSECVE-2025-68286 at NVDCVE-2025-68287 at SUSECVE-2025-68287 at NVDCVE-2025-68289 at SUSECVE-2025-68289 at NVDCVE-2025-68290 at SUSECVE-2025-68290 at NVDCVE-2025-68295 at SUSECVE-2025-68295 at NVDCVE-2025-68296 at SUSECVE-2025-68296 at NVDCVE-2025-68297 at SUSECVE-2025-68297 at NVDCVE-2025-68301 at SUSECVE-2025-68301 at NVDCVE-2025-68303 at SUSECVE-2025-68303 at NVDCVE-2025-68305 at SUSECVE-2025-68305 at NVDCVE-2025-68307 at SUSECVE-2025-68307 at NVDCVE-2025-68308 at SUSECVE-2025-68308 at NVDCVE-2025-68312 at SUSECVE-2025-68312 at NVDCVE-2025-68313 at SUSECVE-2025-68313 at NVDCVE-2025-68320 at SUSECVE-2025-68320 at NVDCVE-2025-68325 at SUSECVE-2025-68325 at NVDCVE-2025-68327 at SUSECVE-2025-68327 at NVDCVE-2025-68328 at SUSECVE-2025-68328 at NVDCVE-2025-68330 at SUSECVE-2025-68330 at NVDCVE-2025-68331 at SUSECVE-2025-68331 at NVDCVE-2025-68332 at SUSECVE-2025-68332 at NVDCVE-2025-68335 at SUSECVE-2025-68335 at NVDCVE-2025-68337 at SUSECVE-2025-68337 at NVDCVE-2025-68339 at SUSECVE-2025-68339 at NVDCVE-2025-68340 at SUSECVE-2025-68340 at NVDCVE-2025-68345 at SUSECVE-2025-68345 at NVDCVE-2025-68346 at SUSECVE-2025-68346 at NVDCVE-2025-68347 at SUSECVE-2025-68347 at NVDCVE-2025-68349 at SUSECVE-2025-68349 at NVDCVE-2025-68351 at SUSECVE-2025-68351 at NVDCVE-2025-68354 at SUSECVE-2025-68354 at NVDCVE-2025-68362 at SUSECVE-2025-68362 at NVDCVE-2025-68363 at SUSECVE-2025-68363 at NVDCVE-2025-68365 at SUSECVE-2025-68365 at NVDCVE-2025-68366 at SUSECVE-2025-68366 at NVDCVE-2025-68367 at SUSECVE-2025-68367 at NVDCVE-2025-68372 at SUSECVE-2025-68372 at NVDCVE-2025-68374 at SUSECVE-2025-68374 at NVDCVE-2025-68378 at SUSECVE-2025-68378 at NVDCVE-2025-68379 at SUSECVE-2025-68379 at NVDCVE-2025-68380 at SUSECVE-2025-68380 at NVDCVE-2025-68724 at SUSECVE-2025-68724 at NVDCVE-2025-68725 at SUSECVE-2025-68725 at NVDCVE-2025-68727 at SUSECVE-2025-68727 at NVDCVE-2025-68728 at SUSECVE-2025-68728 at NVDCVE-2025-68732 at SUSECVE-2025-68732 at NVDCVE-2025-68733 at SUSECVE-2025-68733 at NVDCVE-2025-68734 at SUSECVE-2025-68734 at NVDCVE-2025-68736 at SUSECVE-2025-68736 at NVDCVE-2025-68740 at SUSECVE-2025-68740 at NVDCVE-2025-68742 at SUSECVE-2025-68742 at NVDCVE-2025-68744 at SUSECVE-2025-68744 at NVDCVE-2025-68746 at SUSECVE-2025-68746 at NVDCVE-2025-68750 at SUSECVE-2025-68750 at NVDCVE-2025-68753 at SUSECVE-2025-68753 at NVDCVE-2025-68757 at SUSECVE-2025-68757 at NVDCVE-2025-68758 at SUSECVE-2025-68758 at NVDCVE-2025-68759 at SUSECVE-2025-68759 at NVDCVE-2025-68764 at SUSECVE-2025-68764 at NVDCVE-2025-68765 at SUSECVE-2025-68765 at NVDCVE-2025-68766 at SUSECVE-2025-68766 at NVDCVE-2025-68768 at SUSECVE-2025-68768 at NVDCVE-2025-68770 at SUSECVE-2025-68770 at NVDCVE-2025-68771 at SUSECVE-2025-68771 at NVDCVE-2025-68773 at SUSECVE-2025-68773 at NVDCVE-2025-68775 at SUSECVE-2025-68775 at NVDCVE-2025-68776 at SUSECVE-2025-68776 at NVDCVE-2025-68777 at SUSECVE-2025-68777 at NVDCVE-2025-68778 at SUSECVE-2025-68778 at NVDCVE-2025-68783 at SUSECVE-2025-68783 at NVDCVE-2025-68785 at SUSECVE-2025-68785 at NVDCVE-2025-68788 at SUSECVE-2025-68788 at NVDCVE-2025-68789 at SUSECVE-2025-68789 at NVDCVE-2025-68795 at SUSECVE-2025-68795 at NVDCVE-2025-68797 at SUSECVE-2025-68797 at NVDCVE-2025-68798 at SUSECVE-2025-68798 at NVDCVE-2025-68800 at SUSECVE-2025-68800 at NVDCVE-2025-68801 at SUSECVE-2025-68801 at NVDCVE-2025-68803 at SUSECVE-2025-68803 at NVDCVE-2025-68804 at SUSECVE-2025-68804 at NVDCVE-2025-68808 at SUSECVE-2025-68808 at NVDCVE-2025-68810 at SUSECVE-2025-68810 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-68814 at SUSECVE-2025-68814 at NVDCVE-2025-68815 at SUSECVE-2025-68815 at NVDCVE-2025-68816 at SUSECVE-2025-68816 at NVDCVE-2025-68819 at SUSECVE-2025-68819 at NVDCVE-2025-68820 at SUSECVE-2025-68820 at NVDCVE-2025-71064 at SUSECVE-2025-71064 at NVDCVE-2025-71066 at SUSECVE-2025-71066 at NVDCVE-2025-71071 at SUSECVE-2025-71071 at NVDCVE-2025-71077 at SUSECVE-2025-71077 at NVDCVE-2025-71078 at SUSECVE-2025-71078 at NVDCVE-2025-71079 at SUSECVE-2025-71079 at NVDCVE-2025-71081 at SUSECVE-2025-71081 at NVDCVE-2025-71082 at SUSECVE-2025-71082 at NVDCVE-2025-71083 at SUSECVE-2025-71083 at NVDCVE-2025-71084 at SUSECVE-2025-71084 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDCVE-2025-71086 at SUSECVE-2025-71086 at NVDCVE-2025-71087 at SUSECVE-2025-71087 at NVDCVE-2025-71088 at SUSECVE-2025-71088 at NVDCVE-2025-71089 at SUSECVE-2025-71089 at NVDCVE-2025-71091 at SUSECVE-2025-71091 at NVDCVE-2025-71093 at SUSECVE-2025-71093 at NVDCVE-2025-71094 at SUSECVE-2025-71094 at NVDCVE-2025-71095 at SUSECVE-2025-71095 at NVDCVE-2025-71096 at SUSECVE-2025-71096 at NVDCVE-2025-71097 at SUSECVE-2025-71097 at NVDCVE-2025-71098 at SUSECVE-2025-71098 at NVDCVE-2025-71100 at SUSECVE-2025-71100 at NVDCVE-2025-71104 at SUSECVE-2025-71104 at NVDCVE-2025-71108 at SUSECVE-2025-71108 at NVDCVE-2025-71111 at SUSECVE-2025-71111 at NVDCVE-2025-71112 at SUSECVE-2025-71112 at NVDCVE-2025-71113 at SUSECVE-2025-71113 at NVDCVE-2025-71114 at SUSECVE-2025-71114 at NVDCVE-2025-71116 at SUSECVE-2025-71116 at NVDCVE-2025-71118 at SUSECVE-2025-71118 at NVDCVE-2025-71119 at SUSECVE-2025-71119 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2025-71123 at SUSECVE-2025-71123 at NVDCVE-2025-71126 at SUSECVE-2025-71126 at NVDCVE-2025-71130 at SUSECVE-2025-71130 at NVDCVE-2025-71131 at SUSECVE-2025-71131 at NVDCVE-2025-71132 at SUSECVE-2025-71132 at NVDCVE-2025-71133 at SUSECVE-2025-71133 at NVDCVE-2025-71135 at SUSECVE-2025-71135 at NVDCVE-2025-71136 at SUSECVE-2025-71136 at NVDCVE-2025-71137 at SUSECVE-2025-71137 at NVDCVE-2025-71138 at SUSECVE-2025-71138 at NVDCVE-2025-71145 at SUSECVE-2025-71145 at NVDCVE-2025-71147 at SUSECVE-2025-71147 at NVDCVE-2025-71148 at SUSECVE-2025-71148 at NVDCVE-2025-71149 at SUSECVE-2025-71149 at NVDCVE-2025-71154 at SUSECVE-2025-71154 at NVDCVE-2025-71162 at SUSECVE-2025-71162 at NVDCVE-2025-71163 at SUSECVE-2025-71163 at NVDCVE-2025-71182 at SUSECVE-2025-71182 at NVDCVE-2025-71184 at SUSECVE-2025-71184 at NVDCVE-2025-71185 at SUSECVE-2025-71185 at NVDCVE-2025-71188 at SUSECVE-2025-71188 at NVDCVE-2025-71189 at SUSECVE-2025-71189 at NVDCVE-2025-71190 at SUSECVE-2025-71190 at NVDCVE-2025-71191 at SUSECVE-2025-71191 at NVDCVE-2025-71192 at SUSECVE-2025-71192 at NVDCVE-2025-71194 at SUSECVE-2025-71194 at NVDCVE-2025-71195 at SUSECVE-2025-71195 at NVDCVE-2025-71196 at SUSECVE-2025-71196 at NVDCVE-2025-71197 at SUSECVE-2025-71197 at NVDCVE-2025-71198 at SUSECVE-2025-71198 at NVDCVE-2025-71199 at SUSECVE-2025-71199 at NVDCVE-2025-71200 at SUSECVE-2025-71200 at NVDCVE-2025-71222 at SUSECVE-2025-71222 at NVDCVE-2025-71224 at SUSECVE-2025-71224 at NVDCVE-2025-71225 at SUSECVE-2025-71225 at NVDCVE-2025-71229 at SUSECVE-2025-71229 at NVDCVE-2025-71231 at SUSECVE-2025-71231 at NVDCVE-2025-71232 at SUSECVE-2025-71232 at NVDCVE-2025-71234 at SUSECVE-2025-71234 at NVDCVE-2025-71235 at SUSECVE-2025-71235 at NVDCVE-2025-71236 at SUSECVE-2025-71236 at NVDCVE-2026-22976 at SUSECVE-2026-22976 at NVDCVE-2026-22977 at SUSECVE-2026-22977 at NVDCVE-2026-22978 at SUSECVE-2026-22978 at NVDCVE-2026-22979 at SUSECVE-2026-22979 at NVDCVE-2026-22982 at SUSECVE-2026-22982 at NVDCVE-2026-22984 at SUSECVE-2026-22984 at NVDCVE-2026-22985 at SUSECVE-2026-22985 at NVDCVE-2026-22988 at SUSECVE-2026-22988 at NVDCVE-2026-22990 at SUSECVE-2026-22990 at NVDCVE-2026-22991 at SUSECVE-2026-22991 at NVDCVE-2026-22992 at SUSECVE-2026-22992 at NVDCVE-2026-22993 at SUSECVE-2026-22993 at NVDCVE-2026-22996 at SUSECVE-2026-22996 at NVDCVE-2026-22997 at SUSECVE-2026-22997 at NVDCVE-2026-22998 at SUSECVE-2026-22998 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23000 at SUSECVE-2026-23000 at NVDCVE-2026-23001 at SUSECVE-2026-23001 at NVDCVE-2026-23003 at SUSECVE-2026-23003 at NVDCVE-2026-23004 at SUSECVE-2026-23004 at NVDCVE-2026-23005 at SUSECVE-2026-23005 at NVDCVE-2026-23006 at SUSECVE-2026-23006 at NVDCVE-2026-23010 at SUSECVE-2026-23010 at NVDCVE-2026-23011 at SUSECVE-2026-23011 at NVDCVE-2026-23017 at SUSECVE-2026-23017 at NVDCVE-2026-23021 at SUSECVE-2026-23021 at NVDCVE-2026-23026 at SUSECVE-2026-23026 at NVDCVE-2026-23033 at SUSECVE-2026-23033 at NVDCVE-2026-23035 at SUSECVE-2026-23035 at NVDCVE-2026-23037 at SUSECVE-2026-23037 at NVDCVE-2026-23049 at SUSECVE-2026-23049 at NVDCVE-2026-23053 at SUSECVE-2026-23053 at NVDCVE-2026-23056 at SUSECVE-2026-23056 at NVDCVE-2026-23057 at SUSECVE-2026-23057 at NVDCVE-2026-23058 at SUSECVE-2026-23058 at NVDCVE-2026-23060 at SUSECVE-2026-23060 at NVDCVE-2026-23061 at SUSECVE-2026-23061 at NVDCVE-2026-23063 at SUSECVE-2026-23063 at NVDCVE-2026-23064 at SUSECVE-2026-23064 at NVDCVE-2026-23068 at SUSECVE-2026-23068 at NVDCVE-2026-23071 at SUSECVE-2026-23071 at NVDCVE-2026-23073 at SUSECVE-2026-23073 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23076 at SUSECVE-2026-23076 at NVDCVE-2026-23078 at SUSECVE-2026-23078 at NVDCVE-2026-23080 at SUSECVE-2026-23080 at NVDCVE-2026-23082 at SUSECVE-2026-23082 at NVDCVE-2026-23083 at SUSECVE-2026-23083 at NVDCVE-2026-23084 at SUSECVE-2026-23084 at NVDCVE-2026-23085 at SUSECVE-2026-23085 at NVDCVE-2026-23086 at SUSECVE-2026-23086 at NVDCVE-2026-23089 at SUSECVE-2026-23089 at NVDCVE-2026-23090 at SUSECVE-2026-23090 at NVDCVE-2026-23091 at SUSECVE-2026-23091 at NVDCVE-2026-23094 at SUSECVE-2026-23094 at NVDCVE-2026-23095 at SUSECVE-2026-23095 at NVDCVE-2026-23096 at SUSECVE-2026-23096 at NVDCVE-2026-23099 at SUSECVE-2026-23099 at NVDCVE-2026-23101 at SUSECVE-2026-23101 at NVDCVE-2026-23102 at SUSECVE-2026-23102 at NVDCVE-2026-23104 at SUSECVE-2026-23104 at NVDCVE-2026-23105 at SUSECVE-2026-23105 at NVDCVE-2026-23107 at SUSECVE-2026-23107 at NVDCVE-2026-23108 at SUSECVE-2026-23108 at NVDCVE-2026-23110 at SUSECVE-2026-23110 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23112 at SUSECVE-2026-23112 at NVDCVE-2026-23113 at SUSECVE-2026-23113 at NVDCVE-2026-23116 at SUSECVE-2026-23116 at NVDCVE-2026-23119 at SUSECVE-2026-23119 at NVDCVE-2026-23121 at SUSECVE-2026-23121 at NVDCVE-2026-23129 at SUSECVE-2026-23129 at NVDCVE-2026-23133 at SUSECVE-2026-23133 at NVDCVE-2026-23135 at SUSECVE-2026-23135 at NVDCVE-2026-23139 at SUSECVE-2026-23139 at NVDCVE-2026-23141 at SUSECVE-2026-23141 at NVDCVE-2026-23145 at SUSECVE-2026-23145 at NVDCVE-2026-23146 at SUSECVE-2026-23146 at NVDCVE-2026-23150 at SUSECVE-2026-23150 at NVDCVE-2026-23151 at SUSECVE-2026-23151 at NVDCVE-2026-23152 at SUSECVE-2026-23152 at NVDCVE-2026-23155 at SUSECVE-2026-23155 at NVDCVE-2026-23156 at SUSECVE-2026-23156 at NVDCVE-2026-23163 at SUSECVE-2026-23163 at NVDCVE-2026-23166 at SUSECVE-2026-23166 at NVDCVE-2026-23167 at SUSECVE-2026-23167 at NVDCVE-2026-23170 at SUSECVE-2026-23170 at NVDCVE-2026-23171 at SUSECVE-2026-23171 at NVDCVE-2026-23172 at SUSECVE-2026-23172 at NVDCVE-2026-23173 at SUSECVE-2026-23173 at NVDCVE-2026-23176 at SUSECVE-2026-23176 at NVDCVE-2026-23178 at SUSECVE-2026-23178 at NVDCVE-2026-23179 at SUSECVE-2026-23179 at NVDCVE-2026-23182 at SUSECVE-2026-23182 at NVDCVE-2026-23190 at SUSECVE-2026-23190 at NVDCVE-2026-23191 at SUSECVE-2026-23191 at NVDCVE-2026-23198 at SUSECVE-2026-23198 at NVDCVE-2026-23202 at SUSECVE-2026-23202 at NVDCVE-2026-23207 at SUSECVE-2026-23207 at NVDCVE-2026-23208 at SUSECVE-2026-23208 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDCVE-2026-23213 at SUSECVE-2026-23213 at NVDCVE-2026-23214 at SUSECVE-2026-23214 at NVDCVE-2026-23221 at SUSECVE-2026-23221 at NVDCVE-2026-23222 at SUSECVE-2026-23222 at NVDCVE-2026-23229 at SUSECVE-2026-23229 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer (bsc#1257118).
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257118SUSE bug 1257629SUSE bug 1257669CVE-2025-21738 at SUSECVE-2025-21738 at NVDCVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257629SUSE bug 1257669CVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257629SUSE bug 1257669CVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095).
- CVE-2024-35839: kABI fix for netfilter: bridge: replace physindev with physinif in nf_bridge_info (bsc#1224726).
- CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
- CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809).
- CVE-2024-44996: vsock: fix recursive ->recvmsg calls (bsc#1230205).
- CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request (bsc#1235705).
- CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854).
- CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (bsc#1235727).
- CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init() (bsc#1232161).
- CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed (bsc#1232158).
- CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from frag_list (bsc#1232101).
- CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087).
- CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419).
- CVE-2024-50039: kABI: Restore deleted EXPORT_SYMBOL(__qdisc_calculate_pkt_len) (bsc#1231909).
- CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038).
- CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055).
- CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
- CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324).
- CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200).
- CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239).
- CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized
delayed_work on cache_ctr error (bsc#1233467 bsc#1233469).
- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).
- CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488).
- CVE-2024-53050: drm/i915/hdcp: Add encoder check in hdcp2_get_capability (bsc#1233546).
- CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464).
- CVE-2024-53090: afs: Fix lock recursion (bsc#1233637).
- CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx (bsc#1233638).
- CVE-2024-53099: bpf: Check validity of link->type in bpf_link_show_fdinfo() (bsc#1233772).
- CVE-2024-53105: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() (bsc#1234069).
- CVE-2024-53111: mm/mremap: fix address wraparound in move_page_tables() (bsc#1234086).
- CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077).
- CVE-2024-53117: virtio/vsock: Improve MSG_ZEROCOPY error handling (bsc#1234079).
- CVE-2024-53118: vsock: Fix sk_error_queue memory leak (bsc#1234071).
- CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073).
- CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219).
- CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220).
- CVE-2024-53133: drm/amd/display: Handle dml allocation failure to avoid crash (bsc#1234221)
- CVE-2024-53134: pmdomain: imx93-blk-ctrl: correct remove path (bsc#1234159).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).
- CVE-2024-53160: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu (bsc#1234810).
- CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856).
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
- CVE-2024-53170: block: fix uaf for flush rq while iterating tags (bsc#1234888).
- CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching (bsc#1234898).
- CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns (bsc#1234893).
- CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).
- CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey() (bsc#1234901).
- CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
- CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use (bsc#1234957).
- CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction (bsc#1234906).
- CVE-2024-53198: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() (bsc#1234923).
- CVE-2024-53203: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() (bsc#1235001).
- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).
- CVE-2024-53216: nfsd: fix UAF when access ex_uuid or ex_stats (bsc#1235003).
- CVE-2024-53222: zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974).
- CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011).
- CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050).
- CVE-2024-53234: erofs: handle NONHEAD !delta[1] lclusters gracefully (bsc#1235045).
- CVE-2024-53236: xsk: Free skb when TX metadata options are invalid (bsc#1235000).
- CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
- CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282).
- CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720).
- CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree node (bsc#1235737).
- CVE-2024-55881: KVM: x86: Play nice with protected guests in complete_hypercall_exit() (bsc#1235745).
- CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753).
- CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912).
- CVE-2024-56566: mm/slub: Avoid list corruption when removing a slab from the full list (bsc#1235033).
- CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032).
- CVE-2024-56569: ftrace: Fix regression with module command in stack_trace_filter (bsc#1235031).
- CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035).
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235128).
- CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123).
- CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption model (bsc#1235241).
- CVE-2024-56599: wifi: ath10k: avoid NULL pointer error during sdio remove (bsc#1235138).
- CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217).
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230).
- CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521).
- CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in can_create() (bsc#1235415).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (bsc#1235487).
- CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock (bsc#1235390).
- CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM (bsc#1235391).
- CVE-2024-56614: xsk: fix OOB map writes when deleting elements (bsc#1235424).
- CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements (bsc#1235426).
- CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (bsc#1235429).
- CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled (bsc#1235227).
- CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251).
- CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480).
- CVE-2024-56635: net: avoid potential UAF in default_operstate() (bsc#1235519).
- CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb() (bsc#1235520).
- CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a module (bsc#1235523).
- CVE-2024-56641: net/smc: initialize close_work early to avoid warning (bsc#1235526).
- CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv (bsc#1235132).
- CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451).
- CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not support (bsc#1235449).
- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430).
- CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (bsc#1235444).
- CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439).
- CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference (bsc#1235437).
- CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249).
- CVE-2024-56665: bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog (bsc#1235489).
- CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (bsc#1235555).
- CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (bsc#1235498).
- CVE-2024-56693: brd: defer automatic disk creation until module initialization succeeds (bsc#1235418).
- CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS (bsc#1235412).
- CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
- CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (bsc#1235545).
- CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload (bsc#1235564).
- CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path (bsc#1235565).
- CVE-2024-56715: ionic: Fix netdev notifier unregister on failure (bsc#1235612).
- CVE-2024-56716: netdevsim: prevent bad user input in nsim_dev_health_break_write() (bsc#1235587).
- CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (bsc#1235578).
- CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (bsc#1235582).
- CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (bsc#1235583).
- CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (bsc#1235656).
- CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops (bsc#1235503).
- CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934).
- CVE-2024-56748: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (bsc#1235627).
- CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920).
- CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645).
- CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write (bsc#1235638).
- CVE-2024-56774: btrfs: add a sanity check for btrfs root in btrfs_search_slot() (bsc#1235653).
- CVE-2024-56775: drm/amd/display: Fix handling of plane refcount (bsc#1235657).
- CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759).
- CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768).
- CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device (bsc#1235906).
- CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without loaded flag (bsc#1235940).
- CVE-2024-57802: netrom: check buffer length before accessing it (bsc#1235941).
- CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs (bsc#1235779).
- CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL (bsc#1235793).
- CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings (bsc#1235798).
- CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946).
- CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (bsc#1235948).
- CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (bsc#1235964).
- CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount (bsc#1235965).
- CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
- CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap (bsc#1236127).
- CVE-2024-57929: dm array: fix releasing a faulty array block twice in dm_array_cursor_end (bsc#1236096).
- CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
- CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues (bsc#1236190).
- CVE-2024-57933: gve: guard XSK operations on the existence of queues (bsc#1236178).
- CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in sctp_association_init() (bsc#1236182).
- CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend (bsc#1236247).
- CVE-2025-21632: x86/fpu: Ensure shadow stack is active before "getting" registers (bsc#1236106).
- CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08 devices (bsc#1236143).
- CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue (bsc#1236144).
- CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145).
- CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink() (bsc#1236160).
- CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (bsc#1236161).
- CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period (bsc#1236163).
- CVE-2025-21662: net/mlx5: Fix variable not being completed when function returns (bsc#1236198).
- CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device tree (bsc#1236260).
- CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first function (bsc#1236262).
- CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel (bsc#1236688).
- CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error (bsc#1236696).
- CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing, fix null-deref (bsc#1236703).
The following non-security bugs were fixed:
- 9p: v9fs_fid_find: also lookup by inode if not found dentry (git-fixes).
- ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294)
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes).
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable-fixes).
- ACPI: PCC: Add PCC shared memory region command and status bitfields (stable-fixes).
- ACPI: PRM: Add PRM handler direct call support (jsc#PED-10467).
- ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
- ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (stable-fixes).
- ACPI: resource: Fix memory resource type union access (git-fixes).
- ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Acer Iconia One 8 A1-840 (stable-fixes).
- ACPI: x86: Clean up Asus entries in acpi_quirk_skip_dmi_ids[] (stable-fixes).
- ACPI: x86: Make UART skip quirks work on PCI UARTs without an UID (stable-fixes).
- ACPICA: events/evxfregn: do not release the ContextMutex that was never acquired (git-fixes).
- ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio (stable-fixes).
- ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31 laptop (git-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes).
- ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on Acer Nitro 5 (stable-fixes).
- ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130 (bsc#1235686).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: seq: Check UMP support for midi_version change (git-fixes).
- ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes).
- ALSA: seq: ump: Fix seq port updates per FB info notify (git-fixes).
- ALSA: seq: ump: Use automatic cleanup of kfree() (stable-fixes).
- ALSA: seq: ump: Use guard() for locking (stable-fixes).
- ALSA: ump: Use guard() for locking (stable-fixes).
- ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
- ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5 (stable-fixes).
- ALSA: usb-audio: Notify xrun for low-latency mode (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: US16x08: Initialize array before use (git-fixes).
- ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C (stable-fixes).
- ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP (stable-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
- ASoC: amd: yc: Add a quirk for microfone on Lenovo ThinkPad P14s Gen 5 21MES00B00 (stable-fixes).
- ASoC: amd: yc: Add quirk for microphone on Lenovo Thinkpad T14s Gen 6 21M1CTO1WW (stable-fixes).
- ASoC: amd: yc: Fix the wrong return value (git-fixes).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: fix internal mic on Redmi G 2022 (stable-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: hdmi-codec: reorder channel allocation list (stable-fixes).
- ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
- ASoC: rt722: add delay time to wait for the calibration procedure (stable-fixes).
- ASoC: samsung: Add missing depends on I2C (git-fixes).
- ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
- ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
- ASoC: wm8994: Add depends on MFD core (stable-fixes).
- Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
- Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() (stable-fixes).
- Bluetooth: ISO: Reassociate a socket with an active BIS (stable-fixes).
- Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection (git-fixes).
- Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (stable-fixes).
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
- Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes).
- Bluetooth: MGMT: Fix possible deadlocks (git-fixes).
- Bluetooth: SCO: Add support for 16 bits transparent voice setting (git-fixes).
- Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes).
- Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
- Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (stable-fixes).
- Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes).
- Bluetooth: btusb: add callback function in btusb suspend/resume (stable-fixes).
- Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes).
- Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (stable-fixes).
- Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating (git-fixes).
- Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes).
- Bluetooth: iso: Fix recursive locking warning (git-fixes).
- Delete XHCI patch for regression (bsc#1235550)
- Disable ceph (jsc#PED-7242)
- Documentation: PM: Clarify pm_runtime_resume_and_get() return value (git-fixes).
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes).
- Drop downstream TPM fix patch (bsc#1233260 bsc#1233259 bsc#1232421)
- Drop uvcvideo fix due to regression (bsc#1235894)
- EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
- HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (git-fixes).
- HID: fix generic desktop D-Pad controls (git-fixes).
- HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
- HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check (git-fixes).
- HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support (stable-fixes).
- HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
- Input: atkbd - map F23 key to support default copilot shortcut (stable-fixes).
- Input: bbnsm_pwrkey - add remove hook (git-fixes).
- Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes).
- Input: davinci-keyscan - remove leftover header (git-fixes).
- Input: xpad - add QH Electronics VID/PID (stable-fixes).
- Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-fixes).
- Input: xpad - add support for Nacon Pro Compact (stable-fixes).
- Input: xpad - add support for wooting two he (arm) (stable-fixes).
- Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-fixes).
- Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
- KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635).
- KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235776).
- KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235777).
- KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235778).
- NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git-fixes).
- NFSD: Async COPY result needs to return a write verifier (git-fixes).
- NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (git-fixes).
- NFSD: Fix nfsd4_shutdown_copy() (git-fixes).
- NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes).
- NFSD: Prevent a potential integer overflow (git-fixes).
- NFSD: Remove a never-true comparison (git-fixes).
- NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point (git-fixes).
- NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git-fixes).
- NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
- NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
- Octeontx2-pf: Free send queue buffers incase of leaf to inner (git-fixes).
- PCI/AER: Disable AER service on suspend (stable-fixes).
- PCI/MSI: Handle lack of irqdomain gracefully (git-fixes).
- PCI: Add 'reset_subordinate' to reset hierarchy below bridge (stable-fixes).
- PCI: Add ACS quirk for Broadcom BCM5760X NIC (stable-fixes).
- PCI: Add ACS quirk for Wangxun FF5xxx NICs (stable-fixes).
- PCI: Add T_PERST_CLK_US macro (git-fixes).
- PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-fixes).
- PCI: Detect and trust built-in Thunderbolt chips (stable-fixes).
- PCI: Fix use-after-free of slot->bus on hot remove (stable-fixes).
- PCI: Use preserve_config in place of pci_flags (stable-fixes).
- PCI: cadence: Extract link setup sequence from cdns_pcie_host_setup() (stable-fixes).
- PCI: cadence: Set cdns_pcie_host_init() global (stable-fixes).
- PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads (stable-fixes).
- PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
- PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-fixes).
- PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar() (git-fixes).
- PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
- PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-fixes).
- PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
- PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-fixes).
- PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-fixes).
- PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
- PCI: j721e: Add PCIe 4x lane selection support (stable-fixes).
- PCI: j721e: Add per platform maximum lane settings (stable-fixes).
- PCI: j721e: Add reset GPIO to struct j721e_pcie (stable-fixes).
- PCI: j721e: Add suspend and resume support (git-fixes).
- PCI: j721e: Use T_PERST_CLK_US macro (git-fixes).
- PCI: microchip: Set inbound address translation for coherent or non-coherent mode (git-fixes).
- PCI: qcom: Add support for IPQ9574 (stable-fixes).
- PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() (git-fixes).
- PCI: vmd: Add DID 8086:B06F and 8086:B60B for Intel client SKUs (stable-fixes).
- PCI: vmd: Set devices to D0 before enabling PM L1 Substates (stable-fixes).
- PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
- RAS/AMD/ATL: Translate normalized to system physical addresses using PRM (jsc#PED-10467).
- RDMA/bnxt_re: Add check for path mtu in modify_qp (git-fixes)
- RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
- RDMA/bnxt_re: Avoid initializing the software queue for user queues (git-fixes)
- RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (git-fixes)
- RDMA/bnxt_re: Disable use of reserved wqes (git-fixes)
- RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
- RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
- RDMA/bnxt_re: Fix max_qp_wrs reported (git-fixes)
- RDMA/bnxt_re: Fix reporting hw_ver in query_device (git-fixes)
- RDMA/bnxt_re: Fix the check for 9060 condition (git-fixes)
- RDMA/bnxt_re: Fix the locking while accessing the QP table (git-fixes)
- RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
- RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
- RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-fixes)
- RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
- RDMA/bnxt_re: Remove always true dattr validity check (git-fixes)
- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)
- RDMA/hns: Fix accessing invalid dip_ctx during destroying QP (git-fixes)
- RDMA/hns: Fix mapping error of zero-hop WQE buffer (git-fixes)
- RDMA/hns: Fix missing flush CQE for DWQE (git-fixes)
- RDMA/hns: Fix warning storm caused by invalid input in IO path (git-fixes)
- RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-fixes)
- RDMA/mlx5: Enforce same type port association for multiport RoCE (git-fixes)
- RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-fixes)
- RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
- RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
- RDMA/rtrs: Ensure 'ib_sge list' is accessible (git-fixes)
- RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
- RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
- RDMA/srp: Fix error handling in srp_add_port (git-fixes)
- RDMA/uverbs: Prevent integer overflow issue (git-fixes)
- Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-fixes).
- Revert "block/mq-deadline: use correct way to throttling write requests" (bsc#1234146).
- Revert "btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)"
- Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
- Revert "igb: Disable threaded IRQ for igb_msix_other" (git-fixes).
- Revert "mm, kmsan: fix infinite recursion due to RCU critical section" (bsc#1230413)
- Revert "mm/sparsemem: fix race in accessing memory_section->usage" (bsc#1230413)
- Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()" (bsc#1230413)
- Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" (git-fixes).
- Revert "unicode: Do not special case ignorable code points" (stable-fixes).
- Revert "usb: gadget: u_serial: Disable ep before setting port to null
to fix the crash caused by port being null" (stable-fixes).
- Revert 'arm64: Kconfig: Make SME depend on BROKEN for now'
- Revert 0dd78566990 ("Disable ceph (jsc#PED-7242)")
- SUNRPC: make sure cache entry active before cache_show (git-fixes).
- SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT (git-fixes).
- USB: core: Disable LPM only for non-suspended ports (git-fixes).
- USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes).
- USB: serial: option: add MediaTek T7XX compositions (stable-fixes).
- USB: serial: option: add MeiG Smart SLM770A (stable-fixes).
- USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
- USB: serial: option: add Neoway N723-EA support (stable-fixes).
- USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (stable-fixes).
- USB: serial: option: add TCL IK512 MBIM & ECM (stable-fixes).
- USB: serial: option: add Telit FE910C04 rmnet compositions (stable-fixes).
- USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-fixes).
- USB: usblp: return error when setting unsupported protocol (git-fixes).
- VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
- VMCI: fix reference to ioctl-number.rst (git-fixes).
- accel/habanalabs/gaudi2: unsecure tpc count registers (stable-fixes).
- accel/habanalabs: export dma-buf only if size/offset multiples of PAGE_SIZE (stable-fixes).
- accel/habanalabs: fix debugfs files permissions (stable-fixes).
- accel/habanalabs: increase HL_MAX_STR to 64 bytes to avoid warnings (stable-fixes).
- acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (git-fixes).
- af_unix: Call manage_oob() for every skb in unix_stream_read_generic() (bsc#1234725).
- afs: Automatically generate trace tag enums (git-fixes).
- afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
- afs: Fix cleanup of immediately failed async calls (git-fixes).
- afs: Fix directory format encoding struct (git-fixes).
- afs: Fix missing subdir edit when renamed between parent dirs (git-fixes).
- afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
- afs: Fix the maximum cell name length (git-fixes).
- amdgpu/uvd: get ring reference from rq scheduler (git-fixes).
- arch: Introduce arch_{,try_}_cmpxchg128{,_local}() (bsc#1220773).
- arch: Remove cmpxchg_double (bsc#1220773).
- arch: consolidate arch_irq_work_raise prototypes (git-fixes).
- arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
- arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605)
- arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
- arm64: Force position-independent veneers (git-fixes).
- arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245)
- arm64: dts: imx8mp: correct sdhc ipg clk (git-fixes).
- arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-fixes)
- arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes).
- arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
- arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git-fixes).
- arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
- arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
- arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
- ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-fixes).
- autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes).
- batman-adv: Do not let TT changes list grows indefinitely (git-fixes).
- batman-adv: Do not send uninitialized TT changes (git-fixes).
- batman-adv: Remove uninitialized data in full table TT response (git-fixes).
- blk-cgroup: Fix UAF in blkcg_unpin_online() (bsc#1234726).
- blk-core: use pr_warn_ratelimited() in bio_check_ro() (bsc#1234139).
- blk-iocost: Fix an UBSAN shift-out-of-bounds warning (bsc#1234144).
- blk-iocost: do not WARN if iocg was already offlined (bsc#1234147).
- blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" (bsc#1234140).
- block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator() (bsc#1234149).
- block, bfq: do not break merge chain in bfq_split_bfqq() (bsc#1234150).
- block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234160).
- block, bfq: fix procress reference leakage for bfqq in merge chain (bsc#1234280).
- block, bfq: fix uaf for accessing waker_bfqq after splitting (bsc#1234279).
- block/mq-deadline: Fix the tag reservation code (bsc#1234148).
- block: Call .limit_depth() after .hctx has been set (bsc#1234148).
- block: Fix where bio IO priority gets set (bsc#1234145).
- block: prevent an integer overflow in bvec_try_merge_hw_page (bsc#1234142).
- block: update the stable_writes flag in bdev_add (bsc#1234141).
- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
- bnxt_en: Fix receive ring space parameters when XDP is active (git-fixes).
- bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (git-fixes).
- bnxt_en: Set backplane link modes correctly for ethtool (git-fixes).
- bpf, x86: Fix PROBE_MEM runtime load check (git-fixes).
- bpf: verifier: prevent userspace memory access (git-fixes).
- btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445).
- btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)
- btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445).
- bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-fixes).
- can: gs_usb: add VID/PID for Xylanta SAINT3 product family (stable-fixes).
- can: j1939: fix error in J1939 documentation (stable-fixes).
- ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592).
- checkpatch: always parse orig_commit in fixes tag (git-fixes).
- checkpatch: check for missing Fixes tags (stable-fixes).
- cleanup: Add conditional guard support (stable-fixes).
- cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-fixes).
- cleanup: Remove address space of returned pointer (git-fixes).
- clocksource/drivers/timer-ti-dm: Fix child node refcount handling (git-fixes).
- clocksource/drivers:sp804: Make user selectable (git-fixes).
- counter: stm32-timer-cnt: Add check for clk_enable() (git-fixes).
- counter: ti-ecap-capture: Add check for clk_enable() (git-fixes).
- cpufreq: ACPI: Fix max-frequency computation (git-fixes).
- cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
- cpufreq: amd-pstate: remove global header file (git-fixes).
- cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo() (bsc#1234619).
- cpufreq: intel_pstate: Do not update global.turbo_disabled after initialization (bsc#1234619).
- cpufreq: intel_pstate: Drop redundant locking from intel_pstate_driver_cleanup() (bsc#1234619).
- cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619).
- cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller (bsc#1234619).
- cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations (bsc#1234619).
- cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
- cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619).
- cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo() (bsc#1234619).
- cpufreq: intel_pstate: Refine computation of P-state for given frequency (bsc#1234619).
- cpufreq: intel_pstate: Replace three global.turbo_disabled checks (bsc#1234619).
- cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619).
- cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
- cpufreq: intel_pstate: Update the maximum CPU frequency consistently (bsc#1234619).
- cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-fixes).
- cpufreq: intel_pstate: Use __ro_after_init for three variables (bsc#1234619).
- cpufreq: intel_pstate: Wait for canceled delayed work to complete (bsc#1234619).
- cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call back (git-fixes).
- cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
- cpupower: fix TSC MHz calculation (git-fixes).
- crypto: caam - use JobR's space to access page 0 regs (git-fixes).
- crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes (git-fixes).
- crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-fixes).
- crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable-fixes).
- crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes).
- crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable-fixes).
- crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async' (git-fixes).
- crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-fixes).
- crypto: qat - disable IOV in adf_dev_stop() (git-fixes).
- crypto: qce - fix goto jump in error path (git-fixes).
- crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
- crypto: qce - unregister previously registered algos in error path (git-fixes).
- crypto: x86/sha256 - Add parentheses around macros' single arguments (stable-fixes).
- cyrpto/b128ops: Remove struct u128 (bsc#1220773).
- devcoredump: cleanup some comments (git-fixes).
- devlink: Fix length of eswitch inline-mode (git-fixes).
- dlm: fix possible lkb_resource null dereference (git-fixes).
- dma-buf: fix dma_fence_array_signaled v4 (stable-fixes).
- dma-debug: fix a possible deadlock on radix_lock (stable-fixes).
- dmaengine: apple-admac: Avoid accessing registers in probe (git-fixes).
- dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (git-fixes).
- dmaengine: dw: Select only supported masters for ACPI devices (git-fixes).
- dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357).
- dmaengine: mv_xor: fix child node refcount handling in early exit (git-fixes).
- dmaengine: tegra: Return correct DMA status when paused (git-fixes).
- dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
- docs: media: update location of the media patches (stable-fixes).
- docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-fixes).
- driver core: Add FWLINK_FLAG_IGNORE to completely ignore a fwnode link (stable-fixes).
- driver core: class: Fix wild pointer dereferences in API class_dev_iter_next() (git-fixes).
- driver core: fw_devlink: Improve logs for cycle detection (stable-fixes).
- driver core: fw_devlink: Stop trying to optimize cycle detection logic (git-fixes).
- drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
- drivers: net: ionic: add missed debugfs cleanup to ionic_probe() error path (git-fixes).
- drm/amd/display: Add HDR workaround for specific eDP (stable-fixes).
- drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw (stable-fixes).
- drm/amd/display: Add check for granularity in dml ceil/floor helpers (stable-fixes).
- drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes).
- drm/amd/display: Avoid overflow assignment in link_dp_cts (stable-fixes).
- drm/amd/display: Fix DSC-re-computing (stable-fixes).
- drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable-fixes).
- drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes).
- drm/amd/display: Revert Avoid overflow assignment (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
- drm/amd/display: Use gpuvm_min_page_size_kbytes for DML2 surfaces (stable-fixes).
- drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable-fixes).
- drm/amd/pm: Fix an error handling path in vega10_enable_se_edc_force_stall_config() (git-fixes).
- drm/amd/pm: fix the high voltage issue after unload (stable-fixes).
- drm/amd/pm: update current_socclk and current_uclk in gpu_metrics on smu v13.0.7 (stable-fixes).
- drm/amdgpu/gfx10: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/gfx11: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/gfx9: properly handle error ints on all pipes (stable-fixes).
- drm/amdgpu/gfx9: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/hdp5.2: do a posting read when flushing HDP (stable-fixes).
- drm/amdgpu/pm: Remove gpu_od if it's an empty directory (stable-fixes).
- drm/amdgpu/umsch: do not execute umsch test when GPU is in reset/suspend (stable-fixes).
- drm/amdgpu/umsch: reinitialize write pointer in hw init (stable-fixes).
- drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
- drm/amdgpu/vcn: reset fw_shared when VCPU buffers corrupted on vcn v4.0.3 (stable-fixes).
- drm/amdgpu: Block MMR_READ IOCTL in reset (stable-fixes).
- drm/amdgpu: Dereference the ATCS ACPI buffer (stable-fixes).
- drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (git-fixes).
- drm/amdgpu: add raven1 gfxoff quirk (stable-fixes).
- drm/amdgpu: add smu 14.0.1 discovery support (stable-fixes).
- drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
- drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts for vega20_ih (stable-fixes).
- drm/amdgpu: differentiate external rev id for gfx 11.5.0 (stable-fixes).
- drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable-fixes).
- drm/amdgpu: do not access invalid sched (git-fixes).
- drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes).
- drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable-fixes).
- drm/amdgpu: fix usage slab after free (stable-fixes).
- drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes).
- drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr (stable-fixes).
- drm/amdgpu: set the right AMDGPU sg segment limitation (stable-fixes).
- drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
- drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov (stable-fixes).
- drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini() (git-fixes).
- drm/amdkfd: Correct the migration DMA map direction (stable-fixes).
- drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes).
- drm/amdkfd: Use device based logging for errors (stable-fixes).
- drm/amdkfd: Use the correct wptr size (stable-fixes).
- drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes).
- drm/amdkfd: pause autosuspend when creating pdd (stable-fixes).
- drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes).
- drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
- drm/bridge: it6505: Enable module autoloading (stable-fixes).
- drm/bridge: it6505: Fix inverted reset polarity (git-fixes).
- drm/bridge: it6505: update usleep_range for RC circuit charge time (stable-fixes).
- drm/display: Fix building with GCC 15 (stable-fixes).
- drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes).
- drm/dp_mst: Fix MST sideband message body length check (stable-fixes).
- drm/dp_mst: Fix resetting msg rx state after topology removal (git-fixes).
- drm/dp_mst: Verify request type in the corresponding down message reply (stable-fixes).
- drm/etnaviv: Fix page property being used for non writecombine buffers (git-fixes).
- drm/etnaviv: flush shader L1 cache after user commandstream (stable-fixes).
- drm/i915/dg1: Fix power gate sequence (git-fixes).
- drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
- drm/i915: Fix NULL pointer dereference in capture_engine (git-fixes).
- drm/i915: Fix memory leak by correcting cache object name in error handler (git-fixes).
- drm/mcde: Enable module autoloading (stable-fixes).
- drm/mediatek: Add return value check when reading DPCD (git-fixes).
- drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes).
- drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes).
- drm/mediatek: Fix mode valid issue for dp (git-fixes).
- drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes).
- drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes).
- drm/mediatek: stop selecting foreign drivers (git-fixes).
- drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() (stable-fixes).
- drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
- drm/msm: Check return value of of_dma_configure() (git-fixes).
- drm/msm: do not clean up priv->kms prematurely (git-fixes).
- drm/nouveau/gsp: Use the sg allocator for level 2 of radix3 (stable-fixes).
- drm/panel: novatek-nt35950: fix return value check in nt35950_probe() (git-fixes).
- drm/panel: simple: Add Microchip AC69T88A LVDS Display panel (stable-fixes).
- drm/printer: Allow NULL data in devcoredump printer (stable-fixes).
- drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable-fixes).
- drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (stable-fixes).
- drm/radeon: Fix spurious unplug event on radeon HDMI (git-fixes).
- drm/radeon: add helper rdev_to_drm(rdev) (stable-fixes).
- drm/radeon: change rdev->ddev to rdev_to_drm(rdev) (stable-fixes).
- drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
- drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
- drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8 (git-fixes).
- drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-fixes).
- drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
- drm/sched: memset() 'job' in drm_sched_job_init() (stable-fixes).
- drm/tidss: Clear the interrupt status for interrupts being disabled (git-fixes).
- drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
- drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
- drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes).
- drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
- drm/vc4: hdmi: Avoid log spam for audio start failure (stable-fixes).
- drm/vc4: hvs: Set AXI panic modes for the HVS (stable-fixes).
- drm/vmwgfx: Add new keep_resv BO param (git-fixes).
- drm: adv7511: Drop dsi single lane support (git-fixes).
- drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Founder edition (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK (stable-fixes).
- drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- erofs: avoid debugging output for (de)compressed data (git-fixes).
- exfat: ensure that ctime is updated whenever the mtime is (git-fixes).
- exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes).
- exfat: fix the infinite loop in exfat_readdir() (git-fixes).
- exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes).
- ext4: add a new helper to check if es must be kept (bsc#1234170).
- ext4: add correct group descriptors and reserved GDT blocks to system zone (bsc#1234164).
- ext4: add missed brelse in update_backups (bsc#1234171).
- ext4: allow for the last group to be marked as trimmed (bsc#1234278).
- ext4: avoid buffer_head leak in ext4_mark_inode_used() (bsc#1234191).
- ext4: avoid excessive credit estimate in ext4_tmpfile() (bsc#1234180).
- ext4: avoid negative min_clusters in find_group_orlov() (bsc#1234193).
- ext4: avoid overlapping preallocations due to overflow (bsc#1234162).
- ext4: avoid potential buffer_head leak in __ext4_new_inode() (bsc#1234192).
- ext4: avoid writing unitialized memory to disk in EA inodes (bsc#1234187).
- ext4: check the extent status again before inserting delalloc block (bsc#1234186).
- ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard (bsc#1234190).
- ext4: convert to exclusive lock while inserting delalloc extents (bsc#1234178).
- ext4: correct best extent lstart adjustment logic (bsc#1234179).
- ext4: correct grp validation in ext4_mb_good_group (bsc#1234163).
- ext4: correct return value of ext4_convert_meta_bg (bsc#1234172).
- ext4: correct the hole length returned by ext4_map_blocks() (bsc#1234178).
- ext4: correct the start block of counting reserved clusters (bsc#1234169).
- ext4: do not let fstrim block system suspend (bsc#1234166).
- ext4: do not trim the group with corrupted block bitmap (bsc#1234177).
- ext4: factor out __es_alloc_extent() and __es_free_extent() (bsc#1234170).
- ext4: factor out a common helper to query extent map (bsc#1234186).
- ext4: fix inconsistent between segment fstrim and full fstrim (bsc#1234176).
- ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space() (bsc#1234188).
- ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit() (bsc#1234188).
- ext4: fix incorrect tid assumption in jbd2_journal_shrink_checkpoint_list() (bsc#1234188).
- ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (bsc#1214954).
- ext4: fix potential unnitialized variable (bsc#1234183).
- ext4: fix race between writepages and remount (bsc#1234168).
- ext4: fix rec_len verify error (bsc#1234167).
- ext4: fix slab-use-after-free in ext4_es_insert_extent() (bsc#1234170).
- ext4: fix uninitialized variable in ext4_inlinedir_to_tree (bsc#1234185).
- ext4: forbid commit inconsistent quota data when errors=remount-ro (bsc#1234178).
- ext4: make ext4_es_insert_delayed_block() return void (bsc#1234170).
- ext4: make ext4_es_insert_extent() return void (bsc#1234170).
- ext4: make ext4_es_remove_extent() return void (bsc#1234170).
- ext4: make ext4_zeroout_es() return void (bsc#1234170).
- ext4: make sure allocate pending entry not fail (bsc#1234170).
- ext4: mark buffer new if it is unwritten to avoid stale data exposure (bsc#1234175).
- ext4: move 'ix' sanity check to corrent position (bsc#1234174).
- ext4: move setting of trimmed bit into ext4_try_to_trim_range() (bsc#1234165).
- ext4: nested locking for xattr inode (bsc#1234189).
- ext4: propagate errors from ext4_find_extent() in ext4_insert_range() (bsc#1234194).
- ext4: refactor ext4_da_map_blocks() (bsc#1234178).
- ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks (bsc#1234173).
- ext4: remove the redundant folio_wait_stable() (bsc#1234184).
- ext4: set the type of max_zeroout to unsigned int to avoid overflow (bsc#1234182).
- ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow (bsc#1234181).
- ext4: use pre-allocated es in __es_insert_extent() (bsc#1234170).
- ext4: use pre-allocated es in __es_remove_extent() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_insert_delayed_block() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_insert_extent() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_remove_extent() (bsc#1234170).
- fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-fixes).
- filemap: Fix bounds checking in filemap_read() (bsc#1234209).
- filemap: add a per-mapping stable writes flag (bsc#1234141).
- firmware: arm_scmi: Reject clear channel request on A2P (stable-fixes).
- fs-writeback: do not requeue a clean inode having skipped pages (bsc#1234200).
- fs/writeback: bail out if there is no more inodes for IO and queued once (bsc#1234207).
- fsnotify: fix sending inotify event with unexpected filename (bsc#1234198).
- genirq/cpuhotplug: Retry with cpu_online_mask when migration fails (git-fixes).
- genirq/cpuhotplug: Skip suspended interrupts when restoring affinity (git-fixes).
- genirq/irqdesc: Honor caller provided affinity in alloc_desc() (git-fixes).
- genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
- genksyms: fix memory leak when the same symbol is added from source (git-fixes).
- genksyms: fix memory leak when the same symbol is read from *.symref file (git-fixes).
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
- gpio: grgpio: Add NULL check in grgpio_probe (git-fixes).
- gpio: grgpio: use a helper variable to store the address of ofdev->dev (stable-fixes).
- gpio: mxc: remove dead code after switch to DT-only (git-fixes).
- gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
- hfsplus: do not query the device logical block size multiple times (git-fixes).
- hvc/xen: fix console unplug (git-fixes).
- hvc/xen: fix error path in xen_hvc_init() to always register frontend driver (git-fixes).
- hvc/xen: fix event channel handling for secondary consoles (git-fixes).
- hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes).
- hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
- hwmon: (nct6775) Add 665-ACE/600M-CL to ASUS WMI monitoring list (stable-fixes).
- hwmon: (pmbus/core) clear faults after setting smbalert mask (git-fixes).
- hwmon: (pmbus_core) Allow to hook PMBUS_SMBALERT_MASK (stable-fixes).
- hwmon: (tmp513) Do not use "proxy" headers (stable-fixes).
- hwmon: (tmp513) Fix Current Register value interpretation (git-fixes).
- hwmon: (tmp513) Fix division of negative numbers (git-fixes).
- hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit Registers (git-fixes).
- hwmon: (tmp513) Fix interpretation of values of Temperature Result and Limit Registers (git-fixes).
- hwmon: (tmp513) Simplify with dev_err_probe() (stable-fixes).
- hwmon: (tmp513) Use SI constants from units.h (stable-fixes).
- hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
- i2c: core: fix reference leak in i2c_register_adapter() (git-fixes).
- i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
- i2c: i801: Add support for Intel Panther Lake (stable-fixes).
- i2c: imx: add imx7d compatible string for applying erratum ERR007805 (git-fixes).
- i2c: microchip-core: actually use repeated sends (git-fixes).
- i2c: microchip-core: fix "ghost" detections (git-fixes).
- i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes).
- i2c: pnx: Fix timeout in wait functions (git-fixes).
- i2c: rcar: fix NACK handling when being a target (git-fixes).
- i2c: riic: Always round-up when calculating bus period (git-fixes).
- i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable-fixes).
- i40e: Fix handling changed priv flags (git-fixes).
- i915/guc: Accumulate active runtime on gt reset (git-fixes).
- i915/guc: Ensure busyness counter increases motonically (git-fixes).
- i915/guc: Reset engine utilization buffer before registration (git-fixes).
- ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
- ice: Unbind the workqueue (bsc#1234989)
- ice: change q_index variable type to s16 to store -1 value (git-fixes).
- ice: consistently use q_idx in ice_vc_cfg_qs_msg() (git-fixes).
- ice: fix PHY Clock Recovery availability check (git-fixes).
- idpf: add support for SW triggered interrupts (bsc#1235507).
- idpf: enable WB_ON_ITR (bsc#1235507).
- idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507).
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes).
- igb: Fix potential invalid memory access in igb_init_module() (git-fixes).
- iio: adc: ad7124: Disable all channels at probe time (git-fixes).
- iio: adc: ad_sigma_delta: Handle CS assertion as intended in ad_sd_read_reg_raw() (git-fixes).
- iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes).
- iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes).
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes).
- iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes).
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes).
- iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes).
- iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-fixes).
- iio: imu: kmx61: fix information leak in triggered buffer (git-fixes).
- iio: inkern: call iio_device_put() only on mapped devices (git-fixes).
- iio: light: as73211: fix channel handling in only-color triggered buffer (git-fixes).
- iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes).
- iio: magnetometer: yas530: use signed integer type for clamp limits (git-fixes).
- iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes).
- iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes).
- instrumentation: Wire up cmpxchg128() (bsc#1220773).
- intel_th: core: fix kernel-doc warnings (git-fixes).
- io_uring/rw: avoid punting to io-wq directly (git-fixes).
- io_uring/tctx: work around xa_store() allocation error issue (git-fixes).
- io_uring: Fix registered ring file refcount leak (git-fixes).
- io_uring: always lock __io_cqring_overflow_flush (git-fixes).
- io_uring: check if iowq is killed before queuing (git-fixes).
- iommu/io-pgtable-arm: Fix stage-2 map/unmap for concatenated tables (git-fixes).
- ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
- ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-fixes).
- irqchip/gic-v3: Force propagation of the active state with a read-back (stable-fixes).
- irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (stable-fixes).
- irqflags: Explicitly ignore lockdep_hrtimer_exit() argument (git-fixes).
- isofs: handle CDs with bad root inode but good Joliet root directory (bsc#1234199).
- ixgbe: downgrade logging of unsupported VF API version to debug (git-fixes).
- ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (git-fixes).
- jffs2: Fix rtime decompressor (git-fixes).
- jffs2: Prevent rtime decompress memory corruption (git-fixes).
- jffs2: fix use of uninitialized variable (git-fixes).
- jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git-fixes).
- jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes).
- jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes).
- jfs: fix shift-out-of-bounds in dbSplit (git-fixes).
- jfs: xattr: check invalid xattr size more strictly (git-fixes).
- kABI workaround for struct auto_pin_cfg_item change (git-fixes).
- kABI workaround for struct drm_dp_mst_topology_mgr (git-fixes).
- kabi/severities: make vcap_find_actionfield PASS (bsc#1220773)
- kasan: make report_lock a raw spinlock (git-fixes).
- kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-fixes).
- kdb: Fix buffer overflow during tab-complete (bsc#1234652).
- kdb: Fix console handling when editing and tab-completing commands (bsc#1234655).
- kdb: Merge identical case statements in kdb_read() (bsc#1234657).
- kdb: Use format-specifiers rather than memset() for padding in kdb_read() (bsc#1234658).
- kdb: Use format-strings rather than '\0' injection in kdb_read() (bsc#1234654).
- kdb: Use the passed prompt in kdb_position_cursor() (bsc#1234654).
- kdb: address -Wformat-security warnings (bsc#1234659).
- kgdb: Flush console before entering kgdb on panic (bsc#1234651).
- kheaders: Ignore silly-rename files (stable-fixes).
- ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
- ktest.pl: Check kernelrelease return in get_version (git-fixes).
- ktest.pl: Fix typo "accesing" (git-fixes).
- ktest.pl: Fix typo in comment (git-fixes).
- ktest.pl: Remove unused declarations in run_bisect_test function (git-fixes).
- ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-fixes).
- landlock: Handle weird files (git-fixes).
- latencytop: use correct kernel-doc format for func params (git-fixes).
- leds: class: Protect brightness_show() with led_cdev->led_access mutex (stable-fixes).
- leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
- leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata() (git-fixes).
- lib/inflate.c: remove dead code (git-fixes).
- lib/stackdepot: print disabled message only if truly disabled (git-fixes).
- linux/dmaengine.h: fix a few kernel-doc warnings (git-fixes).
- locking/atomic/x86: Correct the definition of __arch_try_cmpxchg128() (bsc#1220773 git-fix).
- loop: fix the the direct I/O support check when used on top of block devices (bsc#1234143).
- mac80211: fix user-power when emulating chanctx (stable-fixes).
- mac802154: check local interfaces before deleting sdata list (stable-fixes).
- mailbox: pcc: Add support for platform notification handling (stable-fixes).
- mailbox: pcc: Support shared interrupt for multiple subspaces (stable-fixes).
- mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
- maple_tree: simplify split calculation (git-fixes).
- media: camif-core: Add check for clk_enable() (git-fixes).
- media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
- media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
- media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
- media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (stable-fixes).
- media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (git-fixes).
- media: dvb-usb-v2: af9035: fix ISO C90 compilation error on af9035_i2c_master_xfer (git-fixes).
- media: i2c: imx412: Add missing newline to prints (git-fixes).
- media: i2c: ov9282: Correct the exposure offset (git-fixes).
- media: imx-jpeg: Fix potential error pointer dereference in detach_pm() (git-fixes).
- media: imx296: Add standby delay during probe (git-fixes).
- media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
- media: marvell: Add check for clk_enable() (git-fixes).
- media: mc: fix endpoint iteration (git-fixes).
- media: mipi-csis: Add check for clk_enable() (git-fixes).
- media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
- media: ov5640: fix get_light_freq on auto (git-fixes).
- media: rc: iguanair: handle timeouts (git-fixes).
- media: rkisp1: Fix unused value issue (git-fixes).
- media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (stable-fixes).
- media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
- media: uvcvideo: Fix double free in error path (git-fixes).
- media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
- media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes).
- media: uvcvideo: Only save async fh if success (git-fixes).
- media: uvcvideo: Propagate buf->error to userspace (git-fixes).
- media: uvcvideo: RealSense D421 Depth module metadata (stable-fixes).
- media: uvcvideo: Remove dangling pointers (git-fixes).
- media: uvcvideo: Remove redundant NULL assignment (git-fixes).
- media: uvcvideo: Support partial control reads (git-fixes).
- memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git-fixes).
- memory-failure: use a folio in me_huge_page() (git-fixes).
- memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() (git-fixes).
- mfd: da9052-spi: Change read-mask to write-mask (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device (git-fixes).
- misc: fastrpc: Deregister device nodes properly in error scenarios (git-fixes).
- misc: fastrpc: Fix copy buffer page size (git-fixes).
- misc: fastrpc: Fix registered buffer page address (git-fixes).
- misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes).
- misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes).
- misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-fixes).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list (git-fixes).
- mm/filemap: avoid buffered read/write race to read inconsistent data (bsc#1234204).
- mm/memory-failure: cast index to loff_t before shifting it (git-fixes).
- mm/memory-failure: check the mapcount of the precise page (git-fixes).
- mm/memory-failure: fix crash in split_huge_page_to_list from soft_offline_page (git-fixes).
- mm/memory-failure: pass the folio and the page to collect_procs() (git-fixes).
- mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git-fixes).
- mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
- mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes).
- mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
- mm/memory_hotplug: use pfn math in place of direct struct page manipulation (git-fixes).
- mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes).
- mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git-fixes).
- mm/migrate: putback split folios when numa hint migration fails (git-fixes).
- mm/migrate: split source folio if it is on deferred split list (git-fixes).
- mm/page_owner: remove free_ts from page_owner output (git-fixes).
- mm/readahead: do not allow order-1 folio (bsc#1234205).
- mm/readahead: limit page cache size in page_cache_ra_order() (bsc#1234208).
- mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
- mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes).
- mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git-fixes).
- mm: memory-failure: fetch compound head after extra page refcnt is held (git-fixes).
- mm: memory-failure: fix potential page refcnt leak in memory_failure() (git-fixes).
- mm: memory-failure: fix race window when trying to get hugetlb folio (git-fixes).
- mm: memory-failure: remove unneeded PageHuge() check (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- mmc: core: Add SD card quirk for broken poweroff notification (stable-fixes).
- mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting (git-fixes).
- mmc: mtk-sd: fix devm_clk_get_optional usage (stable-fixes).
- mmc: sdhci-esdhc-imx: enable quirks SDHCI_QUIRK_NO_LED (stable-fixes).
- mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia Edu Atla 10 tablet (stable-fixes).
- mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (git-fixes).
- modpost: fix the missed iteration for the max bit in do_input() (git-fixes).
- mtd: diskonchip: Cast an operand to prevent potential overflow (git-fixes).
- mtd: hyperbus: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes).
- mtd: hyperbus: rpc-if: Convert to platform remove callback returning void (stable-fixes).
- mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
- mtd: rawnand: arasan: Fix double assertion of chip-select (git-fixes).
- mtd: rawnand: arasan: Fix missing de-registration of NAND (git-fixes).
- mtd: rawnand: fix double free in atmel_pmecc_create_user() (git-fixes).
- mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
- net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (git-fixes).
- net/ipv6: release expired exception dst cached in socket (bsc#1216813).
- net/mlx5e: CT: Fix null-ptr-deref in add rule err flow (git-fixes).
- net/mlx5e: Remove workaround to avoid syndrome for internal port (git-fixes).
- net/mlx5e: clear xdp features on non-uplink representors (git-fixes).
- net/qed: allow old cards not supporting "num_images" to work (git-fixes).
- net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
- net: Return error from sk_stream_wait_connect() if sk_wait_event() fails (git-fixes).
- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246).
- net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset (git-fixes).
- net: rose: fix timer races against user threads (git-fixes).
- net: usb: qmi_wwan: add Quectel RG650V (stable-fixes).
- net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes).
- net: usb: rtl8150: enable basic endpoint checking (git-fixes).
- net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() (git-fixes).
- net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
- netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778 ZDI-24-1454).
- nfs: ignore SB_RDONLY when mounting nfs (git-fixes).
- nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (git-fixes).
- nfsd: make sure exp active before svc_export_show (git-fixes).
- nfsd: release svc_expkey/svc_export with rcu_work (git-fixes).
- nfsd: restore callback functionality for NFSv4.0 (git-fixes).
- nilfs2: fix buffer head leaks in calls to truncate_inode_pages() (git-fixes).
- nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
- nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes).
- nilfs2: prevent use of deleted inode (git-fixes).
- nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes).
- nvme-rdma: unquiesce admin_q before destroy it (git-fixes).
- nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
- nvme-tcp: fix the memleak while create new ctrl failed (git-fixes).
- nvme/multipath: Fix RCU list traversal to use SRCU primitive (git-fixes).
- nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
- nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
- nvme: apple: fix device reference counting (git-fixes).
- nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-fixes).
- nvme: fix metadata handling in nvme-passthrough (git-fixes).
- nvmet-loop: avoid using mutex in IO hotpath (git-fixes).
- nvmet: propagate npwg topology (git-fixes).
- ocfs2: fix uninitialized value in ocfs2_file_read_iter() (git-fixes).
- ocfs2: free inode when ocfs2_get_init_inode() fails (git-fixes).
- of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (git-fixes).
- of: Fix error path in of_parse_phandle_with_args_map() (git-fixes).
- of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (git-fixes).
- of: address: Report error on resource bounds overflow (stable-fixes).
- padata: add pd get/put refcnt helper (git-fixes).
- padata: avoid UAF for reorder_work (git-fixes).
- padata: fix UAF in padata_reorder (git-fixes).
- parisc: Raise minimal GCC version (bsc#1220773).
- parisc: Raise minimal GCC version to 12.0.0 (bsc#1220773 git-fix).
- percpu: Add {raw,this}_cpu_try_cmpxchg() (bsc#1220773).
- percpu: Fix self-assignment of __old in raw_cpu_generic_try_cmpxchg() (bsc#1220773 git-fix).
- percpu: Wire up cmpxchg128 (bsc#1220773).
- phy: core: Fix an OF node refcount leakage in _of_phy_get() (git-fixes).
- phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (git-fixes).
- phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (git-fixes).
- phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (git-fixes).
- phy: core: Fix that API devm_phy_put() fails to release the phy (git-fixes).
- phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP (git-fixes).
- phy: rockchip: naneng-combphy: fix phy reset (git-fixes).
- phy: usb: Toggle the PHY power during init (git-fixes).
- pinctrl: amd: Take suspend type into consideration which pins are non-wake (git-fixes).
- pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes).
- pinctrl: qcom-pmic-gpio: add support for PM8937 (stable-fixes).
- pinctrl: qcom: spmi-mpp: Add PM8937 compatible (stable-fixes).
- pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional() fails (git-fixes).
- pinmux: Use sequential access to access desc->pinmux data (stable-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1225897).
- platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes).
- platform/x86: dell-smbios-base: Extends support to Alienware products (stable-fixes).
- platform/x86: dell-wmi-base: Handle META key Lock/Unlock events (stable-fixes).
- platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW showing incorrect fan speed (stable-fixes).
- pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
- power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
- power: supply: gpio-charger: Fix set charge current limits (git-fixes).
- powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108).
- powerpc/iommu: Move pSeries specific functions to pseries/iommu.c (bsc#1220711 ltc#205755).
- powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755).
- powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
- powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW (bsc#1218470 ltc#204531).
- powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825).
- pps: add an error check in parport_attach (git-fixes).
- pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- printk: Add is_printk_legacy_deferred() (bsc#1236733).
- printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
- proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git-fixes).
- pwm: stm32-lp: Add check for clk_enable() (git-fixes).
- pwm: stm32: Add check for clk_enable() (git-fixes).
- quota: Fix rcu annotations of inode dquot pointers (bsc#1234197).
- quota: explicitly forbid quota files from being encrypted (bsc#1234196).
- quota: flush quota_release_work upon quota writeback (bsc#1234195).
- quota: simplify drop_dquot_ref() (bsc#1234197).
- rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
- rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
- rcu: Dump memory object info if callback function is invalid (git-fixes)
- rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
- rcuscale: Move rcu_scale_writer() (git-fixes)
- rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
- readahead: use ilog2 instead of a while loop in page_cache_ra_order() (bsc#1234208).
- regmap: Use correct format specifier for logging range errors (stable-fixes).
- regulator: core: Add missing newline character (git-fixes).
- regulator: of: Implement the unwind path of of_regulator_match() (git-fixes).
- regulator: rk808: Add apply_bit for BUCK3 on RK809 (stable-fixes).
- remoteproc: core: Fix ida_free call while not allocated (git-fixes).
- rtc: cmos: avoid taking rtc_lock for extended period of time (stable-fixes).
- rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
- rtc: zynqmp: Fix optional clock name property (git-fixes).
- s390/cio: Do not unregister the subchannel based on DNV (git-fixes).
- s390/cpum_sf: Convert to cmpxchg128() (bsc#1220773).
- s390/cpum_sf: Handle CPU hotplug remove during sampling (git-fixes).
- s390/cpum_sf: Remove WARN_ON_ONCE statements (git-fixes).
- s390/facility: Disable compile time optimization for decompressor code (git-fixes).
- s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (git-fixes).
- s390/pageattr: Implement missing kernel_page_present() (git-fixes).
- s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
- samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
- scatterlist: fix incorrect func name in kernel-doc (git-fixes).
- sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat (bsc#1235865).
- sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi (bsc#1235865).
- sched/numa: fix memory leak due to the overwritten vma->numab_state (git fixes (sched/numa)).
- scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409).
- scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409).
- scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409).
- scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409).
- scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409).
- scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409).
- scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409).
- scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409).
- scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409).
- scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409).
- scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406).
- scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406).
- scsi: qla2xxx: Fix use after free on unload (bsc#1235406).
- scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406).
- scsi: qla2xxx: Remove the unused 'del_list_entry' field in struct fc_port (bsc#1235406).
- scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406).
- scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406).
- scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes).
- scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-fixes).
- seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
- selftest: media_tests: fix trivial UAF typo (git-fixes).
- selftests/alsa: Fix circular dependency involving global-timer (stable-fixes).
- selftests/bpf: Test PROBE_MEM of VSYSCALL_ADDR on x86-64 (git-fixes).
- selftests/landlock: Fix error message (git-fixes).
- selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
- selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
- selftests: harness: fix printing of mismatch values in __EXPECT() (git-fixes).
- selftests: mptcp: avoid spurious errors on disconnect (git-fixes).
- selftests: tc-testing: reduce rshift value (stable-fixes).
- selftests: timers: clocksource-switch: Adapt progress to kselftest framework (git-fixes).
- selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
- serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
- serial: 8250_dw: Add Sophgo SG2044 quirk (stable-fixes).
- serial: 8250_dw: Do not use struct dw8250_data outside of 8250_dw (git-fixes).
- serial: 8250_dw: Replace ACPI device check by a quirk (git-fixes).
- serial: 8250_fintek: Add support for F81216E (stable-fixes).
- serial: Do not hold the port lock when setting rx-during-tx GPIO (git-fixes).
- serial: amba-pl011: Fix RX stall when DMA is used (git-fixes).
- serial: amba-pl011: Use port lock wrappers (stable-fixes).
- serial: amba-pl011: fix build regression (git-fixes).
- serial: do not use uninitialized value in uart_poll_init() (git-fixes).
- serial: imx: only set receiver level if it is zero (git-fixes).
- serial: imx: set receiver level before starting uart (git-fixes).
- serial: qcom-geni: Do not cancel/abort if we can't get the port lock (git-fixes).
- serial: qcom-geni: disable interrupts during console writes (git-fixes).
- serial: qcom-geni: fix arg types for qcom_geni_serial_poll_bit() (git-fixes).
- serial: qcom-geni: fix console corruption (git-fixes).
- serial: qcom-geni: fix dma rx cancellation (git-fixes).
- serial: qcom-geni: fix false console tx restart (git-fixes).
- serial: qcom-geni: fix fifo polling timeout (git-fixes).
- serial: qcom-geni: fix hard lockup on buffer flush (git-fixes).
- serial: qcom-geni: fix polled console corruption (git-fixes).
- serial: qcom-geni: fix polled console initialisation (git-fixes).
- serial: qcom-geni: fix receiver enable (git-fixes).
- serial: qcom-geni: fix shutdown race (git-fixes).
- serial: qcom-geni: fix soft lockup on sw flow control and suspend (git-fixes).
- serial: qcom-geni: introduce qcom_geni_serial_poll_bitfield() (git-fixes).
- serial: qcom-geni: revert broken hibernation support (git-fixes).
- serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (git-fixes).
- serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
- serial: stm32: Return IRQ_NONE in the ISR if no handling happend (git-fixes).
- serial: stm32: do not always set SER_RS485_RX_DURING_TX if RS485 is enabled (git-fixes).
- slub: Replace cmpxchg_double() (bsc#1220773).
- slub: Replace cmpxchg_double() - KABI fix (bsc#1220773).
- smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: fix issue described in bsc#1233642]
- soc/fsl: cpm: qmc: Convert to platform remove callback returning void (stable-fixes).
- soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
- soc: fsl: cpm1: qmc: Fix blank line and spaces (stable-fixes).
- soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its CPM1 version (stable-fixes).
- soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their CPM1 version (stable-fixes).
- soc: fsl: cpm1: qmc: Re-order probe() operations (stable-fixes).
- soc: fsl: cpm1: qmc: Set the ret error code on platform_get_irq() failure (git-fixes).
- soc: imx8m: Probe the SoC driver as platform driver (stable-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
- soc: qcom: Add check devm_kasprintf() returned value (stable-fixes).
- soc: qcom: geni-se: Add M_TX_FIFO_NOT_EMPTY bit definition (git-fixes).
- soc: qcom: geni-se: add GP_LENGTH/IRQ_EN_SET/IRQ_EN_CLEAR registers (git-fixes).
- soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
- soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
- soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (git-fixes).
- sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
- sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes).
- spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() (git-fixes).
- spi: zynq-qspi: Add check for clk_enable() (git-fixes).
- srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
- srcu: Only accelerate on enqueue time (git-fixes)
- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
- staging: iio: ad9832: Correct phase range check (git-fixes).
- staging: iio: ad9834: Correct phase range check (git-fixes).
- staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-fixes).
- staging: media: max96712: fix kernel oops when removing module (git-fixes).
- sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (git-fixes).
- sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (git-fixes).
- sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() (git-fixes).
- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8645)
- svcrdma: Address an integer overflow (git-fixes).
- svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git-fixes).
- swiotlb: Enforce page alignment in swiotlb_alloc() (git-fixes).
- swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE (git-fixes).
- thermal/drivers/qcom/tsens-v1: Add support for MSM8937 tsens (stable-fixes).
- thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes).
- thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
- thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes).
- tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
- tools: Sync if_xdp.h uapi tooling header (git-fixes).
- tools: hv: change permissions of NetworkManager configuration file (git-fixes).
- tpm/eventlog: Limit memory allocations for event logs with excessive size (bsc#1233260 bsc#1233259 bsc#1232421).
- tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421).
- tpm_tis_spi: Release chip select when flow control fails (bsc#1234338)
- tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes).
- tty: serial: kgdboc: Fix 8250_* kgdb over serial (git-fixes).
- types: Introduce [us]128 (bsc#1220773).
- ubifs: Correct the total block count by deducting journal reservation (git-fixes).
- ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git-fixes).
- ubifs: skip dumping tnc tree when zroot is null (git-fixes).
- udf: Fix lock ordering in udf_evict_inode() (bsc#1234238).
- udf: fix uninit-value use in udf_get_fileshortad (bsc#1234243).
- udf: prevent integer overflow in udf_bitmap_free_blocks() (bsc#1234239).
- udf: refactor inode_bmap() to handle error (bsc#1234242).
- udf: refactor udf_current_aext() to handle error (bsc#1234240).
- udf: refactor udf_next_aext() to handle error (bsc#1234241).
- udf: udftime: prevent overflow in udf_disk_stamp_to_time() (bsc#1234237).
- uio: Fix return value of poll (git-fixes).
- uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-fixes).
- usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
- usb: add support for new USB device ID 0x17EF:0x3098 for the r8152 driver (stable-fixes).
- usb: cdns3-ti: Add workaround for Errata i2409 (stable-fixes).
- usb: cdns3: Add quirk flag to enable suspend residency (stable-fixes).
- usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes).
- usb: chipidea: udc: handle USB Error Interrupt if IOC not set (stable-fixes).
- usb: dwc2: Fix HCD port connection race (git-fixes).
- usb: dwc2: Fix HCD resume (git-fixes).
- usb: dwc2: gadget: Do not write invalid mapped sg entries into dma_desc with iommu enabled (stable-fixes).
- usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (git-fixes).
- usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
- usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
- usb: dwc3: ep0: Do not clear ep0 DWC3_EP_TRANSFER_STARTED (git-fixes).
- usb: dwc3: ep0: Do not reset resource alloc flag (git-fixes).
- usb: dwc3: ep0: Do not reset resource alloc flag (including ep0) (git-fixes).
- usb: dwc3: gadget: Rewrite endpoint allocation flow (stable-fixes).
- usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
- usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode (git-fixes).
- usb: ehci-hcd: fix call balance of clocks handling routines (git-fixes).
- usb: fix reference leak in usb_new_device() (git-fixes).
- usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes).
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes).
- usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
- usb: gadget: f_tcm: Do not free command immediately (git-fixes).
- usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
- usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
- usb: gadget: f_tcm: Translate error to sense (git-fixes).
- usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes).
- usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes).
- usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (git-fixes).
- usb: host: max3421-hcd: Correctly abort a USB request (git-fixes).
- usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
- usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe() (git-fixes).
- usb: typec: anx7411: fix fwnode_handle reference leak (git-fixes).
- usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (bsc#1235001)
- usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes).
- usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (git-fixes).
- usb: typec: use cleanup facility for 'altmodes_node' (stable-fixes).
- usbnet: ipheth: break up NCM header size computation (git-fixes).
- usbnet: ipheth: check that DPE points past NCM header (git-fixes).
- usbnet: ipheth: fix DPE OoB read (git-fixes).
- usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
- usbnet: ipheth: refactor NCM datagram loop (git-fixes).
- usbnet: ipheth: use static NDP16 location in URB (git-fixes).
- vDPA/ifcvf: Fix pci_read_config_byte() return code handling (git-fixes).
- vdpa/mlx5: Fix PA offset with unaligned starting iotlb map (git-fixes).
- vdpa/mlx5: Fix suboptimal range on iotlb iteration (git-fixes).
- vdpa: solidrun: Fix UB bug with devres (git-fixes).
- vfs: fix readahead(2) on block devices (bsc#1234201).
- vmscan,migrate: fix page count imbalance on node stats when demoting pages (git-fixes).
- watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes).
- watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset (stable-fixes).
- watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes).
- wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855 (git-fixes).
- wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
- wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-fixes).
- wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
- wifi: ath5k: add PCI ID for Arcadyan devices (git-fixes).
- wifi: ath5k: add PCI ID for SX76X (git-fixes).
- wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (stable-fixes).
- wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
- wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
- wifi: cfg80211: sme: init n_channels before channels[] access (git-fixes).
- wifi: cw1200: Fix potential NULL dereference (git-fixes).
- wifi: ipw2x00: libipw_rx_any(): fix bad alignment (stable-fixes).
- wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
- wifi: iwlwifi: mvm: Use the sync timepoint API in suspend (stable-fixes).
- wifi: mac80211: Add non-atomic station iterator (stable-fixes).
- wifi: mac80211: Fix common size calculation for ML element (git-fixes).
- wifi: mac80211: clean up 'ret' in sta_link_apply_parameters() (stable-fixes).
- wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
- wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable-fixes).
- wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes).
- wifi: mac80211: fix station NSS capability initialization order (git-fixes).
- wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
- wifi: mac80211: init cnt before accessing elem in ieee80211_copy_mbssid_beacon (git-fixes).
- wifi: mac80211: prohibit deactivating all links (git-fixes).
- wifi: mac80211: wake the queues in case of failure in resume (stable-fixes).
- wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO (git-fixes).
- wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
- wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916 (git-fixes).
- wifi: mt76: mt7915: firmware restart on devices with a second pcie link (git-fixes).
- wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-fixes).
- wifi: mt76: mt7915: fix register mapping (git-fixes).
- wifi: mt76: mt7921: fix using incorrect group cipher after disconnection (git-fixes).
- wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
- wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
- wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
- wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
- wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
- wifi: mt76: mt7996: fix ldpc setting (git-fixes).
- wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-fixes).
- wifi: mt76: mt7996: fix register mapping (git-fixes).
- wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-fixes).
- wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-fixes).
- wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one (git-fixes).
- wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures (stable-fixes).
- wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
- wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
- wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
- wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-fixes).
- wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-fixes).
- wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
- wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (git-fixes).
- wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
- wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop (git-fixes).
- wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
- wifi: rtlwifi: wait for firmware loading before releasing memory (git-fixes).
- wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes).
- wifi: rtw89: check return value of ieee80211_probereq_get() for RNR (stable-fixes).
- wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
- wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
- wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
- workqueue: Add rcu lock check at the end of work item execution (bsc#1236732).
- workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416).
- writeback, cgroup: switch inodes with dirty timestamps to release dying cgwbs (bsc#1234203).
- x86,amd_iommu: Replace cmpxchg_double() (bsc#1220773).
- x86,intel_iommu: Replace cmpxchg_double() (bsc#1220773).
- x86/hyperv: Fix hv tsc page based sched_clock for hibernation (git-fixes).
- x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes).
- xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
- xfs: Propagate errors from xfs_reflink_cancel_cow_range in xfs_dax_write_iomap_end (git-fixes).
- xfs: do not allocate COW extents when unsharing a hole (git-fixes).
- xfs: fix sb_spino_align checks for large fsblock sizes (git-fixes).
- xfs: remove unknown compat feature check in superblock write validation (git-fixes).
- xfs: return from xfs_symlink_verify early on V4 filesystems (git-fixes).
- xfs: sb_spino_align is not verified (git-fixes).
- xhci: Add usb cold attach (CAS) as a reason to resume root hub (git-fixes).
- xhci: Allow RPM on the USB controller (1022:43f7) by default (stable-fixes).
- xhci: fix possible null pointer deref during xhci urb enqueue (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1194869SUSE bug 1214954SUSE bug 1215199SUSE bug 1216813SUSE bug 1218470SUSE bug 1220711SUSE bug 1220773SUSE bug 1224095SUSE bug 1224726SUSE bug 1225743SUSE bug 1225820SUSE bug 1225897SUSE bug 1226980SUSE bug 1227445SUSE bug 1228526SUSE bug 1228592SUSE bug 1229809SUSE bug 1229833SUSE bug 1230205SUSE bug 1230413SUSE bug 1230697SUSE bug 1231016SUSE bug 1231854SUSE bug 1231909SUSE bug 1231963SUSE bug 1232087SUSE bug 1232101SUSE bug 1232158SUSE bug 1232161SUSE bug 1232193SUSE bug 1232198SUSE bug 1232201SUSE bug 1232418SUSE bug 1232419SUSE bug 1232420SUSE bug 1232421SUSE bug 1232436SUSE bug 1232882SUSE bug 1233038SUSE bug 1233055SUSE bug 1233070SUSE bug 1233096SUSE bug 1233112SUSE bug 1233200SUSE bug 1233204SUSE bug 1233239SUSE bug 1233259SUSE bug 1233260SUSE bug 1233324SUSE bug 1233328SUSE bug 1233461SUSE bug 1233467SUSE bug 1233469SUSE bug 1233488SUSE bug 1233546SUSE bug 1233558SUSE bug 1233637SUSE bug 1233638SUSE bug 1233642SUSE bug 1233772SUSE bug 1233778SUSE bug 1233837SUSE bug 1234024SUSE bug 1234069SUSE bug 1234071SUSE bug 1234073SUSE bug 1234075SUSE bug 1234076SUSE bug 1234077SUSE bug 1234079SUSE bug 1234086SUSE bug 1234139SUSE bug 1234140SUSE bug 1234141SUSE bug 1234142SUSE bug 1234143SUSE bug 1234144SUSE bug 1234145SUSE bug 1234146SUSE bug 1234147SUSE bug 1234148SUSE bug 1234149SUSE bug 1234150SUSE bug 1234153SUSE bug 1234155SUSE bug 1234156SUSE bug 1234158SUSE bug 1234159SUSE bug 1234160SUSE bug 1234161SUSE bug 1234162SUSE bug 1234163SUSE bug 1234164SUSE bug 1234165SUSE bug 1234166SUSE bug 1234167SUSE bug 1234168SUSE bug 1234169SUSE bug 1234170SUSE bug 1234171SUSE bug 1234172SUSE bug 1234173SUSE bug 1234174SUSE bug 1234175SUSE bug 1234176SUSE bug 1234177SUSE bug 1234178SUSE bug 1234179SUSE bug 1234180SUSE bug 1234181SUSE bug 1234182SUSE bug 1234183SUSE bug 1234184SUSE bug 1234185SUSE bug 1234186SUSE bug 1234187SUSE bug 1234188SUSE bug 1234189SUSE bug 1234190SUSE bug 1234191SUSE bug 1234192SUSE bug 1234193SUSE bug 1234194SUSE bug 1234195SUSE bug 1234196SUSE bug 1234197SUSE bug 1234198SUSE bug 1234199SUSE bug 1234200SUSE bug 1234201SUSE bug 1234203SUSE bug 1234204SUSE bug 1234205SUSE bug 1234207SUSE bug 1234208SUSE bug 1234209SUSE bug 1234219SUSE bug 1234220SUSE bug 1234221SUSE bug 1234237SUSE bug 1234238SUSE bug 1234239SUSE bug 1234240SUSE bug 1234241SUSE bug 1234242SUSE bug 1234243SUSE bug 1234278SUSE bug 1234279SUSE bug 1234280SUSE bug 1234281SUSE bug 1234282SUSE bug 1234294SUSE bug 1234338SUSE bug 1234357SUSE bug 1234381SUSE bug 1234454SUSE bug 1234464SUSE bug 1234605SUSE bug 1234619SUSE bug 1234635SUSE bug 1234651SUSE bug 1234652SUSE bug 1234654SUSE bug 1234655SUSE bug 1234657SUSE bug 1234658SUSE bug 1234659SUSE bug 1234668SUSE bug 1234683SUSE bug 1234690SUSE bug 1234693SUSE bug 1234725SUSE bug 1234726SUSE bug 1234810SUSE bug 1234811SUSE bug 1234825SUSE bug 1234826SUSE bug 1234827SUSE bug 1234829SUSE bug 1234832SUSE bug 1234834SUSE bug 1234843SUSE bug 1234846SUSE bug 1234848SUSE bug 1234853SUSE bug 1234855SUSE bug 1234856SUSE bug 1234863SUSE bug 1234884SUSE bug 1234887SUSE bug 1234888SUSE bug 1234889SUSE bug 1234891SUSE bug 1234893SUSE bug 1234898SUSE bug 1234899SUSE bug 1234900SUSE bug 1234901SUSE bug 1234905SUSE bug 1234906SUSE bug 1234907SUSE bug 1234909SUSE bug 1234911SUSE bug 1234912SUSE bug 1234916SUSE bug 1234918SUSE bug 1234920SUSE bug 1234921SUSE bug 1234922SUSE bug 1234923SUSE bug 1234929SUSE bug 1234930SUSE bug 1234931SUSE bug 1234934SUSE bug 1234937SUSE bug 1234947SUSE bug 1234948SUSE bug 1234950SUSE bug 1234952SUSE bug 1234957SUSE bug 1234960SUSE bug 1234962SUSE bug 1234963SUSE bug 1234968SUSE bug 1234969SUSE bug 1234970SUSE bug 1234971SUSE bug 1234973SUSE bug 1234974SUSE bug 1234989SUSE bug 1234999SUSE bug 1235000SUSE bug 1235001SUSE bug 1235002SUSE bug 1235003SUSE bug 1235004SUSE bug 1235007SUSE bug 1235009SUSE bug 1235011SUSE bug 1235016SUSE bug 1235019SUSE bug 1235031SUSE bug 1235032SUSE bug 1235033SUSE bug 1235035SUSE bug 1235037SUSE bug 1235038SUSE bug 1235039SUSE bug 1235040SUSE bug 1235042SUSE bug 1235043SUSE bug 1235045SUSE bug 1235046SUSE bug 1235050SUSE bug 1235051SUSE bug 1235053SUSE bug 1235054SUSE bug 1235056SUSE bug 1235057SUSE bug 1235059SUSE bug 1235061SUSE bug 1235065SUSE bug 1235070SUSE bug 1235073SUSE bug 1235075SUSE bug 1235100SUSE bug 1235108SUSE bug 1235112SUSE bug 1235115SUSE bug 1235117SUSE bug 1235122SUSE bug 1235123SUSE bug 1235125SUSE bug 1235128SUSE bug 1235132SUSE bug 1235133SUSE bug 1235134SUSE bug 1235138SUSE bug 1235155SUSE bug 1235160SUSE bug 1235217SUSE bug 1235219SUSE bug 1235220SUSE bug 1235222SUSE bug 1235223SUSE bug 1235224SUSE bug 1235227SUSE bug 1235230SUSE bug 1235241SUSE bug 1235246SUSE bug 1235249SUSE bug 1235251SUSE bug 1235252SUSE bug 1235389SUSE bug 1235390SUSE bug 1235391SUSE bug 1235406SUSE bug 1235409SUSE bug 1235410SUSE bug 1235412SUSE bug 1235413SUSE bug 1235415SUSE bug 1235416SUSE bug 1235417SUSE bug 1235418SUSE bug 1235423SUSE bug 1235424SUSE bug 1235425SUSE bug 1235426SUSE bug 1235427SUSE bug 1235428SUSE bug 1235429SUSE bug 1235430SUSE bug 1235433SUSE bug 1235437SUSE bug 1235439SUSE bug 1235444SUSE bug 1235445SUSE bug 1235449SUSE bug 1235451SUSE bug 1235454SUSE bug 1235458SUSE bug 1235459SUSE bug 1235464SUSE bug 1235466SUSE bug 1235473SUSE bug 1235479SUSE bug 1235480SUSE bug 1235483SUSE bug 1235486SUSE bug 1235487SUSE bug 1235488SUSE bug 1235489SUSE bug 1235491SUSE bug 1235494SUSE bug 1235495SUSE bug 1235496SUSE bug 1235497SUSE bug 1235498SUSE bug 1235500SUSE bug 1235502SUSE bug 1235503SUSE bug 1235507SUSE bug 1235519SUSE bug 1235520SUSE bug 1235521SUSE bug 1235523SUSE bug 1235526SUSE bug 1235528SUSE bug 1235532SUSE bug 1235533SUSE bug 1235534SUSE bug 1235537SUSE bug 1235538SUSE bug 1235545SUSE bug 1235550SUSE bug 1235552SUSE bug 1235555SUSE bug 1235557SUSE bug 1235563SUSE bug 1235564SUSE bug 1235565SUSE bug 1235568SUSE bug 1235570SUSE bug 1235571SUSE bug 1235577SUSE bug 1235578SUSE bug 1235582SUSE bug 1235583SUSE bug 1235584SUSE bug 1235587SUSE bug 1235611SUSE bug 1235612SUSE bug 1235616SUSE bug 1235622SUSE bug 1235627SUSE bug 1235632SUSE bug 1235635SUSE bug 1235638SUSE bug 1235641SUSE bug 1235643SUSE bug 1235645SUSE bug 1235646SUSE bug 1235647SUSE bug 1235650SUSE bug 1235653SUSE bug 1235656SUSE bug 1235657SUSE bug 1235663SUSE bug 1235686SUSE bug 1235700SUSE bug 1235705SUSE bug 1235707SUSE bug 1235708SUSE bug 1235710SUSE bug 1235714SUSE bug 1235716SUSE bug 1235720SUSE bug 1235723SUSE bug 1235727SUSE bug 1235730SUSE bug 1235737SUSE bug 1235739SUSE bug 1235745SUSE bug 1235747SUSE bug 1235750SUSE bug 1235753SUSE bug 1235759SUSE bug 1235764SUSE bug 1235768SUSE bug 1235776SUSE bug 1235777SUSE bug 1235778SUSE bug 1235779SUSE bug 1235793SUSE bug 1235798SUSE bug 1235806SUSE bug 1235808SUSE bug 1235812SUSE bug 1235814SUSE bug 1235818SUSE bug 1235842SUSE bug 1235865SUSE bug 1235894SUSE bug 1235902SUSE bug 1235903SUSE bug 1235906SUSE bug 1235918SUSE bug 1235919SUSE bug 1235920SUSE bug 1235924SUSE bug 1235940SUSE bug 1235941SUSE bug 1235946SUSE bug 1235948SUSE bug 1235952SUSE bug 1235964SUSE bug 1235965SUSE bug 1235967SUSE bug 1235969SUSE bug 1235976SUSE bug 1235977SUSE bug 1236078SUSE bug 1236080SUSE bug 1236082SUSE bug 1236088SUSE bug 1236090SUSE bug 1236091SUSE bug 1236096SUSE bug 1236097SUSE bug 1236098SUSE bug 1236101SUSE bug 1236102SUSE bug 1236104SUSE bug 1236106SUSE bug 1236120SUSE bug 1236125SUSE bug 1236127SUSE bug 1236131SUSE bug 1236138SUSE bug 1236143SUSE bug 1236144SUSE bug 1236145SUSE bug 1236160SUSE bug 1236161SUSE bug 1236163SUSE bug 1236168SUSE bug 1236178SUSE bug 1236180SUSE bug 1236181SUSE bug 1236182SUSE bug 1236190SUSE bug 1236192SUSE bug 1236198SUSE bug 1236227SUSE bug 1236245SUSE bug 1236247SUSE bug 1236248SUSE bug 1236260SUSE bug 1236262SUSE bug 1236628SUSE bug 1236688SUSE bug 1236696SUSE bug 1236703SUSE bug 1236732SUSE bug 1236733CVE-2023-52923 at SUSECVE-2023-52923 at NVDCVE-2024-26924 at SUSECVE-2024-26924 at NVDCVE-2024-27397 at SUSECVE-2024-27397 at NVDCVE-2024-35839 at SUSECVE-2024-35839 at NVDCVE-2024-36476 at SUSECVE-2024-36476 at NVDCVE-2024-36908 at SUSECVE-2024-36908 at NVDCVE-2024-39282 at SUSECVE-2024-39282 at NVDCVE-2024-39480 at SUSECVE-2024-39480 at NVDCVE-2024-41042 at SUSECVE-2024-41042 at NVDCVE-2024-43913 at SUSECVE-2024-43913 at NVDCVE-2024-44934 at SUSECVE-2024-44934 at NVDCVE-2024-44996 at SUSECVE-2024-44996 at NVDCVE-2024-45828 at SUSECVE-2024-45828 at NVDCVE-2024-46896 at SUSECVE-2024-46896 at NVDCVE-2024-47141 at SUSECVE-2024-47141 at NVDCVE-2024-47143 at SUSECVE-2024-47143 at NVDCVE-2024-47678 at SUSECVE-2024-47678 at NVDCVE-2024-47809 at SUSECVE-2024-47809 at NVDCVE-2024-48873 at SUSECVE-2024-48873 at NVDCVE-2024-48881 at SUSECVE-2024-48881 at NVDCVE-2024-49569 at SUSECVE-2024-49569 at NVDCVE-2024-49854 at SUSECVE-2024-49854 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49915 at SUSECVE-2024-49915 at NVDCVE-2024-49948 at SUSECVE-2024-49948 at NVDCVE-2024-49951 at SUSECVE-2024-49951 at NVDCVE-2024-49978 at SUSECVE-2024-49978 at NVDCVE-2024-49998 at SUSECVE-2024-49998 at NVDCVE-2024-50016 at SUSECVE-2024-50016 at NVDCVE-2024-50018 at SUSECVE-2024-50018 at NVDCVE-2024-50039 at SUSECVE-2024-50039 at NVDCVE-2024-50047 at SUSECVE-2024-50047 at NVDCVE-2024-50051 at SUSECVE-2024-50051 at NVDCVE-2024-50106 at SUSECVE-2024-50106 at NVDCVE-2024-50143 at SUSECVE-2024-50143 at NVDCVE-2024-50151 at SUSECVE-2024-50151 at NVDCVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-50199 at SUSECVE-2024-50199 at NVDCVE-2024-50202 at SUSECVE-2024-50202 at NVDCVE-2024-50203 at SUSECVE-2024-50203 at NVDCVE-2024-50211 at SUSECVE-2024-50211 at NVDCVE-2024-50228 at SUSECVE-2024-50228 at NVDCVE-2024-50256 at SUSECVE-2024-50256 at NVDCVE-2024-50262 at SUSECVE-2024-50262 at NVDCVE-2024-50272 at SUSECVE-2024-50272 at NVDCVE-2024-50278 at SUSECVE-2024-50278 at NVDCVE-2024-50280 at SUSECVE-2024-50280 at NVDCVE-2024-50299 at SUSECVE-2024-50299 at NVDCVE-2024-52332 at SUSECVE-2024-52332 at NVDCVE-2024-53050 at SUSECVE-2024-53050 at NVDCVE-2024-53064 at SUSECVE-2024-53064 at NVDCVE-2024-53090 at SUSECVE-2024-53090 at NVDCVE-2024-53091 at SUSECVE-2024-53091 at NVDCVE-2024-53095 at SUSECVE-2024-53095 at NVDCVE-2024-53099 at SUSECVE-2024-53099 at NVDCVE-2024-53103 at SUSECVE-2024-53103 at NVDCVE-2024-53105 at SUSECVE-2024-53105 at NVDCVE-2024-53111 at SUSECVE-2024-53111 at NVDCVE-2024-53113 at SUSECVE-2024-53113 at NVDCVE-2024-53117 at SUSECVE-2024-53117 at NVDCVE-2024-53118 at SUSECVE-2024-53118 at NVDCVE-2024-53119 at SUSECVE-2024-53119 at NVDCVE-2024-53120 at SUSECVE-2024-53120 at NVDCVE-2024-53122 at SUSECVE-2024-53122 at NVDCVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-53126 at SUSECVE-2024-53126 at NVDCVE-2024-53127 at SUSECVE-2024-53127 at NVDCVE-2024-53129 at SUSECVE-2024-53129 at NVDCVE-2024-53130 at SUSECVE-2024-53130 at NVDCVE-2024-53131 at SUSECVE-2024-53131 at NVDCVE-2024-53133 at SUSECVE-2024-53133 at NVDCVE-2024-53134 at SUSECVE-2024-53134 at NVDCVE-2024-53136 at SUSECVE-2024-53136 at NVDCVE-2024-53141 at SUSECVE-2024-53141 at NVDCVE-2024-53142 at SUSECVE-2024-53142 at NVDCVE-2024-53144 at SUSECVE-2024-53144 at NVDCVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53148 at SUSECVE-2024-53148 at NVDCVE-2024-53150 at SUSECVE-2024-53150 at NVDCVE-2024-53151 at SUSECVE-2024-53151 at NVDCVE-2024-53154 at SUSECVE-2024-53154 at NVDCVE-2024-53155 at SUSECVE-2024-53155 at NVDCVE-2024-53156 at SUSECVE-2024-53156 at NVDCVE-2024-53157 at SUSECVE-2024-53157 at NVDCVE-2024-53158 at SUSECVE-2024-53158 at NVDCVE-2024-53159 at SUSECVE-2024-53159 at NVDCVE-2024-53160 at SUSECVE-2024-53160 at NVDCVE-2024-53161 at SUSECVE-2024-53161 at NVDCVE-2024-53162 at SUSECVE-2024-53162 at NVDCVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2024-53169 at SUSECVE-2024-53169 at NVDCVE-2024-53170 at SUSECVE-2024-53170 at NVDCVE-2024-53171 at SUSECVE-2024-53171 at NVDCVE-2024-53172 at SUSECVE-2024-53172 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53174 at SUSECVE-2024-53174 at NVDCVE-2024-53175 at SUSECVE-2024-53175 at NVDCVE-2024-53179 at SUSECVE-2024-53179 at NVDCVE-2024-53180 at SUSECVE-2024-53180 at NVDCVE-2024-53185 at SUSECVE-2024-53185 at NVDCVE-2024-53187 at SUSECVE-2024-53187 at NVDCVE-2024-53188 at SUSECVE-2024-53188 at NVDCVE-2024-53190 at SUSECVE-2024-53190 at NVDCVE-2024-53191 at SUSECVE-2024-53191 at NVDCVE-2024-53194 at SUSECVE-2024-53194 at NVDCVE-2024-53195 at SUSECVE-2024-53195 at NVDCVE-2024-53196 at SUSECVE-2024-53196 at NVDCVE-2024-53197 at SUSECVE-2024-53197 at NVDCVE-2024-53198 at SUSECVE-2024-53198 at NVDCVE-2024-53200 at SUSECVE-2024-53200 at NVDCVE-2024-53201 at SUSECVE-2024-53201 at NVDCVE-2024-53202 at SUSECVE-2024-53202 at NVDCVE-2024-53203 at SUSECVE-2024-53203 at NVDCVE-2024-53206 at SUSECVE-2024-53206 at NVDCVE-2024-53207 at SUSECVE-2024-53207 at NVDCVE-2024-53208 at SUSECVE-2024-53208 at NVDCVE-2024-53209 at SUSECVE-2024-53209 at NVDCVE-2024-53210 at SUSECVE-2024-53210 at NVDCVE-2024-53213 at SUSECVE-2024-53213 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-53215 at SUSECVE-2024-53215 at NVDCVE-2024-53216 at SUSECVE-2024-53216 at NVDCVE-2024-53217 at SUSECVE-2024-53217 at NVDCVE-2024-53222 at SUSECVE-2024-53222 at NVDCVE-2024-53224 at SUSECVE-2024-53224 at NVDCVE-2024-53227 at SUSECVE-2024-53227 at NVDCVE-2024-53229 at SUSECVE-2024-53229 at NVDCVE-2024-53230 at SUSECVE-2024-53230 at NVDCVE-2024-53231 at SUSECVE-2024-53231 at NVDCVE-2024-53232 at SUSECVE-2024-53232 at NVDCVE-2024-53233 at SUSECVE-2024-53233 at NVDCVE-2024-53234 at SUSECVE-2024-53234 at NVDCVE-2024-53236 at SUSECVE-2024-53236 at NVDCVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-53239 at SUSECVE-2024-53239 at NVDCVE-2024-53240 at SUSECVE-2024-53240 at NVDCVE-2024-53241 at SUSECVE-2024-53241 at NVDCVE-2024-53685 at SUSECVE-2024-53685 at NVDCVE-2024-53690 at SUSECVE-2024-53690 at NVDCVE-2024-54680 at SUSECVE-2024-54680 at NVDCVE-2024-55639 at SUSECVE-2024-55639 at NVDCVE-2024-55881 at SUSECVE-2024-55881 at NVDCVE-2024-55916 at SUSECVE-2024-55916 at NVDCVE-2024-56369 at SUSECVE-2024-56369 at NVDCVE-2024-56372 at SUSECVE-2024-56372 at NVDCVE-2024-56531 at SUSECVE-2024-56531 at NVDCVE-2024-56532 at SUSECVE-2024-56532 at NVDCVE-2024-56533 at SUSECVE-2024-56533 at NVDCVE-2024-56536 at SUSECVE-2024-56536 at NVDCVE-2024-56538 at SUSECVE-2024-56538 at NVDCVE-2024-56539 at SUSECVE-2024-56539 at NVDCVE-2024-56543 at SUSECVE-2024-56543 at NVDCVE-2024-56546 at SUSECVE-2024-56546 at NVDCVE-2024-56548 at SUSECVE-2024-56548 at NVDCVE-2024-56549 at SUSECVE-2024-56549 at NVDCVE-2024-56551 at SUSECVE-2024-56551 at NVDCVE-2024-56557 at SUSECVE-2024-56557 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-56562 at SUSECVE-2024-56562 at NVDCVE-2024-56566 at SUSECVE-2024-56566 at NVDCVE-2024-56567 at SUSECVE-2024-56567 at NVDCVE-2024-56568 at SUSECVE-2024-56568 at NVDCVE-2024-56569 at SUSECVE-2024-56569 at NVDCVE-2024-56570 at SUSECVE-2024-56570 at NVDCVE-2024-56571 at SUSECVE-2024-56571 at NVDCVE-2024-56572 at SUSECVE-2024-56572 at NVDCVE-2024-56573 at SUSECVE-2024-56573 at NVDCVE-2024-56574 at SUSECVE-2024-56574 at NVDCVE-2024-56575 at SUSECVE-2024-56575 at NVDCVE-2024-56576 at SUSECVE-2024-56576 at NVDCVE-2024-56577 at SUSECVE-2024-56577 at NVDCVE-2024-56578 at SUSECVE-2024-56578 at NVDCVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56584 at SUSECVE-2024-56584 at NVDCVE-2024-56587 at SUSECVE-2024-56587 at NVDCVE-2024-56588 at SUSECVE-2024-56588 at NVDCVE-2024-56589 at SUSECVE-2024-56589 at NVDCVE-2024-56590 at SUSECVE-2024-56590 at NVDCVE-2024-56593 at SUSECVE-2024-56593 at NVDCVE-2024-56594 at SUSECVE-2024-56594 at NVDCVE-2024-56595 at SUSECVE-2024-56595 at NVDCVE-2024-56596 at SUSECVE-2024-56596 at NVDCVE-2024-56597 at SUSECVE-2024-56597 at NVDCVE-2024-56598 at SUSECVE-2024-56598 at NVDCVE-2024-56599 at SUSECVE-2024-56599 at NVDCVE-2024-56600 at SUSECVE-2024-56600 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56602 at SUSECVE-2024-56602 at NVDCVE-2024-56603 at SUSECVE-2024-56603 at NVDCVE-2024-56604 at SUSECVE-2024-56604 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDCVE-2024-56606 at SUSECVE-2024-56606 at NVDCVE-2024-56607 at SUSECVE-2024-56607 at NVDCVE-2024-56608 at SUSECVE-2024-56608 at NVDCVE-2024-56609 at SUSECVE-2024-56609 at NVDCVE-2024-56610 at SUSECVE-2024-56610 at NVDCVE-2024-56611 at SUSECVE-2024-56611 at NVDCVE-2024-56614 at SUSECVE-2024-56614 at NVDCVE-2024-56615 at SUSECVE-2024-56615 at NVDCVE-2024-56616 at SUSECVE-2024-56616 at NVDCVE-2024-56617 at SUSECVE-2024-56617 at NVDCVE-2024-56619 at SUSECVE-2024-56619 at NVDCVE-2024-56620 at SUSECVE-2024-56620 at NVDCVE-2024-56622 at SUSECVE-2024-56622 at NVDCVE-2024-56623 at SUSECVE-2024-56623 at NVDCVE-2024-56625 at SUSECVE-2024-56625 at NVDCVE-2024-56629 at SUSECVE-2024-56629 at NVDCVE-2024-56630 at SUSECVE-2024-56630 at NVDCVE-2024-56631 at SUSECVE-2024-56631 at NVDCVE-2024-56632 at SUSECVE-2024-56632 at NVDCVE-2024-56634 at SUSECVE-2024-56634 at NVDCVE-2024-56635 at SUSECVE-2024-56635 at NVDCVE-2024-56636 at SUSECVE-2024-56636 at NVDCVE-2024-56637 at SUSECVE-2024-56637 at NVDCVE-2024-56641 at SUSECVE-2024-56641 at NVDCVE-2024-56642 at SUSECVE-2024-56642 at NVDCVE-2024-56643 at SUSECVE-2024-56643 at NVDCVE-2024-56644 at SUSECVE-2024-56644 at NVDCVE-2024-56645 at SUSECVE-2024-56645 at NVDCVE-2024-56648 at SUSECVE-2024-56648 at NVDCVE-2024-56649 at SUSECVE-2024-56649 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-56651 at SUSECVE-2024-56651 at NVDCVE-2024-56654 at SUSECVE-2024-56654 at NVDCVE-2024-56656 at SUSECVE-2024-56656 at NVDCVE-2024-56659 at SUSECVE-2024-56659 at NVDCVE-2024-56660 at SUSECVE-2024-56660 at NVDCVE-2024-56661 at SUSECVE-2024-56661 at NVDCVE-2024-56662 at SUSECVE-2024-56662 at NVDCVE-2024-56663 at SUSECVE-2024-56663 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2024-56665 at SUSECVE-2024-56665 at NVDCVE-2024-56667 at SUSECVE-2024-56667 at NVDCVE-2024-56670 at SUSECVE-2024-56670 at NVDCVE-2024-56672 at SUSECVE-2024-56672 at NVDCVE-2024-56675 at SUSECVE-2024-56675 at NVDCVE-2024-56677 at SUSECVE-2024-56677 at NVDCVE-2024-56678 at SUSECVE-2024-56678 at NVDCVE-2024-56679 at SUSECVE-2024-56679 at NVDCVE-2024-56681 at SUSECVE-2024-56681 at NVDCVE-2024-56683 at SUSECVE-2024-56683 at NVDCVE-2024-56687 at SUSECVE-2024-56687 at NVDCVE-2024-56688 at SUSECVE-2024-56688 at NVDCVE-2024-56690 at SUSECVE-2024-56690 at NVDCVE-2024-56691 at SUSECVE-2024-56691 at NVDCVE-2024-56693 at SUSECVE-2024-56693 at NVDCVE-2024-56694 at SUSECVE-2024-56694 at NVDCVE-2024-56698 at SUSECVE-2024-56698 at NVDCVE-2024-56700 at SUSECVE-2024-56700 at NVDCVE-2024-56701 at SUSECVE-2024-56701 at NVDCVE-2024-56704 at SUSECVE-2024-56704 at NVDCVE-2024-56705 at SUSECVE-2024-56705 at NVDCVE-2024-56707 at SUSECVE-2024-56707 at NVDCVE-2024-56708 at SUSECVE-2024-56708 at NVDCVE-2024-56709 at SUSECVE-2024-56709 at NVDCVE-2024-56712 at SUSECVE-2024-56712 at NVDCVE-2024-56715 at SUSECVE-2024-56715 at NVDCVE-2024-56716 at SUSECVE-2024-56716 at NVDCVE-2024-56722 at SUSECVE-2024-56722 at NVDCVE-2024-56723 at SUSECVE-2024-56723 at NVDCVE-2024-56724 at SUSECVE-2024-56724 at NVDCVE-2024-56725 at SUSECVE-2024-56725 at NVDCVE-2024-56726 at SUSECVE-2024-56726 at NVDCVE-2024-56727 at SUSECVE-2024-56727 at NVDCVE-2024-56728 at SUSECVE-2024-56728 at NVDCVE-2024-56729 at SUSECVE-2024-56729 at NVDCVE-2024-56739 at SUSECVE-2024-56739 at NVDCVE-2024-56741 at SUSECVE-2024-56741 at NVDCVE-2024-56745 at SUSECVE-2024-56745 at NVDCVE-2024-56746 at SUSECVE-2024-56746 at NVDCVE-2024-56747 at SUSECVE-2024-56747 at NVDCVE-2024-56748 at SUSECVE-2024-56748 at NVDCVE-2024-56752 at SUSECVE-2024-56752 at NVDCVE-2024-56754 at SUSECVE-2024-56754 at NVDCVE-2024-56755 at SUSECVE-2024-56755 at NVDCVE-2024-56756 at SUSECVE-2024-56756 at NVDCVE-2024-56759 at SUSECVE-2024-56759 at NVDCVE-2024-56760 at SUSECVE-2024-56760 at NVDCVE-2024-56763 at SUSECVE-2024-56763 at NVDCVE-2024-56765 at SUSECVE-2024-56765 at NVDCVE-2024-56766 at SUSECVE-2024-56766 at NVDCVE-2024-56767 at SUSECVE-2024-56767 at NVDCVE-2024-56769 at SUSECVE-2024-56769 at NVDCVE-2024-56774 at SUSECVE-2024-56774 at NVDCVE-2024-56775 at SUSECVE-2024-56775 at NVDCVE-2024-56776 at SUSECVE-2024-56776 at NVDCVE-2024-56777 at SUSECVE-2024-56777 at NVDCVE-2024-56778 at SUSECVE-2024-56778 at NVDCVE-2024-56779 at SUSECVE-2024-56779 at NVDCVE-2024-56780 at SUSECVE-2024-56780 at NVDCVE-2024-56787 at SUSECVE-2024-56787 at NVDCVE-2024-57791 at SUSECVE-2024-57791 at NVDCVE-2024-57792 at SUSECVE-2024-57792 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57795 at SUSECVE-2024-57795 at NVDCVE-2024-57798 at SUSECVE-2024-57798 at NVDCVE-2024-57801 at SUSECVE-2024-57801 at NVDCVE-2024-57802 at SUSECVE-2024-57802 at NVDCVE-2024-57804 at SUSECVE-2024-57804 at NVDCVE-2024-57809 at SUSECVE-2024-57809 at NVDCVE-2024-57838 at SUSECVE-2024-57838 at NVDCVE-2024-57849 at SUSECVE-2024-57849 at NVDCVE-2024-57850 at SUSECVE-2024-57850 at NVDCVE-2024-57857 at SUSECVE-2024-57857 at NVDCVE-2024-57874 at SUSECVE-2024-57874 at NVDCVE-2024-57876 at SUSECVE-2024-57876 at NVDCVE-2024-57884 at SUSECVE-2024-57884 at NVDCVE-2024-57887 at SUSECVE-2024-57887 at NVDCVE-2024-57888 at SUSECVE-2024-57888 at NVDCVE-2024-57890 at SUSECVE-2024-57890 at NVDCVE-2024-57892 at SUSECVE-2024-57892 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2024-57896 at SUSECVE-2024-57896 at NVDCVE-2024-57897 at SUSECVE-2024-57897 at NVDCVE-2024-57899 at SUSECVE-2024-57899 at NVDCVE-2024-57903 at SUSECVE-2024-57903 at NVDCVE-2024-57904 at SUSECVE-2024-57904 at NVDCVE-2024-57906 at SUSECVE-2024-57906 at NVDCVE-2024-57907 at SUSECVE-2024-57907 at NVDCVE-2024-57908 at SUSECVE-2024-57908 at NVDCVE-2024-57910 at SUSECVE-2024-57910 at NVDCVE-2024-57911 at SUSECVE-2024-57911 at NVDCVE-2024-57912 at SUSECVE-2024-57912 at NVDCVE-2024-57913 at SUSECVE-2024-57913 at NVDCVE-2024-57915 at SUSECVE-2024-57915 at NVDCVE-2024-57916 at SUSECVE-2024-57916 at NVDCVE-2024-57917 at SUSECVE-2024-57917 at NVDCVE-2024-57922 at SUSECVE-2024-57922 at NVDCVE-2024-57926 at SUSECVE-2024-57926 at NVDCVE-2024-57929 at SUSECVE-2024-57929 at NVDCVE-2024-57931 at SUSECVE-2024-57931 at NVDCVE-2024-57932 at SUSECVE-2024-57932 at NVDCVE-2024-57933 at SUSECVE-2024-57933 at NVDCVE-2024-57935 at SUSECVE-2024-57935 at NVDCVE-2024-57936 at SUSECVE-2024-57936 at NVDCVE-2024-57938 at SUSECVE-2024-57938 at NVDCVE-2024-57940 at SUSECVE-2024-57940 at NVDCVE-2024-57946 at SUSECVE-2024-57946 at NVDCVE-2024-8805 at SUSECVE-2024-8805 at NVDCVE-2025-21632 at SUSECVE-2025-21632 at NVDCVE-2025-21645 at SUSECVE-2025-21645 at NVDCVE-2025-21646 at SUSECVE-2025-21646 at NVDCVE-2025-21649 at SUSECVE-2025-21649 at NVDCVE-2025-21650 at SUSECVE-2025-21650 at NVDCVE-2025-21651 at SUSECVE-2025-21651 at NVDCVE-2025-21652 at SUSECVE-2025-21652 at NVDCVE-2025-21653 at SUSECVE-2025-21653 at NVDCVE-2025-21655 at SUSECVE-2025-21655 at NVDCVE-2025-21656 at SUSECVE-2025-21656 at NVDCVE-2025-21662 at SUSECVE-2025-21662 at NVDCVE-2025-21663 at SUSECVE-2025-21663 at NVDCVE-2025-21664 at SUSECVE-2025-21664 at NVDCVE-2025-21674 at SUSECVE-2025-21674 at NVDCVE-2025-21676 at SUSECVE-2025-21676 at NVDCVE-2025-21682 at SUSECVE-2025-21682 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_5 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235916)
ModerateSUSE bug 1235916CVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257629SUSE bug 1257669CVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-37.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer (bsc#1257118).
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257118SUSE bug 1257629SUSE bug 1257669CVE-2025-21738 at SUSECVE-2025-21738 at NVDCVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257629SUSE bug 1257669CVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257629SUSE bug 1257669CVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-49855: nbd: fix race between timeout and normal completion (bsc#1232900)
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1232900SUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-49855 at SUSECVE-2024-49855 at NVDCVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240).
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1247240SUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-38488 at SUSECVE-2025-38488 at NVDCVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053).
- CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed (bsc#1257669).
- CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255895).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624).
ImportantSUSE bug 1255053SUSE bug 1255378SUSE bug 1255402SUSE bug 1255895SUSE bug 1256624SUSE bug 1256644SUSE bug 1257669CVE-2025-40258 at SUSECVE-2025-40258 at NVDCVE-2025-40284 at SUSECVE-2025-40284 at NVDCVE-2025-40297 at SUSECVE-2025-40297 at NVDCVE-2025-68284 at SUSECVE-2025-68284 at NVDCVE-2025-68285 at SUSECVE-2025-68285 at NVDCVE-2025-68813 at SUSECVE-2025-68813 at NVDCVE-2025-71085 at SUSECVE-2025-71085 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues
The following security issues were fixed:
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-37.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0) (Important)SUSE Linux Micro 6.1
This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues
The following security issues were fixed:
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253404).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051).
- CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183).
- CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784).
ImportantSUSE bug 1252036SUSE bug 1252689SUSE bug 1253404SUSE bug 1256780SUSE bug 1257238SUSE bug 1258051SUSE bug 1258183SUSE bug 1258784CVE-2025-39973 at SUSECVE-2025-39973 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40159 at SUSECVE-2025-40159 at NVDCVE-2025-71120 at SUSECVE-2025-71120 at NVDCVE-2026-22999 at SUSECVE-2026-22999 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23111 at SUSECVE-2026-23111 at NVDCVE-2026-23209 at SUSECVE-2026-23209 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-49855: nbd: fix race between timeout and normal completion (bsc#1232900)
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1232900SUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-49855 at SUSECVE-2024-49855 at NVDCVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_5 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-21680: pktgen: avoid out-of-bounds access in get_imix_entries (bsc#1236701)
- CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (bsc#1239096)
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit References: (bsc#1239077)
ModerateSUSE bug 1236701SUSE bug 1239077SUSE bug 1239096CVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095).
- CVE-2024-35839: kABI fix for netfilter: bridge: replace physindev with physinif in nf_bridge_info (bsc#1224726).
- CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
- CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809).
- CVE-2024-44996: vsock: fix recursive ->recvmsg calls (bsc#1230205).
- CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request (bsc#1235705).
- CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854).
- CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (bsc#1235727).
- CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init() (bsc#1232161).
- CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed (bsc#1232158).
- CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from frag_list (bsc#1232101).
- CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087).
- CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419).
- CVE-2024-50039: kABI: Restore deleted EXPORT_SYMBOL(__qdisc_calculate_pkt_len) (bsc#1231909).
- CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038).
- CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055).
- CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
- CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324).
- CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200).
- CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239).
- CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467 bsc#1233469).
- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).
- CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488).
- CVE-2024-53050: drm/i915/hdcp: Add encoder check in hdcp2_get_capability (bsc#1233546).
- CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464).
- CVE-2024-53090: afs: Fix lock recursion (bsc#1233637).
- CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx (bsc#1233638).
- CVE-2024-53099: bpf: Check validity of link->type in bpf_link_show_fdinfo() (bsc#1233772).
- CVE-2024-53105: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() (bsc#1234069).
- CVE-2024-53111: mm/mremap: fix address wraparound in move_page_tables() (bsc#1234086).
- CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077).
- CVE-2024-53117: virtio/vsock: Improve MSG_ZEROCOPY error handling (bsc#1234079).
- CVE-2024-53118: vsock: Fix sk_error_queue memory leak (bsc#1234071).
- CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073).
- CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219).
- CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220).
- CVE-2024-53133: drm/amd/display: Handle dml allocation failure to avoid crash (bsc#1234221)
- CVE-2024-53134: pmdomain: imx93-blk-ctrl: correct remove path (bsc#1234159).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).
- CVE-2024-53160: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu (bsc#1234810).
- CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856).
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
- CVE-2024-53170: block: fix uaf for flush rq while iterating tags (bsc#1234888).
- CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching (bsc#1234898).
- CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns (bsc#1234893).
- CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).
- CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey() (bsc#1234901).
- CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
- CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use (bsc#1234957).
- CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction (bsc#1234906).
- CVE-2024-53198: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() (bsc#1234923).
- CVE-2024-53203: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() (bsc#1235001).
- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).
- CVE-2024-53216: nfsd: fix UAF when access ex_uuid or ex_stats (bsc#1235003).
- CVE-2024-53222: zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974).
- CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011).
- CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050).
- CVE-2024-53234: erofs: handle NONHEAD !delta[1] lclusters gracefully (bsc#1235045).
- CVE-2024-53236: xsk: Free skb when TX metadata options are invalid (bsc#1235000).
- CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
- CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282).
- CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720).
- CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree node (bsc#1235737).
- CVE-2024-55881: KVM: x86: Play nice with protected guests in complete_hypercall_exit() (bsc#1235745).
- CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753).
- CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912).
- CVE-2024-56566: mm/slub: Avoid list corruption when removing a slab from the full list (bsc#1235033).
- CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032).
- CVE-2024-56569: ftrace: Fix regression with module command in stack_trace_filter (bsc#1235031).
- CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035).
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235128).
- CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123).
- CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption model (bsc#1235241).
- CVE-2024-56599: wifi: ath10k: avoid NULL pointer error during sdio remove (bsc#1235138).
- CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217).
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230).
- CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521).
- CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in can_create() (bsc#1235415).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (bsc#1235487).
- CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock (bsc#1235390).
- CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM (bsc#1235391).
- CVE-2024-56614: xsk: fix OOB map writes when deleting elements (bsc#1235424).
- CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements (bsc#1235426).
- CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (bsc#1235429).
- CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled (bsc#1235227).
- CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251).
- CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480).
- CVE-2024-56635: net: avoid potential UAF in default_operstate() (bsc#1235519).
- CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb() (bsc#1235520).
- CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a module (bsc#1235523).
- CVE-2024-56641: net/smc: initialize close_work early to avoid warning (bsc#1235526).
- CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv (bsc#1235132).
- CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451).
- CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not support (bsc#1235449).
- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430).
- CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (bsc#1235444).
- CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439).
- CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference (bsc#1235437).
- CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249).
- CVE-2024-56665: bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog (bsc#1235489).
- CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (bsc#1235555).
- CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (bsc#1235498).
- CVE-2024-56693: brd: defer automatic disk creation until module initialization succeeds (bsc#1235418).
- CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS (bsc#1235412).
- CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
- CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (bsc#1235545).
- CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload (bsc#1235564).
- CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path (bsc#1235565).
- CVE-2024-56715: ionic: Fix netdev notifier unregister on failure (bsc#1235612).
- CVE-2024-56716: netdevsim: prevent bad user input in nsim_dev_health_break_write() (bsc#1235587).
- CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (bsc#1235578).
- CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (bsc#1235582).
- CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (bsc#1235583).
- CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (bsc#1235656).
- CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops (bsc#1235503).
- CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934).
- CVE-2024-56748: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (bsc#1235627).
- CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920).
- CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645).
- CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write (bsc#1235638).
- CVE-2024-56774: btrfs: add a sanity check for btrfs root in btrfs_search_slot() (bsc#1235653).
- CVE-2024-56775: drm/amd/display: Fix handling of plane refcount (bsc#1235657).
- CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759).
- CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768).
- CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device (bsc#1235906).
- CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without loaded flag (bsc#1235940).
- CVE-2024-57802: netrom: check buffer length before accessing it (bsc#1235941).
- CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs (bsc#1235779).
- CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL (bsc#1235793).
- CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings (bsc#1235798).
- CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946).
- CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (bsc#1235948).
- CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (bsc#1235964).
- CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount (bsc#1235965).
- CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
- CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap (bsc#1236127).
- CVE-2024-57929: dm array: fix releasing a faulty array block twice in dm_array_cursor_end (bsc#1236096).
- CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
- CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues (bsc#1236190).
- CVE-2024-57933: gve: guard XSK operations on the existence of queues (bsc#1236178).
- CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in sctp_association_init() (bsc#1236182).
- CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend (bsc#1236247).
- CVE-2025-21632: x86/fpu: Ensure shadow stack is active before "getting" registers (bsc#1236106).
- CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08 devices (bsc#1236143).
- CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue (bsc#1236144).
- CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145).
- CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink() (bsc#1236160).
- CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (bsc#1236161).
- CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period (bsc#1236163).
- CVE-2025-21662: net/mlx5: Fix variable not being completed when function returns (bsc#1236198).
- CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device tree (bsc#1236260).
- CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first function (bsc#1236262).
- CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel (bsc#1236688).
- CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error (bsc#1236696).
- CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing, fix null-deref (bsc#1236703).
Features added:
* - Disable ceph (jsc#PED-7242)
* - RAS/AMD/ATL: Translate normalized to system physical addresses using PRM (jsc#PED-10467).
* - ACPI: PRM: Add PRM handler direct call support (jsc#PED-10467).
* - supported.conf: Add support for v4l2-dv-timings (jsc#PED-8645)
The following non-security bugs were fixed:
- 9p: v9fs_fid_find: also lookup by inode if not found dentry (git-fixes).
- ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294)
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes).
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable-fixes).
- ACPI: PCC: Add PCC shared memory region command and status bitfields (stable-fixes).
- ACPI: PRM: Add PRM handler direct call support (jsc#PED-10467).
- ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
- ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (stable-fixes).
- ACPI: resource: Fix memory resource type union access (git-fixes).
- ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Acer Iconia One 8 A1-840 (stable-fixes).
- ACPI: x86: Clean up Asus entries in acpi_quirk_skip_dmi_ids[] (stable-fixes).
- ACPI: x86: Make UART skip quirks work on PCI UARTs without an UID (stable-fixes).
- ACPICA: events/evxfregn: do not release the ContextMutex that was never acquired (git-fixes).
- ALSA hda/realtek: Add quirk for Framework F111:000C (stable-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio (stable-fixes).
- ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31 laptop (git-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes).
- ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on Acer Nitro 5 (stable-fixes).
- ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130 (bsc#1235686).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: seq: Check UMP support for midi_version change (git-fixes).
- ALSA: seq: oss: Fix races at processing SysEx messages (stable-fixes).
- ALSA: seq: ump: Fix seq port updates per FB info notify (git-fixes).
- ALSA: seq: ump: Use automatic cleanup of kfree() (stable-fixes).
- ALSA: seq: ump: Use guard() for locking (stable-fixes).
- ALSA: ump: Use guard() for locking (stable-fixes).
- ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
- ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5 (stable-fixes).
- ALSA: usb-audio: Notify xrun for low-latency mode (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: US16x08: Initialize array before use (git-fixes).
- ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C (stable-fixes).
- ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP (stable-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
- ASoC: amd: yc: Add a quirk for microfone on Lenovo ThinkPad P14s Gen 5 21MES00B00 (stable-fixes).
- ASoC: amd: yc: Add quirk for microphone on Lenovo Thinkpad T14s Gen 6 21M1CTO1WW (stable-fixes).
- ASoC: amd: yc: Fix the wrong return value (git-fixes).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: fix internal mic on Redmi G 2022 (stable-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: hdmi-codec: reorder channel allocation list (stable-fixes).
- ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
- ASoC: rt722: add delay time to wait for the calibration procedure (stable-fixes).
- ASoC: samsung: Add missing depends on I2C (git-fixes).
- ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
- ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
- ASoC: wm8994: Add depends on MFD core (stable-fixes).
- Add already cherry-picked ids to AMDGPU patch
- Align git commit ID abbreviation guidelines and checks (git-fixes).
- Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
- Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() (stable-fixes).
- Bluetooth: ISO: Reassociate a socket with an active BIS (stable-fixes).
- Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection (git-fixes).
- Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (stable-fixes).
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
- Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes).
- Bluetooth: MGMT: Fix possible deadlocks (git-fixes).
- Bluetooth: SCO: Add support for 16 bits transparent voice setting (git-fixes).
- Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes).
- Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
- Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (stable-fixes).
- Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes).
- Bluetooth: btusb: add callback function in btusb suspend/resume (stable-fixes).
- Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes).
- Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (stable-fixes).
- Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating (git-fixes).
- Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes).
- Bluetooth: iso: Fix recursive locking warning (git-fixes).
- Delete XHCI patch for regression (bsc#1235550)
- Disable ceph (jsc#PED-7242)
- Documentation: PM: Clarify pm_runtime_resume_and_get() return value (git-fixes).
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes).
- Drop downstream TPM fix patch (bsc#1233260 bsc#1233259 bsc#1232421)
- Drop uvcvideo fix due to regression (bsc#1235894)
- EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
- HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (git-fixes).
- HID: fix generic desktop D-Pad controls (git-fixes).
- HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
- HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check (git-fixes).
- HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support (stable-fixes).
- HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
- Input: atkbd - map F23 key to support default copilot shortcut (stable-fixes).
- Input: bbnsm_pwrkey - add remove hook (git-fixes).
- Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes).
- Input: davinci-keyscan - remove leftover header (git-fixes).
- Input: xpad - add QH Electronics VID/PID (stable-fixes).
- Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-fixes).
- Input: xpad - add support for Nacon Pro Compact (stable-fixes).
- Input: xpad - add support for wooting two he (arm) (stable-fixes).
- Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-fixes).
- Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
- KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635).
- KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235776).
- KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235777).
- KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235778).
- Move kABI workaround patch to correct folder
- Move upstreamed DRM patch into sorted section
- Move upstreamed NFS patch into sorted section
- Move upstreamed TPM patch into sorted section
- Move upstreamed lpfc patches into sorted section
- Move upstreamed ppc patch into sorted section
- Move upstreamed sound patch into sorted section
- Move upstreamed sound patches into sorted section
- NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git-fixes).
- NFSD: Async COPY result needs to return a write verifier (git-fixes).
- NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (git-fixes).
- NFSD: Fix nfsd4_shutdown_copy() (git-fixes).
- NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes).
- NFSD: Prevent a potential integer overflow (git-fixes).
- NFSD: Remove a never-true comparison (git-fixes).
- NFSD: initialize copy->cp_clp early in nfsd4_copy for use by trace point (git-fixes).
- NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git-fixes).
- NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
- NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
- Octeontx2-pf: Free send queue buffers incase of leaf to inner (git-fixes).
- PCI/AER: Disable AER service on suspend (stable-fixes).
- PCI/MSI: Handle lack of irqdomain gracefully (git-fixes).
- PCI: Add 'reset_subordinate' to reset hierarchy below bridge (stable-fixes).
- PCI: Add ACS quirk for Broadcom BCM5760X NIC (stable-fixes).
- PCI: Add ACS quirk for Wangxun FF5xxx NICs (stable-fixes).
- PCI: Add T_PERST_CLK_US macro (git-fixes).
- PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-fixes).
- PCI: Detect and trust built-in Thunderbolt chips (stable-fixes).
- PCI: Fix use-after-free of slot->bus on hot remove (stable-fixes).
- PCI: Use preserve_config in place of pci_flags (stable-fixes).
- PCI: cadence: Extract link setup sequence from cdns_pcie_host_setup() (stable-fixes).
- PCI: cadence: Set cdns_pcie_host_init() global (stable-fixes).
- PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads (stable-fixes).
- PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
- PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-fixes).
- PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar() (git-fixes).
- PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
- PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-fixes).
- PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
- PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-fixes).
- PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-fixes).
- PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
- PCI: j721e: Add PCIe 4x lane selection support (stable-fixes).
- PCI: j721e: Add per platform maximum lane settings (stable-fixes).
- PCI: j721e: Add reset GPIO to struct j721e_pcie (stable-fixes).
- PCI: j721e: Add suspend and resume support (git-fixes).
- PCI: j721e: Use T_PERST_CLK_US macro (git-fixes).
- PCI: microchip: Set inbound address translation for coherent or non-coherent mode (git-fixes).
- PCI: qcom: Add support for IPQ9574 (stable-fixes).
- PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() (git-fixes).
- PCI: vmd: Add DID 8086:B06F and 8086:B60B for Intel client SKUs (stable-fixes).
- PCI: vmd: Set devices to D0 before enabling PM L1 Substates (stable-fixes).
- PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
- RAS/AMD/ATL: Translate normalized to system physical addresses using PRM (jsc#PED-10467).
- RDMA/bnxt_re: Add check for path mtu in modify_qp (git-fixes)
- RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
- RDMA/bnxt_re: Avoid initializing the software queue for user queues (git-fixes)
- RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (git-fixes)
- RDMA/bnxt_re: Disable use of reserved wqes (git-fixes)
- RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
- RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
- RDMA/bnxt_re: Fix max_qp_wrs reported (git-fixes)
- RDMA/bnxt_re: Fix reporting hw_ver in query_device (git-fixes)
- RDMA/bnxt_re: Fix the check for 9060 condition (git-fixes)
- RDMA/bnxt_re: Fix the locking while accessing the QP table (git-fixes)
- RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
- RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
- RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-fixes)
- RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
- RDMA/bnxt_re: Remove always true dattr validity check (git-fixes)
- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)
- RDMA/hns: Fix accessing invalid dip_ctx during destroying QP (git-fixes)
- RDMA/hns: Fix mapping error of zero-hop WQE buffer (git-fixes)
- RDMA/hns: Fix missing flush CQE for DWQE (git-fixes)
- RDMA/hns: Fix warning storm caused by invalid input in IO path (git-fixes)
- RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-fixes)
- RDMA/mlx5: Enforce same type port association for multiport RoCE (git-fixes)
- RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-fixes)
- RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
- RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
- RDMA/rtrs: Ensure 'ib_sge list' is accessible (git-fixes)
- RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
- RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
- RDMA/srp: Fix error handling in srp_add_port (git-fixes)
- RDMA/uverbs: Prevent integer overflow issue (git-fixes)
- README.BRANCH: Remove copy of branch name
- Refresh patches.suse/ALSA-hda-realtek-Add-support-for-Samsung-Galaxy-Book.patch.
- Refresh patches.suse/cpufreq-intel_pstate-Temporarily-boost-P-state-when-.patch.
- Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-fixes).
- Revert "block/mq-deadline: use correct way to throttling write requests" (bsc#1234146).
- Revert "btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)"
- Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
- Revert "igb: Disable threaded IRQ for igb_msix_other" (git-fixes).
- Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" (git-fixes).
- Revert "unicode: Do not special case ignorable code points" (stable-fixes).
- Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" (stable-fixes).
- Revert 'arm64: Kconfig: Make SME depend on BROKEN for now' This reverts commit 2ccfee6be929dd4ea49ef59a7ae686473aae40b6 CONFIG_ARM64_SME is enabled by default so some customers may rely on SME. We need further analysis to evaluate to what extent we are impacted and in case we'll disable SME support later.
- Revert 0dd78566990 ("Disable ceph (jsc#PED-7242)") Apparently, jsc#PED-7242 is only deprecate ceph for 15-SP6 and disable for 15-SP7. Revert the disabling.
- SUNRPC: make sure cache entry active before cache_show (git-fixes).
- SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT (git-fixes).
- USB: core: Disable LPM only for non-suspended ports (git-fixes).
- USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes).
- USB: serial: option: add MediaTek T7XX compositions (stable-fixes).
- USB: serial: option: add MeiG Smart SLM770A (stable-fixes).
- USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
- USB: serial: option: add Neoway N723-EA support (stable-fixes).
- USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (stable-fixes).
- USB: serial: option: add TCL IK512 MBIM & ECM (stable-fixes).
- USB: serial: option: add Telit FE910C04 rmnet compositions (stable-fixes).
- USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-fixes).
- USB: usblp: return error when setting unsupported protocol (git-fixes).
- VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
- VMCI: fix reference to ioctl-number.rst (git-fixes).
- accel/habanalabs/gaudi2: unsecure tpc count registers (stable-fixes).
- accel/habanalabs: export dma-buf only if size/offset multiples of PAGE_SIZE (stable-fixes).
- accel/habanalabs: fix debugfs files permissions (stable-fixes).
- accel/habanalabs: increase HL_MAX_STR to 64 bytes to avoid warnings (stable-fixes).
- acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (git-fixes).
- af_unix: Call manage_oob() for every skb in unix_stream_read_generic() (bsc#1234725).
- afs: Automatically generate trace tag enums (git-fixes).
- afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
- afs: Fix cleanup of immediately failed async calls (git-fixes).
- afs: Fix directory format encoding struct (git-fixes).
- afs: Fix missing subdir edit when renamed between parent dirs (git-fixes).
- afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
- afs: Fix the maximum cell name length (git-fixes).
- amdgpu/uvd: get ring reference from rq scheduler (git-fixes).
- arch: Introduce arch_{,try_}_cmpxchg128{,_local}() (bsc#1220773).
- arch: Remove cmpxchg_double (bsc#1220773).
- arch: consolidate arch_irq_work_raise prototypes (git-fixes).
- arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
- arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605)
- arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
- arm64: Force position-independent veneers (git-fixes).
- arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245) Update arm64 default configuration file
- arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes).
- arm64: dts: imx8mp: correct sdhc ipg clk (git-fixes).
- arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-fixes)
- arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes).
- arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
- arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git-fixes).
- arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
- arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
- arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
- ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-fixes).
- autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes).
- batman-adv: Do not let TT changes list grows indefinitely (git-fixes).
- batman-adv: Do not send uninitialized TT changes (git-fixes).
- batman-adv: Remove uninitialized data in full table TT response (git-fixes).
- blacklist.conf: printk/sysctl: breaks kernel without pre-requisite patches (bsc#1229025)
- blk-cgroup: Fix UAF in blkcg_unpin_online() (bsc#1234726).
- blk-core: use pr_warn_ratelimited() in bio_check_ro() (bsc#1234139).
- blk-iocost: Fix an UBSAN shift-out-of-bounds warning (bsc#1234144).
- blk-iocost: do not WARN if iocg was already offlined (bsc#1234147).
- blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" (bsc#1234140).
- block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator() (bsc#1234149).
- block, bfq: do not break merge chain in bfq_split_bfqq() (bsc#1234150).
- block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234160).
- block, bfq: fix procress reference leakage for bfqq in merge chain (bsc#1234280).
- block, bfq: fix uaf for accessing waker_bfqq after splitting (bsc#1234279).
- block/mq-deadline: Fix the tag reservation code (bsc#1234148).
- block: Call .limit_depth() after .hctx has been set (bsc#1234148).
- block: Fix where bio IO priority gets set (bsc#1234145).
- block: prevent an integer overflow in bvec_try_merge_hw_page (bsc#1234142).
- block: update the stable_writes flag in bdev_add (bsc#1234141).
- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
- bnxt_en: Fix receive ring space parameters when XDP is active (git-fixes).
- bnxt_en: Reserve rings after PCIe AER recovery if NIC interface is down (git-fixes).
- bnxt_en: Set backplane link modes correctly for ethtool (git-fixes).
- bpf, x86: Fix PROBE_MEM runtime load check (git-fixes).
- bpf: verifier: prevent userspace memory access (git-fixes).
- btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445).
- btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)
- btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445).
- bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-fixes).
- can: gs_usb: add VID/PID for Xylanta SAINT3 product family (stable-fixes).
- can: j1939: fix error in J1939 documentation (stable-fixes).
- ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592).
- checkpatch: always parse orig_commit in fixes tag (git-fixes).
- checkpatch: check for missing Fixes tags (stable-fixes).
- cleanup: Add conditional guard support (stable-fixes).
- cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-fixes).
- cleanup: Remove address space of returned pointer (git-fixes).
- clocksource/drivers/timer-ti-dm: Fix child node refcount handling (git-fixes).
- clocksource/drivers:sp804: Make user selectable (git-fixes).
- counter: stm32-timer-cnt: Add check for clk_enable() (git-fixes).
- counter: ti-ecap-capture: Add check for clk_enable() (git-fixes).
- cpufreq: ACPI: Fix max-frequency computation (git-fixes).
- cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
- cpufreq: amd-pstate: remove global header file (git-fixes).
- cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo() (bsc#1234619).
- cpufreq: intel_pstate: Do not update global.turbo_disabled after initialization (bsc#1234619).
- cpufreq: intel_pstate: Drop redundant locking from intel_pstate_driver_cleanup() (bsc#1234619).
- cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619).
- cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller (bsc#1234619).
- cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations (bsc#1234619).
- cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
- cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619).
- cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo() (bsc#1234619).
- cpufreq: intel_pstate: Refine computation of P-state for given frequency (bsc#1234619).
- cpufreq: intel_pstate: Replace three global.turbo_disabled checks (bsc#1234619).
- cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619).
- cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
- cpufreq: intel_pstate: Update the maximum CPU frequency consistently (bsc#1234619).
- cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-fixes).
- cpufreq: intel_pstate: Use __ro_after_init for three variables (bsc#1234619).
- cpufreq: intel_pstate: Wait for canceled delayed work to complete (bsc#1234619).
- cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call back (git-fixes).
- cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
- cpupower: fix TSC MHz calculation (git-fixes).
- crypto: caam - use JobR's space to access page 0 regs (git-fixes).
- crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes (git-fixes).
- crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-fixes).
- crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable-fixes).
- crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes).
- crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable-fixes).
- crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async' (git-fixes).
- crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-fixes).
- crypto: qat - disable IOV in adf_dev_stop() (git-fixes).
- crypto: qce - fix goto jump in error path (git-fixes).
- crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
- crypto: qce - unregister previously registered algos in error path (git-fixes).
- crypto: x86/sha256 - Add parentheses around macros' single arguments (stable-fixes).
- cyrpto/b128ops: Remove struct u128 (bsc#1220773).
- devcoredump: cleanup some comments (git-fixes).
- devlink: Fix length of eswitch inline-mode (git-fixes).
- dlm: fix possible lkb_resource null dereference (git-fixes).
- dma-buf: fix dma_fence_array_signaled v4 (stable-fixes).
- dma-debug: fix a possible deadlock on radix_lock (stable-fixes).
- dmaengine: apple-admac: Avoid accessing registers in probe (git-fixes).
- dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (git-fixes).
- dmaengine: dw: Select only supported masters for ACPI devices (git-fixes).
- dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357).
- dmaengine: mv_xor: fix child node refcount handling in early exit (git-fixes).
- dmaengine: tegra: Return correct DMA status when paused (git-fixes).
- dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
- docs: media: update location of the media patches (stable-fixes).
- docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-fixes).
- driver core: Add FWLINK_FLAG_IGNORE to completely ignore a fwnode link (stable-fixes).
- driver core: class: Fix wild pointer dereferences in API class_dev_iter_next() (git-fixes).
- driver core: fw_devlink: Improve logs for cycle detection (stable-fixes).
- driver core: fw_devlink: Stop trying to optimize cycle detection logic (git-fixes).
- drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
- drivers: net: ionic: add missed debugfs cleanup to ionic_probe() error path (git-fixes).
- drm/amd/display: Add HDR workaround for specific eDP (stable-fixes).
- drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw (stable-fixes).
- drm/amd/display: Add check for granularity in dml ceil/floor helpers (stable-fixes).
- drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes).
- drm/amd/display: Avoid overflow assignment in link_dp_cts (stable-fixes).
- drm/amd/display: Fix DSC-re-computing (stable-fixes).
- drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable-fixes).
- drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes).
- drm/amd/display: Revert Avoid overflow assignment (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
- drm/amd/display: Use gpuvm_min_page_size_kbytes for DML2 surfaces (stable-fixes).
- drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable-fixes).
- drm/amd/pm: Fix an error handling path in vega10_enable_se_edc_force_stall_config() (git-fixes).
- drm/amd/pm: fix the high voltage issue after unload (stable-fixes).
- drm/amd/pm: update current_socclk and current_uclk in gpu_metrics on smu v13.0.7 (stable-fixes).
- drm/amdgpu/gfx10: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/gfx11: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/gfx9: properly handle error ints on all pipes (stable-fixes).
- drm/amdgpu/gfx9: use rlc safe mode for soft recovery (stable-fixes).
- drm/amdgpu/hdp5.2: do a posting read when flushing HDP (stable-fixes).
- drm/amdgpu/pm: Remove gpu_od if it's an empty directory (stable-fixes).
- drm/amdgpu/umsch: do not execute umsch test when GPU is in reset/suspend (stable-fixes).
- drm/amdgpu/umsch: reinitialize write pointer in hw init (stable-fixes).
- drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
- drm/amdgpu/vcn: reset fw_shared when VCPU buffers corrupted on vcn v4.0.3 (stable-fixes).
- drm/amdgpu: Block MMR_READ IOCTL in reset (stable-fixes).
- drm/amdgpu: Dereference the ATCS ACPI buffer (stable-fixes).
- drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (git-fixes).
- drm/amdgpu: add raven1 gfxoff quirk (stable-fixes).
- drm/amdgpu: add smu 14.0.1 discovery support (stable-fixes).
- drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
- drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts for vega20_ih (stable-fixes).
- drm/amdgpu: differentiate external rev id for gfx 11.5.0 (stable-fixes).
- drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable-fixes).
- drm/amdgpu: do not access invalid sched (git-fixes).
- drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes).
- drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable-fixes).
- drm/amdgpu: fix usage slab after free (stable-fixes).
- drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes).
- drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr (stable-fixes).
- drm/amdgpu: set the right AMDGPU sg segment limitation (stable-fixes).
- drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
- drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov (stable-fixes).
- drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini() (git-fixes).
- drm/amdkfd: Correct the migration DMA map direction (stable-fixes).
- drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes).
- drm/amdkfd: Use device based logging for errors (stable-fixes).
- drm/amdkfd: Use the correct wptr size (stable-fixes).
- drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes).
- drm/amdkfd: pause autosuspend when creating pdd (stable-fixes).
- drm/bridge: adv7511_audio: Update Audio InfoFrame properly (git-fixes).
- drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
- drm/bridge: it6505: Enable module autoloading (stable-fixes).
- drm/bridge: it6505: Fix inverted reset polarity (git-fixes).
- drm/bridge: it6505: update usleep_range for RC circuit charge time (stable-fixes).
- drm/display: Fix building with GCC 15 (stable-fixes).
- drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (stable-fixes).
- drm/dp_mst: Fix MST sideband message body length check (stable-fixes).
- drm/dp_mst: Fix resetting msg rx state after topology removal (git-fixes).
- drm/dp_mst: Verify request type in the corresponding down message reply (stable-fixes).
- drm/etnaviv: Fix page property being used for non writecombine buffers (git-fixes).
- drm/etnaviv: flush shader L1 cache after user commandstream (stable-fixes).
- drm/i915/dg1: Fix power gate sequence (git-fixes).
- drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
- drm/i915: Fix NULL pointer dereference in capture_engine (git-fixes).
- drm/i915: Fix memory leak by correcting cache object name in error handler (git-fixes).
- drm/mcde: Enable module autoloading (stable-fixes).
- drm/mediatek: Add return value check when reading DPCD (git-fixes).
- drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes).
- drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes).
- drm/mediatek: Fix mode valid issue for dp (git-fixes).
- drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes).
- drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes).
- drm/mediatek: stop selecting foreign drivers (git-fixes).
- drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() (stable-fixes).
- drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
- drm/msm: Check return value of of_dma_configure() (git-fixes).
- drm/msm: do not clean up priv->kms prematurely (git-fixes).
- drm/nouveau/gsp: Use the sg allocator for level 2 of radix3 (stable-fixes).
- drm/panel: novatek-nt35950: fix return value check in nt35950_probe() (git-fixes).
- drm/panel: simple: Add Microchip AC69T88A LVDS Display panel (stable-fixes).
- drm/printer: Allow NULL data in devcoredump printer (stable-fixes).
- drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable-fixes).
- drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (stable-fixes).
- drm/radeon: Fix spurious unplug event on radeon HDMI (git-fixes).
- drm/radeon: add helper rdev_to_drm(rdev) (stable-fixes).
- drm/radeon: change rdev->ddev to rdev_to_drm(rdev) (stable-fixes).
- drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
- drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
- drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8 (git-fixes).
- drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-fixes).
- drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
- drm/sched: memset() 'job' in drm_sched_job_init() (stable-fixes).
- drm/tidss: Clear the interrupt status for interrupts being disabled (git-fixes).
- drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
- drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
- drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes).
- drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
- drm/vc4: hdmi: Avoid log spam for audio start failure (stable-fixes).
- drm/vc4: hvs: Set AXI panic modes for the HVS (stable-fixes).
- drm/vmwgfx: Add new keep_resv BO param (git-fixes).
- drm: adv7511: Drop dsi single lane support (git-fixes).
- drm: adv7511: Fix use-after-free in adv7533_attach_dsi() (git-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Founder edition (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK (stable-fixes).
- drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- erofs: avoid debugging output for (de)compressed data (git-fixes).
- exfat: ensure that ctime is updated whenever the mtime is (git-fixes).
- exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes).
- exfat: fix the infinite loop in exfat_readdir() (git-fixes).
- exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes).
- ext4: add a new helper to check if es must be kept (bsc#1234170).
- ext4: add correct group descriptors and reserved GDT blocks to system zone (bsc#1234164).
- ext4: add missed brelse in update_backups (bsc#1234171).
- ext4: allow for the last group to be marked as trimmed (bsc#1234278).
- ext4: avoid buffer_head leak in ext4_mark_inode_used() (bsc#1234191).
- ext4: avoid excessive credit estimate in ext4_tmpfile() (bsc#1234180).
- ext4: avoid negative min_clusters in find_group_orlov() (bsc#1234193).
- ext4: avoid overlapping preallocations due to overflow (bsc#1234162).
- ext4: avoid potential buffer_head leak in __ext4_new_inode() (bsc#1234192).
- ext4: avoid writing unitialized memory to disk in EA inodes (bsc#1234187).
- ext4: check the extent status again before inserting delalloc block (bsc#1234186).
- ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard (bsc#1234190).
- ext4: convert to exclusive lock while inserting delalloc extents (bsc#1234178).
- ext4: correct best extent lstart adjustment logic (bsc#1234179).
- ext4: correct grp validation in ext4_mb_good_group (bsc#1234163).
- ext4: correct return value of ext4_convert_meta_bg (bsc#1234172).
- ext4: correct the hole length returned by ext4_map_blocks() (bsc#1234178).
- ext4: correct the start block of counting reserved clusters (bsc#1234169).
- ext4: do not let fstrim block system suspend (https://bugzilla.kernel.org/show_bug.cgi?id=216322 bsc#1234166).
- ext4: do not trim the group with corrupted block bitmap (bsc#1234177).
- ext4: factor out __es_alloc_extent() and __es_free_extent() (bsc#1234170).
- ext4: factor out a common helper to query extent map (bsc#1234186).
- ext4: fix inconsistent between segment fstrim and full fstrim (bsc#1234176).
- ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space() (bsc#1234188).
- ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit() (bsc#1234188).
- ext4: fix incorrect tid assumption in jbd2_journal_shrink_checkpoint_list() (bsc#1234188).
- ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} (bsc#1214954).
- ext4: fix potential unnitialized variable (bsc#1234183).
- ext4: fix race between writepages and remount (bsc#1234168).
- ext4: fix rec_len verify error (bsc#1234167).
- ext4: fix slab-use-after-free in ext4_es_insert_extent() (bsc#1234170).
- ext4: fix uninitialized variable in ext4_inlinedir_to_tree (bsc#1234185).
- ext4: forbid commit inconsistent quota data when errors=remount-ro (bsc#1234178).
- ext4: make ext4_es_insert_delayed_block() return void (bsc#1234170).
- ext4: make ext4_es_insert_extent() return void (bsc#1234170).
- ext4: make ext4_es_remove_extent() return void (bsc#1234170).
- ext4: make ext4_zeroout_es() return void (bsc#1234170).
- ext4: make sure allocate pending entry not fail (bsc#1234170).
- ext4: mark buffer new if it is unwritten to avoid stale data exposure (bsc#1234175).
- ext4: move 'ix' sanity check to corrent position (bsc#1234174).
- ext4: move setting of trimmed bit into ext4_try_to_trim_range() (bsc#1234165).
- ext4: nested locking for xattr inode (bsc#1234189).
- ext4: propagate errors from ext4_find_extent() in ext4_insert_range() (bsc#1234194).
- ext4: refactor ext4_da_map_blocks() (bsc#1234178).
- ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks (bsc#1234173).
- ext4: remove the redundant folio_wait_stable() (bsc#1234184).
- ext4: set the type of max_zeroout to unsigned int to avoid overflow (bsc#1234182).
- ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow (bsc#1234181).
- ext4: use pre-allocated es in __es_insert_extent() (bsc#1234170).
- ext4: use pre-allocated es in __es_remove_extent() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_insert_delayed_block() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_insert_extent() (bsc#1234170).
- ext4: using nofail preallocation in ext4_es_remove_extent() (bsc#1234170).
- fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-fixes).
- filemap: Fix bounds checking in filemap_read() (bsc#1234209).
- filemap: add a per-mapping stable writes flag (bsc#1234141).
- firmware: arm_scmi: Reject clear channel request on A2P (stable-fixes).
- fs-writeback: do not requeue a clean inode having skipped pages (bsc#1234200).
- fs/writeback: bail out if there is no more inodes for IO and queued once (bsc#1234207).
- fsnotify: fix sending inotify event with unexpected filename (bsc#1234198).
- genirq/cpuhotplug: Retry with cpu_online_mask when migration fails (git-fixes).
- genirq/cpuhotplug: Skip suspended interrupts when restoring affinity (git-fixes).
- genirq/irqdesc: Honor caller provided affinity in alloc_desc() (git-fixes).
- genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
- genksyms: fix memory leak when the same symbol is added from source (git-fixes).
- genksyms: fix memory leak when the same symbol is read from *.symref file (git-fixes).
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
- gpio: grgpio: Add NULL check in grgpio_probe (git-fixes).
- gpio: grgpio: use a helper variable to store the address of ofdev->dev (stable-fixes).
- gpio: mxc: remove dead code after switch to DT-only (git-fixes).
- gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
- hfsplus: do not query the device logical block size multiple times (git-fixes).
- hvc/xen: fix console unplug (git-fixes).
- hvc/xen: fix error path in xen_hvc_init() to always register frontend driver (git-fixes).
- hvc/xen: fix event channel handling for secondary consoles (git-fixes).
- hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes).
- hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
- hwmon: (nct6775) Add 665-ACE/600M-CL to ASUS WMI monitoring list (stable-fixes).
- hwmon: (pmbus/core) clear faults after setting smbalert mask (git-fixes).
- hwmon: (pmbus_core) Allow to hook PMBUS_SMBALERT_MASK (stable-fixes).
- hwmon: (tmp513) Do not use "proxy" headers (stable-fixes).
- hwmon: (tmp513) Fix Current Register value interpretation (git-fixes).
- hwmon: (tmp513) Fix division of negative numbers (git-fixes).
- hwmon: (tmp513) Fix interpretation of values of Shunt Voltage and Limit Registers (git-fixes).
- hwmon: (tmp513) Fix interpretation of values of Temperature Result and Limit Registers (git-fixes).
- hwmon: (tmp513) Simplify with dev_err_probe() (stable-fixes).
- hwmon: (tmp513) Use SI constants from units.h (stable-fixes).
- hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
- i2c: core: fix reference leak in i2c_register_adapter() (git-fixes).
- i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
- i2c: i801: Add support for Intel Panther Lake (stable-fixes).
- i2c: imx: add imx7d compatible string for applying erratum ERR007805 (git-fixes).
- i2c: microchip-core: actually use repeated sends (git-fixes).
- i2c: microchip-core: fix "ghost" detections (git-fixes).
- i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes).
- i2c: pnx: Fix timeout in wait functions (git-fixes).
- i2c: rcar: fix NACK handling when being a target (git-fixes).
- i2c: riic: Always round-up when calculating bus period (git-fixes).
- i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable-fixes).
- i40e: Fix handling changed priv flags (git-fixes).
- i915/guc: Accumulate active runtime on gt reset (git-fixes).
- i915/guc: Ensure busyness counter increases motonically (git-fixes).
- i915/guc: Reset engine utilization buffer before registration (git-fixes).
- ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
- ice: Unbind the workqueue (bsc#1234989)
- ice: change q_index variable type to s16 to store -1 value (git-fixes).
- ice: consistently use q_idx in ice_vc_cfg_qs_msg() (git-fixes).
- ice: fix PHY Clock Recovery availability check (git-fixes).
- idpf: add support for SW triggered interrupts (bsc#1235507).
- idpf: enable WB_ON_ITR (bsc#1235507).
- idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507).
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes).
- igb: Fix potential invalid memory access in igb_init_module() (git-fixes).
- iio: adc: ad7124: Disable all channels at probe time (git-fixes).
- iio: adc: ad_sigma_delta: Handle CS assertion as intended in ad_sd_read_reg_raw() (git-fixes).
- iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes).
- iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes).
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes).
- iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes).
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes).
- iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes).
- iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-fixes).
- iio: imu: kmx61: fix information leak in triggered buffer (git-fixes).
- iio: inkern: call iio_device_put() only on mapped devices (git-fixes).
- iio: light: as73211: fix channel handling in only-color triggered buffer (git-fixes).
- iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes).
- iio: magnetometer: yas530: use signed integer type for clamp limits (git-fixes).
- iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes).
- iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes).
- instrumentation: Wire up cmpxchg128() (bsc#1220773).
- intel_th: core: fix kernel-doc warnings (git-fixes).
- io_uring/rw: avoid punting to io-wq directly (git-fixes).
- io_uring/tctx: work around xa_store() allocation error issue (git-fixes).
- io_uring: Fix registered ring file refcount leak (git-fixes).
- io_uring: always lock __io_cqring_overflow_flush (git-fixes).
- io_uring: check if iowq is killed before queuing (git-fixes).
- iommu/io-pgtable-arm: Fix stage-2 map/unmap for concatenated tables (git-fixes).
- ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
- ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-fixes).
- irqchip/gic-v3: Force propagation of the active state with a read-back (stable-fixes).
- irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (stable-fixes).
- irqflags: Explicitly ignore lockdep_hrtimer_exit() argument (git-fixes).
- isofs: handle CDs with bad root inode but good Joliet root directory (bsc#1234199).
- ixgbe: downgrade logging of unsupported VF API version to debug (git-fixes).
- ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5 (git-fixes).
- jffs2: Fix rtime decompressor (git-fixes).
- jffs2: Prevent rtime decompress memory corruption (git-fixes).
- jffs2: fix use of uninitialized variable (git-fixes).
- jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git-fixes).
- jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes).
- jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes).
- jfs: fix shift-out-of-bounds in dbSplit (git-fixes).
- jfs: xattr: check invalid xattr size more strictly (git-fixes).
- kABI workaround for struct auto_pin_cfg_item change (git-fixes).
- kABI workaround for struct drm_dp_mst_topology_mgr (git-fixes).
- kabi/severities: make vcap_find_actionfield PASS (bsc#1220773)
- kasan: make report_lock a raw spinlock (git-fixes).
- kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-fixes).
- kdb: Fix buffer overflow during tab-complete (bsc#1234652).
- kdb: Fix console handling when editing and tab-completing commands (bsc#1234655).
- kdb: Merge identical case statements in kdb_read() (bsc#1234657).
- kdb: Use format-specifiers rather than memset() for padding in kdb_read() (bsc#1234658).
- kdb: Use format-strings rather than '\0' injection in kdb_read() (bsc#1234654).
- kdb: Use the passed prompt in kdb_position_cursor() (bsc#1234654).
- kdb: address -Wformat-security warnings (bsc#1234659).
- kgdb: Flush console before entering kgdb on panic (bsc#1234651).
- kheaders: Ignore silly-rename files (stable-fixes).
- ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
- ktest.pl: Check kernelrelease return in get_version (git-fixes).
- ktest.pl: Fix typo "accesing" (git-fixes).
- ktest.pl: Fix typo in comment (git-fixes).
- ktest.pl: Remove unused declarations in run_bisect_test function (git-fixes).
- ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-fixes).
- landlock: Handle weird files (git-fixes).
- latencytop: use correct kernel-doc format for func params (git-fixes).
- leds: class: Protect brightness_show() with led_cdev->led_access mutex (stable-fixes).
- leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
- leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata() (git-fixes).
- lib/inflate.c: remove dead code (git-fixes).
- lib/stackdepot: print disabled message only if truly disabled (git-fixes).
- linux/dmaengine.h: fix a few kernel-doc warnings (git-fixes).
- locking/atomic/x86: Correct the definition of __arch_try_cmpxchg128() (bsc#1220773 git-fix).
- loop: fix the the direct I/O support check when used on top of block devices (bsc#1234143).
- mac80211: fix user-power when emulating chanctx (stable-fixes).
- mac802154: check local interfaces before deleting sdata list (stable-fixes).
- mailbox: pcc: Add support for platform notification handling (stable-fixes).
- mailbox: pcc: Support shared interrupt for multiple subspaces (stable-fixes).
- mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
- maple_tree: simplify split calculation (git-fixes).
- media: camif-core: Add check for clk_enable() (git-fixes).
- media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
- media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
- media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
- media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (stable-fixes).
- media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (git-fixes).
- media: dvb-usb-v2: af9035: fix ISO C90 compilation error on af9035_i2c_master_xfer (git-fixes).
- media: i2c: imx412: Add missing newline to prints (git-fixes).
- media: i2c: ov9282: Correct the exposure offset (git-fixes).
- media: imx-jpeg: Fix potential error pointer dereference in detach_pm() (git-fixes).
- media: imx296: Add standby delay during probe (git-fixes).
- media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
- media: marvell: Add check for clk_enable() (git-fixes).
- media: mc: fix endpoint iteration (git-fixes).
- media: mipi-csis: Add check for clk_enable() (git-fixes).
- media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
- media: ov5640: fix get_light_freq on auto (git-fixes).
- media: rc: iguanair: handle timeouts (git-fixes).
- media: rkisp1: Fix unused value issue (git-fixes).
- media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (stable-fixes).
- media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
- media: uvcvideo: Fix double free in error path (git-fixes).
- media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
- media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes).
- media: uvcvideo: Only save async fh if success (git-fixes).
- media: uvcvideo: Propagate buf->error to userspace (git-fixes).
- media: uvcvideo: RealSense D421 Depth module metadata (stable-fixes).
- media: uvcvideo: Remove dangling pointers (git-fixes).
- media: uvcvideo: Remove redundant NULL assignment (git-fixes).
- media: uvcvideo: Support partial control reads (git-fixes).
- memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git-fixes).
- memory-failure: use a folio in me_huge_page() (git-fixes).
- memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() (git-fixes).
- mfd: da9052-spi: Change read-mask to write-mask (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device (git-fixes).
- misc: fastrpc: Deregister device nodes properly in error scenarios (git-fixes).
- misc: fastrpc: Fix copy buffer page size (git-fixes).
- misc: fastrpc: Fix registered buffer page address (git-fixes).
- misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes).
- misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes).
- misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-fixes).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list (git-fixes).
- mm/filemap: avoid buffered read/write race to read inconsistent data (bsc#1234204).
- mm/memory-failure: cast index to loff_t before shifting it (git-fixes).
- mm/memory-failure: check the mapcount of the precise page (git-fixes).
- mm/memory-failure: fix crash in split_huge_page_to_list from soft_offline_page (git-fixes).
- mm/memory-failure: pass the folio and the page to collect_procs() (git-fixes).
- mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git-fixes).
- mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
- mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes).
- mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
- mm/memory_hotplug: use pfn math in place of direct struct page manipulation (git-fixes).
- mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes).
- mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git-fixes).
- mm/migrate: putback split folios when numa hint migration fails (git-fixes).
- mm/migrate: split source folio if it is on deferred split list (git-fixes).
- mm/page_owner: remove free_ts from page_owner output (git-fixes).
- mm/readahead: do not allow order-1 folio (bsc#1234205).
- mm/readahead: limit page cache size in page_cache_ra_order() (bsc#1234208).
- mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
- mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes).
- mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git-fixes).
- mm: memory-failure: fetch compound head after extra page refcnt is held (git-fixes).
- mm: memory-failure: fix potential page refcnt leak in memory_failure() (git-fixes).
- mm: memory-failure: fix race window when trying to get hugetlb folio (git-fixes).
- mm: memory-failure: remove unneeded PageHuge() check (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- mmc: core: Add SD card quirk for broken poweroff notification (stable-fixes).
- mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting (git-fixes).
- mmc: mtk-sd: fix devm_clk_get_optional usage (stable-fixes).
- mmc: sdhci-esdhc-imx: enable quirks SDHCI_QUIRK_NO_LED (stable-fixes).
- mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia Edu Atla 10 tablet (stable-fixes).
- mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (git-fixes).
- modpost: fix the missed iteration for the max bit in do_input() (git-fixes).
- mtd: diskonchip: Cast an operand to prevent potential overflow (git-fixes).
- mtd: hyperbus: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes).
- mtd: hyperbus: rpc-if: Convert to platform remove callback returning void (stable-fixes).
- mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
- mtd: rawnand: arasan: Fix double assertion of chip-select (git-fixes).
- mtd: rawnand: arasan: Fix missing de-registration of NAND (git-fixes).
- mtd: rawnand: fix double free in atmel_pmecc_create_user() (git-fixes).
- mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
- net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (git-fixes).
- net/ipv6: release expired exception dst cached in socket (bsc#1216813).
- net/mlx5e: CT: Fix null-ptr-deref in add rule err flow (git-fixes).
- net/mlx5e: Remove workaround to avoid syndrome for internal port (git-fixes).
- net/mlx5e: clear xdp features on non-uplink representors (git-fixes).
- net/qed: allow old cards not supporting "num_images" to work (git-fixes).
- net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
- net: Return error from sk_stream_wait_connect() if sk_wait_event() fails (git-fixes).
- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246).
- net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset (git-fixes).
- net: rose: fix timer races against user threads (git-fixes).
- net: usb: qmi_wwan: add Quectel RG650V (stable-fixes).
- net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes).
- net: usb: rtl8150: enable basic endpoint checking (git-fixes).
- net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() (git-fixes).
- net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
- netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778 ZDI-24-1454).
- nfs: ignore SB_RDONLY when mounting nfs (git-fixes).
- nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (git-fixes).
- nfsd: make sure exp active before svc_export_show (git-fixes).
- nfsd: release svc_expkey/svc_export with rcu_work (git-fixes).
- nfsd: restore callback functionality for NFSv4.0 (git-fixes).
- nilfs2: fix buffer head leaks in calls to truncate_inode_pages() (git-fixes).
- nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
- nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes).
- nilfs2: prevent use of deleted inode (git-fixes).
- nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes).
- nvme-rdma: unquiesce admin_q before destroy it (git-fixes).
- nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
- nvme-tcp: fix the memleak while create new ctrl failed (git-fixes).
- nvme/multipath: Fix RCU list traversal to use SRCU primitive (git-fixes).
- nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
- nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
- nvme: apple: fix device reference counting (git-fixes).
- nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-fixes).
- nvme: fix metadata handling in nvme-passthrough (git-fixes).
- nvmet-loop: avoid using mutex in IO hotpath (git-fixes).
- nvmet: propagate npwg topology (git-fixes).
- ocfs2: fix uninitialized value in ocfs2_file_read_iter() (git-fixes).
- ocfs2: free inode when ocfs2_get_init_inode() fails (git-fixes).
- of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (git-fixes).
- of: Fix error path in of_parse_phandle_with_args_map() (git-fixes).
- of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (git-fixes).
- of: address: Report error on resource bounds overflow (stable-fixes).
- padata: add pd get/put refcnt helper (git-fixes).
- padata: avoid UAF for reorder_work (git-fixes).
- padata: fix UAF in padata_reorder (git-fixes).
- parisc: Raise minimal GCC version (bsc#1220773).
- parisc: Raise minimal GCC version to 12.0.0 (bsc#1220773 git-fix).
- percpu: Add {raw,this}_cpu_try_cmpxchg() (bsc#1220773).
- percpu: Fix self-assignment of __old in raw_cpu_generic_try_cmpxchg() (bsc#1220773 git-fix).
- percpu: Wire up cmpxchg128 (bsc#1220773).
- phy: core: Fix an OF node refcount leakage in _of_phy_get() (git-fixes).
- phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (git-fixes).
- phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (git-fixes).
- phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (git-fixes).
- phy: core: Fix that API devm_phy_put() fails to release the phy (git-fixes).
- phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP (git-fixes).
- phy: rockchip: naneng-combphy: fix phy reset (git-fixes).
- phy: usb: Toggle the PHY power during init (git-fixes).
- pinctrl: amd: Take suspend type into consideration which pins are non-wake (git-fixes).
- pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (git-fixes).
- pinctrl: qcom-pmic-gpio: add support for PM8937 (stable-fixes).
- pinctrl: qcom: spmi-mpp: Add PM8937 compatible (stable-fixes).
- pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional() fails (git-fixes).
- pinmux: Use sequential access to access desc->pinmux data (stable-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1225897).
- platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (stable-fixes).
- platform/x86: dell-smbios-base: Extends support to Alienware products (stable-fixes).
- platform/x86: dell-wmi-base: Handle META key Lock/Unlock events (stable-fixes).
- platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW showing incorrect fan speed (stable-fixes).
- pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
- power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
- power: supply: gpio-charger: Fix set charge current limits (git-fixes).
- powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump is active (bsc#1235108).
- powerpc/iommu: Move pSeries specific functions to pseries/iommu.c (bsc#1220711 ltc#205755).
- powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755).
- powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
- powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW (bsc#1218470 ltc#204531).
- powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825).
- pps: add an error check in parport_attach (git-fixes).
- pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- printk: Add is_printk_legacy_deferred() (bsc#1236733).
- printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
- proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git-fixes).
- pwm: stm32-lp: Add check for clk_enable() (git-fixes).
- pwm: stm32: Add check for clk_enable() (git-fixes).
- quota: Fix rcu annotations of inode dquot pointers (bsc#1234197).
- quota: explicitly forbid quota files from being encrypted (bsc#1234196).
- quota: flush quota_release_work upon quota writeback (bsc#1234195).
- quota: simplify drop_dquot_ref() (bsc#1234197).
- rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
- rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
- rcu: Dump memory object info if callback function is invalid (git-fixes)
- rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
- rcuscale: Move rcu_scale_writer() (git-fixes)
- rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
- readahead: use ilog2 instead of a while loop in page_cache_ra_order() (bsc#1234208).
- regmap: Use correct format specifier for logging range errors (stable-fixes).
- regulator: core: Add missing newline character (git-fixes).
- regulator: of: Implement the unwind path of of_regulator_match() (git-fixes).
- regulator: rk808: Add apply_bit for BUCK3 on RK809 (stable-fixes).
- remoteproc: core: Fix ida_free call while not allocated (git-fixes).
- rtc: cmos: avoid taking rtc_lock for extended period of time (stable-fixes).
- rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
- rtc: zynqmp: Fix optional clock name property (git-fixes).
- s390/cio: Do not unregister the subchannel based on DNV (git-fixes).
- s390/cpum_sf: Convert to cmpxchg128() (bsc#1220773).
- s390/cpum_sf: Handle CPU hotplug remove during sampling (git-fixes).
- s390/cpum_sf: Remove WARN_ON_ONCE statements (git-fixes).
- s390/facility: Disable compile time optimization for decompressor code (git-fixes).
- s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (git-fixes).
- s390/pageattr: Implement missing kernel_page_present() (git-fixes).
- s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
- samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
- scatterlist: fix incorrect func name in kernel-doc (git-fixes).
- sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat (bsc#1235865).
- sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi (bsc#1235865).
- sched/numa: fix memory leak due to the overwritten vma->numab_state (git fixes (sched/numa)).
- scsi: lpfc: Add handling for LS_RJT reason explanation authentication required (bsc#1235409).
- scsi: lpfc: Add support for large fw object application layer reads (bsc#1235409).
- scsi: lpfc: Change lpfc_nodelist save_flags member into a bitmask (bsc#1235409).
- scsi: lpfc: Copyright updates for 14.4.0.7 patches (bsc#1235409).
- scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (bsc#1235409).
- scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (bsc#1235409).
- scsi: lpfc: Redefine incorrect type in lpfc_create_device_data() (bsc#1235409).
- scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters only (bsc#1235409).
- scsi: lpfc: Update definition of firmware configuration mbox cmds (bsc#1235409).
- scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409).
- scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406).
- scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406).
- scsi: qla2xxx: Fix use after free on unload (bsc#1235406).
- scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (bsc#1235406).
- scsi: qla2xxx: Remove the unused 'del_list_entry' field in struct fc_port (bsc#1235406).
- scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (bsc#1235406).
- scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406).
- scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes).
- scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-fixes).
- seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
- selftest: media_tests: fix trivial UAF typo (git-fixes).
- selftests/alsa: Fix circular dependency involving global-timer (stable-fixes).
- selftests/bpf: Test PROBE_MEM of VSYSCALL_ADDR on x86-64 (git-fixes).
- selftests/landlock: Fix error message (git-fixes).
- selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
- selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
- selftests: harness: fix printing of mismatch values in __EXPECT() (git-fixes).
- selftests: mptcp: avoid spurious errors on disconnect (git-fixes).
- selftests: tc-testing: reduce rshift value (stable-fixes).
- selftests: timers: clocksource-switch: Adapt progress to kselftest framework (git-fixes).
- selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
- serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
- serial: 8250_dw: Add Sophgo SG2044 quirk (stable-fixes).
- serial: 8250_dw: Do not use struct dw8250_data outside of 8250_dw (git-fixes).
- serial: 8250_dw: Replace ACPI device check by a quirk (git-fixes).
- serial: 8250_fintek: Add support for F81216E (stable-fixes).
- serial: Do not hold the port lock when setting rx-during-tx GPIO (git-fixes).
- serial: amba-pl011: Fix RX stall when DMA is used (git-fixes).
- serial: amba-pl011: Use port lock wrappers (stable-fixes).
- serial: amba-pl011: fix build regression (git-fixes).
- serial: do not use uninitialized value in uart_poll_init() (git-fixes).
- serial: imx: only set receiver level if it is zero (git-fixes).
- serial: imx: set receiver level before starting uart (git-fixes).
- serial: qcom-geni: Do not cancel/abort if we can't get the port lock (git-fixes).
- serial: qcom-geni: disable interrupts during console writes (git-fixes).
- serial: qcom-geni: fix arg types for qcom_geni_serial_poll_bit() (git-fixes).
- serial: qcom-geni: fix console corruption (git-fixes).
- serial: qcom-geni: fix dma rx cancellation (git-fixes).
- serial: qcom-geni: fix false console tx restart (git-fixes).
- serial: qcom-geni: fix fifo polling timeout (git-fixes).
- serial: qcom-geni: fix hard lockup on buffer flush (git-fixes).
- serial: qcom-geni: fix polled console corruption (git-fixes).
- serial: qcom-geni: fix polled console initialisation (git-fixes).
- serial: qcom-geni: fix receiver enable (git-fixes).
- serial: qcom-geni: fix shutdown race (git-fixes).
- serial: qcom-geni: fix soft lockup on sw flow control and suspend (git-fixes).
- serial: qcom-geni: introduce qcom_geni_serial_poll_bitfield() (git-fixes).
- serial: qcom-geni: revert broken hibernation support (git-fixes).
- serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (git-fixes).
- serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
- serial: stm32: Return IRQ_NONE in the ISR if no handling happend (git-fixes).
- serial: stm32: do not always set SER_RS485_RX_DURING_TX if RS485 is enabled (git-fixes).
- series.conf: temporarily disable upstream patch patches.suse/ocfs2-fix-UBSAN-warning-in-ocfs2_verify_volume.patch (bsc#1236138)
- slub: Replace cmpxchg_double() (bsc#1220773).
- slub: Replace cmpxchg_double() - KABI fix (bsc#1220773).
- smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: fix issue described in bsc#1233642]
- soc/fsl: cpm: qmc: Convert to platform remove callback returning void (stable-fixes).
- soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
- soc: fsl: cpm1: qmc: Fix blank line and spaces (stable-fixes).
- soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its CPM1 version (stable-fixes).
- soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their CPM1 version (stable-fixes).
- soc: fsl: cpm1: qmc: Re-order probe() operations (stable-fixes).
- soc: fsl: cpm1: qmc: Set the ret error code on platform_get_irq() failure (git-fixes).
- soc: imx8m: Probe the SoC driver as platform driver (stable-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
- soc: qcom: Add check devm_kasprintf() returned value (stable-fixes).
- soc: qcom: geni-se: Add M_TX_FIFO_NOT_EMPTY bit definition (git-fixes).
- soc: qcom: geni-se: add GP_LENGTH/IRQ_EN_SET/IRQ_EN_CLEAR registers (git-fixes).
- soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
- soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
- soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (git-fixes).
- sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
- sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes).
- spi: aspeed: Fix an error handling path in aspeed_spi_[read|write]_user() (git-fixes).
- spi: zynq-qspi: Add check for clk_enable() (git-fixes).
- srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
- srcu: Only accelerate on enqueue time (git-fixes)
- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
- staging: iio: ad9832: Correct phase range check (git-fixes).
- staging: iio: ad9834: Correct phase range check (git-fixes).
- staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-fixes).
- staging: media: max96712: fix kernel oops when removing module (git-fixes).
- sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (git-fixes).
- sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (git-fixes).
- sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() (git-fixes).
- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8645)
- svcrdma: Address an integer overflow (git-fixes).
- svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git-fixes).
- swiotlb: Enforce page alignment in swiotlb_alloc() (git-fixes).
- swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE (git-fixes).
- thermal/drivers/qcom/tsens-v1: Add support for MSM8937 tsens (stable-fixes).
- thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes).
- thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
- thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes).
- tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
- tools: Sync if_xdp.h uapi tooling header (git-fixes).
- tools: hv: change permissions of NetworkManager configuration file (git-fixes).
- tpm/eventlog: Limit memory allocations for event logs with excessive size (bsc#1233260 bsc#1233259 bsc#1232421).
- tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421).
- tpm_tis_spi: Release chip select when flow control fails (bsc#1234338)
- tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes).
- tty: serial: kgdboc: Fix 8250_* kgdb over serial (git-fixes).
- types: Introduce [us]128 (bsc#1220773).
- ubifs: Correct the total block count by deducting journal reservation (git-fixes).
- ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git-fixes).
- ubifs: skip dumping tnc tree when zroot is null (git-fixes).
- udf: Fix lock ordering in udf_evict_inode() (bsc#1234238).
- udf: fix uninit-value use in udf_get_fileshortad (bsc#1234243).
- udf: prevent integer overflow in udf_bitmap_free_blocks() (bsc#1234239).
- udf: refactor inode_bmap() to handle error (bsc#1234242).
- udf: refactor udf_current_aext() to handle error (bsc#1234240).
- udf: refactor udf_next_aext() to handle error (bsc#1234241).
- udf: udftime: prevent overflow in udf_disk_stamp_to_time() (bsc#1234237).
- uio: Fix return value of poll (git-fixes).
- uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-fixes).
- usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
- usb: add support for new USB device ID 0x17EF:0x3098 for the r8152 driver (stable-fixes).
- usb: cdns3-ti: Add workaround for Errata i2409 (stable-fixes).
- usb: cdns3: Add quirk flag to enable suspend residency (stable-fixes).
- usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes).
- usb: chipidea: udc: handle USB Error Interrupt if IOC not set (stable-fixes).
- usb: dwc2: Fix HCD port connection race (git-fixes).
- usb: dwc2: Fix HCD resume (git-fixes).
- usb: dwc2: gadget: Do not write invalid mapped sg entries into dma_desc with iommu enabled (stable-fixes).
- usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (git-fixes).
- usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
- usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
- usb: dwc3: ep0: Do not clear ep0 DWC3_EP_TRANSFER_STARTED (git-fixes).
- usb: dwc3: ep0: Do not reset resource alloc flag (git-fixes).
- usb: dwc3: ep0: Do not reset resource alloc flag (including ep0) (git-fixes).
- usb: dwc3: gadget: Rewrite endpoint allocation flow (stable-fixes).
- usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
- usb: dwc3: xilinx: make sure pipe clock is deselected in usb2 only mode (git-fixes).
- usb: ehci-hcd: fix call balance of clocks handling routines (git-fixes).
- usb: fix reference leak in usb_new_device() (git-fixes).
- usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes).
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes).
- usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
- usb: gadget: f_tcm: Do not free command immediately (git-fixes).
- usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
- usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
- usb: gadget: f_tcm: Translate error to sense (git-fixes).
- usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes).
- usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes).
- usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (git-fixes).
- usb: host: max3421-hcd: Correctly abort a USB request (git-fixes).
- usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
- usb: typec: anx7411: fix OF node reference leaks in anx7411_typec_switch_probe() (git-fixes).
- usb: typec: anx7411: fix fwnode_handle reference leak (git-fixes).
- usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (bsc#1235001)
- usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes).
- usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (git-fixes).
- usb: typec: use cleanup facility for 'altmodes_node' (stable-fixes).
- usbnet: ipheth: break up NCM header size computation (git-fixes).
- usbnet: ipheth: check that DPE points past NCM header (git-fixes).
- usbnet: ipheth: fix DPE OoB read (git-fixes).
- usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
- usbnet: ipheth: refactor NCM datagram loop (git-fixes).
- usbnet: ipheth: use static NDP16 location in URB (git-fixes).
- vDPA/ifcvf: Fix pci_read_config_byte() return code handling (git-fixes).
- vdpa/mlx5: Fix PA offset with unaligned starting iotlb map (git-fixes).
- vdpa/mlx5: Fix suboptimal range on iotlb iteration (git-fixes).
- vdpa: solidrun: Fix UB bug with devres (git-fixes).
- vfs: fix readahead(2) on block devices (bsc#1234201).
- vmscan,migrate: fix page count imbalance on node stats when demoting pages (git-fixes).
- watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes).
- watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset (stable-fixes).
- watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes).
- wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855 (git-fixes).
- wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
- wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-fixes).
- wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
- wifi: ath5k: add PCI ID for Arcadyan devices (git-fixes).
- wifi: ath5k: add PCI ID for SX76X (git-fixes).
- wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (stable-fixes).
- wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
- wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
- wifi: cfg80211: sme: init n_channels before channels[] access (git-fixes).
- wifi: cw1200: Fix potential NULL dereference (git-fixes).
- wifi: ipw2x00: libipw_rx_any(): fix bad alignment (stable-fixes).
- wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
- wifi: iwlwifi: mvm: Use the sync timepoint API in suspend (stable-fixes).
- wifi: mac80211: Add non-atomic station iterator (stable-fixes).
- wifi: mac80211: Fix common size calculation for ML element (git-fixes).
- wifi: mac80211: clean up 'ret' in sta_link_apply_parameters() (stable-fixes).
- wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
- wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable-fixes).
- wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes).
- wifi: mac80211: fix station NSS capability initialization order (git-fixes).
- wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
- wifi: mac80211: init cnt before accessing elem in ieee80211_copy_mbssid_beacon (git-fixes).
- wifi: mac80211: prohibit deactivating all links (git-fixes).
- wifi: mac80211: wake the queues in case of failure in resume (stable-fixes).
- wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO (git-fixes).
- wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
- wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916 (git-fixes).
- wifi: mt76: mt7915: firmware restart on devices with a second pcie link (git-fixes).
- wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-fixes).
- wifi: mt76: mt7915: fix register mapping (git-fixes).
- wifi: mt76: mt7921: fix using incorrect group cipher after disconnection (git-fixes).
- wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
- wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
- wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
- wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
- wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
- wifi: mt76: mt7996: fix ldpc setting (git-fixes).
- wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-fixes).
- wifi: mt76: mt7996: fix register mapping (git-fixes).
- wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-fixes).
- wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-fixes).
- wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one (git-fixes).
- wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures (stable-fixes).
- wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
- wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
- wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
- wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-fixes).
- wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-fixes).
- wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
- wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (git-fixes).
- wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
- wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop (git-fixes).
- wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
- wifi: rtlwifi: wait for firmware loading before releasing memory (git-fixes).
- wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes).
- wifi: rtw89: check return value of ieee80211_probereq_get() for RNR (stable-fixes).
- wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
- wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
- wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
- workqueue: Add rcu lock check at the end of work item execution (bsc#1236732).
- workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker (bsc#1235416).
- writeback, cgroup: switch inodes with dirty timestamps to release dying cgwbs (bsc#1234203).
- x86,amd_iommu: Replace cmpxchg_double() (bsc#1220773).
- x86,intel_iommu: Replace cmpxchg_double() (bsc#1220773).
- x86/hyperv: Fix hv tsc page based sched_clock for hibernation (git-fixes).
- x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes).
- xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
- xfs: Propagate errors from xfs_reflink_cancel_cow_range in xfs_dax_write_iomap_end (git-fixes).
- xfs: do not allocate COW extents when unsharing a hole (git-fixes).
- xfs: fix sb_spino_align checks for large fsblock sizes (git-fixes).
- xfs: remove unknown compat feature check in superblock write validation (git-fixes).
- xfs: return from xfs_symlink_verify early on V4 filesystems (git-fixes).
- xfs: sb_spino_align is not verified (git-fixes).
- xhci: Add usb cold attach (CAS) as a reason to resume root hub (git-fixes).
- xhci: Allow RPM on the USB controller (1022:43f7) by default (stable-fixes).
- xhci: fix possible null pointer deref during xhci urb enqueue (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1065729SUSE bug 1181674SUSE bug 1194869SUSE bug 1207948SUSE bug 1214954SUSE bug 1215199SUSE bug 1216702SUSE bug 1216813SUSE bug 1218470SUSE bug 1219170SUSE bug 1219596SUSE bug 1220021SUSE bug 1220328SUSE bug 1220430SUSE bug 1220711SUSE bug 1220773SUSE bug 1221044SUSE bug 1221303SUSE bug 1221858SUSE bug 1222426SUSE bug 1222608SUSE bug 1222721SUSE bug 1222775SUSE bug 1222780SUSE bug 1223020SUSE bug 1223023SUSE bug 1223024SUSE bug 1223038SUSE bug 1223039SUSE bug 1223041SUSE bug 1223046SUSE bug 1223051SUSE bug 1223052SUSE bug 1223058SUSE bug 1223061SUSE bug 1223076SUSE bug 1223113SUSE bug 1223187SUSE bug 1223285SUSE bug 1223315SUSE bug 1223591SUSE bug 1223592SUSE bug 1223633SUSE bug 1223637SUSE bug 1223641SUSE bug 1223649SUSE bug 1223650SUSE bug 1223651SUSE bug 1223652SUSE bug 1223654SUSE bug 1223660SUSE bug 1223661SUSE bug 1223665SUSE bug 1223666SUSE bug 1223671SUSE bug 1223675SUSE bug 1223677SUSE bug 1223678SUSE bug 1223696SUSE bug 1223698SUSE bug 1223705SUSE bug 1223712SUSE bug 1223718SUSE bug 1223728SUSE bug 1223739SUSE bug 1223741SUSE bug 1223744SUSE bug 1223747SUSE bug 1223748SUSE bug 1223750SUSE bug 1223752SUSE bug 1223754SUSE bug 1223757SUSE bug 1223759SUSE bug 1223761SUSE bug 1223762SUSE bug 1223782SUSE bug 1223787SUSE bug 1223788SUSE bug 1223789SUSE bug 1223790SUSE bug 1223802SUSE bug 1223805SUSE bug 1223827SUSE bug 1223831SUSE bug 1223834SUSE bug 1223869SUSE bug 1223874SUSE bug 1224095SUSE bug 1224174SUSE bug 1224177SUSE bug 1224180SUSE bug 1224423SUSE bug 1224432SUSE bug 1224433SUSE bug 1224437SUSE bug 1224438SUSE bug 1224443SUSE bug 1224445SUSE bug 1224449SUSE bug 1224479SUSE bug 1224480SUSE bug 1224482SUSE bug 1224486SUSE bug 1224487SUSE bug 1224491SUSE bug 1224492SUSE bug 1224494SUSE bug 1224495SUSE bug 1224500SUSE bug 1224501SUSE bug 1224504SUSE bug 1224505SUSE bug 1224506SUSE bug 1224507SUSE bug 1224508SUSE bug 1224509SUSE bug 1224513SUSE bug 1224517SUSE bug 1224519SUSE bug 1224521SUSE bug 1224524SUSE bug 1224526SUSE bug 1224537SUSE bug 1224542SUSE bug 1224546SUSE bug 1224552SUSE bug 1224555SUSE bug 1224557SUSE bug 1224558SUSE bug 1224559SUSE bug 1224562SUSE bug 1224566SUSE bug 1224567SUSE bug 1224568SUSE bug 1224569SUSE bug 1224571SUSE bug 1224573SUSE bug 1224576SUSE bug 1224577SUSE bug 1224578SUSE bug 1224579SUSE bug 1224582SUSE bug 1224585SUSE bug 1224586SUSE bug 1224587SUSE bug 1224588SUSE bug 1224592SUSE bug 1224596SUSE bug 1224598SUSE bug 1224600SUSE bug 1224601SUSE bug 1224603SUSE bug 1224605SUSE bug 1224607SUSE bug 1224609SUSE bug 1224611SUSE bug 1224613SUSE bug 1224615SUSE bug 1224617SUSE bug 1224618SUSE bug 1224620SUSE bug 1224622SUSE bug 1224623SUSE bug 1224624SUSE bug 1224626SUSE bug 1224627SUSE bug 1224629SUSE bug 1224630SUSE bug 1224632SUSE bug 1224633SUSE bug 1224634SUSE bug 1224637SUSE bug 1224639SUSE bug 1224640SUSE bug 1224643SUSE bug 1224644SUSE bug 1224646SUSE bug 1224647SUSE bug 1224650SUSE bug 1224651SUSE bug 1224653SUSE bug 1224654SUSE bug 1224657SUSE bug 1224660SUSE bug 1224663SUSE bug 1224665SUSE bug 1224666SUSE bug 1224671SUSE bug 1224675SUSE bug 1224676SUSE bug 1224677SUSE bug 1224680SUSE bug 1224681SUSE bug 1224682SUSE bug 1224683SUSE bug 1224685SUSE bug 1224686SUSE bug 1224687SUSE bug 1224688SUSE bug 1224692SUSE bug 1224696SUSE bug 1224697SUSE bug 1224699SUSE bug 1224701SUSE bug 1224703SUSE bug 1224704SUSE bug 1224705SUSE bug 1224706SUSE bug 1224707SUSE bug 1224709SUSE bug 1224710SUSE bug 1224712SUSE bug 1224714SUSE bug 1224716SUSE bug 1224717SUSE bug 1224719SUSE bug 1224722SUSE bug 1224723SUSE bug 1224726SUSE bug 1224728SUSE bug 1224729SUSE bug 1224730SUSE bug 1224731SUSE bug 1224732SUSE bug 1224733SUSE bug 1224736SUSE bug 1224738SUSE bug 1224739SUSE bug 1224740SUSE bug 1224741SUSE bug 1224747SUSE bug 1224749SUSE bug 1224803SUSE bug 1224804SUSE bug 1225502SUSE bug 1225579SUSE bug 1225593SUSE bug 1225692SUSE bug 1225694SUSE bug 1225695SUSE bug 1225698SUSE bug 1225699SUSE bug 1225704SUSE bug 1225705SUSE bug 1225708SUSE bug 1225710SUSE bug 1225715SUSE bug 1225720SUSE bug 1225722SUSE bug 1225728SUSE bug 1225734SUSE bug 1225735SUSE bug 1225736SUSE bug 1225743SUSE bug 1225747SUSE bug 1225748SUSE bug 1225749SUSE bug 1225750SUSE bug 1225769SUSE bug 1225775SUSE bug 1225820SUSE bug 1225897SUSE bug 1226980SUSE bug 1227445SUSE bug 1228526SUSE bug 1228592SUSE bug 1229025SUSE bug 1229809SUSE bug 1229833SUSE bug 1230205SUSE bug 1230697SUSE bug 1231016SUSE bug 1231854SUSE bug 1231909SUSE bug 1231963SUSE bug 1232087SUSE bug 1232101SUSE bug 1232158SUSE bug 1232161SUSE bug 1232193SUSE bug 1232198SUSE bug 1232201SUSE bug 1232418SUSE bug 1232419SUSE bug 1232420SUSE bug 1232421SUSE bug 1232436SUSE bug 1232882SUSE bug 1233038SUSE bug 1233055SUSE bug 1233070SUSE bug 1233096SUSE bug 1233112SUSE bug 1233200SUSE bug 1233204SUSE bug 1233239SUSE bug 1233259SUSE bug 1233260SUSE bug 1233324SUSE bug 1233328SUSE bug 1233461SUSE bug 1233467SUSE bug 1233469SUSE bug 1233488SUSE bug 1233546SUSE bug 1233558SUSE bug 1233637SUSE bug 1233638SUSE bug 1233642SUSE bug 1233772SUSE bug 1233778SUSE bug 1233837SUSE bug 1234024SUSE bug 1234069SUSE bug 1234071SUSE bug 1234073SUSE bug 1234075SUSE bug 1234076SUSE bug 1234077SUSE bug 1234079SUSE bug 1234086SUSE bug 1234139SUSE bug 1234140SUSE bug 1234141SUSE bug 1234142SUSE bug 1234143SUSE bug 1234144SUSE bug 1234145SUSE bug 1234146SUSE bug 1234147SUSE bug 1234148SUSE bug 1234149SUSE bug 1234150SUSE bug 1234153SUSE bug 1234155SUSE bug 1234156SUSE bug 1234158SUSE bug 1234159SUSE bug 1234160SUSE bug 1234161SUSE bug 1234162SUSE bug 1234163SUSE bug 1234164SUSE bug 1234165SUSE bug 1234166SUSE bug 1234167SUSE bug 1234168SUSE bug 1234169SUSE bug 1234170SUSE bug 1234171SUSE bug 1234172SUSE bug 1234173SUSE bug 1234174SUSE bug 1234175SUSE bug 1234176SUSE bug 1234177SUSE bug 1234178SUSE bug 1234179SUSE bug 1234180SUSE bug 1234181SUSE bug 1234182SUSE bug 1234183SUSE bug 1234184SUSE bug 1234185SUSE bug 1234186SUSE bug 1234187SUSE bug 1234188SUSE bug 1234189SUSE bug 1234190SUSE bug 1234191SUSE bug 1234192SUSE bug 1234193SUSE bug 1234194SUSE bug 1234195SUSE bug 1234196SUSE bug 1234197SUSE bug 1234198SUSE bug 1234199SUSE bug 1234200SUSE bug 1234201SUSE bug 1234203SUSE bug 1234204SUSE bug 1234205SUSE bug 1234207SUSE bug 1234208SUSE bug 1234209SUSE bug 1234219SUSE bug 1234220SUSE bug 1234221SUSE bug 1234237SUSE bug 1234238SUSE bug 1234239SUSE bug 1234240SUSE bug 1234241SUSE bug 1234242SUSE bug 1234243SUSE bug 1234278SUSE bug 1234279SUSE bug 1234280SUSE bug 1234281SUSE bug 1234282SUSE bug 1234294SUSE bug 1234338SUSE bug 1234357SUSE bug 1234381SUSE bug 1234454SUSE bug 1234464SUSE bug 1234605SUSE bug 1234619SUSE bug 1234635SUSE bug 1234651SUSE bug 1234652SUSE bug 1234654SUSE bug 1234655SUSE bug 1234657SUSE bug 1234658SUSE bug 1234659SUSE bug 1234668SUSE bug 1234683SUSE bug 1234690SUSE bug 1234693SUSE bug 1234725SUSE bug 1234726SUSE bug 1234810SUSE bug 1234811SUSE bug 1234825SUSE bug 1234826SUSE bug 1234827SUSE bug 1234829SUSE bug 1234832SUSE bug 1234834SUSE bug 1234843SUSE bug 1234846SUSE bug 1234848SUSE bug 1234853SUSE bug 1234855SUSE bug 1234856SUSE bug 1234863SUSE bug 1234884SUSE bug 1234887SUSE bug 1234888SUSE bug 1234889SUSE bug 1234891SUSE bug 1234893SUSE bug 1234898SUSE bug 1234899SUSE bug 1234900SUSE bug 1234901SUSE bug 1234905SUSE bug 1234906SUSE bug 1234907SUSE bug 1234909SUSE bug 1234911SUSE bug 1234912SUSE bug 1234916SUSE bug 1234918SUSE bug 1234920SUSE bug 1234921SUSE bug 1234922SUSE bug 1234923SUSE bug 1234929SUSE bug 1234930SUSE bug 1234931SUSE bug 1234934SUSE bug 1234937SUSE bug 1234947SUSE bug 1234948SUSE bug 1234950SUSE bug 1234952SUSE bug 1234957SUSE bug 1234960SUSE bug 1234962SUSE bug 1234963SUSE bug 1234968SUSE bug 1234969SUSE bug 1234970SUSE bug 1234971SUSE bug 1234973SUSE bug 1234974SUSE bug 1234989SUSE bug 1234999SUSE bug 1235000SUSE bug 1235001SUSE bug 1235002SUSE bug 1235003SUSE bug 1235004SUSE bug 1235007SUSE bug 1235009SUSE bug 1235011SUSE bug 1235016SUSE bug 1235019SUSE bug 1235031SUSE bug 1235032SUSE bug 1235033SUSE bug 1235035SUSE bug 1235037SUSE bug 1235038SUSE bug 1235039SUSE bug 1235040SUSE bug 1235042SUSE bug 1235043SUSE bug 1235045SUSE bug 1235046SUSE bug 1235050SUSE bug 1235051SUSE bug 1235053SUSE bug 1235054SUSE bug 1235056SUSE bug 1235057SUSE bug 1235059SUSE bug 1235061SUSE bug 1235065SUSE bug 1235070SUSE bug 1235073SUSE bug 1235075SUSE bug 1235100SUSE bug 1235108SUSE bug 1235112SUSE bug 1235115SUSE bug 1235117SUSE bug 1235122SUSE bug 1235123SUSE bug 1235125SUSE bug 1235128SUSE bug 1235132SUSE bug 1235133SUSE bug 1235134SUSE bug 1235138SUSE bug 1235155SUSE bug 1235160SUSE bug 1235217SUSE bug 1235219SUSE bug 1235220SUSE bug 1235222SUSE bug 1235223SUSE bug 1235224SUSE bug 1235227SUSE bug 1235230SUSE bug 1235241SUSE bug 1235246SUSE bug 1235249SUSE bug 1235251SUSE bug 1235252SUSE bug 1235389SUSE bug 1235390SUSE bug 1235391SUSE bug 1235406SUSE bug 1235409SUSE bug 1235410SUSE bug 1235412SUSE bug 1235413SUSE bug 1235415SUSE bug 1235416SUSE bug 1235417SUSE bug 1235418SUSE bug 1235423SUSE bug 1235424SUSE bug 1235425SUSE bug 1235426SUSE bug 1235427SUSE bug 1235428SUSE bug 1235429SUSE bug 1235430SUSE bug 1235433SUSE bug 1235437SUSE bug 1235439SUSE bug 1235444SUSE bug 1235445SUSE bug 1235449SUSE bug 1235451SUSE bug 1235454SUSE bug 1235458SUSE bug 1235459SUSE bug 1235464SUSE bug 1235466SUSE bug 1235473SUSE bug 1235479SUSE bug 1235480SUSE bug 1235483SUSE bug 1235486SUSE bug 1235487SUSE bug 1235488SUSE bug 1235489SUSE bug 1235491SUSE bug 1235494SUSE bug 1235495SUSE bug 1235496SUSE bug 1235497SUSE bug 1235498SUSE bug 1235500SUSE bug 1235502SUSE bug 1235503SUSE bug 1235507SUSE bug 1235519SUSE bug 1235520SUSE bug 1235521SUSE bug 1235523SUSE bug 1235526SUSE bug 1235528SUSE bug 1235532SUSE bug 1235533SUSE bug 1235534SUSE bug 1235537SUSE bug 1235538SUSE bug 1235545SUSE bug 1235550SUSE bug 1235552SUSE bug 1235555SUSE bug 1235557SUSE bug 1235563SUSE bug 1235564SUSE bug 1235565SUSE bug 1235568SUSE bug 1235570SUSE bug 1235571SUSE bug 1235577SUSE bug 1235578SUSE bug 1235582SUSE bug 1235583SUSE bug 1235584SUSE bug 1235587SUSE bug 1235611SUSE bug 1235612SUSE bug 1235616SUSE bug 1235622SUSE bug 1235627SUSE bug 1235632SUSE bug 1235635SUSE bug 1235638SUSE bug 1235641SUSE bug 1235643SUSE bug 1235645SUSE bug 1235646SUSE bug 1235647SUSE bug 1235650SUSE bug 1235653SUSE bug 1235656SUSE bug 1235657SUSE bug 1235663SUSE bug 1235686SUSE bug 1235700SUSE bug 1235705SUSE bug 1235707SUSE bug 1235708SUSE bug 1235710SUSE bug 1235714SUSE bug 1235716SUSE bug 1235720SUSE bug 1235723SUSE bug 1235727SUSE bug 1235730SUSE bug 1235737SUSE bug 1235739SUSE bug 1235745SUSE bug 1235747SUSE bug 1235750SUSE bug 1235753SUSE bug 1235759SUSE bug 1235764SUSE bug 1235768SUSE bug 1235776SUSE bug 1235777SUSE bug 1235778SUSE bug 1235779SUSE bug 1235793SUSE bug 1235798SUSE bug 1235806SUSE bug 1235808SUSE bug 1235812SUSE bug 1235814SUSE bug 1235818SUSE bug 1235842SUSE bug 1235865SUSE bug 1235894SUSE bug 1235902SUSE bug 1235903SUSE bug 1235906SUSE bug 1235918SUSE bug 1235919SUSE bug 1235920SUSE bug 1235924SUSE bug 1235940SUSE bug 1235941SUSE bug 1235946SUSE bug 1235948SUSE bug 1235952SUSE bug 1235964SUSE bug 1235965SUSE bug 1235967SUSE bug 1235969SUSE bug 1235976SUSE bug 1235977SUSE bug 1236078SUSE bug 1236080SUSE bug 1236082SUSE bug 1236088SUSE bug 1236090SUSE bug 1236091SUSE bug 1236096SUSE bug 1236097SUSE bug 1236098SUSE bug 1236101SUSE bug 1236102SUSE bug 1236104SUSE bug 1236106SUSE bug 1236120SUSE bug 1236125SUSE bug 1236127SUSE bug 1236131SUSE bug 1236138SUSE bug 1236143SUSE bug 1236144SUSE bug 1236145SUSE bug 1236160SUSE bug 1236161SUSE bug 1236163SUSE bug 1236168SUSE bug 1236178SUSE bug 1236180SUSE bug 1236181SUSE bug 1236182SUSE bug 1236190SUSE bug 1236192SUSE bug 1236198SUSE bug 1236227SUSE bug 1236245SUSE bug 1236247SUSE bug 1236248SUSE bug 1236260SUSE bug 1236262SUSE bug 1236628SUSE bug 1236688SUSE bug 1236696SUSE bug 1236703SUSE bug 1236732SUSE bug 1236733CVE-2023-47233 at SUSECVE-2023-47233 at NVDCVE-2023-52463 at SUSECVE-2023-52463 at NVDCVE-2023-52472 at SUSECVE-2023-52472 at NVDCVE-2023-52591 at SUSECVE-2023-52591 at NVDCVE-2023-52653 at SUSECVE-2023-52653 at NVDCVE-2023-52657 at SUSECVE-2023-52657 at NVDCVE-2023-52658 at SUSECVE-2023-52658 at NVDCVE-2023-52660 at SUSECVE-2023-52660 at NVDCVE-2023-52661 at SUSECVE-2023-52661 at NVDCVE-2023-52662 at SUSECVE-2023-52662 at NVDCVE-2023-52663 at SUSECVE-2023-52663 at NVDCVE-2023-52664 at SUSECVE-2023-52664 at NVDCVE-2023-52667 at SUSECVE-2023-52667 at NVDCVE-2023-52669 at SUSECVE-2023-52669 at NVDCVE-2023-52670 at SUSECVE-2023-52670 at NVDCVE-2023-52671 at SUSECVE-2023-52671 at NVDCVE-2023-52673 at SUSECVE-2023-52673 at NVDCVE-2023-52675 at SUSECVE-2023-52675 at NVDCVE-2023-52676 at SUSECVE-2023-52676 at NVDCVE-2023-52678 at SUSECVE-2023-52678 at NVDCVE-2023-52679 at SUSECVE-2023-52679 at NVDCVE-2023-52681 at SUSECVE-2023-52681 at NVDCVE-2023-52683 at SUSECVE-2023-52683 at NVDCVE-2023-52685 at SUSECVE-2023-52685 at NVDCVE-2023-52686 at SUSECVE-2023-52686 at NVDCVE-2023-52687 at SUSECVE-2023-52687 at NVDCVE-2023-52690 at SUSECVE-2023-52690 at NVDCVE-2023-52691 at SUSECVE-2023-52691 at NVDCVE-2023-52693 at SUSECVE-2023-52693 at NVDCVE-2023-52694 at SUSECVE-2023-52694 at NVDCVE-2023-52695 at SUSECVE-2023-52695 at NVDCVE-2023-52696 at SUSECVE-2023-52696 at NVDCVE-2023-52697 at SUSECVE-2023-52697 at NVDCVE-2023-52882 at SUSECVE-2023-52882 at NVDCVE-2023-52923 at SUSECVE-2023-52923 at NVDCVE-2024-22099 at SUSECVE-2024-22099 at NVDCVE-2024-26611 at SUSECVE-2024-26611 at NVDCVE-2024-26742 at SUSECVE-2024-26742 at NVDCVE-2024-26761 at SUSECVE-2024-26761 at NVDCVE-2024-26764 at SUSECVE-2024-26764 at NVDCVE-2024-26786 at SUSECVE-2024-26786 at NVDCVE-2024-26794 at SUSECVE-2024-26794 at NVDCVE-2024-26846 at SUSECVE-2024-26846 at NVDCVE-2024-26853 at SUSECVE-2024-26853 at NVDCVE-2024-26854 at SUSECVE-2024-26854 at NVDCVE-2024-26855 at SUSECVE-2024-26855 at NVDCVE-2024-26856 at SUSECVE-2024-26856 at NVDCVE-2024-26857 at SUSECVE-2024-26857 at NVDCVE-2024-26858 at SUSECVE-2024-26858 at NVDCVE-2024-26861 at SUSECVE-2024-26861 at NVDCVE-2024-26866 at SUSECVE-2024-26866 at NVDCVE-2024-26868 at SUSECVE-2024-26868 at NVDCVE-2024-26870 at SUSECVE-2024-26870 at NVDCVE-2024-26881 at SUSECVE-2024-26881 at NVDCVE-2024-26900 at SUSECVE-2024-26900 at NVDCVE-2024-26903 at SUSECVE-2024-26903 at NVDCVE-2024-26922 at SUSECVE-2024-26922 at NVDCVE-2024-26924 at SUSECVE-2024-26924 at NVDCVE-2024-26932 at SUSECVE-2024-26932 at NVDCVE-2024-26934 at SUSECVE-2024-26934 at NVDCVE-2024-26935 at SUSECVE-2024-26935 at NVDCVE-2024-26937 at SUSECVE-2024-26937 at NVDCVE-2024-26938 at SUSECVE-2024-26938 at NVDCVE-2024-26940 at SUSECVE-2024-26940 at NVDCVE-2024-26943 at SUSECVE-2024-26943 at NVDCVE-2024-26949 at SUSECVE-2024-26949 at NVDCVE-2024-26950 at SUSECVE-2024-26950 at NVDCVE-2024-26951 at SUSECVE-2024-26951 at NVDCVE-2024-26957 at SUSECVE-2024-26957 at NVDCVE-2024-26961 at SUSECVE-2024-26961 at NVDCVE-2024-26962 at SUSECVE-2024-26962 at NVDCVE-2024-26963 at SUSECVE-2024-26963 at NVDCVE-2024-26964 at SUSECVE-2024-26964 at NVDCVE-2024-26973 at SUSECVE-2024-26973 at NVDCVE-2024-26983 at SUSECVE-2024-26983 at NVDCVE-2024-26984 at SUSECVE-2024-26984 at NVDCVE-2024-26986 at SUSECVE-2024-26986 at NVDCVE-2024-26988 at SUSECVE-2024-26988 at NVDCVE-2024-26989 at SUSECVE-2024-26989 at NVDCVE-2024-26994 at SUSECVE-2024-26994 at NVDCVE-2024-26995 at SUSECVE-2024-26995 at NVDCVE-2024-26996 at SUSECVE-2024-26996 at NVDCVE-2024-26997 at SUSECVE-2024-26997 at NVDCVE-2024-26999 at SUSECVE-2024-26999 at NVDCVE-2024-27000 at SUSECVE-2024-27000 at NVDCVE-2024-27001 at SUSECVE-2024-27001 at NVDCVE-2024-27002 at SUSECVE-2024-27002 at NVDCVE-2024-27003 at SUSECVE-2024-27003 at NVDCVE-2024-27004 at SUSECVE-2024-27004 at NVDCVE-2024-27008 at SUSECVE-2024-27008 at NVDCVE-2024-27027 at SUSECVE-2024-27027 at NVDCVE-2024-27028 at SUSECVE-2024-27028 at NVDCVE-2024-27029 at SUSECVE-2024-27029 at NVDCVE-2024-27030 at SUSECVE-2024-27030 at NVDCVE-2024-27031 at SUSECVE-2024-27031 at NVDCVE-2024-27046 at SUSECVE-2024-27046 at NVDCVE-2024-27057 at SUSECVE-2024-27057 at NVDCVE-2024-27062 at SUSECVE-2024-27062 at NVDCVE-2024-27067 at SUSECVE-2024-27067 at NVDCVE-2024-27080 at SUSECVE-2024-27080 at NVDCVE-2024-27388 at SUSECVE-2024-27388 at NVDCVE-2024-27389 at SUSECVE-2024-27389 at NVDCVE-2024-27397 at SUSECVE-2024-27397 at NVDCVE-2024-27398 at SUSECVE-2024-27398 at NVDCVE-2024-27399 at SUSECVE-2024-27399 at NVDCVE-2024-27400 at SUSECVE-2024-27400 at NVDCVE-2024-27405 at SUSECVE-2024-27405 at NVDCVE-2024-27410 at SUSECVE-2024-27410 at NVDCVE-2024-27411 at SUSECVE-2024-27411 at NVDCVE-2024-27412 at SUSECVE-2024-27412 at NVDCVE-2024-27413 at SUSECVE-2024-27413 at NVDCVE-2024-27416 at SUSECVE-2024-27416 at NVDCVE-2024-27432 at SUSECVE-2024-27432 at NVDCVE-2024-27434 at SUSECVE-2024-27434 at NVDCVE-2024-27435 at SUSECVE-2024-27435 at NVDCVE-2024-27436 at SUSECVE-2024-27436 at NVDCVE-2024-35784 at SUSECVE-2024-35784 at NVDCVE-2024-35786 at SUSECVE-2024-35786 at NVDCVE-2024-35788 at SUSECVE-2024-35788 at NVDCVE-2024-35789 at SUSECVE-2024-35789 at NVDCVE-2024-35790 at SUSECVE-2024-35790 at NVDCVE-2024-35794 at SUSECVE-2024-35794 at NVDCVE-2024-35795 at SUSECVE-2024-35795 at NVDCVE-2024-35796 at SUSECVE-2024-35796 at NVDCVE-2024-35799 at SUSECVE-2024-35799 at NVDCVE-2024-35800 at SUSECVE-2024-35800 at NVDCVE-2024-35801 at SUSECVE-2024-35801 at NVDCVE-2024-35806 at SUSECVE-2024-35806 at NVDCVE-2024-35808 at SUSECVE-2024-35808 at NVDCVE-2024-35809 at SUSECVE-2024-35809 at NVDCVE-2024-35810 at SUSECVE-2024-35810 at NVDCVE-2024-35811 at SUSECVE-2024-35811 at NVDCVE-2024-35812 at SUSECVE-2024-35812 at NVDCVE-2024-35813 at SUSECVE-2024-35813 at NVDCVE-2024-35815 at SUSECVE-2024-35815 at NVDCVE-2024-35817 at SUSECVE-2024-35817 at NVDCVE-2024-35819 at SUSECVE-2024-35819 at NVDCVE-2024-35821 at SUSECVE-2024-35821 at NVDCVE-2024-35822 at SUSECVE-2024-35822 at NVDCVE-2024-35823 at SUSECVE-2024-35823 at NVDCVE-2024-35824 at SUSECVE-2024-35824 at NVDCVE-2024-35825 at SUSECVE-2024-35825 at NVDCVE-2024-35828 at SUSECVE-2024-35828 at NVDCVE-2024-35829 at SUSECVE-2024-35829 at NVDCVE-2024-35830 at SUSECVE-2024-35830 at NVDCVE-2024-35833 at SUSECVE-2024-35833 at NVDCVE-2024-35834 at SUSECVE-2024-35834 at NVDCVE-2024-35835 at SUSECVE-2024-35835 at NVDCVE-2024-35836 at SUSECVE-2024-35836 at NVDCVE-2024-35837 at SUSECVE-2024-35837 at NVDCVE-2024-35838 at SUSECVE-2024-35838 at NVDCVE-2024-35839 at SUSECVE-2024-35839 at NVDCVE-2024-35841 at SUSECVE-2024-35841 at NVDCVE-2024-35842 at SUSECVE-2024-35842 at NVDCVE-2024-35845 at SUSECVE-2024-35845 at NVDCVE-2024-35847 at SUSECVE-2024-35847 at NVDCVE-2024-35849 at SUSECVE-2024-35849 at NVDCVE-2024-35850 at SUSECVE-2024-35850 at NVDCVE-2024-35851 at SUSECVE-2024-35851 at NVDCVE-2024-35875 at SUSECVE-2024-35875 at NVDCVE-2024-35878 at SUSECVE-2024-35878 at NVDCVE-2024-35879 at SUSECVE-2024-35879 at NVDCVE-2024-35883 at SUSECVE-2024-35883 at NVDCVE-2024-35885 at SUSECVE-2024-35885 at NVDCVE-2024-35887 at SUSECVE-2024-35887 at NVDCVE-2024-35889 at SUSECVE-2024-35889 at NVDCVE-2024-35891 at SUSECVE-2024-35891 at NVDCVE-2024-35901 at SUSECVE-2024-35901 at NVDCVE-2024-35904 at SUSECVE-2024-35904 at NVDCVE-2024-35907 at SUSECVE-2024-35907 at NVDCVE-2024-35909 at SUSECVE-2024-35909 at NVDCVE-2024-35911 at SUSECVE-2024-35911 at NVDCVE-2024-35912 at SUSECVE-2024-35912 at NVDCVE-2024-35914 at SUSECVE-2024-35914 at NVDCVE-2024-35915 at SUSECVE-2024-35915 at NVDCVE-2024-35916 at SUSECVE-2024-35916 at NVDCVE-2024-35922 at SUSECVE-2024-35922 at NVDCVE-2024-35924 at SUSECVE-2024-35924 at NVDCVE-2024-35927 at SUSECVE-2024-35927 at NVDCVE-2024-35928 at SUSECVE-2024-35928 at NVDCVE-2024-35930 at SUSECVE-2024-35930 at NVDCVE-2024-35932 at SUSECVE-2024-35932 at NVDCVE-2024-35933 at SUSECVE-2024-35933 at NVDCVE-2024-35936 at SUSECVE-2024-35936 at NVDCVE-2024-35937 at SUSECVE-2024-35937 at NVDCVE-2024-35938 at SUSECVE-2024-35938 at NVDCVE-2024-35940 at SUSECVE-2024-35940 at NVDCVE-2024-35945 at SUSECVE-2024-35945 at NVDCVE-2024-35946 at SUSECVE-2024-35946 at NVDCVE-2024-35947 at SUSECVE-2024-35947 at NVDCVE-2024-35950 at SUSECVE-2024-35950 at NVDCVE-2024-35951 at SUSECVE-2024-35951 at NVDCVE-2024-35952 at SUSECVE-2024-35952 at NVDCVE-2024-35953 at SUSECVE-2024-35953 at NVDCVE-2024-35954 at SUSECVE-2024-35954 at NVDCVE-2024-35955 at SUSECVE-2024-35955 at NVDCVE-2024-35958 at SUSECVE-2024-35958 at NVDCVE-2024-35959 at SUSECVE-2024-35959 at NVDCVE-2024-35960 at SUSECVE-2024-35960 at NVDCVE-2024-35961 at SUSECVE-2024-35961 at NVDCVE-2024-35963 at SUSECVE-2024-35963 at NVDCVE-2024-35965 at SUSECVE-2024-35965 at NVDCVE-2024-35966 at SUSECVE-2024-35966 at NVDCVE-2024-35967 at SUSECVE-2024-35967 at NVDCVE-2024-35971 at SUSECVE-2024-35971 at NVDCVE-2024-35972 at SUSECVE-2024-35972 at NVDCVE-2024-35973 at SUSECVE-2024-35973 at NVDCVE-2024-35974 at SUSECVE-2024-35974 at NVDCVE-2024-35975 at SUSECVE-2024-35975 at NVDCVE-2024-35977 at SUSECVE-2024-35977 at NVDCVE-2024-35978 at SUSECVE-2024-35978 at NVDCVE-2024-35982 at SUSECVE-2024-35982 at NVDCVE-2024-35984 at SUSECVE-2024-35984 at NVDCVE-2024-35986 at SUSECVE-2024-35986 at NVDCVE-2024-35989 at SUSECVE-2024-35989 at NVDCVE-2024-35990 at SUSECVE-2024-35990 at NVDCVE-2024-35992 at SUSECVE-2024-35992 at NVDCVE-2024-35995 at SUSECVE-2024-35995 at NVDCVE-2024-35997 at SUSECVE-2024-35997 at NVDCVE-2024-36002 at SUSECVE-2024-36002 at NVDCVE-2024-36009 at SUSECVE-2024-36009 at NVDCVE-2024-36011 at SUSECVE-2024-36011 at NVDCVE-2024-36012 at SUSECVE-2024-36012 at NVDCVE-2024-36014 at SUSECVE-2024-36014 at NVDCVE-2024-36018 at SUSECVE-2024-36018 at NVDCVE-2024-36019 at SUSECVE-2024-36019 at NVDCVE-2024-36020 at SUSECVE-2024-36020 at NVDCVE-2024-36021 at SUSECVE-2024-36021 at NVDCVE-2024-36025 at SUSECVE-2024-36025 at NVDCVE-2024-36026 at SUSECVE-2024-36026 at NVDCVE-2024-36029 at SUSECVE-2024-36029 at NVDCVE-2024-36032 at SUSECVE-2024-36032 at NVDCVE-2024-36476 at SUSECVE-2024-36476 at NVDCVE-2024-36880 at SUSECVE-2024-36880 at NVDCVE-2024-36885 at SUSECVE-2024-36885 at NVDCVE-2024-36891 at SUSECVE-2024-36891 at NVDCVE-2024-36893 at SUSECVE-2024-36893 at NVDCVE-2024-36894 at SUSECVE-2024-36894 at NVDCVE-2024-36895 at SUSECVE-2024-36895 at NVDCVE-2024-36896 at SUSECVE-2024-36896 at NVDCVE-2024-36897 at SUSECVE-2024-36897 at NVDCVE-2024-36898 at SUSECVE-2024-36898 at NVDCVE-2024-36906 at SUSECVE-2024-36906 at NVDCVE-2024-36908 at SUSECVE-2024-36908 at NVDCVE-2024-36921 at SUSECVE-2024-36921 at NVDCVE-2024-36922 at SUSECVE-2024-36922 at NVDCVE-2024-36928 at SUSECVE-2024-36928 at NVDCVE-2024-36930 at SUSECVE-2024-36930 at NVDCVE-2024-36931 at SUSECVE-2024-36931 at NVDCVE-2024-36940 at SUSECVE-2024-36940 at NVDCVE-2024-36941 at SUSECVE-2024-36941 at NVDCVE-2024-36942 at SUSECVE-2024-36942 at NVDCVE-2024-36944 at SUSECVE-2024-36944 at NVDCVE-2024-36949 at SUSECVE-2024-36949 at NVDCVE-2024-36950 at SUSECVE-2024-36950 at NVDCVE-2024-36951 at SUSECVE-2024-36951 at NVDCVE-2024-36955 at SUSECVE-2024-36955 at NVDCVE-2024-36959 at SUSECVE-2024-36959 at NVDCVE-2024-39282 at SUSECVE-2024-39282 at NVDCVE-2024-39480 at SUSECVE-2024-39480 at NVDCVE-2024-41042 at SUSECVE-2024-41042 at NVDCVE-2024-43913 at SUSECVE-2024-43913 at NVDCVE-2024-44934 at SUSECVE-2024-44934 at NVDCVE-2024-44996 at SUSECVE-2024-44996 at NVDCVE-2024-45828 at SUSECVE-2024-45828 at NVDCVE-2024-46896 at SUSECVE-2024-46896 at NVDCVE-2024-47141 at SUSECVE-2024-47141 at NVDCVE-2024-47143 at SUSECVE-2024-47143 at NVDCVE-2024-47678 at SUSECVE-2024-47678 at NVDCVE-2024-47809 at SUSECVE-2024-47809 at NVDCVE-2024-48873 at SUSECVE-2024-48873 at NVDCVE-2024-48881 at SUSECVE-2024-48881 at NVDCVE-2024-49569 at SUSECVE-2024-49569 at NVDCVE-2024-49854 at SUSECVE-2024-49854 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49915 at SUSECVE-2024-49915 at NVDCVE-2024-49948 at SUSECVE-2024-49948 at NVDCVE-2024-49951 at SUSECVE-2024-49951 at NVDCVE-2024-49978 at SUSECVE-2024-49978 at NVDCVE-2024-49998 at SUSECVE-2024-49998 at NVDCVE-2024-50016 at SUSECVE-2024-50016 at NVDCVE-2024-50018 at SUSECVE-2024-50018 at NVDCVE-2024-50039 at SUSECVE-2024-50039 at NVDCVE-2024-50047 at SUSECVE-2024-50047 at NVDCVE-2024-50051 at SUSECVE-2024-50051 at NVDCVE-2024-50106 at SUSECVE-2024-50106 at NVDCVE-2024-50143 at SUSECVE-2024-50143 at NVDCVE-2024-50151 at SUSECVE-2024-50151 at NVDCVE-2024-50154 at SUSECVE-2024-50154 at NVDCVE-2024-50199 at SUSECVE-2024-50199 at NVDCVE-2024-50202 at SUSECVE-2024-50202 at NVDCVE-2024-50203 at SUSECVE-2024-50203 at NVDCVE-2024-50211 at SUSECVE-2024-50211 at NVDCVE-2024-50228 at SUSECVE-2024-50228 at NVDCVE-2024-50256 at SUSECVE-2024-50256 at NVDCVE-2024-50262 at SUSECVE-2024-50262 at NVDCVE-2024-50272 at SUSECVE-2024-50272 at NVDCVE-2024-50278 at SUSECVE-2024-50278 at NVDCVE-2024-50280 at SUSECVE-2024-50280 at NVDCVE-2024-50299 at SUSECVE-2024-50299 at NVDCVE-2024-52332 at SUSECVE-2024-52332 at NVDCVE-2024-53050 at SUSECVE-2024-53050 at NVDCVE-2024-53064 at SUSECVE-2024-53064 at NVDCVE-2024-53090 at SUSECVE-2024-53090 at NVDCVE-2024-53091 at SUSECVE-2024-53091 at NVDCVE-2024-53095 at SUSECVE-2024-53095 at NVDCVE-2024-53099 at SUSECVE-2024-53099 at NVDCVE-2024-53103 at SUSECVE-2024-53103 at NVDCVE-2024-53105 at SUSECVE-2024-53105 at NVDCVE-2024-53111 at SUSECVE-2024-53111 at NVDCVE-2024-53113 at SUSECVE-2024-53113 at NVDCVE-2024-53117 at SUSECVE-2024-53117 at NVDCVE-2024-53118 at SUSECVE-2024-53118 at NVDCVE-2024-53119 at SUSECVE-2024-53119 at NVDCVE-2024-53120 at SUSECVE-2024-53120 at NVDCVE-2024-53122 at SUSECVE-2024-53122 at NVDCVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-53126 at SUSECVE-2024-53126 at NVDCVE-2024-53127 at SUSECVE-2024-53127 at NVDCVE-2024-53129 at SUSECVE-2024-53129 at NVDCVE-2024-53130 at SUSECVE-2024-53130 at NVDCVE-2024-53131 at SUSECVE-2024-53131 at NVDCVE-2024-53133 at SUSECVE-2024-53133 at NVDCVE-2024-53134 at SUSECVE-2024-53134 at NVDCVE-2024-53136 at SUSECVE-2024-53136 at NVDCVE-2024-53141 at SUSECVE-2024-53141 at NVDCVE-2024-53142 at SUSECVE-2024-53142 at NVDCVE-2024-53144 at SUSECVE-2024-53144 at NVDCVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53148 at SUSECVE-2024-53148 at NVDCVE-2024-53150 at SUSECVE-2024-53150 at NVDCVE-2024-53151 at SUSECVE-2024-53151 at NVDCVE-2024-53154 at SUSECVE-2024-53154 at NVDCVE-2024-53155 at SUSECVE-2024-53155 at NVDCVE-2024-53156 at SUSECVE-2024-53156 at NVDCVE-2024-53157 at SUSECVE-2024-53157 at NVDCVE-2024-53158 at SUSECVE-2024-53158 at NVDCVE-2024-53159 at SUSECVE-2024-53159 at NVDCVE-2024-53160 at SUSECVE-2024-53160 at NVDCVE-2024-53161 at SUSECVE-2024-53161 at NVDCVE-2024-53162 at SUSECVE-2024-53162 at NVDCVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53168 at SUSECVE-2024-53168 at NVDCVE-2024-53169 at SUSECVE-2024-53169 at NVDCVE-2024-53170 at SUSECVE-2024-53170 at NVDCVE-2024-53171 at SUSECVE-2024-53171 at NVDCVE-2024-53172 at SUSECVE-2024-53172 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53174 at SUSECVE-2024-53174 at NVDCVE-2024-53175 at SUSECVE-2024-53175 at NVDCVE-2024-53179 at SUSECVE-2024-53179 at NVDCVE-2024-53180 at SUSECVE-2024-53180 at NVDCVE-2024-53185 at SUSECVE-2024-53185 at NVDCVE-2024-53187 at SUSECVE-2024-53187 at NVDCVE-2024-53188 at SUSECVE-2024-53188 at NVDCVE-2024-53190 at SUSECVE-2024-53190 at NVDCVE-2024-53191 at SUSECVE-2024-53191 at NVDCVE-2024-53194 at SUSECVE-2024-53194 at NVDCVE-2024-53195 at SUSECVE-2024-53195 at NVDCVE-2024-53196 at SUSECVE-2024-53196 at NVDCVE-2024-53197 at SUSECVE-2024-53197 at NVDCVE-2024-53198 at SUSECVE-2024-53198 at NVDCVE-2024-53200 at SUSECVE-2024-53200 at NVDCVE-2024-53201 at SUSECVE-2024-53201 at NVDCVE-2024-53202 at SUSECVE-2024-53202 at NVDCVE-2024-53203 at SUSECVE-2024-53203 at NVDCVE-2024-53206 at SUSECVE-2024-53206 at NVDCVE-2024-53207 at SUSECVE-2024-53207 at NVDCVE-2024-53208 at SUSECVE-2024-53208 at NVDCVE-2024-53209 at SUSECVE-2024-53209 at NVDCVE-2024-53210 at SUSECVE-2024-53210 at NVDCVE-2024-53213 at SUSECVE-2024-53213 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-53215 at SUSECVE-2024-53215 at NVDCVE-2024-53216 at SUSECVE-2024-53216 at NVDCVE-2024-53217 at SUSECVE-2024-53217 at NVDCVE-2024-53222 at SUSECVE-2024-53222 at NVDCVE-2024-53224 at SUSECVE-2024-53224 at NVDCVE-2024-53227 at SUSECVE-2024-53227 at NVDCVE-2024-53229 at SUSECVE-2024-53229 at NVDCVE-2024-53230 at SUSECVE-2024-53230 at NVDCVE-2024-53231 at SUSECVE-2024-53231 at NVDCVE-2024-53232 at SUSECVE-2024-53232 at NVDCVE-2024-53233 at SUSECVE-2024-53233 at NVDCVE-2024-53234 at SUSECVE-2024-53234 at NVDCVE-2024-53236 at SUSECVE-2024-53236 at NVDCVE-2024-53237 at SUSECVE-2024-53237 at NVDCVE-2024-53239 at SUSECVE-2024-53239 at NVDCVE-2024-53240 at SUSECVE-2024-53240 at NVDCVE-2024-53241 at SUSECVE-2024-53241 at NVDCVE-2024-53685 at SUSECVE-2024-53685 at NVDCVE-2024-53690 at SUSECVE-2024-53690 at NVDCVE-2024-54680 at SUSECVE-2024-54680 at NVDCVE-2024-55639 at SUSECVE-2024-55639 at NVDCVE-2024-55881 at SUSECVE-2024-55881 at NVDCVE-2024-55916 at SUSECVE-2024-55916 at NVDCVE-2024-56369 at SUSECVE-2024-56369 at NVDCVE-2024-56372 at SUSECVE-2024-56372 at NVDCVE-2024-56531 at SUSECVE-2024-56531 at NVDCVE-2024-56532 at SUSECVE-2024-56532 at NVDCVE-2024-56533 at SUSECVE-2024-56533 at NVDCVE-2024-56536 at SUSECVE-2024-56536 at NVDCVE-2024-56538 at SUSECVE-2024-56538 at NVDCVE-2024-56539 at SUSECVE-2024-56539 at NVDCVE-2024-56543 at SUSECVE-2024-56543 at NVDCVE-2024-56546 at SUSECVE-2024-56546 at NVDCVE-2024-56548 at SUSECVE-2024-56548 at NVDCVE-2024-56549 at SUSECVE-2024-56549 at NVDCVE-2024-56551 at SUSECVE-2024-56551 at NVDCVE-2024-56557 at SUSECVE-2024-56557 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-56562 at SUSECVE-2024-56562 at NVDCVE-2024-56566 at SUSECVE-2024-56566 at NVDCVE-2024-56567 at SUSECVE-2024-56567 at NVDCVE-2024-56568 at SUSECVE-2024-56568 at NVDCVE-2024-56569 at SUSECVE-2024-56569 at NVDCVE-2024-56570 at SUSECVE-2024-56570 at NVDCVE-2024-56571 at SUSECVE-2024-56571 at NVDCVE-2024-56572 at SUSECVE-2024-56572 at NVDCVE-2024-56573 at SUSECVE-2024-56573 at NVDCVE-2024-56574 at SUSECVE-2024-56574 at NVDCVE-2024-56575 at SUSECVE-2024-56575 at NVDCVE-2024-56576 at SUSECVE-2024-56576 at NVDCVE-2024-56577 at SUSECVE-2024-56577 at NVDCVE-2024-56578 at SUSECVE-2024-56578 at NVDCVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56584 at SUSECVE-2024-56584 at NVDCVE-2024-56587 at SUSECVE-2024-56587 at NVDCVE-2024-56588 at SUSECVE-2024-56588 at NVDCVE-2024-56589 at SUSECVE-2024-56589 at NVDCVE-2024-56590 at SUSECVE-2024-56590 at NVDCVE-2024-56593 at SUSECVE-2024-56593 at NVDCVE-2024-56594 at SUSECVE-2024-56594 at NVDCVE-2024-56595 at SUSECVE-2024-56595 at NVDCVE-2024-56596 at SUSECVE-2024-56596 at NVDCVE-2024-56597 at SUSECVE-2024-56597 at NVDCVE-2024-56598 at SUSECVE-2024-56598 at NVDCVE-2024-56599 at SUSECVE-2024-56599 at NVDCVE-2024-5660 at SUSECVE-2024-5660 at NVDCVE-2024-56600 at SUSECVE-2024-56600 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56602 at SUSECVE-2024-56602 at NVDCVE-2024-56603 at SUSECVE-2024-56603 at NVDCVE-2024-56604 at SUSECVE-2024-56604 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDCVE-2024-56606 at SUSECVE-2024-56606 at NVDCVE-2024-56607 at SUSECVE-2024-56607 at NVDCVE-2024-56608 at SUSECVE-2024-56608 at NVDCVE-2024-56609 at SUSECVE-2024-56609 at NVDCVE-2024-56610 at SUSECVE-2024-56610 at NVDCVE-2024-56611 at SUSECVE-2024-56611 at NVDCVE-2024-56614 at SUSECVE-2024-56614 at NVDCVE-2024-56615 at SUSECVE-2024-56615 at NVDCVE-2024-56616 at SUSECVE-2024-56616 at NVDCVE-2024-56617 at SUSECVE-2024-56617 at NVDCVE-2024-56619 at SUSECVE-2024-56619 at NVDCVE-2024-56620 at SUSECVE-2024-56620 at NVDCVE-2024-56622 at SUSECVE-2024-56622 at NVDCVE-2024-56623 at SUSECVE-2024-56623 at NVDCVE-2024-56625 at SUSECVE-2024-56625 at NVDCVE-2024-56629 at SUSECVE-2024-56629 at NVDCVE-2024-56630 at SUSECVE-2024-56630 at NVDCVE-2024-56631 at SUSECVE-2024-56631 at NVDCVE-2024-56632 at SUSECVE-2024-56632 at NVDCVE-2024-56634 at SUSECVE-2024-56634 at NVDCVE-2024-56635 at SUSECVE-2024-56635 at NVDCVE-2024-56636 at SUSECVE-2024-56636 at NVDCVE-2024-56637 at SUSECVE-2024-56637 at NVDCVE-2024-56641 at SUSECVE-2024-56641 at NVDCVE-2024-56642 at SUSECVE-2024-56642 at NVDCVE-2024-56643 at SUSECVE-2024-56643 at NVDCVE-2024-56644 at SUSECVE-2024-56644 at NVDCVE-2024-56645 at SUSECVE-2024-56645 at NVDCVE-2024-56648 at SUSECVE-2024-56648 at NVDCVE-2024-56649 at SUSECVE-2024-56649 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-56651 at SUSECVE-2024-56651 at NVDCVE-2024-56654 at SUSECVE-2024-56654 at NVDCVE-2024-56656 at SUSECVE-2024-56656 at NVDCVE-2024-56659 at SUSECVE-2024-56659 at NVDCVE-2024-56660 at SUSECVE-2024-56660 at NVDCVE-2024-56661 at SUSECVE-2024-56661 at NVDCVE-2024-56662 at SUSECVE-2024-56662 at NVDCVE-2024-56663 at SUSECVE-2024-56663 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2024-56665 at SUSECVE-2024-56665 at NVDCVE-2024-56667 at SUSECVE-2024-56667 at NVDCVE-2024-56670 at SUSECVE-2024-56670 at NVDCVE-2024-56672 at SUSECVE-2024-56672 at NVDCVE-2024-56675 at SUSECVE-2024-56675 at NVDCVE-2024-56677 at SUSECVE-2024-56677 at NVDCVE-2024-56678 at SUSECVE-2024-56678 at NVDCVE-2024-56679 at SUSECVE-2024-56679 at NVDCVE-2024-56681 at SUSECVE-2024-56681 at NVDCVE-2024-56683 at SUSECVE-2024-56683 at NVDCVE-2024-56687 at SUSECVE-2024-56687 at NVDCVE-2024-56688 at SUSECVE-2024-56688 at NVDCVE-2024-56690 at SUSECVE-2024-56690 at NVDCVE-2024-56691 at SUSECVE-2024-56691 at NVDCVE-2024-56693 at SUSECVE-2024-56693 at NVDCVE-2024-56694 at SUSECVE-2024-56694 at NVDCVE-2024-56698 at SUSECVE-2024-56698 at NVDCVE-2024-56700 at SUSECVE-2024-56700 at NVDCVE-2024-56701 at SUSECVE-2024-56701 at NVDCVE-2024-56704 at SUSECVE-2024-56704 at NVDCVE-2024-56705 at SUSECVE-2024-56705 at NVDCVE-2024-56707 at SUSECVE-2024-56707 at NVDCVE-2024-56708 at SUSECVE-2024-56708 at NVDCVE-2024-56709 at SUSECVE-2024-56709 at NVDCVE-2024-56712 at SUSECVE-2024-56712 at NVDCVE-2024-56715 at SUSECVE-2024-56715 at NVDCVE-2024-56716 at SUSECVE-2024-56716 at NVDCVE-2024-56722 at SUSECVE-2024-56722 at NVDCVE-2024-56723 at SUSECVE-2024-56723 at NVDCVE-2024-56724 at SUSECVE-2024-56724 at NVDCVE-2024-56725 at SUSECVE-2024-56725 at NVDCVE-2024-56726 at SUSECVE-2024-56726 at NVDCVE-2024-56727 at SUSECVE-2024-56727 at NVDCVE-2024-56728 at SUSECVE-2024-56728 at NVDCVE-2024-56729 at SUSECVE-2024-56729 at NVDCVE-2024-56739 at SUSECVE-2024-56739 at NVDCVE-2024-56741 at SUSECVE-2024-56741 at NVDCVE-2024-56745 at SUSECVE-2024-56745 at NVDCVE-2024-56746 at SUSECVE-2024-56746 at NVDCVE-2024-56747 at SUSECVE-2024-56747 at NVDCVE-2024-56748 at SUSECVE-2024-56748 at NVDCVE-2024-56752 at SUSECVE-2024-56752 at NVDCVE-2024-56754 at SUSECVE-2024-56754 at NVDCVE-2024-56755 at SUSECVE-2024-56755 at NVDCVE-2024-56756 at SUSECVE-2024-56756 at NVDCVE-2024-56759 at SUSECVE-2024-56759 at NVDCVE-2024-56760 at SUSECVE-2024-56760 at NVDCVE-2024-56763 at SUSECVE-2024-56763 at NVDCVE-2024-56765 at SUSECVE-2024-56765 at NVDCVE-2024-56766 at SUSECVE-2024-56766 at NVDCVE-2024-56767 at SUSECVE-2024-56767 at NVDCVE-2024-56769 at SUSECVE-2024-56769 at NVDCVE-2024-56774 at SUSECVE-2024-56774 at NVDCVE-2024-56775 at SUSECVE-2024-56775 at NVDCVE-2024-56776 at SUSECVE-2024-56776 at NVDCVE-2024-56777 at SUSECVE-2024-56777 at NVDCVE-2024-56778 at SUSECVE-2024-56778 at NVDCVE-2024-56779 at SUSECVE-2024-56779 at NVDCVE-2024-56780 at SUSECVE-2024-56780 at NVDCVE-2024-56787 at SUSECVE-2024-56787 at NVDCVE-2024-57791 at SUSECVE-2024-57791 at NVDCVE-2024-57792 at SUSECVE-2024-57792 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57795 at SUSECVE-2024-57795 at NVDCVE-2024-57798 at SUSECVE-2024-57798 at NVDCVE-2024-57801 at SUSECVE-2024-57801 at NVDCVE-2024-57802 at SUSECVE-2024-57802 at NVDCVE-2024-57804 at SUSECVE-2024-57804 at NVDCVE-2024-57809 at SUSECVE-2024-57809 at NVDCVE-2024-57838 at SUSECVE-2024-57838 at NVDCVE-2024-57849 at SUSECVE-2024-57849 at NVDCVE-2024-57850 at SUSECVE-2024-57850 at NVDCVE-2024-57857 at SUSECVE-2024-57857 at NVDCVE-2024-57874 at SUSECVE-2024-57874 at NVDCVE-2024-57876 at SUSECVE-2024-57876 at NVDCVE-2024-57884 at SUSECVE-2024-57884 at NVDCVE-2024-57887 at SUSECVE-2024-57887 at NVDCVE-2024-57888 at SUSECVE-2024-57888 at NVDCVE-2024-57890 at SUSECVE-2024-57890 at NVDCVE-2024-57892 at SUSECVE-2024-57892 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2024-57896 at SUSECVE-2024-57896 at NVDCVE-2024-57897 at SUSECVE-2024-57897 at NVDCVE-2024-57899 at SUSECVE-2024-57899 at NVDCVE-2024-57903 at SUSECVE-2024-57903 at NVDCVE-2024-57904 at SUSECVE-2024-57904 at NVDCVE-2024-57906 at SUSECVE-2024-57906 at NVDCVE-2024-57907 at SUSECVE-2024-57907 at NVDCVE-2024-57908 at SUSECVE-2024-57908 at NVDCVE-2024-57910 at SUSECVE-2024-57910 at NVDCVE-2024-57911 at SUSECVE-2024-57911 at NVDCVE-2024-57912 at SUSECVE-2024-57912 at NVDCVE-2024-57913 at SUSECVE-2024-57913 at NVDCVE-2024-57915 at SUSECVE-2024-57915 at NVDCVE-2024-57916 at SUSECVE-2024-57916 at NVDCVE-2024-57917 at SUSECVE-2024-57917 at NVDCVE-2024-57922 at SUSECVE-2024-57922 at NVDCVE-2024-57926 at SUSECVE-2024-57926 at NVDCVE-2024-57929 at SUSECVE-2024-57929 at NVDCVE-2024-57931 at SUSECVE-2024-57931 at NVDCVE-2024-57932 at SUSECVE-2024-57932 at NVDCVE-2024-57933 at SUSECVE-2024-57933 at NVDCVE-2024-57935 at SUSECVE-2024-57935 at NVDCVE-2024-57936 at SUSECVE-2024-57936 at NVDCVE-2024-57938 at SUSECVE-2024-57938 at NVDCVE-2024-57940 at SUSECVE-2024-57940 at NVDCVE-2024-57946 at SUSECVE-2024-57946 at NVDCVE-2024-8805 at SUSECVE-2024-8805 at NVDCVE-2025-21632 at SUSECVE-2025-21632 at NVDCVE-2025-21645 at SUSECVE-2025-21645 at NVDCVE-2025-21646 at SUSECVE-2025-21646 at NVDCVE-2025-21649 at SUSECVE-2025-21649 at NVDCVE-2025-21650 at SUSECVE-2025-21650 at NVDCVE-2025-21651 at SUSECVE-2025-21651 at NVDCVE-2025-21652 at SUSECVE-2025-21652 at NVDCVE-2025-21653 at SUSECVE-2025-21653 at NVDCVE-2025-21655 at SUSECVE-2025-21655 at NVDCVE-2025-21656 at SUSECVE-2025-21656 at NVDCVE-2025-21662 at SUSECVE-2025-21662 at NVDCVE-2025-21663 at SUSECVE-2025-21663 at NVDCVE-2025-21664 at SUSECVE-2025-21664 at NVDCVE-2025-21674 at SUSECVE-2025-21674 at NVDCVE-2025-21676 at SUSECVE-2025-21676 at NVDCVE-2025-21682 at SUSECVE-2025-21682 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
The following non-security bugs were fixed:
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- drm: Add valid clones check (stable-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- Drop AMDGPU patch that may cause regressions (bsc#1243782)
- exfat: fix potential wrong error return from get_block (git-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add more controllers (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kernel-obs-qa: Use srchash for dependency as well
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: delete redundant judgment statements (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug (git-fixes)
- Refresh fixes for cBPF issue (bsc#1242778)
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" (stable-fixes).
- Revert "drm/amdgpu: do not allow userspace to create a doorbell BO" (stable-fixes).
- Revert "drm/amd: Keep display off while going into S4" (git-fixes).
- Revert "drm/amd: Stop evicting resources on APUs in suspend" (stable-fixes).
- Revert "rndis_host: Flag RNDIS modems as WWAN devices" (git-fixes).
- Revert "wifi: mt76: mt7996: fill txd by host driver" (stable-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: Improve CDL control (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's "next" indication (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
ImportantSUSE bug 1220112SUSE bug 1223096SUSE bug 1226498SUSE bug 1228557SUSE bug 1228854SUSE bug 1229491SUSE bug 1230581SUSE bug 1231016SUSE bug 1232649SUSE bug 1232882SUSE bug 1233192SUSE bug 1234154SUSE bug 1235149SUSE bug 1235968SUSE bug 1236142SUSE bug 1236208SUSE bug 1237312SUSE bug 1238212SUSE bug 1238473SUSE bug 1238774SUSE bug 1238992SUSE bug 1239691SUSE bug 1239925SUSE bug 1240593SUSE bug 1240823SUSE bug 1240866SUSE bug 1240966SUSE bug 1241148SUSE bug 1241282SUSE bug 1241305SUSE bug 1241340SUSE bug 1241351SUSE bug 1241376SUSE bug 1241448SUSE bug 1241457SUSE bug 1241492SUSE bug 1241519SUSE bug 1241525SUSE bug 1241533SUSE bug 1241538SUSE bug 1241576SUSE bug 1241590SUSE bug 1241595SUSE bug 1241596SUSE bug 1241597SUSE bug 1241625SUSE bug 1241627SUSE bug 1241635SUSE bug 1241638SUSE bug 1241644SUSE bug 1241654SUSE bug 1241657SUSE bug 1242012SUSE bug 1242035SUSE bug 1242044SUSE bug 1242163SUSE bug 1242203SUSE bug 1242343SUSE bug 1242414SUSE bug 1242417SUSE bug 1242501SUSE bug 1242502SUSE bug 1242506SUSE bug 1242507SUSE bug 1242509SUSE bug 1242510SUSE bug 1242512SUSE bug 1242513SUSE bug 1242514SUSE bug 1242520SUSE bug 1242523SUSE bug 1242524SUSE bug 1242529SUSE bug 1242530SUSE bug 1242531SUSE bug 1242532SUSE bug 1242559SUSE bug 1242563SUSE bug 1242564SUSE bug 1242565SUSE bug 1242566SUSE bug 1242567SUSE bug 1242568SUSE bug 1242569SUSE bug 1242574SUSE bug 1242575SUSE bug 1242578SUSE bug 1242584SUSE bug 1242585SUSE bug 1242587SUSE bug 1242591SUSE bug 1242709SUSE bug 1242727SUSE bug 1242758SUSE bug 1242760SUSE bug 1242761SUSE bug 1242762SUSE bug 1242763SUSE bug 1242764SUSE bug 1242766SUSE bug 1242770SUSE bug 1242778SUSE bug 1242781SUSE bug 1242782SUSE bug 1242785SUSE bug 1242786SUSE bug 1242792SUSE bug 1242849SUSE bug 1242852SUSE bug 1242854SUSE bug 1242856SUSE bug 1242859SUSE bug 1242860SUSE bug 1242861SUSE bug 1242866SUSE bug 1242867SUSE bug 1242868SUSE bug 1242871SUSE bug 1242873SUSE bug 1242875SUSE bug 1242906SUSE bug 1242908SUSE bug 1242924SUSE bug 1242930SUSE bug 1242944SUSE bug 1242945SUSE bug 1242948SUSE bug 1242949SUSE bug 1242951SUSE bug 1242953SUSE bug 1242955SUSE bug 1242957SUSE bug 1242959SUSE bug 1242961SUSE bug 1242962SUSE bug 1242973SUSE bug 1242974SUSE bug 1242977SUSE bug 1242990SUSE bug 1242993SUSE bug 1243000SUSE bug 1243006SUSE bug 1243011SUSE bug 1243015SUSE bug 1243044SUSE bug 1243049SUSE bug 1243056SUSE bug 1243074SUSE bug 1243076SUSE bug 1243077SUSE bug 1243082SUSE bug 1243090SUSE bug 1243330SUSE bug 1243342SUSE bug 1243456SUSE bug 1243469SUSE bug 1243470SUSE bug 1243471SUSE bug 1243472SUSE bug 1243473SUSE bug 1243476SUSE bug 1243509SUSE bug 1243511SUSE bug 1243513SUSE bug 1243515SUSE bug 1243516SUSE bug 1243517SUSE bug 1243519SUSE bug 1243522SUSE bug 1243524SUSE bug 1243528SUSE bug 1243529SUSE bug 1243530SUSE bug 1243534SUSE bug 1243536SUSE bug 1243539SUSE bug 1243540SUSE bug 1243541SUSE bug 1243543SUSE bug 1243545SUSE bug 1243547SUSE bug 1243559SUSE bug 1243560SUSE bug 1243562SUSE bug 1243567SUSE bug 1243573SUSE bug 1243574SUSE bug 1243575SUSE bug 1243589SUSE bug 1243621SUSE bug 1243624SUSE bug 1243625SUSE bug 1243626SUSE bug 1243627SUSE bug 1243649SUSE bug 1243657SUSE bug 1243658SUSE bug 1243659SUSE bug 1243660SUSE bug 1243664SUSE bug 1243737SUSE bug 1243782SUSE bug 1243805SUSE bug 1243963SUSE bug 1244145SUSE bug 1244261CVE-2023-52888 at SUSECVE-2023-52888 at NVDCVE-2023-53146 at SUSECVE-2023-53146 at NVDCVE-2024-43869 at SUSECVE-2024-43869 at NVDCVE-2024-46713 at SUSECVE-2024-46713 at NVDCVE-2024-50106 at SUSECVE-2024-50106 at NVDCVE-2024-50223 at SUSECVE-2024-50223 at NVDCVE-2024-53135 at SUSECVE-2024-53135 at NVDCVE-2024-54458 at SUSECVE-2024-54458 at NVDCVE-2024-58098 at SUSECVE-2024-58098 at NVDCVE-2024-58099 at SUSECVE-2024-58099 at NVDCVE-2024-58100 at SUSECVE-2024-58100 at NVDCVE-2024-58237 at SUSECVE-2024-58237 at NVDCVE-2025-21629 at SUSECVE-2025-21629 at NVDCVE-2025-21648 at SUSECVE-2025-21648 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-21787 at SUSECVE-2025-21787 at NVDCVE-2025-21814 at SUSECVE-2025-21814 at NVDCVE-2025-21919 at SUSECVE-2025-21919 at NVDCVE-2025-21997 at SUSECVE-2025-21997 at NVDCVE-2025-22005 at SUSECVE-2025-22005 at NVDCVE-2025-22021 at SUSECVE-2025-22021 at NVDCVE-2025-22030 at SUSECVE-2025-22030 at NVDCVE-2025-22056 at SUSECVE-2025-22056 at NVDCVE-2025-22057 at SUSECVE-2025-22057 at NVDCVE-2025-22063 at SUSECVE-2025-22063 at NVDCVE-2025-22066 at SUSECVE-2025-22066 at NVDCVE-2025-22070 at SUSECVE-2025-22070 at NVDCVE-2025-22089 at SUSECVE-2025-22089 at NVDCVE-2025-22095 at SUSECVE-2025-22095 at NVDCVE-2025-22103 at SUSECVE-2025-22103 at NVDCVE-2025-22119 at SUSECVE-2025-22119 at NVDCVE-2025-22124 at SUSECVE-2025-22124 at NVDCVE-2025-22125 at SUSECVE-2025-22125 at NVDCVE-2025-22126 at SUSECVE-2025-22126 at NVDCVE-2025-23140 at SUSECVE-2025-23140 at NVDCVE-2025-23141 at SUSECVE-2025-23141 at NVDCVE-2025-23142 at SUSECVE-2025-23142 at NVDCVE-2025-23144 at SUSECVE-2025-23144 at NVDCVE-2025-23146 at SUSECVE-2025-23146 at NVDCVE-2025-23147 at SUSECVE-2025-23147 at NVDCVE-2025-23148 at SUSECVE-2025-23148 at NVDCVE-2025-23149 at SUSECVE-2025-23149 at NVDCVE-2025-23150 at SUSECVE-2025-23150 at NVDCVE-2025-23151 at SUSECVE-2025-23151 at NVDCVE-2025-23156 at SUSECVE-2025-23156 at NVDCVE-2025-23157 at SUSECVE-2025-23157 at NVDCVE-2025-23158 at SUSECVE-2025-23158 at NVDCVE-2025-23159 at SUSECVE-2025-23159 at NVDCVE-2025-23160 at SUSECVE-2025-23160 at NVDCVE-2025-23161 at SUSECVE-2025-23161 at NVDCVE-2025-37740 at SUSECVE-2025-37740 at NVDCVE-2025-37741 at SUSECVE-2025-37741 at NVDCVE-2025-37742 at SUSECVE-2025-37742 at NVDCVE-2025-37743 at SUSECVE-2025-37743 at NVDCVE-2025-37747 at SUSECVE-2025-37747 at NVDCVE-2025-37748 at SUSECVE-2025-37748 at NVDCVE-2025-37749 at SUSECVE-2025-37749 at NVDCVE-2025-37750 at SUSECVE-2025-37750 at NVDCVE-2025-37754 at SUSECVE-2025-37754 at NVDCVE-2025-37755 at SUSECVE-2025-37755 at NVDCVE-2025-37758 at SUSECVE-2025-37758 at NVDCVE-2025-37765 at SUSECVE-2025-37765 at NVDCVE-2025-37766 at SUSECVE-2025-37766 at NVDCVE-2025-37767 at SUSECVE-2025-37767 at NVDCVE-2025-37768 at SUSECVE-2025-37768 at NVDCVE-2025-37769 at SUSECVE-2025-37769 at NVDCVE-2025-37770 at SUSECVE-2025-37770 at NVDCVE-2025-37771 at SUSECVE-2025-37771 at NVDCVE-2025-37772 at SUSECVE-2025-37772 at NVDCVE-2025-37773 at SUSECVE-2025-37773 at NVDCVE-2025-37780 at SUSECVE-2025-37780 at NVDCVE-2025-37781 at SUSECVE-2025-37781 at NVDCVE-2025-37782 at SUSECVE-2025-37782 at NVDCVE-2025-37787 at SUSECVE-2025-37787 at NVDCVE-2025-37788 at SUSECVE-2025-37788 at NVDCVE-2025-37789 at SUSECVE-2025-37789 at NVDCVE-2025-37790 at SUSECVE-2025-37790 at NVDCVE-2025-37792 at SUSECVE-2025-37792 at NVDCVE-2025-37793 at SUSECVE-2025-37793 at NVDCVE-2025-37794 at SUSECVE-2025-37794 at NVDCVE-2025-37796 at SUSECVE-2025-37796 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37800 at SUSECVE-2025-37800 at NVDCVE-2025-37803 at SUSECVE-2025-37803 at NVDCVE-2025-37804 at SUSECVE-2025-37804 at NVDCVE-2025-37805 at SUSECVE-2025-37805 at NVDCVE-2025-37809 at SUSECVE-2025-37809 at NVDCVE-2025-37810 at SUSECVE-2025-37810 at NVDCVE-2025-37812 at SUSECVE-2025-37812 at NVDCVE-2025-37815 at SUSECVE-2025-37815 at NVDCVE-2025-37819 at SUSECVE-2025-37819 at NVDCVE-2025-37820 at SUSECVE-2025-37820 at NVDCVE-2025-37823 at SUSECVE-2025-37823 at NVDCVE-2025-37824 at SUSECVE-2025-37824 at NVDCVE-2025-37829 at SUSECVE-2025-37829 at NVDCVE-2025-37830 at SUSECVE-2025-37830 at NVDCVE-2025-37831 at SUSECVE-2025-37831 at NVDCVE-2025-37833 at SUSECVE-2025-37833 at NVDCVE-2025-37836 at SUSECVE-2025-37836 at NVDCVE-2025-37839 at SUSECVE-2025-37839 at NVDCVE-2025-37840 at SUSECVE-2025-37840 at NVDCVE-2025-37841 at SUSECVE-2025-37841 at NVDCVE-2025-37842 at SUSECVE-2025-37842 at NVDCVE-2025-37849 at SUSECVE-2025-37849 at NVDCVE-2025-37850 at SUSECVE-2025-37850 at NVDCVE-2025-37851 at SUSECVE-2025-37851 at NVDCVE-2025-37852 at SUSECVE-2025-37852 at NVDCVE-2025-37853 at SUSECVE-2025-37853 at NVDCVE-2025-37854 at SUSECVE-2025-37854 at NVDCVE-2025-37858 at SUSECVE-2025-37858 at NVDCVE-2025-37867 at SUSECVE-2025-37867 at NVDCVE-2025-37870 at SUSECVE-2025-37870 at NVDCVE-2025-37871 at SUSECVE-2025-37871 at NVDCVE-2025-37873 at SUSECVE-2025-37873 at NVDCVE-2025-37875 at SUSECVE-2025-37875 at NVDCVE-2025-37879 at SUSECVE-2025-37879 at NVDCVE-2025-37881 at SUSECVE-2025-37881 at NVDCVE-2025-37886 at SUSECVE-2025-37886 at NVDCVE-2025-37887 at SUSECVE-2025-37887 at NVDCVE-2025-37889 at SUSECVE-2025-37889 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-37891 at SUSECVE-2025-37891 at NVDCVE-2025-37892 at SUSECVE-2025-37892 at NVDCVE-2025-37897 at SUSECVE-2025-37897 at NVDCVE-2025-37900 at SUSECVE-2025-37900 at NVDCVE-2025-37901 at SUSECVE-2025-37901 at NVDCVE-2025-37903 at SUSECVE-2025-37903 at NVDCVE-2025-37905 at SUSECVE-2025-37905 at NVDCVE-2025-37911 at SUSECVE-2025-37911 at NVDCVE-2025-37912 at SUSECVE-2025-37912 at NVDCVE-2025-37913 at SUSECVE-2025-37913 at NVDCVE-2025-37914 at SUSECVE-2025-37914 at NVDCVE-2025-37915 at SUSECVE-2025-37915 at NVDCVE-2025-37918 at SUSECVE-2025-37918 at NVDCVE-2025-37925 at SUSECVE-2025-37925 at NVDCVE-2025-37928 at SUSECVE-2025-37928 at NVDCVE-2025-37929 at SUSECVE-2025-37929 at NVDCVE-2025-37930 at SUSECVE-2025-37930 at NVDCVE-2025-37931 at SUSECVE-2025-37931 at NVDCVE-2025-37932 at SUSECVE-2025-37932 at NVDCVE-2025-37937 at SUSECVE-2025-37937 at NVDCVE-2025-37943 at SUSECVE-2025-37943 at NVDCVE-2025-37944 at SUSECVE-2025-37944 at NVDCVE-2025-37948 at SUSECVE-2025-37948 at NVDCVE-2025-37949 at SUSECVE-2025-37949 at NVDCVE-2025-37951 at SUSECVE-2025-37951 at NVDCVE-2025-37953 at SUSECVE-2025-37953 at NVDCVE-2025-37954 at SUSECVE-2025-37954 at NVDCVE-2025-37957 at SUSECVE-2025-37957 at NVDCVE-2025-37958 at SUSECVE-2025-37958 at NVDCVE-2025-37959 at SUSECVE-2025-37959 at NVDCVE-2025-37960 at SUSECVE-2025-37960 at NVDCVE-2025-37963 at SUSECVE-2025-37963 at NVDCVE-2025-37969 at SUSECVE-2025-37969 at NVDCVE-2025-37970 at SUSECVE-2025-37970 at NVDCVE-2025-37972 at SUSECVE-2025-37972 at NVDCVE-2025-37974 at SUSECVE-2025-37974 at NVDCVE-2025-37978 at SUSECVE-2025-37978 at NVDCVE-2025-37979 at SUSECVE-2025-37979 at NVDCVE-2025-37980 at SUSECVE-2025-37980 at NVDCVE-2025-37982 at SUSECVE-2025-37982 at NVDCVE-2025-37983 at SUSECVE-2025-37983 at NVDCVE-2025-37985 at SUSECVE-2025-37985 at NVDCVE-2025-37986 at SUSECVE-2025-37986 at NVDCVE-2025-37989 at SUSECVE-2025-37989 at NVDCVE-2025-37990 at SUSECVE-2025-37990 at NVDCVE-2025-38104 at SUSECVE-2025-38104 at NVDCVE-2025-38152 at SUSECVE-2025-38152 at NVDCVE-2025-38240 at SUSECVE-2025-38240 at NVDCVE-2025-38637 at SUSECVE-2025-38637 at NVDCVE-2025-39735 at SUSECVE-2025-39735 at NVDCVE-2025-40014 at SUSECVE-2025-40014 at NVDCVE-2025-40325 at SUSECVE-2025-40325 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-21938: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr (bsc#1240723).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related
to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).
- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).
- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).
- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).
- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (bsc#1243537).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).
- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).
- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
The following non-security bugs were fixed:
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- Drop AMDGPU patch that may cause regressions (bsc#1243782)
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add more controllers (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- Move upstreamed patches into sorted section
- Move upstreamed tpm patch into sorted section
- NFS: Do not allow waiting for exiting tasks (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- Refresh fixes for cBPF issue (bsc#1242778)
- Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" (stable-fixes).
- Revert "drm/amd: Keep display off while going into S4" (git-fixes).
- Revert "drm/amd: Stop evicting resources on APUs in suspend" (stable-fixes).
- Revert "drm/amdgpu: do not allow userspace to create a doorbell BO" (stable-fixes).
- Revert "rndis_host: Flag RNDIS modems as WWAN devices" (git-fixes).
- Revert "wifi: mt76: mt7996: fill txd by host driver" (stable-fixes).
- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).
- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).
- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).
- SUNRPC: rpcbind should never reset the port to the value '0' (git-fixes).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- drm: Add valid clones check (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- exfat: fix potential wrong error return from get_block (git-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- iommu: Protect against overflow in iommu_pgsize() (git-fixes).
- ip6mr: fix tables suspicious RCU usage (git-fixes).
- ip_tunnel: annotate data-races around t->parms.link (git-fixes).
- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).
- ipmr: fix tables suspicious RCU usage (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Convert ip_route_input() to dscp_t (git-fixes).
- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: save dontfrag in cork (git-fixes).
- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kABI: ipv6: save dontfrag in cork (git-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).
- neighbour: delete redundant judgment statements (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/neighbor: clear error in case strict check is not set (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: add rcu safety to rtnl_prop_list_size() (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: fix udp gso skb_segment after pull from frag_list (git-fixes).
- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- net: linkwatch: use system_unbound_wq (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net: page_pool: fix warning code (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).
- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).
- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).
- net: sched: fix erspan_opt settings in cls_flower (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).
- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- orangefs: Do not truncate file size (git-fixes).
- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).
- pstore: Change kmsg_bytes storage size to u32 (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- scsi: Improve CDL control (git-fixes).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).
- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (git-fixes).
- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- udp: annotate data-races around up->pending (git-fixes).
- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).
- udp: fix receiving fraglist GSO packets (git-fixes).
- udp: preserve the connected status if only UDP cmsg (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in
mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's "next" indication (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).
ImportantSUSE bug 1215199SUSE bug 1220112SUSE bug 1223096SUSE bug 1226498SUSE bug 1228557SUSE bug 1228854SUSE bug 1229491SUSE bug 1230581SUSE bug 1231016SUSE bug 1232504SUSE bug 1232649SUSE bug 1232882SUSE bug 1233192SUSE bug 1234154SUSE bug 1235149SUSE bug 1235728SUSE bug 1235968SUSE bug 1236142SUSE bug 1236208SUSE bug 1237312SUSE bug 1238212SUSE bug 1238473SUSE bug 1238774SUSE bug 1238992SUSE bug 1239691SUSE bug 1239925SUSE bug 1240180SUSE bug 1240593SUSE bug 1240723SUSE bug 1240823SUSE bug 1240866SUSE bug 1240966SUSE bug 1241148SUSE bug 1241282SUSE bug 1241305SUSE bug 1241340SUSE bug 1241351SUSE bug 1241376SUSE bug 1241448SUSE bug 1241457SUSE bug 1241492SUSE bug 1241519SUSE bug 1241525SUSE bug 1241533SUSE bug 1241538SUSE bug 1241576SUSE bug 1241590SUSE bug 1241595SUSE bug 1241596SUSE bug 1241597SUSE bug 1241617SUSE bug 1241625SUSE bug 1241627SUSE bug 1241635SUSE bug 1241638SUSE bug 1241644SUSE bug 1241654SUSE bug 1241657SUSE bug 1242012SUSE bug 1242035SUSE bug 1242044SUSE bug 1242086SUSE bug 1242163SUSE bug 1242203SUSE bug 1242343SUSE bug 1242414SUSE bug 1242417SUSE bug 1242501SUSE bug 1242502SUSE bug 1242504SUSE bug 1242506SUSE bug 1242507SUSE bug 1242509SUSE bug 1242510SUSE bug 1242512SUSE bug 1242513SUSE bug 1242514SUSE bug 1242520SUSE bug 1242523SUSE bug 1242524SUSE bug 1242529SUSE bug 1242530SUSE bug 1242531SUSE bug 1242532SUSE bug 1242559SUSE bug 1242563SUSE bug 1242564SUSE bug 1242565SUSE bug 1242566SUSE bug 1242567SUSE bug 1242568SUSE bug 1242569SUSE bug 1242573SUSE bug 1242574SUSE bug 1242575SUSE bug 1242578SUSE bug 1242584SUSE bug 1242585SUSE bug 1242587SUSE bug 1242591SUSE bug 1242709SUSE bug 1242727SUSE bug 1242758SUSE bug 1242760SUSE bug 1242761SUSE bug 1242762SUSE bug 1242763SUSE bug 1242764SUSE bug 1242766SUSE bug 1242770SUSE bug 1242778SUSE bug 1242781SUSE bug 1242782SUSE bug 1242785SUSE bug 1242786SUSE bug 1242792SUSE bug 1242846SUSE bug 1242849SUSE bug 1242850SUSE bug 1242852SUSE bug 1242854SUSE bug 1242856SUSE bug 1242859SUSE bug 1242860SUSE bug 1242861SUSE bug 1242866SUSE bug 1242867SUSE bug 1242868SUSE bug 1242871SUSE bug 1242873SUSE bug 1242875SUSE bug 1242906SUSE bug 1242908SUSE bug 1242924SUSE bug 1242930SUSE bug 1242940SUSE bug 1242944SUSE bug 1242945SUSE bug 1242946SUSE bug 1242948SUSE bug 1242949SUSE bug 1242951SUSE bug 1242953SUSE bug 1242954SUSE bug 1242955SUSE bug 1242957SUSE bug 1242959SUSE bug 1242961SUSE bug 1242962SUSE bug 1242973SUSE bug 1242974SUSE bug 1242977SUSE bug 1242982SUSE bug 1242990SUSE bug 1242993SUSE bug 1243000SUSE bug 1243006SUSE bug 1243011SUSE bug 1243015SUSE bug 1243044SUSE bug 1243049SUSE bug 1243056SUSE bug 1243074SUSE bug 1243076SUSE bug 1243077SUSE bug 1243082SUSE bug 1243090SUSE bug 1243330SUSE bug 1243342SUSE bug 1243456SUSE bug 1243469SUSE bug 1243470SUSE bug 1243471SUSE bug 1243472SUSE bug 1243473SUSE bug 1243475SUSE bug 1243476SUSE bug 1243509SUSE bug 1243511SUSE bug 1243513SUSE bug 1243515SUSE bug 1243516SUSE bug 1243517SUSE bug 1243519SUSE bug 1243522SUSE bug 1243524SUSE bug 1243528SUSE bug 1243529SUSE bug 1243530SUSE bug 1243534SUSE bug 1243536SUSE bug 1243537SUSE bug 1243539SUSE bug 1243540SUSE bug 1243541SUSE bug 1243542SUSE bug 1243543SUSE bug 1243545SUSE bug 1243547SUSE bug 1243559SUSE bug 1243560SUSE bug 1243562SUSE bug 1243567SUSE bug 1243571SUSE bug 1243572SUSE bug 1243573SUSE bug 1243574SUSE bug 1243575SUSE bug 1243589SUSE bug 1243621SUSE bug 1243624SUSE bug 1243625SUSE bug 1243626SUSE bug 1243627SUSE bug 1243628SUSE bug 1243649SUSE bug 1243657SUSE bug 1243658SUSE bug 1243659SUSE bug 1243660SUSE bug 1243664SUSE bug 1243737SUSE bug 1243782SUSE bug 1243805SUSE bug 1243836SUSE bug 1243963SUSE bug 1244145SUSE bug 1244261CVE-2023-52888 at SUSECVE-2023-52888 at NVDCVE-2023-53146 at SUSECVE-2023-53146 at NVDCVE-2024-43869 at SUSECVE-2024-43869 at NVDCVE-2024-46713 at SUSECVE-2024-46713 at NVDCVE-2024-49568 at SUSECVE-2024-49568 at NVDCVE-2024-50106 at SUSECVE-2024-50106 at NVDCVE-2024-50223 at SUSECVE-2024-50223 at NVDCVE-2024-53135 at SUSECVE-2024-53135 at NVDCVE-2024-54458 at SUSECVE-2024-54458 at NVDCVE-2024-58098 at SUSECVE-2024-58098 at NVDCVE-2024-58099 at SUSECVE-2024-58099 at NVDCVE-2024-58100 at SUSECVE-2024-58100 at NVDCVE-2024-58237 at SUSECVE-2024-58237 at NVDCVE-2025-21629 at SUSECVE-2025-21629 at NVDCVE-2025-21648 at SUSECVE-2025-21648 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-21787 at SUSECVE-2025-21787 at NVDCVE-2025-21814 at SUSECVE-2025-21814 at NVDCVE-2025-21868 at SUSECVE-2025-21868 at NVDCVE-2025-21919 at SUSECVE-2025-21919 at NVDCVE-2025-21938 at SUSECVE-2025-21938 at NVDCVE-2025-21997 at SUSECVE-2025-21997 at NVDCVE-2025-22005 at SUSECVE-2025-22005 at NVDCVE-2025-22021 at SUSECVE-2025-22021 at NVDCVE-2025-22030 at SUSECVE-2025-22030 at NVDCVE-2025-22056 at SUSECVE-2025-22056 at NVDCVE-2025-22057 at SUSECVE-2025-22057 at NVDCVE-2025-22063 at SUSECVE-2025-22063 at NVDCVE-2025-22066 at SUSECVE-2025-22066 at NVDCVE-2025-22070 at SUSECVE-2025-22070 at NVDCVE-2025-22089 at SUSECVE-2025-22089 at NVDCVE-2025-22095 at SUSECVE-2025-22095 at NVDCVE-2025-22103 at SUSECVE-2025-22103 at NVDCVE-2025-22113 at SUSECVE-2025-22113 at NVDCVE-2025-22119 at SUSECVE-2025-22119 at NVDCVE-2025-22124 at SUSECVE-2025-22124 at NVDCVE-2025-22125 at SUSECVE-2025-22125 at NVDCVE-2025-22126 at SUSECVE-2025-22126 at NVDCVE-2025-23140 at SUSECVE-2025-23140 at NVDCVE-2025-23141 at SUSECVE-2025-23141 at NVDCVE-2025-23142 at SUSECVE-2025-23142 at NVDCVE-2025-23144 at SUSECVE-2025-23144 at NVDCVE-2025-23146 at SUSECVE-2025-23146 at NVDCVE-2025-23147 at SUSECVE-2025-23147 at NVDCVE-2025-23148 at SUSECVE-2025-23148 at NVDCVE-2025-23149 at SUSECVE-2025-23149 at NVDCVE-2025-23150 at SUSECVE-2025-23150 at NVDCVE-2025-23151 at SUSECVE-2025-23151 at NVDCVE-2025-23155 at SUSECVE-2025-23155 at NVDCVE-2025-23156 at SUSECVE-2025-23156 at NVDCVE-2025-23157 at SUSECVE-2025-23157 at NVDCVE-2025-23158 at SUSECVE-2025-23158 at NVDCVE-2025-23159 at SUSECVE-2025-23159 at NVDCVE-2025-23160 at SUSECVE-2025-23160 at NVDCVE-2025-23161 at SUSECVE-2025-23161 at NVDCVE-2025-37738 at SUSECVE-2025-37738 at NVDCVE-2025-37740 at SUSECVE-2025-37740 at NVDCVE-2025-37741 at SUSECVE-2025-37741 at NVDCVE-2025-37742 at SUSECVE-2025-37742 at NVDCVE-2025-37743 at SUSECVE-2025-37743 at NVDCVE-2025-37747 at SUSECVE-2025-37747 at NVDCVE-2025-37748 at SUSECVE-2025-37748 at NVDCVE-2025-37749 at SUSECVE-2025-37749 at NVDCVE-2025-37750 at SUSECVE-2025-37750 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37754 at SUSECVE-2025-37754 at NVDCVE-2025-37755 at SUSECVE-2025-37755 at NVDCVE-2025-37758 at SUSECVE-2025-37758 at NVDCVE-2025-37765 at SUSECVE-2025-37765 at NVDCVE-2025-37766 at SUSECVE-2025-37766 at NVDCVE-2025-37767 at SUSECVE-2025-37767 at NVDCVE-2025-37768 at SUSECVE-2025-37768 at NVDCVE-2025-37769 at SUSECVE-2025-37769 at NVDCVE-2025-37770 at SUSECVE-2025-37770 at NVDCVE-2025-37771 at SUSECVE-2025-37771 at NVDCVE-2025-37772 at SUSECVE-2025-37772 at NVDCVE-2025-37773 at SUSECVE-2025-37773 at NVDCVE-2025-37780 at SUSECVE-2025-37780 at NVDCVE-2025-37781 at SUSECVE-2025-37781 at NVDCVE-2025-37782 at SUSECVE-2025-37782 at NVDCVE-2025-37787 at SUSECVE-2025-37787 at NVDCVE-2025-37788 at SUSECVE-2025-37788 at NVDCVE-2025-37789 at SUSECVE-2025-37789 at NVDCVE-2025-37790 at SUSECVE-2025-37790 at NVDCVE-2025-37792 at SUSECVE-2025-37792 at NVDCVE-2025-37793 at SUSECVE-2025-37793 at NVDCVE-2025-37794 at SUSECVE-2025-37794 at NVDCVE-2025-37796 at SUSECVE-2025-37796 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37800 at SUSECVE-2025-37800 at NVDCVE-2025-37801 at SUSECVE-2025-37801 at NVDCVE-2025-37803 at SUSECVE-2025-37803 at NVDCVE-2025-37804 at SUSECVE-2025-37804 at NVDCVE-2025-37805 at SUSECVE-2025-37805 at NVDCVE-2025-37809 at SUSECVE-2025-37809 at NVDCVE-2025-37810 at SUSECVE-2025-37810 at NVDCVE-2025-37812 at SUSECVE-2025-37812 at NVDCVE-2025-37815 at SUSECVE-2025-37815 at NVDCVE-2025-37819 at SUSECVE-2025-37819 at NVDCVE-2025-37820 at SUSECVE-2025-37820 at NVDCVE-2025-37823 at SUSECVE-2025-37823 at NVDCVE-2025-37824 at SUSECVE-2025-37824 at NVDCVE-2025-37829 at SUSECVE-2025-37829 at NVDCVE-2025-37830 at SUSECVE-2025-37830 at NVDCVE-2025-37831 at SUSECVE-2025-37831 at NVDCVE-2025-37833 at SUSECVE-2025-37833 at NVDCVE-2025-37836 at SUSECVE-2025-37836 at NVDCVE-2025-37839 at SUSECVE-2025-37839 at NVDCVE-2025-37840 at SUSECVE-2025-37840 at NVDCVE-2025-37841 at SUSECVE-2025-37841 at NVDCVE-2025-37842 at SUSECVE-2025-37842 at NVDCVE-2025-37844 at SUSECVE-2025-37844 at NVDCVE-2025-37849 at SUSECVE-2025-37849 at NVDCVE-2025-37850 at SUSECVE-2025-37850 at NVDCVE-2025-37851 at SUSECVE-2025-37851 at NVDCVE-2025-37852 at SUSECVE-2025-37852 at NVDCVE-2025-37853 at SUSECVE-2025-37853 at NVDCVE-2025-37854 at SUSECVE-2025-37854 at NVDCVE-2025-37858 at SUSECVE-2025-37858 at NVDCVE-2025-37862 at SUSECVE-2025-37862 at NVDCVE-2025-37865 at SUSECVE-2025-37865 at NVDCVE-2025-37867 at SUSECVE-2025-37867 at NVDCVE-2025-37870 at SUSECVE-2025-37870 at NVDCVE-2025-37871 at SUSECVE-2025-37871 at NVDCVE-2025-37873 at SUSECVE-2025-37873 at NVDCVE-2025-37874 at SUSECVE-2025-37874 at NVDCVE-2025-37875 at SUSECVE-2025-37875 at NVDCVE-2025-37879 at SUSECVE-2025-37879 at NVDCVE-2025-37881 at SUSECVE-2025-37881 at NVDCVE-2025-37886 at SUSECVE-2025-37886 at NVDCVE-2025-37887 at SUSECVE-2025-37887 at NVDCVE-2025-37889 at SUSECVE-2025-37889 at NVDCVE-2025-37890 at SUSECVE-2025-37890 at NVDCVE-2025-37891 at SUSECVE-2025-37891 at NVDCVE-2025-37892 at SUSECVE-2025-37892 at NVDCVE-2025-37897 at SUSECVE-2025-37897 at NVDCVE-2025-37900 at SUSECVE-2025-37900 at NVDCVE-2025-37901 at SUSECVE-2025-37901 at NVDCVE-2025-37903 at SUSECVE-2025-37903 at NVDCVE-2025-37905 at SUSECVE-2025-37905 at NVDCVE-2025-37911 at SUSECVE-2025-37911 at NVDCVE-2025-37912 at SUSECVE-2025-37912 at NVDCVE-2025-37913 at SUSECVE-2025-37913 at NVDCVE-2025-37914 at SUSECVE-2025-37914 at NVDCVE-2025-37915 at SUSECVE-2025-37915 at NVDCVE-2025-37917 at SUSECVE-2025-37917 at NVDCVE-2025-37918 at SUSECVE-2025-37918 at NVDCVE-2025-37925 at SUSECVE-2025-37925 at NVDCVE-2025-37928 at SUSECVE-2025-37928 at NVDCVE-2025-37929 at SUSECVE-2025-37929 at NVDCVE-2025-37930 at SUSECVE-2025-37930 at NVDCVE-2025-37931 at SUSECVE-2025-37931 at NVDCVE-2025-37932 at SUSECVE-2025-37932 at NVDCVE-2025-37933 at SUSECVE-2025-37933 at NVDCVE-2025-37936 at SUSECVE-2025-37936 at NVDCVE-2025-37937 at SUSECVE-2025-37937 at NVDCVE-2025-37943 at SUSECVE-2025-37943 at NVDCVE-2025-37944 at SUSECVE-2025-37944 at NVDCVE-2025-37948 at SUSECVE-2025-37948 at NVDCVE-2025-37949 at SUSECVE-2025-37949 at NVDCVE-2025-37951 at SUSECVE-2025-37951 at NVDCVE-2025-37953 at SUSECVE-2025-37953 at NVDCVE-2025-37954 at SUSECVE-2025-37954 at NVDCVE-2025-37957 at SUSECVE-2025-37957 at NVDCVE-2025-37958 at SUSECVE-2025-37958 at NVDCVE-2025-37959 at SUSECVE-2025-37959 at NVDCVE-2025-37960 at SUSECVE-2025-37960 at NVDCVE-2025-37963 at SUSECVE-2025-37963 at NVDCVE-2025-37967 at SUSECVE-2025-37967 at NVDCVE-2025-37968 at SUSECVE-2025-37968 at NVDCVE-2025-37969 at SUSECVE-2025-37969 at NVDCVE-2025-37970 at SUSECVE-2025-37970 at NVDCVE-2025-37972 at SUSECVE-2025-37972 at NVDCVE-2025-37974 at SUSECVE-2025-37974 at NVDCVE-2025-37978 at SUSECVE-2025-37978 at NVDCVE-2025-37979 at SUSECVE-2025-37979 at NVDCVE-2025-37980 at SUSECVE-2025-37980 at NVDCVE-2025-37982 at SUSECVE-2025-37982 at NVDCVE-2025-37983 at SUSECVE-2025-37983 at NVDCVE-2025-37985 at SUSECVE-2025-37985 at NVDCVE-2025-37986 at SUSECVE-2025-37986 at NVDCVE-2025-37987 at SUSECVE-2025-37987 at NVDCVE-2025-37989 at SUSECVE-2025-37989 at NVDCVE-2025-37990 at SUSECVE-2025-37990 at NVDCVE-2025-37998 at SUSECVE-2025-37998 at NVDCVE-2025-38104 at SUSECVE-2025-38104 at NVDCVE-2025-38152 at SUSECVE-2025-38152 at NVDCVE-2025-38240 at SUSECVE-2025-38240 at NVDCVE-2025-38637 at SUSECVE-2025-38637 at NVDCVE-2025-39735 at SUSECVE-2025-39735 at NVDCVE-2025-40014 at SUSECVE-2025-40014 at NVDCVE-2025-40325 at SUSECVE-2025-40325 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231)
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233708)
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233680)
- CVE-2024-53074: wifi: iwlwifi: mvm: don't leak a link on AP removal (bsc#1235086)
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235129)
- CVE-2024-53208: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (bsc#1236244)
- CVE-2024-50257: netfilter: fix use-after-free in get_info() (bsc#1233245)
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232908)
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062)
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232929)
- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232927)
ImportantSUSE bug 1232908SUSE bug 1232927SUSE bug 1232929SUSE bug 1233245SUSE bug 1233680SUSE bug 1233708SUSE bug 1235062SUSE bug 1235086SUSE bug 1235129SUSE bug 1235231SUSE bug 1236244CVE-2024-50124 at SUSECVE-2024-50124 at NVDCVE-2024-50125 at SUSECVE-2024-50125 at NVDCVE-2024-50127 at SUSECVE-2024-50127 at NVDCVE-2024-50257 at SUSECVE-2024-50257 at NVDCVE-2024-50279 at SUSECVE-2024-50279 at NVDCVE-2024-50301 at SUSECVE-2024-50301 at NVDCVE-2024-53074 at SUSECVE-2024-53074 at NVDCVE-2024-53208 at SUSECVE-2024-53208 at NVDCVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231)
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235129)
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062)
ImportantSUSE bug 1235062SUSE bug 1235129SUSE bug 1235231CVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231)
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233708)
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233680)
- CVE-2024-53074: wifi: iwlwifi: mvm: don't leak a link on AP removal (bsc#1235086)
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235129)
- CVE-2024-53208: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (bsc#1236244)
- CVE-2024-50257: netfilter: fix use-after-free in get_info() (bsc#1233245)
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232908)
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062)
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232929)
- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232927)
ImportantSUSE bug 1232908SUSE bug 1232927SUSE bug 1232929SUSE bug 1233245SUSE bug 1233680SUSE bug 1233708SUSE bug 1235062SUSE bug 1235086SUSE bug 1235129SUSE bug 1235231SUSE bug 1236244CVE-2024-50124 at SUSECVE-2024-50124 at NVDCVE-2024-50125 at SUSECVE-2024-50125 at NVDCVE-2024-50127 at SUSECVE-2024-50127 at NVDCVE-2024-50257 at SUSECVE-2024-50257 at NVDCVE-2024-50279 at SUSECVE-2024-50279 at NVDCVE-2024-50301 at SUSECVE-2024-50301 at NVDCVE-2024-53074 at SUSECVE-2024-53074 at NVDCVE-2024-53208 at SUSECVE-2024-53208 at NVDCVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062)
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235129)
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231)
ImportantSUSE bug 1235062SUSE bug 1235129SUSE bug 1235231CVE-2024-56582 at SUSECVE-2024-56582 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-57882: Fixed mptcp: fix TCP options overflow. (bsc#1235916)
- CVE-2024-46818: Fixed drm/amd/display: check gpio_id before used as array index (bsc#1231204)
- CVE-2024-46815: Fixed drm/amd/display: check num_valid_sets before accessing reader_wm_sets[] (bsc#1231196)
- CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452)
- CVE-2024-50302: Fixed HID: core: zero-initialize the report buffer (bsc#1233679)
- CVE-2024-53104: Fixed media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783)
- CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails (bsc#1230998)
- CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993)
ImportantSUSE bug 1230998SUSE bug 1231196SUSE bug 1231204SUSE bug 1231993SUSE bug 1233679SUSE bug 1235452SUSE bug 1235916SUSE bug 1236783CVE-2024-45016 at SUSECVE-2024-45016 at NVDCVE-2024-46815 at SUSECVE-2024-46815 at NVDCVE-2024-46818 at SUSECVE-2024-46818 at NVDCVE-2024-47684 at SUSECVE-2024-47684 at NVDCVE-2024-50302 at SUSECVE-2024-50302 at NVDCVE-2024-53104 at SUSECVE-2024-53104 at NVDCVE-2024-56648 at SUSECVE-2024-56648 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).
- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).
- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).
- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).
- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).
- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).
- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).
- CVE-2025-22111: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).
- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).
- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).
- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).
- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).
- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).
- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).
- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).
- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).
- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).
- CVE-2025-37938: tracing: Verify event formats that have "%*p.." (bsc#1243544).
- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).
- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).
- CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698).
- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).
- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).
- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).
- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).
- CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).
The following non-security bugs were fixed:
- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).
- ACPI: battery: negate current when discharging (stable-fixes).
- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).
- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).
- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).
- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).
- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).
- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).
- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).
- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).
- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).
- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).
- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).
- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).
- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).
- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).
- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).
- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).
- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).
- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).
- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).
- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).
- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).
- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).
- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).
- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).
- Bluetooth: MGMT: Fix sparse errors (git-fixes).
- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).
- Bluetooth: Remove pending ACL connection attempts (stable-fixes).
- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).
- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).
- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).
- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).
- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).
- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).
- HID: wacom: fix kobject reference count leak (git-fixes).
- HID: wacom: fix memory leak on kobject creation failure (git-fixes).
- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).
- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).
- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).
- NFC: nci: uart: Set tty->disc_data only in success path (git-fixes).
- PCI/DPC: Log Error Source ID only when valid (git-fixes).
- PCI/DPC: Use defines with DPC reason fields (git-fixes).
- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).
- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).
- PCI: apple: Set only available ports up (git-fixes).
- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).
- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).
- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)
- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
- Revert "ALSA: usb-audio: Skip setting clock selector for single connections" (stable-fixes).
- Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)
- Revert "ipv6: save dontfrag in cork (git-fixes)."
- Revert "kABI: ipv6: save dontfrag in cork (git-fixes)."
- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).
- add bug reference to existing hv_storvsc change (bsc#1245455).
- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).
- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).
- bnxt: properly flush XDP redirect lists (git-fixes).
- bpf: Force uprobe bpf program to always return 0 (git-fixes).
- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).
- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).
- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).
- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).
- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).
- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).
- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).
- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).
- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).
- ceph: Fix incorrect flush end position calculation (git-fixes).
- ceph: allocate sparse_ext map only for sparse reads (git-fixes).
- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).
- clocksource: Fix brown-bag boolean thinko in (git-fixes)
- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).
- devlink: fix port dump cmd type (git-fixes).
- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).
- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
- drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes).
- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).
- drm/i915: fix build error some more (git-fixes).
- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).
- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).
- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).
- fbcon: Make sure modelist not set on unregistered console (stable-fixes).
- fgraph: Still initialize idle shadow stacks when starting (git-fixes).
- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).
- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).
- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).
- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).
- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).
- hwmon: (occ) fix unaligned accesses (git-fixes).
- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).
- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).
- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).
- i2c: npcm: Add clock toggle recovery (stable-fixes).
- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).
- i2c: tiny-usb: disable zero-length read messages (git-fixes).
- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).
- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).
- ice: Fix LACP bonds without SRIOV environment (git-fixes).
- ice: create new Tx scheduler nodes for new queues only (git-fixes).
- ice: fix Tx scheduler error handling in XDP callback (git-fixes).
- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).
- ice: fix vf->num_mac count with port representors (git-fixes).
- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).
- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)
- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- kabi: restore layout of struct cgroup_subsys (bsc#1241166).
- kabi: restore layout of struct mem_control (jsc#PED-12551).
- kabi: restore layout of struct page_counter (jsc#PED-12551).
- loop: add file_start_write() and file_end_write() (git-fixes).
- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).
- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).
- mmc: Add quirk to disable DDR50 tuning (stable-fixes).
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).
- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).
- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).
- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).
- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).
- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
- net/mlx5: Fix return value when searching for existing flow group (git-fixes).
- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).
- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).
- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
- net: ice: Perform accurate aRFS flow match (git-fixes).
- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
- net: mana: Record doorbell physical address in PF mode (bsc#1244229).
- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)
- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
- net_sched: prio: fix a race in prio_tune() (git-fixes).
- net_sched: red: fix a race in __red_change() (git-fixes).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: reject invalid perturb period (git-fixes).
- net_sched: tbf: fix a race in tbf_change() (git-fixes).
- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).
- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).
- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).
- ntp: Clamp maxerror and esterror to operating range (git-fixes)
- ntp: Remove invalid cast in time offset math (git-fixes)
- ntp: Safeguard against time_constant overflow (git-fixes)
- nvme-fc: do not reference lsrsp after failure (bsc#1245193).
- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).
- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
- nvme-pci: add quirks for device 126f:1001 (git-fixes).
- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).
- nvme: fix command limits status code (git-fixes).
- nvme: fix implicit bool to flags conversion (git-fixes).
- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
- nvmet-fc: take tgtport refs for portentry (bsc#1245193).
- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).
- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).
- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).
- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
- nvmet-fcloop: prevent double port deletion (bsc#1245193).
- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).
- nvmet-fcloop: remove nport from list on last user (bsc#1245193).
- nvmet-fcloop: track ref counts for nports (bsc#1245193).
- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).
- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).
- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).
- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).
- platform/x86: dell_rbu: Fix list usage (git-fixes).
- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).
- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).
- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).
- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes).
- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).
- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).
- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)
- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).
- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).
- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).
- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).
- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).
- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).
- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).
- scsi: mpi3mr: Add level check to control event logging (git-fixes).
- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).
- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).
- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).
- scsi: st: ERASE does not change tape location (git-fixes).
- scsi: st: Restore some drive settings after reset (git-fixes).
- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).
- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).
- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).
- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).
- struct usci: hide additional member (git-fixes).
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).
- thunderbolt: Do not double dequeue a configuration request (stable-fixes).
- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).
- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).
- tracing: Add __print_dynamic_array() helper (bsc#1243544).
- tracing: Add __string_len() example (bsc#1243544).
- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).
- tracing: Fix compilation warning on arm32 (bsc#1243551).
- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).
- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).
- ucsi_debugfs_entry: hide signedness change (git-fixes).
- uprobes: Use kzalloc to allocate xol area (git-fixes).
- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).
- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).
- usb: typec: ucsi: Only enable supported notifications (git-fixes).
- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).
- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).
- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).
- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).
- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).
- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).
- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).
- vmxnet3: update MTU after device quiesce (bsc#1244626).
- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).
- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).
- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).
- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).
- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).
- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).
- wifi: ath11k: do not wait when there is no vdev started (git-fixes).
- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).
- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).
- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).
- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).
- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).
- wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes).
- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).
- wifi: ath12k: fix incorrect CE addresses (stable-fixes).
- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).
- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).
- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).
- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).
- wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).
- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).
- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).
- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).
- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).
- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).
- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).
- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
- x86/microcode/AMD: Add get_patch_level() (git-fixes).
- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).
- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).
- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).
- x86/microcode: Consolidate the loader enablement checking (git-fixes).
- x86/mm/init: Handle the special case of device private pages in
add_pages(), to not increase max_pfn and trigger dma_addressing_limited()
bounce buffers (git-fixes).
- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).
- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
- xen/x86: fix initial memory balloon target (git-fixes).
ImportantSUSE bug 1210025SUSE bug 1211226SUSE bug 1215199SUSE bug 1218184SUSE bug 1223008SUSE bug 1235490SUSE bug 1236208SUSE bug 1237312SUSE bug 1237913SUSE bug 1238859SUSE bug 1238982SUSE bug 1240577SUSE bug 1240610SUSE bug 1240686SUSE bug 1240814SUSE bug 1241166SUSE bug 1241278SUSE bug 1241414SUSE bug 1241544SUSE bug 1241572SUSE bug 1241592SUSE bug 1242504SUSE bug 1242515SUSE bug 1242521SUSE bug 1242556SUSE bug 1242725SUSE bug 1242907SUSE bug 1243051SUSE bug 1243060SUSE bug 1243342SUSE bug 1243467SUSE bug 1243480SUSE bug 1243506SUSE bug 1243523SUSE bug 1243538SUSE bug 1243544SUSE bug 1243551SUSE bug 1243620SUSE bug 1243698SUSE bug 1243774SUSE bug 1243823SUSE bug 1243827SUSE bug 1243832SUSE bug 1243847SUSE bug 1244100SUSE bug 1244145SUSE bug 1244172SUSE bug 1244176SUSE bug 1244229SUSE bug 1244234SUSE bug 1244241SUSE bug 1244274SUSE bug 1244275SUSE bug 1244277SUSE bug 1244309SUSE bug 1244313SUSE bug 1244337SUSE bug 1244626SUSE bug 1244725SUSE bug 1244727SUSE bug 1244729SUSE bug 1244731SUSE bug 1244732SUSE bug 1244736SUSE bug 1244737SUSE bug 1244738SUSE bug 1244739SUSE bug 1244743SUSE bug 1244746SUSE bug 1244759SUSE bug 1244789SUSE bug 1244862SUSE bug 1244906SUSE bug 1244938SUSE bug 1244995SUSE bug 1244996SUSE bug 1244999SUSE bug 1245001SUSE bug 1245003SUSE bug 1245004SUSE bug 1245025SUSE bug 1245042SUSE bug 1245046SUSE bug 1245078SUSE bug 1245081SUSE bug 1245082SUSE bug 1245083SUSE bug 1245155SUSE bug 1245183SUSE bug 1245193SUSE bug 1245210SUSE bug 1245217SUSE bug 1245225SUSE bug 1245226SUSE bug 1245228SUSE bug 1245431SUSE bug 1245455CVE-2024-26831 at SUSECVE-2024-26831 at NVDCVE-2024-56613 at SUSECVE-2024-56613 at NVDCVE-2024-56699 at SUSECVE-2024-56699 at NVDCVE-2024-57982 at SUSECVE-2024-57982 at NVDCVE-2024-58053 at SUSECVE-2024-58053 at NVDCVE-2025-21658 at SUSECVE-2025-21658 at NVDCVE-2025-21720 at SUSECVE-2025-21720 at NVDCVE-2025-21898 at SUSECVE-2025-21898 at NVDCVE-2025-21899 at SUSECVE-2025-21899 at NVDCVE-2025-21920 at SUSECVE-2025-21920 at NVDCVE-2025-21959 at SUSECVE-2025-21959 at NVDCVE-2025-22035 at SUSECVE-2025-22035 at NVDCVE-2025-22083 at SUSECVE-2025-22083 at NVDCVE-2025-22111 at SUSECVE-2025-22111 at NVDCVE-2025-22120 at SUSECVE-2025-22120 at NVDCVE-2025-37756 at SUSECVE-2025-37756 at NVDCVE-2025-37757 at SUSECVE-2025-37757 at NVDCVE-2025-37786 at SUSECVE-2025-37786 at NVDCVE-2025-37811 at SUSECVE-2025-37811 at NVDCVE-2025-37859 at SUSECVE-2025-37859 at NVDCVE-2025-37884 at SUSECVE-2025-37884 at NVDCVE-2025-37909 at SUSECVE-2025-37909 at NVDCVE-2025-37921 at SUSECVE-2025-37921 at NVDCVE-2025-37923 at SUSECVE-2025-37923 at NVDCVE-2025-37927 at SUSECVE-2025-37927 at NVDCVE-2025-37938 at SUSECVE-2025-37938 at NVDCVE-2025-37945 at SUSECVE-2025-37945 at NVDCVE-2025-37946 at SUSECVE-2025-37946 at NVDCVE-2025-37961 at SUSECVE-2025-37961 at NVDCVE-2025-37973 at SUSECVE-2025-37973 at NVDCVE-2025-37992 at SUSECVE-2025-37992 at NVDCVE-2025-37994 at SUSECVE-2025-37994 at NVDCVE-2025-37995 at SUSECVE-2025-37995 at NVDCVE-2025-37997 at SUSECVE-2025-37997 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38003 at SUSECVE-2025-38003 at NVDCVE-2025-38004 at SUSECVE-2025-38004 at NVDCVE-2025-38005 at SUSECVE-2025-38005 at NVDCVE-2025-38007 at SUSECVE-2025-38007 at NVDCVE-2025-38009 at SUSECVE-2025-38009 at NVDCVE-2025-38010 at SUSECVE-2025-38010 at NVDCVE-2025-38011 at SUSECVE-2025-38011 at NVDCVE-2025-38013 at SUSECVE-2025-38013 at NVDCVE-2025-38014 at SUSECVE-2025-38014 at NVDCVE-2025-38015 at SUSECVE-2025-38015 at NVDCVE-2025-38018 at SUSECVE-2025-38018 at NVDCVE-2025-38020 at SUSECVE-2025-38020 at NVDCVE-2025-38022 at SUSECVE-2025-38022 at NVDCVE-2025-38023 at SUSECVE-2025-38023 at NVDCVE-2025-38024 at SUSECVE-2025-38024 at NVDCVE-2025-38027 at SUSECVE-2025-38027 at NVDCVE-2025-38031 at SUSECVE-2025-38031 at NVDCVE-2025-38040 at SUSECVE-2025-38040 at NVDCVE-2025-38043 at SUSECVE-2025-38043 at NVDCVE-2025-38044 at SUSECVE-2025-38044 at NVDCVE-2025-38045 at SUSECVE-2025-38045 at NVDCVE-2025-38053 at SUSECVE-2025-38053 at NVDCVE-2025-38057 at SUSECVE-2025-38057 at NVDCVE-2025-38059 at SUSECVE-2025-38059 at NVDCVE-2025-38060 at SUSECVE-2025-38060 at NVDCVE-2025-38065 at SUSECVE-2025-38065 at NVDCVE-2025-38068 at SUSECVE-2025-38068 at NVDCVE-2025-38072 at SUSECVE-2025-38072 at NVDCVE-2025-38077 at SUSECVE-2025-38077 at NVDCVE-2025-38078 at SUSECVE-2025-38078 at NVDCVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38080 at SUSECVE-2025-38080 at NVDCVE-2025-38081 at SUSECVE-2025-38081 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).
- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).
- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).
- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).
- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).
- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).
- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).
- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).
- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).
- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).
- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).
- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).
- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).
- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).
- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).
- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).
- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).
- CVE-2025-37938: tracing: Verify event formats that have "%*p.." (bsc#1243544).
- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).
- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).
- CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698).
- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).
- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).
- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).
- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).
- CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).
The following non-security bugs were fixed:
- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).
- ACPI: battery: negate current when discharging (stable-fixes).
- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).
- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).
- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).
- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).
- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).
- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).
- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).
- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).
- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).
- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).
- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).
- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).
- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).
- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).
- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).
- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).
- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).
- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).
- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).
- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).
- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).
- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).
- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).
- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).
- Bluetooth: MGMT: Fix sparse errors (git-fixes).
- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).
- Bluetooth: Remove pending ACL connection attempts (stable-fixes).
- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).
- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).
- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).
- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).
- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).
- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).
- HID: wacom: fix kobject reference count leak (git-fixes).
- HID: wacom: fix memory leak on kobject creation failure (git-fixes).
- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).
- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).
- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).
- NFC: nci: uart: Set tty->disc_data only in success path (git-fixes).
- PCI/DPC: Log Error Source ID only when valid (git-fixes).
- PCI/DPC: Use defines with DPC reason fields (git-fixes).
- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).
- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).
- PCI: apple: Set only available ports up (git-fixes).
- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).
- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).
- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)
- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
- Revert "ALSA: usb-audio: Skip setting clock selector for single connections" (stable-fixes).
- Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)
- Revert "kABI: ipv6: save dontfrag in cork (git-fixes)."
- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).
- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).
- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).
- bnxt: properly flush XDP redirect lists (git-fixes).
- bpf: Force uprobe bpf program to always return 0 (git-fixes).
- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).
- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).
- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).
- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).
- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).
- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).
- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).
- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).
- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).
- ceph: Fix incorrect flush end position calculation (git-fixes).
- ceph: allocate sparse_ext map only for sparse reads (git-fixes).
- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).
- clocksource: Fix brown-bag boolean thinko in (git-fixes)
- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).
- devlink: fix port dump cmd type (git-fixes).
- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).
- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
- drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes).
- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).
- drm/i915: fix build error some more (git-fixes).
- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).
- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).
- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).
- fbcon: Make sure modelist not set on unregistered console (stable-fixes).
- fgraph: Still initialize idle shadow stacks when starting (git-fixes).
- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).
- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).
- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).
- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).
- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).
- hwmon: (occ) fix unaligned accesses (git-fixes).
- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).
- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).
- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).
- i2c: npcm: Add clock toggle recovery (stable-fixes).
- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).
- i2c: tiny-usb: disable zero-length read messages (git-fixes).
- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).
- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).
- ice: Fix LACP bonds without SRIOV environment (git-fixes).
- ice: create new Tx scheduler nodes for new queues only (git-fixes).
- ice: fix Tx scheduler error handling in XDP callback (git-fixes).
- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).
- ice: fix vf->num_mac count with port representors (git-fixes).
- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).
- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)
- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- kabi: restore layout of struct cgroup_subsys (bsc#1241166).
- kabi: restore layout of struct mem_control (jsc#PED-12551).
- kabi: restore layout of struct page_counter (jsc#PED-12551).
- loop: add file_start_write() and file_end_write() (git-fixes).
- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).
- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).
- mmc: Add quirk to disable DDR50 tuning (stable-fixes).
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).
- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).
- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).
- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).
- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).
- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
- net/mlx5: Fix return value when searching for existing flow group (git-fixes).
- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).
- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).
- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
- net: ice: Perform accurate aRFS flow match (git-fixes).
- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
- net: mana: Record doorbell physical address in PF mode (bsc#1244229).
- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)
- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
- net_sched: prio: fix a race in prio_tune() (git-fixes).
- net_sched: red: fix a race in __red_change() (git-fixes).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: reject invalid perturb period (git-fixes).
- net_sched: tbf: fix a race in tbf_change() (git-fixes).
- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).
- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).
- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).
- ntp: Clamp maxerror and esterror to operating range (git-fixes)
- ntp: Remove invalid cast in time offset math (git-fixes)
- ntp: Safeguard against time_constant overflow (git-fixes)
- nvme-fc: do not reference lsrsp after failure (bsc#1245193).
- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).
- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
- nvme-pci: add quirks for device 126f:1001 (git-fixes).
- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).
- nvme: fix command limits status code (git-fixes).
- nvme: fix implicit bool to flags conversion (git-fixes).
- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
- nvmet-fc: take tgtport refs for portentry (bsc#1245193).
- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).
- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).
- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).
- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
- nvmet-fcloop: prevent double port deletion (bsc#1245193).
- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).
- nvmet-fcloop: remove nport from list on last user (bsc#1245193).
- nvmet-fcloop: track ref counts for nports (bsc#1245193).
- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).
- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).
- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).
- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).
- platform/x86: dell_rbu: Fix list usage (git-fixes).
- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).
- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).
- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).
- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes).
- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).
- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).
- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)
- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).
- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).
- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).
- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).
- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).
- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).
- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).
- scsi: mpi3mr: Add level check to control event logging (git-fixes).
- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).
- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).
- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).
- scsi: st: ERASE does not change tape location (git-fixes).
- scsi: st: Restore some drive settings after reset (git-fixes).
- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).
- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).
- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).
- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).
- struct usci: hide additional member (git-fixes).
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).
- thunderbolt: Do not double dequeue a configuration request (stable-fixes).
- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).
- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).
- tracing: Add __print_dynamic_array() helper (bsc#1243544).
- tracing: Add __string_len() example (bsc#1243544).
- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).
- tracing: Fix compilation warning on arm32 (bsc#1243551).
- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).
- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).
- ucsi_debugfs_entry: hide signedness change (git-fixes).
- uprobes: Use kzalloc to allocate xol area (git-fixes).
- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).
- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).
- usb: typec: ucsi: Only enable supported notifications (git-fixes).
- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).
- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).
- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).
- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).
- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).
- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).
- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).
- vmxnet3: update MTU after device quiesce (bsc#1244626).
- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).
- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).
- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).
- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).
- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).
- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).
- wifi: ath11k: do not wait when there is no vdev started (git-fixes).
- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).
- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).
- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).
- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).
- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).
- wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes).
- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).
- wifi: ath12k: fix incorrect CE addresses (stable-fixes).
- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).
- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).
- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).
- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).
- wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).
- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).
- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).
- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).
- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).
- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).
- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).
- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
- x86/microcode/AMD: Add get_patch_level() (git-fixes).
- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).
- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).
- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).
- x86/microcode: Consolidate the loader enablement checking (git-fixes).
- x86/mm/init: Handle the special case of device private pages in
add_pages(), to not increase max_pfn and trigger dma_addressing_limited()
bounce buffers (git-fixes).
- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).
- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
- xen/x86: fix initial memory balloon target (git-fixes).
ImportantSUSE bug 1210025SUSE bug 1211226SUSE bug 1215199SUSE bug 1218184SUSE bug 1223008SUSE bug 1235490SUSE bug 1236208SUSE bug 1237312SUSE bug 1237913SUSE bug 1238859SUSE bug 1238982SUSE bug 1240577SUSE bug 1240610SUSE bug 1240686SUSE bug 1240814SUSE bug 1241166SUSE bug 1241278SUSE bug 1241414SUSE bug 1241544SUSE bug 1241572SUSE bug 1241592SUSE bug 1242504SUSE bug 1242515SUSE bug 1242521SUSE bug 1242556SUSE bug 1242725SUSE bug 1242907SUSE bug 1243051SUSE bug 1243060SUSE bug 1243342SUSE bug 1243467SUSE bug 1243480SUSE bug 1243506SUSE bug 1243523SUSE bug 1243538SUSE bug 1243544SUSE bug 1243551SUSE bug 1243620SUSE bug 1243698SUSE bug 1243774SUSE bug 1243823SUSE bug 1243827SUSE bug 1243832SUSE bug 1243847SUSE bug 1244100SUSE bug 1244145SUSE bug 1244172SUSE bug 1244176SUSE bug 1244229SUSE bug 1244234SUSE bug 1244241SUSE bug 1244274SUSE bug 1244275SUSE bug 1244277SUSE bug 1244309SUSE bug 1244313SUSE bug 1244337SUSE bug 1244626SUSE bug 1244725SUSE bug 1244727SUSE bug 1244729SUSE bug 1244731SUSE bug 1244732SUSE bug 1244736SUSE bug 1244737SUSE bug 1244738SUSE bug 1244739SUSE bug 1244743SUSE bug 1244746SUSE bug 1244759SUSE bug 1244789SUSE bug 1244862SUSE bug 1244906SUSE bug 1244938SUSE bug 1244995SUSE bug 1244996SUSE bug 1244999SUSE bug 1245001SUSE bug 1245003SUSE bug 1245004SUSE bug 1245025SUSE bug 1245042SUSE bug 1245046SUSE bug 1245078SUSE bug 1245081SUSE bug 1245082SUSE bug 1245083SUSE bug 1245155SUSE bug 1245183SUSE bug 1245193SUSE bug 1245210SUSE bug 1245217SUSE bug 1245225SUSE bug 1245226SUSE bug 1245228SUSE bug 1245431SUSE bug 1245455CVE-2024-26831 at SUSECVE-2024-26831 at NVDCVE-2024-56613 at SUSECVE-2024-56613 at NVDCVE-2024-56699 at SUSECVE-2024-56699 at NVDCVE-2024-57982 at SUSECVE-2024-57982 at NVDCVE-2024-58053 at SUSECVE-2024-58053 at NVDCVE-2025-21658 at SUSECVE-2025-21658 at NVDCVE-2025-21720 at SUSECVE-2025-21720 at NVDCVE-2025-21898 at SUSECVE-2025-21898 at NVDCVE-2025-21899 at SUSECVE-2025-21899 at NVDCVE-2025-21920 at SUSECVE-2025-21920 at NVDCVE-2025-21959 at SUSECVE-2025-21959 at NVDCVE-2025-22035 at SUSECVE-2025-22035 at NVDCVE-2025-22083 at SUSECVE-2025-22083 at NVDCVE-2025-22111 at SUSECVE-2025-22111 at NVDCVE-2025-22120 at SUSECVE-2025-22120 at NVDCVE-2025-37756 at SUSECVE-2025-37756 at NVDCVE-2025-37757 at SUSECVE-2025-37757 at NVDCVE-2025-37786 at SUSECVE-2025-37786 at NVDCVE-2025-37811 at SUSECVE-2025-37811 at NVDCVE-2025-37859 at SUSECVE-2025-37859 at NVDCVE-2025-37884 at SUSECVE-2025-37884 at NVDCVE-2025-37909 at SUSECVE-2025-37909 at NVDCVE-2025-37921 at SUSECVE-2025-37921 at NVDCVE-2025-37923 at SUSECVE-2025-37923 at NVDCVE-2025-37927 at SUSECVE-2025-37927 at NVDCVE-2025-37938 at SUSECVE-2025-37938 at NVDCVE-2025-37945 at SUSECVE-2025-37945 at NVDCVE-2025-37946 at SUSECVE-2025-37946 at NVDCVE-2025-37961 at SUSECVE-2025-37961 at NVDCVE-2025-37973 at SUSECVE-2025-37973 at NVDCVE-2025-37992 at SUSECVE-2025-37992 at NVDCVE-2025-37994 at SUSECVE-2025-37994 at NVDCVE-2025-37995 at SUSECVE-2025-37995 at NVDCVE-2025-37997 at SUSECVE-2025-37997 at NVDCVE-2025-38000 at SUSECVE-2025-38000 at NVDCVE-2025-38001 at SUSECVE-2025-38001 at NVDCVE-2025-38003 at SUSECVE-2025-38003 at NVDCVE-2025-38004 at SUSECVE-2025-38004 at NVDCVE-2025-38005 at SUSECVE-2025-38005 at NVDCVE-2025-38007 at SUSECVE-2025-38007 at NVDCVE-2025-38009 at SUSECVE-2025-38009 at NVDCVE-2025-38010 at SUSECVE-2025-38010 at NVDCVE-2025-38011 at SUSECVE-2025-38011 at NVDCVE-2025-38013 at SUSECVE-2025-38013 at NVDCVE-2025-38014 at SUSECVE-2025-38014 at NVDCVE-2025-38015 at SUSECVE-2025-38015 at NVDCVE-2025-38018 at SUSECVE-2025-38018 at NVDCVE-2025-38020 at SUSECVE-2025-38020 at NVDCVE-2025-38022 at SUSECVE-2025-38022 at NVDCVE-2025-38023 at SUSECVE-2025-38023 at NVDCVE-2025-38024 at SUSECVE-2025-38024 at NVDCVE-2025-38027 at SUSECVE-2025-38027 at NVDCVE-2025-38031 at SUSECVE-2025-38031 at NVDCVE-2025-38040 at SUSECVE-2025-38040 at NVDCVE-2025-38043 at SUSECVE-2025-38043 at NVDCVE-2025-38044 at SUSECVE-2025-38044 at NVDCVE-2025-38045 at SUSECVE-2025-38045 at NVDCVE-2025-38053 at SUSECVE-2025-38053 at NVDCVE-2025-38057 at SUSECVE-2025-38057 at NVDCVE-2025-38059 at SUSECVE-2025-38059 at NVDCVE-2025-38060 at SUSECVE-2025-38060 at NVDCVE-2025-38065 at SUSECVE-2025-38065 at NVDCVE-2025-38068 at SUSECVE-2025-38068 at NVDCVE-2025-38072 at SUSECVE-2025-38072 at NVDCVE-2025-38077 at SUSECVE-2025-38077 at NVDCVE-2025-38078 at SUSECVE-2025-38078 at NVDCVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38080 at SUSECVE-2025-38080 at NVDCVE-2025-38081 at SUSECVE-2025-38081 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues:
- Initial livepatch for 10th RT kernel update.
Moderatecpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118)
- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227)
- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854)
- CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885)
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892)
- CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005)
- CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769)
- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921)
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648)
ImportantSUSE bug 1233118SUSE bug 1233227SUSE bug 1234854SUSE bug 1234885SUSE bug 1234892SUSE bug 1235005SUSE bug 1235769SUSE bug 1235921SUSE bug 1238912SUSE bug 1241579SUSE bug 1243648SUSE bug 1244337CVE-2024-50208 at SUSECVE-2024-50208 at NVDCVE-2024-50250 at SUSECVE-2024-50250 at NVDCVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854)
- CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885)
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892)
- CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005)
- CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769)
- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921)
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648)
ImportantSUSE bug 1234854SUSE bug 1234885SUSE bug 1234892SUSE bug 1235005SUSE bug 1235769SUSE bug 1235921SUSE bug 1238912SUSE bug 1241579SUSE bug 1243648SUSE bug 1244337CVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
ImportantSUSE bug 1238912SUSE bug 1241579SUSE bug 1244337CVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
ImportantSUSE bug 1241579SUSE bug 1244337CVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-57882: Fixed mptcp: fix TCP options overflow. (bsc#1235916)
- CVE-2024-46818: Fixed drm/amd/display: check gpio_id before used as array index (bsc#1231204)
- CVE-2024-46815: Fixed drm/amd/display: check num_valid_sets before accessing reader_wm_sets[] (bsc#1231196)
- CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452)
- CVE-2024-50302: Fixed HID: core: zero-initialize the report buffer (bsc#1233679)
- CVE-2024-53104: Fixed media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783)
- CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails (bsc#1230998)
- CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993)
ImportantSUSE bug 1230998SUSE bug 1231196SUSE bug 1231204SUSE bug 1231993SUSE bug 1233679SUSE bug 1235452SUSE bug 1235916SUSE bug 1236783CVE-2024-45016 at SUSECVE-2024-45016 at NVDCVE-2024-46815 at SUSECVE-2024-46815 at NVDCVE-2024-46818 at SUSECVE-2024-46818 at NVDCVE-2024-47684 at SUSECVE-2024-47684 at NVDCVE-2024-50302 at SUSECVE-2024-50302 at NVDCVE-2024-53104 at SUSECVE-2024-53104 at NVDCVE-2024-56648 at SUSECVE-2024-56648 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233118)
- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233227)
- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854)
- CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885)
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892)
- CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005)
- CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769)
- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921)
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648)
ImportantSUSE bug 1233118SUSE bug 1233227SUSE bug 1234854SUSE bug 1234885SUSE bug 1234892SUSE bug 1235005SUSE bug 1235769SUSE bug 1235921SUSE bug 1238912SUSE bug 1241579SUSE bug 1243648SUSE bug 1244337CVE-2024-50208 at SUSECVE-2024-50208 at NVDCVE-2024-50250 at SUSECVE-2024-50250 at NVDCVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854)
- CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234885)
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892)
- CVE-2024-53214: vfio/pci: properly hide first-in-list PCIe extended capability (bsc#1235005)
- CVE-2024-57793: virt: tdx-guest: just leak decrypted memory on unrecoverable errors (bsc#1235769)
- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921)
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1243648)
ImportantSUSE bug 1234854SUSE bug 1234885SUSE bug 1234892SUSE bug 1235005SUSE bug 1235769SUSE bug 1235921SUSE bug 1238912SUSE bug 1241579SUSE bug 1243648SUSE bug 1244337CVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53166 at SUSECVE-2024-53166 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53214 at SUSECVE-2024-53214 at NVDCVE-2024-56558 at SUSECVE-2024-56558 at NVDCVE-2024-57793 at SUSECVE-2024-57793 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912)
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
ImportantSUSE bug 1238912SUSE bug 1241579SUSE bug 1244337CVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
ImportantSUSE bug 1241579SUSE bug 1244337CVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241579)
ImportantSUSE bug 1241579SUSE bug 1244337CVE-2025-22115 at SUSECVE-2025-22115 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_10 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_10 fixes the following issues:
This is the initial livepatch for SL Micro 6.0 and 6.1 kernel update 10.
Moderatecpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)
ImportantSUSE bug 1235250SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797SUSE bug 1245804CVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1244337SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)
ImportantSUSE bug 1235250SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797SUSE bug 1245804CVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)
ImportantSUSE bug 1235250SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797SUSE bug 1245804CVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1244337SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1244337SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).
- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).
- CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).
- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028).
- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).
- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).
- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).
- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).
- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).
- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).
- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).
- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).
- CVE-2024-56638: kABI fix for "netfilter: nft_inner: incorrect percpu area handling under softirq" (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).
- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113).
- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114).
- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).
- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).
- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).
- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).
- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).
- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).
- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).
- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).
- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).
- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).
- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).
- CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle (bsc#1236698).
- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).
- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).
- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).
- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).
- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).
- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).
- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).
- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).
- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).
- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).
- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).
- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
The following non-security bugs were fixed:
- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).
- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).
- ALSA: seq: Make dependency on UMP clearer (git-fixes).
- ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-fixes).
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).
- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).
- ASoC: ops: Consistently treat platform_max as control value (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).
- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- Fix memory-hotplug regression (bsc#1237504)
- Grab mm lock before grabbing pt lock (git-fixes).
- HID: Enable playstation driver independently of sony driver (git-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).
- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).
- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).
- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).
- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- Input: ads7846 - fix gpiod allocation (git-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- Input: iqs7222 - preserve system status register (git-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - rename QH controller to Legion Go S (stable-fixes).
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).
- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).
- KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes).
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes).
- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).
- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes).
- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).
- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).
- Move upstreamed ACPI patch into sorted section
- Move upstreamed PCI and initramfs patches into sorted section
- Move upstreamed nfsd and sunrpc patches into sorted section
- Move upstreamed powerpc and SCSI patches into sorted section
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- PCI/DOE: Support discovery version 2 (bsc#1237853)
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- PCI: Use downstream bridges for distributing resources (bsc#1237325).
- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).
- PCI: brcmstb: Use internal register to change link capability (git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).
- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- RDMA/efa: Reset device on probe failure (git-fixes)
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Reapply "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes).
- Revert "dm: requeue IO if mapping table not yet available" (git-fixes).
- Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (git-fixes).
- Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes).
- Revert "leds-pca955x: Remove the unused function pca95xx_num_led_regs()" (stable-fixes).
- Revert "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "wifi: ath11k: support hibernation" (bsc#1207948).
- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).
- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).
- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).
- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).
- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).
- Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094)
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- add nf_tables for iptables non-legacy network handling.
- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- bio-integrity: do not restrict the size of integrity metadata (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558).
- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).
- blk-mq: add number of queue calc helper (bsc#1236897).
- blk-mq: create correct map for fallback case (bsc#1236896).
- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).
- blk_iocost: remove some duplicate irq disable/enables (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add check of 'minors' and 'first_minor' in device_add_disk() (git-fixes).
- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).
- block: change rq_integrity_vec to respect the iterator (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- block: ensure we hold a queue reference when using queue limits (git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).
- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).
- block: retry call probe after request_module in blk_request_module (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- block: use the right type for stub rq_integrity_vec() (git-fixes).
- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).
- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).
- cifs: Remove intermediate object of failed create reparse call (git-fixes).
- cifs: commands that are retried should have replay flag set (bsc#1231432).
- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).
- cifs: helper function to check replayable error codes (bsc#1231432).
- cifs: new mount option called retrans (bsc#1231432).
- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).
- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).
- cifs: update desired access while requesting for directory lease (git-fixes).
- cifs: update the same create_guid on replay (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- config: Set gcc version (jsc#PED-12251).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).
- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).
- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (jsc#PED-12416).
- crypto: qat - Fix typo "accelaration" (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix "Full Going True" macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- doc/README.SUSE: Point to the updated version of LKMPG
- doc: update managed_irq documentation (bsc#1236897).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).
- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake "gettin" -> "getting" (git-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).
- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).
- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
- drm/i915/selftests: avoid using uninitialized context (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).
- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).
- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).
- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes).
- eth: gve: use appropriate helper to set xdp_features (git-fixes).
- exfat: convert to ctime accessor functions (git-fixes).
- exfat: do not zero the extended part (bsc#1237356).
- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).
- exfat: fix file being changed by unaligned direct write (git-fixes).
- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).
- exfat: fix zero the unwritten part for dio read (git-fixes).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- futex: Do not include process MM in futex key on no-MMU (git-fixes).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).
- gpio: pca953x: Improve interrupt support (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
- gup: make the stack expansion warning a bit more targeted (bsc#1238214).
- hfs: Sanity check the root record (git-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).
- ice: gather page_count()'s of each frag right before XDP prog call (git-fixes).
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).
- ice: put Rx buffers after being done with current frame (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).
- igc: return early when failing to read EECD register (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kabi: fix bus type (bsc#1236896).
- kabi: fix group_cpus_evenly (bsc#1236897).
- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).
- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).
- kernel-source: Also replace bin/env
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).
- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lib: stackinit: hide never-taken branch from compiler (stable-fixes).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).
- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).
- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).
- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes).
- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/raid0: do not free conf on raid0_run failure (git-fixes).
- md/raid1: do not free conf on raid0_run failure (git-fixes).
- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).
- md: Do not flush sync_work in md_write_start() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: ov08x40: Fix hblank out of range issue (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: "__ALIGN_KERNEL" redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).
- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mptcp: export local_address (git-fixes)
- mptcp: fix NL PM announced address accounting (git-fixes)
- mptcp: fix data races on local_id (git-fixes)
- mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- mptcp: pm: do not try to create sf if alloc failed (git-fixes)
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- mptcp: pm: reduce indentation blocks (git-fixes)
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- mptcp: unify pm get_local_id interfaces (git-fixes)
- mptcp: unify pm set_flags interfaces (git-fixes)
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions (git-fixes).
- nbd: do not allow reconnect after disconnect (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- net l2tp: drop flow hash on forward (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).
- net: Fix undefined behavior in netdev name allocation (bsc#1233749).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: check for altname conflicts when changing netdev's netns (bsc#1233749).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- net: do not send a MOVE event when netdev changes netns (bsc#1233749).
- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: fix removing a namespace with conflicting altnames (bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: move altnames together with the netdevice (bsc#1233749).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).
- net: remove else after return in dev_prep_valid_name() (bsc#1233749).
- net: rose: lock the socket in rose_bind() (git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).
- net: smc: fix spurious error message from __sock_release() (bsc#1237126).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).
- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).
- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563).
- padata: fix sysfs store callback check (git-fixes).
- partitions: ldm: remove the initial kernel-doc notation (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).
- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).
- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (ltc#210895 bsc#1235933 ltc#210896
bsc#1235932).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).
- powerpc: Stop using no_llseek (bsc#1239573).
- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).
- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).
- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).
- rbd: do not move requests to the running list on errors (git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205).
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).
- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).
- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices (bsc#1236752).
- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/topology: Improve topology detection (bsc#1236591).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).
- scsi: core: Clear driver private data when retrying request (git-fixes).
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- scsi: core: Handle depopulation and restoration in progress (git-fixes).
- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).
- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).
- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).
- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).
- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).
- scsi: myrb: Remove dead code (git-fixes).
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes).
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- scsi: sg: Enable runtime power management (git-fixes).
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).
- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).
- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).
- scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- selftest: hugetlb_dio: fix test naming (git-fixes).
- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).
- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).
- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb3: fix creating FIFOs when mounting with "sfu" mount option (git-fixes).
- smb3: request handle caching when caching directories (bsc#1231432).
- smb3: retrying on failed server close (bsc#1231432).
- smb: cached directories can be more than root file handle (bsc#1231432).
- smb: cilent: set reparse mount points as automounts (git-fixes).
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).
- smb: client: Fix minor whitespace errors and warnings (git-fixes).
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).
- smb: client: add support for WSL reparse points (git-fixes).
- smb: client: allow creating special files via reparse points (git-fixes).
- smb: client: allow creating symlinks via reparse points (git-fixes).
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- smb: client: do not query reparse points twice on symlinks (git-fixes).
- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).
- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).
- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).
- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).
- smb: client: fix hardlinking of reparse points (git-fixes).
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- smb: client: fix possible double free in smb2_set_ea() (git-fixes).
- smb: client: fix potential broken compound request (git-fixes).
- smb: client: fix renaming of reparse points (git-fixes).
- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).
- smb: client: handle path separator of created SMB symlinks (git-fixes).
- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).
- smb: client: ignore unhandled reparse tags (git-fixes).
- smb: client: implement ->query_reparse_point() for SMB1 (git-fixes).
- smb: client: instantiate when creating SFU files (git-fixes).
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- smb: client: introduce reparse mount option (git-fixes).
- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).
- smb: client: move most of reparse point handling code to common file (git-fixes).
- smb: client: move some params to cifs_open_info_data (bsc#1231432).
- smb: client: optimise reparse point querying (git-fixes).
- smb: client: parse owner/group when creating reparse points (git-fixes).
- smb: client: parse reparse point flag in create response (bsc#1231432).
- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).
- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).
- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).
- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).
- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- smb: client: retry compound request without reusing lease (git-fixes).
- smb: client: return reparse type in /proc/mounts (git-fixes).
- smb: client: reuse file lease key in compound operations (git-fixes).
- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).
- smb: client: set correct file type from NFS reparse points (git-fixes).
- smb: client: stop revalidating reparse points unnecessarily (git-fixes).
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes).
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- tty: xilinx_uartps: split sysrq handling (git-fixes).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).
- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).
- usbnet: ipheth: document scope of NCM implementation (stable-fixes).
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- vfio/pci: Lock external INTx masking ops (bsc#1222803).
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- virtio-mem: check if the config changed before fake offlining memory (git-fixes).
- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).
- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).
- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).
- vsock/virtio: cancel close work in the destructor (git-fixes)
- vsock: Keep the binding until socket destruction (git-fixes)
- vsock: reset socket state when de-assigning the transport (git-fixes)
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/asm: Make serialize() always_inline (git-fixes).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle "nosmt" correctly (git-fixes).
- x86/microcode: Handle "offline" CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).
- xen/swiotlb: relax alignment requirements (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- zram: fix potential UAF of zram table (git-fixes).
- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).
- zram: refuse to use zero sized block device as backing device (git-fixes).
- zram: split memory-tracking and ac-time tracking (git-fixes).
ImportantSUSE bug 1012628SUSE bug 1207948SUSE bug 1215199SUSE bug 1215211SUSE bug 1218470SUSE bug 1219367SUSE bug 1221651SUSE bug 1222649SUSE bug 1222672SUSE bug 1222803SUSE bug 1223047SUSE bug 1224049SUSE bug 1224489SUSE bug 1224610SUSE bug 1225533SUSE bug 1225606SUSE bug 1225742SUSE bug 1225770SUSE bug 1225981SUSE bug 1226871SUSE bug 1227858SUSE bug 1227937SUSE bug 1228521SUSE bug 1228653SUSE bug 1229311SUSE bug 1229361SUSE bug 1230235SUSE bug 1230438SUSE bug 1230439SUSE bug 1230497SUSE bug 1230728SUSE bug 1230769SUSE bug 1230832SUSE bug 1231088SUSE bug 1231293SUSE bug 1231432SUSE bug 1231912SUSE bug 1231920SUSE bug 1231949SUSE bug 1232159SUSE bug 1232198SUSE bug 1232201SUSE bug 1232299SUSE bug 1232364SUSE bug 1232389SUSE bug 1232421SUSE bug 1232508SUSE bug 1232520SUSE bug 1232743SUSE bug 1232812SUSE bug 1232848SUSE bug 1232895SUSE bug 1232919SUSE bug 1233028SUSE bug 1233033SUSE bug 1233060SUSE bug 1233109SUSE bug 1233221SUSE bug 1233248SUSE bug 1233259SUSE bug 1233260SUSE bug 1233479SUSE bug 1233483SUSE bug 1233522SUSE bug 1233551SUSE bug 1233557SUSE bug 1233749SUSE bug 1234070SUSE bug 1234222SUSE bug 1234480SUSE bug 1234828SUSE bug 1234853SUSE bug 1234857SUSE bug 1234891SUSE bug 1234894SUSE bug 1234895SUSE bug 1234896SUSE bug 1234936SUSE bug 1234963SUSE bug 1235054SUSE bug 1235061SUSE bug 1235073SUSE bug 1235244SUSE bug 1235435SUSE bug 1235436SUSE bug 1235441SUSE bug 1235455SUSE bug 1235485SUSE bug 1235501SUSE bug 1235524SUSE bug 1235589SUSE bug 1235591SUSE bug 1235592SUSE bug 1235599SUSE bug 1235609SUSE bug 1235621SUSE bug 1235637SUSE bug 1235698SUSE bug 1235711SUSE bug 1235712SUSE bug 1235715SUSE bug 1235729SUSE bug 1235733SUSE bug 1235761SUSE bug 1235870SUSE bug 1235874SUSE bug 1235914SUSE bug 1235932SUSE bug 1235933SUSE bug 1235973SUSE bug 1236099SUSE bug 1236111SUSE bug 1236113SUSE bug 1236114SUSE bug 1236115SUSE bug 1236122SUSE bug 1236123SUSE bug 1236133SUSE bug 1236138SUSE bug 1236199SUSE bug 1236200SUSE bug 1236203SUSE bug 1236205SUSE bug 1236206SUSE bug 1236333SUSE bug 1236573SUSE bug 1236575SUSE bug 1236576SUSE bug 1236591SUSE bug 1236661SUSE bug 1236677SUSE bug 1236680SUSE bug 1236681SUSE bug 1236682SUSE bug 1236683SUSE bug 1236684SUSE bug 1236685SUSE bug 1236689SUSE bug 1236692SUSE bug 1236694SUSE bug 1236698SUSE bug 1236700SUSE bug 1236702SUSE bug 1236752SUSE bug 1236757SUSE bug 1236758SUSE bug 1236759SUSE bug 1236760SUSE bug 1236761SUSE bug 1236821SUSE bug 1236822SUSE bug 1236896SUSE bug 1236897SUSE bug 1236952SUSE bug 1236967SUSE bug 1236994SUSE bug 1237007SUSE bug 1237017SUSE bug 1237025SUSE bug 1237028SUSE bug 1237029SUSE bug 1237045SUSE bug 1237126SUSE bug 1237132SUSE bug 1237139SUSE bug 1237155SUSE bug 1237158SUSE bug 1237159SUSE bug 1237164SUSE bug 1237232SUSE bug 1237234SUSE bug 1237313SUSE bug 1237325SUSE bug 1237356SUSE bug 1237415SUSE bug 1237452SUSE bug 1237504SUSE bug 1237521SUSE bug 1237530SUSE bug 1237558SUSE bug 1237562SUSE bug 1237563SUSE bug 1237565SUSE bug 1237571SUSE bug 1237848SUSE bug 1237849SUSE bug 1237853SUSE bug 1237856SUSE bug 1237873SUSE bug 1237875SUSE bug 1237876SUSE bug 1237877SUSE bug 1237879SUSE bug 1237881SUSE bug 1237885SUSE bug 1237889SUSE bug 1237890SUSE bug 1237891SUSE bug 1237894SUSE bug 1237897SUSE bug 1237900SUSE bug 1237901SUSE bug 1237906SUSE bug 1237907SUSE bug 1237911SUSE bug 1237912SUSE bug 1237950SUSE bug 1238212SUSE bug 1238214SUSE bug 1238303SUSE bug 1238347SUSE bug 1238368SUSE bug 1238474SUSE bug 1238475SUSE bug 1238479SUSE bug 1238494SUSE bug 1238496SUSE bug 1238497SUSE bug 1238500SUSE bug 1238501SUSE bug 1238502SUSE bug 1238503SUSE bug 1238506SUSE bug 1238507SUSE bug 1238509SUSE bug 1238510SUSE bug 1238511SUSE bug 1238512SUSE bug 1238521SUSE bug 1238523SUSE bug 1238525SUSE bug 1238526SUSE bug 1238528SUSE bug 1238529SUSE bug 1238531SUSE bug 1238532SUSE bug 1238570SUSE bug 1238715SUSE bug 1238716SUSE bug 1238734SUSE bug 1238735SUSE bug 1238736SUSE bug 1238738SUSE bug 1238739SUSE bug 1238747SUSE bug 1238751SUSE bug 1238753SUSE bug 1238754SUSE bug 1238757SUSE bug 1238759SUSE bug 1238760SUSE bug 1238762SUSE bug 1238763SUSE bug 1238767SUSE bug 1238768SUSE bug 1238771SUSE bug 1238772SUSE bug 1238773SUSE bug 1238775SUSE bug 1238780SUSE bug 1238781SUSE bug 1238785SUSE bug 1238860SUSE bug 1238863SUSE bug 1238864SUSE bug 1238865SUSE bug 1238876SUSE bug 1238877SUSE bug 1238903SUSE bug 1238904SUSE bug 1238905SUSE bug 1238909SUSE bug 1238911SUSE bug 1238917SUSE bug 1238958SUSE bug 1238959SUSE bug 1238963SUSE bug 1238964SUSE bug 1238969SUSE bug 1238971SUSE bug 1238973SUSE bug 1238975SUSE bug 1238978SUSE bug 1238979SUSE bug 1238981SUSE bug 1238984SUSE bug 1238986SUSE bug 1238993SUSE bug 1238994SUSE bug 1238997SUSE bug 1239015SUSE bug 1239016SUSE bug 1239027SUSE bug 1239029SUSE bug 1239030SUSE bug 1239033SUSE bug 1239034SUSE bug 1239036SUSE bug 1239037SUSE bug 1239038SUSE bug 1239039SUSE bug 1239045SUSE bug 1239065SUSE bug 1239068SUSE bug 1239073SUSE bug 1239076SUSE bug 1239080SUSE bug 1239085SUSE bug 1239087SUSE bug 1239095SUSE bug 1239104SUSE bug 1239105SUSE bug 1239109SUSE bug 1239112SUSE bug 1239114SUSE bug 1239115SUSE bug 1239117SUSE bug 1239167SUSE bug 1239174SUSE bug 1239346SUSE bug 1239349SUSE bug 1239435SUSE bug 1239467SUSE bug 1239468SUSE bug 1239471SUSE bug 1239473SUSE bug 1239474SUSE bug 1239477SUSE bug 1239478SUSE bug 1239479SUSE bug 1239481SUSE bug 1239482SUSE bug 1239483SUSE bug 1239484SUSE bug 1239486SUSE bug 1239508SUSE bug 1239512SUSE bug 1239518SUSE bug 1239573SUSE bug 1239594SUSE bug 1239595SUSE bug 1239600SUSE bug 1239605SUSE bug 1239615SUSE bug 1239644SUSE bug 1239707SUSE bug 1239986SUSE bug 1239994SUSE bug 1240169SUSE bug 1240172SUSE bug 1240173SUSE bug 1240175SUSE bug 1240177SUSE bug 1240179SUSE bug 1240182SUSE bug 1240183SUSE bug 1240186SUSE bug 1240188SUSE bug 1240189SUSE bug 1240191SUSE bug 1240192SUSE bug 1240333SUSE bug 1240334CVE-2023-52831 at SUSECVE-2023-52831 at NVDCVE-2023-52924 at SUSECVE-2023-52924 at NVDCVE-2023-52925 at SUSECVE-2023-52925 at NVDCVE-2023-52926 at SUSECVE-2023-52926 at NVDCVE-2023-52927 at SUSECVE-2023-52927 at NVDCVE-2024-26634 at SUSECVE-2024-26634 at NVDCVE-2024-26708 at SUSECVE-2024-26708 at NVDCVE-2024-26810 at SUSECVE-2024-26810 at NVDCVE-2024-26873 at SUSECVE-2024-26873 at NVDCVE-2024-35826 at SUSECVE-2024-35826 at NVDCVE-2024-35910 at SUSECVE-2024-35910 at NVDCVE-2024-38606 at SUSECVE-2024-38606 at NVDCVE-2024-40980 at SUSECVE-2024-40980 at NVDCVE-2024-41005 at SUSECVE-2024-41005 at NVDCVE-2024-41055 at SUSECVE-2024-41055 at NVDCVE-2024-41077 at SUSECVE-2024-41077 at NVDCVE-2024-41149 at SUSECVE-2024-41149 at NVDCVE-2024-42307 at SUSECVE-2024-42307 at NVDCVE-2024-43820 at SUSECVE-2024-43820 at NVDCVE-2024-44974 at SUSECVE-2024-44974 at NVDCVE-2024-45009 at SUSECVE-2024-45009 at NVDCVE-2024-45010 at SUSECVE-2024-45010 at NVDCVE-2024-46736 at SUSECVE-2024-46736 at NVDCVE-2024-46782 at SUSECVE-2024-46782 at NVDCVE-2024-46796 at SUSECVE-2024-46796 at NVDCVE-2024-46858 at SUSECVE-2024-46858 at NVDCVE-2024-47408 at SUSECVE-2024-47408 at NVDCVE-2024-47701 at SUSECVE-2024-47701 at NVDCVE-2024-47794 at SUSECVE-2024-47794 at NVDCVE-2024-49571 at SUSECVE-2024-49571 at NVDCVE-2024-49884 at SUSECVE-2024-49884 at NVDCVE-2024-49924 at SUSECVE-2024-49924 at NVDCVE-2024-49940 at SUSECVE-2024-49940 at NVDCVE-2024-49950 at SUSECVE-2024-49950 at NVDCVE-2024-49994 at SUSECVE-2024-49994 at NVDCVE-2024-50029 at SUSECVE-2024-50029 at NVDCVE-2024-50036 at SUSECVE-2024-50036 at NVDCVE-2024-50056 at SUSECVE-2024-50056 at NVDCVE-2024-50073 at SUSECVE-2024-50073 at NVDCVE-2024-50085 at SUSECVE-2024-50085 at NVDCVE-2024-50115 at SUSECVE-2024-50115 at NVDCVE-2024-50126 at SUSECVE-2024-50126 at NVDCVE-2024-50140 at SUSECVE-2024-50140 at NVDCVE-2024-50142 at SUSECVE-2024-50142 at NVDCVE-2024-50152 at SUSECVE-2024-50152 at NVDCVE-2024-50185 at SUSECVE-2024-50185 at NVDCVE-2024-50251 at SUSECVE-2024-50251 at NVDCVE-2024-50258 at SUSECVE-2024-50258 at NVDCVE-2024-50290 at SUSECVE-2024-50290 at NVDCVE-2024-50294 at SUSECVE-2024-50294 at NVDCVE-2024-50304 at SUSECVE-2024-50304 at NVDCVE-2024-52559 at SUSECVE-2024-52559 at NVDCVE-2024-53057 at SUSECVE-2024-53057 at NVDCVE-2024-53063 at SUSECVE-2024-53063 at NVDCVE-2024-53123 at SUSECVE-2024-53123 at NVDCVE-2024-53140 at SUSECVE-2024-53140 at NVDCVE-2024-53147 at SUSECVE-2024-53147 at NVDCVE-2024-53163 at SUSECVE-2024-53163 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53176 at SUSECVE-2024-53176 at NVDCVE-2024-53177 at SUSECVE-2024-53177 at NVDCVE-2024-53178 at SUSECVE-2024-53178 at NVDCVE-2024-53226 at SUSECVE-2024-53226 at NVDCVE-2024-53239 at SUSECVE-2024-53239 at NVDCVE-2024-53680 at SUSECVE-2024-53680 at NVDCVE-2024-54683 at SUSECVE-2024-54683 at NVDCVE-2024-56539 at SUSECVE-2024-56539 at NVDCVE-2024-56548 at SUSECVE-2024-56548 at NVDCVE-2024-56579 at SUSECVE-2024-56579 at NVDCVE-2024-56592 at SUSECVE-2024-56592 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDCVE-2024-56633 at SUSECVE-2024-56633 at NVDCVE-2024-56638 at SUSECVE-2024-56638 at NVDCVE-2024-56640 at SUSECVE-2024-56640 at NVDCVE-2024-56647 at SUSECVE-2024-56647 at NVDCVE-2024-56658 at SUSECVE-2024-56658 at NVDCVE-2024-56702 at SUSECVE-2024-56702 at NVDCVE-2024-56703 at SUSECVE-2024-56703 at NVDCVE-2024-56718 at SUSECVE-2024-56718 at NVDCVE-2024-56719 at SUSECVE-2024-56719 at NVDCVE-2024-56720 at SUSECVE-2024-56720 at NVDCVE-2024-56751 at SUSECVE-2024-56751 at NVDCVE-2024-56758 at SUSECVE-2024-56758 at NVDCVE-2024-56770 at SUSECVE-2024-56770 at NVDCVE-2024-57807 at SUSECVE-2024-57807 at NVDCVE-2024-57834 at SUSECVE-2024-57834 at NVDCVE-2024-57882 at SUSECVE-2024-57882 at NVDCVE-2024-57889 at SUSECVE-2024-57889 at NVDCVE-2024-57900 at SUSECVE-2024-57900 at NVDCVE-2024-57947 at SUSECVE-2024-57947 at NVDCVE-2024-57948 at SUSECVE-2024-57948 at NVDCVE-2024-57973 at SUSECVE-2024-57973 at NVDCVE-2024-57974 at SUSECVE-2024-57974 at NVDCVE-2024-57978 at SUSECVE-2024-57978 at NVDCVE-2024-57979 at SUSECVE-2024-57979 at NVDCVE-2024-57980 at SUSECVE-2024-57980 at NVDCVE-2024-57981 at SUSECVE-2024-57981 at NVDCVE-2024-57986 at SUSECVE-2024-57986 at NVDCVE-2024-57990 at SUSECVE-2024-57990 at NVDCVE-2024-57993 at SUSECVE-2024-57993 at NVDCVE-2024-57994 at SUSECVE-2024-57994 at NVDCVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2024-57997 at SUSECVE-2024-57997 at NVDCVE-2024-57999 at SUSECVE-2024-57999 at NVDCVE-2024-58002 at SUSECVE-2024-58002 at NVDCVE-2024-58005 at SUSECVE-2024-58005 at NVDCVE-2024-58006 at SUSECVE-2024-58006 at NVDCVE-2024-58007 at SUSECVE-2024-58007 at NVDCVE-2024-58009 at SUSECVE-2024-58009 at NVDCVE-2024-58011 at SUSECVE-2024-58011 at NVDCVE-2024-58012 at SUSECVE-2024-58012 at NVDCVE-2024-58013 at SUSECVE-2024-58013 at NVDCVE-2024-58014 at SUSECVE-2024-58014 at NVDCVE-2024-58017 at SUSECVE-2024-58017 at NVDCVE-2024-58019 at SUSECVE-2024-58019 at NVDCVE-2024-58020 at SUSECVE-2024-58020 at NVDCVE-2024-58034 at SUSECVE-2024-58034 at NVDCVE-2024-58051 at SUSECVE-2024-58051 at NVDCVE-2024-58052 at SUSECVE-2024-58052 at NVDCVE-2024-58054 at SUSECVE-2024-58054 at NVDCVE-2024-58055 at SUSECVE-2024-58055 at NVDCVE-2024-58056 at SUSECVE-2024-58056 at NVDCVE-2024-58057 at SUSECVE-2024-58057 at NVDCVE-2024-58058 at SUSECVE-2024-58058 at NVDCVE-2024-58061 at SUSECVE-2024-58061 at NVDCVE-2024-58063 at SUSECVE-2024-58063 at NVDCVE-2024-58069 at SUSECVE-2024-58069 at NVDCVE-2024-58072 at SUSECVE-2024-58072 at NVDCVE-2024-58076 at SUSECVE-2024-58076 at NVDCVE-2024-58078 at SUSECVE-2024-58078 at NVDCVE-2024-58079 at SUSECVE-2024-58079 at NVDCVE-2024-58080 at SUSECVE-2024-58080 at NVDCVE-2024-58083 at SUSECVE-2024-58083 at NVDCVE-2024-58085 at SUSECVE-2024-58085 at NVDCVE-2024-58086 at SUSECVE-2024-58086 at NVDCVE-2025-21631 at SUSECVE-2025-21631 at NVDCVE-2025-21635 at SUSECVE-2025-21635 at NVDCVE-2025-21636 at SUSECVE-2025-21636 at NVDCVE-2025-21637 at SUSECVE-2025-21637 at NVDCVE-2025-21638 at SUSECVE-2025-21638 at NVDCVE-2025-21639 at SUSECVE-2025-21639 at NVDCVE-2025-21640 at SUSECVE-2025-21640 at NVDCVE-2025-21647 at SUSECVE-2025-21647 at NVDCVE-2025-21659 at SUSECVE-2025-21659 at NVDCVE-2025-21665 at SUSECVE-2025-21665 at NVDCVE-2025-21666 at SUSECVE-2025-21666 at NVDCVE-2025-21667 at SUSECVE-2025-21667 at NVDCVE-2025-21668 at SUSECVE-2025-21668 at NVDCVE-2025-21669 at SUSECVE-2025-21669 at NVDCVE-2025-21670 at SUSECVE-2025-21670 at NVDCVE-2025-21671 at SUSECVE-2025-21671 at NVDCVE-2025-21673 at SUSECVE-2025-21673 at NVDCVE-2025-21675 at SUSECVE-2025-21675 at NVDCVE-2025-21678 at SUSECVE-2025-21678 at NVDCVE-2025-21680 at SUSECVE-2025-21680 at NVDCVE-2025-21681 at SUSECVE-2025-21681 at NVDCVE-2025-21684 at SUSECVE-2025-21684 at NVDCVE-2025-21687 at SUSECVE-2025-21687 at NVDCVE-2025-21688 at SUSECVE-2025-21688 at NVDCVE-2025-21689 at SUSECVE-2025-21689 at NVDCVE-2025-21690 at SUSECVE-2025-21690 at NVDCVE-2025-21692 at SUSECVE-2025-21692 at NVDCVE-2025-21693 at SUSECVE-2025-21693 at NVDCVE-2025-21697 at SUSECVE-2025-21697 at NVDCVE-2025-21699 at SUSECVE-2025-21699 at NVDCVE-2025-21700 at SUSECVE-2025-21700 at NVDCVE-2025-21701 at SUSECVE-2025-21701 at NVDCVE-2025-21703 at SUSECVE-2025-21703 at NVDCVE-2025-21704 at SUSECVE-2025-21704 at NVDCVE-2025-21705 at SUSECVE-2025-21705 at NVDCVE-2025-21706 at SUSECVE-2025-21706 at NVDCVE-2025-21708 at SUSECVE-2025-21708 at NVDCVE-2025-21711 at SUSECVE-2025-21711 at NVDCVE-2025-21714 at SUSECVE-2025-21714 at NVDCVE-2025-21715 at SUSECVE-2025-21715 at NVDCVE-2025-21716 at SUSECVE-2025-21716 at NVDCVE-2025-21718 at SUSECVE-2025-21718 at NVDCVE-2025-21719 at SUSECVE-2025-21719 at NVDCVE-2025-21723 at SUSECVE-2025-21723 at NVDCVE-2025-21724 at SUSECVE-2025-21724 at NVDCVE-2025-21725 at SUSECVE-2025-21725 at NVDCVE-2025-21726 at SUSECVE-2025-21726 at NVDCVE-2025-21727 at SUSECVE-2025-21727 at NVDCVE-2025-21728 at SUSECVE-2025-21728 at NVDCVE-2025-21731 at SUSECVE-2025-21731 at NVDCVE-2025-21732 at SUSECVE-2025-21732 at NVDCVE-2025-21733 at SUSECVE-2025-21733 at NVDCVE-2025-21734 at SUSECVE-2025-21734 at NVDCVE-2025-21735 at SUSECVE-2025-21735 at NVDCVE-2025-21736 at SUSECVE-2025-21736 at NVDCVE-2025-21738 at SUSECVE-2025-21738 at NVDCVE-2025-21739 at SUSECVE-2025-21739 at NVDCVE-2025-21741 at SUSECVE-2025-21741 at NVDCVE-2025-21742 at SUSECVE-2025-21742 at NVDCVE-2025-21743 at SUSECVE-2025-21743 at NVDCVE-2025-21744 at SUSECVE-2025-21744 at NVDCVE-2025-21745 at SUSECVE-2025-21745 at NVDCVE-2025-21749 at SUSECVE-2025-21749 at NVDCVE-2025-21750 at SUSECVE-2025-21750 at NVDCVE-2025-21753 at SUSECVE-2025-21753 at NVDCVE-2025-21754 at SUSECVE-2025-21754 at NVDCVE-2025-21756 at SUSECVE-2025-21756 at NVDCVE-2025-21759 at SUSECVE-2025-21759 at NVDCVE-2025-21760 at SUSECVE-2025-21760 at NVDCVE-2025-21761 at SUSECVE-2025-21761 at NVDCVE-2025-21762 at SUSECVE-2025-21762 at NVDCVE-2025-21763 at SUSECVE-2025-21763 at NVDCVE-2025-21764 at SUSECVE-2025-21764 at NVDCVE-2025-21765 at SUSECVE-2025-21765 at NVDCVE-2025-21766 at SUSECVE-2025-21766 at NVDCVE-2025-21767 at SUSECVE-2025-21767 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDCVE-2025-21773 at SUSECVE-2025-21773 at NVDCVE-2025-21775 at SUSECVE-2025-21775 at NVDCVE-2025-21776 at SUSECVE-2025-21776 at NVDCVE-2025-21779 at SUSECVE-2025-21779 at NVDCVE-2025-21780 at SUSECVE-2025-21780 at NVDCVE-2025-21781 at SUSECVE-2025-21781 at NVDCVE-2025-21782 at SUSECVE-2025-21782 at NVDCVE-2025-21784 at SUSECVE-2025-21784 at NVDCVE-2025-21785 at SUSECVE-2025-21785 at NVDCVE-2025-21790 at SUSECVE-2025-21790 at NVDCVE-2025-21791 at SUSECVE-2025-21791 at NVDCVE-2025-21793 at SUSECVE-2025-21793 at NVDCVE-2025-21794 at SUSECVE-2025-21794 at NVDCVE-2025-21795 at SUSECVE-2025-21795 at NVDCVE-2025-21796 at SUSECVE-2025-21796 at NVDCVE-2025-21799 at SUSECVE-2025-21799 at NVDCVE-2025-21802 at SUSECVE-2025-21802 at NVDCVE-2025-21804 at SUSECVE-2025-21804 at NVDCVE-2025-21810 at SUSECVE-2025-21810 at NVDCVE-2025-21815 at SUSECVE-2025-21815 at NVDCVE-2025-21819 at SUSECVE-2025-21819 at NVDCVE-2025-21820 at SUSECVE-2025-21820 at NVDCVE-2025-21821 at SUSECVE-2025-21821 at NVDCVE-2025-21823 at SUSECVE-2025-21823 at NVDCVE-2025-21825 at SUSECVE-2025-21825 at NVDCVE-2025-21828 at SUSECVE-2025-21828 at NVDCVE-2025-21829 at SUSECVE-2025-21829 at NVDCVE-2025-21830 at SUSECVE-2025-21830 at NVDCVE-2025-21831 at SUSECVE-2025-21831 at NVDCVE-2025-21832 at SUSECVE-2025-21832 at NVDCVE-2025-21835 at SUSECVE-2025-21835 at NVDCVE-2025-21838 at SUSECVE-2025-21838 at NVDCVE-2025-21844 at SUSECVE-2025-21844 at NVDCVE-2025-21846 at SUSECVE-2025-21846 at NVDCVE-2025-21847 at SUSECVE-2025-21847 at NVDCVE-2025-21848 at SUSECVE-2025-21848 at NVDCVE-2025-21850 at SUSECVE-2025-21850 at NVDCVE-2025-21855 at SUSECVE-2025-21855 at NVDCVE-2025-21856 at SUSECVE-2025-21856 at NVDCVE-2025-21857 at SUSECVE-2025-21857 at NVDCVE-2025-21858 at SUSECVE-2025-21858 at NVDCVE-2025-21859 at SUSECVE-2025-21859 at NVDCVE-2025-21861 at SUSECVE-2025-21861 at NVDCVE-2025-21862 at SUSECVE-2025-21862 at NVDCVE-2025-21864 at SUSECVE-2025-21864 at NVDCVE-2025-21865 at SUSECVE-2025-21865 at NVDCVE-2025-21866 at SUSECVE-2025-21866 at NVDCVE-2025-21869 at SUSECVE-2025-21869 at NVDCVE-2025-21870 at SUSECVE-2025-21870 at NVDCVE-2025-21871 at SUSECVE-2025-21871 at NVDCVE-2025-21876 at SUSECVE-2025-21876 at NVDCVE-2025-21877 at SUSECVE-2025-21877 at NVDCVE-2025-21878 at SUSECVE-2025-21878 at NVDCVE-2025-21883 at SUSECVE-2025-21883 at NVDCVE-2025-21885 at SUSECVE-2025-21885 at NVDCVE-2025-21886 at SUSECVE-2025-21886 at NVDCVE-2025-21888 at SUSECVE-2025-21888 at NVDCVE-2025-21890 at SUSECVE-2025-21890 at NVDCVE-2025-21891 at SUSECVE-2025-21891 at NVDCVE-2025-21892 at SUSECVE-2025-21892 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_9 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
ImportantSUSE bug 1244337SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797CVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)
ImportantSUSE bug 1235250SUSE bug 1245776SUSE bug 1245793SUSE bug 1245797SUSE bug 1245804CVE-2024-53125 at SUSECVE-2024-53125 at NVDCVE-2024-56664 at SUSECVE-2024-56664 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-37752 at SUSECVE-2025-37752 at NVDCVE-2025-37797 at SUSECVE-2025-37797 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may
- CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707).
- CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:
x86/process: Move the buffer clearing before MONITOR (bsc#1238896).
- CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216).
- CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613).
- CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061).
- CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323).
- CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837).
- CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068).
- CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479).
- CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669).
- CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792).
- CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801).
- CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750).
- CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151).
- CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440).
- CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216).
- CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202).
- CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201).
- CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735).
- CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649).
- CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660).
- CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654).
- CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671).
- CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650).
- CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682).
- CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689).
- CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695).
- CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708).
- CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677).
- CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679).
- CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768).
- CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750).
- CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752).
- CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758).
- CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970).
- CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937).
- CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006).
- CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951).
- CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098).
- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).
- CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980).
- CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044).
- CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983).
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).
- CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020).
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029).
- CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966).
- CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976).
- CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093).
- CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178).
- CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183).
- CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173).
- CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182).
- CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387).
- CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268).
- CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264).
- CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273).
- CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354).
- CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361).
- CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473).
- CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384).
- CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250).
- CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253).
- CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777).
- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
- CVE-2025-38352: posix-cpu-timers: fix race between
handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).
- CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091).
- CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023).
- CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178).
- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).
- CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031).
- CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169).
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156).
- CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097).
- CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141).
- CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145).
- CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252).
- CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253).
- CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101).
- CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098).
- CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).
- CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103).
- CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104).
- CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113).
- CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118).
- CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288).
- CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450).
- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
The following non-security bugs were fixed:
- ACPI: LPSS: Remove AudioDSP related ID (git-fixes).
- ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122).
- ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes).
- ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes).
- ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes).
- ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable-fixes).
- ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable-fixes).
- ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes).
- ALSA: hda/tegra: Add Tegra264 support (stable-fixes).
- ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes).
- ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable-fixes).
- ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes).
- ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git-fixes).
- ALSA: sb: Do not allow changing the DMA mode during operations (stable-fixes).
- ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes).
- ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes).
- ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable-fixes).
- ASoC: amd: yc: update quirk data for HP Victus (stable-fixes).
- ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes).
- ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes).
- ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes).
- ASoC: cs35l56: probe() should fail if the device ID is not recognized (git-fixes).
- ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git-fixes).
- ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes).
- ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes).
- ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git-fixes).
- Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes).
- Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes).
- Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes).
- Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes).
- Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes).
- Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes).
- Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes).
- Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes).
- Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes).
- Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git-fixes).
- Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git-fixes).
- Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes).
- Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes).
- Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes).
- Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes).
- Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes).
- Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes).
- Bluetooth: hci_sync: revert some mesh modifications (git-fixes).
- Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes).
- Documentation: ACPI: Fix parent device references (git-fixes).
- Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes).
- Fix dma_unmap_sg() nents value (git-fixes)
- HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes).
- HID: core: do not bypass hid_hw_raw_request (stable-fixes).
- HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes).
- HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes).
- HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable-fixes).
- HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable-fixes).
- IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes)
- Input: iqs7222 - explicitly define number of external channels (git-fixes).
- Input: xpad - adjust error handling for disconnect (git-fixes).
- Input: xpad - set correct controller type for Acer NGR200 (git-fixes).
- Input: xpad - support Acer NGR 200 Controller (stable-fixes).
- Logitech C-270 even more broken (stable-fixes).
- Move upstreamed SCSI and ACPI patches into sorted section
- NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes).
- NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes).
- NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git-fixes).
- NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes).
- NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git-fixes).
- NFSv4.2: another fix for listxattr (git-fixes).
- NFSv4.2: fix listxattr to return selinux security label (git-fixes).
- NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes).
- NFSv4: Always set NLINK even if the server does not support it (git-fixes).
- NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes).
- PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457).
- PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes).
- PCI: endpoint: Fix configfs group list head handling (git-fixes).
- PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes).
- PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes).
- PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes).
- PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457).
- PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes).
- PM / devfreq: Check governor before using governor->name (git-fixes).
- RDMA/core: Rate limit GID cache warning messages (git-fixes)
- RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes)
- RDMA/hns: Drop GFP_NOWARN (git-fixes)
- RDMA/hns: Fix -Wframe-larger-than issue (git-fixes)
- RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes)
- RDMA/hns: Fix accessing uninitialized resources (git-fixes)
- RDMA/hns: Fix double destruction of rsv_qp (git-fixes)
- RDMA/hns: Get message length of ack_req from FW (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- RDMA/mlx5: Fix CC counters query for MPV (git-fixes)
- RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes)
- RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes)
- RDMA/mlx5: Fix vport loopback for MPV device (git-fixes)
- RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes)
- RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes)
- RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes)
- RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes).
- Revert "ACPI: battery: negate current when discharging" (stable-fixes).
- Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338).
- Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes).
- Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git-fixes).
- Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git-fixes).
- Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes).
- SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes).
- USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes).
- USB: serial: option: add Foxconn T99W640 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable-fixes).
- [SMB3] send channel sequence number in SMB3 requests after reconnects (git-fixes).
- af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes).
- af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093).
- amd/amdkfd: fix a kfd_process ref leak (stable-fixes).
- aoe: clean device rq_list in aoedev_downdev() (git-fixes).
- apple-mfi-fastcharge: protect first device name (git-fixes).
- ata: pata_cs5536: fix build on 32-bit UML (stable-fixes).
- audit,module: restore audit logging in load failure case (git-fixes).
- bpf, sockmap: Fix sk_msg_reset_curr (git-fixes).
- bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes).
- bpf/selftests: Check errno when percpu map value size exceeds (git-fixes).
- bpf: Add a possibly-zero-sized read test (git-fixes).
- bpf: Avoid __hidden__ attribute in static object (git-fixes).
- bpf: Check percpu map value size first (git-fixes).
- bpf: Disable some `attribute ignored' warnings in GCC (git-fixes).
- bpf: Fix memory leak in bpf_core_apply (git-fixes).
- bpf: Fix potential integer overflow in resolve_btfids (git-fixes).
- bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes).
- bpf: Make the pointer returned by iter next method valid (git-fixes).
- bpf: Simplify checking size of helper accesses (git-fixes).
- bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes).
- bpf: sockmap, updating the sg structure should also update curr (git-fixes).
- bpftool: Fix missing pids during link show (git-fixes).
- bpftool: Fix undefined behavior caused by shifting into the sign bit (git-fixes).
- bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes).
- bpftool: Remove unnecessary source files from bootstrap version (git-fixes).
- bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes).
- btrfs: do not ignore inode missing when replaying log tree (git-fixes).
- btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes).
- btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes).
- btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068)
- btrfs: fix assertion when building free space tree (git-fixes).
- btrfs: fix inode lookup error handling during log replay (git-fixes).
- btrfs: fix invalid inode pointer dereferences during log replay (git-fixes).
- btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes).
- btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes).
- btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes).
- btrfs: fix ssd_spread overallocation (git-fixes).
- btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068)
- btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes).
- btrfs: rename err to ret in btrfs_rmdir() (git-fixes).
- btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes).
- btrfs: return a btrfs_inode from read_one_inode() (git-fixes).
- btrfs: tests: fix chunk map leak after failure to add it to the tree (git-fixes).
- btrfs: update superblock's device bytes_used when dropping chunk (git-fixes).
- btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes).
- btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes).
- bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes).
- bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes).
- can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes).
- can: dev: can_restart(): reverse logic to remove need for goto (stable-fixes).
- can: kvaser_pciefd: Store device channel index (git-fixes).
- can: kvaser_usb: Assign netdev.dev_port based on device channel index (git-fixes).
- can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes).
- can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes).
- can: peak_usb: fix USB FD devices potential malfunction (git-fixes).
- cdc-acm: fix race between initial clearing halt and open (git-fixes).
- cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789).
- cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166).
- cifs: reconnect helper should set reconnect for the right channel (git-fixes).
- clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes).
- clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes).
- clk: sunxi-ng: v3s: Fix de clock definition (git-fixes).
- clk: xilinx: vcu: unregister pll_post only if registered correctly (git-fixes).
- clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457).
- clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457).
- comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes).
- comedi: Fix initialization of data for instructions that write to subdevice (git-fixes).
- comedi: Fix some signed shift left operations (git-fixes).
- comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes).
- comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes).
- comedi: das16m1: Fix bit shift out of bounds (git-fixes).
- comedi: das6402: Fix bit shift out of bounds (git-fixes).
- comedi: pcl812: Fix bit shift out of bounds (git-fixes).
- compiler_types.h: Define __retain for __attribute__((__retain__)) (git-fixes).
- config: enable RBD (jsc#PED-13238)
- crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes).
- crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes).
- crypto: ccp - Fix locking on alloc failure handling (git-fixes).
- crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes).
- crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes).
- crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes).
- crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes).
- crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes).
- crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes).
- crypto: qat - fix state restore for banks with exceptions (git-fixes).
- crypto: qat - flush misc workqueue during device shutdown (git-fixes).
- crypto: qat - use unmanaged allocation for dc_data (git-fixes).
- crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes).
- dm-bufio: fix sched in atomic context (git-fixes).
- dm-flakey: error all IOs when num_features is absent (git-fixes).
- dm-flakey: make corrupting read bios work (git-fixes).
- dm-mirror: fix a tiny race condition (git-fixes).
- dm-raid: fix variable in journal device check (git-fixes).
- dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes).
- dm: do not change md if dm_table_set_restrictions() fails (git-fixes).
- dm: free table mempools if not used in __bind (git-fixes).
- dm: restrict dm device size to 2^63-512 bytes (git-fixes).
- dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes).
- dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes).
- dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes).
- dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git-fixes).
- dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes).
- dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes).
- dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes).
- dmaengine: xilinx_dma: Set dma_device directions (stable-fixes).
- drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes).
- drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git-fixes).
- drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes).
- drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes).
- drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes).
- drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes).
- drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git-fixes).
- drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes).
- drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes).
- drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes).
- drm/exynos: fimd: Guard display clock control with runtime PM calls (git-fixes).
- drm/framebuffer: Acquire internal references on GEM handles (git-fixes).
- drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes).
- drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes).
- drm/i915/gsc: mei interrupt top half should be in irq disabled context (git-fixes).
- drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes).
- drm/i915/selftests: Change mock_request() to return error pointers (git-fixes).
- drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes).
- drm/msm: Fix a fence leak in submit error path (stable-fixes).
- drm/msm: Fix another leak in the submit error path (stable-fixes).
- drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes).
- drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes).
- drm/sched: Increment job count before swapping tail spsc queue (git-fixes).
- drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes).
- drm/scheduler: signal scheduled fence when kill job (stable-fixes).
- drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes).
- drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes).
- drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes).
- exfat: fdatasync flag should be same like generic_write_sync() (git-fixes).
- fbcon: Fix outdated registered_fb reference in comment (git-fixes).
- fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes).
- firewire: ohci: correct code comments about bus_reset tasklet (git-fixes).
- fs/jfs: consolidate sanity checking in dbMount (git-fixes).
- fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes).
- gpio: mlxbf2: use platform_get_irq_optional() (git-fixes).
- gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes).
- gpio: sim: include a missing header (git-fixes).
- gpio: vf610: add locking to gpio direction functions (git-fixes).
- gpio: virtio: Fix config space reading (git-fixes).
- gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes).
- gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes).
- gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300).
- gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300).
- gpiolib: cdev: Ignore reconfiguration without direction (git-fixes).
- gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes).
- hfs: make splice write available again (git-fixes).
- hfsplus: make splice write available again (git-fixes).
- hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes).
- hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203).
- hwmon: (corsair-cpro) Validate the size of the received input buffer (git-fixes).
- hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes).
- hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes).
- hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes).
- i2c/designware: Fix an initialization issue (git-fixes).
- i2c: qup: jump out of the loop in case of timeout (git-fixes).
- i2c: stm32: fix the device used for the DMA map (git-fixes).
- i2c: tegra: Fix reset error handling with ACPI (git-fixes).
- i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes).
- i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes).
- iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git-fixes).
- iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes).
- iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable-fixes).
- iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes).
- iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes).
- iio: adc: max1363: Reorder mode_list[] entries (stable-fixes).
- iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes).
- iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes).
- iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes).
- iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes).
- iommu/amd: Set the pgsize_bitmap correctly (git-fixes).
- iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes).
- iommu/vt-d: Fix possible circular locking dependency (git-fixes).
- iommu/vt-d: Fix system hang on reboot -f (git-fixes).
- ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes).
- ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes).
- ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes).
- ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes).
- iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes).
- jfs: fix metapage reference count leak in dbAllocCtl (git-fixes).
- kABI workaround for struct drm_framebuffer changes (git-fixes).
- kABI: Fix the module::name type in audit_context (git-fixes).
- kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes).
- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).
- leds: multicolor: Fix intensity setting while SW blinking (stable-fixes).
- lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897).
- lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897).
- maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes).
- md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes).
- media: gspca: Add bounds checking to firmware parser (git-fixes).
- media: hi556: correct the test pattern configuration (git-fixes).
- media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes).
- media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes).
- media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git-fixes).
- media: usbtv: Lock resolution while streaming (git-fixes).
- media: uvcvideo: Do not mark valid metadata as invalid (git-fixes).
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git-fixes).
- media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes).
- media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes).
- media: venus: Add a check for packet size after reading from shared memory (git-fixes).
- media: venus: hfi: explicitly release IRQ during teardown (git-fixes).
- media: venus: protect against spurious interrupts during probe (git-fixes).
- media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: vivid: fix wrong pixel_array control size (git-fixes).
- memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git-fixes).
- mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes).
- misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes).
- mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes).
- mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes).
- mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes).
- mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes).
- module: Fix memory deallocation on error path in move_module() (git-fixes).
- module: Remove unnecessary +1 from last_unloaded_module::name size (git-fixes).
- module: Restore the moduleparam prefix length check (git-fixes).
- mtd: fix possible integer overflow in erase_xfer() (git-fixes).
- mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes).
- mtd: rawnand: atmel: set pmecc data setup time (git-fixes).
- mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes).
- mtd: rawnand: renesas: Add missing check after DMA map (git-fixes).
- mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes).
- mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes).
- mtd: spinand: fix memory leak of ECC engine conf (stable-fixes).
- mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes).
- mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes).
- mtk-sd: Prevent memory corruption from DMA map failure (git-fixes).
- mtk-sd: reset host->mrq on prepare_data() error (git-fixes).
- mwl8k: Add missing check after DMA map (git-fixes).
- nbd: fix uaf in nbd_genl_connect() error path (git-fixes).
- net/packet: fix a race in packet_set_ring() and packet_notifier() (git-fixes).
- net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes).
- net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git-fixes).
- net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git-fixes).
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes).
- net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes).
- net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes).
- net: mana: Add debug logs in MANA network driver (bsc#1246212).
- net: mana: Add handler for hardware servicing events (bsc#1245730).
- net: mana: Allocate MSI-X vectors dynamically (bsc#1245457).
- net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457).
- net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203).
- net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729).
- net: mana: Set tx_packets to post gso processing packet count (bsc#1245731).
- net: mana: explain irq_setup() algorithm (bsc#1245457).
- net: phy: Do not register LEDs for genphy (git-fixes).
- net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes).
- net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes).
- net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git-fixes).
- net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes).
- net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git-fixes).
- net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes).
- net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes).
- net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes).
- netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes).
- nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git-fixes).
- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes).
- nilfs2: reject invalid file types when reading inodes (git-fixes).
- nvme-pci: refresh visible attrs after being checked (git-fixes).
- nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes).
- nvme: fix endianness of command word prints in nvme_log_err_passthru() (git-fixes).
- nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes).
- nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes).
- nvmet-tcp: fix callback lock for TLS handshake (git-fixes).
- objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes).
- objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes).
- objtool: Fix _THIS_IP_ detection for cold functions (git-fixes).
- objtool: Fix error handling inconsistencies in check() (git-fixes).
- objtool: Ignore dangling jump table entries (git-fixes).
- objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes).
- objtool: Properly disable uaccess validation (git-fixes).
- objtool: Silence more KCOV warnings (git-fixes).
- objtool: Silence more KCOV warnings, part 2 (git-fixes).
- objtool: Stop UNRET validation on UD2 (git-fixes).
- pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes).
- pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes).
- perf: Fix sample vs do_exit() (bsc#1246547).
- phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git-fixes).
- pinctrl: amd: Clear GPIO debounce for suspend (git-fixes).
- pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes).
- pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes).
- pinmux: fix race causing mux_owner NULL with active mux_usecount (git-fixes).
- platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git-fixes).
- platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git-fixes).
- platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes).
- platform/mellanox: mlxreg-lc: Fix logic error in power state check (git-fixes).
- platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes).
- platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes).
- platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes).
- platform/x86: think-lmi: Create ksets consecutively (stable-fixes).
- platform/x86: think-lmi: Fix kobject cleanup (git-fixes).
- platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes).
- power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes).
- power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git-fixes).
- powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes).
- powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git-fixes).
- powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes).
- powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes).
- ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506).
- pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes).
- pwm: mediatek: Ensure to disable clocks in error path (git-fixes).
- regmap: fix potential memory leak of regmap_bus (git-fixes).
- regulator: fan53555: add enable_time support and soft-start times (stable-fixes).
- regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git-fixes).
- regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes).
- resource: fix false warning in __request_region() (git-fixes).
- restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes).
- ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes).
- rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes).
- rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes).
- rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337)
- rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes).
- rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes).
- s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870).
- s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806).
- s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646).
- s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647).
- s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598).
- s390: Add z17 elf platform (LTC#214086 bsc#1245540).
- samples: mei: Fix building on musl libc (git-fixes).
- sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338).
- sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git-fixes).
- scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes).
- scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Copyright updates for 14.4.0.10 patches (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142).
- scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: megaraid_sas: Fix invalid node index (git-fixes).
- scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git-fixes).
- scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git-fixes).
- scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599).
- selftests/bpf: Add CFLAGS per source file and runner (git-fixes).
- selftests/bpf: Add tests for iter next method returning valid pointer (git-fixes).
- selftests/bpf: Change functions definitions to support GCC (git-fixes).
- selftests/bpf: Fix a few tests for GCC related warnings (git-fixes).
- selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes).
- selftests/bpf: Fix prog numbers in test_sockmap (git-fixes).
- smb3: move server check earlier when setting channel sequence number (git-fixes).
- soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes).
- soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes).
- soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git-fixes).
- soc: qcom: QMI encoding/decoding for big endian (git-fixes).
- soc: qcom: fix endianness for QMI header (git-fixes).
- soc: qcom: pmic_glink: fix OF node leak (git-fixes).
- soundwire: amd: fix for clearing command status register (git-fixes).
- soundwire: stream: restore params when prepare ports fail (git-fixes).
- spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git-fixes).
- staging: axis-fifo: remove sysfs interface (git-fixes).
- staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git-fixes).
- staging: nvec: Fix incorrect null termination of battery manufacturer (git-fixes).
- struct cdns: move new member to the end (git-fixes).
- struct ucsi_operations: use padding for new operation (git-fixes).
- sunrpc: do not immediately retransmit on seqno miss (git-fixes).
- sunrpc: fix client side handling of tls alerts (git-fixes).
- tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes).
- thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes).
- thunderbolt: Fix copy+paste error in match_service_id() (git-fixes).
- thunderbolt: Fix wake on connect at runtime (git-fixes).
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes).
- tracing/kprobes: Fix to free objects when failed to copy a symbol (git-fixes).
- types: Complement the aligned types with signed 64-bit one (stable-fixes).
- ucount: fix atomic_long_inc_below() argument type (git-fixes).
- ucsi-glink: adapt to kABI consistency (git-fixes).
- ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes).
- ucsi_operations: add stubs for all operations (git-fixes).
- ucsi_ops: adapt update_connector to kABI consistency (git-fixes).
- usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes).
- usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes).
- usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes).
- usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes).
- usb: cdnsp: Fix issue with resuming from L1 (git-fixes).
- usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: cdnsp: do not disable slot for disabled slot (git-fixes).
- usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes).
- usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes).
- usb: dwc2: also exit clock_gating when stopping udc while suspended (stable-fixes).
- usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes).
- usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes).
- usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes).
- usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes).
- usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes).
- usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes).
- usb: hub: Do not try to recover devices lost during warm reset (git-fixes).
- usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes).
- usb: musb: fix gadget state on disconnect (git-fixes).
- usb: musb: omap2430: fix device leak at unbind (git-fixes).
- usb: net: sierra: check for no status endpoint (git-fixes).
- usb: potential integer overflow in usbg_make_tpg() (stable-fixes).
- usb: typec: Update sysfs when setting ops (git-fixes).
- usb: typec: altmodes/displayport: do not index invalid pin_assignments (git-fixes).
- usb: typec: displayport: Fix potential deadlock (git-fixes).
- usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes).
- usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable-fixes).
- usb: typec: tcpm: allow switching to mode accessory to mux properly (stable-fixes).
- usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes).
- usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git-fixes).
- usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git-fixes).
- usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes).
- usb: typec: ucsi: Delay alternate mode discovery (git-fixes).
- usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes).
- usb: typec: ucsi: Fix the partner PD revision (git-fixes).
- usb: typec: ucsi: Get PD revision for partner (git-fixes).
- usb: typec: ucsi: Set orientation as none when connector is unplugged (git-fixes).
- usb: typec: ucsi: Update power_supply on power role change (git-fixes).
- usb: typec: ucsi: add callback for connector status updates (git-fixes).
- usb: typec: ucsi: add update_connector callback (git-fixes).
- usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes).
- usb: typec: ucsi: extract code to read PD caps (git-fixes).
- usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes).
- usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes).
- usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes).
- usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes).
- usb: typec: ucsi: glink: use typec_set_orientation (git-fixes).
- usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git-fixes).
- usb: typec: ucsi: properly register partner's PD device (git-fixes).
- usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes).
- usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes).
- usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes).
- usb: typec: ucsi_glink: rework quirks implementation (git-fixes).
- usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git-fixes).
- usb: xhci: quirk for data loss in ISOC transfers (stable-fixes).
- usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes).
- virtgpu: do not reset on shutdown (git-fixes).
- vmci: Prevent the dispatching of uninitialized payloads (git-fixes).
- vt: add missing notification when switching back to text mode (stable-fixes).
- vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes).
- vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes).
- watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git-fixes).
- wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes).
- wifi: ath11k: fix source ring-buffer corruption (git-fixes).
- wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath12k: fix endianness handling while accessing wmi service bit (git-fixes).
- wifi: ath12k: fix source ring-buffer corruption (git-fixes).
- wifi: ath6kl: remove WARN on bad firmware input (stable-fixes).
- wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes).
- wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes).
- wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes).
- wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes).
- wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes).
- wifi: mac80211: Add link iteration macro for link data (stable-fixes).
- wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes).
- wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes).
- wifi: mac80211: Do not schedule stopped TXQs (git-fixes).
- wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes).
- wifi: mac80211: drop invalid source address OCB frames (stable-fixes).
- wifi: mac80211: reject TDLS operations when station is not associated (git-fixes).
- wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes).
- wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes).
- wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes).
- wifi: plfxlc: Fix error handling in usb driver probe (git-fixes).
- wifi: prevent A-MSDU attacks in mesh networks (stable-fixes).
- wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes).
- wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes).
- wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes).
- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).
- x86/mce/amd: Add default names for MCA banks and blocks (git-fixes).
- x86/mce/amd: Fix threshold limit reset (git-fixes).
- x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes).
- x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git-fixes).
- x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes).
- x86/traps: Initialize DR6 by writing its architectural reset value (git-fixes).
- x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes).
- x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345).
- xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837).
- xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes).
- xfs: remove unused event xfs_alloc_near_error (git-fixes).
- xfs: remove unused event xfs_alloc_near_nominleft (git-fixes).
- xfs: remove unused event xfs_attr_node_removename (git-fixes).
- xfs: remove unused event xfs_ioctl_clone (git-fixes).
- xfs: remove unused event xfs_pagecache_inval (git-fixes).
- xfs: remove unused event xlog_iclog_want_sync (git-fixes).
- xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes).
- xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes).
- xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes).
- xfs: remove unused xfs_attr events (git-fixes).
- xfs: remove unused xfs_reflink_compare_extents events (git-fixes).
- xfs: remove usused xfs_end_io_direct events (git-fixes).
- xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git-fixes).
- xhci: dbc: Flush queued requests before stopping dbc (git-fixes).
- xhci: dbctty: disable ECHO flag by default (git-fixes).
ImportantSUSE bug 1204142SUSE bug 1219338SUSE bug 1225707SUSE bug 1230216SUSE bug 1233300SUSE bug 1235613SUSE bug 1235837SUSE bug 1236333SUSE bug 1236897SUSE bug 1238896SUSE bug 1239061SUSE bug 1240323SUSE bug 1240885SUSE bug 1240966SUSE bug 1241166SUSE bug 1241345SUSE bug 1242086SUSE bug 1242414SUSE bug 1242837SUSE bug 1242960SUSE bug 1242965SUSE bug 1242993SUSE bug 1243068SUSE bug 1243100SUSE bug 1243479SUSE bug 1243669SUSE bug 1243806SUSE bug 1244309SUSE bug 1244337SUSE bug 1244457SUSE bug 1244735SUSE bug 1244749SUSE bug 1244750SUSE bug 1244792SUSE bug 1244801SUSE bug 1245151SUSE bug 1245201SUSE bug 1245202SUSE bug 1245216SUSE bug 1245260SUSE bug 1245431SUSE bug 1245440SUSE bug 1245457SUSE bug 1245498SUSE bug 1245499SUSE bug 1245504SUSE bug 1245506SUSE bug 1245508SUSE bug 1245510SUSE bug 1245540SUSE bug 1245598SUSE bug 1245599SUSE bug 1245646SUSE bug 1245647SUSE bug 1245649SUSE bug 1245650SUSE bug 1245654SUSE bug 1245658SUSE bug 1245660SUSE bug 1245665SUSE bug 1245666SUSE bug 1245668SUSE bug 1245669SUSE bug 1245670SUSE bug 1245671SUSE bug 1245675SUSE bug 1245676SUSE bug 1245677SUSE bug 1245679SUSE bug 1245682SUSE bug 1245683SUSE bug 1245684SUSE bug 1245688SUSE bug 1245689SUSE bug 1245690SUSE bug 1245691SUSE bug 1245695SUSE bug 1245705SUSE bug 1245708SUSE bug 1245711SUSE bug 1245713SUSE bug 1245714SUSE bug 1245719SUSE bug 1245723SUSE bug 1245729SUSE bug 1245730SUSE bug 1245731SUSE bug 1245735SUSE bug 1245737SUSE bug 1245744SUSE bug 1245745SUSE bug 1245746SUSE bug 1245747SUSE bug 1245748SUSE bug 1245749SUSE bug 1245750SUSE bug 1245751SUSE bug 1245752SUSE bug 1245757SUSE bug 1245758SUSE bug 1245765SUSE bug 1245768SUSE bug 1245769SUSE bug 1245777SUSE bug 1245781SUSE bug 1245789SUSE bug 1245937SUSE bug 1245945SUSE bug 1245951SUSE bug 1245952SUSE bug 1245954SUSE bug 1245957SUSE bug 1245966SUSE bug 1245970SUSE bug 1245976SUSE bug 1245980SUSE bug 1245983SUSE bug 1245986SUSE bug 1246000SUSE bug 1246002SUSE bug 1246006SUSE bug 1246008SUSE bug 1246020SUSE bug 1246023SUSE bug 1246029SUSE bug 1246031SUSE bug 1246037SUSE bug 1246041SUSE bug 1246042SUSE bug 1246044SUSE bug 1246045SUSE bug 1246047SUSE bug 1246049SUSE bug 1246050SUSE bug 1246055SUSE bug 1246073SUSE bug 1246093SUSE bug 1246098SUSE bug 1246109SUSE bug 1246122SUSE bug 1246125SUSE bug 1246171SUSE bug 1246173SUSE bug 1246178SUSE bug 1246182SUSE bug 1246183SUSE bug 1246186SUSE bug 1246195SUSE bug 1246203SUSE bug 1246212SUSE bug 1246220SUSE bug 1246236SUSE bug 1246240SUSE bug 1246243SUSE bug 1246246SUSE bug 1246249SUSE bug 1246250SUSE bug 1246253SUSE bug 1246258SUSE bug 1246262SUSE bug 1246264SUSE bug 1246266SUSE bug 1246268SUSE bug 1246273SUSE bug 1246283SUSE bug 1246287SUSE bug 1246292SUSE bug 1246293SUSE bug 1246295SUSE bug 1246334SUSE bug 1246337SUSE bug 1246342SUSE bug 1246349SUSE bug 1246354SUSE bug 1246358SUSE bug 1246361SUSE bug 1246364SUSE bug 1246370SUSE bug 1246375SUSE bug 1246384SUSE bug 1246386SUSE bug 1246387SUSE bug 1246438SUSE bug 1246453SUSE bug 1246473SUSE bug 1246490SUSE bug 1246506SUSE bug 1246547SUSE bug 1246777SUSE bug 1246781SUSE bug 1246870SUSE bug 1246879SUSE bug 1246911SUSE bug 1247018SUSE bug 1247023SUSE bug 1247028SUSE bug 1247031SUSE bug 1247033SUSE bug 1247035SUSE bug 1247061SUSE bug 1247089SUSE bug 1247091SUSE bug 1247097SUSE bug 1247098SUSE bug 1247101SUSE bug 1247103SUSE bug 1247104SUSE bug 1247113SUSE bug 1247118SUSE bug 1247123SUSE bug 1247125SUSE bug 1247128SUSE bug 1247132SUSE bug 1247138SUSE bug 1247141SUSE bug 1247143SUSE bug 1247145SUSE bug 1247146SUSE bug 1247147SUSE bug 1247149SUSE bug 1247150SUSE bug 1247151SUSE bug 1247153SUSE bug 1247154SUSE bug 1247156SUSE bug 1247160SUSE bug 1247164SUSE bug 1247169SUSE bug 1247170SUSE bug 1247171SUSE bug 1247172SUSE bug 1247174SUSE bug 1247176SUSE bug 1247177SUSE bug 1247178SUSE bug 1247181SUSE bug 1247209SUSE bug 1247210SUSE bug 1247227SUSE bug 1247233SUSE bug 1247236SUSE bug 1247238SUSE bug 1247241SUSE bug 1247251SUSE bug 1247252SUSE bug 1247253SUSE bug 1247255SUSE bug 1247271SUSE bug 1247273SUSE bug 1247274SUSE bug 1247276SUSE bug 1247277SUSE bug 1247278SUSE bug 1247279SUSE bug 1247284SUSE bug 1247285SUSE bug 1247288SUSE bug 1247289SUSE bug 1247293SUSE bug 1247311SUSE bug 1247314SUSE bug 1247317SUSE bug 1247347SUSE bug 1247348SUSE bug 1247349SUSE bug 1247374SUSE bug 1247437SUSE bug 1247450CVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2024-36028 at SUSECVE-2024-36028 at NVDCVE-2024-36348 at SUSECVE-2024-36348 at NVDCVE-2024-36349 at SUSECVE-2024-36349 at NVDCVE-2024-36350 at SUSECVE-2024-36350 at NVDCVE-2024-36357 at SUSECVE-2024-36357 at NVDCVE-2024-44963 at SUSECVE-2024-44963 at NVDCVE-2024-56742 at SUSECVE-2024-56742 at NVDCVE-2024-57947 at SUSECVE-2024-57947 at NVDCVE-2025-21839 at SUSECVE-2025-21839 at NVDCVE-2025-21872 at SUSECVE-2025-21872 at NVDCVE-2025-23163 at SUSECVE-2025-23163 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37856 at SUSECVE-2025-37856 at NVDCVE-2025-37864 at SUSECVE-2025-37864 at NVDCVE-2025-37885 at SUSECVE-2025-37885 at NVDCVE-2025-37920 at SUSECVE-2025-37920 at NVDCVE-2025-37984 at SUSECVE-2025-37984 at NVDCVE-2025-38034 at SUSECVE-2025-38034 at NVDCVE-2025-38035 at SUSECVE-2025-38035 at NVDCVE-2025-38051 at SUSECVE-2025-38051 at NVDCVE-2025-38052 at SUSECVE-2025-38052 at NVDCVE-2025-38058 at SUSECVE-2025-38058 at NVDCVE-2025-38061 at SUSECVE-2025-38061 at NVDCVE-2025-38062 at SUSECVE-2025-38062 at NVDCVE-2025-38063 at SUSECVE-2025-38063 at NVDCVE-2025-38064 at SUSECVE-2025-38064 at NVDCVE-2025-38074 at SUSECVE-2025-38074 at NVDCVE-2025-38084 at SUSECVE-2025-38084 at NVDCVE-2025-38085 at SUSECVE-2025-38085 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38088 at SUSECVE-2025-38088 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38090 at SUSECVE-2025-38090 at NVDCVE-2025-38094 at SUSECVE-2025-38094 at NVDCVE-2025-38095 at SUSECVE-2025-38095 at NVDCVE-2025-38097 at SUSECVE-2025-38097 at NVDCVE-2025-38098 at SUSECVE-2025-38098 at NVDCVE-2025-38099 at SUSECVE-2025-38099 at NVDCVE-2025-38100 at SUSECVE-2025-38100 at NVDCVE-2025-38102 at SUSECVE-2025-38102 at NVDCVE-2025-38105 at SUSECVE-2025-38105 at NVDCVE-2025-38107 at SUSECVE-2025-38107 at NVDCVE-2025-38108 at SUSECVE-2025-38108 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38112 at SUSECVE-2025-38112 at NVDCVE-2025-38113 at SUSECVE-2025-38113 at NVDCVE-2025-38115 at SUSECVE-2025-38115 at NVDCVE-2025-38117 at SUSECVE-2025-38117 at NVDCVE-2025-38118 at SUSECVE-2025-38118 at NVDCVE-2025-38120 at SUSECVE-2025-38120 at NVDCVE-2025-38122 at SUSECVE-2025-38122 at NVDCVE-2025-38123 at SUSECVE-2025-38123 at NVDCVE-2025-38124 at SUSECVE-2025-38124 at NVDCVE-2025-38126 at SUSECVE-2025-38126 at NVDCVE-2025-38127 at SUSECVE-2025-38127 at NVDCVE-2025-38129 at SUSECVE-2025-38129 at NVDCVE-2025-38131 at SUSECVE-2025-38131 at NVDCVE-2025-38132 at SUSECVE-2025-38132 at NVDCVE-2025-38135 at SUSECVE-2025-38135 at NVDCVE-2025-38136 at SUSECVE-2025-38136 at NVDCVE-2025-38138 at SUSECVE-2025-38138 at NVDCVE-2025-38142 at SUSECVE-2025-38142 at NVDCVE-2025-38143 at SUSECVE-2025-38143 at NVDCVE-2025-38145 at SUSECVE-2025-38145 at NVDCVE-2025-38147 at SUSECVE-2025-38147 at NVDCVE-2025-38148 at SUSECVE-2025-38148 at NVDCVE-2025-38149 at SUSECVE-2025-38149 at NVDCVE-2025-38151 at SUSECVE-2025-38151 at NVDCVE-2025-38153 at SUSECVE-2025-38153 at NVDCVE-2025-38154 at SUSECVE-2025-38154 at NVDCVE-2025-38155 at SUSECVE-2025-38155 at NVDCVE-2025-38157 at SUSECVE-2025-38157 at NVDCVE-2025-38158 at SUSECVE-2025-38158 at NVDCVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38161 at SUSECVE-2025-38161 at NVDCVE-2025-38162 at SUSECVE-2025-38162 at NVDCVE-2025-38165 at SUSECVE-2025-38165 at NVDCVE-2025-38166 at SUSECVE-2025-38166 at NVDCVE-2025-38173 at SUSECVE-2025-38173 at NVDCVE-2025-38174 at SUSECVE-2025-38174 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38180 at SUSECVE-2025-38180 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38182 at SUSECVE-2025-38182 at NVDCVE-2025-38183 at SUSECVE-2025-38183 at NVDCVE-2025-38187 at SUSECVE-2025-38187 at NVDCVE-2025-38188 at SUSECVE-2025-38188 at NVDCVE-2025-38192 at SUSECVE-2025-38192 at NVDCVE-2025-38193 at SUSECVE-2025-38193 at NVDCVE-2025-38194 at SUSECVE-2025-38194 at NVDCVE-2025-38197 at SUSECVE-2025-38197 at NVDCVE-2025-38198 at SUSECVE-2025-38198 at NVDCVE-2025-38200 at SUSECVE-2025-38200 at NVDCVE-2025-38202 at SUSECVE-2025-38202 at NVDCVE-2025-38203 at SUSECVE-2025-38203 at NVDCVE-2025-38204 at SUSECVE-2025-38204 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38210 at SUSECVE-2025-38210 at NVDCVE-2025-38211 at SUSECVE-2025-38211 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDCVE-2025-38213 at SUSECVE-2025-38213 at NVDCVE-2025-38214 at SUSECVE-2025-38214 at NVDCVE-2025-38215 at SUSECVE-2025-38215 at NVDCVE-2025-38217 at SUSECVE-2025-38217 at NVDCVE-2025-38220 at SUSECVE-2025-38220 at NVDCVE-2025-38222 at SUSECVE-2025-38222 at NVDCVE-2025-38225 at SUSECVE-2025-38225 at NVDCVE-2025-38226 at SUSECVE-2025-38226 at NVDCVE-2025-38227 at SUSECVE-2025-38227 at NVDCVE-2025-38229 at SUSECVE-2025-38229 at NVDCVE-2025-38231 at SUSECVE-2025-38231 at NVDCVE-2025-38236 at SUSECVE-2025-38236 at NVDCVE-2025-38239 at SUSECVE-2025-38239 at NVDCVE-2025-38244 at SUSECVE-2025-38244 at NVDCVE-2025-38246 at SUSECVE-2025-38246 at NVDCVE-2025-38248 at SUSECVE-2025-38248 at NVDCVE-2025-38249 at SUSECVE-2025-38249 at NVDCVE-2025-38250 at SUSECVE-2025-38250 at NVDCVE-2025-38257 at SUSECVE-2025-38257 at NVDCVE-2025-38259 at SUSECVE-2025-38259 at NVDCVE-2025-38264 at SUSECVE-2025-38264 at NVDCVE-2025-38272 at SUSECVE-2025-38272 at NVDCVE-2025-38273 at SUSECVE-2025-38273 at NVDCVE-2025-38275 at SUSECVE-2025-38275 at NVDCVE-2025-38277 at SUSECVE-2025-38277 at NVDCVE-2025-38279 at SUSECVE-2025-38279 at NVDCVE-2025-38283 at SUSECVE-2025-38283 at NVDCVE-2025-38286 at SUSECVE-2025-38286 at NVDCVE-2025-38289 at SUSECVE-2025-38289 at NVDCVE-2025-38290 at SUSECVE-2025-38290 at NVDCVE-2025-38292 at SUSECVE-2025-38292 at NVDCVE-2025-38293 at SUSECVE-2025-38293 at NVDCVE-2025-38300 at SUSECVE-2025-38300 at NVDCVE-2025-38303 at SUSECVE-2025-38303 at NVDCVE-2025-38304 at SUSECVE-2025-38304 at NVDCVE-2025-38305 at SUSECVE-2025-38305 at NVDCVE-2025-38307 at SUSECVE-2025-38307 at NVDCVE-2025-38310 at SUSECVE-2025-38310 at NVDCVE-2025-38312 at SUSECVE-2025-38312 at NVDCVE-2025-38313 at SUSECVE-2025-38313 at NVDCVE-2025-38319 at SUSECVE-2025-38319 at NVDCVE-2025-38323 at SUSECVE-2025-38323 at NVDCVE-2025-38326 at SUSECVE-2025-38326 at NVDCVE-2025-38328 at SUSECVE-2025-38328 at NVDCVE-2025-38332 at SUSECVE-2025-38332 at NVDCVE-2025-38334 at SUSECVE-2025-38334 at NVDCVE-2025-38335 at SUSECVE-2025-38335 at NVDCVE-2025-38336 at SUSECVE-2025-38336 at NVDCVE-2025-38337 at SUSECVE-2025-38337 at NVDCVE-2025-38338 at SUSECVE-2025-38338 at NVDCVE-2025-38342 at SUSECVE-2025-38342 at NVDCVE-2025-38343 at SUSECVE-2025-38343 at NVDCVE-2025-38344 at SUSECVE-2025-38344 at NVDCVE-2025-38345 at SUSECVE-2025-38345 at NVDCVE-2025-38348 at SUSECVE-2025-38348 at NVDCVE-2025-38349 at SUSECVE-2025-38349 at NVDCVE-2025-38350 at SUSECVE-2025-38350 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-38354 at SUSECVE-2025-38354 at NVDCVE-2025-38362 at SUSECVE-2025-38362 at NVDCVE-2025-38363 at SUSECVE-2025-38363 at NVDCVE-2025-38364 at SUSECVE-2025-38364 at NVDCVE-2025-38365 at SUSECVE-2025-38365 at NVDCVE-2025-38369 at SUSECVE-2025-38369 at NVDCVE-2025-38371 at SUSECVE-2025-38371 at NVDCVE-2025-38373 at SUSECVE-2025-38373 at NVDCVE-2025-38375 at SUSECVE-2025-38375 at NVDCVE-2025-38376 at SUSECVE-2025-38376 at NVDCVE-2025-38377 at SUSECVE-2025-38377 at NVDCVE-2025-38380 at SUSECVE-2025-38380 at NVDCVE-2025-38382 at SUSECVE-2025-38382 at NVDCVE-2025-38384 at SUSECVE-2025-38384 at NVDCVE-2025-38385 at SUSECVE-2025-38385 at NVDCVE-2025-38386 at SUSECVE-2025-38386 at NVDCVE-2025-38387 at SUSECVE-2025-38387 at NVDCVE-2025-38389 at SUSECVE-2025-38389 at NVDCVE-2025-38391 at SUSECVE-2025-38391 at NVDCVE-2025-38392 at SUSECVE-2025-38392 at NVDCVE-2025-38393 at SUSECVE-2025-38393 at NVDCVE-2025-38395 at SUSECVE-2025-38395 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38399 at SUSECVE-2025-38399 at NVDCVE-2025-38400 at SUSECVE-2025-38400 at NVDCVE-2025-38401 at SUSECVE-2025-38401 at NVDCVE-2025-38403 at SUSECVE-2025-38403 at NVDCVE-2025-38404 at SUSECVE-2025-38404 at NVDCVE-2025-38406 at SUSECVE-2025-38406 at NVDCVE-2025-38409 at SUSECVE-2025-38409 at NVDCVE-2025-38410 at SUSECVE-2025-38410 at NVDCVE-2025-38412 at SUSECVE-2025-38412 at NVDCVE-2025-38414 at SUSECVE-2025-38414 at NVDCVE-2025-38415 at SUSECVE-2025-38415 at NVDCVE-2025-38416 at SUSECVE-2025-38416 at NVDCVE-2025-38420 at SUSECVE-2025-38420 at NVDCVE-2025-38424 at SUSECVE-2025-38424 at NVDCVE-2025-38425 at SUSECVE-2025-38425 at NVDCVE-2025-38426 at SUSECVE-2025-38426 at NVDCVE-2025-38428 at SUSECVE-2025-38428 at NVDCVE-2025-38429 at SUSECVE-2025-38429 at NVDCVE-2025-38430 at SUSECVE-2025-38430 at NVDCVE-2025-38436 at SUSECVE-2025-38436 at NVDCVE-2025-38443 at SUSECVE-2025-38443 at NVDCVE-2025-38448 at SUSECVE-2025-38448 at NVDCVE-2025-38449 at SUSECVE-2025-38449 at NVDCVE-2025-38455 at SUSECVE-2025-38455 at NVDCVE-2025-38457 at SUSECVE-2025-38457 at NVDCVE-2025-38460 at SUSECVE-2025-38460 at NVDCVE-2025-38461 at SUSECVE-2025-38461 at NVDCVE-2025-38462 at SUSECVE-2025-38462 at NVDCVE-2025-38463 at SUSECVE-2025-38463 at NVDCVE-2025-38465 at SUSECVE-2025-38465 at NVDCVE-2025-38467 at SUSECVE-2025-38467 at NVDCVE-2025-38468 at SUSECVE-2025-38468 at NVDCVE-2025-38470 at SUSECVE-2025-38470 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38473 at SUSECVE-2025-38473 at NVDCVE-2025-38474 at SUSECVE-2025-38474 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDCVE-2025-38478 at SUSECVE-2025-38478 at NVDCVE-2025-38480 at SUSECVE-2025-38480 at NVDCVE-2025-38481 at SUSECVE-2025-38481 at NVDCVE-2025-38482 at SUSECVE-2025-38482 at NVDCVE-2025-38483 at SUSECVE-2025-38483 at NVDCVE-2025-38485 at SUSECVE-2025-38485 at NVDCVE-2025-38487 at SUSECVE-2025-38487 at NVDCVE-2025-38489 at SUSECVE-2025-38489 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDCVE-2025-38496 at SUSECVE-2025-38496 at NVDCVE-2025-38497 at SUSECVE-2025-38497 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDcpe:/o:suse:sl-micro:6.1Security update for the Linux Kernel (Important)SUSE Linux Micro 6.1
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may
- CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707).
- CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:
x86/process: Move the buffer clearing before MONITOR (bsc#1238896).
- CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216).
- CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613).
- CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061).
- CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323).
- CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837).
- CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068).
- CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479).
- CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669).
- CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792).
- CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801).
- CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750).
- CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151).
- CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440).
- CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216).
- CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202).
- CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201).
- CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735).
- CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649).
- CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660).
- CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654).
- CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671).
- CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650).
- CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682).
- CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689).
- CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695).
- CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708).
- CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677).
- CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679).
- CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768).
- CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750).
- CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752).
- CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758).
- CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970).
- CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937).
- CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006).
- CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951).
- CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098).
- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).
- CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980).
- CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044).
- CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983).
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).
- CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020).
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029).
- CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966).
- CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976).
- CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093).
- CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178).
- CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183).
- CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173).
- CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182).
- CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387).
- CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268).
- CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264).
- CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273).
- CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354).
- CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361).
- CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473).
- CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384).
- CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250).
- CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253).
- CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777).
- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
- CVE-2025-38352: posix-cpu-timers: fix race between
handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).
- CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091).
- CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023).
- CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178).
- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).
- CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031).
- CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169).
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156).
- CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097).
- CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141).
- CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145).
- CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252).
- CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253).
- CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101).
- CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098).
- CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).
- CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103).
- CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104).
- CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113).
- CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118).
- CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288).
- CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450).
- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
The following non-security bugs were fixed:
- ACPI: LPSS: Remove AudioDSP related ID (git-fixes).
- ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122).
- ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes).
- ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes).
- ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes).
- ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable-fixes).
- ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable-fixes).
- ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes).
- ALSA: hda/tegra: Add Tegra264 support (stable-fixes).
- ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes).
- ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable-fixes).
- ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes).
- ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git-fixes).
- ALSA: sb: Do not allow changing the DMA mode during operations (stable-fixes).
- ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes).
- ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes).
- ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable-fixes).
- ASoC: amd: yc: update quirk data for HP Victus (stable-fixes).
- ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes).
- ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes).
- ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes).
- ASoC: cs35l56: probe() should fail if the device ID is not recognized (git-fixes).
- ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git-fixes).
- ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes).
- ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes).
- ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git-fixes).
- Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes).
- Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes).
- Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes).
- Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes).
- Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes).
- Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes).
- Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes).
- Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes).
- Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes).
- Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git-fixes).
- Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git-fixes).
- Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes).
- Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes).
- Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes).
- Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes).
- Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes).
- Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes).
- Bluetooth: hci_sync: revert some mesh modifications (git-fixes).
- Correctly put RDMA kabi patch into patches.kabi instead of patches.suse
- Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes).
- Documentation: ACPI: Fix parent device references (git-fixes).
- Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes).
- Fix dma_unmap_sg() nents value (git-fixes)
- HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes).
- HID: core: do not bypass hid_hw_raw_request (stable-fixes).
- HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes).
- HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes).
- HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable-fixes).
- HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable-fixes).
- IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes)
- Input: iqs7222 - explicitly define number of external channels (git-fixes).
- Input: xpad - adjust error handling for disconnect (git-fixes).
- Input: xpad - set correct controller type for Acer NGR200 (git-fixes).
- Input: xpad - support Acer NGR 200 Controller (stable-fixes).
- Logitech C-270 even more broken (stable-fixes).
- Move upstreamed SCSI and ACPI patches into sorted section
- NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes).
- NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes).
- NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git-fixes).
- NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes).
- NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git-fixes).
- NFSv4.2: another fix for listxattr (git-fixes).
- NFSv4.2: fix listxattr to return selinux security label (git-fixes).
- NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes).
- NFSv4: Always set NLINK even if the server does not support it (git-fixes).
- NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes).
- PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457).
- PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes).
- PCI: endpoint: Fix configfs group list head handling (git-fixes).
- PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes).
- PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes).
- PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes).
- PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457).
- PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes).
- PM / devfreq: Check governor before using governor->name (git-fixes).
- RDMA/core: Rate limit GID cache warning messages (git-fixes)
- RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes)
- RDMA/hns: Drop GFP_NOWARN (git-fixes)
- RDMA/hns: Fix -Wframe-larger-than issue (git-fixes)
- RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes)
- RDMA/hns: Fix accessing uninitialized resources (git-fixes)
- RDMA/hns: Fix double destruction of rsv_qp (git-fixes)
- RDMA/hns: Get message length of ack_req from FW (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- RDMA/mlx5: Fix CC counters query for MPV (git-fixes)
- RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes)
- RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes)
- RDMA/mlx5: Fix vport loopback for MPV device (git-fixes)
- RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes)
- RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes)
- RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes)
- RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes).
- Revert "ACPI: battery: negate current when discharging" (stable-fixes).
- Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338).
- Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes).
- Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git-fixes).
- Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git-fixes).
- Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes).
- SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes).
- USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes).
- USB: serial: option: add Foxconn T99W640 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable-fixes).
- [SMB3] send channel sequence number in SMB3 requests after reconnects (git-fixes).
- af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes).
- af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093).
- amd/amdkfd: fix a kfd_process ref leak (stable-fixes).
- aoe: clean device rq_list in aoedev_downdev() (git-fixes).
- apple-mfi-fastcharge: protect first device name (git-fixes).
- ata: pata_cs5536: fix build on 32-bit UML (stable-fixes).
- audit,module: restore audit logging in load failure case (git-fixes).
- bpf, sockmap: Fix sk_msg_reset_curr (git-fixes).
- bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes).
- bpf/selftests: Check errno when percpu map value size exceeds (git-fixes).
- bpf: Add a possibly-zero-sized read test (git-fixes).
- bpf: Avoid __hidden__ attribute in static object (git-fixes).
- bpf: Check percpu map value size first (git-fixes).
- bpf: Disable some `attribute ignored' warnings in GCC (git-fixes).
- bpf: Fix memory leak in bpf_core_apply (git-fixes).
- bpf: Fix potential integer overflow in resolve_btfids (git-fixes).
- bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes).
- bpf: Make the pointer returned by iter next method valid (git-fixes).
- bpf: Simplify checking size of helper accesses (git-fixes).
- bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes).
- bpf: sockmap, updating the sg structure should also update curr (git-fixes).
- bpftool: Fix missing pids during link show (git-fixes).
- bpftool: Fix undefined behavior caused by shifting into the sign bit (git-fixes).
- bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes).
- bpftool: Remove unnecessary source files from bootstrap version (git-fixes).
- bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes).
- btrfs: do not ignore inode missing when replaying log tree (git-fixes).
- btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes).
- btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes).
- btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068)
- btrfs: fix assertion when building free space tree (git-fixes).
- btrfs: fix inode lookup error handling during log replay (git-fixes).
- btrfs: fix invalid inode pointer dereferences during log replay (git-fixes).
- btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes).
- btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes).
- btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes).
- btrfs: fix ssd_spread overallocation (git-fixes).
- btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068)
- btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes).
- btrfs: rename err to ret in btrfs_rmdir() (git-fixes).
- btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes).
- btrfs: return a btrfs_inode from read_one_inode() (git-fixes).
- btrfs: tests: fix chunk map leak after failure to add it to the tree (git-fixes).
- btrfs: update superblock's device bytes_used when dropping chunk (git-fixes).
- btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes).
- btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes).
- bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes).
- bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes).
- can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes).
- can: dev: can_restart(): reverse logic to remove need for goto (stable-fixes).
- can: kvaser_pciefd: Store device channel index (git-fixes).
- can: kvaser_usb: Assign netdev.dev_port based on device channel index (git-fixes).
- can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes).
- can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes).
- can: peak_usb: fix USB FD devices potential malfunction (git-fixes).
- cdc-acm: fix race between initial clearing halt and open (git-fixes).
- cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789).
- cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166).
- cifs: reconnect helper should set reconnect for the right channel (git-fixes).
- clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes).
- clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes).
- clk: sunxi-ng: v3s: Fix de clock definition (git-fixes).
- clk: xilinx: vcu: unregister pll_post only if registered correctly (git-fixes).
- clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457).
- clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457).
- comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes).
- comedi: Fix initialization of data for instructions that write to subdevice (git-fixes).
- comedi: Fix some signed shift left operations (git-fixes).
- comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes).
- comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes).
- comedi: das16m1: Fix bit shift out of bounds (git-fixes).
- comedi: das6402: Fix bit shift out of bounds (git-fixes).
- comedi: pcl812: Fix bit shift out of bounds (git-fixes).
- compiler_types.h: Define __retain for __attribute__((__retain__)) (git-fixes).
- config: enable RBD (jsc#PED-13238)
- crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes).
- crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes).
- crypto: ccp - Fix locking on alloc failure handling (git-fixes).
- crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes).
- crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes).
- crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes).
- crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes).
- crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes).
- crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes).
- crypto: qat - fix state restore for banks with exceptions (git-fixes).
- crypto: qat - flush misc workqueue during device shutdown (git-fixes).
- crypto: qat - use unmanaged allocation for dc_data (git-fixes).
- crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes).
- dm-bufio: fix sched in atomic context (git-fixes).
- dm-flakey: error all IOs when num_features is absent (git-fixes).
- dm-flakey: make corrupting read bios work (git-fixes).
- dm-mirror: fix a tiny race condition (git-fixes).
- dm-raid: fix variable in journal device check (git-fixes).
- dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes).
- dm: do not change md if dm_table_set_restrictions() fails (git-fixes).
- dm: free table mempools if not used in __bind (git-fixes).
- dm: restrict dm device size to 2^63-512 bytes (git-fixes).
- dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes).
- dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes).
- dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes).
- dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git-fixes).
- dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes).
- dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes).
- dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes).
- dmaengine: xilinx_dma: Set dma_device directions (stable-fixes).
- drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes).
- drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git-fixes).
- drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes).
- drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes).
- drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes).
- drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes).
- drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git-fixes).
- drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes).
- drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes).
- drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes).
- drm/exynos: fimd: Guard display clock control with runtime PM calls (git-fixes).
- drm/framebuffer: Acquire internal references on GEM handles (git-fixes).
- drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes).
- drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes).
- drm/i915/gsc: mei interrupt top half should be in irq disabled context (git-fixes).
- drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes).
- drm/i915/selftests: Change mock_request() to return error pointers (git-fixes).
- drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes).
- drm/msm: Fix a fence leak in submit error path (stable-fixes).
- drm/msm: Fix another leak in the submit error path (stable-fixes).
- drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes).
- drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes).
- drm/sched: Increment job count before swapping tail spsc queue (git-fixes).
- drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes).
- drm/scheduler: signal scheduled fence when kill job (stable-fixes).
- drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes).
- drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes).
- drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes).
- exfat: fdatasync flag should be same like generic_write_sync() (git-fixes).
- fbcon: Fix outdated registered_fb reference in comment (git-fixes).
- fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes).
- firewire: ohci: correct code comments about bus_reset tasklet (git-fixes).
- fs/jfs: consolidate sanity checking in dbMount (git-fixes).
- fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes).
- gpio: mlxbf2: use platform_get_irq_optional() (git-fixes).
- gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes).
- gpio: sim: include a missing header (git-fixes).
- gpio: vf610: add locking to gpio direction functions (git-fixes).
- gpio: virtio: Fix config space reading (git-fixes).
- gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes).
- gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes).
- gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300).
- gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300).
- gpiolib: cdev: Ignore reconfiguration without direction (git-fixes).
- gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes).
- hfs: make splice write available again (git-fixes).
- hfsplus: make splice write available again (git-fixes).
- hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes).
- hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203).
- hwmon: (corsair-cpro) Validate the size of the received input buffer (git-fixes).
- hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes).
- hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes).
- hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes).
- i2c/designware: Fix an initialization issue (git-fixes).
- i2c: qup: jump out of the loop in case of timeout (git-fixes).
- i2c: stm32: fix the device used for the DMA map (git-fixes).
- i2c: tegra: Fix reset error handling with ACPI (git-fixes).
- i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes).
- i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes).
- iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git-fixes).
- iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes).
- iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable-fixes).
- iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes).
- iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes).
- iio: adc: max1363: Reorder mode_list[] entries (stable-fixes).
- iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes).
- iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes).
- iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes).
- iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes).
- iommu/amd: Set the pgsize_bitmap correctly (git-fixes).
- iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes).
- iommu/vt-d: Fix possible circular locking dependency (git-fixes).
- iommu/vt-d: Fix system hang on reboot -f (git-fixes).
- ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes).
- ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes).
- ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes).
- ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes).
- iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes).
- jfs: fix metapage reference count leak in dbAllocCtl (git-fixes).
- kABI workaround for struct drm_framebuffer changes (git-fixes).
- kABI: Fix the module::name type in audit_context (git-fixes).
- kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes).
- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).
- leds: multicolor: Fix intensity setting while SW blinking (stable-fixes).
- lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897).
- lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897).
- maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes).
- md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes).
- media: gspca: Add bounds checking to firmware parser (git-fixes).
- media: hi556: correct the test pattern configuration (git-fixes).
- media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes).
- media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes).
- media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git-fixes).
- media: usbtv: Lock resolution while streaming (git-fixes).
- media: uvcvideo: Do not mark valid metadata as invalid (git-fixes).
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git-fixes).
- media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes).
- media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes).
- media: venus: Add a check for packet size after reading from shared memory (git-fixes).
- media: venus: hfi: explicitly release IRQ during teardown (git-fixes).
- media: venus: protect against spurious interrupts during probe (git-fixes).
- media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: vivid: fix wrong pixel_array control size (git-fixes).
- memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git-fixes).
- mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes).
- misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes).
- mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes).
- mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes).
- mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes).
- mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes).
- module: Fix memory deallocation on error path in move_module() (git-fixes).
- module: Remove unnecessary +1 from last_unloaded_module::name size (git-fixes).
- module: Restore the moduleparam prefix length check (git-fixes).
- mtd: fix possible integer overflow in erase_xfer() (git-fixes).
- mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes).
- mtd: rawnand: atmel: set pmecc data setup time (git-fixes).
- mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes).
- mtd: rawnand: renesas: Add missing check after DMA map (git-fixes).
- mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes).
- mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes).
- mtd: spinand: fix memory leak of ECC engine conf (stable-fixes).
- mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes).
- mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes).
- mtk-sd: Prevent memory corruption from DMA map failure (git-fixes).
- mtk-sd: reset host->mrq on prepare_data() error (git-fixes).
- mwl8k: Add missing check after DMA map (git-fixes).
- nbd: fix uaf in nbd_genl_connect() error path (git-fixes).
- net/packet: fix a race in packet_set_ring() and packet_notifier() (git-fixes).
- net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes).
- net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git-fixes).
- net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git-fixes).
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes).
- net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes).
- net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes).
- net: mana: Add debug logs in MANA network driver (bsc#1246212).
- net: mana: Add handler for hardware servicing events (bsc#1245730).
- net: mana: Allocate MSI-X vectors dynamically (bsc#1245457).
- net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457).
- net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203).
- net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729).
- net: mana: Set tx_packets to post gso processing packet count (bsc#1245731).
- net: mana: explain irq_setup() algorithm (bsc#1245457).
- net: phy: Do not register LEDs for genphy (git-fixes).
- net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes).
- net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes).
- net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git-fixes).
- net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes).
- net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git-fixes).
- net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes).
- net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes).
- net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes).
- netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes).
- nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git-fixes).
- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes).
- nilfs2: reject invalid file types when reading inodes (git-fixes).
- nvme-pci: refresh visible attrs after being checked (git-fixes).
- nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes).
- nvme: fix endianness of command word prints in nvme_log_err_passthru() (git-fixes).
- nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes).
- nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes).
- nvmet-tcp: fix callback lock for TLS handshake (git-fixes).
- objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes).
- objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes).
- objtool: Fix _THIS_IP_ detection for cold functions (git-fixes).
- objtool: Fix error handling inconsistencies in check() (git-fixes).
- objtool: Ignore dangling jump table entries (git-fixes).
- objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes).
- objtool: Properly disable uaccess validation (git-fixes).
- objtool: Silence more KCOV warnings (git-fixes).
- objtool: Silence more KCOV warnings, part 2 (git-fixes).
- objtool: Stop UNRET validation on UD2 (git-fixes).
- pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes).
- pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes).
- perf: Fix sample vs do_exit() (bsc#1246547).
- phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git-fixes).
- pinctrl: amd: Clear GPIO debounce for suspend (git-fixes).
- pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes).
- pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes).
- pinmux: fix race causing mux_owner NULL with active mux_usecount (git-fixes).
- platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git-fixes).
- platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git-fixes).
- platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes).
- platform/mellanox: mlxreg-lc: Fix logic error in power state check (git-fixes).
- platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes).
- platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes).
- platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes).
- platform/x86: think-lmi: Create ksets consecutively (stable-fixes).
- platform/x86: think-lmi: Fix kobject cleanup (git-fixes).
- platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes).
- power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes).
- power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git-fixes).
- powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes).
- powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git-fixes).
- powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes).
- powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes).
- ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506).
- pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes).
- pwm: mediatek: Ensure to disable clocks in error path (git-fixes).
- regmap: fix potential memory leak of regmap_bus (git-fixes).
- regulator: fan53555: add enable_time support and soft-start times (stable-fixes).
- regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git-fixes).
- regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes).
- resource: fix false warning in __request_region() (git-fixes).
- restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes).
- ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes).
- rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes).
- rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes).
- rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes).
- rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes).
- s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870).
- s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806).
- s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646).
- s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647).
- s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598).
- s390: Add z17 elf platform (LTC#214086 bsc#1245540).
- samples: mei: Fix building on musl libc (git-fixes).
- sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338).
- sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git-fixes).
- scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes).
- scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Copyright updates for 14.4.0.10 patches (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142).
- scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: megaraid_sas: Fix invalid node index (git-fixes).
- scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git-fixes).
- scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git-fixes).
- scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599).
- selftests/bpf: Add CFLAGS per source file and runner (git-fixes).
- selftests/bpf: Add tests for iter next method returning valid pointer (git-fixes).
- selftests/bpf: Change functions definitions to support GCC (git-fixes).
- selftests/bpf: Fix a few tests for GCC related warnings (git-fixes).
- selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes).
- selftests/bpf: Fix prog numbers in test_sockmap (git-fixes).
- smb3: move server check earlier when setting channel sequence number (git-fixes).
- soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes).
- soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes).
- soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git-fixes).
- soc: qcom: QMI encoding/decoding for big endian (git-fixes).
- soc: qcom: fix endianness for QMI header (git-fixes).
- soc: qcom: pmic_glink: fix OF node leak (git-fixes).
- soundwire: amd: fix for clearing command status register (git-fixes).
- soundwire: stream: restore params when prepare ports fail (git-fixes).
- spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git-fixes).
- staging: axis-fifo: remove sysfs interface (git-fixes).
- staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git-fixes).
- staging: nvec: Fix incorrect null termination of battery manufacturer (git-fixes).
- struct cdns: move new member to the end (git-fixes).
- struct ucsi_operations: use padding for new operation (git-fixes).
- sunrpc: do not immediately retransmit on seqno miss (git-fixes).
- sunrpc: fix client side handling of tls alerts (git-fixes).
- tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes).
- thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes).
- thunderbolt: Fix copy+paste error in match_service_id() (git-fixes).
- thunderbolt: Fix wake on connect at runtime (git-fixes).
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes).
- tracing/kprobes: Fix to free objects when failed to copy a symbol (git-fixes).
- types: Complement the aligned types with signed 64-bit one (stable-fixes).
- ucount: fix atomic_long_inc_below() argument type (git-fixes).
- ucsi-glink: adapt to kABI consistency (git-fixes).
- ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes).
- ucsi_operations: add stubs for all operations (git-fixes).
- ucsi_ops: adapt update_connector to kABI consistency (git-fixes).
- usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes).
- usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes).
- usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes).
- usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes).
- usb: cdnsp: Fix issue with resuming from L1 (git-fixes).
- usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: cdnsp: do not disable slot for disabled slot (git-fixes).
- usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes).
- usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes).
- usb: dwc2: also exit clock_gating when stopping udc while suspended (stable-fixes).
- usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes).
- usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes).
- usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes).
- usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes).
- usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes).
- usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes).
- usb: hub: Do not try to recover devices lost during warm reset (git-fixes).
- usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes).
- usb: musb: fix gadget state on disconnect (git-fixes).
- usb: musb: omap2430: fix device leak at unbind (git-fixes).
- usb: net: sierra: check for no status endpoint (git-fixes).
- usb: potential integer overflow in usbg_make_tpg() (stable-fixes).
- usb: typec: Update sysfs when setting ops (git-fixes).
- usb: typec: altmodes/displayport: do not index invalid pin_assignments (git-fixes).
- usb: typec: displayport: Fix potential deadlock (git-fixes).
- usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes).
- usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable-fixes).
- usb: typec: tcpm: allow switching to mode accessory to mux properly (stable-fixes).
- usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes).
- usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git-fixes).
- usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git-fixes).
- usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes).
- usb: typec: ucsi: Delay alternate mode discovery (git-fixes).
- usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes).
- usb: typec: ucsi: Fix the partner PD revision (git-fixes).
- usb: typec: ucsi: Get PD revision for partner (git-fixes).
- usb: typec: ucsi: Set orientation as none when connector is unplugged (git-fixes).
- usb: typec: ucsi: Update power_supply on power role change (git-fixes).
- usb: typec: ucsi: add callback for connector status updates (git-fixes).
- usb: typec: ucsi: add update_connector callback (git-fixes).
- usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes).
- usb: typec: ucsi: extract code to read PD caps (git-fixes).
- usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes).
- usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes).
- usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes).
- usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes).
- usb: typec: ucsi: glink: use typec_set_orientation (git-fixes).
- usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git-fixes).
- usb: typec: ucsi: properly register partner's PD device (git-fixes).
- usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes).
- usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes).
- usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes).
- usb: typec: ucsi_glink: rework quirks implementation (git-fixes).
- usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git-fixes).
- usb: xhci: quirk for data loss in ISOC transfers (stable-fixes).
- usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes).
- virtgpu: do not reset on shutdown (git-fixes).
- vmci: Prevent the dispatching of uninitialized payloads (git-fixes).
- vt: add missing notification when switching back to text mode (stable-fixes).
- vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes).
- vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes).
- watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git-fixes).
- wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes).
- wifi: ath11k: fix source ring-buffer corruption (git-fixes).
- wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath12k: fix endianness handling while accessing wmi service bit (git-fixes).
- wifi: ath12k: fix source ring-buffer corruption (git-fixes).
- wifi: ath6kl: remove WARN on bad firmware input (stable-fixes).
- wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes).
- wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes).
- wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes).
- wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes).
- wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes).
- wifi: mac80211: Add link iteration macro for link data (stable-fixes).
- wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes).
- wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes).
- wifi: mac80211: Do not schedule stopped TXQs (git-fixes).
- wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes).
- wifi: mac80211: drop invalid source address OCB frames (stable-fixes).
- wifi: mac80211: reject TDLS operations when station is not associated (git-fixes).
- wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes).
- wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes).
- wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes).
- wifi: plfxlc: Fix error handling in usb driver probe (git-fixes).
- wifi: prevent A-MSDU attacks in mesh networks (stable-fixes).
- wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes).
- wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes).
- wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes).
- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).
- x86/mce/amd: Add default names for MCA banks and blocks (git-fixes).
- x86/mce/amd: Fix threshold limit reset (git-fixes).
- x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes).
- x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git-fixes).
- x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes).
- x86/traps: Initialize DR6 by writing its architectural reset value (git-fixes).
- x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes).
- x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345).
- xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837).
- xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes).
- xfs: remove unused event xfs_alloc_near_error (git-fixes).
- xfs: remove unused event xfs_alloc_near_nominleft (git-fixes).
- xfs: remove unused event xfs_attr_node_removename (git-fixes).
- xfs: remove unused event xfs_ioctl_clone (git-fixes).
- xfs: remove unused event xfs_pagecache_inval (git-fixes).
- xfs: remove unused event xlog_iclog_want_sync (git-fixes).
- xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes).
- xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes).
- xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes).
- xfs: remove unused xfs_attr events (git-fixes).
- xfs: remove unused xfs_reflink_compare_extents events (git-fixes).
- xfs: remove usused xfs_end_io_direct events (git-fixes).
- xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git-fixes).
- xhci: dbc: Flush queued requests before stopping dbc (git-fixes).
- xhci: dbctty: disable ECHO flag by default (git-fixes).
ImportantSUSE bug 1204142SUSE bug 1219338SUSE bug 1225707SUSE bug 1230216SUSE bug 1233300SUSE bug 1235613SUSE bug 1235837SUSE bug 1236333SUSE bug 1236897SUSE bug 1238896SUSE bug 1239061SUSE bug 1240323SUSE bug 1240885SUSE bug 1240966SUSE bug 1241166SUSE bug 1241345SUSE bug 1242086SUSE bug 1242414SUSE bug 1242837SUSE bug 1242960SUSE bug 1242965SUSE bug 1242993SUSE bug 1243068SUSE bug 1243100SUSE bug 1243479SUSE bug 1243669SUSE bug 1243806SUSE bug 1244309SUSE bug 1244457SUSE bug 1244735SUSE bug 1244749SUSE bug 1244750SUSE bug 1244792SUSE bug 1244801SUSE bug 1245151SUSE bug 1245201SUSE bug 1245202SUSE bug 1245216SUSE bug 1245260SUSE bug 1245431SUSE bug 1245440SUSE bug 1245457SUSE bug 1245498SUSE bug 1245499SUSE bug 1245504SUSE bug 1245506SUSE bug 1245508SUSE bug 1245510SUSE bug 1245540SUSE bug 1245598SUSE bug 1245599SUSE bug 1245646SUSE bug 1245647SUSE bug 1245649SUSE bug 1245650SUSE bug 1245654SUSE bug 1245658SUSE bug 1245660SUSE bug 1245665SUSE bug 1245666SUSE bug 1245668SUSE bug 1245669SUSE bug 1245670SUSE bug 1245671SUSE bug 1245675SUSE bug 1245676SUSE bug 1245677SUSE bug 1245679SUSE bug 1245682SUSE bug 1245683SUSE bug 1245684SUSE bug 1245688SUSE bug 1245689SUSE bug 1245690SUSE bug 1245691SUSE bug 1245695SUSE bug 1245705SUSE bug 1245708SUSE bug 1245711SUSE bug 1245713SUSE bug 1245714SUSE bug 1245719SUSE bug 1245723SUSE bug 1245729SUSE bug 1245730SUSE bug 1245731SUSE bug 1245735SUSE bug 1245737SUSE bug 1245744SUSE bug 1245745SUSE bug 1245746SUSE bug 1245747SUSE bug 1245748SUSE bug 1245749SUSE bug 1245750SUSE bug 1245751SUSE bug 1245752SUSE bug 1245757SUSE bug 1245758SUSE bug 1245765SUSE bug 1245768SUSE bug 1245769SUSE bug 1245777SUSE bug 1245781SUSE bug 1245789SUSE bug 1245937SUSE bug 1245945SUSE bug 1245951SUSE bug 1245952SUSE bug 1245954SUSE bug 1245957SUSE bug 1245966SUSE bug 1245970SUSE bug 1245976SUSE bug 1245980SUSE bug 1245983SUSE bug 1245986SUSE bug 1246000SUSE bug 1246002SUSE bug 1246006SUSE bug 1246008SUSE bug 1246020SUSE bug 1246023SUSE bug 1246029SUSE bug 1246031SUSE bug 1246037SUSE bug 1246041SUSE bug 1246042SUSE bug 1246044SUSE bug 1246045SUSE bug 1246047SUSE bug 1246049SUSE bug 1246050SUSE bug 1246055SUSE bug 1246073SUSE bug 1246093SUSE bug 1246098SUSE bug 1246109SUSE bug 1246122SUSE bug 1246125SUSE bug 1246171SUSE bug 1246173SUSE bug 1246178SUSE bug 1246182SUSE bug 1246183SUSE bug 1246186SUSE bug 1246195SUSE bug 1246203SUSE bug 1246212SUSE bug 1246220SUSE bug 1246236SUSE bug 1246240SUSE bug 1246243SUSE bug 1246246SUSE bug 1246249SUSE bug 1246250SUSE bug 1246253SUSE bug 1246258SUSE bug 1246262SUSE bug 1246264SUSE bug 1246266SUSE bug 1246268SUSE bug 1246273SUSE bug 1246283SUSE bug 1246287SUSE bug 1246292SUSE bug 1246293SUSE bug 1246295SUSE bug 1246334SUSE bug 1246337SUSE bug 1246342SUSE bug 1246349SUSE bug 1246354SUSE bug 1246358SUSE bug 1246361SUSE bug 1246364SUSE bug 1246370SUSE bug 1246375SUSE bug 1246384SUSE bug 1246386SUSE bug 1246387SUSE bug 1246438SUSE bug 1246453SUSE bug 1246473SUSE bug 1246490SUSE bug 1246506SUSE bug 1246547SUSE bug 1246777SUSE bug 1246781SUSE bug 1246870SUSE bug 1246879SUSE bug 1246911SUSE bug 1247018SUSE bug 1247023SUSE bug 1247028SUSE bug 1247031SUSE bug 1247033SUSE bug 1247035SUSE bug 1247061SUSE bug 1247089SUSE bug 1247091SUSE bug 1247097SUSE bug 1247098SUSE bug 1247101SUSE bug 1247103SUSE bug 1247104SUSE bug 1247113SUSE bug 1247118SUSE bug 1247123SUSE bug 1247125SUSE bug 1247128SUSE bug 1247132SUSE bug 1247138SUSE bug 1247141SUSE bug 1247143SUSE bug 1247145SUSE bug 1247146SUSE bug 1247147SUSE bug 1247149SUSE bug 1247150SUSE bug 1247151SUSE bug 1247153SUSE bug 1247154SUSE bug 1247156SUSE bug 1247160SUSE bug 1247164SUSE bug 1247169SUSE bug 1247170SUSE bug 1247171SUSE bug 1247172SUSE bug 1247174SUSE bug 1247176SUSE bug 1247177SUSE bug 1247178SUSE bug 1247181SUSE bug 1247209SUSE bug 1247210SUSE bug 1247227SUSE bug 1247233SUSE bug 1247236SUSE bug 1247238SUSE bug 1247241SUSE bug 1247251SUSE bug 1247252SUSE bug 1247253SUSE bug 1247255SUSE bug 1247271SUSE bug 1247273SUSE bug 1247274SUSE bug 1247276SUSE bug 1247277SUSE bug 1247278SUSE bug 1247279SUSE bug 1247284SUSE bug 1247285SUSE bug 1247288SUSE bug 1247289SUSE bug 1247293SUSE bug 1247311SUSE bug 1247314SUSE bug 1247317SUSE bug 1247347SUSE bug 1247348SUSE bug 1247349SUSE bug 1247374SUSE bug 1247437SUSE bug 1247450CVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2024-36028 at SUSECVE-2024-36028 at NVDCVE-2024-36348 at SUSECVE-2024-36348 at NVDCVE-2024-36349 at SUSECVE-2024-36349 at NVDCVE-2024-36350 at SUSECVE-2024-36350 at NVDCVE-2024-36357 at SUSECVE-2024-36357 at NVDCVE-2024-44963 at SUSECVE-2024-44963 at NVDCVE-2024-56742 at SUSECVE-2024-56742 at NVDCVE-2024-57947 at SUSECVE-2024-57947 at NVDCVE-2025-21839 at SUSECVE-2025-21839 at NVDCVE-2025-21872 at SUSECVE-2025-21872 at NVDCVE-2025-23163 at SUSECVE-2025-23163 at NVDCVE-2025-37798 at SUSECVE-2025-37798 at NVDCVE-2025-37856 at SUSECVE-2025-37856 at NVDCVE-2025-37864 at SUSECVE-2025-37864 at NVDCVE-2025-37885 at SUSECVE-2025-37885 at NVDCVE-2025-37920 at SUSECVE-2025-37920 at NVDCVE-2025-37984 at SUSECVE-2025-37984 at NVDCVE-2025-38034 at SUSECVE-2025-38034 at NVDCVE-2025-38035 at SUSECVE-2025-38035 at NVDCVE-2025-38051 at SUSECVE-2025-38051 at NVDCVE-2025-38052 at SUSECVE-2025-38052 at NVDCVE-2025-38058 at SUSECVE-2025-38058 at NVDCVE-2025-38061 at SUSECVE-2025-38061 at NVDCVE-2025-38062 at SUSECVE-2025-38062 at NVDCVE-2025-38063 at SUSECVE-2025-38063 at NVDCVE-2025-38064 at SUSECVE-2025-38064 at NVDCVE-2025-38074 at SUSECVE-2025-38074 at NVDCVE-2025-38084 at SUSECVE-2025-38084 at NVDCVE-2025-38085 at SUSECVE-2025-38085 at NVDCVE-2025-38087 at SUSECVE-2025-38087 at NVDCVE-2025-38088 at SUSECVE-2025-38088 at NVDCVE-2025-38089 at SUSECVE-2025-38089 at NVDCVE-2025-38090 at SUSECVE-2025-38090 at NVDCVE-2025-38094 at SUSECVE-2025-38094 at NVDCVE-2025-38095 at SUSECVE-2025-38095 at NVDCVE-2025-38097 at SUSECVE-2025-38097 at NVDCVE-2025-38098 at SUSECVE-2025-38098 at NVDCVE-2025-38099 at SUSECVE-2025-38099 at NVDCVE-2025-38100 at SUSECVE-2025-38100 at NVDCVE-2025-38102 at SUSECVE-2025-38102 at NVDCVE-2025-38105 at SUSECVE-2025-38105 at NVDCVE-2025-38107 at SUSECVE-2025-38107 at NVDCVE-2025-38108 at SUSECVE-2025-38108 at NVDCVE-2025-38109 at SUSECVE-2025-38109 at NVDCVE-2025-38110 at SUSECVE-2025-38110 at NVDCVE-2025-38111 at SUSECVE-2025-38111 at NVDCVE-2025-38112 at SUSECVE-2025-38112 at NVDCVE-2025-38113 at SUSECVE-2025-38113 at NVDCVE-2025-38115 at SUSECVE-2025-38115 at NVDCVE-2025-38117 at SUSECVE-2025-38117 at NVDCVE-2025-38118 at SUSECVE-2025-38118 at NVDCVE-2025-38120 at SUSECVE-2025-38120 at NVDCVE-2025-38122 at SUSECVE-2025-38122 at NVDCVE-2025-38123 at SUSECVE-2025-38123 at NVDCVE-2025-38124 at SUSECVE-2025-38124 at NVDCVE-2025-38126 at SUSECVE-2025-38126 at NVDCVE-2025-38127 at SUSECVE-2025-38127 at NVDCVE-2025-38129 at SUSECVE-2025-38129 at NVDCVE-2025-38131 at SUSECVE-2025-38131 at NVDCVE-2025-38132 at SUSECVE-2025-38132 at NVDCVE-2025-38135 at SUSECVE-2025-38135 at NVDCVE-2025-38136 at SUSECVE-2025-38136 at NVDCVE-2025-38138 at SUSECVE-2025-38138 at NVDCVE-2025-38142 at SUSECVE-2025-38142 at NVDCVE-2025-38143 at SUSECVE-2025-38143 at NVDCVE-2025-38145 at SUSECVE-2025-38145 at NVDCVE-2025-38147 at SUSECVE-2025-38147 at NVDCVE-2025-38148 at SUSECVE-2025-38148 at NVDCVE-2025-38149 at SUSECVE-2025-38149 at NVDCVE-2025-38151 at SUSECVE-2025-38151 at NVDCVE-2025-38153 at SUSECVE-2025-38153 at NVDCVE-2025-38154 at SUSECVE-2025-38154 at NVDCVE-2025-38155 at SUSECVE-2025-38155 at NVDCVE-2025-38157 at SUSECVE-2025-38157 at NVDCVE-2025-38158 at SUSECVE-2025-38158 at NVDCVE-2025-38159 at SUSECVE-2025-38159 at NVDCVE-2025-38161 at SUSECVE-2025-38161 at NVDCVE-2025-38162 at SUSECVE-2025-38162 at NVDCVE-2025-38165 at SUSECVE-2025-38165 at NVDCVE-2025-38166 at SUSECVE-2025-38166 at NVDCVE-2025-38173 at SUSECVE-2025-38173 at NVDCVE-2025-38174 at SUSECVE-2025-38174 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDCVE-2025-38180 at SUSECVE-2025-38180 at NVDCVE-2025-38181 at SUSECVE-2025-38181 at NVDCVE-2025-38182 at SUSECVE-2025-38182 at NVDCVE-2025-38183 at SUSECVE-2025-38183 at NVDCVE-2025-38187 at SUSECVE-2025-38187 at NVDCVE-2025-38188 at SUSECVE-2025-38188 at NVDCVE-2025-38192 at SUSECVE-2025-38192 at NVDCVE-2025-38193 at SUSECVE-2025-38193 at NVDCVE-2025-38194 at SUSECVE-2025-38194 at NVDCVE-2025-38197 at SUSECVE-2025-38197 at NVDCVE-2025-38198 at SUSECVE-2025-38198 at NVDCVE-2025-38200 at SUSECVE-2025-38200 at NVDCVE-2025-38202 at SUSECVE-2025-38202 at NVDCVE-2025-38203 at SUSECVE-2025-38203 at NVDCVE-2025-38204 at SUSECVE-2025-38204 at NVDCVE-2025-38206 at SUSECVE-2025-38206 at NVDCVE-2025-38210 at SUSECVE-2025-38210 at NVDCVE-2025-38211 at SUSECVE-2025-38211 at NVDCVE-2025-38212 at SUSECVE-2025-38212 at NVDCVE-2025-38213 at SUSECVE-2025-38213 at NVDCVE-2025-38214 at SUSECVE-2025-38214 at NVDCVE-2025-38215 at SUSECVE-2025-38215 at NVDCVE-2025-38217 at SUSECVE-2025-38217 at NVDCVE-2025-38220 at SUSECVE-2025-38220 at NVDCVE-2025-38222 at SUSECVE-2025-38222 at NVDCVE-2025-38225 at SUSECVE-2025-38225 at NVDCVE-2025-38226 at SUSECVE-2025-38226 at NVDCVE-2025-38227 at SUSECVE-2025-38227 at NVDCVE-2025-38229 at SUSECVE-2025-38229 at NVDCVE-2025-38231 at SUSECVE-2025-38231 at NVDCVE-2025-38236 at SUSECVE-2025-38236 at NVDCVE-2025-38239 at SUSECVE-2025-38239 at NVDCVE-2025-38244 at SUSECVE-2025-38244 at NVDCVE-2025-38246 at SUSECVE-2025-38246 at NVDCVE-2025-38248 at SUSECVE-2025-38248 at NVDCVE-2025-38249 at SUSECVE-2025-38249 at NVDCVE-2025-38250 at SUSECVE-2025-38250 at NVDCVE-2025-38257 at SUSECVE-2025-38257 at NVDCVE-2025-38259 at SUSECVE-2025-38259 at NVDCVE-2025-38264 at SUSECVE-2025-38264 at NVDCVE-2025-38272 at SUSECVE-2025-38272 at NVDCVE-2025-38273 at SUSECVE-2025-38273 at NVDCVE-2025-38275 at SUSECVE-2025-38275 at NVDCVE-2025-38277 at SUSECVE-2025-38277 at NVDCVE-2025-38279 at SUSECVE-2025-38279 at NVDCVE-2025-38283 at SUSECVE-2025-38283 at NVDCVE-2025-38286 at SUSECVE-2025-38286 at NVDCVE-2025-38289 at SUSECVE-2025-38289 at NVDCVE-2025-38290 at SUSECVE-2025-38290 at NVDCVE-2025-38292 at SUSECVE-2025-38292 at NVDCVE-2025-38293 at SUSECVE-2025-38293 at NVDCVE-2025-38300 at SUSECVE-2025-38300 at NVDCVE-2025-38303 at SUSECVE-2025-38303 at NVDCVE-2025-38304 at SUSECVE-2025-38304 at NVDCVE-2025-38305 at SUSECVE-2025-38305 at NVDCVE-2025-38307 at SUSECVE-2025-38307 at NVDCVE-2025-38310 at SUSECVE-2025-38310 at NVDCVE-2025-38312 at SUSECVE-2025-38312 at NVDCVE-2025-38313 at SUSECVE-2025-38313 at NVDCVE-2025-38319 at SUSECVE-2025-38319 at NVDCVE-2025-38323 at SUSECVE-2025-38323 at NVDCVE-2025-38326 at SUSECVE-2025-38326 at NVDCVE-2025-38328 at SUSECVE-2025-38328 at NVDCVE-2025-38332 at SUSECVE-2025-38332 at NVDCVE-2025-38334 at SUSECVE-2025-38334 at NVDCVE-2025-38335 at SUSECVE-2025-38335 at NVDCVE-2025-38336 at SUSECVE-2025-38336 at NVDCVE-2025-38337 at SUSECVE-2025-38337 at NVDCVE-2025-38338 at SUSECVE-2025-38338 at NVDCVE-2025-38342 at SUSECVE-2025-38342 at NVDCVE-2025-38343 at SUSECVE-2025-38343 at NVDCVE-2025-38344 at SUSECVE-2025-38344 at NVDCVE-2025-38345 at SUSECVE-2025-38345 at NVDCVE-2025-38348 at SUSECVE-2025-38348 at NVDCVE-2025-38349 at SUSECVE-2025-38349 at NVDCVE-2025-38350 at SUSECVE-2025-38350 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-38354 at SUSECVE-2025-38354 at NVDCVE-2025-38362 at SUSECVE-2025-38362 at NVDCVE-2025-38363 at SUSECVE-2025-38363 at NVDCVE-2025-38364 at SUSECVE-2025-38364 at NVDCVE-2025-38365 at SUSECVE-2025-38365 at NVDCVE-2025-38369 at SUSECVE-2025-38369 at NVDCVE-2025-38371 at SUSECVE-2025-38371 at NVDCVE-2025-38373 at SUSECVE-2025-38373 at NVDCVE-2025-38375 at SUSECVE-2025-38375 at NVDCVE-2025-38376 at SUSECVE-2025-38376 at NVDCVE-2025-38377 at SUSECVE-2025-38377 at NVDCVE-2025-38380 at SUSECVE-2025-38380 at NVDCVE-2025-38382 at SUSECVE-2025-38382 at NVDCVE-2025-38384 at SUSECVE-2025-38384 at NVDCVE-2025-38385 at SUSECVE-2025-38385 at NVDCVE-2025-38386 at SUSECVE-2025-38386 at NVDCVE-2025-38387 at SUSECVE-2025-38387 at NVDCVE-2025-38389 at SUSECVE-2025-38389 at NVDCVE-2025-38391 at SUSECVE-2025-38391 at NVDCVE-2025-38392 at SUSECVE-2025-38392 at NVDCVE-2025-38393 at SUSECVE-2025-38393 at NVDCVE-2025-38395 at SUSECVE-2025-38395 at NVDCVE-2025-38396 at SUSECVE-2025-38396 at NVDCVE-2025-38399 at SUSECVE-2025-38399 at NVDCVE-2025-38400 at SUSECVE-2025-38400 at NVDCVE-2025-38401 at SUSECVE-2025-38401 at NVDCVE-2025-38403 at SUSECVE-2025-38403 at NVDCVE-2025-38404 at SUSECVE-2025-38404 at NVDCVE-2025-38406 at SUSECVE-2025-38406 at NVDCVE-2025-38409 at SUSECVE-2025-38409 at NVDCVE-2025-38410 at SUSECVE-2025-38410 at NVDCVE-2025-38412 at SUSECVE-2025-38412 at NVDCVE-2025-38414 at SUSECVE-2025-38414 at NVDCVE-2025-38415 at SUSECVE-2025-38415 at NVDCVE-2025-38416 at SUSECVE-2025-38416 at NVDCVE-2025-38420 at SUSECVE-2025-38420 at NVDCVE-2025-38424 at SUSECVE-2025-38424 at NVDCVE-2025-38425 at SUSECVE-2025-38425 at NVDCVE-2025-38426 at SUSECVE-2025-38426 at NVDCVE-2025-38428 at SUSECVE-2025-38428 at NVDCVE-2025-38429 at SUSECVE-2025-38429 at NVDCVE-2025-38430 at SUSECVE-2025-38430 at NVDCVE-2025-38436 at SUSECVE-2025-38436 at NVDCVE-2025-38443 at SUSECVE-2025-38443 at NVDCVE-2025-38448 at SUSECVE-2025-38448 at NVDCVE-2025-38449 at SUSECVE-2025-38449 at NVDCVE-2025-38455 at SUSECVE-2025-38455 at NVDCVE-2025-38457 at SUSECVE-2025-38457 at NVDCVE-2025-38460 at SUSECVE-2025-38460 at NVDCVE-2025-38461 at SUSECVE-2025-38461 at NVDCVE-2025-38462 at SUSECVE-2025-38462 at NVDCVE-2025-38463 at SUSECVE-2025-38463 at NVDCVE-2025-38465 at SUSECVE-2025-38465 at NVDCVE-2025-38467 at SUSECVE-2025-38467 at NVDCVE-2025-38468 at SUSECVE-2025-38468 at NVDCVE-2025-38470 at SUSECVE-2025-38470 at NVDCVE-2025-38471 at SUSECVE-2025-38471 at NVDCVE-2025-38473 at SUSECVE-2025-38473 at NVDCVE-2025-38474 at SUSECVE-2025-38474 at NVDCVE-2025-38476 at SUSECVE-2025-38476 at NVDCVE-2025-38477 at SUSECVE-2025-38477 at NVDCVE-2025-38478 at SUSECVE-2025-38478 at NVDCVE-2025-38480 at SUSECVE-2025-38480 at NVDCVE-2025-38481 at SUSECVE-2025-38481 at NVDCVE-2025-38482 at SUSECVE-2025-38482 at NVDCVE-2025-38483 at SUSECVE-2025-38483 at NVDCVE-2025-38485 at SUSECVE-2025-38485 at NVDCVE-2025-38487 at SUSECVE-2025-38487 at NVDCVE-2025-38489 at SUSECVE-2025-38489 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDCVE-2025-38496 at SUSECVE-2025-38496 at NVDCVE-2025-38497 at SUSECVE-2025-38497 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 (Moderate)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_11 fixes the following issues:
This is the initial livepatch for the Update 11 of the RT Kernel for SL Micro 6.0 and 6.1.
Moderatecpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_2 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_5 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_6 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_7 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_4 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_5 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_6 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_6 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_7 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_7 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_8 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_8 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0_Update_2 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues:
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218)
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1245218SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 (Important)SUSE Linux Micro 6.1
This update for kernel-livepatch-MICRO-6-0-RT_Update_9 fixes the following issues:
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350)
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350)
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351)
ImportantSUSE bug 1244337SUSE bug 1245350SUSE bug 1247350SUSE bug 1247351CVE-2025-38083 at SUSECVE-2025-38083 at NVDCVE-2025-38494 at SUSECVE-2025-38494 at NVDCVE-2025-38495 at SUSECVE-2025-38495 at NVDcpe:/o:suse:sl-micro:6.1MesaMesa-driMesa-galliumMesa-libEGL1Mesa-libGL1Mesa-libglapi0libgbm1SL-Micro-releaseNetworkManagerNetworkManager-bluetoothNetworkManager-cloud-setupNetworkManager-pppoeNetworkManager-tuiNetworkManager-wwanlibnm0typelib-1_0-NM-1_0aaa_baseaccountsserviceafterburnafterburn-dracutaideavahilibavahi-client3libavahi-common3libavahi-core7aws-clibashbash-shlibreadline8bcm43xx-firmwareboost-license1_84_0libboost_thread1_84_0btrfsmaintenancebusyboxchkstatpermissionspermissions-configchronychrony-pool-susecifs-utilscloud-initcloud-init-config-susecnicni-pluginsconmonconntrack-toolscontainerdcoolkeycoreutilscoreutils-systemdcpiocracklibcracklib-dict-smalllibcrack2cruncryptsetuplibcryptsetup12cups-configlibcups2curllibcurl4cyrus-saslcyrus-sasl-digestmd5cyrus-sasl-gssapilibsasl2-3dbus-1dbus-1-commondbus-1-daemondbus-1-toolslibdbus-1-3dbus-1-x11dhcpdhcp-clientdnsmasqdockerdocker-composedpdklibdpdk-23dracutdracut-fipse2fsprogslibcom_err2libext2fs2elfutilslibasm1libdw1libelf1filefile-magiclibmagic1findutilsfirewalldpython3-firewallfwupdlibfwupd2typelib-1_0-Fwupd-2_0gdk-pixbuf-loader-rsvglibrsvg-2-2gdk-pixbuf-query-loaderslibgdk_pixbuf-2_0-0typelib-1_0-GdkPixbuf-2_0gitgit-coreperl-Gitglib-networkingglib2-toolslibgio-2_0-0libglib-2_0-0libgmodule-2_0-0libgobject-2_0-0glibcglibc-develglibc-localeglibc-locale-basegnutlslibgnutls30gpg2gptfdiskgrepgroffgrub2grub2-arm64-efigrub2-i386-pcgrub2-s390x-emugrub2-snapper-plugingrub2-x86_64-efigrub2-x86_64-xengstreamerlibgstreamer-1_0-0gstreamer-plugins-baselibgstallocators-1_0-0libgstapp-1_0-0libgstaudio-1_0-0libgstgl-1_0-0libgstpbutils-1_0-0libgstriff-1_0-0libgsttag-1_0-0libgstvideo-1_0-0guestfs-toolsgziphaproxyhyper-vipmitooliputilsiscsiuiolibopeniscsiusr0open-iscsijqlibjq1kbdkbd-legacykdumpkeepalivedkernel-defaultkernel-default-extrakernel-firmware-allkernel-firmware-amdgpukernel-firmware-ath10kkernel-firmware-ath11kkernel-firmware-ath12kkernel-firmware-atheroskernel-firmware-bluetoothkernel-firmware-bnx2kernel-firmware-brcmkernel-firmware-chelsiokernel-firmware-dpaa2kernel-firmware-i915kernel-firmware-intelkernel-firmware-iwlwifikernel-firmware-liquidiokernel-firmware-marvellkernel-firmware-mediakernel-firmware-mediatekkernel-firmware-mellanoxkernel-firmware-mwifiexkernel-firmware-networkkernel-firmware-nfpkernel-firmware-nvidiakernel-firmware-platformkernel-firmware-presterakernel-firmware-qcomkernel-firmware-qlogickernel-firmware-radeonkernel-firmware-realtekkernel-firmware-serialkernel-firmware-soundkernel-firmware-tikernel-firmware-ueaglekernel-firmware-usb-networkucode-amdkernel-rtkpartxlibmpath0multipath-toolskrb5kubevirt-manifestskubevirt-virtctllesslibX11-6libX11-datalibX11-xcb1libXcursor1libXext6libXfixes3libXi6libXinerama1libXrandr2libXrender1libXv1libXxf86vm1libarchive13libasound2libatomic1libgcc_s1libgomp1libstdc++6libaudit1libauparse0libaugeas0libfa1libblkid1libfdisk1libmount1libsmartcols1libuuid1util-linuxutil-linux-systemdlibbluetooth3libbpf1libbz2-1libcairo-gobject2libcairo2libcap2libcares2libcdrdeflt1_0libdeflt1_0libfile1_0libfind4_0librscg1_0libscg1_0libscgcmd1_0libschily2_0mkisofslibcolord2libcontainers-commonlibcontainers-default-policylibcontainers-sles-mountsregistries-conf-suselibdrm2libdrm_amdgpu1libdrm_intel1libdrm_nouveau2libdrm_radeon1libeconf0libekmfweb1libkmipclient1s390-toolslibesmtp6_2_0libevent-2_1-7libexpat1libexslt0libxslt1libfreebl3libsoftokn3mozilla-nssmozilla-nss-certsmozilla-nss-toolslibfreetype6libfribidi0libfuse2libgcrypt20libgmp10libgpgme11libgraphite2-3libguestfs0libharfbuzz-gobject0libharfbuzz0typelib-1_0-HarfBuzz-0_0libhogweed6libnettle8libidn2-0libjansson4libjbig2libjcat1libjpeg8libjson-c5libksba8liblcms2-2libldap2libldb2libltdl7liblua5_4-5liblz4-1liblzma5xzliblzo2-2libmicrohttpd12libmpfr6libmspack0libncurses6ncurses-utilsterminfo-baselibndp0libnewt0_52libnfsidmap1nfs-clientnfs-kernel-serverlibnghttp2-14libonig5libopenssl-3-devellibopenssl-3-fips-providerlibopenssl3openssl-3libopenssl-developenssllibopenvswitch-3_1-0openvswitchlibopus0libosinfolibosinfo-1_0-0typelib-1_0-Libosinfo-1_0libp11-kit0p11-kitp11-kit-toolslibpango-1_0-0typelib-1_0-Pango-1_0libpcap1libpcp3libpcp_import1pcp-conflibpcre2-8-0libpcsclite1pcsc-litelibpixman-1-0libpkgconf3pkgconfpkgconf-m4pkgconf-pkg-configlibpng16-16libpolkit-agent-1-0libpolkit-gobject-1-0polkitlibprocps8procpslibprotobuf-c1libproxy1libpython3_11-1_0python311python311-basepython311-curseslibrados2librbd1librpmbuild9rpmlibseccomp2libsepol2libsha1detectcoll1libslirp0libsnmp40snmp-mibslibsolv-toolslibsoup-3_0-0libspice-server1libsqlite3-0libssh-configlibssh4libssh2-1libsss_certmap0libsss_idmap0libsss_nss_idmap0sssdsssd-adsssd-krb5sssd-krb5-commonsssd-ldaplibsubid4login_defsshadowlibsystemd0libudev1systemdsystemd-containersystemd-coredumpsystemd-experimentalsystemd-journal-remotesystemd-portableudevlibtasn1-6libthai-datalibthai0libtiff6libtirpc-netconfiglibtirpc3libtpms0libtspi1trouserslibtss2-esys0libtss2-fapi1libtss2-mu0libtss2-rc0libtss2-sys1libtss2-tcti-device0libtss2-tctildr0tpm2-0-tsslibudisks2-0libudisks2-0_btrfslibudisks2-0_lvm2udisks2libunbound8unbound-anchorlibunwind8libusbredirparser1libvirglrenderer1libvirt-clientlibvirt-client-qemulibvirt-daemonlibvirt-daemon-commonlibvirt-daemon-config-networklibvirt-daemon-driver-networklibvirt-daemon-driver-nodedevlibvirt-daemon-driver-nwfilterlibvirt-daemon-driver-qemulibvirt-daemon-driver-secretlibvirt-daemon-driver-storagelibvirt-daemon-driver-storage-corelibvirt-daemon-driver-storage-disklibvirt-daemon-driver-storage-iscsilibvirt-daemon-driver-storage-iscsi-directlibvirt-daemon-driver-storage-logicallibvirt-daemon-driver-storage-mpathlibvirt-daemon-driver-storage-rbdlibvirt-daemon-driver-storage-scsilibvirt-daemon-hookslibvirt-daemon-locklibvirt-daemon-loglibvirt-daemon-plugin-lockdlibvirt-daemon-proxylibvirt-daemon-qemulibvirt-libslibvirt-nsslibvmtools0open-vm-toolslibvorbis0libvorbisenc2libxcb-dri2-0libxcb-dri3-0libxcb-glx0libxcb-present0libxcb-randr0libxcb-render0libxcb-shm0libxcb-sync1libxcb-xfixes0libxcb1libxkbcommon0libxml2-2libxml2-toolspython311-libxml2libyajl2libyaml-0-2libyaml-cpp0_8libz1zlib-devellibzmq5libzstd1zstdlibzypplogrotatem4mailxmanmozilla-nspropenscopensshopenssh-clientsopenssh-commonopenssh-fipsopenssh-serveropenssh-server-config-rootloginpampam_u2fpatchpcsc-ccidperlperl-basepodmanpodman-dockerpodman-remotepolicycoreutilspolicycoreutils-develpolicycoreutils-python-utilspython3-policycoreutilspppprocmailpython3-saltsaltsalt-mastersalt-minionsalt-transactional-updatepython311-Jinja2python311-M2Cryptopython311-PyJWTpython311-PyYAMLpython311-certifipython311-configobjpython311-cryptographypython311-httpxpython311-lxmlpython311-oauthlibpython311-pypython311-pyOpenSSLpython311-pyzmqpython311-requestspython311-rsapython311-setuptoolspython311-tornado6python311-urllib3qemuqemu-accel-tcg-x86qemu-armqemu-audio-spiceqemu-block-curlqemu-block-iscsiqemu-block-rbdqemu-block-sshqemu-chardev-spiceqemu-guest-agentqemu-hw-display-qxlqemu-hw-display-virtio-gpuqemu-hw-display-virtio-gpu-pciqemu-hw-display-virtio-vgaqemu-hw-usb-hostqemu-hw-usb-redirectqemu-imgqemu-ipxeqemu-ksmqemu-langqemu-pr-helperqemu-s390xqemu-seabiosqemu-toolsqemu-ui-openglqemu-ui-spice-coreqemu-vgabiosqemu-x86qemu-ovmf-x86_64qemu-uefi-aarch64rpcbindrsyncruncrust-keylimesamba-client-libsshimskopeoslirp4netnssocatsquashfssudosupportutilssuse-module-toolssuse-module-tools-scriptletsswtpmswtpm-selinuxsysstatsystem-user-velociraptorvelociraptor-clientsysvinit-toolstartftptpm2.0-toolstracerouteu-boot-rpiarm64u-boot-rpiarm64-docucode-intelupdate-alternativesvim-data-commonvim-smallvirt-installvirt-manager-commonvirtiofsdwgetwpa_supplicantyast2-logszypperzypper-needs-restartingaugeasaugeas-lenseslibboost_filesystem1_84_0buildkitbzip2chrony-pool-emptycockpitcockpit-bridgecockpit-networkmanagercockpit-selinuxcockpit-storagedcockpit-systemcockpit-wscontainerized-data-importer-manifestsdpdk-toolslibelf-develgrub2-powerpc-ieee1275gtk3-datagtk3-schemagtk3-toolslibgtk-3-0typelib-1_0-Gtk-3_0kernel-default-livepatchkernel-kvmsmallkernel-macroskernel-sourcekernel-source-rtkernel-firmware-nvidia-gspx-G06nvidia-open-driver-G06-signed-kmp-defaultlastlog2liblastlog2-2registries-conf-defaults390-tools-genprotimg-datalibguestfslibguestfs-appliancelibhivex0liboath0libpskc0oath-toolkitoath-toolkit-xmlpam_oathliborc-0_4-0libpcre1libqb100libsolv-tools-basesystemd-sysvcompatlibtss2-fapi-commonlibusbguard1usbguardusbguard-toolslibzstd-developenCryptokipowerpc-utilsppc64-diagpython311-dnspythonpython311-idnaqemu-SLOFqemu-block-nfsqemu-headlessqemu-ppcqemu-spicesevctlzram-generatorgrub2-commonqemu-hw-s390x-virtio-gpu-ccwqemu-vmsr-helperkernel-64kbkernel-default-basekernel-rt-livepatchpython3-sssd-configsssd-dbussssd-toolspython313-tornado6gio-branding-SLElibgirepository-2_0-0typelib-1_0-GLib-2_0typelib-1_0-GModule-2_0typelib-1_0-GObject-2_0typelib-1_0-Gio-2_0docker-buildxpodmanshlibpython3_13-1_0python313python313-basepython313-cursespython313-urllib3python313-pyasn1kernel-livepatch-6_12_0-160000_7-defaultkernel-livepatch-6_12_0-160000_5-rtkernel-livepatch-6_12_0-160000_7-rtkernel-livepatch-6_12_0-160000_6-rtkernel-livepatch-6_12_0-160000_5-defaultcockpit-subscriptionskernel-livepatch-6_12_0-160000_6-defaultelemental-registerelemental-supportelemental-toolkitglibc-gconv-modules-extralibdpdk-25python313-libxml2python313-maturincockpit-firewalldcockpit-kdumpcockpit-ws-selinuxcockpit-machinescockpit-reposopenssl-3-livepatchesglibc-livepatcheskernel-livepatch-6_12_0-160000_26-defaultkernel-livepatch-6_12_0-160000_26-rtcockpit-podmankernel-livepatch-6_12_0-160000_8-defaulthelmhelm-bash-completionlibprotobuf28_3_0libutf8_range-28_3_0libsodium26kernel-livepatch-6_12_0-160000_8-rtkernel-livepatch-6_12_0-160000_9-rtkernel-livepatch-6_12_0-160000_27-defaultkernel-livepatch-6_12_0-160000_27-rtkernel-livepatch-6_12_0-160000_9-defaultpython313-PyJWTnet-toolspython313-cryptographylibvirt-daemon-config-nwfilterbinutilslibctf-nobfd0libctf0libdb-4_8nvidia-open-driver-G06-signed-cuda-kmp-defaultcloud-regionsrv-clientcloud-regionsrv-client-addon-azurecloud-regionsrv-client-generic-configcloud-regionsrv-client-plugin-azurecloud-regionsrv-client-plugin-ec2cloud-regionsrv-client-plugin-gcepython311-tomlpython311-saltpam_pkcs11pcr-oracleca-certificates-mozillalibefivar1libtss2-tcti-spi-helper0libtss2-tcti-spidev0krb5-clientlibprotobuf-lite23_4_0libprotobuf23_4_0python311-h11python311-httpcorelibbd_btrfs2libbd_crypto2libbd_fs2libbd_loop2libbd_lvm2libbd_mdraid2libbd_part2libbd_swap2libbd_utils2libblockdevlibblockdev2pam-configignitionselinux-policyselinux-policy-develselinux-policy-targetedlibsodium23net-snmpperl-SNMPlibabsl2308_0_0jitterentropy-devellibjitterentropy3libpulp-toolslibpulp0python311-pyasn1kernel-livepatch-6_4_0-19-defaultkernel-livepatch-6_4_0-10-rtlibcapstone4kernel-livepatch-6_4_0-20-defaultkernel-livepatch-6_4_0-11-rtkernel-livepatch-6_4_0-24-defaultkernel-livepatch-6_4_0-31-defaultkernel-livepatch-6_4_0-28-defaultkernel-livepatch-6_4_0-29-defaultkernel-livepatch-6_4_0-30-defaultkernel-livepatch-6_4_0-22-rtkernel-livepatch-6_4_0-25-rtkernel-livepatch-6_4_0-28-rtkernel-livepatch-6_4_0-30-rtkernel-livepatch-6_4_0-31-rtkernel-livepatch-6_4_0-33-rtkernel-livepatch-6_4_0-25-defaultkernel-livepatch-6_4_0-34-rtkernel-livepatch-6_4_0-36-rtkernel-livepatch-6_4_0-35-defaultkernel-livepatch-6_4_0-37-rtkernel-livepatch-6_4_0-35-rtkernel-livepatch-6_4_0-32-defaultkernel-livepatch-6_4_0-34-defaultkernel-livepatch-6_4_0-36-defaultkernel-livepatch-6_4_0-39-defaultkernel-livepatch-6_4_0-40-defaultkernel-livepatch-6_4_0-38-rtkernel-livepatch-6_4_0-38-defaultkernel-livepatch-6_4_0-39-rtstalldgoogle-osconfig-agentgoogle-guest-agent(aarch64|ppc64le|s390x|x86_64)0:23.3.4-7.36.0(aarch64|ppc64le|s390x|x86_64)0:1.42.6-5.14(aarch64|ppc64le|s390x|x86_64)0:84.87+git20230815.cab7b44-1.8(aarch64|ppc64le|s390x|x86_64)0:22.08.8-1.13(aarch64|ppc64le|s390x|x86_64)0:5.4.1-1.10(aarch64|ppc64le|s390x|x86_64)0:0.18.6-1.5(aarch64|ppc64le|s390x|x86_64)0:0.8-4.6(aarch64|ppc64le|s390x|x86_64)0:1.31.11-1.1(aarch64|ppc64le|s390x|x86_64)0:5.2.15-2.57(aarch64|ppc64le|s390x|x86_64)0:8.2-2.180(aarch64|ppc64le|s390x|x86_64)0:20180314-3.7(aarch64|ppc64le|s390x|x86_64)0:1.84.0-1.4(aarch64|ppc64le|s390x|x86_64)0:0.5-2.8(aarch64|ppc64le|s390x|x86_64)0:1.36.1-2.8(aarch64|ppc64le|s390x|x86_64)0:1600_20240206-1.8(aarch64|ppc64le|s390x|x86_64)0:4.4-1.3(aarch64|ppc64le|s390x|x86_64)0:7.0-2.9(aarch64|ppc64le|s390x|x86_64)0:23.3-6.1(aarch64|ppc64le|s390x|x86_64)0:1.1.2-4.4(aarch64|ppc64le|s390x|x86_64)0:1.3.0-1.4(aarch64|ppc64le|s390x|x86_64)0:2.1.10-1.2(aarch64|ppc64le|s390x|x86_64)0:1.4.8-1.6(aarch64|ppc64le|s390x|x86_64)0:1.7.10-1.4(aarch64|ppc64le|s390x|x86_64)0:1.1.0-1.8(aarch64|ppc64le|s390x|x86_64)0:9.4-4.8(aarch64|ppc64le|s390x|x86_64)0:2.15-1.3(aarch64|ppc64le|s390x|x86_64)0:2.9.11-1.6(aarch64|ppc64le|s390x|x86_64)0:1.14-1.18(aarch64|ppc64le|s390x|x86_64)0:2.6.1-4.13(aarch64|ppc64le|s390x|x86_64)0:2.4.2-5.6(aarch64|ppc64le|s390x|x86_64)0:8.6.0-1.2(aarch64|ppc64le|s390x|x86_64)0:2.1.28-5.7(aarch64|ppc64le|s390x|x86_64)0:1.14.10-1.11(aarch64|ppc64le|s390x|x86_64)0:4.4.2.P1-1.6(aarch64|ppc64le|s390x|x86_64)0:2.89-7.6(aarch64|ppc64le|s390x|x86_64)0:24.0.7_ce-2.3(aarch64|ppc64le|s390x|x86_64)0:2.24.5-1.4(aarch64|ppc64le|s390x|x86_64)0:22.11.1-1.51(aarch64|ppc64le|s390x|x86_64)0:059+suse.557.g8a62bf73-1.8(aarch64|ppc64le|s390x|x86_64)0:1.47.0-2.3(aarch64|ppc64le|s390x|x86_64)0:0.189-4.143(aarch64|ppc64le|s390x|x86_64)0:5.44-4.151(aarch64|ppc64le|s390x|x86_64)0:4.9.0-2.181(aarch64|ppc64le|s390x|x86_64)0:2.0.0-1.7(aarch64|ppc64le|s390x|x86_64)0:1.9.11-1.2(aarch64|ppc64le|s390x|x86_64)0:2.56.3-1.8(aarch64|ppc64le|s390x|x86_64)0:2.42.10-2.12(aarch64|ppc64le|s390x|x86_64)0:2.42.1-1.4(aarch64|ppc64le|s390x|x86_64)0:2.76.0-2.10(aarch64|ppc64le|s390x|x86_64)0:2.76.2-4.12(aarch64|ppc64le|s390x|x86_64)0:2.38-6.4(aarch64|ppc64le|s390x|x86_64)0:3.8.3-1.13(aarch64|ppc64le|s390x|x86_64)0:2.4.4-1.2(aarch64|ppc64le|s390x|x86_64)0:1.0.9-3.5(aarch64|ppc64le|s390x|x86_64)0:3.11-4.8(aarch64|ppc64le|s390x|x86_64)0:1.23.0-1.43(aarch64|ppc64le|s390x|x86_64)0:2.12~rc1-5.30(aarch64|ppc64le|s390x|x86_64)0:1.22.9-1.2(aarch64|ppc64le|s390x|x86_64)0:1.22.9-1.3(aarch64|ppc64le|s390x|x86_64)0:1.52.0-1.2(aarch64|ppc64le|s390x|x86_64)0:1.13-1.50(aarch64|ppc64le|s390x|x86_64)0:2.8.3+git0.86e043add-1.7(aarch64|ppc64le|s390x|x86_64)0:8-1.8(aarch64|ppc64le|s390x|x86_64)0:1.8.19.13.gbe11d94-1.10(aarch64|ppc64le|s390x|x86_64)0:20221126-2.10(aarch64|ppc64le|s390x|x86_64)0:0.7.8.8-3.7(aarch64|ppc64le|s390x|x86_64)0:0.2.0-3.7(aarch64|ppc64le|s390x|x86_64)0:2.1.9-3.7(aarch64|ppc64le|s390x|x86_64)0:1.6-2.9(aarch64|ppc64le|s390x|x86_64)0:2.6.4-1.3(aarch64|ppc64le|s390x|x86_64)0:2.0.1-1.3(aarch64|ppc64le|s390x|x86_64)0:2.2.8-1.11(aarch64|ppc64le|s390x|x86_64)0:6.4.0-17.1(aarch64|ppc64le|s390x|x86_64)0:20240201-1.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-8.1(aarch64|ppc64le|s390x|x86_64)0:0.9.6+71+suse.f07325e-1.7(aarch64|ppc64le|s390x|x86_64)0:1.20.1-4.11(aarch64|ppc64le|s390x|x86_64)0:1.1.1-2.7(aarch64|ppc64le|s390x|x86_64)0:633-2.72(aarch64|ppc64le|s390x|x86_64)0:1.8.7-2.2(aarch64|ppc64le|s390x|x86_64)0:1.2.1-2.7(aarch64|ppc64le|s390x|x86_64)0:1.3.5-2.9(aarch64|ppc64le|s390x|x86_64)0:6.0.1-2.7(aarch64|ppc64le|s390x|x86_64)0:1.8.1-2.10(aarch64|ppc64le|s390x|x86_64)0:1.1.5-2.7(aarch64|ppc64le|s390x|x86_64)0:1.5.4-1.3(aarch64|ppc64le|s390x|x86_64)0:0.9.11-2.7(aarch64|ppc64le|s390x|x86_64)0:1.0.12-2.10(aarch64|ppc64le|s390x|x86_64)0:3.6.2-2.9(aarch64|ppc64le|s390x|x86_64)0:1.2.10-2.6(aarch64|ppc64le|s390x|x86_64)0:13.2.1+git8285-1.15(aarch64|ppc64le|s390x|x86_64)0:3.0.9-3.143(aarch64|ppc64le|s390x|x86_64)0:1.14.1-1.8(aarch64|ppc64le|s390x|x86_64)0:2.39.3-2.7(aarch64|ppc64le|s390x|x86_64)0:5.70-1.6(aarch64|ppc64le|s390x|x86_64)0:1.2.0-3.8(aarch64|ppc64le|s390x|x86_64)0:1.0.8-2.191(aarch64|ppc64le|s390x|x86_64)0:1.17.8-2.13(aarch64|ppc64le|s390x|x86_64)0:2.69-2.83(aarch64|ppc64le|s390x|x86_64)0:1.27.0-1.7(aarch64|ppc64le|s390x|x86_64)0:3.02~a10-4.31(aarch64|ppc64le|s390x|x86_64)0:2022.10.16-4.31(aarch64|ppc64le|s390x|x86_64)0:1.8-4.31(aarch64|ppc64le|s390x|x86_64)0:1.4.6-2.14(aarch64|ppc64le|s390x|x86_64)0:20240408-2.1(aarch64|ppc64le|s390x|x86_64)0:2.4.119-1.2(aarch64|ppc64le|s390x|x86_64)0:0.6.1-1.13(aarch64|ppc64le|s390x|x86_64)0:2.31.0-1.21(aarch64|ppc64le|s390x|x86_64)0:1.1.0-1.7(aarch64|ppc64le|s390x|x86_64)0:2.1.12-2.11(aarch64|ppc64le|s390x|x86_64)0:2.5.0-2.188(aarch64|ppc64le|s390x|x86_64)0:1.1.38-2.9(aarch64|ppc64le|s390x|x86_64)0:3.90.2-1.5(aarch64|ppc64le|s390x|x86_64)0:2.13.2-1.6(aarch64|ppc64le|s390x|x86_64)0:1.0.13-1.4(aarch64|ppc64le|s390x|x86_64)0:2.9.9-2.9(aarch64|ppc64le|s390x|x86_64)0:1.10.3-1.37(aarch64|ppc64le|s390x|x86_64)0:6.3.0-1.119(aarch64|ppc64le|s390x|x86_64)0:1.23.0-1.37(aarch64|ppc64le|s390x|x86_64)0:1.3.14-3.11(aarch64|ppc64le|s390x|x86_64)0:1.52.0-1.3(aarch64|ppc64le|s390x|x86_64)0:7.2.0-7.14(aarch64|ppc64le|s390x|x86_64)0:3.9.1-3.10(aarch64|ppc64le|s390x|x86_64)0:2.3.4-2.6(aarch64|ppc64le|s390x|x86_64)0:2.14-2.5(aarch64|ppc64le|s390x|x86_64)0:2.1-2.8(aarch64|ppc64le|s390x|x86_64)0:0.1.14-1.5(aarch64|ppc64le|s390x|x86_64)0:8.3.2-5.2(aarch64|ppc64le|s390x|x86_64)0:0.16-2.9(aarch64|ppc64le|s390x|x86_64)0:1.6.4-1.4(aarch64|ppc64le|s390x|x86_64)0:2.16-1.2(aarch64|ppc64le|s390x|x86_64)0:2.6.4-4.12(aarch64|ppc64le|s390x|x86_64)0:2.8.0-1.6(aarch64|ppc64le|s390x|x86_64)0:2.4.7-2.186(aarch64|ppc64le|s390x|x86_64)0:5.4.6-1.68(aarch64|ppc64le|s390x|x86_64)0:1.9.4-2.8(aarch64|ppc64le|s390x|x86_64)0:5.4.3-4.166(aarch64|ppc64le|s390x|x86_64)0:2.10-2.8(aarch64|ppc64le|s390x|x86_64)0:0.9.77-1.10(aarch64|ppc64le|s390x|x86_64)0:4.2.1-1.117(aarch64|ppc64le|s390x|x86_64)0:0.11-4.7(aarch64|ppc64le|s390x|x86_64)0:6.4.20240224-10.2(aarch64|ppc64le|s390x|x86_64)0:1.8-2.7(aarch64|ppc64le|s390x|x86_64)0:0.52.23-5.10(aarch64|ppc64le|s390x|x86_64)0:1.0-36.15(aarch64|ppc64le|s390x|x86_64)0:2.6.3-36.15(aarch64|ppc64le|s390x|x86_64)0:1.52.0-4.12(aarch64|ppc64le|s390x|x86_64)0:6.9.8-2.8(aarch64|ppc64le|s390x|x86_64)0:3.1.4-5.6(aarch64|ppc64le|s390x|x86_64)0:3.1.4-3.1(aarch64|ppc64le|s390x|x86_64)0:3.1.0-3.2(aarch64|ppc64le|s390x|x86_64)0:1.4-2.8(aarch64|ppc64le|s390x|x86_64)0:1.11.0-1.1(aarch64|ppc64le|s390x|x86_64)0:0.25.3-1.6(aarch64|ppc64le|s390x|x86_64)0:1.50.14-2.12(aarch64|ppc64le|s390x|x86_64)0:1.10.4-2.14(aarch64|ppc64le|s390x|x86_64)0:5.3.7-1.8(aarch64|ppc64le|s390x|x86_64)0:10.42-2.179(aarch64|ppc64le|s390x|x86_64)0:2.0.1-1.2(aarch64|ppc64le|s390x|x86_64)0:0.42.2-2.8(aarch64|ppc64le|s390x|x86_64)0:1.8.0-2.205(aarch64|ppc64le|s390x|x86_64)0:1.6.43-1.1(aarch64|ppc64le|s390x|x86_64)0:121-2.15(aarch64|ppc64le|s390x|x86_64)0:3.3.17-4.7(aarch64|ppc64le|s390x|x86_64)0:1.5.0-1.3(aarch64|ppc64le|s390x|x86_64)0:0.4.18-5.12(aarch64|ppc64le|s390x|x86_64)0:3.11.8-2.2(aarch64|ppc64le|s390x|x86_64)0:16.2.14.66+g7aa6ce9419f-1.5(aarch64|ppc64le|s390x|x86_64)0:4.18.0-6.133(aarch64|ppc64le|s390x|x86_64)0:2.5.4-2.199(aarch64|ppc64le|s390x|x86_64)0:3.5-2.196(aarch64|ppc64le|s390x|x86_64)0:1.0.3-2.5(aarch64|ppc64le|s390x|x86_64)0:4.7.0+44-4.10(aarch64|ppc64le|s390x|x86_64)0:5.9.3-2.21(aarch64|ppc64le|s390x|x86_64)0:0.7.28-1.3(aarch64|ppc64le|s390x|x86_64)0:3.4.2-3.11(aarch64|ppc64le|s390x|x86_64)0:0.15.1-4.10(aarch64|ppc64le|s390x|x86_64)0:3.44.2-1.2(aarch64|ppc64le|s390x|x86_64)0:0.10.6-1.12(aarch64|ppc64le|s390x|x86_64)0:1.11.0-2.5(aarch64|ppc64le|s390x|x86_64)0:2.8.2-5.13(aarch64|ppc64le|s390x|x86_64)0:4.15.1-1.1(aarch64|ppc64le|s390x|x86_64)0:254.9-1.9(aarch64|ppc64le|s390x|x86_64)0:4.19.0-2.7(aarch64|ppc64le|s390x|x86_64)0:0.1.29-2.5(aarch64|ppc64le|s390x|x86_64)0:4.6.0-3.3(aarch64|ppc64le|s390x|x86_64)0:1.3.4-1.6(aarch64|ppc64le|s390x|x86_64)0:0.9.6-1.13(aarch64|ppc64le|s390x|x86_64)0:0.3.15-3.13(aarch64|ppc64le|s390x|x86_64)0:4.0.1-2.15(aarch64|ppc64le|s390x|x86_64)0:2.9.4-1.12(aarch64|ppc64le|s390x|x86_64)0:1.17.1-2.15(aarch64|ppc64le|s390x|x86_64)0:1.6.2-2.9(aarch64|ppc64le|s390x|x86_64)0:0.13.0-4.11(aarch64|ppc64le|s390x|x86_64)0:0.9.1-4.10(aarch64|ppc64le|s390x|x86_64)0:10.0.0-2.1(aarch64|ppc64le|s390x|x86_64)0:12.4.0-1.1(aarch64|ppc64le|s390x|x86_64)0:1.3.7-3.12(aarch64|ppc64le|s390x|x86_64)0:1.15-6.9(aarch64|ppc64le|s390x|x86_64)0:1.5.0-2.11(aarch64|ppc64le|s390x|x86_64)0:2.11.6-2.1(aarch64|ppc64le|s390x|x86_64)0:2.1.0-5.10(aarch64|ppc64le|s390x|x86_64)0:0.2.5-2.7(aarch64|ppc64le|s390x|x86_64)0:0.8.0-1.11(aarch64|ppc64le|s390x|x86_64)0:1.2.13-6.138(aarch64|ppc64le|s390x|x86_64)0:4.3.5-1.7(aarch64|ppc64le|s390x|x86_64)0:1.5.5-8.142(aarch64|ppc64le|s390x|x86_64)0:17.31.31-1.4(aarch64|ppc64le|s390x|x86_64)0:3.21.0-2.12(aarch64|ppc64le|s390x|x86_64)0:1.4.18-5.178(aarch64|ppc64le|s390x|x86_64)0:12.5-4.2(aarch64|ppc64le|s390x|x86_64)0:2.11.2-1.8(aarch64|ppc64le|s390x|x86_64)0:4.35-3.11(aarch64|ppc64le|s390x|x86_64)0:0.24.0-2.1(aarch64|ppc64le|s390x|x86_64)0:9.6p1-1.4(aarch64|ppc64le|s390x|x86_64)0:1.6.0-2.22(aarch64|ppc64le|s390x|x86_64)0:1.3.0-1.3(aarch64|ppc64le|s390x|x86_64)0:2.7.6-2.202(aarch64|ppc64le|s390x|x86_64)0:1.5.4-1.6(aarch64|ppc64le|s390x|x86_64)0:5.38.2-1.52(aarch64|ppc64le|s390x|x86_64)0:4.9.3-1.3(aarch64|ppc64le|s390x|x86_64)0:3.5-6.40(aarch64|ppc64le|s390x|x86_64)0:2.4.9-5.10(aarch64|ppc64le|s390x|x86_64)0:3.24-1.20(aarch64|ppc64le|s390x|x86_64)0:3006.0-6.8(aarch64|ppc64le|s390x|x86_64)0:3.1.2-5.9(aarch64|ppc64le|s390x|x86_64)0:0.39.0-1.17(aarch64|ppc64le|s390x|x86_64)0:2.8.0-1.4(aarch64|ppc64le|s390x|x86_64)0:6.0.1-1.9(aarch64|ppc64le|s390x|x86_64)0:2023.7.22-1.38(aarch64|ppc64le|s390x|x86_64)0:5.0.8-2.7(aarch64|ppc64le|s390x|x86_64)0:42.0.4-1.7(aarch64|ppc64le|s390x|x86_64)0:0.24.0-5.82(aarch64|ppc64le|s390x|x86_64)0:4.9.3-1.10(aarch64|ppc64le|s390x|x86_64)0:3.2.2-1.4(aarch64|ppc64le|s390x|x86_64)0:1.11.0-6.86(aarch64|ppc64le|s390x|x86_64)0:24.0.0-1.8(aarch64|ppc64le|s390x|x86_64)0:25.1.1-1.8(aarch64|ppc64le|s390x|x86_64)0:2.31.0-1.48(aarch64|ppc64le|s390x|x86_64)0:4.9-3.3(aarch64|ppc64le|s390x|x86_64)0:69.0.2-1.24(aarch64|ppc64le|s390x|x86_64)0:6.4-1.1(aarch64|ppc64le|s390x|x86_64)0:2.1.0-1.8(aarch64|ppc64le|s390x|x86_64)0:8.2.1-2.8(aarch64|ppc64le|s390x|x86_64)0:8.2.11.16.3_3_ga95067eb-2.8(aarch64|ppc64le|s390x|x86_64)0:202305-1.52(aarch64|ppc64le|s390x|x86_64)0:1.2.6-1.9(aarch64|ppc64le|s390x|x86_64)0:3.2.7-3.8(aarch64|ppc64le|s390x|x86_64)0:1.1.12-1.3(aarch64|ppc64le|s390x|x86_64)0:0.2.1+git.1682587333.b497f1d-1.11(aarch64|ppc64le|s390x|x86_64)0:4.19.4+git.339.acf1ccaa02-1.22(aarch64|ppc64le|s390x|x86_64)0:15.7-11.2(aarch64|ppc64le|s390x|x86_64)0:1.14.0-1.4(aarch64|ppc64le|s390x|x86_64)0:1.2.2-1.2(aarch64|ppc64le|s390x|x86_64)0:1.7.4.3-2.9(aarch64|ppc64le|s390x|x86_64)0:4.6.1-3.7(aarch64|ppc64le|s390x|x86_64)0:1.9.15p5-1.3(aarch64|ppc64le|s390x|x86_64)0:3.2.7-1.1(aarch64|ppc64le|s390x|x86_64)0:16.0.43-1.1(aarch64|ppc64le|s390x|x86_64)0:0.8.0-1.86(aarch64|ppc64le|s390x|x86_64)0:12.6.2-2.10(aarch64|ppc64le|s390x|x86_64)0:1.0.0-1.17(aarch64|ppc64le|s390x|x86_64)0:0.6.7.5~git81.01be570-1.17(aarch64|ppc64le|s390x|x86_64)0:3.00-6.7(aarch64|ppc64le|s390x|x86_64)0:1.35-1.1(aarch64|ppc64le|s390x|x86_64)0:5.2-1.5(aarch64|ppc64le|s390x|x86_64)0:5.5-1.10(aarch64|ppc64le|s390x|x86_64)0:2.1.3-1.3(aarch64|ppc64le|s390x|x86_64)0:2023.04-1.11(aarch64|ppc64le|s390x|x86_64)0:20231114-1.3(aarch64|ppc64le|s390x|x86_64)0:1.22.0-1.53(aarch64|ppc64le|s390x|x86_64)0:9.1.0111-1.2(aarch64|ppc64le|s390x|x86_64)0:4.1.0-4.1(aarch64|ppc64le|s390x|x86_64)0:1.10.1-1.1(aarch64|ppc64le|s390x|x86_64)0:1.21.4-1.12(aarch64|ppc64le|s390x|x86_64)0:2.10-4.18(aarch64|ppc64le|s390x|x86_64)0:4.6.2-4.4(aarch64|ppc64le|s390x|x86_64)0:1.14.68-1.8(aarch64|ppc64le|s390x|x86_64)0:23.3.4-slfo.1.1_1.36.1(aarch64|ppc64le|s390x|x86_64)0:1.42.6-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:84.87+git20240906.742565b-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:22.08.8-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:5.4.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.18.6-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.14.1-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:0.8-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.31.11-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:5.2.15-slfo.1.1_1.6(aarch64|ppc64le|s390x|x86_64)0:8.2-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:20180314-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.84.0-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:0.5-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.12.5-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.0.8-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:1600_20240206-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:4.5-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:7.0-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:23.3-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.1.2-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.3.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:321-slfo.1.1_2.4(aarch64|ppc64le|s390x|x86_64)0:2.1.10-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.4.8-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.7.21-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.60.1-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.1.0-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:9.4-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:9.4-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.15-slfo.1.1_2.4(aarch64|ppc64le|s390x|x86_64)0:2.9.11-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.15-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.6.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.4.10-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:8.9.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.1.28-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.14.10-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:4.4.2.P1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.90-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:25.0.6_ce-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.24.5-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:22.11.1-slfo.1.1_1.9(aarch64|ppc64le|s390x|x86_64)0:059+suse.607.g2d95edb5-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:1.47.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.189-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:5.44-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:4.9.0-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:2.0.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.9.16-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.56.3-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.42.12-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.46.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.78.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.78.6-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.38-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:3.8.3-slfo.1.1_1.6(aarch64|ppc64le|s390x|x86_64)0:2.4.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.0.9-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:3.11-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.23.0-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:2.12-slfo.1.1_1.17(aarch64|ppc64le|s390x|x86_64)0:1.24.7-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.24.7-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.24.43-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.52.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.13-slfo.1.1_2.4(aarch64|ppc64le|s390x|x86_64)0:2.8.3+git0.86e043add-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:8-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.8.19.13.gbe11d94-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:20221126-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.7.8.8-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.2.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.1.9-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.7.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.6.4-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.0.1-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:2.2.8-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:6.4.0-19.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-10.1(aarch64|ppc64le|s390x|x86_64)0:20240728-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:550.100-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:550.100_k6.4.0_19-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:0.10.0+103+suse.0fc97cd-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.21.3-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.3.1-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.40.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.40.1-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:633-slfo.1.1_1.6(aarch64|ppc64le|s390x|x86_64)0:1.8.7-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.2.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.3.5-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:6.0.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.8.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.1.5-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.5.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.9.11-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.0.12-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.7.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.2.10-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.1.1-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:5.70-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.17.8-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.69-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.27.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.02~a10-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:2022.10.16-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:1.8-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:1.4.6-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:20240408-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.4.119-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.7.2-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.31.0-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:1.1.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.1.12-slfo.1.1_2.3(aarch64|ppc64le|s390x|x86_64)0:2.5.0-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:1.1.38-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:3.101.2-slfo.1.1_1.6(aarch64|ppc64le|s390x|x86_64)0:2.13.2-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.0.13-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.9.9-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.10.3-slfo.1.1_1.10(aarch64|ppc64le|s390x|x86_64)0:6.3.0-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:1.23.0-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:1.3.14-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:7.2.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.3.23-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:3.9.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.3.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.14-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.1.14-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:8.3.2-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:0.16-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.6.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.16-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.6.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.9.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.4.7-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:5.4.6-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.9.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:5.4.3-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:2.10-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:0.9.77-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:4.2.1-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:0.11-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:6.4.20240224-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:1.8-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.52.23-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.0-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.6.3-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.52.0-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:2.6.11.12-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:6.9.8-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.1.4-slfo.1.1_3.10(aarch64|ppc64le|s390x|x86_64)0:3.1.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.1.0-slfo.1.1_1.6(aarch64|ppc64le|s390x|x86_64)0:1.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.4.34-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.11.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.25.3-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.50.14-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.10.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:6.2.0-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:8.45-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:10.42-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:2.0.1-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:0.42.2-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.8.0-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:1.6.43-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:121-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:3.3.17-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.5.0-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:0.4.18-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:3.11.8-slfo.1.1_3.12(aarch64|ppc64le|s390x|x86_64)0:3.11.8-slfo.1.1_3.3(aarch64|ppc64le|s390x|x86_64)0:2.0.8+20230721.002171b-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:16.2.14.66+g7aa6ce9419f-slfo.1.1_1.6(aarch64|ppc64le|s390x|x86_64)0:4.18.0-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:2.5.4-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:3.5-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.0.3-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:4.8.0+2-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:5.9.3-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.7.30-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:3.4.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.15.1-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:3.44.2-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.10.6-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.9.5-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:4.15.1-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:254.19-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:4.19.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.1.29-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:4.6.0-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.3.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.9.6-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:0.3.15-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:4.1.0-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.9.4-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.21.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.6.2-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.1.3-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:0.13.0-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:0.9.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:10.0.0-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:12.5.0-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.3.7-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.15-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.5.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.11.6-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.11.6-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.1.0-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:0.2.5-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.8.0-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.2.13-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:4.3.5-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.5.5-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:17.35.12-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.21.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.4.18-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:12.5-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.11.2-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:4.35-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:3.23.0-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:0.24.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:9.6p1-slfo.1.1_1.6(aarch64|ppc64le|s390x|x86_64)0:1.6.1-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.7.6-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:5.38.2-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:5.0.3-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:3.5-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:1.3.12-slfo.1.1_2.2(aarch64|ppc64le|s390x|x86_64)0:2.7.10-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.4.9-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.24-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:3006.0-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:0.39.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.9.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2024.7.4-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:5.0.8-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:42.0.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.7-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:4.9.3-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.2.2-slfo.1.1_2.2(aarch64|ppc64le|s390x|x86_64)0:24.0.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:25.1.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.32.2-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:4.9-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:70.0.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:6.4-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.1.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:8.2.7-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:8.2.71.16.3_3_ga95067eb-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:202402-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:1.2.6-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.3.0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.1.14-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.2.6~0-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:4.20.2+git.348.4fb6af61307-slfo.1.1_1.8(aarch64|ppc64le|s390x|x86_64)0:0.4.3-slfo.1.1_2.2(aarch64|ppc64le|s390x|x86_64)0:1.10.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:15.8-slfo.1.1_3.2(aarch64|ppc64le|s390x|x86_64)0:1.15.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.7.4.3-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:4.6.1-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.9.15p5-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:3.2.7-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:16.0.43-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.9.0-slfo.1.1_2.4(aarch64|ppc64le|s390x|x86_64)0:12.6.2-slfo.1.1_1.5(aarch64|ppc64le|s390x|x86_64)0:3.00-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.35-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:5.2-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:5.7-slfo.1.1_1.3(aarch64|ppc64le|s390x|x86_64)0:2.1.3-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2023.04-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:20240910-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.22.0-slfo.1.1_1.4(aarch64|ppc64le|s390x|x86_64)0:9.1.0330-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:1.24.5-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:2.11-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:4.6.2-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.14.77-slfo.1.1_1.7(aarch64|ppc64le|s390x|x86_64)0:2.12-160000.3.1(noarch)0:2.12-160000.3.1(s390x)0:2.12-160000.3.16.2(aarch64|ppc64le|s390x|x86_64)0:3.5.0-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:10.0.7-160000.1.1(noarch)0:10.0.7-160000.1.1(aarch64)0:10.0.7-160000.1.1(s390x)0:10.0.7-160000.1.1(ppc64le)0:10.0.7-160000.1.1(noarch)0:10.0.71.16.3_3_g3d33c746-160000.1.1(x86_64)0:10.0.7-160000.1.1(aarch64)0:6.12.0-160000.8.1(aarch64|ppc64le|s390x|x86_64)0:6.12.0-160000.8.1(aarch64|ppc64le|x86_64)0:6.12.0-160000.8.1.160000.2.5(ppc64le|s390x|x86_64)0:6.12.0-160000.8.1(noarch)0:6.12.0-160000.8.1(aarch64|x86_64)0:6.12.0-160000.8.1(x86_64)0:6.12.0-160000.8.1(aarch64|ppc64le|s390x|x86_64)0:2.9.5-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:0.8-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:6.5-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:1.0.1-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:1.6.44-160000.3.1(noarch)0:16-160000.2.2(aarch64|ppc64le|s390x|x86_64)0:2.84.4-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:2.5.5-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:8.14.1-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:3.2.0+git0.e134140d2-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:28.5.1_ce-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:0.29.0-160000.4.1(x86_64)0:13.0.5-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:5.4.2-160000.3.1(noarch)0:5.4.2-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:1.10.5-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:3.13.11-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:1.6.44-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:2.42.12-160000.3.1(noarch)0:2.5.0-160000.3.1(noarch)0:0.6.1-160000.3.16.12.0-160000.7-default(ppc64le|s390x|x86_64)0:2-160000.1.16.12.0-160000.5-rt-default(x86_64)0:4-160000.3.46.12.0-160000.7-rt-default(x86_64)0:2-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:0.8-160000.4.16.12.0-160000.6-rt-default(x86_64)0:3-160000.1.16.12.0-160000.5-default(ppc64le|s390x|x86_64)0:5-160000.4.3(noarch)0:12.1-160000.1.16.12.0-160000.6-default(ppc64le|s390x|x86_64)0:3-160000.1.1(noarch)0:20251203-160000.1.1(noarch)0:2.5.0-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:25.1.3-160000.2.1(aarch64|x86_64)0:1.8.1-160000.1.1(aarch64|x86_64)0:2.3.2-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:2.40-160000.3.1(aarch64|x86_64)0:2.40-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:4.22.5+git.431.dc5a539f124-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:2.5.5-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:1.24.1-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:2.10.1-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:3.6.5-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:4.7.1-160000.1.1(aarch64)0:6.12.0-160000.9.1(aarch64|ppc64le|s390x|x86_64)0:6.12.0-160000.9.1(aarch64|ppc64le|x86_64)0:6.12.0-160000.9.1.160000.2.6(ppc64le|s390x|x86_64)0:6.12.0-160000.9.1(noarch)0:6.12.0-160000.9.1(aarch64|x86_64)0:6.12.0-160000.9.1(x86_64)0:6.12.0-160000.9.1(aarch64|ppc64le|x86_64)0:24.11.4-160000.1.1(noarch)0:24.11.4-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:2.84.4-160000.2.1(aarch64|ppc64le|s390x|x86_64)0:3.5.0-160000.5.1(aarch64|ppc64le|s390x|x86_64)0:1.1.43-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:2.4.16-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:2.13.8-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:1.8.7-160000.3.1(noarch)0:12.1-160000.2.1(aarch64|ppc64le|s390x|x86_64)0:340-160000.4.1(noarch)0:340-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:3.6.5-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:2.7.6-160000.3.1(s390x)0:3.26.0-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:2.7.1-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:354-160000.1.1(noarch)0:354-160000.1.1(noarch)0:346-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:28.5.1_ce-160000.5.1(aarch64|ppc64le|s390x|x86_64)0:0.29.0-160000.5.1(noarch)0:4.7-160000.1.1(ppc64le|s390x|x86_64)0:4-160000.1.1(ppc64le|x86_64)0:0.3-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:3.13.12-160000.1.1(x86_64)0:0.3-160000.1.1(x86_64)0:1.64.0-160000.1.1(aarch64|x86_64)0:1.7.0-160000.1.1(aarch64)0:6.12.0-160000.26.1(aarch64|ppc64le|s390x|x86_64)0:6.12.0-160000.26.1(aarch64|ppc64le|x86_64)0:6.12.0-160000.26.1.160000.2.7(ppc64le|s390x|x86_64)0:6.12.0-160000.26.1(noarch)0:6.12.0-160000.26.1(aarch64|x86_64)0:6.12.0-160000.26.1(x86_64)0:6.12.0-160000.26.1(ppc64le|s390x|x86_64)0:1-160000.1.1(x86_64)0:1-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:3.2.12+git0.6011f448e-160000.1.1(x86_64)0:4-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:5.4.2-160000.4.1(noarch)0:5.4.2-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:2.7.1-160000.4.1(noarch)0:117-160000.1.1(ppc64le|s390x|x86_64)0:7-160000.4.3(x86_64)0:5-160000.3.4(ppc64le|s390x|x86_64)0:5-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:1.1.43-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:2.13.8-160000.4.16.12.0-160000.8-default(aarch64|x86_64)0:16.1-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:1.12.0-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:3.19.1-160000.1.1(noarch)0:3.19.1-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:1.26.7-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:10.0.8-160000.1.1(noarch)0:10.0.8-160000.1.1(aarch64)0:10.0.8-160000.1.1(s390x)0:10.0.8-160000.1.1(ppc64le)0:10.0.8-160000.1.1(noarch)0:10.0.81.16.3_3_g3d33c746-160000.1.1(x86_64)0:10.0.8-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:0.2.8+116-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:1.8.7-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:1.6.44-160000.5.1(aarch64|ppc64le|s390x|x86_64)0:5.9.4-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:3.6.6-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:28.3-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:2.60.2-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:1.0.20-160000.3.1(x86_64)0:20260210-160000.1.1(noarch)0:9.2.0110-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:9.2.0110-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:8.14.1-160000.5.1(aarch64|ppc64le|s390x|x86_64)0:6.5-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:11.4.5-160000.1.16.12.0-160000.8-rt-default(x86_64)0:6-160000.3.46.12.0-160000.9-rt-default(x86_64)0:5-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:1.64.0-160000.3.1(aarch64)0:6.12.0-160000.27.1(aarch64|ppc64le|s390x|x86_64)0:6.12.0-160000.27.1(aarch64|ppc64le|x86_64)0:6.12.0-160000.27.1.160000.2.8(ppc64le|s390x|x86_64)0:6.12.0-160000.27.1(noarch)0:6.12.0-160000.27.1(aarch64|x86_64)0:6.12.0-160000.27.1(x86_64)0:6.12.0-160000.27.1(noarch)0:0.6.1-160000.4.16.12.0-160000.9-default(noarch)0:2.12.1-160000.1.1(ppc64le|s390x|x86_64)0:8-160000.4.3(ppc64le|s390x|x86_64)0:6-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:2.10-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:2.33.1-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:1.3.3-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:3.8.10-160000.2.1(aarch64|ppc64le|s390x|x86_64)0:2.7.1-160000.5.1(noarch)0:4.7-160000.2.1(aarch64|ppc64le|s390x|x86_64)0:1.6.44-160000.6.1(aarch64|ppc64le|s390x|x86_64)0:4.21.0-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:257.13-160000.1.1(aarch64|ppc64le|s390x|x86_64)0:1.35-160000.3.16.12.0-160000.26-rt-default(x86_64)0:7-160000.3.4(x86_64)0:6-160000.1.1(aarch64)0:6.12.0-160000.6.1(aarch64|ppc64le|s390x|x86_64)0:6.12.0-160000.6.1(aarch64|ppc64le|x86_64)0:6.12.0-160000.6.1.160000.2.4(ppc64le|s390x|x86_64)0:6.12.0-160000.6.1(noarch)0:6.12.0-160000.6.1(aarch64|x86_64)0:6.12.0-160000.6.1(x86_64)0:6.12.0-160000.6.1(aarch64|ppc64le|s390x|x86_64)0:1.2.13-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:2.41.1-160000.3.1(noarch)0:202502-160000.4.1(aarch64|ppc64le|s390x|x86_64)0:2.40-160000.4.1(aarch64|x86_64)0:2.40-160000.4.1(noarch)0:117-160000.2.1(noarch)0:346-160000.2.1(aarch64|ppc64le|s390x|x86_64)0:354-160000.2.1(noarch)0:354-160000.2.1(aarch64|ppc64le|s390x|x86_64)0:44.0.3-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:8.14.1-160000.3.1(aarch64)0:6.12.0-160000.7.1(aarch64|ppc64le|s390x|x86_64)0:6.12.0-160000.7.1(ppc64le|s390x|x86_64)0:6.12.0-160000.7.1(noarch)0:6.12.0-160000.7.1(aarch64|x86_64)0:6.12.0-160000.7.1(x86_64)0:6.12.0-160000.7.1(aarch64|ppc64le|s390x|x86_64)0:11.4.0-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:10.0p2-160000.3.1(aarch64|ppc64le|s390x|x86_64)0:2.45-160000.1.1(aarch64|s390x|x86_64)0:8.2.5-1.1(x86_64)0:8.2.5-1.1(aarch64)0:8.2.5-1.1(noarch)0:8.2.5-1.1(s390x)0:8.2.5-1.1(noarch)0:8.2.51.16.3_3_ga95067eb-1.1(aarch64|s390x|x86_64)0:1.8-3.1(aarch64|s390x|x86_64)0:1.24.5-1.1(aarch64|s390x|x86_64)0:2.39.3-3.1(aarch64|s390x|x86_64)0:4.8.30-7.1(aarch64|s390x|x86_64)0:2.5.0-4.1(aarch64|s390x|x86_64)0:3.6.2-4.1(aarch64|s390x|x86_64)0:2.4.11-1.1(noarch)0:2.32.3-1.1(aarch64|s390x|x86_64)0:1.24.5-2.1(x86_64)0:0.4.3-2.1(aarch64|s390x|x86_64)0:0.24.0-3.1(aarch64|s390x|x86_64)0:8.6.0-4.1(aarch64|s390x|x86_64)0:2.10-5.1(aarch64|s390x|x86_64)0:6.4.0-18.1(aarch64|x86_64)0:6.4.0-17.1.1.51(s390x|x86_64)0:6.4.0-18.1(x86_64)0:6.4.0-18.1(noarch)0:6.4.0-18.1(aarch64|s390x|x86_64)0:2.76.2-6.1(aarch64|s390x|x86_64)0:6.4-2.1(aarch64|s390x|x86_64)0:23.3.4-8.1(aarch64|x86_64)0:23.3.4-8.1(aarch64|s390x|x86_64)0:1.14.4-2.1(aarch64|s390x|x86_64)0:1.7.21-1.1(aarch64|s390x|x86_64)0:0.8-6.1(aarch64|s390x|x86_64)0:0.12.5-1.1(x86_64)0:1.60.1-1.1(aarch64|s390x|x86_64)0:2.8.11+git0.01c1056a4-1.1(aarch64|s390x|x86_64)0:1.6.0-4.1(aarch64|s390x|x86_64)0:3.4.2-5.1(aarch64|s390x|x86_64)0:8.6.0-5.1(aarch64|s390x|x86_64)0:26.1.5_ce-1.1(aarch64|x86_64)0:565.57.01_k6.4.0_20-1.1(aarch64|x86_64)0:550.142_k6.4.0_20-1.1(aarch64|s390x|x86_64)0:1.52.0-5.1(aarch64|s390x|x86_64)0:3.1.2-7.1(aarch64|s390x|x86_64)0:2.90-1.1(noarch)0:2.4.2-2.1(aarch64|s390x|x86_64)0:2.11.6-4.1(x86_64)0:20241112-1.1(x86_64)0:6.4.0-9.1(noarch)0:6.4.0-9.1(noarch)0:20240728-1.1(aarch64|s390x|x86_64)0:3.1.4-7.1(aarch64|s390x|x86_64)0:3.2.7-4.1(aarch64|s390x|x86_64)0:1.14.4-1.1(noarch)0:10.3.11-3.1(noarch)0:1.0.5-3.1(noarch)0:1.0.0-3.1(noarch)0:2.0.0-3.1(noarch)0:0.10.2-5.118(aarch64|s390x|x86_64)0:3006.0-9.1(aarch64|s390x|x86_64)0:1.22.0-1.1(noarch)0:9.1.1101-1.1(aarch64|s390x|x86_64)0:9.1.1101-1.1(noarch)0:20241128-1.1(aarch64|s390x|x86_64)0:0.6.12-2.1(x86_64)0:20240813-1.1(aarch64|s390x|x86_64)0:2.8.2-6.1(aarch64|s390x|x86_64)0:1.3.2-1.1(aarch64|s390x|x86_64)0:6.2.0-1.1(noarch)0:6.2.0-1.1(aarch64|s390x|x86_64)0:1.22.9-2.1(aarch64|s390x|x86_64)0:2.38-8.1(aarch64|x86_64)0:0.4.6-2.1(aarch64|x86_64)0:15.8-1.1(aarch64|s390x|x86_64)0:3.11.8-3.1(aarch64|s390x|x86_64)0:4.9.5-3.1(noarch)0:4.9.5-3.1(aarch64|s390x|x86_64)0:8.6.0-6.1(noarch)0:2.68-1.1(aarch64|s390x|x86_64)0:3.8.3-2.1(aarch64|s390x|x86_64)0:38-3.1(aarch64|s390x|x86_64)0:4.1.0-1.1(aarch64|s390x|x86_64)0:5.7-1.1(aarch64|s390x|x86_64)0:1.20.1-6.1(aarch64|s390x|x86_64)0:0.4.34-3.1(aarch64|s390x|x86_64)0:3.11.11-1.1(aarch64|s390x|x86_64)0:23.4-9.1(aarch64|s390x|x86_64)0:3.1.2-8.1(aarch64|s390x|x86_64)0:3.8.3-3.1(x86_64)0:20250211-1.1(aarch64|s390x|x86_64)0:9.6p1-3.1(aarch64|s390x|x86_64)0:1.8.7-3.1(noarch)0:1.8.7-3.1(aarch64|s390x|x86_64)0:4.19.0-4.1(aarch64|s390x|x86_64)0:2.76.2-5.1(aarch64|s390x|x86_64)0:2.11.6-5.1(aarch64|s390x|x86_64)0:1.14.4-3.1(aarch64|s390x|x86_64)0:3.3.17-5.1(noarch)0:2.32.2-1.1(aarch64|x86_64)0:1.6.8-1.1(aarch64|s390x|x86_64)0:2.45.1-2.1(aarch64|s390x|x86_64)0:3.17.2-1.1(noarch)0:3.17.2-1.1(aarch64|s390x|x86_64)0:4.9.5-4.1(noarch)0:4.9.5-4.1(aarch64|s390x|x86_64)0:0.6.12-3.1(aarch64|s390x|x86_64)0:1.1.38-4.1(aarch64|s390x|x86_64)0:8.6.0-3.1(aarch64|s390x|x86_64)0:2.13.3-1.1(aarch64|s390x|x86_64)0:27.5.1_ce-2.1(aarch64|s390x|x86_64)0:0.22.0-2.1(aarch64)0:2023.04-2.1(aarch64|s390x|x86_64)0:2.7.1-1.1(aarch64|x86_64)0:2.1.3-1.1(aarch64|s390x|x86_64)0:2.4.4-2.1(aarch64|s390x|x86_64)0:1.7.27-1.1(aarch64|s390x|x86_64)0:1.21.0-1.1(aarch64|s390x|x86_64)0:2.42.12-1.1(aarch64|s390x|x86_64)0:2.76.2-7.1(aarch64|s390x|x86_64)0:2.38-7.1(aarch64|s390x|x86_64)0:3.49.1-1.1(noarch)0:0.16.0-1.1(noarch)0:0.16.3-7.1(aarch64|s390x|x86_64)0:2.38-9.1(aarch64|s390x|x86_64)0:2.11.6-8.1(aarch64|s390x|x86_64)0:5.38.2-2.1(noarch)0:2.74-1.1(aarch64|s390x|x86_64)0:1.2.6-1.1(s390x)0:2.31.0-2.1(aarch64|s390x|x86_64)0:3.11.12-1.1(aarch64|s390x|x86_64)0:1.14.1-2.1(aarch64|s390x|x86_64)0:3.4.2-6.1(aarch64|s390x|x86_64)0:27.5.1_ce-3.1(aarch64|s390x|x86_64)0:0.22.0-3.1(x86_64)0:12.5.2-1.1(aarch64|s390x|x86_64)0:20221126-4.1(aarch64|s390x|x86_64)0:2.33.1-1.1(aarch64|s390x|x86_64)0:0.8-5.1(aarch64|s390x|x86_64)0:254.25-1.1(aarch64|s390x|x86_64)0:3.1.4-8.1(aarch64|s390x|x86_64)0:42.0.4-2.1(x86_64)0:20250512-1.1(noarch)0:69.0.2-3.1(noarch)0:2.1.0-2.1(aarch64|s390x|x86_64)0:2.28-2.1(aarch64|s390x|x86_64)0:1.6.0-5.1(aarch64|x86_64)0:5.8.2-1.1(noarch)0:5.8.2-1.1(aarch64|s390x|x86_64)0:6.4-3.1(aarch64|s390x|x86_64)0:3.4.2-8.1(aarch64|s390x|x86_64)0:3.1.2-6.1(aarch64|s390x|x86_64)0:2.4.4-4.1(noarch)0:2.32.3-2.1(aarch64|s390x|x86_64)0:5.38.2-4.1(aarch64|s390x|x86_64)0:3.1.4-9.1(aarch64|s390x|x86_64)0:2.4.4-5.1(aarch64|s390x|x86_64)0:1.9.15p5-2.1(aarch64|s390x|x86_64)0:3.11.13-1.1(aarch64|s390x|x86_64)0:0.2.7+70-1.1(aarch64|s390x|x86_64)0:1.10.3-2.1(aarch64|s390x|x86_64)0:0.6.12-5.1(aarch64|s390x|x86_64)0:20221126-6.1(aarch64|s390x|x86_64)0:3006.0-13.1(aarch64|s390x|x86_64)0:1.6-4.1(aarch64|s390x|x86_64)0:1.22.9-3.1(aarch64|s390x|x86_64)0:2.76.2-9.1(aarch64|s390x|x86_64)0:2.1-4.1(aarch64|s390x|x86_64)0:28.3.2_ce-5.1(aarch64|s390x|x86_64)0:0.25.0-5.1(aarch64|s390x|x86_64)0:2.12~rc1-6.1(noarch)0:2.12~rc1-6.1(s390x)0:2.12~rc1-6.1(aarch64|s390x|x86_64)0:10.0.0-3.1(aarch64|x86_64)0:10.0.0-3.1(aarch64|s390x|x86_64)0:2.11-2.1(aarch64|s390x|x86_64)0:23.4-10.1(aarch64|s390x|x86_64)0:2.19.0-2.1(aarch64|s390x|x86_64)0:3.18.4-1.1(noarch)0:3.18.4-1.1(aarch64|s390x|x86_64)0:9.4-5.1(aarch64|s390x|x86_64)0:0.24.0-4.1(aarch64|s390x|x86_64)0:5.4.3-5.1(aarch64|s390x|x86_64)0:254.27-1.1(aarch64|s390x|x86_64)0:1.1.38-6.1(aarch64|s390x|x86_64)0:0.10.6-2.1(noarch)0:2.1.0-3.1(aarch64|s390x|x86_64)0:1.22.0-2.1(aarch64|s390x|x86_64)0:121-3.1(aarch64|s390x|x86_64)0:3.8.3-4.1(aarch64|s390x|x86_64)0:3.6.2-5.1(aarch64|s390x|x86_64)0:3.50.2-1.1(aarch64|s390x|x86_64)0:2.11.6-10.1(noarch)0:20230523+git25.ad22dd7f-1.1(aarch64|s390x|x86_64)0:28.3.3_ce-6.1(aarch64|s390x|x86_64)0:0.26.1-6.1(aarch64|s390x|x86_64)0:2.10-3.1(aarch64|s390x|x86_64)0:3.11.13-2.1(aarch64|s390x|x86_64)0:2.5.0-3.1(aarch64|s390x|x86_64)0:2.12~rc1-7.1(noarch)0:2.12~rc1-7.1(s390x)0:2.12~rc1-7.1(aarch64|s390x|x86_64)0:1.6-5.1(aarch64|s390x|x86_64)0:25.1.3-1.1(aarch64|s390x|x86_64)0:0.18.6-2.1(aarch64|s390x|x86_64)0:2.11.6-3.1(aarch64|s390x|x86_64)0:4.9.5-7.1(noarch)0:4.9.5-7.1(aarch64|s390x|x86_64)0:2.42.12-3.1(noarch)0:9.1.1629-1.1(aarch64|s390x|x86_64)0:9.1.1629-1.1(x86_64)0:20250812-1.1(x86_64)0:0.4.3-3.1(aarch64|s390x|x86_64)0:4.9.5-1.1(noarch)0:4.9.5-1.1(aarch64|s390x|x86_64)0:0.2.8+12-1.1(aarch64|s390x|x86_64)0:2.9.4-2.1(aarch64|s390x|x86_64)0:1.20.1-7.1(aarch64|s390x|x86_64)0:3.6.2-3.1(aarch64|s390x|x86_64)0:2.51.0-1.1(aarch64|s390x|x86_64)0:8.14.1-1.1(aarch64|s390x|x86_64)0:2.10-4.1(aarch64|s390x|x86_64)0:2.45.1-1.1(aarch64|s390x|x86_64)0:84.87+git20240906.742565b-1.1(x86_64)0:1.3.1-1.1(aarch64|s390x|x86_64)0:4.8-1.1(noarch)0:4.8-1.1(aarch64|s390x|x86_64)0:0.10.6-3.1(x86_64)0:13.0.5-1.1(aarch64|s390x|x86_64)0:3.1.4-10.1(aarch64|s390x|x86_64)0:1.10.4-3.1(aarch64|s390x|x86_64)0:2.7.1-3.1(aarch64|s390x|x86_64)0:4.9.5-8.1(noarch)0:4.9.5-8.1(aarch64|s390x|x86_64)0:2.8.11+git0.01c1056a4-2.1(aarch64|s390x|x86_64)0:1.1.38-7.1(aarch64|s390x|x86_64)0:1.4.6-4.1(aarch64|s390x|x86_64)0:3.4.2-9.1(aarch64|s390x|x86_64)0:1.3.3-1.1(aarch64|s390x|x86_64)0:4.9.5-9.1(noarch)0:4.9.5-9.1(aarch64|s390x|x86_64)0:4.7.1-1.1(aarch64|s390x|x86_64)0:1.7.29-1.1(aarch64|s390x|x86_64)0:0.4.34-2.1(aarch64|s390x|x86_64)0:3.19.1-1.1(noarch)0:3.19.1-1.1(aarch64|s390x|x86_64)0:9.6p1-4.1(aarch64|x86_64)0:5.9.0.git21.a73f509-1.1(noarch)0:5.9.0.git21.a73f509-1.1(aarch64|s390x|x86_64)0:2.8.2-7.1(aarch64|s390x|x86_64)0:8.14.1-2.1(aarch64|s390x|x86_64)0:3.11.14-1.1(aarch64|s390x|x86_64)0:0.9.77-2.1(aarch64|s390x|x86_64)0:2.76.2-10.1(aarch64|s390x|x86_64)0:3.8.3-5.1(aarch64|s390x|x86_64)0:3006.0-14.1(aarch64|s390x|x86_64)0:1.6.43-2.1(x86_64)0:20240910-1.1(aarch64|x86_64)0:16.1-1.1(aarch64|x86_64)0:22.11.10-1.1(aarch64|s390x|x86_64)0:4.9.5-10.1(noarch)0:4.9.5-10.1(noarch)0:202305-2.1(aarch64|s390x|x86_64)0:8.2.10-1.1(x86_64)0:8.2.10-1.1(aarch64)0:8.2.10-1.1(noarch)0:8.2.10-1.1(s390x)0:8.2.10-1.1(noarch)0:8.2.101.16.3_3_ga95067eb-1.1(aarch64|s390x|x86_64)0:8.14.1-3.1(aarch64|s390x|x86_64)0:5.70-2.1(aarch64|s390x|x86_64)0:6.4-4.1(aarch64|s390x|x86_64)0:2.76.2-11.1(aarch64|s390x|x86_64)0:3.2.7-5.1(aarch64|s390x|x86_64)0:3.11.14-2.1(aarch64|s390x|x86_64)0:1.10.4-4.1(aarch64|s390x|x86_64)0:3.1.7-4.1(aarch64|s390x|x86_64)0:10.0.0-4.1(aarch64|x86_64)0:10.0.0-4.1(aarch64|s390x|x86_64)0:3.4.2-10.1(aarch64|s390x|x86_64)0:4.19.0-5.1(aarch64|s390x|x86_64)0:1.0.18-4.1(aarch64|s390x|x86_64)0:2.4.4-6.1(aarch64|x86_64)0:1.6.10-1.1(aarch64|x86_64)0:2.1.5-1.1(noarch)0:202305-3.1(aarch64|s390x|x86_64)0:3.4.2-11.1(aarch64|s390x|x86_64)0:5.9.4-2.1(aarch64|s390x|x86_64)0:20230802.3-1.1(noarch)0:2.1.0-4.1(aarch64|s390x|x86_64)0:8.14.1-4.1(aarch64|s390x|x86_64)0:2.39.3-4.1(aarch64|s390x|x86_64)0:3.1.4-11.1(aarch64|s390x|x86_64)0:2.7.1-4.1(aarch64|s390x|x86_64)0:23.4-11.1(aarch64|s390x|x86_64)0:2.11.6-11.1(aarch64|s390x|x86_64)0:2.76.2-12.1(aarch64|s390x|x86_64)0:3.4.1-3.1(aarch64|s390x|x86_64)0:3.1.4-6.1(x86_64)0:0.3.5-1.1(noarch)0:0.5.0-3.1(noarch)0:2.1.0-5.1(aarch64|s390x|x86_64)0:2.4.4-7.1(aarch64|s390x|x86_64)0:3.4.2-12.1(aarch64|s390x|x86_64)0:1.0.18-5.1(noarch)0:20241128-2.1(aarch64|s390x|x86_64)0:2.33.1-3.1(aarch64|s390x|x86_64)0:1.14-2.1(aarch64|s390x|x86_64)0:3.101.2-1.1(aarch64|s390x|x86_64)0:309-8.1(noarch)0:309-8.1(aarch64|s390x|x86_64)0:1.6.43-3.1(aarch64|s390x|x86_64)0:0.10.6-4.1(aarch64|s390x|x86_64)0:0.8-7.1(aarch64|s390x|x86_64)0:0.2.8+116-1.1(aarch64|s390x|x86_64)0:2.38-11.1(x86_64)0:20260210-1.1(aarch64|s390x|x86_64)0:8.2.6-1.1(x86_64)0:8.2.6-1.1(aarch64)0:8.2.6-1.1(noarch)0:8.2.6-1.1(s390x)0:8.2.6-1.1(noarch)0:8.2.61.16.3_3_ga95067eb-1.1(aarch64|s390x|x86_64)0:2.4.16-1.1(aarch64|s390x|x86_64)0:3.4.2-13.1(aarch64|s390x|x86_64)0:28.5.1_ce-9.1(aarch64|s390x|x86_64)0:0.29.0-9.1(noarch)0:305-2.1(noarch)0:2.84-1.1(aarch64|s390x|x86_64)0:42.0.4-3.1(aarch64|s390x|x86_64)0:1.1.38-8.1(aarch64|s390x|x86_64)0:2.11.6-12.1(aarch64|s390x|x86_64)0:3.8.3-6.1(aarch64|s390x|x86_64)0:6.4.0-19.1(s390x|x86_64)0:6.4.0-19.1(x86_64)0:6.4.0-19.1(s390x|x86_64)0:1-1.1(noarch)0:6.4.0-19.1(aarch64|s390x|x86_64)0:1.2.13-7.1(aarch64|s390x|x86_64)0:3.11.14-3.1(aarch64|s390x|x86_64)0:2.39.3-5.1(aarch64|s390x|x86_64)0:8.2.10-2.1(x86_64)0:8.2.10-2.1(aarch64)0:8.2.10-2.1(noarch)0:8.2.10-2.1(s390x)0:8.2.10-2.1(noarch)0:8.2.101.16.3_3_ga95067eb-2.1(noarch)0:9.2.0045-1.1(aarch64|s390x|x86_64)0:9.2.0045-1.1(aarch64|s390x|x86_64)0:8.14.1-5.1(aarch64|s390x|x86_64)0:1.10.1-2.1(aarch64|s390x|x86_64)0:1.36.1-3.1(aarch64|s390x|x86_64)0:1.1.14-1.1(aarch64|s390x|x86_64)0:3.4.2-14.1(aarch64|s390x|x86_64)0:2.14.2-1.1(noarch)0:9.2.0110-1.1(aarch64|s390x|x86_64)0:9.2.0110-1.1(aarch64|s390x|x86_64)0:1.22.0-3.1(x86_64)0:1-1.1(x86_64)0:6.4.0-10.1(noarch)0:6.4.0-10.1(aarch64|s390x|x86_64)0:3.11.15-1.1(aarch64|s390x|x86_64)0:3.51.3-1.1(aarch64|s390x|x86_64)0:6.4-5.1(aarch64|s390x|x86_64)0:3006.0-15.1(noarch)0:0.5.0-4.1(aarch64|s390x|x86_64)0:254.27-3.1(aarch64|s390x|x86_64)0:25.0.6_ce-1.1(aarch64|s390x|x86_64)0:4.0.2-6.1(noarch)0:2.9.0-2.1(aarch64|s390x|x86_64)0:2.33.1-4.1(aarch64|s390x|x86_64)0:1.52.0-6.1(aarch64|s390x|x86_64)0:309-9.1(noarch)0:309-9.1(aarch64|s390x|x86_64)0:3.11.15-2.1(noarch)0:24.0.0-2.1(aarch64|s390x|x86_64)0:0.2.6+13-1.1(aarch64|s390x|x86_64)0:1.35-3.1(aarch64|s390x|x86_64)0:121-4.1(aarch64|s390x|x86_64)0:2.7.1-5.1(noarch)0:2.32.3-3.1(aarch64|s390x|x86_64)0:0.9.6-2.1(aarch64|s390x|x86_64)0:3.1.4-12.1(aarch64|s390x|x86_64)0:2.38-12.1(aarch64|s390x|x86_64)0:1.6.43-4.1(aarch64|s390x|x86_64)0:633-3.1(aarch64|s390x|x86_64)0:2.2.8-2.1(aarch64|s390x|x86_64)0:254.18-1.1(aarch64|s390x|x86_64)0:1.20.1-5.1(noarch)0:3.24.37+70-6.1(aarch64|s390x|x86_64)0:3.24.37+70-6.1(noarch)0:69.0.2-2.1(aarch64|s390x|x86_64)0:9.6p1-2.1(aarch64|s390x|x86_64)0:6.4.0-20.1(s390x|x86_64)0:6.4.0-20.1(x86_64)0:6.4.0-20.1(s390x|x86_64)0:1-1.2(noarch)0:6.4.0-20.1(aarch64|s390x|x86_64)0:2.7.6-3.1(x86_64)0:1-1.2(x86_64)0:6.4.0-11.1(noarch)0:6.4.0-11.1(aarch64|s390x|x86_64)0:3.11.8-4.1(aarch64|s390x|x86_64)0:4.6.0-4.1(aarch64|s390x|x86_64)0:23.4-8.1(aarch64|s390x|x86_64)0:8.2.7-1.1(x86_64)0:8.2.7-1.1(aarch64)0:8.2.7-1.1(noarch)0:8.2.7-1.1(s390x)0:8.2.7-1.1(noarch)0:8.2.71.16.3_3_ga95067eb-1.1(aarch64|s390x|x86_64)0:4.9.5-2.1(noarch)0:4.9.5-2.1(aarch64|s390x|x86_64)0:6.4.0-24.1(aarch64|x86_64)0:6.4.0-24.1.21.4(s390x|x86_64)0:6.4.0-24.1(x86_64)0:6.4.0-24.1(noarch)0:6.4.0-24.16.4.0-11-rt-default(x86_64)0:3-1.26.4.0-31-default(s390x|x86_64)0:3-1.2(aarch64|s390x|x86_64)0:6.4.0-34.1(aarch64|x86_64)0:6.4.0-34.1.21.11(s390x|x86_64)0:6.4.0-34.1(x86_64)0:6.4.0-34.1(noarch)0:6.4.0-34.16.4.0-20-default(s390x|x86_64)0:11-1.26.4.0-24-default(s390x|x86_64)0:9-1.26.4.0-28-default(s390x|x86_64)0:5-3.16.4.0-29-default(s390x|x86_64)0:4-1.26.4.0-30-default(x86_64)0:11-1.26.4.0-22-rt-default(x86_64)0:8-1.16.4.0-25-rt-default(x86_64)0:7-1.16.4.0-28-rt-default(x86_64)0:5-3.16.4.0-30-rt-default(x86_64)0:5-1.36.4.0-10-rt-default(x86_64)0:11-1.16.4.0-31-rt-default(x86_64)0:4-1.26.4.0-33-rt-default6.4.0-19-default(s390x|x86_64)0:11-1.16.4.0-25-default(s390x|x86_64)0:7-1.26.4.0-34-rt-default(x86_64)0:3-1.1(x86_64)0:12-1.1(x86_64)0:12-1.2(x86_64)0:9-1.1(x86_64)0:6-3.1(x86_64)0:6-1.3(x86_64)0:5-1.2(x86_64)0:4-1.1(s390x|x86_64)0:2-1.2(s390x|x86_64)0:12-1.1(s390x|x86_64)0:12-1.2(s390x|x86_64)0:10-1.2(s390x|x86_64)0:8-1.2(s390x|x86_64)0:6-3.1(s390x|x86_64)0:5-1.2(x86_64)0:6.4.0-36.1(noarch)0:6.4.0-36.1(aarch64|s390x|x86_64)0:6.4.0-28.1(aarch64|x86_64)0:6.4.0-28.1.21.6(s390x|x86_64)0:6.4.0-28.1(x86_64)0:6.4.0-28.1(s390x|x86_64)0:1-3.1(noarch)0:6.4.0-28.1(aarch64|x86_64)0:580.82.07_k6.4.0_34-1.1(x86_64)0:10-1.1(x86_64)0:13-1.1(x86_64)0:13-1.2(x86_64)0:7-3.1(x86_64)0:7-1.3(x86_64)0:6-1.2(x86_64)0:5-1.1(x86_64)0:1-1.3(x86_64)0:6.4.0-30.1(noarch)0:6.4.0-30.1(s390x|x86_64)0:13-1.1(s390x|x86_64)0:13-1.2(s390x|x86_64)0:7-3.1(s390x|x86_64)0:6-1.2(aarch64|s390x|x86_64)0:6.4.0-35.1(aarch64|x86_64)0:6.4.0-35.1.21.12(s390x|x86_64)0:6.4.0-35.1(x86_64)0:6.4.0-35.1(noarch)0:6.4.0-35.1(x86_64)0:6.4.0-37.1(noarch)0:6.4.0-37.1(x86_64)0:8-3.1(x86_64)0:8-1.3(x86_64)0:7-1.2(x86_64)0:6-1.16.4.0-35-rt-default(x86_64)0:2-1.1(s390x|x86_64)0:14-1.1(s390x|x86_64)0:14-1.2(s390x|x86_64)0:8-3.16.4.0-32-default(s390x|x86_64)0:2-1.1(s390x|x86_64)0:4-1.1(x86_64)0:14-1.1(x86_64)0:14-1.2(x86_64)0:9-3.1(x86_64)0:9-1.3(s390x|x86_64)0:15-1.2(s390x|x86_64)0:9-3.1(s390x|x86_64)0:3-1.1(s390x|x86_64)0:15-1.16.4.0-35-default(x86_64)0:8-1.26.4.0-36-rt-default(x86_64)0:6.4.0-22.1(noarch)0:6.4.0-22.16.4.0-34-default(x86_64)0:15-1.1(x86_64)0:15-1.2(aarch64|s390x|x86_64)0:6.4.0-36.1(aarch64|x86_64)0:6.4.0-36.1.21.13(s390x|x86_64)0:6.4.0-36.1(x86_64)0:6.4.0-38.1(noarch)0:6.4.0-38.1(x86_64)0:16-1.2(aarch64|x86_64)0:570.133.20_k6.4.0_28-1.1(aarch64|x86_64)0:570.144_k6.4.0_28-1.1(x86_64)0:10-3.1(x86_64)0:10-1.3(x86_64)0:9-1.2(s390x|x86_64)0:16-1.2(aarch64|s390x|x86_64)0:6.4.0-29.1(aarch64|x86_64)0:6.4.0-29.1.21.7(s390x|x86_64)0:6.4.0-29.1(x86_64)0:6.4.0-29.1(noarch)0:6.4.0-29.1(s390x|x86_64)0:10-3.1(x86_64)0:6.4.0-31.1(noarch)0:6.4.0-31.1(x86_64)0:6.4.0-39.1(noarch)0:6.4.0-39.1(x86_64)0:11-3.1(x86_64)0:11-1.3(x86_64)0:10-1.2(s390x|x86_64)0:5-1.16.4.0-36-default(s390x|x86_64)0:11-3.1(s390x|x86_64)0:12-3.1(aarch64|s390x|x86_64)0:6.4.0-38.1(aarch64|x86_64)0:6.4.0-38.1.21.15(s390x|x86_64)0:6.4.0-38.1(x86_64)0:12-3.1(x86_64)0:12-1.3(s390x|x86_64)0:17-1.2(s390x|x86_64)0:13-3.1(s390x|x86_64)0:6-1.1(aarch64|s390x|x86_64)0:6.4.0-39.1(aarch64|x86_64)0:6.4.0-39.1.21.16(s390x|x86_64)0:6.4.0-39.1(x86_64)0:13-3.1(x86_64)0:13-1.3(s390x|x86_64)0:14-3.1(aarch64|s390x|x86_64)0:6.4.0-40.1(aarch64|x86_64)0:6.4.0-40.1.21.17(s390x|x86_64)0:6.4.0-40.1(x86_64)0:6.4.0-40.1(noarch)0:6.4.0-40.1(x86_64)0:16-1.1(x86_64)0:14-3.1(x86_64)0:14-1.3(aarch64|s390x|x86_64)0:6.4.0-25.1(s390x|x86_64)0:6.4.0-25.1(x86_64)0:6.4.0-25.1(noarch)0:6.4.0-25.16.4.0-37-rt-default6.4.0-38-rt-default(s390x|x86_64)0:15-3.1(s390x|x86_64)0:7-1.16.4.0-38-default6.4.0-39-default(s390x|x86_64)0:8-1.1(s390x|x86_64)0:16-3.1(s390x|x86_64)0:18-1.26.4.0-39-rt-default(x86_64)0:15-1.3(x86_64)0:15-3.1(x86_64)0:17-1.1(aarch64|s390x|x86_64)0:6.4.0-30.1(aarch64|x86_64)0:6.4.0-30.1.21.8(s390x|x86_64)0:6.4.0-30.1(x86_64)0:6.4.0-33.1(noarch)0:6.4.0-33.1(aarch64|s390x|x86_64)0:6.4.0-31.1(aarch64|x86_64)0:6.4.0-31.1.21.9(s390x|x86_64)0:6.4.0-31.1(x86_64)0:2-1.3(s390x|x86_64)0:2-3.1(x86_64)0:2-3.1(x86_64)0:3-3.1(x86_64)0:3-1.3(x86_64)0:2-1.2(s390x|x86_64)0:9-1.1(s390x|x86_64)0:3-3.1(x86_64)0:1-3.1(aarch64|s390x|x86_64)0:6.4.0-32.1(aarch64|x86_64)0:6.4.0-32.1.21.10(s390x|x86_64)0:6.4.0-32.1(x86_64)0:6.4.0-32.1(noarch)0:6.4.0-32.1(x86_64)0:4-3.1(x86_64)0:4-1.3(s390x|x86_64)0:4-3.1(s390x|x86_64)0:10-1.1(noarch)0:2.32.3-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:0.8-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.13.3-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:2.7.1-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.24.5-slfo.1.1_2.1(aarch64|x86_64)0:1.7.2-slfo.1.1_1.1(noarch)0:0.16.0-slfo.1.1_1.1(noarch)0:0.16.3-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.2.6-slfo.1.1_1.1(s390x)0:2.31.0-slfo.1.1_2.1(noarch)0:2.31.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:27.5.1_ce-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:0.22.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.38-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:1.22.0-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:2.46.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.15.1-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.11.6-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:3.11.12-slfo.1.1_1.1(aarch64|x86_64)0:2.2.3-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:27.5.1_ce-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:0.22.0-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:668-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:3.49.1-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.14.1-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:254.25-slfo.1.1_1.1(ppc64le)0:254.25-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:3.1.4-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:2.11.6-slfo.1.1_5.1(x86_64)0:20250512-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:3.3.0-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:2.28-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.6.1-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:20221126-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.4.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:6.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.4.4-slfo.1.1_3.1(x86_64)0:12.5.2-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:3.18.3-slfo.1.1_1.1(noarch)0:3.18.3-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:2.4.4-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:1.7.27-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:2.4.4-slfo.1.1_4.1(noarch)0:70.0.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:42.0.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.19.8-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:2.78.6-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:2.4.4-slfo.1.1_5.1(aarch64|x86_64)0:5.8.2-slfo.1.1_1.1(noarch)0:5.8.2-slfo.1.1_1.1(noarch)0:10.3.11-slfo.1.1_2.1(noarch)0:1.0.5-slfo.1.1_2.1(noarch)0:1.0.0-slfo.1.1_2.1(noarch)0:2.0.0-slfo.1.1_2.1(noarch)0:0.10.2-slfo.1.1_1.2(aarch64|ppc64le|s390x|x86_64)0:0.6.12-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:1.9.15p5-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3006.0-slfo.1.1_4.1(noarch)0:2.32.4-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:5.38.2-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.11+git.20240906-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:28.3.2_ce-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:0.25.0-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:1.10.3-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.11.13-slfo.1.1_1.1(noarch)0:20241128-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:5.4.3-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.7.1-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:9.6p1-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.18.4-slfo.1.1_1.1(noarch)0:3.18.4-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:0.10.6-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.7.4-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:3.1.4-slfo.1.1_6.1(aarch64|ppc64le|s390x|x86_64)0:254.27-slfo.1.1_1.1(ppc64le)0:254.27-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:3.4.4-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:0.6.12-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:2.5.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.11.6-slfo.1.1_6.1(aarch64|ppc64le|s390x|x86_64)0:9.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.1.38-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:121-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:23.3.4-slfo.1.1_2.1(aarch64|ppc64le|x86_64)0:23.3.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.1-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.8.3-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:2.78.6-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:0.24.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.22.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:23.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.50.2-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:8.14.1-slfo.1.1_1.1(x86_64)0:20250812-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:28.4.0_ce-slfo.1.1_6.1(aarch64|ppc64le|s390x|x86_64)0:0.28.0-slfo.1.1_6.1(x86_64)0:20250211-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:20250416.02-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:3.11.13-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.42.12-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.10-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.6.1-slfo.1.1_4.1(x86_64)0:0.4.3-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:2.8.11+git0.01c1056a4-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.24.7-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:0.18.6-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:25.1.3-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:2.78.6-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:8.14.1-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.9.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.3.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:5.4.2-slfo.1.1_1.1(noarch)0:5.4.2-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:5.70-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.51.0-slfo.1.1_1.1(noarch)0:9.1.1629-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:9.1.1629-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.6.1-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:0.2.8+12-slfo.1.1_1.1(noarch)0:2.1.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:4.8-slfo.1.1_1.1(noarch)0:4.8-slfo.1.1_1.1(x86_64)0:13.0.5-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:2.12-slfo.1.1_2.1(noarch)0:2.12-slfo.1.1_2.1(s390x)0:2.12-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:0.10.6-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:3.1.4-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:2.7.1-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:3.1.4-slfo.1.1_7.1(x86_64)0:0.2-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.1.38-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:5.4.2-slfo.1.1_2.1(noarch)0:5.4.2-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.38-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:2.8.11+git0.01c1056a4-slfo.1.1_2.1(aarch64|x86_64)0:5.9.0.git21.a73f509-slfo.1.1_1.1(noarch)0:5.9.0.git21.a73f509-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.4.6-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.4.4-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:6.2.0-slfo.1.1_3.1(noarch)0:6.2.0-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:4.7.1-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.3.3-slfo.1.1_1.1(ppc64le)0:1.3.12-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:1.7.29-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:2.12-slfo.1.1_3.1(noarch)0:2.12-slfo.1.1_3.1(s390x)0:2.12-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:2.78.6-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:1.22.0-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:2.9.5-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:8.14.1-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:3.11.14-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:3006.0-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:3.8.3-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:3.19.1-slfo.1.1_1.1(noarch)0:3.19.1-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.6.43-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:6.4-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:8.2.10-slfo.1.1_3.1(noarch)0:8.2.10-slfo.1.1_3.1(x86_64)0:8.2.10-slfo.1.1_3.1(aarch64)0:8.2.10-slfo.1.1_3.1(ppc64le)0:8.2.10-slfo.1.1_3.1(s390x)0:8.2.10-slfo.1.1_3.1(noarch)0:8.2.101.16.3_3_ga95067eb-slfo.1.1_3.1(aarch64|ppc64le|x86_64)0:22.11.10-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:4.0.2-slfo.1.1_2.1(aarch64|x86_64)0:16.1-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:0.9.77-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.3.0-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:3.1.7-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:8.14.1-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:27.5.1_ce-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.10.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:4.19.0-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:1.0.18-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.4.4-slfo.1.1_6.1(aarch64|x86_64)0:1.7.4-slfo.1.1_1.1(aarch64|x86_64)0:2.2.7-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:8.14.1-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:5.9.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.4.4-slfo.1.1_6.1(aarch64|ppc64le|s390x|x86_64)0:20230802.3-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:2.40.4-slfo.1.1_3.1(noarch)0:2.1.0-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:2.11.6-slfo.1.1_7.1(aarch64|ppc64le|s390x|x86_64)0:3.11.14-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.1.4-slfo.1.1_8.1(noarch)0:20241128-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:0.8-slfo.1.1_4.1(noarch)0:0.5.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:20250116.00-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:20250416.02-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:23.4-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:1.0.18-slfo.1.1_3.1(noarch)0:2.1.0-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:2.78.6-slfo.1.1_6.1(aarch64|ppc64le|s390x|x86_64)0:2.4.4-slfo.1.1_7.1(noarch)0:91-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:2.7.1-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:1.6.43-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:0.10.6-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:2.38-slfo.1.1_6.1(aarch64|ppc64le|s390x|x86_64)0:0.2.8+116-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:2.4.16-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:3.4.4-slfo.1.1_7.1(noarch)0:316-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:28.5.1_ce-slfo.1.1_8.1(aarch64|ppc64le|s390x|x86_64)0:0.29.0-slfo.1.1_8.1(noarch)0:2.84-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:322-slfo.1.1_2.1(noarch)0:322-slfo.1.1_2.1(x86_64)0:13.0.10-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:3.8.3-slfo.1.1_6.1(aarch64|ppc64le|s390x|x86_64)0:42.0.4-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:2.33.1-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.1.38-slfo.1.1_6.1(aarch64|ppc64le|s390x|x86_64)0:2.11.6-slfo.1.1_8.1(x86_64)0:20260210-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.2.13-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.11.14-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:2.40.4-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:1.10.1-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:9.6p1-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:8.2.10-slfo.1.1_4.1(noarch)0:8.2.10-slfo.1.1_4.1(x86_64)0:8.2.10-slfo.1.1_4.1(aarch64)0:8.2.10-slfo.1.1_4.1(ppc64le)0:8.2.10-slfo.1.1_4.1(s390x)0:8.2.10-slfo.1.1_4.1(noarch)0:8.2.101.16.3_3_ga95067eb-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:8.12.1-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:8.14.1-slfo.1.1_6.1(aarch64|ppc64le|s390x|x86_64)0:2.14.2-slfo.1.1_1.1(noarch)0:9.2.0110-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:9.2.0110-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:3.4.4-slfo.1.1_8.1(aarch64|ppc64le|s390x|x86_64)0:0.10.6-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:3.11.15-slfo.1.1_1.1(noarch)0:202402-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.51.3-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:6.4-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:3006.0-slfo.1.1_6.1(aarch64|ppc64le|s390x|x86_64)0:254.27-slfo.1.1_4.1(ppc64le)0:254.27-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:3.4.4-slfo.1.1_2.1(noarch)0:0.5.0-slfo.1.1_3.1(noarch)0:2.12.1-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.52.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.11.15-slfo.1.1_2.1(noarch)0:24.0.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.35-slfo.1.1_3.1(aarch64|ppc64le|s390x|x86_64)0:1.24.7-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.7.1-slfo.1.1_5.1(aarch64|ppc64le|s390x|x86_64)0:121-slfo.1.1_3.1(noarch)0:2.32.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:0.9.6-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.1.4-slfo.1.1_9.1(aarch64|ppc64le|s390x|x86_64)0:2.38-slfo.1.1_7.1(aarch64|ppc64le|s390x|x86_64)0:1.6.43-slfo.1.1_4.1(aarch64|ppc64le|s390x|x86_64)0:3.7.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.1.4-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:4.19.0-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.11.6-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:0.4.34-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.17.2-slfo.1.1_1.1(noarch)0:3.17.2-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:5.2.5-slfo.1.1_1.1(noarch)0:5.2.5-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:1.1.38-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:3.8.3-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.8.7-slfo.1.1_2.1(noarch)0:1.8.7-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:1.21.3-slfo.1.1_2.1(aarch64|ppc64le|s390x|x86_64)0:2.40.4-slfo.1.1_1.1(noarch)0:2.74-slfo.1.1_1.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-24.1(aarch64|ppc64le|x86_64)0:6.4.0-24.1.21.4(aarch64|ppc64le|s390x|x86_64)0:6.4.0-34.1(aarch64|ppc64le|x86_64)0:6.4.0-34.1.21.11(aarch64|x86_64)0:6.4.0-36.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-28.1(aarch64|ppc64le|x86_64)0:6.4.0-28.1.21.6(aarch64|x86_64)0:6.4.0-30.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-35.1(aarch64|ppc64le|x86_64)0:6.4.0-35.1.21.12(aarch64|x86_64)0:6.4.0-37.1(aarch64|x86_64)0:6.4.0-22.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-36.1(aarch64|ppc64le|x86_64)0:6.4.0-36.1.21.13(aarch64|x86_64)0:6.4.0-38.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-29.1(aarch64|ppc64le|x86_64)0:6.4.0-29.1.21.7(aarch64|x86_64)0:6.4.0-31.1(aarch64|x86_64)0:6.4.0-39.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-38.1(aarch64|ppc64le|x86_64)0:6.4.0-38.1.21.15(aarch64|ppc64le|s390x|x86_64)0:6.4.0-39.1(aarch64|ppc64le|x86_64)0:6.4.0-39.1.21.16(aarch64|ppc64le|s390x|x86_64)0:6.4.0-40.1(aarch64|ppc64le|x86_64)0:6.4.0-40.1.21.17(aarch64|x86_64)0:6.4.0-40.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-25.1(aarch64|x86_64)0:6.4.0-25.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-30.1(aarch64|ppc64le|x86_64)0:6.4.0-30.1.21.8(aarch64|x86_64)0:6.4.0-33.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-31.1(aarch64|ppc64le|x86_64)0:6.4.0-31.1.21.9(aarch64|x86_64)0:6.4.0-34.1(aarch64|x86_64)0:6.4.0-28.1(aarch64|ppc64le|s390x|x86_64)0:6.4.0-32.1(aarch64|ppc64le|x86_64)0:6.4.0-32.1.21.10(aarch64|x86_64)0:6.4.0-35.1